Return to RSS Feeds

ScottGu Blog

Azure: VM Security Extensions, ExpressRoute GA, Reserved IPs, Internal Load Balancing, Multi Site-to-Site VPNs, Storage Import/Export GA, New SMB File Service, API Management, Hybrid Connection Service, Redis Cache, Remote Apps and more…

This morning we released a massive amount of enhancements to Microsoft Azure.  Today’s new capabilities and announcements include:

  • Virtual Machines: Integrated Security Extensions including Built-in Anti-Virus Support and Support for Capturing VM images in the portal
  • Networking: ExpressRoute General Availability, Multiple Site-to-Site VPNs, VNET-to-VNET Secure Connectivity, Reserved IPs, Internal Load Balancing
  • Storage: General Availability of Import/Export service and preview of new SMB file sharing support
  • Remote App: Public preview of Remote App Service – run client apps in the cloud
  • API Management: Preview of the new Azure API Management Service
  • Hybrid Connections: Easily integrate Azure Web Sites and Mobile Services with on-premises data+apps (free tier included)
  • Cache: Preview of new Redis Cache Service
  • Store: Support for Enterprise Agreement customers and channel partners

All of these improvements are now available to use immediately (note that some features are still in preview).  Below are more details about them:

Virtual Machines: Integrated Security Extensions including Built-in Anti-Virus Support

In a previous blog post I talked about the new VM Agent we introduced as an optional extension to Virtual Machines hosted on Azure.  The VM Agent is a lightweight and unobtrusive process that you can optionally enable to run inside your Windows and Linux VMs. The VM Agent can then be used to install and manage extensions, which are software modules that extend the functionality of a VM and help make common management scenarios easier.

Today I’m pleased to announce three new security extensions that we are enabling via the VM Agent:

  • Microsoft Antimalware
  • Symantec Endpoint Protection
  • TrendMicro’s Deep Security Agent

These extensions enable you to add richer security protection to your Virtual Machines using respected security products that we automate installing/managing.  These extensions are easy to enable within your Virtual Machines through either the Azure Management Portal or via the command-line.  To enable them using the Azure Management Portal simply check them when you create new a new Virtual Machine:

image

Once checked we’ll automate installing and running them within your VM.

Custom Powershell Script

This week we’ve also enabled a new “Custom Script” extension that enables you to specify a Powershell script file (.ps1 extension) to run in the VM immediately after it’s created.  This provides another way to customize your VM on creation without having to RDP in.  Alternatively you can also take advantage of the Chef and Puppet extensions we shipped last month.

Virtual Machines: Support for Capturing Images with both OS + Data Drives attached

Last month at the //Build conference we released command-line support for capturing VM images that contain both an OS disk as well as multiple data disks attached.  This new VM image support made it much easier to capture and automate VMs with richer configurations, as well as to snapshot VMs without having to run sysprep on them. 

With today’s release we have updated the Azure Management Portal to add support for capturing VM images that contain both an OS disk and multiple data disks as well.  One cool aspect of the “Capture” command is that it can now be run on both a stopped VM, as well as on a running VM as well (there is no need to restart it and the capture command completes in under a minute). 

To try this new support out, simply click the “Capture” button on a VM, and it will present a dialog that enables you to name the image you want to create: 

image

Once the image is captured it will show up in the “Images” section of the VM gallery – allowing to you easily create any number of new VM instances from it:

image

This new support is ideal for dev/test scenarios as well as for creating re-usable images for use with any other VM creation scenario.

Networking: General Availability of Azure ExpressRoute

I’m excited to announce the general availability release today of the Azure ExpressRoute service.

ExpressRoute enables dedicated, private, high-throughput network connectivity between Azure datacenters and your on-premises IT environments. Using ExpressRoute, you can connect your existing datacenters to Azure without having to flow any traffic over the public Internet, and enable–guaranteed network quality-of-service and the ability to use Azure as a natural extension of an existing private network or datacenter.  As part of our GA release we now offer an enterprise SLA for the service, as well as a variety of bandwidth tiers.

We have previously announced several provider partnerships with ExpressRoute including with: AT&T, Equinix, Verizon, BT, and Level3.  This week we are excited to announce new partnerships with TelecityGroup, SingTel and Zadara as well.  You can use any of these providers to setup private fiber connectivity directly to Azure using ExpressRoute.

You can get more information on the ExpressRoute website.

Networking: Multiple Site-to-Site VPNs and VNET-to-VNET Connectivity

I’m excited to announce the general availability release of two highly requested virtual networking features: multiple site-to-site VPN support and VNET-to-VNET connectivity.

Multiple Site to Site VPNs

Virtual Networks in Azure now supports more than one site-to-site connection, which enables you to securely connect multiple on-premises locations with a Virtual Network (VNET) in Azure. Using more than one site-to-site connection comes at no additional cost. You incur charges only for the VNET gateway uptime.

clip_image032

VNET to VNET Connectivity

With today’s release, we are also enabling VNET-to-VNET connectivity. That means that multiple virtual networks can now be directly and securely connected with one another. Using this feature, you can connect VNETs that are running in the same or different Azure regions and in case of different Azure regions have the traffic securely route via the Microsoft network backbone.

This feature enables scenarios that require presence in multiple regions (e.g. Europe and US, or East US and West US), applications that are highly available, or the integration of VNETs within a single region for a much larger network. This feature also enables you to connect VNETs across multiple different Azure account subscriptions, so you can now connect workloads across different divisions of your organization, or even different companies. The data traffic flowing between VNETs is charged at the same rate as egress traffic.

clip_image034

You can get more information on the Virtual Network website.

Networking: IP Reservation, Instance-level public IPs, Internal Load Balancing Support, Traffic Manager 

With today’s release we are also making available three highly request IP address features:

IP Reservations

With IP reservation, you can now reserve public IP addresses and use them as virtual IP (VIP) addresses for your applications. This enables scenarios where applications need to have static public IP addresses, and you want to be able to have the IP address survive the application being deleted and redeployed.  You can now reserve up to 5 addresses per subscription free of charge and assign them to VM or Cloud Service instances of your choice. If additional VIP reservations are needed, you can also reserve more addresses at additional cost.

This feature is now generally available as of today.  You can enable it via the command-line using new powershell cmdlets that we now support:

#Reserve a IP
New-AzureReservedIP -ReservedIPName EastUSVIP -Label "Reserved VIP in EastUS" -Location "East US"

#Use the Reserved IP during deployment
New-AzureVM -ServiceName "MyApp" -VMs $web1 -Location "East US" -VNetName VNetUSEast -ReservedIPName EastUSVIP

We will enable portal management support in a future management portal update.

Public IP Address per Virtual Machine

With Instance-level Public IPs for VMs, you can now assign public IP addresses to your virtual machines, so they become directly addressable without having to map an endpoint through a VIP. This feature will enable scenarios like easily running FTP servers in Azure and monitoring virtual machines directly using their IPs. 

We are making this new capability available in preview form today.  This feature is available only with new deployments and new virtual networks and can be enabled via PowerShell.

Internal Load Balancing (ILB) Support

Today’s new Internal Load Balancing support enables you to load-balance Azure virtual machines with a private IP address. The internally load balanced IP address will be accessible only within a virtual network (if the VM is within a virtual network) or within a cloud service (if the VM isn’t within a virtual network) – and means that no one outside of your application can access it. Internal Load Balancing is useful when you’re creating applications in which some of the tiers (for example: the database layer) aren’t public facing but require load balancing functionality. Internal Load Balancing is available in the standard tier of VMs at no additional cost.

We are making this new capability available in preview form today. ILB is available only with new deployments and new virtual networks and can be accessed via PowerShell.

Traffic Manager support for external endpoints

Starting today, Traffic Manager now supports routing traffic to both Azure endpoints and external endpoints (previously it only supported Azure endpoints).

Traffic Manager enables you to control the distribution of user traffic to your specified endpoints. With support for endpoints that reside outside of Azure, you can now build highly available applications that span both Azure, on-premises environments, and even other cloud providers. You can apply intelligent traffic management policies across all managed endpoints. This functionality is available now in preview and you can manage it via the command-line using powershell.

Learning More

You can learn more about Reserved IP addresses and the above networking features here.

Storage: General Availability Release of Azure Import/Export Service

Last November, we launched the preview of our Microsoft Azure Import/Export Service. Today, I am excited to announce the general availability release of the service.

The Microsoft Azure Import/Export Service enables you to move large amounts of data into and out of your Microsoft Azure Storage accounts by transferring them on hard disks. You can ship encrypted hard drives directly to our Microsoft Azure data centers, and we will automatically transfer the data to or from your Microsoft Azure Blobs for your storage account.  This enables you to import or export massive amounts of data quickly, cost effectively, and without being constrained by your network bandwidth.

This release of the Import/Export service has several new features as well as improvements to the preview functionality. We have expanded our service to new regions in addition to the US. We are now available in the US, Europe and the Asia Pacific regions. You can also now use either FedEx or DHL to ship the drives.  Simply provide an appropriate Fedex/DHL account number and we will also automatically ship the drives back to you:

clip_image028

More details about the improvements and new features of the Import/Export service can be found on the Microsoft Azure Storage Team Blog. Check out the Getting Started Guide to learn about how to use the Import/Export service. Feel free to send questions and comments to the waimportexport@microsoft.com.

Storage: New SMB File Sharing Service

I’m excited to announce the preview of the new Microsoft Azure File Service. The Azure File Service is a new capability of our existing Azure storage system and supports exposing network file shares using the standard SMB protocol.  Applications running in Azure can now easily share files across Windows and Linux VMs using this new SMB file-sharing service, with all VMs having both read and write access to the files.  The files stored within the service can also be accessed via a REST interface, which opens a variety of additional non-SMB sharing scenarios.

The Azure File Service is built on the same technology as the Blob, Table, and Queue Services, which means Azure Files is able to leverage the existing availability, durability, scalability, and geo redundancy that is built into our Storage platform. It is provided as a high-availability managed service run by us, meaning you don’t have to manage any VMs to coordinate it and we take care of all backups and maintenance for you.

Common Scenarios

  • Lift and Shift applications: Azure Files makes it easier to “lift and shift” existing applications to the cloud that use on-premise file shares to share data between parts of the application.
  • Shared Application Settings: A common pattern for distributed applications is to have configuration files in a centralized location where they can be accessed from many different virtual machines. Such configuration files can now be stored in an Azure File share, and read by all application instances.
  • Diagnostic Share: An Azure File share can also be used to save diagnostic files like logs, metrics, and crash dumps. Having these available through both the SMB and REST interface allows applications to build or leverage a variety of analysis tools for processing and analyzing the diagnostic data.
  • Dev/Test/Debug: When developers or administrators are working on virtual machines in the cloud, they often need a set of tools or utilities. Installing and distributing these utilities on each virtual machine where they are needed can be a time consuming exercise. With Azure Files, a developer or administrator can store their favorite tools on a file share, which can be easily connected to from any virtual machine.

To learn more about how to use the new Azure File Service visit here.

RemoteApp: Preview of new Remote App Service

I’m happy to announce the public preview today of Azure RemoteApp, a new service delivering Windows Client applications from the Azure cloud.

Azure RemoteApp can be used by IT to enable employees to securely access their corporate applications from a variety of devices (including mobile devices like iPads and Phones).  Applications can be scaled up or down quickly without expensive infrastructure costs and management complexity.

With Azure RemoteApp, your client applications run in the Azure cloud. Employees simply install the Microsoft Remote Desktop client on their devices and then can access applications via Microsoft’s Remote Desktop Protocol (RDP).  IT can optionally connect the applications back to on-premises networks (enabling hybrid connectivity) or alternatively run them entirely in the cloud.

clip_image048

With this service, you can bring scale, agility and global access to your business applications.

Azure RemoteApp is free during preview period. Learn more about Azure RemoteApp and try the service free during preview.

Hybrid Connections: Easily integrate Azure Websites and Mobile Services with on-premises resources

I’m excited to announce Hybrid Connections, a new and easy way to build hybrid applications on Azure. Hybrid Connections enable your Azure Website or Mobile Service to connect to on-premises data & services with just a few clicks within the Azure Management portal.  Today, we're also introducing a Free tier of Azure BizTalk Services that enables everyone to use this new hybrid connections feature for free.

With Hybrid Connections, Azure websites and mobile services can easily access on-premises resources as if they were located on the same private network. This makes it much easier to move applications to the cloud, while still connecting securely with existing enterprise assets.

image

Hybrid Connections support all languages and frameworks supported by Azure Websites (.NET, PHP, Java, Python, node.js) and Mobile Services (node.js, .NET).

The Hybrid Connections service does not require you to enable a VPN or open up firewall rules in order to use it. This makes it easy to deploy within enterprise environments.  Built-in monitoring and management support still enables enterprise administrators control and visibility into the resources accessed by their hybrid applications.

You can learn more about Hybrid Connections using the following links:

API Management: Announcing Preview of new Azure API Management Service

With the proliferation of mobile devices, it is important for organizations to be able to expose their existing backend systems via mobile-friendly APIs that enable internal app developers as well as external developer programs. Today, I’m excited announce the public preview of the new Azure API Management service that helps you better achieve this.

