Microsoft adds new virtual machine sizes to Microsoft Azure

Today Microsoft announced it added two new virtual  machine sizes to Microsoft Azure. Those are available both in the Azure IaaS and PaaS offering (web and worker roles).

These two sizes name A8 and A9 provide faster processors, faster interconnect, more virtual cores for higher compute power, larger amounts of memory. These instances include an additional 40Gbit/s InfiniBand network that provides remote direct memory access (RDMA) technology for maximum efficiency of parallel MPI applications. This combination of features make these instances optimal for running compute and network intensive applications such as high performance cluster applications, applications using modeling, simulation and analysis, video encoding etc. Detailed configurations of these instances are available. 

A8 has 8 virtual cores and 56 GB of virtual memory

A9 has 16 virtual cores and 112 GB of virtual memory.

Both are available immediately. However A8 and A9 Vm’s can only be created using PowerShell at the moment. Creation using the Azure Management Portal will be available in the coming weeks.

More info here.

Microsoft announces Microsoft Azure Files

At TechEd 2014 in Houston Microsoft announced a new service named  ‘Azure Files’. The service is now in preview. The reason for this feature is to allow to migration of traditional applications requiring a SMB fileshare to Microsoft Azure. 

Azure Files allows VMs in an Azure Data Center to mount a shared file system using the SMB protocol. These VMs will then be able to access the file system using standard Windows file APIs (CreateFile, ReadFile, WriteFile, etc). Many VMs (or PaaS roles) can attach to these file systems concurrently, allowing you to share persistent data easily between various roles and instances. In addition to accessing your files through the Windows file APIs, you can access your data using the file REST API, which is similar to the familiar blob interface.

Basically blob storage can now be accessed over SMB just like being served from a Windows VM. With Azure files no requirement for a VM to serve files. Untill now files stored in Azure Storage could only be accessed using REST API over http.

It can be compared to a traditional storage array being able to present files using SMB.

Files served out by Azure files seem to be only accesible from VM’s running in Azure.

much more information here. 

Download Windows Azure Symbol/Icon Set for Visio and PowerPoint

Microsoft released a set of Visio and PowerPoint icons representing objects available in Windows Azure. Examples are SQL Database, VHD data disk, autoscale etc etc. Icons are particularly usefull for documenting applications running on Azure Platform as a Service.

This package contains a set of symbols/icons to help you create visual representations of systems that use Windows Azure and related technologies.

The symbol set supports Microsoft Office Visio 2003 and Microsoft PowerPoint 97 or later. Users who don’t have either Microsoft application can use PNG files or the free downloadable Microsoft viewers.

• 2013 Visio Viewer
• 2013 PowerPoint Viewer

download the Azure Symbol/Icon set here.

Windows Azure now allows to set fixed IP-addresses for virtual machines

Untill recently IP-addresses of Azure virtual machines were not static/fixed. A VM which had been shutdown (for example to reduce costs, think test/dev scenario’s) could receive a different IP-address at boot than orginally assigned at creation. This leads to all kinds of issues. A new Powershell for Azure version solves this issue.

Introduction
Windows Azure once started as a Platform as a Service (Paas) offer. It is also a best effort cloud, which means the availability should be provided by the application, not by the platform. This is proven for example by the lack of a Service Level Agreement for single instance virtual machines. Customers are required to have at least two virtual machines serving the same application to get a SLA.

Since April 2013 Azure offers Virtual Machines which provides the ability for customers to have full control over the guest operating system. One of the tricky things in Azure VM’s is networking. When using traditional enterprise applications administrators want to have control over the IP-configuration of the virtual machines. However VM’s should be set to DHCP at all times. The reason for this is the Software Defined Networking architecture used in Azure.

When using Azure Virtual Networks administrators can define IP-subnets and DNS servers for their virtual machines. The first virtual machine which boots in an empty subnet will receive x.x.x.4 as IP-address, the second x.x.x.5 etc. This allows for some prediction of which IP-address a VM will receive. However, when a virtual machine is switched off, it might loose it’s IP-address when another VM in that subnet boots.

