CHAPTER 4

SCALING AZURE TABLE AND

BLOB STORAGEBLOB STORAGE

CONTENTS¢The Lifecycle of Windows Azure Service

¢Securing and Isolating Services and Data,

¢Assuring Fabric Controller Availability,

¢Virtualizing Windows Server for Azure.

2

INTRODUCTION TO AZURE OS

¢ Windows Azure is a ‘‘cloud layer’’ operating system that runson thousands of Windows Server 2008 physical instances inMicrosoft data centers.

¢ The data center’s physical servers run an advanced, customversion of Microsoft’s Hyper-V hypervisor technology.

¢ It virtualizes the physical instances to deliver a runtimefabric, called the Azure Fabric Controller (FC)

¢ FC handles application/service deployment, load balancing,OS/data replication, and resource management

3

WINDOWS AZURE FABRIC CONTROLLER

¢The FC deploys projects, adds instancesautomatically to meet demand, manages projectsoftware upgrades, and handles server failures tomaintain project availability.

¢The host virtual machine (host VM) controls¢The host virtual machine (host VM) controlsaccess to the hardware of the physical server andsupports multiple guest VMs in a multitenantedenvironment.

4

ROLES OF AZURE FABRIC CONTROLLER

¢ Roles are runnable components of an application.

¢ role instances run on the fabric’s nodes and channels connectroles.

¢ WebRole instances accept HTTP or HTTPS requests viaInternet Information Services (IIS) 7 and respond with anASP.NET, ASP.NET MVC, or Silverlight UI.ASP.NET, ASP.NET MVC, or Silverlight UI.

¢ WorkerRoles provide batch computing services in responseto request messages received from WebRoles or .NETServices in Azure Queues.

¢ Each WebRole or WorkerRole is assigned to its own

guest VM and server core to isolate the tenant’s data. 5

WorkerRoles can’t accept inbound connections from externalnetworks so they must use Azure Queuesto communicate with WebRoles or .NET Services, but cansend outbound messages on theexternal network.

6

THE LIFECYCLE OF WINDOWS AZURE SERVICE

¢ The Windows Azure infrastructure consists of physical nodes provided by individual servers or virtual machines (VMs) running on servers.

7

8

Constraints on logical nodes, roles, and services include

❑ Only roles from a single service can be assigned to a node.

❑ Only a single instance of a role can be assigned to a node.

❑ A node must contain a compatible hosting environment.

9

❑ A node must have enough resources available to run a logicalservice.

❑ Nodes for a service must be located in an appropriate fault domain.

❑ Nodes must be healthy to host logical services.

LIFECYCLE CONSIST OF FOLLOWING STEPS

¢ Creating the Host VM and the First Guest VM on a PhysicalServer

¢ Azure FC Agent boots an available physical server bydownloading a maintenance operating system (MOS),which connects to the FC. The FC instructs the MOS’sagent to create a partition for the host OS, load a virtualagent to create a partition for the host OS, load a virtualhard disk (VHD) OS, and restart the physical server.

¢ On initial startup, the server boots from the VHD OS, loadsa guest OS image for the first guest VM, creates a copy ofthe guest OS image to add more guest VMs, and deploys aCustomer Role to the first guest VM

10

Adding Guest VMs to a Host VM

¢ The host VM copies the local guest OS image to create anew guest VM, which receives the appropriate CustomerRole.

Maintaining Role Instance Health

¢ The FC is responsible for keeping services running by¢ The FC is responsible for keeping services running byinspecting their state and adding or removing roleinstances.

Upgrading Service Software and Windows Azure

¢ Rolling service software upgrades and patches to theWindows Azure OS take place within transactions onrunning services in one Upgrade Domain at a time. 11

SECURING AND ISOLATING SER VICES AND DATA

¢ Lack of security is a primary Constraint to moving leastpart of an organizations’ computing and data storageoperations to the cloud.

¢ The three major Obstacle of security are

¢ 1. Availability of Service

¢ 2. Data Lock-In

¢ 3. Data Confidentiality and Auditability

12

¢ So vendors, such as Microsoft, must fully detailtheir security-related practices and incorporateguaranteed levels of data security, auditing,availability, and reliability in their service-levelagreements (SLAs.).