The new Azure API management service allows you to create an easy to use API façade over a diverse set of mobile backend services (including Mobile Services, Web Sites, VMs, Cloud Services and on-premises systems), and enables you to deliver a friendly API developer portal to your customers with documentation and samples, enable per-developer metering support that protects your APIs from abuse and overuse, and enable to you monitor and track API usage analytics:

clip_image014

Creating an API Management service

You can easily create a new instance of the Azure API Management service from the Azure Management Portal by clicking New->App Services->API Management->Create. Once the service has been created, you can get started on your API by clicking on the Manage button and transitioning to the Dashboard page on the Publisher portal.

clip_image015

Publishing an API

A typical API publishing workflow involves creating an API: first creating a façade over an existing backend service, and then configuring policies on it and packaging/publishing the API to the Developer portal for developers to be able to consume.

To create an API, select the Add API button within the publisher portal, and in the dialog that appears enter the API name, location of the backend service and suffix of the API root under the service domain name.  Note that you can implement the back-end of the API anywhere (including non-Azure cloud providers or locations).  You can also obviously host the API using Azure – including within a VM, Cloud Service, Web Site or Mobile Service.

Once you’ve defined the settings, click Save to create the API endpoint:

clip_image017

 

Once you’ve defined have created your API endpoint, you can customize it.  You can also set policies such as caching rules, and usage quotas and rate limits that you can apply for developers calling the API. These features end up being extremely useful when publishing an API for external developers (or mobile apps) to consume, and help ensure that your APIs cannot be abused.

Developer Portal

Once your API has been published, click on the Developer Portal link.  This will launch a developer portal page that can be used by developers to learn how to consume and use the API that you have published.  It provides a bunch of built-in support to help you create documentation pages for your APIs, as well as built-in testing tools.  You’ll also get an impressive list of copy-and-paste-ready code samples that help teach developers how to invoke your APIs from the most popular programming languages.  Best of all this is all automatically generated for you:

clip_image023

You can test out any of the APIs you’ve published without writing a line code by using the interactive console.

clip_image025

Analytics and reports

Once your API is published, you’ll want to be able to track how it is being used.  Back in the publisher portal you can click on the Analytics page to find reports on various aspects of the API, such as usage, health, latency, cache efficiency and more. With a single click, you can find out your most active developers and your most popular APIs and products. You can get time series metrics as well maps to show what geographies drive them.

clip_image027

Learn More

We are really excited about the new API Management service, and it is going to make securely publishing and tracking external APIs much simpler.  To learn more about API Management, follow the tutorials below:

Cache: New Azure Redis Cache Service

I’m excited to announce the preview of a new Azure Redis Cache Service.

This new cache service gives customers the ability to use a secure, dedicated Redis cache, managed by Microsoft. With this offer, you get to leverage the rich feature set and ecosystem provided by Redis, and reliable hosting and monitoring from Microsoft.

We are offering the Azure Redis Cache Preview in two tiers:

  • Basic – A single Cache node (ideal for dev/test and non-critical workloads)
  • Standard – A replicated Cache (Two nodes, a Master and a Slave)

During the preview period, the Azure Redis Cache will be available in a 250 MB and 1 GB size. For a limited time, the cache will be offered free, with a limit of two caches per subscription.

Creating a New Cache Instance

Getting started with the new Azure Redis Cache is easy.  To create a new cache, sign in to the Azure Preview Portal, and click New -> Redis Cache (Preview):

image

Once the new cache options are configured, click Create. It can take a few minutes for the cache to be created. After the cache has been created, your new cache has a Running status and is ready for use with default settings:

clip_image042

Connect to the Cache

Application developers can use a variety of languages and corresponding client packages to connect to the Azure Redis Cache. Below we’ll use a .NET Redis client called StackExchange.Redis to connect to the cache endpoint. You can open any Visual Studio project and add the StackExchange.Redis NuGet package to it, via the NuGet package manager.

The cache endpoint and key can be obtained respectively from the Properties blade and the Keys blade for your cache instance within the Azure Preview Portal:

clip_image046

Once you’ve retrieved these you can create a connection instance to the cache with the code below:

var connection = StackExchange.Redis

                                                   .ConnectionMultiplexer.Connect("contoso5.redis.cache.windows.net,ssl=true,password=...");

Once the connection is established, you can retrieve a reference to the Redis cache database, by calling the ConnectionMultiplexer.GetDatabase method.

IDatabase cache = connection.GetDatabase();

Items can be stored in and retrieved from a cache by using the StringSet and StringGet methods.

cache.StringSet("Key1", "HelloWorld");

string value = cache.StringGet("Key1");

You have now stored and retrieved a “Hello World” string from a Redis cache instance running on Azure.

Learn More

For more information, visit the following links:

Store: Support for EA customers and channel partners in the Azure Store

With today’s update we are expanding the Azure Store to customers and channel partners subscribed to Azure via a direct Enterprise Agreement (EA). Azure EA customers in North America and Europe can now purchase a range of application and data services from 3rd party providers through the Store and have these subscriptions automatically billed against their EA.

image

You will be billed against your EA each quarter for all of your Store purchases on a separate, consolidated invoice.  Access to Azure Store can be managed by your EA Azure enrollment administrators, by going to Manage Accounts and Subscriptions under the Accounts section in the Enterprise Portal, where you can disable or re-enable access to 3rd party purchases via Store.  Please visit Azure Store to learn more.

Summary

Today’s Microsoft Azure release enables a ton of great new scenarios, and makes building applications hosted in the cloud even easier.

If you don’t already have a Azure account, you can sign-up for a free trial and start using all of the above features today.  Then visit the Microosft Azure Developer Center to learn more about how to build apps with it.

Hope this helps,

Scott

P.S. In addition to blogging, I am also now using Twitter for quick updates and to share links. Follow me at: twitter.com/scottgu

Azure: 99.95% SQL Database SLA, 500 GB DB Size, Improved Performance Self-Service Restore, and Business Continuity

Earlier this month at the Build conference, we announced a number of great new improvements coming to SQL Databases on Azure including: an improved 99.95% SLA, support for databases up to 500GB in size, self-service restore capability, and new Active Geo Replication support.  This 3 minute video shows a segment of my keynote where I walked through the new capabilities:

image

Last week we made these new capabilities available in preview form, and also introduced new SQL Database service tiers that make it easy to take advantage of them.

New SQL Database Service Tiers

Last week we introduced a new Basic and Standard tier option with SQL Databases – which are additions to the existing Premium tier we previously announced.  Collectively these tiers provide a flexible set of offerings that enable you to cost effectively deploy and host SQL Databases on Azure:

  • Basic Tier: Designed for applications with a light transactional workload. Performance objectives for Basic provide a predictable hourly transaction rate.
  • Standard Tier: Standard is the go-to option for cloud-designed business applications. It offers mid-level performance and business continuity features. Performance objectives for Standard deliver predictable per minute transaction rates.
  • Premium Tier: Premium is designed for mission-critical databases. It offers the highest performance levels and access to advanced business continuity features. Performance objectives for Premium deliver predictable per second transaction rates.

You do not need to buy a SQL Server license in order to use any of these pricing tiers – all of the licensing and runtime costs are built-into the price, and the databases are automatically managed (high availability, auto-patching and backups are all built-in).  We also now provide you the ability to pay for the database at the per-day granularity (meaning if you only run the database for a few days you only pay for the days you had it – not the entire month). 

The price for the new SQL Database Basic tier starts as low as $0.16/day ($4.96 per month) for a 2 GB SQL Database.  During the preview period we are providing an additional 50% discount on top of these prices.  You can learn more about the pricing of the new tiers here.

Improved 99.95% SLA and Larger Database Sizes

We are extending the availability SLA of all of the new SQL Database tiers to be 99.95%.  This SLA applies to the Basic, Standard and Premium tier options – enabling you to deploy and run SQL Databases on Azure with even more confidence.

We are also increasing the maximum sizes of databases that are supported:

  • Basic Tier: Supports databases up to 2 GB in size
  • Standard Tier: Supports databases up to 250 GB in size. 
  • Premium Tier: Supports databases up to 500 GB in size.

Note that the pricing model for our service tiers has also changed so that you no longer need to pay a per-database size fee (previously we charged a per-GB rate) - instead we now charge a flat rate per service tier.

Predictable Performance Levels with Built-in Usage Reports

Within the new service tiers, we are also introducing the concept of performance levels, which are a defined level of database resources that you can depend on when choosing a tier.  This enables us to provide a much more consistent performance experience that you can design your application around.

The resources of each service tier and performance level are expressed in terms of Database Throughput Units (DTUs). A DTU provides a way to describe the relative capacity of a performance level based on a blended measure of CPU, memory, and read and write rates. Doubling the DTU rating of a database equates to doubling the database resources.  You can learn more about the performance levels of each service tier here.

Monitoring your resource usage

You can now monitor the resource usage of your SQL Databases via both an API as well as the Azure Management Portal.  Metrics include: CPU, reads/writes and memory (not available this week but coming soon),  You can also track your performance usage relative (as a percentage) to the available DTU resources within your service tier level:

Performance Metircs

Dynamically Adjusting your Service Tier

One of the benefits of the new SQL Database Service Tiers is that you can dynamically increase or decrease them depending on the needs of your application.  For example, you can start off on a lower service tier/performance level and then gradually increase the service tier levels as your application becomes popular and you need more resources. 

It is quick and easy to change between service tiers or performance levels — it’s a simple online operation.  Because you now pay for SQL Databases by the day (as opposed to the month) this ability to dynamically adjust your service tier up or down also enables you to leverage the elastic nature of the cloud and save money.

Read this article to learn more about how performance works in the new system and the benchmarks for each service tier.

New Service-Service Restore Support

Have you ever had that sickening feeling when you’ve realized that you inadvertently deleted data within a database and might not have a backup?  We now have built-in Service Service Restore support with SQL Databases that helps you protect against this.  This support is available in all service tiers (even the Basic Tier).

SQL Databases now automatically takes database backups daily and log backups every 5 minutes. The daily backups are also stored in geo-replicated Azure Storage (which will store a copy of them at least 500 miles away from your primary region).

Using the new self-service restore functionality, you can now restore your database to a point in time in the past as defined by the specified backup retention policies of your service tier:

  • Basic Tier: Restore from most recent daily backup
  • Standard Tier: Restore to any point in last 7 days
  • Premium Tier: Restore to any point in last 35 days

Restores can be accomplishing using either an API we provide or via the Azure Management Portal:

clip_image004

New Active Geo-replication Support

For Premium Tier databases, we are also adding support that enables you to create up to 4 readable, secondary, databases in any Azure region.  When active geo-replication is enabled, we will ensure that all transactions committed to the database in your primary region are continuously replicated to the databases in the other regions as well:

image

One of the primary benefits of active geo-replication is that it provides application control over disaster recovery at a database level.  Having cross-region redundancy enables your applications to recover in the event of a disaster (e.g. a natural disaster, etc). 

The new active geo-replication support enables you to initiate/control any failovers – allowing you to shift the primary database to any of your secondary regions:

image

This provides a robust business continuity offering, and enables you to run mission critical solutions in the cloud with confidence.  You can learn more about this support here.

Starting using the Preview of all of the Above Features Today!

All of the above features are now available to starting using in preview form. 

You can sign-up for the preview by visiting our Preview center and clicking the “Try Now” button on the “New Service Tiers for SQL Databases” option.  You can then choose which Azure subscription you wish to enable them for.  Once enabled, you can immediately start creating new Basic, Standard or Premium SQL Databases.

Summary

This update of SQL Database support on Azure provides some great new features that enable you to build even better cloud solutions.  If you don’t already have a Azure account, you can sign-up for a free trial and start using all of the above features today.  Then visit the Azure Developer Center to learn more about how to build apps with it.

Hope this helps,

Scott

P.S. In addition to blogging, I am also now using Twitter for quick updates and to share links. Follow me at: twitter.com/scottgu

Azure Updates: Web Sites, VMs, Mobile Services, Notification Hubs, Storage, VNets, Scheduler, AutoScale and More

It has been a really busy last 10 days for the Azure team. This blog post quickly recaps a few of the significant enhancements we’ve made.  These include:

  • Web Sites: SSL included, Traffic Manager, Java Support, Basic Tier
  • Virtual Machines: Support for Chef and Puppet extensions, Basic Pricing tier for Compute Instances
  • Virtual Network: General Availability of DynamicRouting VPN Gateways and Point-to-Site VPN
  • Mobile Services: Preview of Visual Studio support for .NET, Azure Active Directory integration and Offline support;
  • Notification Hubs: Support for Kindle Fire devices and Visual Studio Server Explorer integration
  • Autoscale: General Availability release
  • Storage: General Availability release of Read Access Geo Redundant Storage
  • Active Directory Premium: General Availability release
  • Scheduler service: General Availability release
  • Automation: Preview release of new Azure Automation service

All of these improvements are now available to use immediately (note that some features are still in preview).  Below are more details about them:

Web Sites: SSL now included at no additional charge in Standard Tiers

With Azure Web Sites you can host up to 500 web-sites in a single standard tier hosting plan.  Azure web-sites run in VMs isolated to host only your web applications (giving you predictable performance and security isolation), and you can scale-up/down the number of VMs either manually or using our built-in AutoScale functionality.  The pricing for standard tier web-sites is based on the number of VMs you run – if you host all 500 web-sites in a single VM then all you pay for is for that single VM, if you scale up your web site plan to run across two VMs then you’d pay for two VMs, etc.