Set fixed IP
Microsoft offers a solution for this issue. Since the release of PowerShell cmdlets for Windows Azure version 0.7.3 released at February 12, 2014  it is possible to glue a IP-address to a particular virtual machine. So even if a VM is not running for a while, it will receive it’s originally assigned IP-address at boot.

More information on PowerShell for Azure here.

Four news cmdlets were added in PowerShell for Azure 0.7.3 :

• Get-AzureStaticVNetIP
• Set-AzureStaticVNetIP
• Remove-AzureStaticVNetIP
• Test-AzureStaticVNetIP

The guest operating system still have to be set to using DHCP. However there is some sort of permanent reservation made in the Azure fabric.

Some things to consider are:

• setting a fixed IP-address to a VM can only be done using PowerShell. It is not possible using the Azure Management Portal
• setting a fixed IP-address can only be done at creation of the VM. When the VM has already been created the PowerShell command will not work
• it is required that the VM is part of a Azure Virtual Network

More information including some sample PowerShell scripts in the blogs below.

This information will also be described in my to be released book on Microsoft hybrid cloud. The book will provide an indepth look in Windows Azure IaaS. Also I will cover management, connecting System Center to Azure and lots more.

More info on my book will be published on this website.

MSDN blog: Allocating Static IP Addresses to your VMs
Stufox. Static IPs in Windows Azure
WindowsITPro Set Azure VM static IP address

How to create a site-to-site VPN connection using ADSL to Windows Azure

For research on my to be released book on Windows Azure I had to create a site-to-site VPN connection from my home to Windows Azure. Untill recently I was under the impression I needed a VPN device or Windows RRAS server configured with a public facing IP-address to be able to have such a site-to-site VPN.

However, that is not the case. Using a common ADSL modem, Hyper-V manager and a virtual machine running Windows Server 2012 with RRAS I was able to setup the VPN connection.

Thanks to Christopher Keyaert  who blogs at vnext.be who helped me. Read his blog which describes how to update Azure networking if your ADSL connection has a dynamic IP. 

My ADSL modem is a Fritz!Box 7270. I did not have to modify the configuration of the modem. You might want to add a route in your modem pointing to your RRAS server if other servers need access to Azure VMs.

The site-to-site can be setup using a physical server with RRAS installed as well. No need for the RRAS server to have a public IP.

In my book I will publish a step by step instruction how to configure this. In this post I will provide the basic steps. There are many other posts explaining how to setup a site-to-site VPN connection. For example this one. 

1. In the Azure Management Portal create a virtual network. First create a new local network. In here you configure the public IP-address which is assigned to your ADSL modem. You also specify the IP-subnet used in your home location. Mine is 192.168.178.0/24.

2. Enable ‘configure site-to-site VPN’.

3. Then create a gateway in the portal. Select dynamic routing. Creation of the gateway will take about 5 to 10 minutes.

4. After the creation has finished, select ‘Download VPN device script. Choose Windows Server RRAS and store the .cfg file on your RRAS server.

5. Rename the .cfg file to PS1. Start PowerShell and execute the .PS1 file. You might have to change the execute policy .

The PowerShell script adds a Network interface to the RRAS server. This connects to the IP-address of the Azure gateway. When the script has finished open Routing and Remote Access console. Select Network Interfaces-> then select the demand dial connection named as IP-address of the Azure gateway. Right click and select Connect.

If all goes well a VPN connection is enabled.

Make sure the Ethernet network interface of the RRAS server which connects to your internal (home) network does not have a gateway filled in for the IP-properties. Otherwise ip-traffic will not flow to and from Windows Azure.

Also make sure the firewall on the RRAS server does not block VPN-traffic.

In Windows Azure create a virtual machine and make sure it is added to the virtual network you created in the first step. After creation has finished, open an RDP connection. Then make sure the Windows Server firewall does not block VPN traffic.

That is it. You now should be able to ping or use any other connection from your home server (RRAS) to a virtual machine in Azure.

Please let me know if you have issues in setting up the S2S VPN (mvdb22 at gmail dot com )

How to capture an image of an Azure Windows Server virtual machine the safe way

Customers can create custom made Windows Server images in Windows Azure based on their own created baseline Windows Server image. A custom made image provides a way to deploy virtual machines which are identically configured.

