First published on CloudBlogs on Aug, 28 2013

Part 9 of a 9-part series .

A major promise underlying all of the 2012 R2 products is really simple: Consistency .

Consistency in the user experiences, consistency for IT professionals, consistency for developers and consistency across clouds. A major part of delivering this consistency is the Windows Azure Pack (WAP). Last week we discussed how Service Bus enables connections across clouds, and in this post we’ll examine more of the PaaS capabilities built and tested in Azure data centers and now offered for Windows Server. With the WAP, Windows Server 2012 R2, and System Center IT pros can make their data center even more scalable, flexible, and secure.

Throughout the development of this R2 wave , we looked closely at what organizations needed and wanted from the cloud. A major piece of feedback was the desire to build an app once and then have that app live in any data center or cloud. For the first time this kind of functionality is now available. Whether your app is in a private, public, or hosted cloud, the developers and IT Professionals in you organization will have consistency across clouds.

One of the elements that I’m sure will be especially popular is the flexibility and portability of this PaaS. I’ve had countless customers comment that they love the idea of PaaS, but don’t want to be locked-in or restricted to only running it in specific data centers. Now, our customers and partners can build a PaaS app and run it anywhere . This is huge! Over the last two years the market has really began to grasp what PaaS has to offer, and now the benefits (auto-scale, agility, flexibility, etc.) are easily accessible and consistent across the private, hosted and public clouds Microsoft delivers.

This post will spend a lot of time talking about Web Sites for Windows Azure and how this high density web site hosting delivers a level of power, functionality, and consistency that is genuinely next-gen.

Microsoft is literally the only company offering these kinds of capabilities across clouds – and I am proud to say that we are the only ones with a sustained track record of enterprise-grade execution.

With the features added by the WAP, organizations can now take advantage of PaaS without being locked into a cloud. This is, at its core, the embodiment of Microsoft’s commitment to make consistency across clouds a workable, viable reality.

This is genuinely PaaS for the modern web.

Today’s post was written by Bradley Bartz, a Principal Program Manager from Windows Azure. For more information about the technology discussed here, or to see demos of these features in action, check out the “ Next Steps ” at the bottom of this post.

* * *

Over the past decade, we’ve seen a dramatic shift in how developers build applications. Modern applications frequently reside on the web, and this shift is driving massive demand for scalable, secure, and flexible ways to host web applications across public and private clouds.

Developer and IT Pro Experiences

Web Sites for Windows Server , included in the Windows Azure Pack , provides a Platform as a Service for modern web applications. It delivers both a powerful self-service platform for developers, while serving as a flexible hosting solution for IT professionals. Web Sites does this in a manner which is highly consistent with the Windows Azure Web Sites service . This allows developers and IT professionals to code against and manage a common set of runtimes, experiences, and capabilities – regardless of deployment to the public or private cloud.

Developers and IT pros alike have often struggled with the complexity of web farm configuration and management. By providing a turnkey solution, Web Sites provides developers with the web application services they expect while simplifying administration for the IT professional.

Flexible

Today’s web developer could often be referred to as a “polyglot programmer.” He or she develops in many languages, often selecting the language, database, and tools best suited to solving a given problem. Additionally, many developers don’t start with new applications; instead, they customize an existing application to meet their needs. In either case, Web Sites aims to provide the developer with choice, reducing time to market, and increasing efficiency.

Application Gallery

In addition to providing a best-in-class environment for creating new applications from scratch, the Web Sites service includes a gallery of applications and templates to accelerate application time to market. Popular open source web applications, including DotNetNuke, Umbraco, WordPress, Drupal, and Joomla are packaged and ready for zero-code deployment to the Web Sites cloud. Furthermore, there are a number of templates for creating new .NET, PHP, Node.js, and Python apps.

Deploying Gallery Applications

A developer can create a web site from a template in a few clicks. We will walk through an example of a developer who creates his/her blog using the WordPress application template. To access the gallery, the developer will click ‘New’ in the Consumer Portal and choose to create a new web site from the gallery.

The gallery displays a list of applications that the service provider enables for tenant use. The developer can select WordPress from this list and provide the configuration settings to deploy the application to his/her new web site.

In a few seconds, a web site is instantiated on a server that also hosts other tenant web sites which is provided by the shared hosting capability of the Web Sites PaaS. The developer can now monitor, configure and scale this newly created web site from the Consumer Portal.

The URL for the newly created WordPress blog is now available on the Dashboard tab. The developer can share this URL of this web site as needed or associate it with a custom domain name.

