imageWriting an article on for recommendations and considerations can be tough.  It is even tougher when Windows Azure Virtual Machines (the IaaS) is currently in customer preview.  With that sad the first best practice is to avoid putting production workloads in the cloud, unless your willing to risk While I do not expect your systems will have problems in the cloud, I would put this squarely in the testing phase.  Now I know some of you will be thinking, heck I ran beta’s before, but as you may recall when the product went RTM there was no upgrade path.  While I do not think Windows Azure will have that occur, it is something to keep in the back of your mind.  Remember you can start your Windows Azure trial here: http://aka.ms/GetAzureIaaS 

One question I get asked all the time is Windows Azure for everything?  While I think it may be yes for some,  my simple answer is no.  In reality you have to make the decision based on the needs and demands of your business to whether Windows Azure is a fit.  Keep in mind that is also not an all or nothing thing.

Windows Azure Savings and Strategy

These are really only two reason to ever look at using the cloud.  If it can save your money or if you can leverage to cloud to improve your infrastructure with services you did not have before.  When it comes to cost, you will have to take an honest look at your current datacenter costs and procedures and compare them to running your infrastructure in the cloud.  Cost can be a big factor in determining if the cloud is a fit and in part 15 Dan gave you some great tools to help you estimate it for you.  In the mean time I recommend you check out the Kelley Blue Book case study, they were able to show they saved $100,000 annually.

When you look at Windows Azure IaaS specifically there are a few ways you can look at how it can help you.  I would recommend you consider these scenarios when you think of Windows Azure IaaS:

  • VMs for development and test. Development groups commonly need VMs with specific configurations for creating applications. Windows Azure Virtual Machines provides a straightforward and economical way to create these VMs, use them, then remove them when they’re no longer needed.
  • Running applications in the cloud. For some applications, running on the public cloud makes economic sense. Think about an application with large spikes in demand, for example. It’s always possible to buy enough machines for your own datacenter to run this application, but most of those machines are likely to sit unused much of the time. Running this application on Windows Azure lets you pay for extra VMs only when you need them, shutting them down when a demand spike has ended. Or suppose you’re a start-up that needs on-demand computing resources quickly and with no commitment. Once again, Windows Azure can be the right choice.
  • Extending your own datacenter into the public cloud. With Windows Azure Virtual Network, your organization can create a virtual network (VNET) that makes a group of Windows Azure VMs appear to be part of your own on-premises network. This allows running applications such as SharePoint and others on Windows Azure, an approach that might be easier to deploy and/or less expensive than running them in your own datacenter.
  • Disaster recovery. Rather than paying continuously for a backup datacenter that’s rarely used, IaaS-based disaster recovery lets you pay for the computing resources you need only when you really need them. For example, if your primary datacenter goes down, you can create VMs running on Windows Azure to run essential applications, then shut them down when they’re no longer needed.

Security

Another common concern is around security.  This is where Windows Azure has come a long way to help change the perception about cloud security.  Too me is not that much different from when the Internet first came to proliferation and people started shopping online.  I remember my dad swore to me he would never use the Internet, keep in mind he was also the same person who would pick up the phone dial 1-800 and talk to someone he has never spoken to a day in his life and give his credit card number.  The point being is Windows Azure does offer a tremendous amount of security and support for your regulations.  There is a great amount of information located here: Windows Azure Trust Center 

When I think about Azure IaaS and the cloud in general, it is important to understand the cloud is not going to magically fix your Active Directory, or SharePoint environment.  If you are having issues with any workloads on-premise, you may have some of those same issues in the cloud.  In other words, the cloud doesn’t fix stupid.   When it comes to security, we at Microsoft have responsibility as well as you for making sure the workloads you place in the cloud meet your security and regulation requirements.  I really like this quote from the trust center:

It is also important to note that a cloud platform like Windows Azure requires shared responsibility between the customer and Microsoft.  Microsoft is responsible for the platform, and seeks to provide a cloud service that can meet the security, privacy, and compliance needs of our customers.   Customers are responsible for their environment once the service has been provisioned, including their applications, data content, virtual machines, access credentials, and compliance with regulatory requirements applicable to their particular industry and locale.

This is important when it comes to Windows Azure IaaS.  While we support the hyper-V platform your servers are running on you will still need to maintain those servers, like any other servers in your infrastructure.  The major difference is that you do not need to maintain the hardware.  But you will still need to maintain the OS and all the way up to the application.  In the end one great thing is that Windows Azure is maturing and already meets a lot of industry regulation requirements.  Note that in the table below, the Virtual Machines role meets all the major regulation requirements. You can find more information here: Windows Azure Compliance

Windows Azure Feature

ISO 27001

SSAE 16 ISAE 3402

EU Model Clauses

HIPAA BAA

Web Sites

       

Virtual Machines

X

X

X

X

Cloud Services

X

X

X

X

Storage (Tables, Blobs, Queues)

X

X

X

X

SQL Database

       

Caching

       

Content Delivery Network (CDN)

       

Networking

X

X

X

X

Windows Azure Active Directory

       

Service Bus

       

Media Services

       

Other Windows Azure Offerings

One last thing, while our focus on the series 31 Days of Servers in the Cloud, will focus on IaaS.  I want to stress that you do not forgot about the other offerings that Windows Azure has.  As you recall in part 6 Yung did a great job covering the other Windows Azure services: 31 Days of Servers in the Cloud - Windows Azure Features Overview (Part 6 of 31) Where IaaS may not fit your needs the Web Sites may.  Here are some great guidelines when you are evaluating Windows Azure for your workloads.

Windows Azure Web Sites are ideal for… Windows Azure Cloud Services are ideal for... Windows Azure Virtual Machines are ideal for...

Modern Web Applications. Applications that consist of a client-side markup and scripting, server-side scripting and a database. You can scale out or up as needed.

Multi-tier Applications. Applications that are composed of multiple tiers. Each tier can be scaled independently, with asynchronous background processing, like order processing, using both Web and Worker Roles.

Server Applications. Existing applications that leverage SQL Server, MySQL, MongoDB, Sharepoint Server, etc.

Continuous Development. Deploy directly from your source code repository using Git or Team Foundation Service.

Applications that Require Advanced Administration. Applications that require administrator access, remote desktop access, or running code with elevated privileges.

Existing Line-of-business Applications. Choose an image from the gallery or upload your own VHD.

Popular Open Source Applications. Launch a web site with a few clicks using such applications as WordPress, Joomla!, and Drupal.

Applications that Require Advanced Networking. Applications that require network isolation with Windows Azure Connect or Windows Azure Virtual Network.

Windows or Linux. Support for Windows Server and community/commercial versions of Linux. Connect virtual machines with Cloud Services to take advantage of PaaS services.

 

We hope you enjoy the series and make sure you give Windows Azure a Try: http://aka.ms/GetAzureIaaS

If you missed any of the parts you can find the rest of the series here: 31 Days of Servers in the Cloud.