Windows Azure currently has issues which can cause unwanted lost of a baseline image resulting in lost of work. This is because the server on which sysprep is exectuted is not shutdown but rebooted by Azure.

This blogpost describes a workaround.

The procedure to create an image is simple:

1. Deploy a virtual machine using a Microsoft supplied image or your own image
2. customize the guest operating system
3. execute sysprep
4. capture the guest operating system OS disk and publish it as an image

Sysprep should be performed by selecting ‘shutdown’. Because of an issue in Windows Azure in certain circumstances Azure restarts the guest when a guest initiated shutdown is selected.

This results is customers not being able to Capture the virtual machine because it is still running in a state waiting for input after the reboot.

This issue is hard to reproduce. In many cases customers will not encounter an issue. However I encountered this issue 4 times in a row on 4 different servers.

Reason
Microsoft does planned maintenance on Windows Azure for installation of bug fixes and new features. These updates are done in batches which means at any given time some hosts are running as non-patched and some are patched. When  Microsoft has patched all hosts this problem will not occur.

workaround
The workaround is simple: in Sysprep select Quit instead of Shutdown. Then do a Shutdown initiated from the Azure Management Console.When the VM has stopped a capture can be performed.

This blogpost has all the details.

 

 

Running Citrix AppController on Windows Azure (it won’t)!

Since 2013 Citrix supports running XenApp & XenDesktop on Windows Azure.  I wanted to be able to have a demo / Proof of concept  environment showing XenApp, XenMobile, AppController and ShareFile on Windows Azure to demo to customers.

My  experiment was to see if AppController can  run on Windows Azure. To make a long story short: it does not… 

If you are interested in why not, read on.

AppController is distributed by Citrix as a virtual appliance. It can run on XenServer, Hyper-V and VMware ESXi. I could not find any documentation which said which Linux distribution is used. If I had that info I could decide if AppController could be run on Azure. There is no mentioning of Azure support in Citrix documentation nor on blogs. 

As Azure runs Hyper-V 2008 and Hyper-V 2012 in datacenters and does support some Linux guest I deciced just to give it a go. In the Netherlands we say “if you do not shoot, you will always miss.. ”

So I downloaded the VHD file and created a new virtual machine on Hyper-V Manager. This allowed me to configure the appliance. It requires  an IP-address.  I set this is x.x.x.4 .  I enabled SSH to be able to do some remote management.

I also created a virtual network in Azure to have control over the subnet used by the AppController VM.

First challenge was the format of the VHD supplied by Citrix. This was in a dynamically expanding disk which Azure does not support. So I needed to convert the vhd from dynamically expanding to fixed size. I used Hyper-V Manager for that task. Mind you will need enough diskspace to host the maximum filesize of the VHD. The maximum filesize of the supplied VHD is set to 50 GB.

After that I did an upload to Azure and tried to convert the VHD to Disk. Error! Grrr.  The filesize was not a whole number. So used Vhd resizer on my laptop to convert the vhd filesize to a whole number. This finished in about 15 minutes.

Another upload. Luckily empty spaces in a VHD are not uploaded to Azure so upload is rather quick.

As an administrator you do not have much control over IP assignment in Azure. IP-addresses are assigned by a Microsoft managed DHCP server. The first VM which boots in an ’empty’ subnet will receive IP x.x.x.4 , the next x.x.x.5 and so on.

So created a VM using the just uploaded vhd. Made sure this VM was the first in the subnet. Booted the VM and the state shows running. However no response on http/https/ssh.

Windows Azure does not offer a remote console. So there is no way to monitor the boot process of this Linux based virtual machine. I guess the boot process just halts on trying to ‘find’ some hardware devices like network interface.

I hope this info was usefull.

 

Could not verify the domain when adding custom domain to Windows Azure Active Directory

Windows Azure Active Directory (WAAD) is a multi-tenant cloud-based identity management service offered by Microsoft. WAAD is used by many services of Microsoft like Office 365, Exchange Online and Windows Azure.

WAAD is used for authentication to Office 365, to Microsoft Azure and SaaS applications.

It allows for synchronization of local / on-premise Microsoft Active Directory accounts and security groups to WAAD. At creation a Azure Active Directory has a default domain name like contoso.onmicrosoft.com

To be able to authenticate using a customer owned domain account  like  brian@contoso.com , so called custom domains can be added by customers to a Azure AD.

