What Is and What Is Not Cloud Computing and Why Do I as an IT Pro Care

This was a presentation which I delivered at Stratford University in PDF format. My focus was on bringing clarity of cloud computing to the audiences so we can better articulate the business values of cloud computing and why cloud is or perhaps is not the solution for a business problem.

Additional resources is available at http://aka.ms/selected.

Introduction of Microsoft Virtual Academy at HTTP://AKA.MS/MVA1

A knowledge portal with free self-training contents of Microsoft products and solutions is Microsoft Virtual Academy at http://aka.ms/MVA1. Developed courses as shown below are presented by topics and products for an individual to develop and customize a learning plan to best fit one’s interests and objectives. And the contents are packaged in modules with presentations, videos, whitepapers, etc. and they are available online as well as for download. Each module ends with a self-assessment to facilitate learning. There are also live events like Jump Start and Virtual IT Camps delivered by subject matter experts offering global IT community an accelerated learning experience on virtualization, hybrid cloud, Azure, Office 365, Application development and more.


For an IT pros in any discipline and at any technical level, Microsoft virtual Academy offers an effective vehicle for developing IT skills profile and maintaining competency. And it is very easy to access the contents. Simply go to Microsoft Virtual Academy at http://aka.ms/MVA1. Pick and start a course of your interest and register/log in with your Microsoft Account which you can sign up one at http://outlook.com, if not already have one. Your Microsoft Account also comes with 15 GB OneDrive (i.e. cloud storage), Outlook-alike Internet email, and Office Web Applications all free.

Once you have registered in Microsoft Virtual Academy, it is now up to you how fast and how far you would like to go from virtualization to Azure, hybrid cloud and DevOps. Do it. Learn it. Enjoy it. And be an IT pro.

Deploying windows 7 and windows 8.1 enterprise clients to Microsoft azure available for msdn subscribers

As announced at TechEd 2014 North America, deploying Windows 7 and Windows 8.1 Enterprise clients to Microsoft Azure is now available for MSDN subscribers. The following is a typical user experience.

Log into Microsoft Azure Management Portal with a MSDN subscription account, click VIRTUAL MACHINE workspace, then click NEW to start the process of deploying a VM interactively.


Click either QUICK CREATE or FROM GALLERY. With QUICK CREATE, pick the dropdown of IMAGE and click “more images” to bring up the image gallery.


Or FROM GALLERY, bring up the image gallery directly.

From the image gallery, scroll down to select an intended Windows 7 or Windows 8.1 client and proceed with the deployment process as shown below.




Notice now there are VM AGENT, CONFIGURATION EXTENSIONS, and SECURITY EXTENSIONS available. Here Microsoft Antimalware is to be included in the VM deployment.


Once deployed, we can now capture image while a VM is still running as opposed to previously a VM must be first syspreped. Here, simply click CAPTURE while highlighting the running VM to create an image.


Once captured,the image of a VM is placed under IMAGES tab as shown, here while the VM is still running.


Remotely connecting to a VM is much the same as before. Click CONNECT from the bottom black menu bar, while highlighting the VM on the instance page. After providing the admin credentials and accepting the certificate for establishing secure commination, RDP brings a user directly into desktop. Here notice Task Manager reveals that the antimalware is running as configured.


And the Start screen shows a standard Windows 8.1 layout with a power button placed next to user icon on upper right corner.


This is a Windows 8.1 Enterprise client on demand deployed in minutes in Microsoft Azure.

Windows Azure Infrastructure Services IP Address management (Part 2 of 2)

This two-part series details the IP address management of Windows Azure Infrastructure Services including:

We can use Windows Azure PowerShell to assign a static IP to a VM deployed to a Windows Azure virtual network (VNET). The following explains.

Assigning Static VNET IP Address to a VM

imageTo assign a static IP to a VM, use PowerShell. And the VM must be deployed to a VNET. Windows Azure PowerShell v0.7.3.1 released on March 11, 2014 supports static VNET IP address. To install Windows Azure PowerShell and connect to your Windows Azure subscription, follow the instruction at http://aka.ms/AzureCmdlets.



