September 17, 2012 § Leave a comment
Announcing: Great Improvements to Windows Azure Web Sites
I’m excited to announce some great improvements to the Windows Azure Web Sites capability we first introduced earlier this summer.
Today’s improvements include: a new low-cost shared mode scaling option, support for custom domains with shared and reserved mode web-sites using both CNAME and A-Records (the later enabling naked domains), continuous deployment support using both CodePlex and GitHub, and FastCGI extensibility. All of these improvements are now live in production and available to start using immediately.
New “Shared” Scaling Tier
Windows Azure allows you to deploy and host up to 10 web-sites in a free, shared/multi-tenant hosting environment. You can start out developing and testing web sites at no cost using this free shared mode, and it supports the ability to run web sites that serve up to 165MB/day of content (5GB/month). All of the capabilities we introduced in June with this free tier remain the same with today’s update.
Starting with today’s release, you can now elastically scale up your web-site beyond this capability using a new low-cost “shared” option (which we are introducing today) as well as using a “reserved instance” option (which we’ve supported since June). Scaling to either of these modes is easy. Simply click on the “scale” tab of your web-site within the Windows Azure Portal, choose the scaling option you want to use with it, and then click the “save” button. Changes take only seconds to apply and do not require any code to be changed, nor the app to be redeployed:
Below are some more details on the new “shared” option, as well as the existing “reserved” option:
With today’s release we are introducing a new low-cost “shared” scaling mode for Windows Azure Web Sites. A web-site running in shared mode is deployed in a shared/multi-tenant hosting environment. Unlike the free tier, though, a web-site in shared mode has no quotas/upper-limit around the amount of bandwidth it can serve. The first 5 GB/month of bandwidth you serve with a shared web-site is free, and then you pay the standard “pay as you go” Windows Azure outbound bandwidth rate for outbound bandwidth above 5 GB.
A web-site running in shared mode also now supports the ability to map multiple custom DNS domain names, using both CNAMEs and A-records, to it. The new A-record support we are introducing with today’s release provides the ability for you to support “naked domains” with your web-sites (e.g. http://microsoft.com in addition to http://www.microsoft.com). We will also in the future enable SNI based SSL as a built-in feature with shared mode web-sites (this functionality isn’t supported with today’s release – but will be coming later this year to both the shared and reserved tiers).
You pay for a shared mode web-site using the standard “pay as you go” model that we support with other features of Windows Azure (meaning no up-front costs, and you pay only for the hours that the feature is enabled). A web-site running in shared mode costs only 1.3 cents/hr during the preview (so on average $9.36/month).
Reserved Instance Mode
In addition to running sites in shared mode, we also support scaling them to run within a reserved instance mode. When running in reserved instance mode your sites are guaranteed to run isolated within your own Small, Medium or Large VM (meaning no other customers run within it). You can run any number of web-sites within a VM, and there are no quotas on CPU or memory limits.
You can run your sites using either a single reserved instance VM, or scale up to have multiple instances of them (e.g. 2 medium sized VMs, etc). Scaling up or down is easy – just select the “reserved” instance VM within the “scale” tab of the Windows Azure Portal, choose the VM size you want, the number of instances of it you want to run, and then click save. Changes take effect in seconds:
Unlike shared mode, there is no per-site cost when running in reserved mode. Instead you pay only for the reserved instance VMs you use – and you can run any number of web-sites you want within them at no extra cost (e.g. you could run a single site within a reserved instance VM or 100 web-sites within it for the same cost). Reserved instance VMs start at 8 cents/hr for a small reserved VM.
Windows Azure Web Sites allows you to scale-up or down your capacity within seconds. This allows you to deploy a site using the shared mode option to begin with, and then dynamically scale up to the reserved mode option only when you need to – without you having to change any code or redeploy your application.
If your site traffic starts to drop off, you can scale back down the number of reserved instances you are using, or scale down to the shared mode tier – all within seconds and without having to change code, redeploy, or adjust DNS mappings. You can also use the “Dashboard” view within the Windows Azure Portal to easily monitor your site’s load in real-time (it shows not only requests/sec and bandwidth but also stats like CPU and memory usage).
