Click here to Skip to main content
65,938 articles
CodeProject is changing. Read more.
Articles / Hosted-services / serverless

Azure Stack Explained

5.00/5 (2 votes)
13 Nov 2018CPOL7 min read 8K  
A walk through the Hybrid Cloud Computing offered by Azure Stack

Introduction

The definitions vary, but hybrid cloud computing is generally described as managing a public and a private cloud as one or having management tools that span the two environments. For example, when your organisation has a combination of public clouds, on-site computing and private clouds in its data center, you have a hybrid cloud infrastructure.

Image 1

There are a number of scenarios where hybrid cloud computing is a good choice for an organisation. First, if your workload is very dynamic, then you could use an easily scalable public cloud for the dynamic workloads while less volatile workloads are dealt with in a private cloud or in an on-site data center. Alternatively, a hybrid cloud computing solution can be used to separate sensitive information from less sensitive information. For example, sensitive data can be stored on a dedicated server while front end apps are run on the public cloud.

Image 2

Also, when it comes to big data processing, some of the big data analytics could be run using public cloud resources, which are highly scalable, and sensitive data can be kept behind your firewall. And finally, some organisations have legal limitations as to where they can store their data or have concerns about security, compliance or data portability, so hybrid cloud computing can offer a solution to these issues. However, hybrid cloud computing solutions are much more complex to set up than purely private or public solutions, which is where Azure Stack comes in.

Azure Stack Overview

Azure Stack is a hybrid cloud computing software solution which was developed by Microsoft and is based on their Azure cloud platform. Azure Stack is a form of cloud computing in that it combines infrastructure-as-a-service (IaaS) and platform-as-a-service (PaaS) in a software stack. This stack spans both on-site datacenter environments as well as Azure cloud. Azure and Azure Stack share a standardized architecture, with the same portal and DevOps tools are common to both.

Image 3

Azure Resource Manager

Azure Resource Manager (ARM) is the common control panel used across all Azure services, including Azure Stack, which means a less steep learning curve. ARM allows you to manage all your resources on Azure, for example, a virtual machine, storage account, and virtual network, or a web app, database, database server, and third-party services, as a group. This means that you can deploy, update and delete in a single operation. ARM also allows template-based deployment of applications and unified role-based control.

How Does Azure Stack Work?

Azure stack is delivered as an integrated system with software installed by Microsoft’s hardware partners on pre-qualified hardware. Azure Stack is not a DIY virtualization platform or something you run on your own hardware. Instead it’s an integrated system that the hardware partner integrates into your existing environment, which is then ready to deploy workloads on to.

This means that you don’t buy Azure Stack from Microsoft, instead you get the ‘integrated system’ from one of Microsoft’s partners. The integrated systems available range from four, eight and 12 nodes. Memory per node ranges from 256GB to 768GB, from 12 to 24 cores per CPU and from 6TB to 12TB SSD cache with 40TB to 100TB of HDD storage.

Underlying Azure Stack is an Active Directory domain, running on virtual machines (VMs). Storage is provided through Storage Spaces Direct (S2D), combining local storage (HDD, SSD, NVMe) in each node for high performance and resilient VM storage. Azure Stack only uses three-way mirroring, storing three copies of each data slab on three different nodes. This means that you can lose up to two nodes in a cluster and still be able to keep running.

Because Azure Stack is an integrated system, there are limitations on what you can do to it.

For examples, it’s not possible to run agents for anti-malware, backup or monitoring on the hosts. Also, you’ll have very limited access to the built-in AD which underlies Azure Stack. But it’s not a system that you just set up and ignore either. You’ll have to carry out the updates regularly in order to continue being supported. These updates, other than bug and security fixes, also help keep Stack in sync with Azure’s public cloud.

Platform as a Service (PaaS)

PaaS is a type of cloud computing that provides a platform and environment which allows developers to build applications and services over the internet. The PaaS services are hosted in the cloud and can be accessed by users via their web browser. PaaS Services in Azure Stack provide an experience which is consistent with Azure as well as API that can be accessed regardless of if they exist on-site or in a Microsoft-owned datacenter.

These PaaS services include App Service (which includes Azure Web Apps, Mobile Apps, API Apps, and Functions), Key Vault, SQL, and MySQL, to name a few. Azure Stack also offers the following PaaS features: Azure Functions for Serverless Computing, Azure Container Service supporting Docker Swarm, Kubernetes and Mesosphere and Cloud Foundry.

Image 4

Infrastructure as a Service (IaaS)

In an IaaS model, a cloud provider hosts the infrastructure components which were traditionally present in an on-premises data center, such as servers, storage and networking hardware, as well as the virtualization or hypervisor layer. The resources and services are accessed through a wide area network (WAN). Azure Stack’s IaaS features and functionalities include: deployment of various sized VMs, Linux and Windows Containers, Virtual Networking, VPN Gateways, various forms of storage and Key Vault for secure protection of application keys and secrets.

Image 5

High Level Differences Between Azure and Azure Stack

In an IaaS model, a cloud provider hosts the infrastructure components which were traditionally present in an on-premises data center, such as servers, storage and networking hardware, as well as the virtualization or hypervisor layer. The resources and services are accessed through a wide area network (WAN). Azure Stack’s IaaS features and functionalities include: deployment of various sized VMs, Linux and Windows Containers, Virtual Networking, VPN Gateways, various forms of storage and Key Vault for secure protection of application keys and secrets.

Image 6

Image 7

How to Connect Azure Stack to Azure

There are two supported methods to connect virtual networks in Azure Stack to virtual networks in Azure: site-to-site and outbound NAT. Site-to-site uses a virtual private network (VPN) connection over IPsec (IKE v1 and IKE v2). This type of connection requires a VPN device or Routing and Remote Access Service (RRAS). The communication is encrypted and is secure. However, bandwidth is limited by the maximum throughput of the tunnel (100-200 Mbps).

 

By default, all virtual machines in Azure Stack will have connectivity to external networks via outbound NAT. Each of the virtual networks in Azure Stacks gets a public IP address assigned to it. Outbound access is via outbound NAT using the VIP of the virtual network. This is only for communication coming from the VM and going to an external network and cannot be for communications going in the opposite direction.

Hybrid Connectivity Options

The option for hybrid connectivity depends on what kind of deployment your organisation wants to offer and where it will be deployed. Do you need to isolate network traffic for each tenant? Will you have an intranet or internet deployment?

You can have a single-tenant Azure Stack. There can be many different tenant subscriptions, but it’s a single-tenant stack from a networking perspective as all the traffic travels over the same network and doesn’t need to be isolated via an encrypted tunnel. A multi-tenant Azure Stack is also possible. This is where each tenant’s subscription traffic that’s traveling to external networks must be isolated from other tenants’ network traffic.

An intranet deployment is when Azure stack sits on a corporate intranet and behind firewalls while an internet deployment means that the Azure Stack is connected to the public internet and uses internet-routable public IP addresses. The pros, cons and use cases of each type of deployment are summarised below:

Image 8

Image 9

Azure Stack Hardware Requirements

Finally, here are the minimum requirements to run Azure Stack as of late 2018:

  • CPU: Dual-Socket: 12 physical cores
  • Memory: 96GB RAM
  • BIOS: Hyper-V Enabled (with SLAT support)
  • Disk (OS): 1 OS disk with minimum of 200GB available (SSD or HDD)
  • Disk (General Azure Stack POC Data): 4 disks, each with a minimum 140GB (SSD or HDD)

History

  • 13th November, 2018: Version 1

License

This article, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)