SECURING AND ISOLATING SER VICES AND DATA

agreements (SLAs.).

¢ The key to acceptance of third-party security,auditing, and maintenance of customers’ data in thecloud is transparency

13

ISOLATING PRIVATE DATA OF MULTIPLE TENANTS

¢ Multitenancy refers to a principle in software architecturewhere a single instance of the software runs on a software-as-a-service (SaaS) vendor’s servers, serving multiple clientorganizations (tenants).

¢ The main advantage of this architecture is (at least) twofold (a) the underlying infrastructure is shared, allowingfold (a) the underlying infrastructure is shared, allowingmassive economy of scale with optimal repartition of loadand (b) because the very costly infrastructure andapplication development costs are shared, the ‘‘enterprisegrade’’ application can be offered to very small businessesas well, permitting [it] to address the long tail of themarket.

14

ASSURING FABRIC CONTROLLER AVAILABILITY

¢ The Azure FC is a high-availability failover cluster of replicasrunning on five to seven machines, each of which runs asimplified core version of the Azure OS.

¢ The FC cluster implements— Replicated state with automated failover

— Seamless transition to a new primary FC node from a failedprimary or secondary FC node

— Service continuation when all FC replicas fail

— Rolling cluster software upgrades from a ‘‘root FC’’ utility, whichalso manages the cluster

15

16

FOLLOWING ARE DESCRIPTIONS OF THE COMPONENTS

¢ FC Core runs the heartbeat, state machine, and resolver forresource allocation constraint problems.

¢ Object Model provides the logic for implementing roles and services.

¢ Replication system is dedicated to the FCs and is distributed across all FCs.

¢ Disks are partitions of the system disk for a machine running an FC cluster member

17

VIRTUALIZING WINDOWS SER VER S FOR AZURE

¢ The objective of server virtualization is to maximize serverutilization, which often is less than 50 percent in many oftoday’s data centers.

¢ Initial VMs of Azure CTPs have a designated CPU core;therefore the maximum number of VMs created from aphysical server is the number of CPU cores –1; the hostpartition also requires a core.partition also requires a core.

18

19

COMPONENTS OF VIRTUALIZATION

¢ Host partition, also called the parent partition, is dedicated torunning the Host OS. In Hyper-V v1, the host partition is theroot (boot) partition and there can be only one host partition.

¢ Host OS is a lightweight server operating system (WindowsServer 2008 Core for Azure) controls access to the hardwareof the underlying server, and provides a mechanism for otherguest VMs (where our customers applications are deployed) tosafely communicate with the outside world.safely communicate with the outside world.

¢ Guest partitions, also called child partitions, are created andowned by the host OS and are dedicated to running guestOSes.

¢ Guest OS is a server operating system for applications andservices (Windows Server 2008 Enterprise with IIS 7, .NETFx 3.5, and other extensions for Azure).

20

¢ Services are custom-written (Azure) applications andservices that run on the guest OS.

¢ Virtualization Stack (VSP, virtualization service provider)is a provider exposed by the virtualization stack thatprovides resources or services such as I/O to a childpartition. It is a software module that loads to consume aresource or service.

COMPONENTS OF VIRTUALIZATION

¢ VMBus is a shared-memory I/O bus that enables high-performance communication between VMs.

¢ CPUs are physical central processing units, which have one or usually more cores.

¢ Disk(s) are the physical fixed disk(s) for the root and guest partitions.

21

DEPLOYING THE AZURE HYPERVISOR IN

NON MICROSOFT DATA CENTERS

¢ The Azure hypervisor is a Microsoft internal-only product,as is the FC, so moving a project from Azure to AWSrequires major modifications to the underlying source codeand deployment methodology.

¢ Migrating large amounts of data from one vendor’s cloud toanother is even more challenging.

¢ Azure hypervisor is optimized for the data center’s standardserver hardware design, it isn’t suitable for deploymentoutside of Microsoft data centers.

22

THANK YOUTHANK YOU

23

24