Customers adding their domain must prove they own the domain. This is proved by adding a record to the DNS server which is master for their domain.

During verification of this domain an error is shown ‘could not verify the domain’

To check the records of your domain services like http://dnsquery.org/ can be used. This made clear the MX and TXT records were not actually added to the DNS server.

It was solved in my situation by not typing in the @ sign in the host/name field of the DNS register form of my domain registar. For some reason any record I added which had a @ in the name field was not added. The webinterface however did not shown an error indicating an invalid input.

When I used the name of the domain instead of @ ,  the domain verify was succesfull within minutes.

 

 

Unable to deploy A5, A6 or A7 size Windows Azure virtual machine using App Controller 2012 R2

System Center App Controller 2012 R2 is a self service portal which can be used to deploy virtual machines on on-premise clouds managed by System Center Virtual Machine Manager, Service Provider Clouds using Windows Azure Pack  and Windows Azure.

Windows Azure offers so called t-shirt sized virtual machines. These have a Microsoft determined number of virtual cores and  virtual memory size. The size of virtual machines is identified as extra small, small, large etc. Recently Microsoft started to offer large sized virtual machines which are identified as A5, A6 and A7.

Using App Controller 2012 R2 the virtual machine / instance  size A5 , A6 and A7 are missing in the dropdown list showing available virtual machine sizes for deployment.

This is caused by a limitation of App Controller 2012 R2. App Controller maintains a hard coded list of virtual machine sizes that it is able to deploy. A5, A6 and A7 are not in that list. Future new instance sizes available in Azure will not available either as long as the code of App Controller is not updated by Microsoft. This issue is caused by the service management API which is queried by App Controller. This API does not allow to query for available virtual machine sizes hence the hardcode virtual  machine sizes.

Virtual machines sized A5, A6 or A7 can be managed by App Controller. Deployment however of instances with these sizes should be done using the Azure Management Portal, Visual Studio, Azure command-line tool or PowerShell.

Guide: How to sync on-premise Active Directory to Windows Azure Active Directory

Microsoft released a Test Lab Guide which explains in detail how to synchronize an organization Active Directory with Windows Azure Active Directory.

Organizations moving to a hybrid cloud want to be able to provide identity management for services running on Windows Azure whil not depending on their on-premise Active Directory.

By using Windows Active Directory Synchronization Tool (DirSync) on-premise AD can be synchronized to Windows Azure Active Directory.

This 48-pages documents explains step by step how to sign up for a free trial of Azure, how to enable WAAD and how to setup and configure DirSync.

 

Since November 2013 DirSync can be installed on a server with Active Directory installed. So only a single DC is needed to be able to use this Lab Guide.

More information and download of the guide here.

What are the differences between VMware vCloud Hybrid Service and Microsoft Windows Azure ?

The two biggest players on the x86 server virtualization market recently entered  the public cloud Infrastructure as a Service  (IaaS) market as well.

Microsoft Windows Azure Virtual Machines went general available in April 2013. VMware vCloud Hybrid Service went general available in August 2013. Some believe the rivals for  server virtualization will become rivals as well in the public and hybrid cloud space.

This post will describe why both cannot be compared.

Both Azure and VCHS provide customers the ability to create cloud based virtual machines and have control over the guest operating system and applications running on top of it. That is basically the IaaS model.

I guess this is about the only feature what Azure Virtual Machines and vCHS have in common.  Both clouds have a different philosophy and the architecture is based on different use cases.

Comparing Azure to vCHS is like comparing a cattle truck to a bus. Both are transport, have wheels and needs a driver. But the payload is much different. Cattle do not need seats, a fridge and a toilet. Nor does a cow or sheep need a safety belt. If one of the animals  dies while being transported nobody really cares. Passengers in a bus is something different. The bus company cares about this payload.

The same compare applies to Azure versus vCHS. Azure was designed initially as  Platform as a Service. In that model are virtual machines used but not exposed to the developpers using Azure. The Azure platform is not designed to provide resiliency. Commodity servers are used with non-redundant powersupplies. Racks are equipped with a single top of rack router. There is no feature to move virtual machines to another host to prepare a host for planned downtime. Virtual machines are to Azure like cattle.
In Azure the application should provide resiliency.
The ability to manage the virtual machines in Azure is driven to provide developpers more choice in applications for development. 

