How to make Windows Azure as an Extension of On-Premises Data Center – Windows Azure Virtual Networks – Part 1

Now with Windows Azure Virtual Machines and Virtual Networks a lot more capabilities are available to be able to look at Windows Azure not as a ‘yet another platform’ and not your network, but really think of it as a real extension of your On-Premises Data Center. Of course that this always depends on the type of company we are talking about, since if we talk with Enterprises this is a MUST-HAVE because they have a lot of investments still in the On-Premises world and some that aren’t still ready, and might never be, for the Public Cloud, but if we talk to ISV’s this isn’t that important because they want to reduce as much as possible their On-Premises needs.

In order to achieve this extension there is a component in Windows Azure that is key, which is Windows Azure Virtual Network, since it allows to create a VPN between On-Premises and your Windows Azure resources. But there are some important considerations to have in mind, like:    

  • Windows Azure Virtual Networks is currently still on Preview
  • In order to use Windows Azure Virtual Network it’s required to have a Router device that supports VPN on the On-Premises location.
  • The On-Premises VPN devices that are currently tested can be found here. This doesn’t mean that they are the only ones you can use, it just means that those are a lot simpler to configure because Windows Azure provides a configuration file that is required to import into the device and it’s done.
  • Windows Azure Virtual Networks do not span Regions or Subscriptions, which means that if you have multiple deployments in the same region and within the same subscription you can use the same VNET, if not you’re required to create multiple VNET’s. Here are some scenarios:
    • Scenario A:
      • Description: Subscription A, has Service B deployed into Windows Azure Cloud Services in North Europe region and Service C deployed in Windows Azure Cloud Services in West Europe region
      • Comments: Even though they are in the same subscriptions since they are in different regions you would need to create a VNET for Subscription A for the North Europe region and another for the West Europe region.    
    • Scenario B:
      • Description: Subscription A , has Service A and B deployed Windows Azure Cloud or Windows Azure Virtual Machines, and it’s required that they are in the same VNET
      • Comments: In this case you only need one VNET for both since they do not span either subscriptions or regions.    
    • Scenario C:
      • Description: Subscription A has Service B and C deployed in Windows Azure Cloud Service within the same region, but it’s required to create security when connecting between them.
      • Comments: In order to achieve this it’s only required to create one VNET since they are in the same subscription and region, but 2 different subnets one for each service, and then it’s the On-Premises VPN/Firewall device that will create the restrictions for each Subnet.    
    • Scenario D:
      • Description: Subscription A has Service B deployed in Windows Azure on the North Central US region, and Subscription C has Service D deployed in Windows Azure on the North Central US region, but they need to communicate between themselves.
      • Comments: in order to achieve this it’s required to create a 2 separate VPN connections, one for Subscription A and another for Subscription C, because VNET’s don’t span across different subscriptions even if they are in the same region.    
  • Currently there’s no ACLing for subnet isolation, so that needs to be done in one of three ways.
    • Create different VNET for each Subnet and this way they aren’t known
    • Perform the ACLing and restrictions between the different subnets on the Windows Firewall level of the instance
    • Perform the ACLing in and On-Premises Firewall device.

So by leveraging Windows Azure Virtual Networks we’ll be able to connect everything we have deployed in Windows Azure Compute with our On-Premises Data Center. By doing this companies gain the ability of leveraging more of their existing investments and look at Windows Azure in a more "extension of Data Center" way and less as a "Black box" which you don’t have a lot of control.

In future posts I’ll go through the process of how-to setup a new Windows Azure Virtual Network between On-Premises and Windows Azure.

March 2013 Windows Azure Speaking Engagements

been doing a lot of work in Windows Azure both on the PaaS and IaaS world and since we’re entering the typical time where the Cloud Events start to happen, I’d like to share where you guys can see me talking about Windows Azure.

The events I’m currently speaking are:

DevWeek 2013 (http://www.devweek.com/ and http://www.devweek.com/speakers/)

March 5th

- SQL Azure overview – how to develop and manage it (http://www.devweek.com/sessions/conference1.asp)

· In this session we will be looking at an overview of SQL Azure in terms of Architecture, Application Topologies that can be used and its Provisioning Model. We’ll also be looking at how Deployment can be done, and which Security we can expect on it. One of the important parts will be understanding the elements that are currently supported and not supported on the current version of SQL Azure, and what we can expect about the future.

