Cloud Insights from Brad Anderson, Corporate Vice President, Windows Server & System Center
After nearly 40 years of creating enterprise software, there are few companies who have come to appreciate the importance of infrastructure in the quite the way we have at Microsoft. We recognize that to host great software and great apps, you need an equally great infrastructure for your datacenter.
At Microsoft, we create and deliver first party apps (both on-premises and in our cloud datacenters), as well as host the apps that our customers and partners build. All of this runs on our own network infrastructure alongside workloads like Exchange, SQL, SharePoint, Xbox Live, and Office 365.
Our experiences with key workloads like these help us to deeply understand what is required to deliver infrastructure and networking that is optimized for the apps that enterprises need most. The cloud has been an incredible learning experience for us. Over the last 10+ years, as we have built and operated some of the world’s largest services like Xbox Live, Bing, Outlook.com (in total more than 200 cloud services), we have developed a set of skills and experience that enable us to build better applications, platforms, and infrastructure. Not only do these services operate better on our end, but the things we learn while building and refining them at scale are then included in the products we deliver for use in your datacenters.
From this experience, there are a key set of beliefs and understandings that form our point of view on the cloud, as well as the architecture of what we build. For example:
Networking in particular is an area where people are looking for innovation. That’s why we have been working to make powerful and extensible software-defined networking (SDN) a reality.
SDN allows organizations to use the cloud to overcome traditional hardware problems. The result are things like flexibility (movement between public/private clouds and on-premises), scale (capacity that is effectively bottomless), and efficiency (abstracting hardware with software). This use of SDN enables enterprises to go well beyond simple network virtualization, and it allows them to leverage existing infrastructure investments.
Our approach to supporting SDN is straightforward: Put the best possible technology in the hands of enterprises all over the world. We do this in four primary ways: We simplify adoption, we provide deep integration between the cloud and on-prem infrastructure, we support great workload performance, and we simplify interoperability.
This approach makes Microsoft’s role in cloud industry very exciting; we are the only company to provide apps and infrastructure for both on-premises and cloud-based workloads and operations.
SDN is particularly top of mind right now because last week we released the latest versions of Windows Server and System Center which are foundational to help customers realize Microsoft’s Cloud OS vision. Core to our vision is the notion of where customers can transform their infrastructure into a shared, elastic resource pool that can deliver on-demand capacity in a boundary-less manner.
In that context, I noted earlier how these new products include innovative new functionality that enable IT teams to use Windows Server and System Center for high-scale virtualization, high-performance storage at dramatically lower costs, as well as in-the-box SDN.
I promised in that earlier post to write more about each of these areas, and today I’ll focus specifically on SDN.
SDN is a frequent topic in my meetings with partners and customers. Many CIO’s, IT Decision Makers, and IT Implementers that I talk with are looking to develop an approach that can support the growing apps and services their businesses deploy. They want scale on demand, cost efficiencies, and continuous availability. They are also working to deliver more with less.
The simple fact of the matter, however, is that to deliver more services you need more resources – whether these resources are physical or virtual.
The number of servers is growing (onsite or offsite, virtual or physical), the volume of services and workloads are proliferating, and the devices that consume these services are increasing exponentially.
This is leading to an incredible amount of IT complexity in three areas:
With hypervisors and virtualized servers becoming the norm, the adoption of compute innovation is now mainstream, and I’ll cover storage innovation in another post. Networking, however, (specifically traditional hardware-based solutions) has not kept pace with these complexities, thus making it a growing burden on IT. Datacenters with traditional networking architectures are just too rigid for cloud-based computing.
For example, provisioning and configuring networks continues to be time consuming, cumbersome and error-prone. This makes getting a holistic view of the network for diagnostics and troubleshooting difficult since network operations continue to be done on a per-device basis. I’ve had many conversations with enterprise customers about providing IT teams with the ability to deliver a truly shared infrastructure (including a shared network fabric) where IT can host internal LOB constituents (or ‘tenants’) in a cost-effective manner while still meeting their unique business requirements. Many of these enterprise infrastructures, however, are constrained, end up “physically” isolating tenants, and/or the administrators have to make peace with inflexible VLAN-based approaches.
The biggest limiting factor with today’s networking approaches is that they don’t focus nearly enough on the application or workload requirements. This is critical because, after all, applications are what your business really cares about, and infrastructure exists to support them. Tight coupling between workloads and the physical network makes it difficult to efficiently deploy and migrate them dynamically, thereby limiting agility. I firmly believe the network has to dynamically adapt to application and workload demands and not be constrained by the shortcomings in today’s networking approaches. In addition, public clouds have added to the demands of IT by requiring an easy way to extend networks across datacenters so that applications and workloads can be deployed or moved at a dynamic pace to keep up with today’s business requirements.