Because of Windows Azure’s “pay as you go” pricing model, you only pay for the compute capacity you use in a given hour. So if your site is running most of the month in shared mode (at 1.3 cents/hr), but there is a weekend when it gets really popular and you decide to scale it up into reserved mode to have it run in your own dedicated VM (at 8 cents/hr), you only have to pay the additional pennies/hr for the hours it is running in the reserved mode. There is no upfront cost you need to pay to enable this, and once you scale back down to shared mode you return to the 1.3 cents/hr rate. This makes it super flexible and cost effective.
Improved Custom Domain Support
Web sites running in either “shared” or “reserved” mode support the ability to associate custom host names to them (e.g. www.mysitename.com). You can associate multiple custom domains to each Windows Azure Web Site.
With today’s release we are introducing support for A-Records (a big ask by many users). With the A-Record support, you can now associate ‘naked’ domains to your Windows Azure Web Sites – meaning instead of having to use www.mysitename.com you can instead just have mysitename.com (with no sub-name prefix). Because you can map multiple domains to a single site, you can optionally enable both a www and naked domain for a site (and then use a URL rewrite rule/redirect to avoid SEO problems).
We’ve also enhanced the UI for managing custom domains within the Windows Azure Portal as part of today’s release. Clicking the “Manage Domains” button in the tray at the bottom of the portal now brings up custom UI that makes it easy to manage/configure them:
As part of this update we’ve also made it significantly smoother/easier to validate ownership of custom domains, and made it easier to switch existing sites/domains to Windows Azure Web Sites with no downtime.
Continuous Deployment Support with Git and CodePlex or GitHub
One of the more popular features we released earlier this summer was support for publishing web sites directly to Windows Azure using source control systems like TFS and Git. This provides a really powerful way to manage your application deployments using source control. It is really easy to enable this from a website’s dashboard page:
The TFS option we shipped earlier this summer provides a very rich continuous deployment solution that enables you to automate builds and run unit tests every time you check in your web-site, and then if they are successful automatically publish to Azure.
With today’s release we are expanding our Git support to also enable continuous deployment scenarios and integrate with projects hosted on CodePlex and GitHub. This support is enabled with all web-sites (including those using the “free” scaling mode).
Starting today, when you choose the “Set up Git publishing” link on a website’s “Dashboard” page you’ll see two additional options show up when Git based publishing is enabled for the web-site:
You can click on either the “Deploy from my CodePlex project” link or “Deploy from my GitHub project” link to walkthrough a simple workflow to configure a connection between your website and a source repository you host on CodePlex or GitHub. Once this connection is established, CodePlex or GitHub will automatically notify Windows Azure every time a checkin occurs. This will then cause Windows Azure to pull the source and compile/deploy the new version of your app automatically.
The below two videos walkthrough how easy this is to enable this workflow and deploy both an initial app and then make a change to it:
- Enabling Continuous Deployment with Windows Azure Websites and CodePlex (2 minutes)
- Enabling Continuous Deployment with Windows Azure Websites and GitHub (2 minutes)
This approach enables a really clean continuous deployment workflow, and makes it much easier to support a team development environment using Git:
Note: today’s release supports establishing connections with public GitHub/CodePlex repositories. Support for private repositories will be enabled in a few weeks.
Support for multiple branches
Previously, we only supported deploying from the git ‘master’ branch. Often, though, developers want to deploy from alternate branches (e.g. a staging or future branch). This is now a supported scenario – both with standalone git based projects, as well as ones linked to CodePlex or GitHub. This enables a variety of useful scenarios.
For example, you can now have two web-sites – a “live” and “staging” version – both linked to the same repository on CodePlex or GitHub. You can configure one of the web-sites to always pull whatever is in the master branch, and the other to pull what is in the staging branch. This enables a really clean way to enable final testing of your site before it goes live.
