Azure Stack – What, why, and how?
You may well have heard that there is a way of running Microsoft's Azure public cloud service in your own data center. You may have paid it lip service and not believed such a thing, but it's here and it works! With it comes the opportunity to do so much more with your own hardware on-site and provide a number of Azure services to your own employees and customers.
What is Azure Stack?
First, the facts. Here's the description of Microsoft Azure Stack, according to the Azure Stack Operator Documentation:
"Microsoft Azure Stack is a hybrid cloud platform that lets you provide Azure services from your data center."
Now as you probably already know, Microsoft Azure now has over 50 regions made up of 100s of data center buildings, all across the world. There are millions of compute cores providing services as diverse as Traffic Manager, Content Delivery Networks, Machine Learning, HDInsight, SQL Data Warehouse and many more. There's no way that a normal data center, or even a large data center, can house all of these services for you, and Azure Stack is not designed to do so. Azure Stack will provide a growing subset of Azure services for use in a hybrid (connected) or even a disconnected scenario.
Azure Stack is available now in two deployments. The first is the Azure Stack that's licensed for use in production, provided as the Azure Stack Integrated System.
The integrated system is available through a small number of hardware partners, currently Cisco, Dell EMC, HPE and Lenovo. This allows the hardware vendors to offer a combined system of hardware and software to provide the flexibility and control you need over your system. The integrated system is available in configurations for 4 nodes to 12 nodes, and support is provided jointly through the hardware partner and Microsoft. This is intended for the deployment of production workloads in a new and innovative manner.
Licensing the Azure Stack Integrated System is dependent upon the method you use to deploy, and can vary in several ways from Pay as you Go (just like Azure) to a consumption model for the disconnected scenario. A future post will cover these in detail.
The alternative to the integrated system is the Azure Stack Development Kit (ASDK). The ASDK can only be deployed on a single node and is intended to allow you to evaluate and learn all about the platform and its services. It can be provided within your organisation as a developer platform, completely consistent with the Azure APIs and tooling. The ASDK is not licensed for production workloads, and for this reason it comes with the following limitations:
- The ASDK is associated with a single Azure Active Directory (Azure AD) or Active Directory Federation Services (AD FS) identity provider. You can create multiple users in this directory and assign subscriptions to each user.
- With all components deployed on the single machine, there are limited physical resources available for tenant resources. This configuration is not intended for scale or performance evaluation.
- Networking scenarios are limited due to the single host/NIC requirement.
Indeed, to make sure it is of no practical use in production the ASDK will disable all except for one NIC on the host machine during installation.
The host machine for the ASDK requires the following specification:
The many, complex PowerShell scripts used to install the ASDK check for all of these and will not allow installation unless you amend those script tests. To be brutally honest, doing so is counter-productive since these hardware specs are definitely the minimum required to run the ASDK effectively.
Deploying the ASDK
This is not a trivial exercise! I have installed the ASDK several times (it will only work for 180 days each time you install it), and it took me between 7 and 10 hours each time. It is, however, not a complex job if you know PowerShell.
First you must download the Development Kit package, so you'll first need to register. Having downloaded and extracted the files, you need to copy the cloudbuilder.vhdx file to the host machine.
Set the host to boot from this VHD and you are good to go. There's now a GUI installer or the PowerShell option if you'd prefer. At this point you can choose to use Azure AD or ADFS to provide the identity solution for your deployment (I personally use Azure AD). Once you have, run the InstallAzureStackPOC.ps1 PowerShell script and wait the requisite time. You will be left with a Hyper-V server joined to a domain with the following Virtual Machines (VMs), which form the infrastructure of your Azure Stack Dev Kit. The diagram below shows the logical architecture of the ASDK:
The VMs are listed in the table below with their function.
Notice there are VMs for Software Load-balancing and Network Controller, services which appear in Windows Server 2016 but originated as Azure services and are used to manage the full Azure public cloud.
Interesting note: Any VMs you create in Azure Stack will appear in the Hyper-V host, as shown below:
Here you can see the VMs alongside two additional VMs with long GUID names. One is a Windows Server VM with 28 GB RAM, and the other is an Ubuntu VM (because I love Linux too) with 56 GB RAM.
What does Azure Stack do?
Azure Stack provides a subset of Azure services. There are foundational services which are deployed when you deploy your ASDK, which are:
- Key Vault
There are also additional Platform-as-a-Service (PaaS) services which can be configured and installed by an ASDK administrator:
- App Service
- Azure Functions
- SQL and MySQL databases
Azure Stack will keep on adding services to this list, and you can check out the Azure Stack Roadmap to see what's coming.
How to use Azure Stack
Nowadays, this section is always very short and very easy, even if the learning is not.
- Pluralsight are offering free training for Azure Stack.
- Microsoft Virtual Academy has some Azure Stack content.
- Channel9 has some great content.
- Finally, the docs.microsoft.com site has all of the Azure Stack documentation.
However, the very best way to learn is to dive in; understand the differences between Azure and Azure stack operation by deploying it yourself. It can even be deployed on an Azure VM if you like!
The concept of an administrator portal doesn't really exist in Azure, but in Azure stack you have both an Admin portal and an operator portal, as shown below:
The administrator portal allows you to create your very own marketplace, as shown in the first graphic of the post. It also allows the administrator to create plans of resources, then offer them out to users who can then create or accept subscriptions based on those offers.
Once a user has a subscription they can then deploy resources in exactly the same fashion and methods as Azure.
You can see above the Ubuntu VM I showed in the Hyper-V manager graphic.
Thanks to Lenovo UK for the loan of the hardware to deploy my ASDK. It's a Lenovo 9650 with 20 cores and 265GB RAM. More on Azure Stack coming soon!