VMware vCHS is designed with the requirement that the public cloud platform should provide resiliency. This means the hardware is robust and state of the art, virtual machines can be vMotioned to another host etc, vCHS is designed to host enterprise, legacy  applications which are not designed for cloud and do not provide resiliency.  

What applies to Azure vs vCHS applies to Amazon EC2 vs vCHS as well. Amazon however is more mature and feature rich than Azure. Massimo Re Ferre’ , architect of VMware, wrote an interesting blog about this subject here.

The bottom line of my blogpost: there is nothing wrong with cattle trucks or busses. They serve a different use case. Make sure your applications are compatible with the cloud platform. 

Lets have a look how different Azure and vCHS platforms really are. I do that by comparing different aspects:

• platform
• resources
• service offering
• service level agreement
• storage services
• guest os support
• feature connect
• time to cloud
• new platform releases

Platform
Azure is built using a mix of Windows Server 2008 R2 & Windows Server 2012 Hyper-V as  hypervisor. Microsoft does not reveal how much of its servers are running the 2012 edition of Hyper-V yet.  Azure is operational in 8 datacenters located in the US, Europe and South East Asia. Nodes are managed by so called Fabric Controllers. Data is stored in a distributed, very scalable storage platform which is able to do datacenter replication and geo-replication.

vCHS uses vSphere as the hypervisor. On top of that runs vCloud Director. vCloud Networking & Security is used for logical network separation and public access to the virtual machines (firewall, gateway).
vCHS is at the moment only available in three US datacenters. Expansion to 2 other datacenters is planned.

Resources
Windows Azure sells virtual machines. Microsoft provides those in t-shirt sizes. Which means there is a limited choice in combination of number of vCPU’s and internal memory. There is however an unlimited number of resources. Customers can created as many VM’s as they need. The resources consumed are billed in a pay as you go model. This also means the costs can be very fluctual. One month a high bill, the next month maybe a lower bill.

In vCHS customers buy a certain amount of resources, a combination of cpu, storage and memory resources. Like a virtual datacenter (sandbox) instead of individual components. vCHS does not sell VM’s like Azure. Customers can make any number of virtual machines with tailor made specifications. vCPU, memory and disks can independantly be configured by the customer. The costs per month are based on a core subscription based on a contract of minimal 3 months to max 36 months depending on the service offering.

Service offering 
In public cloud there are two ways to have customers use  virtual machines running on nodes. In dedicated mode all virtual machines running on a node belong the same customer. The processing on the node is non-shared and physically isolated from other tenants/customers. Networking and storage is logically separated from other tenants.
In shared mode virtual machines of multiple tenants share processing.

VMware vCHs provides two service offerings:

• vCloud Hybrid Service Dedicated Cloud will provide physically isolated and reserved compute resources with pricing starting at 13 cents an hour for a fully protected, fully redundant 1 GB virtual machine with 1 processor.
• vCloud Hybrid Service Virtual Private Cloud will offer multitenant compute with full virtual private network isolation. Virtual Private Cloud pricing starting at 4.5 cents an hour for a fully protected, fully redundant 1GB virtual machine with 1 processor

Azure does not provide a non-shared model. Processing capacity on nodes is shared by virtual machines managed by multiple tenants.

Service Level Agreement
Microsoft guarantees an availability of 99,95% for the virtual machine service. However, this is only guaranteed when Azure customers have two or more instances of the same role participating in an availability set. Microsoft does not provide a SLA for a single instance VM.

VMware has a SLA for each service offering. For the Dedicated Cloud an availability of 99,95 % is guaranteed. For the Virtual Private Cloud the availability is 99,90%. I do not know why there is a difference in availability. Both models use the same server hardware.

Storage services
As said before, Microsoft Azure sells components like processing and storage individually. Customers can just use a bunch of storage for backup or archiving without buying processing or the need for a VM.