Prior to this month we charged an additional fee if you wanted to enable SSL for the sites.  Starting this month, we now include the ability to use 5 SNI based SSL certificates and 1 IP based SSL certificate with each standard tier web site hosting plan at no additional charge.  This helps make it even easier (and cheaper) to SSL enable your web-sites.

Web Sites: Traffic Manager Support

I’ve blogged in the past about the Traffic Manager service we have built-into Azure. 

The Azure Traffic Manager service allows you to control the distribution of user traffic to applications that you host within Azure. This enables you to run instances of your applications across different azure regions all over the world.  Traffic Manager works by applying an intelligent routing policy engine to the Domain Name Service (DNS) queries on your domain names, and maps the DNS routes to the appropriate instances of your applications (e.g. you can setup Traffic Manager to route customers in Europe to a European instance of your app, and customers in North America to a US instance of your app).

You can use Traffic Manager to improve application availability - by enabling automatic customer traffic fail-over scenarios in the event of issues with one of your application instances.  You can also use Traffic Manager to improve application performance - by automatically routing your customers to the closet application instance nearest them.

We are excited to now provide general availability support of Traffic Manager with Azure Web Sites.  This enables you to both improve the performance and availability of your web-sites.  You can learn more about how to take advantage of this new support here.

Web Sites: Java Support

This past week we added support for an additional server language with Azure Web Sites – Java.  It is now easy to deploy and run Java web applications written using a variety of frameworks and containers including:

  • Java 1.7.0_51 – this is the default supported Java runtime
  • Tomcat 7.0.50 – the default Java container
  • Jetty 9.1.0

You can manage which Java runtime you use, as well as which container hosts your applications using the Azure management portal or our management APIs.  This blog post provides more detail on the new support and options.

With this announcement, Azure Web Sites now provides first class support for building web applications and sites using .NET, PHP, Node.js, Python and Java.  This enables you to use a wide variety of language + frameworks to build your applications, and take advantage of all the great capabilities that Web Sites provide (Easy Deployment, Continuous Deployment, AutoScale, Staging Support, Traffic Manager, outside-in monitoring, Backup, etc).

Web Sites: Support for Wildcard DNS and SSL Certificates

Azure Web Sites now supports the ability to map wildcard DNS and SSL Certficates to web-sites.  This enables a variety of scenarios – including the ability to map wildcard vanity domains (e.g. *.myapp.com – for example: scottgu.myapp.com) to a single backend web site.  This can be particularly useful for SaaS based scenarios.

Scott Cate has an excellent video that walks through how to easily set this support up.

Web Sites: New Basic Tier Pricing Option

Earlier in this post I talked about how we are now including the ability to use 5 SNI and 1 IP based SSL certificate at no additional cost with each standard tier azure web site hosting plan.  We have also recently announced that we are also including the auto-scale, traffic management, backup, staging and web jobs features at no additional cost as part of each standard tier azure web site hosting plan as well.  We think the combination of these features provides an incredibly compelling way to securely host and run any web application.

New Basic Tier Pricing Option

Starting this month we are also introducing a new “basic tier” option for Azure web sites which enables you to run web applications without some of these additional features – and at 25% less cost.  We think the basic tier is great for smaller/less-sophisticated web applications, and enables you to be successful while paying even less. 

For additional details about the Basic tier pricing, visit the Azure Web sites pricing page.  You can select which tier your web-site hosting plan uses by clicking the Scale tab within the Web Site extension of the Azure management portal.

Virtual Machines: Create from Visual Studio

With the most recent Azure SDK 2.3 release, it is now possible to create Virtual Machines from directly inside Visual Studio’s Server Explorer.  Simply right-click on the Azure node within it, and choose the “Create Virtual Machine” menu option:

image

This will bring up a “Create New Virtual Machine” wizard that enables you to walkthrough creating a Virtual Machine, picking an image to run in it, attaching it to a virtual network, and open up firewall ports all from within Visual Studio:

image

Once created you can then manage the VM (shutdown, restart, start, remote desktop, enable debugging, attach debugger) all from within Visual Studio:

image

This makes it incredibly easy to start taking advantage of Azure without having to leave the Visual Studio IDE.

Virtual Machines: Integrated Puppet and Chef support

In a previous blog post I talked about the new VM Agent we introduced as an optional extension to Virtual Machines hosted on Azure.  The VM Agent is a lightweight and unobtrusive process that you can optionally enable to run inside your Windows and Linux VMs. The VM Agent can then be used to install and manage extensions, which are software modules that extend the functionality of a VM and help make common management scenarios easier. 

At last week’s Build conference we announced built-in support for several new extensions – including extensions that enable easy support for Puppet and Chef.  Puppet and Chef allow developers and IT administrators to define and automate the desired state of infrastructure configuration, making it effortless to manage 1000s of VMs in Azure.

Enabling Puppet Support

We now have a built-in VM image within the Azure VM gallery that enables you to easily stand up a puppet-master server that you can use to store and manage your infrastructure using Puppet.  Creating a Puppet Master in Azure is now easy – simply select the “Puppet Enterprise” template within the VM gallery:

image

You can then create new Azure virtual machines that connect to this Puppet Master.  Enabling this with VMs created using the Azure management portal is easy (we also make it easy to do with VMs created with the command-line).  To enable the Puppet extension within a VM you create using the Azure portal simply navigate to the last page of the Create VM from gallery experience and check the “Puppet Enterprise Agent” extension within it:

image

Specify the URL of the Puppet master server to get started. Once you deploy the VM, the extension will configure the puppet agent to connect to this Puppet master server and pull down the initial configuration that should be used to configure the machine.

This new support makes it incredibly easy to get started with both Puppet and Chef and enable even richer configuration management of your IaaS infrastructure within Azure.

Virtual Machines: Basic Tier

Earlier in this blog post I discussed how we are introducing a new “Basic Tier” option for Azure Web Sites.  Starting this month we are also introducing a “Basic Tier” for Virtual Machines as well.

The Basic Tier option provides VM options with similar CPU + memory configuration options as our existing VMs (which are now called “Standard Tier” VMs) but do not include the built-in load balancing and AutoScale capabilities.  They also cost up to 27% less.  These instances are well-suited for production applications that do not require a built-in load balancer (you can optionally bring your own load balancer), batch processing scenarios, as well as for dev/test workloads.  Our new Basic tier VMs also have similar performance characteristics to AWS’s equivalent VM instances (which are less powerful than the Standard tier VMs we have today).

Comprehensive pricing information is now available on the Virtual Machines Pricing Details page.

Networking: General Availability of Azure Virtual Network Dynamic Routing VPN Gateways and Point-to-Site VPN

Last year, we previewed a feature called DynamicRouting Gateway and Point-to-Site VPN that supports Route-based VPNs and allows you to connect individual computers to a Virtual Network in Azure. Earlier this month we announced that the feature is now generally available. The DynamicRouting VPN Gateway in a Virtual Network will now carry the same 99.9% SLA as the StaticRouting VPN Gateway.

clip_image037

Now that we’re in General Availability mode, DynamicRouting Gateway will automatically incur standard Gateway charges which will take effect starting May 1, 2014. 

For further details on the service, please visit the Virtual Network website.

Mobile Services: Visual Studio Support for Mobile Services .NET Backend

With Visual Studio 2013 Update 2, you can now create your backend Mobile Service logic using .NET and the ASP.NET Web API framework in Visual Studio, using Mobile Services templates and scaffolds. Mobile Services support for .NET on the backend offers the following benefits:

  1. You can use ASP.NET Web API and Visual Studio together with Mobile Services to add a backend to your mobile app in minutes
  2. You can publish any existing Web API to Mobile Services and benefit from authentication, push notifications and other capabilities that Mobile Services provides. You can also take advantage of any Web API features like OData controllers, or 3rd party Web API-based frameworks like Breeze.
  3. You can debug your Mobile Services .NET backend using Visual Studio running locally on your machine or remotely in Azure.
  4. With Mobile Services we run, manage and monitor your Web API for you. Azure will automatically notify you if we discover you have a problem with your app.
  5. With Mobile Services .NET support you can store your data securely using any data backend of your choice: SQL Azure, SQL on Virtual Machine, Azure Table storage, Mongo, et al.

It’s easy to get started with Mobile Services .NET support in Visual Studio. Simply use the File-New Project dialog and select the Windows Azure Mobile Service project template under the Cloud node.

clip_image012

Choose Windows Azure Mobile Service in the New ASP .NET Project dialog.

clip_image014

You will see a Mobile Services .NET project, notice this is a customized ASP .NET Web API project with additional Mobile Service NuGet packages and sample controllers automatically included:

clip_image016

Running the Mobile Service Locally

You can now test your .Net Mobile Service project locally. Open the sample TodoItemController.cs in the project. The controller shows you how you can use the built-in TableController<T> .NET class we provide with Mobile Services. Set a breakpoint inside the GetAllTodoItems() method and hit F5 within Visual Studio to run the Mobile Service locally.

clip_image018

Mobile Services includes a help page to view and test your APIs. On the help page, click on the try it out link and then click the GET tables/TodoItem link. Then click try this out and send on the GET tables/TodoItem page. As you might expect, you will hit the breakpoint you set earlier.

clip_image020

Add APIs to your Mobile Service using Scaffolds

You can add additional functionality to your Mobile Service using Mobile Service or generic Web API controller scaffolds through the Add Scaffold dialog (right click on your project and choose Add -> New Scaffolded Item… command)

clip_image022

Publish your Mobile Services project to Azure

Once you are done developing your Mobile Service locally, you can publish it to Azure. Simply right click on your project and choose the Publish command. Using the publish wizard, you can publish to a new or existing Azure Mobile Service:

clip_image024

Remote debugging

Just like Cloud Services and Websites, you can now remote debug your Mobile Service to get more visibility into how your code is operating live in Azure. To enable remote debugging for a Mobile Service, publish your Mobile Service again and set the Configuration to Debug in the Publish wizard.

clip_image027

Once your Mobile Service is published and running live in the cloud, simply set a breakpoint in local source code. Then use Visual Studio’s Server Explorer to select the Mobile Service instance deployed in the cloud, right click and choose the Attach Debugger command.

clip_image028

Once the debugger attaches to the mobile service, you can use the debugging capabilities of Visual Studio to instantly and in-real time debug your app running in the cloud.

To learn more about Visual Studio Support for Mobile Services .NET backend follow tutorials at:

This new .NET backend supports makes it easy to create even better mobile applications than ever before.

Mobile Services: Offline Support

In addition to the above support, we are also introducing a preview of a new Mobile Services Offline capability with client SDK support for Windows Phone and Windows Store apps.

With this functionality, mobile applications can create and modify data even when they are offline/disconnected from a network. When the app is back online, it can synchronize local changes with the Mobile Services Table APIs. The feature also includes support for detecting conflicts when the same record is changed on both the client and the backend.

To use the new Mobile Services offline functionality, set up a local sync store. You can define your own sync store or use the provided SQLite-based implementation.  The Mobile Services SDK provides a new local table API for the sync store, with a symmetrical programming model to the existing Mobile Services Table API. You can use Optimistic Concurrency along with the offline feature to detect conflicting changes between the client and backend.

The preview of the Mobile Services Offline feature is available now as part of the Mobile Services SDK for Windows Store and Windows Phone apps. In the future, we will support all client platforms supported by Mobile Services, including iOS, Android, Xamarin, etc.

Mobile Services: Support for Azure Active Directory Sign On

We now support Azure Active Directory Single Sign On for Mobile Services.  Azure Active Directory authentication is available for both the .NET and Node.js backend options of Mobile Services.

To take advantage of the feature, first register your client app and your Mobile Service with your Azure Active Directory tenant using the Applications tab in the Azure Active Directory management portal.

clip_image030

In your client project, you will need to add the Active Directory Authentication Library (ADAL), currently available for Windows Store, iOS, and Android clients.

From there on, the token retrieved from ADAL library can be used to authenticate and access Mobile Services.  The single sign-on features of ADAL also enables your mobile service to make calls to other resources (such as SharePoint and Office 365) on behalf of the user.  You can read more about the new ADAL functionality here.

These new updates make Mobile Services an even more attractive platform for building powerful employee facing apps.

Notification Hub: Kindle Support and Visual Studio Integration

I’ve previously blogged about Azure Notification Hubs, a high scale cross platform push notification service that allows you to instantly send personalized push notifications to segments of your audience or individuals containing millions of iOS, Android, Windows, Widows Phone devices with a single API call.

Today we’ve made two important updates to Azure Notification Hubs: adding support for Amazon Kindle Fire devices, and Visual Studio support for Notification Hubs.

