The inside view of Microsoft's cloud strategy

The project lead explains why the hypervisor is not Hyper-V, how multitenant apps are supported, and why Azure is not like Amazon's EC2

Microsoft this week launched its cloud computing environment, Windows Azure, which is the foundation of the Azure Services Platform for developing applications extending from the cloud to PCs, datacenters, phones, and the Web. Microsoft's goal is to let Windows developers transition from Windows client development to Windows cloud development, using familiar tools, both those from Microsoft and other sources such as Eclipse. Developers would continue to develop apps on their desktops, but the Azure platform would handle the app deployment in the cloud.

A key developer of the platform was Microsoft corporate vice president Amitabh Srivistava, who discussed the effort with InfoWorld Editor in Chief Eric Knorr and Editor at Large Paul Krill at the Microsoft Professional Developers Conference in Los Angeles earlier this week.

[ For more news from Microsoft's Professional Developers Conference, check out InfoWorld's special report. ]

InfoWorld: So you would develop locally on your machine. The whole deployment phase is then automated onto the platform?

Srivistava: Yes. And the same bits that you have been developing on your machine, exactly the same bits get deployed to the cloud. Once you have developed and you have been testing on a development machine, you see it working and you say, "OK, looks pretty good, let's go try it on the real stuff." Then you don't have to compile again. And we provide a very effective, very distributed storage that consists of mostly things like blobs, tables, a management system, and a lot of computation all designed to be scalable and available.

InfoWorld: It must have been at least 10 years ago when Microsoft had to change its strategy and go to the Internet, and you had Internet Explorer coming out of that. Is this cloud initiative as dramatic a change as that was?

Srivistava: A lot of these pieces are coming together as a coherent services strategy and now we can articulate it in a way and we can actually see how all of these pieces are going to evolve. Basically, I think that's why we can exactly say who's doing what and we can start looking at it end to end, in all directions to go back and say, "How does a customer solve this problem, what does it mean to write a service?"

InfoWorld: Does this mean a diminishing of shrink-wrapped, boxed software? Are people going to be buying online? Deploying online?

Srivistava: I really don't think it's an either/or proposition. I see it more as an extension of the server to the cloud. And clearly yes, some things that are running on premises, on server, will move to the cloud. But on the other hand, you're also opening up new opportunities because a certain class of applications will be written where they'll be doing part of the things on premises and part of the things on cloud. People have some data they're not going to move to the cloud no matter what happens. They're going to keep it on premises. Certain functions are not going to go away. [And] there are clear advantages [that] the cloud brings. If you marry the two together, you're opening up a new class of applications. I think it's going to be an interesting dynamic and I think it's net-additive.

InfoWorld: It was a year and a half ago when the "software plus services" phrase was first floated by Steve Ballmer, and I think a lot of us were wondering, "Oh come on, what does he mean? Live updates, what does he mean?" And now it's clear, this is a developer play. This is about building services in the cloud.

Srivistava: [With] Windows Azure, we just did not take Windows Server and just put it on the cloud, OK? What we said was "let's go look at the problem we want to solve." I mean if you have something [that] works fine on the cloud, why would we not put it [there]? But wherever it makes sense, do it [there].

InfoWorld: I was talking to a few of the attendees and one said Azure was a response to Amazon EC2 [Elastic Computing Cloud] and what they're doing with cloud servers. They're running Windows. Is this a competitive response to Amazon?

Srivistava: Amazon and Google have been doing great stuff on the cloud. It reinforces the point that this cloud is really an exciting place to be in. Again, if you look at running Windows Server on a machine, Windows Server manages just the machine, right? So running Windows Server on that desk, a lot of people can do that and it's really great that they're doing it. What we are trying to do with Windows Azure is to really build an operating system for the whole cloud that is not a single machine. By managing the cloud, you're taking care of the lifecycle management of your services, you're offering lots and lots more value.

InfoWorld: You're talking about all of these additional services, and what strikes me is that it's almost as if you've created a well-provisioned SOA, with all the service management stuff going on, the lifecycle management. In a way, it's got some de facto governance in there, at least it's sort of playing by the Microsoft rules that you have.

Srivistava: But it's not Microsoft rules, it's playing by your rules. So the user is in control. That is why the critical part is we do a lot of the work for you, but you define the rules, and that is the service model. So you tell us how you want your service to be managed, we just do it. We are the servant. It's not like, "Hey, trust us. We'll just do it for you." We're not saying that. We will follow the rules that you define in the architecture model, so the user is all in control.