In PowerShell ISE Command Add-On pane, simply search the string, azurestat, you will find out there are four Windows Azure PowerShell cmdlets associated with managing a static IP of a VM deployed to a Windows Azure virtual network, as shown on the left.

A typical routine starts with using Test-AzureStaticVnetIP to confirm the availability of a target IP address. The cmdlet returns a list of suggestions if the target IP address is not available.

Once the availability of a target IP address is confirmed, run Set-AzureStaticVNetIP and Get-AzureStaticVnetIP to assign and verify the IP assignment of a target VM. And as needed, use Remove-AzureStaticVnetIP to remove a static IP from a VM object.

With a static internal IP addresses, VMs in a VNET will maintain the same IP addresses across shutdown, reboot, and re-imaging. And the deployment order of VMs to a VNET does not impact the IP assignments anymore. Supposed two VMs were at the state, Stopped Deallocated, and then later get started again in a random order. The new internal IP addresses will likely be different. However if the two VMs were assigned with static IP addresses, the same IP address will be in the VM upon restart.

Sample Session of Assigning a Static IP

The following user experience is based on Windows Azure PowerShell already configured with connectivity to a Windows Azure subscription by following the instructions provided at http://aka.ms/AzureCmdlets.

imageThree VMs, vm1, vm2, and vm3 were deployed in order to myTestNet which is configured with address space. Upon the initial deployment,,, and are assigned to the three VMs as shown. VM2 is the target VM for a static IP assignment.



For this particular deployment, it is obvious which IP addresses are available. In an event that Windows Azure Management Portal is not accessible, we can use Test-AzureStaticVnetIP to confirm the availability of a target IP address within a VNET.



imageOnce a target IP address is confirmed available, we can use Set-AzureStaticVnetIP to assign a static IP to a target VM. Here, on the left I use a small routine to first test the availability of a target IP,, in an intended VNET. If the IP is available, assign it to a target VM, here vm2. A sample script is available at http://aka.ms/StaticVnetIPSample.


imageNow vm2 has an IP address as If this is a static IP address, redeploying all three VMs will not change the IP address of vm2 at this time.



imageTo redeploy the three VMs, I first shut down them from Windows Azure Management Portal and brought all to the state, Stopped (Deallocated), which released the internal IP address of each VM. As shown on the left, neither VM had an IP address.


imageThe three VMs were at this time started in the order of vm3, vm1, and vm2. This order is different from that of the initial deployment. And upon the deployment, notice that vm3 which was first started got the IP address, The 2nd started VM was vm1 which got Nevertheless, the last one started, vm2 (instead of getting the next IP address, maintained the assigned static IP, In other words, once a static IP address is assigned to a VM instance, the deployment order no longer impact the IP address assignment of the VM.

Best Practices for Static IP Assignments

The recommended usage pattern is to employ separate subnets for static IP address VMs and dynamic IP address VMs. Use a static IP address subnet for all static IP address VMs, while it is needed to specify a different static IP address for each VM deployed to this subnet. And use a dynamic IP address subnet for PaaS web/worker roles and those Infrastructure Services VMs without the needs for static IP addresses.

Managing VMs with static IP assignments in a separate subnet can help standardize the processes and configurations, hence better automation and streamlined operations.

Additional Resources

Windows Azure Infrastructure Services IP Address management (Part 1 of 2)

This two-part series details the IP address management of Windows Azure Infrastructure Services including:

We will first examine some basic concepts to better understand how IP addresses are assigned in Windows Azure and what are the implications.


Upon deployment, a Windows Azure VM instance has two IP addresses:

  • A VIP (Virtual IP address) is the public IP address pointing to the cloud service where the VM is deployed to. Notice that a VIP once assigned is not released from a cloud service till every VM instance in the cloud services has either a “Stopped (Deallocated)” status or deleted.
  • a DIP (an internal IP assigned by Windows Azure with DHCP) is the IP address assigned to the VM for communicating within Windows Azure. Notice that a DIP once assigned is not released from a VM till  the VM has a “Stopped (Deallocated)” status.