Support for Amazon’s Kindle

With today’s addition you can now configure your Notification Hubs with Amazon Device Messaging (ADM) service credentials on the configuration page for your Notification Hub in the Azure Management portal, and start sending push notifications to your app on Amazon’s Kindle device, in addition to iOS, Android, or Windows.

clip_image032

Testing Push Notifications with Visual Studio

Earlier I blogged about how we enabled debugging push notifications using the Azure Management Portal. With today’s Visual Studio update, you can now browse your notification hubs and send test push notifications directly from Visual Studio Server Explorer as well.

Simply select your notification hub in the Server Explorer of Visual Studio under the Notifications Hubs node.  Then right click, and choose the Send Test Notifications command:

clip_image033

In the notification hub window, you can then send a message either to a particular tag or all registered devices (broadcast). You can select from a variety of templates - Windows Store, Windows Phone, Android, iOS, or even a cross platform message using the Custom Template. After you hit Send, you’ll receive the message result instantly to help you diagnose if your message was successfully sent or not.

clip_image035

To learn more about Azure Notification Hubs, read tutorials here.

AutoScale: Announcing General Availability of Autoscale Service

Last summer we announced the preview release of our Autoscale service. I’m happy to announce that Autoscale is now generally available!  Better yet, there's no additional charge for using Autoscale.

We've added new features since we first released it as a preview version: support for both performance-and schedule-based autoscaling, along with an API and .NET SDK so you can programmatically scale using any performance counters that you define.

Autoscale supports all four Azure compute services: Cloud Services, Virtual Machines, Mobile Services and Web Sites. For Virtual Machines and Web Sites, Autoscale is included as a feature in the Standard pricing tiers, and for Mobile Services, it's included as a part of both Basic and Standard pricing tiers.

Storage: Announcing General Availability of Read Access Geo Redundant Storage (RA-GRS)

In December, we added the ability to allow customers to achieve higher read availability for their data. This feature called Read Access - Geo Redundant Storage (RA-GRS) allows you to read an eventually consistent copy of your geo-replicated data from the storage account’s secondary region in case of any unavailability to the storage account’s primary region.

Last week we announced that RA-GRS feature is now out of preview mode, and generally available. It is available to all Azure customers across all regions including the users in China.

RA-GRS SLA and Pricing

The benefit of using RA-GRS is that it provides a higher read availability (99.99+%) for a storage account over GRS (99.9+%). When using RA-GRS, the write availability continues to be 99.9+% (same as GRS today) and read availability for RA-GRS is 99.99+%, where the data is expected to be read from secondary if primary is unavailable. In terms of pricing, the capacity (GB) charge is slightly higher for RA-GRS than GRS, whereas the transaction and bandwidth charges are the same for GRS and RA-GRS. See the Windows Azure Storage pricing page here for more details about the SLA and pricing.

You can find more information on the storage blog here.

Active Directory: General Availability of Azure AD Premium

Earlier this month we announced the general availability of Azure Active Directory Premium, which provides additional identity and access management capabilities for enterprises. Building upon the capabilities of Azure AD, Azure AD Premium provides these capabilities with a guaranteed SLA and no limit on directory size. Additional capabilities include:

  • Group-based access assignment enables administrators to use groups in AD to assign access for end users to over 1200 cloud applications in the AD Application Gallery. End users can get single-sign on access to their applications from their Access Panel at https://myapps.microsoft.com or from our iOS application.
  • Self-service password reset that enables end users to reset forgotten passwords without calling your help desk.
  • Delegated group management that enables end users to create security groups and manage membership in security groups they own.
  • Multi-Factor Authentication that lets you easily deploy a Multi-Factor Authentication solution for your business without deploying new software or hardware.
  • Customized branding that lets you include your organization’s branding elements in the experiences that users see when signing in to AD or accessing their Access Panel.
  • Reporting, alerting, and analytics that increase your visibility into application usage in your organization, and potential security concerns with user accounts.

Azure AD Premium also includes usage rights for Forefront Identity Manager Server and Client Access Licenses.

To read more about AD Premium, including how to acquire it, read the Active Directory Team blog.

Active Directory: Public Preview of Azure Rights Management Service

Earlier this month we announced the public preview of the ability to manage your Azure Rights Management service within the Azure Management Portal. If your organization has Azure Rights Management either as a stand-alone service or as part of your Office 365 or EMS subscriptions you can now manage it by signing into the Azure Management Portal. Once in the Portal, select ACTIVE DIRECTORY in the left navigation bar, navigate to the RIGHTS MANAGEMENT tab, then click on the name of your directory.

clip_image039

With this preview you can now create custom rights policy templates that let you define who can access sensitive documents, and what permissions (view, edit, save, print, and more) users can have on those documents.  To begin creating a rights policy template, in the Quick Start page, click on Create an additional rights policy template option and follow the instructions on the page to define a name and description for the template, add users and rights and define other restrictions.

clip_image041

Once your template has been created and published, it will become available to users in your organization in their favorite applications.

clip_image043

To learn more managing Azure Rights Management and the benefits it offers to organizations, see the Information Protection group’s blog

Scheduler: General Availability Release Scheduler Service

This month we’ve also delivered the General Availability release of the Azure Scheduler service.  Scheduler allows you to run jobs on simple or complex recurring schedules that can invoke HTTP/S endpoints or post messages to storage queues. Scheduler has built-in high availability and can reliably call services inside or outside of Azure.

During preview customers have used it for a wide set of scenarios including for invoking services in their backend for Hadoop workloads, triggering diagnostics cleanup, and periodically checking that partners have submitted content on time. ISVs have used it to empower their applications to add scheduling capabilities such as report generation and sending reminders.

In the Scheduler portal extension you can easily create and manage your scheduler jobs. Since the initial release, Scheduler has also added the ability to update HTTP jobs with custom headers and basic authentication. It has also exposed the ability to change the recurrence schedule which will allow you to also choose to limit the execution of a job or allow the job to run infinitely.

With the general availability, new Azure Scheduler cmdlets have been released with Azure PowerShell and the Scheduler .NET API has been included in WAML 1.0.

I highly encourage you to try out the Scheduler today. You might find the following links helpful:

It makes scheduling recurring tasks really easy.

Automation: Announcing Microsoft Azure Automation Preview

Last week we announced the preview of a new Microsoft Azure service: Automation.

Automation allows you to automate the creation, deployment, monitoring, and maintenance of resources in your Azure environment using a highly scalable and reliable workflow execution engine. The service can be used to orchestrate the time-consuming, error-prone, and frequently repeated tasks you’d otherwise accomplish manually across Microsoft Azure and third-party systems to decrease operational expense for your cloud operations.

To get started with Automation, you first need to sign-up for the preview on the Azure Preview page. Once you have been approved for the preview, you can sign in to the Management Portal and start using it. Automation is currently only available in the East-US data center, but we will add the ability to deploy to additional data centers in the future.

Authoring a Runbook

Once you have the Automation preview enabled on your subscription, you can easily get started automating by following a few simple steps:

Step 1: In the Microsoft Azure management portal, click New->App Services->Automation->Runbook->Quick Create to create a new runbook. Runbooks are collections of activities that provide an environment for automating everything from diagnostic logging to applying updates to all instances of a virtual machine or web role to renewing certificates to cleaning storage accounts. Enter a name and description for the runbook, and create a new Automation account which will store your Runbooks, Assets, and Jobs.

Next time you create a runbook you can either use the same Automation account as you just created or create a separate one to if you’d like to maintain separation between a few different collections of runbooks / assets.

clip_image045

clip_image047

Step 2: Click on your runbook, then click Author->Draft. Type some PowerShell commands in the editor, then hit ‘Publish’ to make this runbook draft available for production execution.

clip_image049

Starting a Runbook and Viewing the Job

1. To start the runbook you just published, go back to the ‘Runbooks’ tab, click on your newly-published runbook, and hit ‘Start.’ Enter any required parameters for the runbook, then click the checkmark button.

clip_image051

2. Click on your runbook, then click on the ‘Jobs’ tab for this runbook. Here you can view all the instances of a runbook that have run, called jobs. You should see the job you just started.

clip_image053

3. Click on the job you just started to view more details about its execution. Here you can see the job output, as well as any exceptions that may have occurred while the job was executing.

clip_image055

Once you get familiar with the service, you’ll be able to create more sophisticated runbooks to automate your scenarios. I encourage you to try out Microsoft Azure Automation today.

For more information, click through the following links:

Summary

This most recent release of Azure includes a bunch of great features that enable you to build even better cloud solutions.  If you don’t already have a Azure account, you can sign-up for a free trial and start using all of the above features today.  Then visit the Azure Developer Center to learn more about how to build apps with it.

Hope this helps,

Scott

P.S. In addition to blogging, I am also now using Twitter for quick updates and to share links. Follow me at: twitter.com/scottgu

Azure: ExpressRoute Dedicated Networking, Web Site Backup Restore, Mobile Services .NET support, Hadoop 2.2, and more

This morning we released a massive amount of enhancements to Windows Azure.  Today’s new capabilities and announcements include:

  • ExpressRoute: Dedicated, private, high-throughput network connectivity with on-premises
  • Web Sites: Backup and Restore Support
  • Mobile Services: .NET support, Notification Hub Integration, PhoneGap support
  • HDInsight: Hadoop 2.2 support
  • Management: Co-admin limit increased from 10->200 users
  • Monitoring: Service Outage Notifications Integrated within Management Portal
  • Virtual Machines: VM Agent and Background Information Support
  • Active Directory: More SaaS apps, more reports, self-service group management
  • BizTalk Services: EDIFACT protocol support, Service Bus Integration, Backup and Restore

All of these improvements are now available to use immediately (note that some features are still in preview).  Below are more details about them:

ExpressRoute: Dedicated, private, high-throughput network connectivity with on-premises

Today we delivered the public preview of our new ExpressRoute service.  ExpressRoute enables dedicated, private, high-throughput network connectivity between Azure datacenters and your on-premises IT environments. Using ExpressRoute, you can connect your existing datacenters to Azure without having to flow any traffic over the public Internet, and enable–guaranteed network quality-of-service and the ability to use Azure as a natural extension of an existing private network or datacenter.

Starting today you can establish dedicated connections though Equinix datacenters, or add Azure services to your MPLS VPN provided by AT&T.  We are also today announcing a new strategic partnership with Level3 to enable private connection connectivity through Level3 Cloud Connect Solutions. 

Configuring ExpressRoute

With today’s release we’ve made some updates to our Virtual Network service to enable you to configure connections to your local networks through ExpressRoute circuits.

When creating a new Virtual Network, you now have the option to configure ExpressRoute when selecting the Site-To-Site VPN option:

image

For an already created Virtual Network, you can also configure your site-to-site connection to use ExpressRoute in the Configure tab.

Once you’ve enhanced a site-to-site connection with ExpressRoute, all VMs or Cloud Services deployed in that Virtual Network will be able to connect to the remote network over the dedicated connection – enabling faster speeds, lower network latency and complete network isolation. If your subscription doesn’t have access to ExpressRoute yet, you can sign up to use it here.

Web Sites: Backup and Restore Support

Last month we added two great new capabilities to Windows Azure Web Sites – support for Staged Publishing (which enables atomic deployments), and Web Jobs (which enable background tasks).

With today’s release we are adding another great new capability to Web Sites - backup and restore support. The new web site backup support enables you to save a snapshot version of your web app – along with any SQL or MySQL databases it uses.  You can manually perform backups, or setup an automated rule to have them backed up automatically (e.g. once a day at midnight).  You can then choose to later restore a web site to a previous state, or alternatively create a new web site based on one of your original site's backups. 

This new Backup and Restore capability is available at no additional cost to all Web Site customers running using our Standard Tier.  It provides a great way to run your web apps with even more confidence.

Enabling Backup Support

Enabling backup support with a web-site is easy.  Simply navigate to the new “Backups” tab within a web-site:

image

Click the “Backup Now” option in the command-tray to manually perform a backup.  Or set the automated backup option to true, configure the time of day you wish to perform the backup, and then click the save button in order to setup an automated backup rule.

Mobile Services: .NET Support, Notification Hub Integration, PhoneGap Support

Today we are releasing another round of great updates to Windows Azure Mobile Services.  These updates include:

  • .NET support: You can now write your backend logic using ASP.NET Web API and run it using Mobile Services
  • Notification Hubs integration: Mobile Services now use Notification Hubs for push notifications, which enables an even richer set of push notification scenarios
  • Integrated PhoneGap support: You can now easily integrate PhoneGap apps with Mobile Services

More details on each of these below:

.NET Support

Starting today we now provide full support for writing your backend Mobile Service logic using .NET and the ASP.NET Web API framework.  This provides the following benefits:

  1. You can use ASP.NET Web API and Visual Studio together with Mobile Services to build great mobile apps
  2. You can publish any existing Web API to Mobile Services and integrate additional Mobile Services features like mobile authentication and push notifications
  3. You can take full advantage of Web API features like OData controllers, and 3rd party Web API-based frameworks like Breeze
  4. You can debug your Mobile Services .NET backend using Visual Studio running locally on your machine or remotely in Azure
  5. With Mobile Services we run, manage, monitor and scale your Web API for you.

The combination of ASP.NET Web API and Mobile Services delivers a mobile backend story that is both super powerful and really easy to use.