As a company, we are very confident in our ability to impact these challenges – after all, we already deliver top-tier enterprise applications like SQL, Exchange, SharePoint as well as fantastic infrastructure assets that are widely deployed across our customers’ datacenters (both in private and public cloud computing models).
Many in the industry believe the solution is limited to virtualized networking, but our experience tells us that it’s much more than that. The solution is to go beyond virtualized networking and deliver software-defined networks.
Our experience running Windows Azure globally using SDN to support industry-leading scale and flexibility has convinced us about the practical applicability & benefit of SDN for enterprises and service providers. Windows Azure runs on a massive global network that is constantly and dynamically modified to meet the needs of services and customers. SDN technologies enable us to manage and update our networks with ease and at scale. It is really exciting to bring this technology from Windows Azure to our customers. This will enable network automation from the ground up, delivering a software-defined network and integrating policy control driven by application requirements and patterns.
So, let me talk a bit more about how we are bringing these SDN principles we use in Windows Azure to our enterprise customers and service providers.
At its core, SDN is all about using software to make your network a pooled, automated resource that can seamlessly extend across cloud boundaries. This allows optimal utilization of your existing physical network infrastructure, agility and flexibility resulting from centralized control, and business-critical workload optimization from deployment of innovative network services.
SDN begins with abstracting your applications and workloads from your underlying physical network through network virtualization. It then provides a consistent platform to express and enforce policy across all clouds – in-built services such as gateways seamlessly extend your datacenters across these clouds. Finally, SDN provides for a standards-based mechanism to automate deployment of both your physical and virtual networks (not just virtual!), while being extensible enough to allow deep integration with existing networking solutions that may already be deployed.
Delivering on the above-described SDN functionality in an easy-to-consume manner is core to our mission to democratize technology transformations.
To deliver on our mission with SDN, below is our four-pronged approach to help our customers leverage the technology and the skills they have today to get to a transformed tomorrow:
Over the last year we’ve made a ton of progress on our four-pronged approach and our customers rolling out the latest versions of our products are seeing the benefits of SDN.
First, Windows Server 2012 R2 and System Center 2012 R2 deliver a hybrid cloud-enabled, built-in, SDN solution that is inspired by, based on, and consistent with the technology we use in Windows Azure. Through Windows Server 2012 Hyper-V Network Virtualization and System Center 2012 SP1, we delivered the abstracted data plane and centralized control to transform your network into a pooled, automated resource. We also delivered multi-tenant isolation and network policy deployment for optimal workload placement/mobility, as well as comprehensive network policy enforcement through an extensible logical switch. As promised throughout the “What’s New in 2012 R2” series, we have built on these innovations in our new R2 releases via fully enabled hybrid cloud scenarios, and through our unique multi-tenant software gateway that supports site-to-site VPN, forwarding and NAT capabilities in highly-available configurations. This gateway will allow enterprise customers to extend their datacenter to service providers seamlessly, while enabling them to consume virtual networking infrastructure in a way that’s similar to how they would with Windows Azure (through the Windows Azure Pack). Put another way, service providers can deploy this built-in gateway to deliver easy and efficient connectivity for multiple enterprise customers to access their hosted resources. Of course, enterprises can extend their datacenters seamlessly to Azure through the Windows Azure Virtual Network.
Again, these technologies are built-in, so you get the benefits without spending an additional dime.
Another major accomplishment has been the work we’ve done to deliver integration across the networking ecosystem. For example, we’ve integrated Windows Server Hyper-V Extensible Switch and System Center with the Cisco Nexus 1000V switch. Our goal is to integrate Cisco networking solutions deeply within our platform so that network administrators at our enterprise customers can continue to operate a virtual networking environment that’s familiar. As mentioned above, we intend to support our customers’ diverse datacenter investments and skill-sets by working with other networking partners to achieve this level of deep integration. See how EmpireCLS is benefiting from our joint solutions.
We also work with a variety of ecosystem partners to build joint solutions so that customers have choice at each layer of the networking solution they deploy. We’ve worked with chipset extensions partners (Broadcom, Emulex, Mellanox, Intel) to help maximize virtual network performance by taking advantage of native hardware offloads. We’re also working with some key partners (F5, Huawei, and Iron Systems, etc.) to create gateway appliances that will support a broader set of cloud-based scenarios. Network security and manageability is yet another important area, and the Hyper-V Extensible Switch has enabled our partners (like 5NINE or inMon) to extend our platform.