The following illustrates a conceptual model where multiple VMs are deployed to a cloud service. A VIP is assigned to Windows Azure’s public interface and pointing to this cloud service, while each VM within the cloud service has an individual DIP assigned by Windows Azure via DHCP.


Notice that if these VMs are deployed to a virtual network, a DIP will be assigned from or released to the address pool defined in the virtual network configuration.

Endpoint vs. Port

In Windows Azure, accessing a cloud service from Internet requires an endpoint which is a pair of two ports associated with the VIP of the cloud service. The public port of an endpoint is the one facing Internet, while within Windows Azure the corresponding port is the private port. The above diagram depicts the concept of an endpoint as the vehicle to access a cloud service from Internet, while a defined endpoint effectively connects a public interface and a private one of a cloud service with a port translation at the edge of Windows Azure where the VIP points.

Stopped vs. Stopped (Deallocated)

A Windows Azure VM instance can be shut down with two fundamental ways. One is to shut down a VM within the VM instance itself as shown below. This will bring the VM to a “Stopped” state. At this time, although the instance is stopped, it is however not deallocated, and consequently it is still being charged by minute based on the pricing model as detailed in http://aka.ms/waPrice.


Another way to stop the VM instance is to operate directly from Windows Azure Management Portal by highlighting a VM an click the Shutdown button from the black menu bar as shown above. Which in addition to shutting down the VM, it also deallocates the instance as the status, Stopped (Deallocated), indicated. At this time, the VM instance is not being charged any more.

The storage cost of a VM is introduced by the associated VHD file which include an OS disk and additional data disk, if added. This storage cost is always there since regardless the state of a VM, storage capacity is consumed to store a VHD file which is stored as page blobs in an associated storage account and depending on if geo-replication is maintained, there may be additional storage and transmission costs. The article, http://aka.ms/HADR explains the two storage account types and how they work.

IP Assignments in Windows Azure Virtual Network (VNET)

When allocating addresses, Azure reserved the first three and the last IP addresses in an address space and a subnet. For instance, defining an address space,, as the following results in a usable address range of to where the first three and the last IP addresses of this address space, i.e. and are reserved for Azure’s use. This behavior is consistent throughout the subnets. Essentially any address space allocated in Azure, the first three and the last one are reserved for system use.


When deploying VMs to a VNET, the DIPs (i.e. internal IP addresses) of VMs are allocated from a configured address pool (as defined in VNET) in the order of each VM is deployed. Therefore deploying the same VMs in a different order to the VNET or deallocating then redeploying VMs in a VNET will likely result in different internal IP addresses assigned. For example, two VMs in a VNET had had a Stopped Deallocated state and then both were restarted in a random order. The new internal IP addresses assigned to the two VMs will likely be different than those internal IP addresses previously assigned before deallocation. And it is an issue for VMs requiring persistent IP addresses throughout the lifetime of those VMs. However, if a static IP address is assigned to a VM, the same predictable IP address will be assigned with the VM upon restart. For a VM deployed to a VNET, a static IP can be assigned to the VM using Windows Azure PowerShell.

In Part 2, we will walk through a sample session on assigning a static IP to a VM which is deployed to a VNET.

My Selected Contents for IT Pros

The following is a list of articles I have recently published. It highlights a core set of hybrid cloud computing contents which I want to share and help IT pros better understand at this juncture.

Cloud Concepts


Windows Azure


Windows Server


On-premises Deployment


TechNet Radio

Resource Pooling, Virtualization, Fabric, and Cloud

One of the five essential attributes of cloud computing (ref. The 5-3-2 Principle of Cloud Computing) is resource pooling which is an important differentiator separating the thought process of traditional IT from that of a service-based, cloud computing approach.

Resource pooling in the context of cloud computing and from a service provider’s viewpoint denotes a set of strategies for standardizing, automating, and optimizing resources. For a user, resource pooling institutes an abstraction for presenting and consuming resources in a consistent and transparent fashion.