Getting Started with Mobile Services using .NET

It’s easy to get started with Mobile Services using today’s new .NET support. Simply go to the Windows Azure Management Portal and create a new Mobile Service (New->Compute->Mobile Service). On the first screen of the create wizard choose the new .NET option as your backend language:

image

When your new Mobile Service is created, you’ll be presented with a helpful quick start page:

image

To easily get started using .NET as your backend language, click to download the sample project listed in the quick-start page above.

Unzip the downloaded package and open the solution file. You will see a Mobile Services .NET template project. Notice this is simply an ASP.NET Web API project with additional Mobile Service NuGet packages included:

image

Note: in a future update we will provide even richer Mobile Service tooling support within Visual Studio.  This will provide additional Mobile Service tooling features on top of the standard Web API project support.  With today’s preview though you’ll just use the standard Web API project template within Visual Studio already.

Running the Mobile Service Locally

Open the TodoItemController.cs controller file in the project you downloaded and examine its content. This controller shows you how can use the built-in TableController<T> .NET class we now provide with Mobile Services that enables easy remote data scenarios (note: you can also skip using this and just derive your controllers from the standard Controller base class and use an existing data API like EF, NHibernate or others). 

The default TodoItemController.cs in the project already has scaffold support for all of the key CRUD methods for a TodoItems resource.

image

Set a breakpoint inside the GetAllTodoitems() method. Then hit F5 within Visual Studio to run the Mobile Service locally. Mobile Services supports a local help page for the Web API Controllers you include in your project. This makes it really easy to test things out locally.

Click on the GetAllTodoItems link within the help page to bring up method documentation for the above Web API Controller. Click on the Test API link within the help page to invoke the GetAllTodoItems API and test it out. As you might expect, you will hit the breakpoint you’ve set up earlier.  The ability to develop and test locally, and debug all operations, makes it really easy to develop solutions.

Publishing your Mobile Service to Azure

Once you are done developing your Mobile Service locally, you can publish it to Azure. 

In a future update we will provide integrated Mobile Services publishing support directly within Visual Studio.  With today’s release the easiest way to publish it to go to Mobile Services dashboard in the Windows Azure Management Portal and download the Web Deploy publish settings file:

image

Once you download the publish settings file, simply right-click on your Web API project within the VS Solution Explorer, and then click the Publish context menu command.  Within the publish wizard you can select the publish file you downloaded, which will enable you to easily deploy the Mobile Service to Azure.

To learn more about Mobile Services .NET support check out these tutorials:

Notification Hub Integration

With today’s release we are making it really easy to use Notification Hubs with Mobile Services.  This integration simplifies many common scenarios and removes the need to explicitly manage push channels.  It also provides Mobile Service customers with more powerful features including:

  • Advanced targeting using tags and tag expressions
  • Broadcast push support at high scale
  • Personalization and localization using templates

Today’s Notification Hub integration is still a preview.  You can enable it using the push tab of your Mobile Service:

image

Once enabled you can easily send push notifications to any or all users you wish with a single API call in the backend (using either the .NET or Node.js based API).

Integrated PhoneGap Support

Mobile Services already provides support for a number of cross-platform mobile client frameworks, including Xamarin, PhoneGap, Sencha. Today we added an integrated PhoneGap quick start in the Azure management portal, which will significantly simplify developing cross-platform mobile apps with PhoneGap and Mobile Services:

image 

HDInsight: Hadoop 2.2 Support

HDInsight is our 100% compatible Apache Hadoop-based distribution for Windows Azure.  With HDInsight you can leverage data stored in Windows Azure Blob Storage or the native HDFS file system local to the compute nodes and crunch massive amounts of data.

We now support Hadoop 2.2 clusters (in preview mode) with our HDInsight service.  This new update provides an order of magnitude (up to 40x) faster query response times, much better data compression (up to 80%), and enables you to leverage the benefits of YARN.

You can learn more about the Hadoop 2.2 improvements from our data team’s announcement blog post as well as by following this tutorial.

Management: Co-admin support increased from 10 to 200 administrators per subscription

Last fall I blogged about a number of Azure enhancements we had rolled out to enable a better enterprise authentication experience. These improvements included the ability to associate Azure subscriptions with Active Directory tenants, and to enable Active Directory SSO into Azure along with multi-factor authentication support.

Today we are making another nice management improvement – which is to increase the number of co-administrators that can be enabled on each Azure subscription to 200 (previously we only supported 10 co-admins per subscription).  The increased co-admin limit will make it easier for large teams to share a single Azure subscription, and simplify a number of subscription management scenarios.

Monitoring: Service Outage Notifications integrated within Management Portal

Service outages unfortunately sometimes happen with the cloud.  One of the asks we’ve heard from customers has been to improve the notification process when a service has an issue and to provide better real-time, per-user customized, information on status.  Rather than just learning that an abstract service is having an issue, you want to know if it is the particular service instance your app is using – and if so what the latest health status is with it.

With today’s release, we are introducing Azure incident notification support directly in the Azure Management Portal – and customizing it based on the particular service instances you are using. When a service outage incident occurs that affects your apps, you will now see a notification in the Portal:

image

We will surface this alert for the following types of incidents:

  • Partial Performance Degradation
  • Partial Service Interruption
  • Full Performance Degradation
  • Full Service Interruption
  • Advisory

If you click OK within the notification window, you will see a dialog that provides more details about the incident(s):

image

This dialog will include key information such as the timestamp of the incident, name of the service and the incident type, description of the latest update related to the incident, and the SubscriptionID (where available) of the subscriptions you have that use the service in question. With this release, the SubscriptionID will be provided for incidents involving Virtual Machines, Cloud Services, Storage, SQL Databases, Service Bus and Web Sites. You may see “Not Available” for other services, but we are working to add these in the future releases.

From this incident details dialog, you can navigate to the Operation Logs page by clicking on the link at the bottom of the dialog. This page will give you the filtered view of history for incidents that carry the same SubscriptionID information.  This will allow you to see full details for every past incident involving this service (along with start and end times of the incidents).

We will continue to enhance this feature set over the next few releases to fold in all Azure Services to make it easy for you to detect outages and updates that pertain to your specific service(s) on Azure.

Virtual Machines: VM Agent and Background Info Extension

With today’s release we are adding a new feature that helps make managing Virtual Machines even more powerful: VM Agent support.

For those of you who use Cloud Services with web and worker roles, you may know that we already use an agent inside these workloads to facilitate certain management features.  With today’s release we are introducing a new VM Agent for IaaS VMs that over time will bring this same kind of managed functionality to Virtual Machines as well.

The VM Agent is a lightweight and unobtrusive process that you can optionally enable to run inside your Windows and Linux VMs. The VM Agent can then be used to install and manage extensions, which are software modules that extend the functionality of a VM and help make common management scenarios easier.  Over the next several months you’ll see us deliver many new extensions that you can optionally enable within your virtual machines.

The VM Agent is automatically installed when creating a VM from Quick Create. You can opt-out of installing the VM Agent by creating a VM using the From Gallery option and unselecting the “Install the VM Agent” checkbox:

image

Background Info Extension

One small but useful extension that we have enabled with today’s VM Agent release is one we call “BGInfo”.  This extension helpfully displays information about a Windows VM on the desktop of the VM instance when you RDP into it – providing an easy way to quickly figure out the VM’s configuration settings (internal and public IP, disk space, memory, deployment ID, etc):

clip_image001

Over the next several months you’ll see us continue to ship additional extensions that extend the management support of VMs even further.

Active Directory: More apps, more reports and self-service group management

With today’s release we’ve updated Windows Azure Active Directory to support SSO integration with more SaaS apps, and enhanced the Windows Azure Active Directory Premium tier (which is currently in preview) with more built-in reports and added end-user self-service and delegated group management.

Enabling Active Directory SSO to SaaS applications

We now enable Active Directory single-sign-on (SSO) support with over 600 SaaS popular apps. To integrate these applications with your organization's Active Directory, select your Active Directory within the Windows Azure Management Portal, change to the Applications tab, then click the Add button:

image

Then choose Add an application for my organization to use.  This will allow you to pick from 600+ popular SaaS applications to integrate with:

image

Once an app has been integrated with your Active Directory, you can select which users in your directory can sign into the app.  Once you do this, the app will appear on the access panel for each user logged into the http://myapps.microsoft.com site – enabling them to sign-in and begin using it using their corporate credentials.

Premium Security and Usage Reports

Windows Azure AD Premium is designed to address the identity and access management needs of enterprises. It is currently in preview, and you can use its features including tenant branding and self-service password reset while in preview at no charge. At the end of the preview it will be converted to a paid service.

To find out more about how to get started with Windows Azure AD Premium preview, see this earlier blog post on the Active Directory blog. Briefly, there’s a two-step process to evaluate this preview. First, navigate to Windows Azure Preview Feature page and add Windows Azure Active Directory Premium to your subscription by clicking "try it now", selecting the "Free Trial" or other subscription. Then, in the Windows Azure Management Portal, select a directory and on the Configure tab of the directory, move the slider for Premium features to enabled.

image

Usage Reports

With today’s update we’ve added new reports to the Windows Azure Active Directory Premium tier that will help you better understand how your organization’s users are accessing applications.

You can now click the Reports tab to see additional views which highlight potential account compromise scenarios. These reports show sign-ins from IP addresses with suspicious activity, irregular sign-in activity, and a list of users whose accounts may have been compromised.

Delegated and self-service group management in Windows Azure AD Premium

With today’s release we’ve also added delegated and self-service group management support as part of the Premium preview. In previous updates we enabled administrators to view and manage groups in the Windows Azure Management Portal - now we’re enabling end users within your organizations to create and join groups as well.

Once Premium preview is enabled on a directory, a user who is a member of the directory can get a group management experience by going to http://myapps.microsoft.com, then signing in and clicking on the Groups tab. The user will then see all of the groups that are present in the directory and he or she can request to join a group. They can also filter the view to show only groups of which they’re a member or groups they own:

image

image

A user can also create a new group.

image

These groups can be used to control access to SaaS applications or within applications themselves, such as in SharePoint Online. Currently these groups are not mail-enabled - we’ll add that functionality in a future release.

More updates on these and other features in Premium are on the Active Directory team blog.

BizTalk Services: EDIFACT Protocol Support, Service Bus Integration, Backup and Restore

With today’s release we are updating Windows Azure Biz Talk Services with a host of new features. If you are already using BizTalk Services, your environment will be automatically updated with the following new features:

EDIFACT Protocol Support and X12 Schema Updates

We now support EDIFACT messaging versions up to D10B natively in the platform. When you create a new EDI agreement you can now choose the target protocol as EDIFACT (instead of X12) and configure the agreement. Features such as Batching, Tracking, AS2 with EDIFACT are all supported with today’s update.

Support for X12 messaging up to 6030 and Message Type 999 in addition to 997 for acknowledgements is also now supported.

Pulling Messages from Service Bus Queues and Topics

Support for pulling messages from Service Bus Queues and Topics: This allows a BizTalk “Bridge” to pull messages directly from a Service Bus Queue or Topic without having to write to an intermediary service. After installing the new BizTalk Services SDK, the new Sources are available within the VS Toolbox of BizTalk Services projects:

image

This enables complex configuration such as the one below where messages can be pulled from an FTP endpoint, Service Bus Queue, Service Bus Topic, to be processed by the bridge and sent back to a FTP endpoint, Service Bus Queue or Service Bus Topic based on route rules:

image

Service Bus Shared Access Signatures (SAS) support with Service Bus Queues and Topics:

You can now use SAS keys to configure Service Bus Queues and Topics with Agreements and Bridges in the Azure Portal as well as in Visual Studio. 

BizTalk Adapter Services No Longer Needs SQL On Premises

Starting today all BizTalk Adapter configuration data is now stored in the cloud without any additional configuration in SQL express configuration required on-premises. For existing customers, the SDK installation provides an option to update/migrate the existing configuration to the cloud:

image

Backup and Restore Support

Backup and Restore operations within BizTalk Services can now be easily configured and managed through the Azure  management portal.  Backup and restore can be scheduled by following these five steps:

  1. Go to your deployment’s Configure page and flip the Backup status from None to Automatic.
  2. Add the storage account where you want the backup of the deployment to be stored
  3. Tweak the first occurrence and recurrence schedule
  4. Enter the retention period in days or leave the default to 20 days
  5. Hit Save on your configuration changes

Operation Log Support

You can now view all BizTalk Services management operations such as Create, Delete, Backup, etc. in the Azure Portal using the Management Services tab.  This makes it easy to audit and review all management operations performed with the service.

We hope these features will add value to your integration scenarios and enrich your Biztalk Services experience. We would love to hear your feedback via BizTalk Services forums and user voice.

Summary

Today’s Windows Azure release enables a bunch of great new scenarios.

If you don’t already have a Windows Azure account, you can sign-up for a free trial and start using all of the above features today.  Then visit the Windows Azure Developer Center to learn more about how to build apps with it.