Choice of Language

Out of the box, the Web Sites service provides broad language support, including ASP.net, Classic ASP, Node.js, PHP, and Python. Furthermore, if a developer has a preference for a language not included, he or she can provide a generic FastCGI handler used for running applications in his/her web site. By providing broad language support, which has been battle-tested in Windows Azure Web Sites, the private cloud can now provide a broad menu of language options to satisfy the demands of developers.

Choice of Database

Beyond languages and frameworks alone, the Windows Azure Pack also provides SQL Server and MySQL database provisioning as an integral part of the Web Sites provisioning and management experience. Since different languages often hold a database preference, providing database choice through a consistent user interface allows developers to focus on building applications naturally. By delivering these databases as a service, developers can focus on coding rather than database administration.

Choice of Tools

Additionally, we see that developers often prefer a specific set of tools for development and deployment. For .NET developers, we provide best-in-class support for Visual Studio and WebMatrix. Specifically, Visual Studio users can easily import a Publish Settings file which allows one-click application deployment. WebMatrix users, in addition to one-click deployment, can also edit their site live; it is launched by a button in the Service Management Portal. Deep tool integration makes Web Sites a great place to efficiently host existing ASP.NET and Classic ASP web sites.

Both Visual Studio and WebMatrix utilize the Web Deploy publishing endpoint. For more traditional file upload tools, both FTP and FTP-S are supported.

To demonstrate Visual Studio integration, we’ll begin by creating a web site in the Windows Azure Pack and in Visual Studio. You’ll notice that we’ll be creating a web site the same way you would build an application for deployment to IIS or to Windows Azure Web Sites.

After creating a default page, we will download the publishing profile and configure publishing in Visual Studio.

Next, we will import the downloaded publishing profile.

Finally, we will click “Publish” to deploy our application.

In a few moments, the application build will complete and publishing will commence. After Web Deploy syncs changes between the local and remote deployment, the application will be live.

Delivering DevOps

As DevOps becomes an increasingly common phenomenon, we see developers demanding a greater degree of integration between their source control systems and hosting operations. The Web Sites runtime can host a copy of a Git source code repository, allowing rapid iterative development in the private cloud (including rollback to previous versions of the application). By using standard Git commands, a user can push changes from a local repository into the cloud with no special integration. Consequently, cloning applications across clouds becomes a simple task.

To illustrate this, watch how easy it is to create an application and set up deployment from source control in Windows Azure. In this case, we’ve deployed a basic “Hello World” application written in PHP using Git.

Next, create a web site in the Windows Azure Pack, and set up deployment from source control. From here, the Git tools can be used to clone the site from the public cloud into the private cloud. Once cloned, the application can be redeployed to the private cloud with no code changes. Note the consistency across the Azure UI and how the application behaves identically despite deployment to a private cloud.

Delivering this level of Pass functionality is the result of a large number of new and improved features that include cross platform development, zero lock-in, scalability, site mode, horizontal/vertical scaling, speed, multi-datacenter support – to name a few. We’ll use the rest of this post to examine these features and their application in detail.

Cross Platform Development

By supporting FTP, FTPS, Web Deploy, and Git protocols alongside the Service Management Portal, the Web Sites service allows developers to deploy and manage applications in the Private cloud from any client OS, including MacOS, Linux, and Windows.

Zero Lock-in

Because the Web Sites runtime can be hosted by Microsoft, enterprises, or hosting service providers, developers can confidently deploy their applications. Should a developer need to migrate his or her application to a different cloud, he or she can do so quickly and simply without code changes. For customers looking to outsource hosting of web applications, they can leverage Windows Azure or hosted offerings from other third party hosting service providers.

Scalable

Web Sites provides a high degree of scalability. By de-affinitizing web applications from a single server, apps can dynamically execute on any server in a given cluster at any point in time. This allows the Web Sites service to rapidly respond to changing operating conditions. In the event of server failure, requests are load balanced and rerouted to a healthy machine in the farm to maintain application availability. Should an application require additional resources, developers or IT pros can quickly and easily allocate additional resources to the web app to preserve SLAs.

Site Mode

The Web Sites service provides two site modes – Shared Mode and Reserved Mode. Shared Mode runs sites from multiple tenants on a single server to maximize density and minimize operational costs. Shared Mode works quite well for development or testing scenarios. Reserved Mode runs sites for a single tenant in a pool of servers to maximize performance and improve isolation. Often, Reserved Mode is used for production applications. Since switching between execution modes is delegated to the developer, he/she can quickly choose the execution mode best suited to his/her application.

Horizontal and Vertical Scaling

Application scaling strategies often follow two patterns – horizontal and vertical. The Web Sites runtime supports both; developers can run multiple instances of their applications in both Shared and Reserved Modes. In addition, inside of the Reserved site mode, developers can opt to scale vertically by choosing between three instance sizes (Small, Medium, and Large). By delivering multiple scaling options, developers and IT professionals alike can select the optimal way to host their applications.

