Getting Ready for Azure Stack
Everybody who’s reading this probably already knows that Azure is Microsoft's infrastructure as a service offering in the cloud, but not as many are familiar with Azure Stack, which is essentially your own private Azure deployment in your on-premises datacenter. Security and privacy concerns still hold many companies back from committing to the cloud, but you want and need the kind of power and agility that Azure can provide. That makes Azure Stack the hybrid solution that can take your network to the next level.
Microsoft announced the first technical preview of Azure Stack in January of this year, and it's available now for you to download and test in your own lab environment. Microsoft plans a series of technical previews that will allow them to collect feedback from customers and add features, services and content as they fine-tune the software before releasing it to general availability. In this article, we'll take a look at what Azure Stack is, how it works and when and why you would use it.
The rise and semi-fall of the private cloud
Cloud computing has been around in some form since even before the advent of the Internet (with mainframe computing), although not called by that name, and in the late 1990s and early 2000s, Salesforce.com and the first iteration of Amazon Web Services kickstarted it as a viable solution. By the time AWS launched EC2 (Elastic Compute Cloud), its infrastructure as a service solution, in the mid-2000s, everybody had started to take the cloud seriously, and by the end of the first decade of the twenty-first century, all the big players, including Microsoft, were “all in” with the cloud.
Microsoft launched Azure, its cloud platform, in early 2010, providing both platform as a service (PaaS) and infrastructure as a service (IaaS), competing with AWS by offering more than fifty Azure services that include compute and “big compute” services, identity and rights management, business analytics (BI), storage, data management and more.
Many companies, however, were understandably wary of putting their sensitive and mission-critical information in a public cloud. So cloud providers came up with a compromise solution: the private cloud. Private clouds give companies some of the benefits of the public cloud while allowing them to maintain more direct control of the resources. When you combine private and public clouds, you have a hybrid cloud. This can give you the best of both worlds and also serves as a way for organizations to “ease” into cloud computing without the security fears associated with the public cloud.
The popularity of private/hybrid clouds surged a few years ago, but the enthusiasm then seemed to fall off a bit as some of the promised benefits failed to materialize.
One disadvantage of the private cloud vs. public is the cost: You still have to invest in a lot of hardware to run your cloud on-premises. However, in cases where data security is of utmost importance and/or regulatory requirements make it undesirable or impossible to put everything into a public cloud, hybrid cloud is still the solution of choice.
The case for Azure-based hybrid clouds
Mike Neil wrote in the Azure blog on the Microsoft site that the company has been seeing almost 100,000 new subscriptions to its Azure public cloud service every month. According to a Market Realist article in February of this year, Microsoft’s 140% growth in the cloud space outpaced Amazon’s 71%, although AWS still dominates in the public cloud arena.
Microsoft is capitalizing on that growing public cloud base to offer companies a hybrid cloud approach that can give them the same experience across private and public clouds, by spanning both environments with the same Azure platform. It makes sense; being able to see the same interface and use the same management tools for your private on-premises network that you use for your public cloud services makes administrative tasks easier and faster and less prone to error. It makes it easier for devs to create applications that work in both places.
So just as Microsoft has focused on working toward the creation of a consistent experience across desktop computer, tablet and phone with Windows 10, they are also adopting a “consistency counts” approach to their cloud solutions. They’re doing this by using the same portal, tools and APIs for their on-premises platform as for the public Azure cloud. Visual Studio, PowerShell, all the open source DevOps software that’s used on Azure will work here, too. The terminology and concepts – storage blobs, virtual networks, service fabric clusters – it’s all the same. That on-prem platform is Azure Stack.
The Azure Stack Technical Preview
The technical preview of Azure Stack that Microsoft released in January is labeled as a “proof of concept.” At the time of this writing, no production-ready version has been released. The proof of concept release is designed to be run all on a single computer, whereas the “real thing” will be deployed across multiple machines for high availability and would provide far greater scale and performance.
The preview is designed to provide a first look and an opportunity to become familiar in a hands-on manner with Azure Stack. The hardware requirements for installing the technical preview are fairly hefty: You’ll need a dual socket processor with at least 12 physical cores, and 16 cores is preferred. You’ll also need 98 GB of RAM (128 GB preferred). The machine has to have at least 5 disk drives: one for the operating system (minimum 200 GB available) and four POC data disks, each with a minimum of 140 GB available (250 GB recommended). The disks can be either traditional hard drives or SSDs as long as they meet the minimum capacity requirements, but must all be the same type (SAS or SATA) and the data drives must all have the same capacity. Hyper-V with SLAT support needs to be enabled in the BIOS and the NIC should be certified for Windows Server 2012 R2.
To install the Azure Stack, you need to do a clean installation of Wnidows Server 2016 Datacenter Edition Technical Preview 4 with the most recent updates installed. You need to create an Azure AD account for the directory admin (you can do this with an Azure free trial subscription on the Azure web site) and at least one account for logging into Azure Stack as a tenant. Deploying the Azure Stack involves running a PowerShell deployment script after you’ve prepared the machine by installing the operating system and running the Microsoft Azure Stack POC.exe file.
Only a single NIC can be used when deploying the Azure Stack. Disable the NICs that you don’t want to use.
How it works
To understand how Azure Stack works, you need to have some basic familiarity with Azure, and you need to understand the difference between the two types of users – which Microsoft calls personas and which differ from the “admin” and “standard user” account types that have always been a part of Windows Server networks. Remember that Azure is designed as a multi-tenant platform, so the two personas are service administrator and tenant.
You can add new tenants in Azure Active Directory, via PowerShell or the portal. In order to share the Stack with others, you’ll need to configure the external computers to connect to it by connecting to the NATVM that was created during deployment via RDP, configuring the point-to-point VPN connection (using L2TP over IPsec), exporting the certificate and then configuring the client computers. This will allow those remote machines to access the Azure Stack POC, also via PowerShell or the portal.
VPN users will need to have local user accounts on the NATVM.
Once you’ve logged in as a service admin, you have to create a plan (for providing compute, network and storage services) and create an offer that contains the plan. Then you can log in as the tenant and subscribe to the offer. This will enable you (the tenant) to use the services and provision a VM. You (the tenant) will also need to create a storage account, which includes blob and table services.
Azure Stack makes it easy to use Azure Resource Manager (ARM) templates that are available for download on GitHub in order to deploy SharePoint, Active Directory and SQL 2014. There is also a template that you can use to create a virtual machine from your own custom user image (it also deploys a virtual network with DNS, a public IP and a network interface). There are several different ways that you can deploy these templates. You can use the Microsoft Azure Stack portal, PowerShell, the command line or Visual Studio.
You (the service manager) can add items to the Marketplace in Azure Stack, so that tenants can get new applications, services and other resources. Each resource in the Marketplace includes an ARM template. The resources that you publish in the Marketplace are in Azure Gallery Package (.azpkg) format. You download and use the Azure Gallery Packaging Tool to create these packages. Then you can use the Add-AzureRMGalleryItem cmdlet in PowerShell to publish the new Marketplace resource to the Azure Stack. Virtual machine images must be added to the Platform Image Repository before you can add the VMs to the Marketplace.
Azure Stack will give organizations an option for deploying a private cloud environment that runs on the same platform as their public Azure resources. At the time of this writing, Azure Stack is in technical preview and changes will undoubtedly occur with future previews and releases. This article has provided you with a brief overview of what Azure Stack is, why you might want to deploy it in your organization and how it works. For more information and detailed instructions on accomplishing the steps required for deployment, see the Microsoft Azure web site.