InfoWorld: Could you implement tools available on Azure to manage that kind of runtime governance that you're talking about?

Srivistava: That's right.

InfoWorld: It seems with all the stuff that you've added here to the Azure platform, it's really potentially a richer development environment than your average Microsoft customer would set up on premise.

Srivistava: You should not think of it as a monolithic platform. Even the second-layer things are all à la carte. You can call OpenID and not use Live ID if you don't want to. Because we [have these] interfaces, you can call in our service model, services can interact through interfaces there. So it's not monolithic. Now, because a lot of these services are available, yes, it's a very comprehensive platform. [But] you can pick and choose and you can even use third-party stuff whenever you want to. It's very open. And you can even come back and say, "I won't use anything else except Windows Azure and everything else I'm going to get from the outside" and that's fine, too.

InfoWorld: So what happens next? I understand there's going to be some road map laid out next year for Azure.

Srivistava: We are opening up with managed code today. We're going to open up native code after that. We'll definitely have that. Right now we are in one datacenter location. We will give the option for people to keep their data in multiple locations, slowly do it in the U.S. and then go international. [We] will have more than one data location in the calendar year 2009. Clearly we will be adding more features to each of the subsystem that we have got, like tables and storage systems and things like that. And we're going to have more service models.

InfoWorld: It seems to me that having covered the early Web services, protocol development, and all of that, we went from a bunch of standards and the idea that we would build applications across the Internet, and that was way, way ahead of its time, and it never really happened. Then it sort of evolved more into SOA inside the firewall. In a way, this seems like we're going back to the original model of Web services, the idea of applications across the Internet. Is it time now?

Srivistava: One of the things that we did when we were building Windows Azure was we spent almost six months just looking at what did the world need. Inside Microsoft, we have over 160 or so services ourselves. There is no platform, so every service is written as a silo. Every service just goes and manages the whole thing by [itself].

Now here what happens is that Windows Azure owns all the datacenter resources, it's one computer. You come in and you say, "Hey, I want 1,000 machines." I give you 1,000. Somebody else comes in and says, "I want 1,000." I give him 1,000. Then he says, "Hey, I don't want 800 of them, take them back." I take them back. Somebody else comes in. I can move the resources back and forth around across the whole thing there, so it cuts costs. Efficiency comes into play. By automating all of those things there, the [operations and expenses] goes down, because I don't need as many humans running around managing those things there. So there's a lot of efficiencies and things like that coming along.

InfoWorld: So that's all dynamic provisioning? It's all using Hyper-V?

Srivistava: No, we have our own hypervisor, which we have designed specifically for the design point. We just call it Windows Azure hypervisor, but a lot of the advancements we are making are moving into Hyper-V, [so] the same thing will be available to the on-premises customer. The virtualization support that you get in hardware like NPT and EPT, the nested page tables that are there. We are taking a lot of advantage of that, so that's what [Microsoft engineer] Dave Cutler has done in really optimizing the thing out, so the overhead of the hypervisor is extremely low. And when the hypervisor overhead is low, then we can get maximum utilization by dividing the machine.

InfoWorld: Do you expect people to develop multitenancy apps?

Srivistava: Yes, absolutely.

InfoWorld: Is the framework evolving in that direction to make that easier?

Srivistava: Yes. But my feeling is that we will welcome both, so we don't care. The way we have designed the system is that if a person is developing a multitenancy app, that's fine.

InfoWorld: What features would enable multitenancy on the platform?

Srivistava: The biggest element that you get if you have [multitenancy], because we have multiple tenants that are going on, one is security becomes a very big feature. And so we have multiple levels of security in place. We have VLANs, we put IP filters. And each tenant runs in its own VM in the hypervisor, so we completely go back and isolate each of the tenants out so that they cannot interfere with each other. The second element comes out if a tenant acquires just a fraction of a machine. Each tenant could require different compute powers. We have the power to do that because one tenant can come back and say, "Oh, I only want one-eighth of a machine." One tenant comes back and says, "Hey, I want a whole machine." We can dynamically give him whatever he needs.

Copyright © 2008 IDG Communications, Inc.

InfoWorld Technology of the Year Awards 2023. Now open for entries!