This article presents key concepts derived from resource pooling as the following:

  • Resource Pools
  • Virtualization in the Context of Cloud Computing
  • Standardization, Automation, and Optimization
  • Fabric
  • Cloud
  • Closing Thoughts

Resource Pools

Ultimately data center resources can be logically placed into three categories. They are: compute, networks, and storage. For many, this grouping may appear trivial. It is however a foundation upon which cloud computing methodologies are developed, products designed, and solution formulated.


This is a collection of all CPU-related capabilities. Essentially all datacenter physical sand virtual servers, either for supporting or actually running a workload, are all part of this compute pool. Compute pool represents the total capacity for executing code and running instances. The process to construct a compute pool is to first inventory all servers and identify virtualization candidates followed by implementing server virtualization. And it is never too early to introduce a system management solution to facilitate the processes. Which in my view is a strategic investment and a critical component for all cloud initiatives.


The physical and logical artifacts putting in place to connect, segment, and isolate resources from layer 3 and below, etc. are gathered in the network pool. Networking enables resources becoming discoverable and hence possibly manageable. In this age of instant gratification, everything has to be readily available with a relatively short windows of opportunities. This is an economy driven by emotions and current events. The needs to be mobile and connected at the same time are redefining the IT security and system administration boundaries. Which plays a direct and impactful role in user productivity and customer satisfaction. Networking in cloud computing is more than just remote access, but an abstraction empowering thousands users to self-serve and consume resources anytime anywhere with any device. Bring your own device, bring your own network, and consumerization of IT are various expressions of the network and mobility requirements of cloud computing.


This has long been a very specialized and sometimes mysterious part of IT. An enterprise storage solution frequently characterizes as a high cost item with significant financial and technical commitments on specialized hardware, proprietary API and software, a dependency on direct vendor support, etc. In cloud computing, storage solutions are becoming very noticeable since the ability to grow and shrink resource capacities based on demands, i.e. elasticity, demands an enterprise-level, massive, reliable, and resilient storage solution at scale. While enterprise IT is consolidating resources and transforming existing establishments into a cloud computing environment, the ability to leverage existing storage solutions from various vendors and integrate them into an emerging cloud storage solution is a noticeable opportunity for minimizing the cost.

Virtualization in the Context of Cloud Computing

In the last decade, virtualization has proved its values and accelerated the realization of cloud computing. Then, virtualization was mainly server virtualization. Which in an over-simplified description means hosting multiple server instances with the same hardware while each instance runs transparently and in isolation, namely as if each consumes the entire hardware and is the only instance running. Now, with so many new technologies and solutions emerging, customers’ expectations and business requirements have been evolving. And we should validate virtualization in the context of cloud computing to fully address the innovations rapidly changing how IT conducts business and delivers services. As presented below, in the context of clod computing, consumable resources are delivered in some virtualized form. Various virtualization layers collectively construct and form the so-called fabric.

Server Virtualization

The concept of server virtualization remains as: running multiple server instances with the same hardware while each instance runs transparently and in isolation, as if each instance is the only instance running and consuming the entire server hardware.

In addition to virtualizing and consolidating servers, server virtualization also signifies the practices of standardizing server deployment, switching away from physical boxes to VMs. Server virtualization is the abstraction layer for packaging, delivering, and consuming a compute pool.

There are a few important considerations of virtualizing servers. IT needs the ability to identify and manage bare metal such that the entire resource life-cycle management from commencing an employment to the decommissioning of server hardware can be automated. To fundamentally reduce the support and training cost while increasing the productivity, a consistent platform with tools applicable across physical, virtual, on-premises, and off-premises deployments is essential. The last thing IT wants is one set of tools for managing physical resources and another for working on those virtualized; one set of tools for on-premises deployment and another for those deployed to a service provider; one set of tools for infrastructure development and another for configuring applications. The essential goal is one skill set for all, namely one platform for all, one methodology for all, and one set of tools for all. This advantage is obvious when, for example, developing applications and deploying Windows Server 2012 R2 on premises or off premises to Windows Azure. The Active Directory security model can work across sites, System Center can manage resources deployed off premises to Windows Azure, and Visual Studio can publish applications across platforms. IT pros can operate all based on Windows system administration skills. There is minimal operations training needed since all provides a consistent Windows user experience on a common platform and security model.

Network Virtualization

Similar idea of Server Virtualization applies here. Network virtualization is the ability to run multiple networks on the same network infrastructure while each network runs transparently and in isolation, as if each network is the only network running and consuming the entire network hardware.

Conceptually since each network instance is running in isolation, one tenant’s 192.168.x network is not aware of another tenant’s and identical 192.168.x network running with the same network infrastructure. Network virtualization provides the translation between physical network characteristics and the representation of a logical network. Consequently, above the network virtualization layer, various tenants while running in isolation can have identical network configurations. This abstraction essentially substantiates the concept of bringing your own network.

A great example of network virtualization is Windows Azure virtual network. At any given time, there can be multiple Windows Azure subscribers all allocate the same 192.168.x address space and with identical subnet scheme, 192.168.1.x/16, for deploying VMs. Those VMs belonging to one subscriber are however not aware of or visible to these deployed by others, despite the network configuration, IP scheme, and IP address assignments may be all identical. Network virtualization in Windows Azure isolates one subscriber from the others such that each subscriber operates as if the subscription account is the only one employing 192.168.x address space.

Storage Virtualization

I believe this is where the next wave of drastic cost reduction of IT post server virtualization happens. Historically, storage has been a high cost item in IT budget in each and every aspects including hardware, software, staffing, maintenance, SLA, etc. Since the introduction of Windows Server 2012, there is a clear direction where storage virtualization is becoming a commodity and an essential skill for IT pros since storage virtualization is now built into Windows OS. New capabilities like Storage Pool, Hyper-V over SMB, Scale-Out Fire Share, etc. are making storage virtualization part of server administration routines and easily manageable with tools and utilities like PowerShell which many IT professionals are familiar with.

The concept of storage virtualization remains consistent with the idea of logically separating a computing object from the hardware where it is running. Storage virtualization is the ability to integrate multiple and heterogeneous storage devices, aggregate the storage capacities, and present/manage as one logical storage device with a continuous storage space. And it should be apparent that JBOD is a visualization of this concept.

Standardization, Automation, and Optimization

Each of the three resource pools has an abstraction to logically present itself with characteristics and work patterns. A compute pool is a collection of physical hosts and VM instances. A virtualization host runs VMs which carry workloads deployed by service owners and consumed by authorized users. A network pool encompasses network resources including physical devices, logical switches, logical networks, address spaces, and site configurations. Network virtualization can map many identical logical/virtual IP addresses with the same physical NIC, such a service provider can host tenants implementing identical network scheme with the same network hardware without a concern. A storage pool is based on storage virtualization which is a concept of presenting an aggregated storage capacity as one continuous storage space as if provided from one logical storage device.

In other words, the three resource pools are wrapped with server virtualization, network virtualization, and storage virtualization, respectively. Together these three virtualization layers forms the cloud fabric which is presented as an architectural layer with opportunities to standardize, automate, and optimize deployments without the needs to know the physical complexities.


Virtualizing resources decouples the dependency between instances and the underlying hardware. This offers an opportunity to simplify and standardize the logical representation of a resource. For instance, a VM is defined and deployed with a VM template which provides a level of consistency with a standardized configuration. 


Once a VM characteristics are identified and standardized with configurations, we can now generate an instance by providing only instance-based information such as the VM machine name which must be validated at deployment time to prevent duplicated names. With a deployment template, only minimal information at deployment time us needed. Which can significantly simplify the process and facilitate automation. Standardization and automation are essential mechanisms so that a workload can scale on demand, i.e. become elastic, once a threshold is specified from a system management perspective.