SDN is also a critical factor for Microsoft Lync, the market leader for enterprise Unified Communications. Lync uses SDN to signal out-of-band its requirements and performance information to the network for active real-time media flows. This unique approach allows SDN networks to become aware of the demands for real-time media (like voice and video) so that networks can dynamically diagnose, traffic engineer, and orchestrate themselves. This automation lowers the cost of ownership and increases the quality of the end-user experience. In this context, a great example of how SDN truly modernizes applications and networks was demonstrated at the last Open Network Summit (ONS) in April 2013 and can be viewed here. What this means for you is that the network can dynamically prioritize real-time communications as per your business requirements – to illustrate, if you’re in the customer support business, then Lync can support higher quality experiences for your top-tier customers.
Finally, over the last year we’ve also defined and evangelized standards-based schemas for managing networking elements. Specifically, we’ve open sourced a version of WMI (OMI) that enables Windows Server and System Center to manage network devices in a consistent manner, thus allowing administrators to plug and play with network devices without fear of lock-in. Today, Cisco Nexus 3000 switches and Arista TOR switches can be managed using OMI via System Center, and we’re working hard to drive broader industry adoption and compatibility. We’ve worked with NEC to integrate Hyper-V and System Center with their switches using OpenFlow extensions.
To see these attributes in action, consider this diagram.
I am really excited by this progress, but, as we all know, in the technology industry your work is never really done. In this industry, our jobs don’t end with delivering the best possible solutions today – we’re responsible for identifying what our organization is going to need tomorrow.
As our customers’ infrastructure (virtual, physical, or in the cloud) continues to grow in an effort to keep up with the rapid growth of services/apps/data/devices, the complexity of their networks will continue to increase. At each of these steps, Microsoft is committed to helping them successfully address each of these challenges.
Teams throughout this company are already hard at work on new innovations for in-box SDN solutions, improved integration between these solutions, and support for the entire networking ecosystem of switches, chipsets, and gateways (physical, virtual, or in the cloud).
Perhaps the most important work we’ll be doing is our work with the industry to deliver a truly extensible and interoperable approach to the full SDN stack. Pursuing this idea is what makes me so excited about how we’ve joined with Open Networking Foundation to work on standardized northbound API’s for third party controller integration, the work we’ve done with DMTF to develop standardized southbound API’s to interface with physical infrastructure, and our work with OpenDaylight to build open implementations of these standards. We place incredible emphasis and importance on delivering standardized API’s to enable first-party and third-party network services.
Customers shouldn’t wait for that day to get into software-defined networking – the challenges they’re encountering today are real and the solutions are already here. IT teams around the world now have the flexibility to scale, the ability to integrate with public clouds, and gain the efficiency an SDN solution provides.
With the solutions we have in-market today, customers can begin benefitting from the advantages of SDN right now:
These are three incredibly exciting opportunities for enterprise IT and service providers – and they are all currently available in-market within Windows Server 2012 R2, System Center 2012 R2, and Windows Azure.
This is an awesome time to work in the IT industry, and it’s a genuinely game-changing moment in technology. IT teams have a big opportunity to set themselves apart as decision makers and difference makers in their organization, and my team is committed to providing all the products, tools, and support to enable this. The Cloud OS approach to enterprise IT is a great way to get the most power and flexibility from your infrastructure while leveraging the knowledge we’ve gained from operating a massive worldwide datacenter network.
Welcome to your network without limits for your datacenter without boundaries.
Sorry, but we cannot use your Azure IaaS Service without multiple Site-To-Site VPN.
Please add this feature ASAP. Also see the links below.
IaaS - Multiple Site-To-Site VPN
Allow VPN from multiple sites and Direct access
Hi Jesper -- thanks for your question.
This is a high priority for the Windows Azure team, and they are already working to enable it as soon as possible.
Brad thanks for the InMon mention. The combination of support for the sFlow measurement standard in the Hyper-V extensible switch, along with sFlow support from the physical switch partners that the article mentions (Cisco Nexus 3000, Arista, NEC, ...) gives the consistent, real-time, end-to-end view of network, server, storage and virtual machine performance that combined with SDN and OMI will allow the architecture to adapt to changing application demands and ensure performance isolation between tenants, protect the infrastructure from DDoS attacks, improve efficiency, and account for resource usage.
For anyone interested in a deep dive into dynamically optimizing infrastructure, here is a talk that discusses the role of analytics in building adaptive infrastructure: