CLOUD

Microsoft Azure Versus VMware on Containers

by

Some basics if you are new to containers. CargoContainer Applications run inside containers.  Containers believe they are running on an independent operating system but in fact they are running in isolated partitions sharing a single operating system while other containers are also running other applications using the same operating system.  Where in traditional hypervisor virtualization a server will run several virtualized operating systems and applications.  Remember ESX?

Here is a popular graphic explaining the difference between the two types of virtualization.  The top of the graphic shows the hypervisor style of virtualizing and operating system an application while the lower portion shows a single operating system using Docker container software to virtualize the operating system while several instances use that one virtualized operating system.
docker-containers

Who cares?

Some companies think this is the future of virtualization, dismissing the traditional hypervisor model of virtulization as an archaic technology like the CD-ROM, good in its day but no longer needed. “Everything at Google runs in a container” according to Google.  Their entire cloud infrastructure is running on containers.  Also using another application to dynamically cluster containers known as Kubernetes. https://developers.google.com/compute/docs/containers The most popular container software today is known as Docker, like the formerly popular OG pleated pants, still worn by some, minus the ess. San Francisco 49ers v Arizona Cardinals

Microsoft’s Approach

How has Microsoft and VMware reacted to this new (not really) virtualization technology?  Microsoft to its credit has worked to embrace the technology by allowing customers to use it within Microsoft Azure.  In fact I am going to quote their explanation of Docker and Kubernetes because they do such a nice job of explaining them. “Docker is an open-source engine that automates the deployment of any application as a portable, self-sufficient container that will run almost anywhere. Kubernetes is an open source cluster management tool, a declarative technology supporting orchestration and scheduling of Docker containers.” Here is what they have actually implemented of the two technologies into Azure.

The key features we have implemented are documented in the Kubernetes project and can be summarized as:

  • Build a container and publish it to Azure Storage
  • Deploy an Azure cluster using container images from Azure Storage or the Docker Hub
  • Configure an Azure cluster
  • Update the Kubernetes application on an existing cluster
  • Tear down an Azure cluster

Keeping in mind that containers run on *nix, this is quite a departure from the traditional Microsoft.  While adoption and continued development will demonstrate if Microsoft has really embraced the technology at this point it looks like they are living up to their announcement back in July where they stated they would support containers and were joining the opensource development project.

MS-AZ-Kubernetes

VMware’s Approach

VMware also announced their partnership with Google, Docker and Pivotal last week during VMworld.  Their approach is slight different but also similar to Microsoft.  The major difference in VMware’s approach is that they support containers on top of their hypervisor.  While Microsoft’s approach is more inline with the spirit of how the technology was intended to be used.  Based on what VMware has announced it seems more like they are taking the traditional defensive approach I would expected Microsoft to have taken in the past.  I am not faulting VMware for this and I am sure they are making the best decisions regarding the technology that they feel is best for their vision of the company.  Keep in mind that they have recently purchased Air-Watch and I believe that coupled with the fact that their parent company EMC (for now) is a storage company I believe they are planning to compete with AWS and Microsoft in the DaaS (Desktop as a Service) space.

I don’t think VMware is ready to compete with Microsoft in the DaaS space, they don’t have the same configmgr tools as Microsoft, they don’t own the operating system but they are getting there so it will be an interesting battle over the next decade.

Fundamentals of Azure Internal Load balancers ILBs

by

Fundamentals of Azure Internal Load balancers by Bruno Terkaly 

  1. Internal load balancing (ILB) enables you to run highly available services behind a private IP address
  2. Internal load balancers are only accessible only within a cloud service or Virtual Network (VNet)
    • This provides additional security on that endpoint.

Some questions I am hearing

  1. I am able to access internal load balancer using IP address but not via load balancer or service name?
    • See Accessing the ILB below
  2. Is there any option on Azure portal to view load balancer configuration?
    • Internal load balancing cannot be configured through the portal as of today, this will be supported in the future
    • However, it can be configured using powershell cmdlets.
      • ILB can be used in a deployment inside a Regional Virtual Network as well in a new deployment that is outside the Virtual Network
  3. How do I monitor the traffic and which server it is redirecting it to?
  4. How do I setup the probing and rules/alerts for it?
    • See the links below

ILB ENABLES THE FOLLOWING NEW TYPES OF LOAD BALANCING:

  1. Between virtual machines within a cloud service.
  2. Between virtual machines in different cloud services that are themselves contained within a virtual network.
  3. Between on-premises computers and virtual machines in a cross-premises virtual network.

Some diagrams

EXAMPLE OF A MULTI-TIER APPLICATION USING WEB SERVERS AS THE FRONT END AND DATABASE SERVERS AS THE BACK END IN A CLOUD SERVICE.

  1. Multi-Tier Web Appimage001

    Figure 1: Architecture for a Multi-Tier Web App

ILB CAN PERFORM LOAD BALANCING FOR TRAFFIC FROM INTRANET CLIENTS

  1. Traffic from clients on the on-premises network get load-balanced across the set of LOB servers running in a cross-premises virtual network
  2. You don’t need a separate load balancer in the on-premises network or in the virtual networkimage002

    Figure 2: Architecture for an Intranet Network

LOAD BALANCING ON-PREMISES SERVER TRAFFIC

  1. ILB also allows traffic from servers on the on-premises network to be load-balanced across virtual machines running in a cross-premises virtual network.image003

    Figure 3: Architecture for an On-Premises Network

FROM ON PREMISES

  1. When used within a Virtual Network the ILB endpoint is also accessible from on-premises and other inter-connected VNets allowing some powerful hybrid scenarios

ACCESSING THE ILB

FROM INSIDE A CLOUD SERVICE

  1. VMs inside a cloud service have private IP address spaces
  2. You can talk to the ILB using this private IP address

FROM WITHIN A VIRTUAL NETWORK

  1. A customer can specify a static VNet IP address
  2. A customer can retrieve the load balanced IP is acquired from a virtual subnet
  3. This allows you to be connected VNets through the secure IP Sec tunnel

Some useful links

Regional Virtual Networks http://azure.microsoft.com/blog/2014/05/14/regional-virtual-networks/#
Internal Load Balancing http://azure.microsoft.com/blog/2014/05/20/internal-load-balancing/#
Configure an internal load-balanced set http://msdn.microsoft.com/en-us/library/azure/dn690125.aspx#
Azure Load Balancer http://msdn.microsoft.com/en-us/library/azure/dn655058.aspx#
Configure a load-balanced set http://msdn.microsoft.com/en-us/library/azure/dn655055.aspx#