Standardization provides a set of common criteria. Automation executes operations based on set criteria with volumes, consistency, and expediency. With standardization and automation, instances can be instantiated with consistency and predictability. In other words, cloud resources can be operated in bulk with consistency and predictability by standardizing configurations and automate operations. The next logical step is then to optimize the usage based on SLA.

Optimization is essentially standardization and automation with intelligence and objectives. The intelligence is why we need to have analytics designed into a cloud solution. With self-servicing, ubiquitous access, and elasticity, technically a cloud resource can be consumed anytime, by any number of users, and with capacities changed on demand. We will need a mechanism to provide us insights of the usage including when it is used, by whom, how much, to what degree, etc. A consumption-based chargeback or show-back model is what the analytics must provide so system management can optimize resources accordingly and timely.

Integrating resource pooling and virtualization concepts into OS has happened since Windows Server 2012 R2 and System Center 2012. Server virtualization, network virtualization, and storage virtualization are now integrated into Windows platform and part of the Server OS.


A significant abstraction in cloud computing this is. Fabric implies the discoverability and manageability. Which denotes the ability to discover, identify, and manage a datacenter resource. Conceptually fabric is an umbrella term encompassing all the datacenter physical and virtualized resources supporting a cloud computing environment. At the same time, a fabric controller represents the system management solution which manages, i.e. owns, fabric.

In cloud architecture, fabric consists the three resource pools: compute, networking, and storage. Compute provides the computing capabilities, executes code, and runs instances. Networking glues the resources based on requirements. And storage is where VMs, configurations, data, and resources are kept. Fabric shields a user from the physical complexities of the three resource pools. All operations are eventually managed by the fabric controller of a datacenter. Above fabric, there are logical views of consumable resources including VMs, virtual networks, and logical storage drives. By deploying VMs, configuring virtual networks, or acquire storage, a user consumes resources. Under fabric, there are virtualization and infrastructure hosts, Active Directory, DNS, clusters, load balancers, address pools, network sites, library shares, storage arrays, topology, racks, cables, etc. all under the fabric controller’s command to collectively form the fabric.

For a service provider, building a cloud computing environment is essentially to establish a fabric controller and construct fabric. Namely institute a comprehensive management solution, build the three resource pools, and integrate server virtualization, network virtualization, and storage virtualization to form fabric. Form a user’s point of view, how and where a resource is physically located is not a concern. The user experience and satisfaction are much based on the accessibility, readiness, and scalability of requested resources and fulfillment of SLA.


This is a well-defined term by NIST SP 800-145 and the 5-3-2 Principle of Cloud Computing. We need to be very clear on: what a cloud must exhibit (the five essential attributes), how to consume it (with SaaS, PaaS, or IaaS), and the model a service is deployed in (like private cloud, public cloud, and hybrid cloud). Cloud is a concept, a state, a set of capabilities such that the capacity of a requested resource can be delivered as a service, i.e. available on demand.

The architecture of a cloud computing environment is presented with three resource pools: compute, networks, and storage. Each is abstraction provided by a virtualization layer. Server virtualization presents a compute pool with VMs which supplies the computing power to execute code and run instances. Network virtualization offers a network pool and is the mechanism to allow multiple tenants with identical network configurations on the same virtualization hosts while connecting, segmenting, isolating network traffic with virtual NICs, logical switches, address space, network sites, IP pools, etc. Storage virtualization provides a logical storage device with the capacity appearing continuous by aggregating the capacity of a pool of storage devices behind the scene. The three resource pools together form an abstraction, namely fabric, such that despite the underlying physical infrastructure may be intricate, the user experience above fabric is presented with a logical and consistent fashion. Deploying a VM, configuring a virtual network, or acquiring storage is transparent with virtualization regardless where the VM actually resides, how the virtual network is physically wired, or what devices are included in the aggregate the requested storage.

Closing Thoughts

Cloud is an all consumer-focused approach. It is about enabling a customer to consume resources on demand and with scale. And perhaps more significant than the need to increase capacity on demand is the ability to release resources when no longer required. Cloud is not about products and technologies. Cloud is about standardizing, automating, and optimizing the consumption of resources and ultimately strengthening the bottom line.