Hope this helps,

Scott

P.S. In addition to blogging, I am also now using Twitter for quick updates and to share links. Follow me at: twitter.com/scottgu

Windows Azure: Staging Publishing Support for Web Sites, Monitoring Improvements, Hyper-V Recovery Manager GA, and PCI Compliance

This morning we released another great set of enhancements to Windows Azure.  Today’s new capabilities and announcements include:

  • Web Sites: Staged Publishing Support and Always On Support
  • Monitoring Improvements: Web Sites + SQL Database Alerts
  • Hyper-V Recovery Manager: General Availability Release
  • Mobile Services: Support for SenchaTouch
  • PCI Compliance: Windows Azure Now Validated for PCI DSS Compliance

All of these improvements are now available to use immediately (note that some features are still in preview).  Below are more details about them:

Web Sites: Staged Publishing Support

With today’s release, you can now enable staged publishing to your Windows Azure Web Sites.  This new feature is really powerful, and enables you to deploy updates of your web apps/sites to a staging version of the site that can be accessed via a URL that is different from your main site.  You can use this staged site to test your site/app deployment and then, when ready, instantaneously swap the content and configuration between the live site and the staging version. 

This new features enables you to deploy changes with more confidence.  And it ensures that your site is never in an inconsistent state (where some files have been updated and others not) - now you can immediately swap all changes to all of the files in one shot.

Enabling Staged Publishing Support

To setup staged publishing go to the DASHBOARD tab of a web site and click Enable staged publishing from the quick glance section:

image

Clicking this link will cause Azure to create a new staging version of the web-site and link it to the existing site.  This linkage is represented in the navigation of the Windows Azure Management Portal – the staging site will show up as a sub-node of the primary site:

image

If you look closely at the name of the staging site, you’ll notice that its URL by default is sitename-staging (e.g. if the primary site name was “scottgu”, the staging site would be “scottgu-staging”):

image

You can optionally map any custom DNS name you want to the staging site (using either a C-Name or A-Record) – just like you would a normal site.  So your staging domain doesn’t have to have an azurewebsites.net extension.  In the scenario above I could remap the staging domain to be staging.scottgu.com, or scottgu-staging.com, or even foobar.scottgu.com if I wanted to. 

The staging URL doesn’t change between deployments of a site – so you can configure a custom DNS once, and then you can use it across all subsequent deployments.  You can also optionally enable SSL on the staging site and upload a SSL certificate to use with the staging domain (ensuring you can fully test/validate your SSL scenarios before swapping live).

Configuring the Staging Site

You can click on the staging site to manage it just like any other site:

image 

The SCALE tab and the LINKED RESOURCES tabs are disabled for staging sites, but all other tabs work as expected.  You can use the CONFIGURE tab to set configuration settings like database and application connection-strings (if you set these at the site level they override anything you might have in a web.config file).

One thing you’ll also notice when you open the staging site is that there is a new SWAP button in the bottom command-bar of it – we’ll talk about how to use that in a little bit.

Deploying to the Staging Site

Deploying a new instance of your web-app/site to the staging site is really easy.  Simply deploy to it just like you would any normal site.  You can use FTP, the built-in “Publish” dialog inside Visual Studio, Web Deploy or Git, TFS, VS Online, GitHub, BitBucket, DropBox or any of the other deployment mechanism we already support.  You configure these just like you would a normal site.

Below I’m going to use the built-in VS publish wizard to publish a new version of the site to the staging site:

image

Once this new version of the app is deployed to the staging site we can access a page in it using the staging domain (in this case http://scottgu-staging):

image

Note that the new version of the site we deployed is only in the staging site.  This means that if we hit the primary site domain (in this case http://scottgu) we wouldn’t see this new “V2” update - it would instead show any older version that had been previously deployed:

image

This allows us to do final testing and validation of the staging version without impacting users visiting the live production site.

Swapping Deployments

At some point we’ll be ready to roll our staged version to be the live production site version.  Doing this is easy – all we need to do is push the SWAP button within the command-bar of either our live site or staging site using the Windows Azure Portal (you can also automate this from the command-line or via a REST call):

image

When we push the SWAP button we’ll be prompted with a confirmation dialog explaining what is about to happen:

image

If we confirm we want to proceed with the swap, Azure will immediately swap the content of the live site (in this case http://scottgu) with the newer content in the staging site (in this case http://scottgu-staging).  This will take place immediately – and ensure that all of the files are swapped in a single shot (so that you never have mix-matched files).

Some settings from the staged version will automatically copy to the production version – including things like connection string overrides, handler mappings, and other settings you might have configured.  Other settings like the DNS endpoints, SSL bindings, etc will not change (ensuring that you don’t need to worry about SSL certs used for the staging domain overriding the production URL cert, etc).

Once the swap is complete (the command takes only a few seconds to execute), you’ll find that the content that was previously in the staging site is now in the live production site:

image

And the content that had been in the older live version of the site is now in the staging site.  Having the older content available in the staging site is useful – as it allows you to quickly swap it back to the previous site if you discover an issue with the version that you just deployed (just click the SWAP button again to do this).  Once you are sure the new version is fine you can just overwrite the staging site again with V3 of your app and repeat the process again.

Deployment with Confidence

We think you’ll find that the new staged publishing feature is both easy to use and very powerful, and enables you to handle deployments of your sites with an industrial strength workflow.

Web Sites: Always On Support

One of the other useful Web Site features that we are introducing today is a feature we call “Always On”.  When Always On is enabled on a site, Windows Azure will automatically ping your Web Site regularly to ensure that the Web Site is always active and in a warm/running state.  This is useful to ensure that a site is always responsive (and that the app domain or worker process has not paged out due to lack of external HTTP requests). 

It also useful as a way to keep a Web Site active for scenarios where you want to run background code within it irrespective of whether it is actively processing external HTTP customer requests.  We have another new feature we are enabling this week called “Web Jobs” that makes it really easy to now write this background code and run it within a Web Site. I’ll blog more about this feature and how to use it in the next few days.

You can enable Always On support for Web Sites running in Standard mode by navigating to the CONFIGURE tab within the portal, and then toggling the Always On button that is now within it:

image

Monitoring Improvements: Web Sites + SQL Database Alerts

With almost every release we make improvements to our monitoring functionality of Azure services. Today’s update brings two nice new improvements:

  1. Metrics updated every minute for Windows Azure Web Sites
  2. Alerting for more metrics from Windows Azure Websites and Windows Azure SQL Databases

Monitoring Data Every Minute

With today’s release we are now updating statistics on the monitoring dashboard of a Web Site every minute, so you can get much more fresh information on exactly how your website is being used (prior to today the granularity was not as fine grained):

image

Viewing data at this higher granularity can make it easier to observe changes to your website as they happen. No additional configuration is required to get data every minute – it is now automatically enabled for all Azure Websites.

Expanding Alerting

When you create alerts you can now choose between six different services:

  • Cloud Service
  • Mobile Service
  • SQL Database (New Today!)
  • Storage
  • Virtual Machine
  • Web Site (More Metrics Today!)

To get started with Alerting, click on the Management Services extension on the left navigation tab of the the Windows Azure Management Portal:

image

Then, click the Add Rule button in the command bar at the bottom of the screen. This will open a wizard for creating an alert rule. You can see all of the services that now support alerts:

image

New Web Site Alert Metrics

With today’s release we are adding the ability to alert on any metric that you see for a Web Site in the portal (previously we only supported alerts on Uptime and Response Time metrics). Today’s new metrics include support for setting threshold alerts for errors as well as CPU time and total requests:

image

The CPU time and Data Out metric alerts are particularly useful for Free or Shared websites – you can now use these alerts to email you if you’re getting close to exceeding your quotas for a free or shared website (and need to scale up instances).

New SQL Alert Metrics

With today’s release you can also now define alerts for your SQL Databases. For Web and Business tier databases you can setup alert metrics for the Storage for the database.  There are also now additional metrics and alerts for SQL Database Premium (which is currently in preview) such as CPU Cores and IOPS.

Once you’ve set up these new alerts, they behave just like alerts for other services. You’ll be informed when they cross the thresholds you establish, and you can see the recent alert history in the dashboard:

image

Windows Azure Hyper-V Recovery Manager: General Availability Release

I’m excited to announce the General Availability of Windows Azure Hyper-V Recovery Manager (HRM). This release is now live in production, backed by an enterprise SLA, supported by Microsoft Support, and is ready to use for production scenarios.

Windows Azure Hyper-V Recovery Manager helps protect your on premise applications and services by orchestrating the protection and recovery of Virtual Machines running in a System Center Virtual Machine Manager 2012 R2 and System Center Virtual Machine Manager 2012 SP1 private cloud to a secondary location. With simplified configuration, automated protection, continuous health monitoring and orchestrated recovery, Hyper-V Recovery Manager service can help you implement Disaster Recovery and recover applications accurately, consistently, and with minimal downtime.

image

The service leverages Hyper-V Replica technology available in Windows Server 2012 and Windows Server 2012 R2 to orchestrate the protection and recovery of Hyper-V Virtual Machines from one on-premise site to another on-premise site. Application data always travels on your on premise replication channel. Only metadata that is needed (such as names of logical clouds, virtual machines, networks etc.) for orchestration is sent to Azure. All traffic sent to/from Azure is encrypted.

Getting Started

To get started, use the Windows Azure Management Portal to create a Hyper-V Recovery Manager Vault. Browse to Data Services > Recovery Services and click New to create a New Hyper-V Recovery Manager Vault. You can name the vault and specify a region where you would like the vault to be created.

clip_image002

Once the Hyper-V recovery Manager vault is created, you’ll be presented with a simple tutorial that will help guide you on how to register your SCVMM Servers and configure protection and recovery of Virtual Machines.

clip_image004

To learn more about setting up Hyper-V Recovery Manager in your deployment follow our detailed step-by-step guide.

Key Benefits of Hyper-V Recovery Manager

Hyper-V Recovery Manager offers the following key benefits that differentiate it from other disaster recovery solutions:

  • Simple Setup and Configuration: HRM dramatically simplifies configuration and management operations across large number of Hyper-V hosts, Virtual Machines and data-centers.
  • Automated Protection: HRM leverages the capabilities of Windows Server and System Center to provide on-going replication of VMs and ensures protection throughout the lifecycle of a VM.
  • Remote Monitoring: HRM leverages the power and reach of Azure to provide a remote monitoring and DR management service that can be accessed from anywhere.
  • Orchestrated Recovery: Recovery Plans enables automated DR orchestration by sequencing failover of different application tiers and customization with scripts and manual actions.

New Improvements

The Hyper-V Recovery Manager service has been enhanced since the initial October Preview with several nice improvements:

  • Improved Failback Support: The Failback support has been improved in scenarios where the primary host cluster has been rebuilt after an outage.
  • Support for Kerberos based Authentication: Cloud configuration now allows selecting Kerberos based authentication for Hyper-V Replica. This is useful in scenarios where customers want to use 3rd party WAN optimization and compression and have AD trust available between primary and secondary sites.
  • Support for Upgrade from VMM 2012 SP1 to VMM 2012 R2: HRM service now supports upgrades from VMM 2012 SP1 to VMM 2012 R2.
  • Improved Scale: The UI and service has been enhanced for better scale support.

Please visit Windows Azure web site for more information on Hyper-V Recovery Manager. You can also refer to additional product documentation. You can visit the HRM forum on MSDN for additional information and engage with other customers.

Mobile Services: Support for SenchaTouch

I’m excited to announce that in partnership with our friends at Sencha, we are today adding support for SenchaTouch to Windows Azure Mobile Services. SenchaTouch is a well know HTML/JavaScript-based development framework for building cross-platform mobile apps and web sites. With today’s addition, you can easily use Mobile Services with your SenchaTouch app.

You can download Windows Azure extension for Sencha here, configure Sencha loader with the location of the azure extension, and add Azure package to your app.json file:

{ name : "Basic", requires : [ "touch-azure"]}

Once you have the Azure extension added to your Sencha project, you can connect your Sencha app to your Mobile Service simply by adding the following initialization code:

Ext.application({

    name: 'Basic',

    requires: ['Ext.azure.Azure'],

    azure: {

        appKey: 'myazureservice-access-key',

        appUrl: 'myazure-service.azure-mobile.net'

    },

    launch: function () {

        // Call Azure initialization

        Ext.Azure.init(this.config.azure);

    }

});

From here on you can data bind your data model to Azure Mobile Services, authenticate users and use push notifications. Follow this detailed Getting Started tutorial to get started with SenchaTouch and Mobile Services. Read more detailed documentation at Mobile Services Sencha extension resources page.

Windows Azure Now Validated for PCI DSS Compliance

We are very excited to announce that Windows Azure has been validated for compliance with the Payment Card Industry (PCI) Data Security Standards (DSS) by an independent Qualified Security Assessor (QSA).

The PCI DSS is the global standard that any organization of any size must adhere to in order to accept payment cards, and to store, process, and/or transmit cardholder data. By providing PCI DSS validated infrastructure and platform services, Windows Azure delivers a compliant platform for you to run your own secure and compliant applications. You can now achieve PCI DSS certification for those applications using Windows Azure.

To assist customers in achieving PCI DSS certification, Microsoft is making the Windows Azure PCI Attestation of Compliance and Windows Azure Customer PCI Guide available for immediate download.

Visit the Trust Center for a full list of in scope features or for more information on Windows Azure security and compliance.

Summary

Today’s release includes a bunch of great features that enable you to build even better cloud solutions.  If you don’t already have a Windows Azure account, you can sign-up for a free trial and start using all of the above features today.  Then visit the Windows Azure Documentation Center to learn more about how to build apps with it.