This 1 minute video demonstrates how to configure which branch to use with a web-site.
The above features are all now live in production and available to use immediately. If you don’t already have a Windows Azure account, you can sign-up for a free trial and start using them today. Visit the Windows Azure Developer Center to learn more about how to build apps with it.
We’ll have even more new features and enhancements coming in the weeks ahead – including support for the recent Windows Server 2012 and .NET 4.5 releases (we will enable new web and worker role images with Windows Server 2012 and .NET 4.5 next month). Keep an eye out on my blog for details as these new features become available.
Hope this helps,
P.S. In addition to blogging, I am also now using Twitter for quick updates and to share links. Follow me at: twitter.com/scottgu
(Source : http://weblogs.asp.net/scottgu/archive/2012/09/17/announcing-great-improvements-to-windows-azure-web-sites.aspx)
August 2, 2012 § 1 Comment
For many organizations, the path to a private cloud seems almost preordained. Once they’ve invested in virtualization and consolidated servers, they believe that private clouds are the next logical step.
It is, actually, but just because you’ve gained efficiencies through virtualization doesn’t mean you’re a hop, skip and a jump from having full-blown private clouds. Anything but.
Here are five common myths about private clouds that you’ll need to shake off before you’re ready to take the plunge:
1. Virtualization equals private cloud.
No, it does not. Virtualization helps transform outdated infrastructures into dynamic, cost-effective, self-healing ones. That’s a lot, but beyond that, you’ll need more.
“An enduring myth of private cloud is that automation software can transform traditional IT processes and infrastructure into a cloud. If the only challenge was in provisioning a bare virtual machine, that might work. But IT needs to provision operating systems, databases, backup software, storage, network, and much more,” said Kevin Brown, CEO of storage vendor Coraid. Automation only succeeds after addressing the core issue of IT complexity.
“Rather than having custom services, cloud providers predefine their service levels and offerings. This discipline then filters down into the hardware and software architectures,” Brown said.
As the CEO of a storage company, the example Brown gave centered on storage, of course.
“Storage is typically standardized to support a small number of very specific service levels, such as basic storage, replicated storage, and high-performance storage. This simplifies provisioning systems and works best when paired with storage that can support every tier with a single platform.”
Once the infrastructure is highly standardized, automation enables small IT teams to manage very large- scale infrastructures. Of course, this sort of standardization spills over from whatever you start with, such as storage, to other applications and services.
2. Traditional security can be tweaked to work with private clouds.
Traditional datacenter security is all about perimeters. Keep untrusted people and traffic out, and let trusted insiders in. The trouble is that with the cloud and mobility there is no “out” or “in.”
“In a traditional private data center, people build strong walls between different segments of servers (development servers, finance servers, etc.). In a private cloud it is one big flat network, so IT has to figure out how to protect servers from each other in this environment. This is a real challenge,” said Rand Wacker, VP of Product Management for cloud security provider CloudPassage.
As organizations move to large pools of virtual servers, too many have limited network controls between them. The security solution that is needed is highly automated controls on each of the servers themselves.
Of course, plenty of cloud security solutions are emerging, but this space isn’t yet mature. Should you invest in hypervisor security, federated identity management tools or applications firewalls? Do you need all of the above? Yes, and probably more.
Security tends to consolidate over time, but for now cloud security equals an array of best-in-class point products.
3. Private clouds still rely on dedicated resources.
A true private cloud can grow and shrink, based on real-time processing needs, by taking advantage of idle resources on the network. Outdated thinking simply locks you into outdated computing models.
“The true benefit of the cloud – private or public – is its scalability,” said Eyal Maor, CEO of Xoreax, a provider of software acceleration technology.
“Consider this: while your development team members are using three cores on their quad-core machines, the marketing team is often using just one CPU. Even if you don’t consider the other underutilized computers across the other low-usage departments – accounting, data entry, call center – for each marketer plus developer, you have the equivalent of a completely free quad-core machine idle on the network.”