Currently in vCHS it is not possible to just use storage without being charged for reservation of processing as well. Also vCHS does not provide the scaleable, block storage which Azure Storage provides. In vCHS storage comes with the VM, not as an independant resource,

Guest OS support
Azure is limited in the number of guest operating systems it supports. Currently Azure supports Windows Server 2008 R2 and Windows Server 2012. Also supported is SUSE Linux Enterprise Server 11 SP2, Ubunutu 12.04 and 12.10, CentOS 6.2 and CentOS 6.3  & openSUSE 12.3

vCHS supports many guest operating systems. From Windows NT4 to Windows Server 2012. In total vCHS currently supports 67 guest operating systems.

Feature connect
Both vCHS and Azure provide some sort of hybrid cloud. Hybrid cloud is basically an extension of an on-premise infrastructure to the public cloud.
Azure allows to connect on-premise networks with Azure using site to site VPN.
VCHS allows this as well.

In management of a hybrid cloud, administrators prefer to have  similar features in on-premise and public cloud platform.
Azure does not provide all the features of Hyper-V running on-premise. There is no support in Azure for VHDX virtual disk format, no Live Migration, no snapshot, no live extension of virtual disks, no remote console access etc.

Not all applications are supported in Azure. Microsoft for example does not support all Windows Server roles. DHCP is an example. Also Exchange Server is not supported. It will run but outgoing mail will be rejected by many organizations because the sending IP-address in the SMTP session (owned by Microsoft) will not match the domain name of the Azure customer. Reverse DNS is not supported yet.

As vCHS is running VMware ESXi as hypervisor most common features are available both in vSphere on-premise and in vCHS off-premise.
I do not know if the issue with Exchange is valid for vCHS as well.

Time to cloud
Using Azure it is a matter of minutes from typing in your creditcard number to the moment your first VM runs.

In VCHS another model is used. Customers needs to fill in a purchase order. It can take hours or even some days between registration and first operational virtual machine. vCHS is sold direcly from VMware and also by partners. Customers cannot use their creditcard and buy virtual machines online.

New platform features
Microsoft releases new features in Azure about every month. Most are for Paas, some for Iaas. There are no announcements on future features. Some to be released features can be used as Preview. One of the Preview features is the ability to failover to a second customer datacenter orchestrated by Azure.

VMware announced it will add DRaas to vCHS in Q4 2013. This enables per VM replication from on-premise to vCHS. Also Desktop as a Service is announced. VMware PaaS platform Cloud Foundry will be added in the future as well.

Conclusion
Azure and vCHS are different clouds. While Azure is primarily targeted at cloud application development (PaaS) and added Iaas type of features, vCHS is essentially a cloud infrastructure platform supporting legacy apps and is adding PaaS features in the future.

Free Windows Azure Book for IT Professionals

Microsoft released a free e-book on Windows Azure for IT Professionals. The 130 pages PDF file has 6 chapters and can be downloaded here.

The book covers all areas of Azure. Each chapter has an high level overview of the services. By reading this book a good overview of Azure can be obtained, It is a technical book without marketing language.

The chapters are:

1. Understanding Windows Azure
2.Windows Azure compute services
3. Windows Azure network services
4. Windows Azure data services
5. Windows Azure app services
6. Getting started with Windows Azure

It is official: I will be writing a book on Managing the Microsoft Hybrid Cloud

One of my dreams has always been to write a book. Today this dream starts as I signed a contract with Packt Publishing.
Packt is a large publisher of IT-books (total 1714 titles )  and has 49 titles on cloud and virtualization. Some names of authors who wrote books for Packt are Leandro Carvalho, Prasenjit Sarkar, Jason Langone and Andre Leibovici.

The draft title of the book will be ‘Managing the Microsoft Hybrid Cloud’ . In this book I will explain the architecture of Windows Azure Infrastructure Services, how to connect on-premise datacenters running System Center 2012 to Windows Azure. You will learn about Disaster Recovery Orchestration, monitoring, backup of on-premise VMs to Azure, migration of VMs to Azure, cloudbursting  and much, much more.

It will be a technical guide of how Microsoft translated their Cloud OS vision into solutions.

Writing a book will take lots and lots of hours. I am very gratefull to my girlfriend and QNH, my company, for supporting me full on making this dream come true!

Also I will get support of Microsoft.