Hope this helps,

Scott

P.S. In addition to blogging, I am also now using Twitter for quick updates and to share links. Follow me at: twitter.com/scottgu

Windows Azure: New Scheduler Service, Read-Access Geo Redundant Storage, and Monitoring Updates

This morning we released another nice set of enhancements to Windows Azure.  Today’s new capabilities include:

  • Scheduler: New Windows Azure Scheduler Service
  • Storage: New Read-Access Geo Redundant Storage Option
  • Monitoring: Enhancements to Monitoring and Diagnostics for Azure services

All of these improvements are now available to use immediately (note that some features are still in preview).  Below are more details about them:

Scheduler: New Windows Azure Scheduler Service

I’m excited to announce the preview of our new Windows Azure Scheduler service.  The Windows Azure Scheduler service allows you to schedule jobs that invoke HTTP/S endpoints or post messages to a storage queue on any schedule you define.  Using the Scheduler, you can create jobs that reliably call services either inside or outside of Windows Azure and run those jobs immediately, on a regular schedule, or set them to run at a future date.

To get started with Scheduler, you first need to sign-up for the preview on the Windows Azure Preview page. Once you enroll in the preview, you can sign in to the Management Portal and start using it.

Creating a Schedule Job

Once you have the Schedule preview enabled on your subscription, you can easily create a new job following a few short steps:

Click New->App Services->Scheduler->Custom Create within the Windows Azure Management Portal:

image

Choose the Windows Azure Region where you want the jobs to run from, and then select an existing job collection or create a new one to add the job to:

 image

You can then define you job action. In this case, we are going to create an HTTP action that will do a GET request against a web site (you can also use other HTTP verbs as well as HTTPS):

image

For processing longer requests or enabling a service to be invoked when offline, you may want to post a message to a storage queue rather than standing up and invoking a web service.  To post a message to a storage queue just choose Storage Queue as your action then create or select the storage account and queue to send a request to:

image

Once you’ve defined the job to perform, you’ll now want to setup the recurrence schedule for it. The recurrence can be as simple as run immediately (useful for testing), at a specific time in the future, or on a recurring schedule:

image

Once the job is created, the job will be listed in the jobs view:

image

The jobs view shows a summary status of failures/faults with any job – you can then click the history tab to get even more detailed status (including the HTTP response headers + body for any HTTP based job).

I encourage you to try out the Scheduler – I think you’ll find it a really useful way to automate jobs to happen in a reliable way.  The following links provide more information on how to use it (as well as how to automate the creation of tasks from the command-line or your own applications):

Storage: New Read-Access Geo Redundant Storage Option

I’m excited to announce the preview release of our new Read-Access Geo Redundant Storage (RA-GRS) option. RA-GRS is a major improvement to our Windows Azure Storage Geo Replicated Storage offering.  Prior to today, our Geo-Replicated Storage option provided built-in support for automatically replicating your storage data (blobs, queues, tables) from one primary region to another (for example: US East to US West), but access to the secondary location data wasn’t provided except in a disaster scenario which necessitated a storage cluster failover.

With today’s update you can now always have read-access to your secondary storage replica.  This enables you to have immediate access to your data in the event of a temporary failure in your primary storage location (and to build-in support within your applications to handle the read fail-over automatically).  Today’s update also enables you to test and track the replication of your data so you can easily verify the replication (which happens asynchronously in the background). 

Enabling Read Access

In order to enable RA-GRS support, you will need to sign up to the Read Access Geo Redundant Storage Preview on the Windows Azure Preview page. Once you enroll in the preview, you can sign in to the Management Portal and simply navigate to the Configure tab for your Storage Account to enable it on the Storage Account:

image

Once enabled you can access your secondary storage endpoint location as myaccountname-secondary.<service>.core.windows.net.  You can use the same access keys for the the secondary storage location as the ones for your primary storage endpoint.

For additional details on RA-GRS and examples of how to use it, read the storage blog post entry at http://blogs.msdn.com/b/windowsazurestorage/archive/2013/12/04/introducing-read-access-geo-replicated-storage-ra-grs-for-windows-azure-storage.aspx

Monitoring: Enhancements to Monitoring and Diagnostics for Azure services

Today’s update includes several nice enhancements to our monitoring and diagnostics capabilities of Windows Azure:

Monitoring metrics for Premium SQL Databases

With today’s update you can now monitor metrics for the CPU and IO activity of Premium SQL databases, and the storage activity of both Premium and Standard databases. You can find more details on MSDN.

clip_image002

Update to Web Site diagnostics

Previously, you could select an existing blob container when configuring the storage location for your web server HTTP logs.

image

With this release, you now can additionally create a new blob container to push your web server logs to in a single, consistent configuration experience within the Windows Azure Management Portal. You can do so by simply navigating to the configure tab for your web site, clicking on the manage storage button above, and selecting the option to create a new blob container.

image

Operation history support for Windows Azure Mobile Services

The Operation Logs feature of Windows Azure allows you to audit/log management operations performed on your Windows Azure Services.  You can review them be clicking on the Operating Logs tab within the Management Services extension of the Management Portal:

image

With today’s update we have added more than 20 new log actions for Windows Azure Mobile Services that will now show up in the operation logs list.

Summary

Today’s release includes a bunch of great features that enable you to build even better cloud solutions.  If you don’t already have a Windows Azure account, you can sign-up for a free trial and start using all of the above features today.  Then visit the Windows Azure Developer Center to learn more about how to build apps with it.

Hope this helps,

Scott

P.S. In addition to blogging, I am also now using Twitter for quick updates and to share links. Follow me at: twitter.com/scottgu

Presentations I’m doing in Dublin and London Dec 2nd->5th

I’ll be in Ireland and the UK next week presenting at several events.  Below are details on the talks I’ll be doing if you want to come along and hear them:

Dublin: Monday Dec 2nd

I’m doing two separate free events in Dublin on Monday:

  • Windows Azure and the Cloud at Mon 1-3pm.  This event is free to attend, and I’ll be doing a two hour keynote/overview session on Windows Azure as part of it.  This will be a great talk to attend if you are new to Windows Azure and are interested in learning more about what you can do with it.  Later sessions at the event also cover VS 2013, building iOS/Android apps with C# using Xamarin, and F# with Data and the Cloud.  Lean more here and sign-up for free.
  • Building Real World Application using Windows Azure at Mon 6:00-9:00pm.  This event is also free to attend, and during it I’ll walkthrough building a real world application using Windows Azure and discuss patterns and best practice techniques for building real world apps along the way.  The content is intermediate/advanced level (my goal is to melt your brain by the end) but doesn’t assume prior knowledge of Windows Azure.  Learn more here and sign-up for free.

There is no content overlap between the two talks – so feel free to attend both if you want to!

London: Wed Dec 4th and 5th

I’m presenting at the NDC London Conference on Dec 4th and Dec 5th as well.  This is a great developer conference being hosted in the UK for the first time.  It has a great line up of speakers attending.

I’m presenting 2 separate two-part talks: 

  • Building Real World Applications using Windows Azure (Part 1 and 2) at Thursday from 9am-11:20am.  I’ll walkthrough building a real world application using Windows Azure and discuss patterns and best practice techniques for building real world apps along the way.  The content is intermediate/advanced level (my goal is to melt your brain by the end) but doesn’t assume prior knowledge of Windows Azure.

Hope to see some of you there!

Scott

P.S. In addition to blogging, I am also now using Twitter for quick updates and to share links. Follow me at: twitter.com/scottgu

Windows Azure: General Availability Release of BizTalk Services, Traffic Manager, Azure AD App Access + Xamarin support for Mobile Services

This morning we released another great set of enhancements to Windows Azure.  Today’s new capabilities include:

  • BizTalk Services: General Availability Release
  • Traffic Manager: General Availability Release
  • Active Directory: General Availability Release of Application Access Support
  • Mobile Services: Active Directory Support, Xamarin support for iOS and Android with C#, Optimistic concurrency
  • Notification Hubs: Price Reduction + Debug Send Support
  • Web Sites: Diagnostics Support for Automatic Logging to Blob Storage
  • Storage: Support for alerting based on storage metrics
  • Monitoring: Preview release of Windows Azure Monitoring Service Library

All of these improvements are now available to use immediately (note that some features are still in preview).  Below are more details about them:

BizTalk Services: General Availability Release

I’m excited to announce the general availability release of Windows Azure Biz Talk Services.  This release is now live in production, backed by an enterprise SLA, supported by Microsoft Support, and is ready to use for production scenarios.

Windows Azure BizTalk Services enables powerful business scenarios like supply chain and cloud-based electronic data interchange and enterprise application integration, all with a familiar toolset and enterprise grade reliability.  It provides built-in support for managing EDI relationships between partners, as well as setting up EAI bridges with on-premises assets – including built-in support for integrating with on-premises SAP, SQL Server, Oracle and Siebel systems.  You can also optionally integrate Windows Azure BizTalk Services with on-premises BizTalk Server deployments – enabling powerful hybrid enterprise solutions. 

Creating a BizTalk Service

Creating a new BizTalk Service is easy – simply choose New->App Services->BizTalk Service to create a new BizTalk Service instance:

image

Windows Azure will then provision a new high-availability BizTalk instance for you to use:

image

Each BizTalk Service instance runs in a dedicated per tenant environment. Once provisioned you can use it to integrate your business better with your supply chain, enable EDI interactions with partners, and extend your on-premises systems to the cloud to facilitate EAI integration.

Changes between Preview and GA

The team has been working extremely hard in preparing Windows Azure BizTalk Services for General Availability.  In addition to finalizing the quality, we also made a number of feature improvements to address customer feedback during the preview.  These improvements include:

  • B2B and EDI capabilities are now available even in the Basic and Standard tiers (in the preview they were only in the Premium tier)
  • Significantly simplified provisioning process – ACS namespace and self-signed certificates are now automatically created for you
  • Support for worldwide deployment in Windows Azure regions
  • Multiple authentication IDs & multiple deployments are now supported in the BizTalk portal.
  • BackUp-Restore is now supported to enable Business Continuity 

If you are already using BizTalk Services in preview, you will be transitioned automatically to the GA service and new pricing will take effect on January 1, 2014.

Getting Started

Read this article to get started with provisioning your first BizTalk Service.  BizTalk Services supports a Developer Tier that enables you to do full development and testing of your EDI and EAI workloads at a very inexpensive rate. To learn more about the services and new pricing, read the BizTalk Services documentation.

Traffic Manager: General Availability Release

I’m excited to announce that Windows Azure Traffic Manager is also now generally available.  This release is now live in production, backed by an enterprise SLA, supported by Microsoft Support, and is ready to use for production scenarios.

Windows Azure Traffic Manager allows you to control the distribution of user traffic to applications that you host within Windows Azure. Your applications can run in the same data center, or be distributed across different regions across the world.  Traffic Manager works by applying an intelligent routing policy engine to the Domain Name Service (DNS) queries on your domain names, and maps the DNS routes to the appropriate instances of your applications.

You can use Traffic Manager to improve application availability - by enabling automatic customer traffic fail-over scenarios in the event of issues with one of your application instances.  You can also use Traffic Manager to improve application performance - by automatically routing your customers to the closet application instance nearest them (e.g. you can setup Traffic Manager to route customers in Europe to a European instance of your app, and customers in North America to a US instance of your app).

Getting Started

Setting up Traffic Manager is easy to do.  Simply choose New->Network Services->Traffic Manager within the Windows Azure Management Portal:

image 

When you create a Windows Azure Traffic Manager you can specify a “load balancing method” – this indicates the default traffic routing policy engine you want to use. Above I selected the “failover” policy. 

image

Once your Traffic Manager instance is created you can click the “endpoints” tab to select application or service endpoints you want the traffic manager to route traffic to.  Below I’ve added two virtual machine deployments – one in Europe and one in the United States:

image

Enabling High Availability

Traffic Manager monitors the health of each application/service endpoint configured within it, and automatically re-directs traffic to other application/service endpoints should any service fail.

In the following example, Traffic Manager is configured in a ‘Failover’ policy, which means by default all traffic is sent to the first endpoint (scottgudemo11), but if that app instance is down or having problems (as it is below) then traffic is automatically redirected to the next endpoint (scottgudemo12):

image

Traffic Manager allows you to configure the protocol, port and monitoring path used to monitor endpoint health. You can use any of your web pages as the monitoring path, or you can use a dedicated monitoring page, which allows you to implement your own customer health check logic:

image

Enabling Improved Performance

You can deploy multiple instances of your application or service in different geographic regions, and use Traffic Manager’s ‘Performance’ load-balancing policy to automatically direct end users to the closest instance of your application. This improves performance for a end user by reducing the network latency they experience:

image

In the traffic manager instance we created earlier, we had a VM deployment in both West Europe and the West US regions of Windows Azure:

image

This means that when a customer in Europe accesses our application, they will automatically be routed to the West Europe application instance.  When a customer in North America accesses our application, they will automatically be routed to the West US application instance. 

