Windows Azure New Features

As mentioned in a previous post I have been working a lot with Windows Azure over the last year. I have to admit that when I started working with Azure I was comparing it with Amazon Web Services; and felt from an IaaS perspective it was lagging behind AWS. However, since then Microsoft has been steadily adding features and closing the gap.

I recently noticed that the latest Windows Azure PowerShell module (0.7.3) includes some interesting new editions which I assume must be new preview features Microsoft intend to release. In fact Microsoft have done this in the past for example with the ACL features for Endpoints it was first released as a preview features with PowerShell before being incorporated into the Azure portal, I will outline a few of those that are of interest (at least to me anyway).

Express route

I was in the middle of writing this post when Microsoft announced the availability of Express Route on their blog. Express route allows Level3 customers to 'directly' connect to Azure.

From some of the commands that are available it seems you may be able to do this with BGP:

What would be really great is if Microsoft developed the capability to allow customers to have BGP between deployments in different Microsoft Azure Data centres. This would enable a number of different high-availability and disaster recovery solutions in Azure.

Static Private IP Addresses

Looking at the changelog for the Azure PowerShell cmdlets I noticed there are now cmdlets for managing static IP addresses.

If you already use Azure, you will know that when you create a VM the Azure fabric allocates a private IP address via DHCP. The IP address is not fixed, it just has a very long lease. While IP addresses only change under a small set of circumstances such as when you deallocate a VM (shut it down from the Azure portal); for certain types of applications a changing IP address is problematic. For example, some applications maintain a record of the IP address in their configuration files or use it for licensing purposes and when it changes these applications can break. Active Directory domain controllers is another example where a changing IP address is not ideal (although Microsoft's current mitigation for this while awkward does work - which is to create the Domain Controller in a separate subnet and have it as the only VM in the subnet). Some applications configured as a cluster also rely on fixed IPs. If you want to setup a Hadoop cluster (i.e. not using HDInsight) in Azure this can be a little more complicated without fixed IPs in Azure.

Azure Agent & BGInfo 

The mention of Azure Extensions in the Azure PowerShell module change log:

- Led me to a blog post from the Windows Azure Technical Support Team, stating that IaaS VMs have an VM Agent installed by default if they are created with PowerShell. The Agent is pluggable and can support extensions that add new capabilities such as the BGInfo extension. This enables BGInfo (from the Sysinternals Suite) and configures it to display information on the desktop of a Windows VM such as the DeploymentID, Public IP, Private IP etc.

I have been including the Sysinternals Suite as part of my VM builds scripts and use BGInfo to display information such as this on my VMs so I can easily tell which VM I have RDP'd into and don't accidentally make a modification on the wrong VM.

Reserved Public IP Addresses

The previous version of the PowerShell module 0.7.2 included the ability to reserve public IP addresses allocated to a Cloud Service (known as a VIP).

It has long been a pain point for me that Microsoft Azure did not have this capability. One of the problems with changing IP public IP addresses is that it makes it difficult to restrict access from our on-premise firewall to Azure by IP address as there is a possibility the IP may change if you only have one VM and the VM is corrupted or is deallocated.

I haven't found any documentation on this preview feature but it would be great if you could move reserved IPs between deployments so that if you need to migrate VMs to a new VNET or subscription you can also move the VIP (of course Microsoft would only be able to allow you to do this within a Region, as the IP address ranges are different across regions).

I'll be playing with these the static VNET and reserved VIPs - I've been waiting a long time for these features!