The release of the book is scheduled for Q1 2014. During the next months I will update you on my experiences.

If you want to be a reviewer of the book please let me know! (mvdb22 at gmail dot com)

New enhancement to Windows Azure : point to site VPN with client and remote Powershell

Scott Guthrie of Microsoft announced some enhancements to Windows Azure today. Enhancements on infrastructure as are:

• Virtual Networks: New Point-to-Site Connectivity (very cool!), Software VPN Device and Dynamic DNS Support
• Virtual Machines: Remote PowerShell and Linux SSH provisioning enhancements.

Microsoft added an awesome new feature that allows you to setup VPN connections between individual computers and a Windows Azure virtual network
without the need for a VPN device. This feature is called Point-to-Site Virtual Private Networking

 

Another new feature is the ability to automatically enable PowerShell access to Windows virtual machines.

Read more at Scott Guthrie’s post titled Windows Azure: Improvements to Virtual Networks, Virtual Machines, Cloud Services and a new Ruby SDK

 

 

Windows Azure Virtual Machines support policies & lessons learned

Microsoft made Windows Azure Virtual Machines general available end of April 2013. This new service allows to cloud consumers to  provision virtual machines from a catalog or upload your own VHD virtual disks. Supported operating systems are Windows Server 2008, Windows Server 2012 and various Linux distributions.

MVP Nuno Filipe Mendes Godinho posted an interesting blog about some lessons learned while running virtual machines on Windows Azure.
The post can be read here.

A summary of his findings are:
1. Place each data disk in a single storage account to improve IOPS
2. Always use Data Disks for Read/Write intensive operations, never the OS Disk
3. Use striped disks to achieve better performance
4. Configure Data Disks HostCache for ReadWrite
5. Always create VMs inside a Affinity Group or VNET to decrease latency
6. Always leverage Availability Sets to get SLA
7. Always sysprep your machines
8. Never place intensive read/write information on the Windows System Drive for improved performance
9. Never place persistent information on the Temporary Drive (D:)

Microsoft published its Microsoft server software support for Windows Azure Virtual Machines here.

The article states:
Microsoft supports Microsoft server software running in the Windows Azure Virtual Machine environments:

Microsoft BizTalk Server Microsoft BizTalk Server 2013 and later is supported.
Microsoft Dynamics GP Microsoft Dynamics GP 2013 and later is supported.
Microsoft Dynamics NAV Microsoft Dynamics NAV 2013 and later is supported.
Microsoft Forefront Identity Manager Microsoft Forefront Identity Manager 2010 R2 SP1 and later is supported.
Microsoft Project Server Microsoft Project Server 2013 and later is supported.
Microsoft SharePoint Server Microsoft SharePoint Server 2010 and later is supported on Windows Azure Virtual Machines. For more information, please see http://technet.microsoft.com/en-us/library/jj154957
Microsoft SQL Server 64-bit versions of Microsoft SQL Server 2008 and later are supported. Please see http://support.microsoft.com/?id=956893 for details.
Microsoft System Center System Center 2012 SP1 and later is supported for the following applications:

• App Controller
• Operations Manager
• Orchestrator
• Server Application Virtualization
• Service Manager

Microsoft Team Foundation Server Microsoft Team Foundation Server 2012 and later is supported.
Windows Server Roles Windows Server 2008 R2 and later versions are supported for the following roles.  This list will be updated as new roles are confirmed:

• Active Directory Domain Services
• Active Directory Federation Services
• Active Directory Lightweight Directory Services
• Application Server
• DNS Server
• File Services
• Network Policy and Access Services
• Print and Document Services
• Web Server (IIS)
• Windows Server Update Services

The following roles are not supported on Windows Azure Virtual Machines:

• Dynamic Host Configuration Protocol Server
• Hyper-V
• Remote Access (Direct Access)
• Windows Deployment Services

Windows Server Features Notable features that are not supported:

• BitLocker Drive Encryption (on the OS disk – may be used on data disks)
• Failover Clustering
• Internet Storage Name Server
• Multipath I/O
• Network Load Balancing
• Peer Name Resolution Protocol
• SNMP Services
• Storage Manager for SANs
• Windows Internet Name Service
• Wireless LAN Service