- Advanced SQL Azure – performance and scalability (http://www.devweek.com/sessions/conference1.asp)

· In this session we’ll look at some more important SQL Azure topics like performance and scalability, and how concepts like Sharding, SQL Azure Federation are important in order to achieve scalability improvements. We will also look at how SQL Azure Data Sync is important for these concepts and also to keep a local replica of the SQL Azure Database, SQL Azure Backups, Import and Exports and other new features that are being release by the SQL Azure team.

March 6th

- Tips & tricks to build Multi-Tenant databases with Windows Azure SQL Databases (http://www.devweek.com/sessions/conference2.asp)

· When we talk about the Cloud it’s very important the we do our solutions in a highly scalable way as well as in a Multi-Tenant way, since this actually helps us lower the costs to the end customer and so grab the long tail. In order to do this a lot of adjustments need to happen on the database side of things, and in this session we’ll look at ways we can achieve Multi-Tenancy with Windows Azure SQL Databases, and how that can be integrated with the work performed while scaling out Windows Azure SQL Databases, using SQL Federations.

TechDays Netherlands 2013 (http://www.microsoft.com/netherlands/techdays/home.aspx and http://www.microsoft.com/netherlands/techdays/SpeakerDetail.aspx?speakerId=1441

March 7th

- Crash Course on "Automating deployments in Windows Azure Virtual Machines". How and which tools? (http://www.microsoft.com/netherlands/techdays/SessionDetail.aspx?sessionId=3735)

· Windows Azure Virtual Machines have a very interesting interface in the new Windows Azure management portal and it’s very usable when thinking about a small number of Virtual Machines, but when we start building large deployments like 10, 20, 100, 500 virtual machines with VNETs, failover, and so on things start to be different and less doable using the management portal. For this type of work we actually need some form of automation and this is actually what we’ll be covering in this session. And so in this session we’ll look at tools that can enable us to automate Windows Azure Virtual Machines deployments, like PowerShell, ScaleXtreme, RightScale, and other in order to take the automation issue out of the way and really take advantage of Windows Azure.

March 8th

- Lessons Learned: Bridging Windows Azure and On-Premises environments with Windows Azure Virtual Network (http://www.microsoft.com/netherlands/techdays/SessionDetail.aspx?sessionId=3736

· Windows Azure Virtual Network is a very important feature in Windows Azure since it provides a way to extend the existing On-Premises environment into the Cloud, making Windows Azure look as an Extension of the already existing Data Center. Setting up Virtual Network seems simple but sometimes have some important topics that need to be considered. Topics like, Which DNS should I use? How to configure create DMZ’s within the Cloud? How to place PaaS components in the same Virtual Network? How do I configure the Gateway between Cloud and On-Premises? How to troubleshoot the connection? These are some of the concerns that you normally handle when configuring and using Windows Azure Virtual Networks, and so in these session we’ll cover these topics based on the lessons learned from doing this with a great deal of customer and going through each of those concerns.

- Achieve High Availability with SQL Server on Windows Azure Virtual Machines (http://www.microsoft.com/netherlands/techdays/SessionDetail.aspx?sessionId=3737)

· SQL Server has been massively used by organizations in order to provide a RDBMS and when moving into the Cloud one of the elements that normally caused some concerns was ‘THE DATABASE’, since SQL Databases are Shared Instances and don’t have feature parity with SQL Server, which causes some changes in the existing codebase. Now Windows Azure Virtual Machines opens a new door for the Cloud Migration process, since it allows to completely move our SQL Server into the Cloud and keep feature parity with On-Premises, which is important. But with this great news some new concerns appear also. Concerns like How to achieve High-Availability, Failover, Clustering, Data Security and so on with SQL Server in Windows Azure Virtual Machines. In this session, we’ll look at SQL Server in Windows Azure and how we can use it and achieve a Highly Available environment for out RDBMS.

- Lessons Learned: Taking the best performance out of Windows Azure Virtual Machines (http://www.microsoft.com/netherlands/techdays/SessionDetail.aspx?sessionId=3738)

· Windows Azure Virtual Machines are still new in Windows Azure and have a lot of tweaks needed in order to take the best out of their capabilities. After being working with them since the early beginning a lot of lessons were learned in the process in terms of how to achieve the best performance. In this process we’ll cover some topics and strategies that will enable us to take the best performance out of Windows Azure Virtual Machines but at the same time also achieve the best SLA possible.

Hope to see you in one of my sessions and if you would like to send any requests for some of the sessions you’re attending just send me a Tweet for @NunoGodinho. This way I’ll be able to create those Windows Azure sessions more related to what all of you really want to see.