Speed and Agility

Because the Web Sites runtime focuses on delivering a finished service (web application hosting), application provisioning and management functions are orders of magnitude faster than infrastructure-based services. Since applications exist as configuration metadata and content, creation and publishing activities complete in seconds rather than minutes – all leading to increased productivity and decreased time to market.

Multi-Datacenter Support

As end users become increasingly connected via devices, performance expectations increase. Multinational corporations expect a worldwide web application presence. With multi-cloud support, service administrators can deploy multiple Web Site clouds to different geographies. Since these clouds are consumed via the same Service Management Portal , developers can easily deploy applications around the globe with minimal time and effort.

Secure

As web applications are often internet facing, security is a critical design point. In this release, the Web Sites service has been enhanced to deliver a secure application hosting experience through robust SSL support. In addition, the feed-based update mechanism allows service administrators to keep the Web Sites cloud current with the latest updates.

SSL and HTTPS

Because the secure transport of information to and from Web Sites is critical, the service provides two varieties of SSL support:

1. Shared SSL Support
   By default, all created sites are accessible via SSL using a shared certificate. This ensures that developers can use HTTPS immediately following site creation without further interaction.
2. Custom SSL Support
   For developers using custom domain names, they can upload a custom SSL certificate for transport encryption. The runtime supports two types of SSL bindings:

• SNI SSL, which provides simplified administration and allows multiple sites using multiple certificates to reside on the same IP address. SNI SSL works out of the box without further configuration.
• IP SSL, which maximizes compatibility with older browsers. The runtime contains built-in functionality to orchestrate IP SSL configuration across the Front End server(s) and upstream load balancer(s).

Always Current

The Web Sites cloud incorporates a large number of first and third party dependencies to deliver turnkey operation. However, initial deployment is only a small portion of the overall service lifecycle. By integrating Microsoft Update with our feed-based provisioning process, Microsoft is able to deploy updates to both Microsoft and non-Microsoft software. By keeping the cloud up to date, Microsoft helps you maintain a secure and highly compatible application hosting environment.

Additional R2 Features

With the 2012 R2 release of Windows Server, System Center, and the Windows Azure Pack, we ensured that great new scenarios light up across our server operating system, management tools, and cloud runtimes. As a result, we have several new features which will provide developers exciting ways to build innovative applications:

• WebSocket Protocol Support
  As mobile devices and interactive applications become the norm, we see that new application models are emerging. While traditional web applications employ a “pull” model, where the browser pulls information from the server, we are seeing an increased need for “push” models, where the server is able to push information to a large number of clients at the same time. The WebSocket protocol, now available in the R2 release of Web Sites for Windows Server, allows developers to build rich, interactive applications using this new communication mechanism.

• 64-bit Worker Processes
  As developers build increasingly complex web applications, large memory footprints are often required. At the same time, many of the open source languages and frameworks are optimized for 32-bit processes. In this release, we allow tenants to select 32 or 64-bit worker processes to best suit their needs.

• IPv6 Support
  As the number of internet-connected devices increases, the scarcity of IPv4 addresses is becoming increasingly problematic. The R2 release of Web Sites implements IPv6 support in a transparent manner, allowing end users to easily access hosted sites via IPv4, IPv6, or IPv4 and IPv6. This support includes not only HTTP traffic, but also traffic encrypted over HTTPS.

Performance Enhancements

Developers always look for ways to improve application performance, especially if optimizations don’t require code changes. For .NET developers, the most frequent performance complaint is the first request to idle applications. We refer to this as the “cold start” problem. With the R2 release, instead of shutting down idle web sites, we page inactive sites. Paging inactive sites involves moving inactive data from memory to disk. This leads to dramatically improved performance by reducing the frequency of cold start events, since the application can quickly be paged back into memory from disk instead of requiring recompilation. We have also optimized the Web Site cloud to improve performance when application cold start is unavoidable.

Running cloud scale services is challenging, and we’ve taken the lessons learned from running Windows Azure and incorporated them into the Windows Azure Pack. First, we’ve built a wholly distributed architecture to improve security and maximize scalability. Next, we’ve simplified visibility into farm operations and server provisioning. Finally, we’ve made it easy to build plans which govern resource consumption within the Web Site cloud.