To achieve private cloud benefits, those idle processors need to be available. Of course, this means you’ll need better visibility, monitoring and management tools than you have now, but without them, your private cloud simply won’t scale like you think it will.
“If you don’t embrace new architectures, you’re simply building on top of bad choices. If you had bad storage utilization in the physical world, it’ll be worse in a virtualized or cloud environment because you didn’t fix what was wrong in the first place,” said Dan Lamorena, a director in Symantec’s storage and availability management group.
The same is true with disaster recovery, business continuity and whatever other app you intend to stick into your private cloud.
“If you’re not building in availability, if you’re not creating visibility across services, if you’re not prioritizing self-provisioning, if you’re not making it easy to chargeback, you’ll have all the same problems as before,” Lamorena added.
4. Starting with a private cloud makes it easy to go hybrid.
Security is the main obstacle between private and hybrid clouds, at least for now. As cloud security tools and services mature, this obstacle should fade. For now, though, once you figure out how you will secure an environment where resources are potentially available to everyone in the organization, it’s not that easy to expose them further into public clouds where your security tools don’t fit.
“It is certainly possible to move from a private cloud to a hybrid cloud, but in order to do this successfully you must design the private cloud assuming you will eventually move to the public cloud so that you have security in place that can span both,” Rand Wacker of CloudPassage said. “You can’t use technology that only works in the private cloud.”
Eventually, this will sort itself out, but that will take time. Security will be an add-on service offered by pretty much every public cloud provider. And in on-premise environments, security will adapt. More of it will be decoupled from the underlying hardware, making it more portable.
“The risk is that you will end up having a different set of security tools for private servers versus public servers. This means you just doubled your security work and will have inconsistent controls between the two,” Wacker added.
As the cloud matures and as security risks become more challenging, I believe more organizations will consume security as a service, rather than dropping ever more into their networks. Once security as a service is mature and manageable, security won’t be what stops you from expanding your private clouds to take advantage of public-cloud resources. That’s vision is still years away, though, so it’s important to resists the temptation to believe cloud vendors when they paint a picture of an idealized cloud world.
In an ideal cloud world, security challenges are simple, and it’ll be easy to move between private and public resources. In the real world, this stuff is ridiculously complex.
5. A private cloud will cost you your job.
Unless you’re an IT Luddite, the cloud will not cost you your job. Of course, just as many IT folks hope that the cloud will help them keep their jobs. Both worries are misplaced. The thing to realize is that the cloud is changing the role of IT, but so is mobility, and so is social media, and so will something else tomorrow. Half of IT’s job, maybe more, is managing change, so this should be a challenge you can navigate.
What the cloud and all of these other trends mean to IT is that the skills that are necessary today may well be automated out of existence tomorrow. IT’s role won’t disappear, nor will it necessarily grow, but it will definitely be different.
“IT needs more business savvy than ever before. Many cloud decisions are economic ones. That’s how you’ll judge one application over another, or how you’ll decide whether to use a private versus a public cloud,” Lamorena said.
In the past, it was important to retain some crotchety old IT vets who knew how to fix ancient custom applications when they broke. You needed someone who could fire up that database that no one accessed for years – just in case. Now, those legacy applications are being either abandoned or migrated into private clouds, and obscure IT talents are being absorbed by automated tools.
IT should start proactively carving out new areas of expertise. Security is already an IT specialty, but it should become a skill that is a prerequisite, not a specialty. The specialties should be things like “social media security,” “mobile security,” and even “Facebook security.”
IT can also claim a niche in social media, and it is already doing a good job of positioning itself as the facilitator of enterprise mobility.
However, IT needs to do a better job of advocating for itself. More of your leaders, CIOs and VPs, are coming from the business world, instead of the tech one. They’ll favor their own, so it’s time to start acquiring new skills.
The stereotype of the IT guy with no social skills, a thick neck beard and a grubby Star Trek t-shirt will soon be as outdated as an Altair 8800. IT pros need to be ready for that, and they need to be ready to make the emerging stereotype of the CIO who knows next to nothing about technology just as outdated.