Scheduler in Windows Azure

Windows Azure has been growing significantly and adding more and more services, but something that has always missed has been a Windows Azure Scheduler service. The windows azure just release one version of it that seems to have potential but still in very early stages.

Recently Aditi Product Services created their first Windows Azure Service available in the Windows Azure Store, and this new service is actually a Cloud Based CRON Scheduler.

This new service basically allows the user to create schedule tasks using a set of HTTP webhooks that run CRON schedules, being either simple or complex.

You can check more about this service and why it was built in this great post by Wade Wegner.

Looking at the features:

  • Support for CRON statements for reoccurrence scheduling.
  • Allows simple HTTP GET requests—easily allowing developers to use Scheduler to execute webhooks. With Scheduler, there is no requirement for a Windows Azure machine instance — every endpoint is an HTTP API. Scheduler supports development directly against the API or using our NuGet package.
  • Fully integrated into the Windows Azure store.
  • Run up to 5000 jobs in a month (during our Free Trial).
  • HTTP GET requests to your services and a full Web API for CRUD operations.
  • Simple and complex CRON job expressions.

For future releases will include HTTP POST, Auth, sending jobs into message queues and more

In terms of the architecture you can check this other post from Ryan Dunn

Now looking at all those features I can remember several different use cases where this might be helpful, one of them is something a lot of DBAs have been asking which is Database Backups. So what do we need to do in order to do this with this Scheduler Service?

1. Add Scheduler to your Subscription by going into the http://manage.windowsazure.com as choosing "PURCHASE ADD-ONS"

2. Choose the Scheduler Add-On

clip_image001

3. Now Create a Visual Studio Project and Add the Aditi.Scheduler Nuget package

clip_image002

4. Open your code where you want to add your Scheduler information and just add the following code:

   1:  var tenantId = "YOUR TENANT ID";
   2:  var secretKey = "YOUR SECRET KEY";
   3:  var scheduledTasks = new ScheduledTasks(tenantId, secretKey);
   4:  var backupTask = new TaskModel()
   5:              {
   6:                  Name = "Import/Export SQL Azure Database",
   7:                  JobType = JobType.Webhook,
   8:                  CronExpression = "0 0 12 1/1 * ? *", // taken from http://cronmaker.com/
   9:                  Start = DateTime.Now,
  10:                  Params = new Dictionary<string, object>() 
  11:                  {
  12:                      {"url", "http://myurl/api/BackupDB/TestDB"}
  13:                  }
  14:              };
  15:  scheduledTasks.CreateTask(backupTask);


5. You’re done. What you need now is your BackupDB Service to be listening in that URL and executing the requests. For that you can use this project http://sqldacexamples.codeplex.com/ that will help you do that.



There are a lot more scenarios for this but this looked like something a lot of people would be interested, but scenarios like:



  • Validating is a service or page is available by pinging a url
  • Performing backups of DB, Storage and so on
  • Deployments for Windows Azure based on specific conditions
    • Example would be a company that has an infrastructure On-Premises and wants to continue to use it but there are certain hours of the day that needs to scale-out into Windows Azure to handle more load. In this case it would do a CRON Task based on a specific time of day to deploy the solution to Windows Azure and change the Load Balancer for example, and doing the same for deleting the deployment when it’s not required anymore. This is important because a lot of customer look at Windows Azure in this moment only as a Scale-out platform and need something to help automate the tasks of spinning up new machines.
  • Perform Archiving processes of data
    • Example would be every day a process would be executed that would analyze all the data in Windows Azure SQL Databases and Table Storage and would provide an archiving mechanism passing the data that is older than 1 month into the Table Storage in order to save costs and to maintain only "live/active/most used" data in Windows Azure SQL Databases.


There’s a lot of other scenarios but those seemed good to start.

Back to Writing and Experiences Sharing

Hello everyone, I’ve completely stopped writing a while back and I really miss sharing my experiences  in this b#log, and so I’d like to inform everyone that I’m back on the writing part again and in order to make myself more compliant with writing I’ll make sure I’ll write at least once a week sharing all my crazy experiences and works around Windows Azure.

Lately I’ve been working with a lot of different moving parts of Windows Azure like, IaaS, Media Services, Mobile Service, as well as BigData (HDInsight) and HPC and so a lot to share on those from practices to mistakes I did and will try to help you not to do the same mistakes as I did.

Thanks, and hope my sharing helps you more from now on.