Architecture

As you can see in the architecture diagram above, the Web Sites service uses a number of roles to deliver services. Each role serves a specific purpose and these concerns are separated to ensure a high degree of security. The Web Sites roles include:

• Management Server
  This is the REST API resource provider endpoint for the Service Management API . All provisioning and management requests from the service management API flow through the Management Servers, including site provisioning, scaling, and configuration tasks.
• Controller
  As the “brain” of the Web Sites cloud, the controller manages software installation and configuration of all servers. In addition, the controller performs health checks and repair operations to maintain farm availability.
• Front End
  Running Application Request Routing , the Front Ends dynamically route application requests to various web servers in the farm based on the heath and configuration of sites in the cloud.
• Web Workers
  These servers execute customer code. Since site configuration is stored in the Runtime Database and site content is stored on the File Server, applications can run across any worker in the farm. Workers are classified in four categories (Shared, Reserved Small, Reserved Medium, or Reserved Large) based on which execution mode they support. In addition, source control operations performed via Git run on worker roles.
• Publishers
  FTP, FTPS, and WebDeploy endpoint(s) for application deployment.
• File Server (optional)
  This stores web site content and custom SSL certificates. It may be deployed by the Web Sites installer for dev/test deployments, or provided externally for production deployments.
• Runtime Database (external)
  Stores the Web Site cloud configuration as well as the configuration for tenant web sites. Centrally storing the configuration allows for dynamic provisioning and management of sites while simultaneously allowing large scale cloud deployments.

Cloud Insight

When building the Web Sites runtime and user interface, we wanted to deliver the same “single pane of glass” for service administrators. We studied the routine activities of cloud admins and realized that there were three primary groups of activities: Server provisioning, cloud health/capacity management, and cloud troubleshooting. To expedite these processes, we created simple ways to complete these tasks within the browser.

Cloud at a Glance

To start, we created a unified view of all Web Sites roles which allows service administrators to view three key elements:

• All servers participating in the Web Sites cloud
• The health of these servers
• The utilization of the various role instances

By consolidating this information into a single view, IT professionals can quickly determine if sufficient capacity is available or if service health is degraded.

Managed Provisioning

Should the cloud require additional capacity, the administrator can quickly add additional role instances. Web Sites fully automates deployment and configuration of the runtime onto new machines to seamlessly remediate capacity constraints. To illustrate this functionality, we’ll demonstrate how to provision an additional Small Reserved Instance to deliver additional capacity to developers using the Small Reserved Instance tier of service.

First, click the “Add Role” button, and then select the appropriate role type (Web Worker).

Next, provide the server the name of the machine to be added to the cloud. Finally, specify the worker type.

With a machine name and role type, we can now complete the provisioning and configuration process without further intervention.

Plan/Add-on Authoring

Service administrators also need to define a service catalog to govern resource consumption and employ chargeback/billing for cloud usage. To facilitate this, the Web Sites service provides a robust experience for defining base packages of services (Plans) and incremental capabilities (Add-ons). With this flexibility, administrators can author a comprehensive catalog to meet the differing SLAs of different developers.

Creating a Plan

From the service administrator dashboard, we will start by selecting New, then Plan.

Next, the service administrator must provide a name for a plan.

Then, he/she must select which services are included in the plan and determine which cloud for each service is included in the plan.

Now, the administrator can customize the quotas for each service included in the plans. We will edit the quotas for the Web Sites service.

Once this is complete, the administrator can define resource consumption limits for the plan. Typical resource types, such as CPU time, Memory, Bandwidth, and Storage are all present. In addition, specific features can also be enabled or disabled; this includes custom domain, SSL, WebSocket, 64-bit support, etc.

By customizing plans and add-ons, Web Sites gives the service administrator strict control of how service consumers can use the service. This gives tremendous control over the services provided through a service catalog and also governs usage reporting consumed by chargeback and billing solutions.

* * *

The Web Site service in the Windows Azure Pack has been built from the ground up to provide developers with a flexible, scalable, and secure platform for hosting modern applications.

As Web Sites is built from the same source code as the Windows Azure service, the Windows Azure Pack provides highly consistent experiences with the Microsoft-operated Windows Azure Web Sites service. For administrators, we have taken knowledge gained from operating our cloud to improve operational efficiency.

Give it a try. The bits and documentation can be found here .

- Brad

NEXT STEPS

• Windows Azure Pack Overview
  Learn more about the WAP, it’s benefits, and what the Microsoft Cloud OS can do for you.
• Download the trial of the Windows Azure Pack
  This includes an overview of the WAP, system requirements, and a step-by-step installation guide.
• The “Windows Azure Pack Overview” whitepaper
  Get really deep with this 25 page analysis of the Windows Azure Pack’s new features.
• “ Web Sites in Windows Azure Pack” breakout session
  In this session from TechEd EMEA, you can see some of the new tenant experiences in action.  Be sure to check out the demo starting at 0:28:20 on the integrated source code control and how a developer can use standard Git commands to push an application and associated changes from a local repository into the cloud.
• Windows Azure Pack Preview Forum