Note that endpoint monitoring and failover is a feature of all Traffic Manager load-balancing policies, not just the ‘failover’ policy.  This means that if one of the above instances has a problem and goes offline, the traffic manager will automatically direct all users to the healthy instance.

Seamless application updates

You can also explicitly enable and disable each of your application/service endpoints in Traffic Manager.  To do this simply select the endpoint, and click the Disable command:

image

This doesn’t stop the underlying application - it just tells Traffic Manager to route traffic elsewhere. This enables you to migrate traffic away from a particular deployment of an application/service whilst it is being updated and tested and then bring the service back into rotation, all with just a couple of clicks.

General Availability

As Traffic Manager plays a key role in enabling high availability applications, it is of course vital that Traffic Manager itself is highly available. That’s why, as part of general availability, we’re announcing a 99.99% uptime SLA for Traffic Manager

Traffic Manager has been available free of charge during preview. Free promotional pricing will remain in effect until December 31, 2013. Starting January 1, 2014, the following pricing will apply:

  • $0.75 per million DNS queries (reducing to $0.375 after 1 billion queries)
  • $0.50 per service endpoint/month.

Full pricing details are available on the Windows Azure Web Site.  Additional details on Traffic Manager, including a detailed description of endpoint monitoring, all configuration options, and the Traffic Manager management REST APIs, are available on MSDN.

Active Directory: General Availability of Application Access

This summer we released the initial preview of our Application Access Enhancements for Windows Azure Active Directory, which enables you to securely implement single-sign-on (SSO) support against SaaS applications as well as LOB based applications. Since then we’ve added SSO support for more than 500 applications (including popular apps like Office 365, SalesForce.com, Box, Google Apps, Concur, Workday, DropBox, GitHub, etc).

Building upon the enhancements we delivered last month, with this week’s release we are excited to announce the general availability release of the application access functionality within Windows Azure Active Directory. These features are available for all Windows Azure Active Directory customers, at no additional charge, as of today’s release:

  • SSO to every SaaS app we integrate with
  • Application access assignment and removal
  • User provisioning and de-provisioning support
  • Three built-in security reports
  • Management portal support

Every customer can now use the application access features in the Active Directory extension within the Windows Azure Management Portal.

Getting Started

To integrate your active directory with either a SaaS or LOB application, navigate to the “Applications” tab of the Directory within the Windows Azure Management Portal and click the “Add” button:

image

Clicking the “Add” button will bring up a dialog that allows you to select whether you want to add a LOB application or a SaaS application:

image

Clicking the second link will bring up a gallery of 500+ popular SaaS applications that you can easily integrate your directory with:

image

Choose an application you wish to enable SSO with and then click the OK button.  This will register the application with your directory:

image

You can then quickly walkthrough setting up single-sign-on support, and enable your Active Directory to automatically provision accounts with the SaaS application.  This will enable employees who are members of your Active Directory to easily sign-into the SaaS application using their corporate/active directory account. 

In addition to making it more convenient for the employee to sign-into the app (one less username/password to remember), this SSO support also makes the company’s data even more secure.  If the employee ever leaves the company, and their active directory account is suspended/deleted, they will lose all access to the SaaS application.  The IT administrator of the Active Directory can also optionally choose to enable the Multi-Factor Authentication support that we shipped in September to require employees to use a second-form of authentication when logging into the SaaS application (e.g. a phone app or SMS challenge) to enable even more secure identity access.  The Windows Azure Multi-Factor Authentication Service composes really nice with the SaaS support we are shipping today – you can literally set up secure support for any SaaS application (complete with multi-factor authentication support) to your entire enterprise within minutes.

You can learn more about what we’re providing with Azure Directory here, and you can ask questions and provide feedback on today’s release in the Windows Azure AD Forum.

Mobile Services: Active Directory integration, Xamarin support, Optimistic concurrency

Enterprises are increasingly going mobile to deliver their line of business apps. Today we are introducing a number of exciting updates to Mobile Services that make it even easier to build mobile LOB apps.

Preview of Windows Azure Active Directory integration with Mobile Services

I am excited to announce the preview of Widows Azure Active Directory support in Mobile Services.  Using this support, mobile business applications can now use the same easy Mobile Services authentication experience to allow employees to sign into their mobile applications with their corporate Active Directory credentials.  

With this feature, Windows Azure Active Directory becomes supported as an identity provider in Mobile Services alongside with the other identity providers we already support (which include Microsoft Accounts, Facebook ID, Google ID, and Twitter ID).  You can enable Active Directory support by clicking the “Identity” tab within a mobile service:

image

If you are an enterprise developer interested in using the Windows Azure Active Directory support in Mobile Services, please contact us at mailto:mobileservices@microsoft.com to sign-up for the private preview.

Cross-platform connected apps using Xamarin and Mobile Services

We earlier partnered with Xamarin to deliver a Mobile Services SDK that makes it easy to add capabilities such as storage, authentication and push notifications to iOS and Android applications written in C# using Xamarin. Since then, thousands of developers have downloaded the SDK and enjoyed the benefits of building cross platform mobile applications in C# with Windows Azure as their backend.  More recently as part of the Visual Studio 2013 launch, Microsoft announced a broad collaboration with Xamarin which includes Portable Class Library support for Xamarin platforms.

With today’s release we are making two additional updates to Mobile Services:

  • Delivering an updated Mobile Services Portable Class Library (PCL) SDK that includes support for both Xamarin.iOS and Xamarin.Android
  • New quickstart projects for Xamarin.iOS and Xamarin.Android exposed directly in the Windows Azure Management Portal

These updates make it even easier to build cloud connected cross-platform mobile applications.

Getting started with Xamarin and Mobile Services

If you navigate to the quickstart page for your Windows Azure Mobile Service you will see there is now a new Xamarin tab:

image

To get started with Xamarin and Windows Azure Mobile Services, all you need to do is click one of the links circled above, install the Xamarin tools, and download the Xamarin starter project that we provide directly on the quick start page above:

image

After downloading the project, unzip and open it in Visual Studio 2013. You will then be prompted to pair your instance of Visual Studio with a Mac so that you can build and run the application on iOS. See here for detailed instructions on the setup process.

Once the setup process is complete, you can select the iPhone Simulator as the target and then just hit F5 within Visual Studio to run and debug the iOS application:

image

The combination of Xamarin and Windows Azure Mobile Services make it incredibly easy to build iOS and Android applications using C# and Visual Studio.  For more information check out our tutorials and documentation.

Optimistic Concurrency Support

Today’s Mobile Services release also adds support for optimistic concurrency. With optimistic concurrency, your application can now detect and resolve conflicting updates submitted by multiple users. For example, if a user retrieves a record from a Mobile Services table to edit, and meanwhile another user updated this record in the table, without optimistic concurrency support the first user may overwrite the second user’s data update. With optimistic concurrency, conflicting changes can be caught, and your application can either provide a choice to the user to manually resolve the conflicts, or implement a resolution behavior.

When you create a new table, you will notice 3 system property columns added to support optimistic concurrency: (1) __version, which keeps the record’s version, (2) __createdAt, which is the time this record was inserted at, and (3) __updatedAt, which is the time the record was last updated.

image

You can use optimistic concurrency in your application by making two changes to your code:

First, add a version property to your data model as shown in code snippet below. Mobile Services will use this property to detect conflicts while updating the corresponding record in the table:

public class TodoItem

{

        public string Id { get; set; }

 

        [JsonProperty(PropertyName = "text")]

        public string Text { get; set; }

 

        [JsonProperty(PropertyName = "__version")]

        public byte[] Version { get; set; }

}

Second, modify your application to handle conflicts by catching the new exception MobileServicePreconditionFailedException. Mobile Services will send back this error, which includes the server version of the conflicting item. Your application can then decide on which version to commit back to the server to resolve this detected conflict.

To learn more about optimistic concurrency, review our new Mobile Services optimistic concurrency tutorial.  Also check out the new support for Custom ID property support we are also adding with today’s release – which makes it much easier to handle a variety of richer data modeling scenarios (including sharding support).

Notification Hubs: Price Reduction and Debug Send Improvements

In August I announced the General Availability of Windows Azure Notification Hubs - a powerful Mobile Push Notifications service that makes it easy to send high volume push notifications with low latency to any mobile device (including Windows Phone, Windows 8, iOS and Android devices). Notification hubs can be used with any mobile app back-end (including ones built using Windows Azure Mobile Services) and can also be used with back-ends that run in the cloud as well as on-premises.

Pricing update: Removing Active Device limits from Notification Hubs paid tiers

To simplify the pricing model of Notification Hubs and pass on cost savings to our customers, we are removing the limits we previously had on the number of Active Devices allowed.  For example, the consumption price for Notification Hubs Standard Tier will now simply become $75 for 1 million pushes per month, and $199 per 5 million pushes per month (prorated daily).

These changes and price reductions will be available to all paid tiers starting Dec 15th.  More details on the pricing can be found here.

Troubleshooting Push Notifications with Debug Send

Troubleshooting push notifications can sometimes be tricky, as there are many components involved: your backend, Notification Hubs, platform notification service, and your client app.

To help with that, today’s release adds the ability to easily send test notifications directly from the Windows Azure Management portal. Simply navigate to the new DEBUG tab in every Notification Hub, specify whether you want to broadcast to all registered devices or provide a tag (or tag expression) to only target specific devices/group of devices, specify the notifications payload you wish to send, and then hit “Send”.  For example: below I am choosing to send a test notification message to all my users who have the iOS version of my app, and who have registered to subscribe to “sport-scores” within my app:

image

After the notification is sent, you will get a list of all the device registrations that were targeted by your notifications and the outcomes of their specific notifications sent as reported by the corresponding platform notification services (WNS, MPNS, APNS, and GCM). This makes it much easier to debug issues.

For help on getting started with Notification Hubs, visit the Notification Hub documentation center

Web Sites: Diagnostics Support for Automatic Logging to Blob Storage

In September we released an update to Windows Azure Web Sites that enables you to automatically persist HTTP logs to Windows Azure Blob Storage.

Today we also updated Web Sites to support persisting a Web Site’s application diagnostic logs to Blob Storage as well.  This makes it really easy to persist your diagnostics logs as text blobs that you can store indefinitely (since storage accounts can maintain huge amounts of data) and which you can also use to later perform rich data mining/analysis on them.  This also makes it much easier to quickly diagnose and understand issues you might be having within your code.

Adding Diagnostics Statements to your Code

Below is a simple example of how you can use the built-in .NET Trace API within System.Diagnostics to instrument code within a web application.  In the scenario below I’ve added a simple trace statement that logs the time it takes to call a particular method (which might call off to a remote service or database that might take awhile): 

image

Adding instrumentation code like this makes it much easier for you to quickly determine what might be the cause of a slowdown in an application in production.  By logging the performance data it also makes it possible to analyze performance trends over time (e.g. analyze what the 99th percentile latency is, etc).

Storing Diagnostics Log Files as Blobs in Windows Azure Storage

To enable diagnostic logs to be automatically written directly to blob storage, simply navigate to a Web Site using the Windows Azure Management Portal and click the CONFIGURE tab.  Then navigate to the APPLICATION DIAGNOSTICS section within it.  Starting today, you can now configure “Application Logging” to be persisted to blob storage.  To do this, just toggle the button to be “on”, and then choose the logging level you wish to persist (error, verbose, information, etc):

image

Clicking the green “manage blob storage” button brings up a dialog that allows you to configure which blob storage account you wish to store the diagnostics logs within:

image

Once you are done just click the “ok” button, and then hit “save”.  Now when your application runs, the diagnostic data will automatically be persisted to your blob storage account. 

Looking at the Application Diagnostics Data

Diagnostics logging data is persisted almost immediately as your application runs (we have a trace listener that automatically handles this within web-sites and allows you to write thousands of diagnostics messages per second).

You can use any standard tool that supports Windows Azure Blob Storage to view and download the logs.  Below I’m using the CloudXplorer tool to view my blob storage account:

image

The application diagnostic logs are persisted as .csv text files.  Windows Azure Web Sites automatically persists the files within sub-folders of the blob container that map to the year->month->day->hour of the web-site operation (which makes it easier for you to find the specific file you are looking for).

Because they are .csv text files you can open/process the log files using a wide variety of tools or custom scripts (you can even spin up a Hadoop cluster using Windows Azure HDInsight if you want to analyze lots of them quickly).  Below is a simple example of opening the above file diagnostic file using Excel:

image

Notice above how the date/time, information level, application name, webserver instance ID, eventtick, as well as proceed and thread ID were all persisted in addition to my custom message which logged the latency of the DoSomething method.

Running with Diagnostics Always On

Today’s update now makes it super easy to log your diagnostics trace messages to blob storage (in addition to the HTTP logs that were already supported).  The above steps are literally the only ones required to get started.

Because Windows Azure Storage Accounts can store 100TB each, and Windows Azure Web Sites provides an efficient way to persist the logs to it, it is now also possible to always leave diagnostics on in production and log everything you do within your application.  Having this data persisted makes it much easier for you to understand the health of your applications, debug them when there are issues, and analyze them over time to make even better.

Storage: Support for Alerting based on Storage metrics

With today’s release we have added support to enable threshold based alert rules for storage metrics. If you have enabled storage analytics metrics, you can now configure alert rules on these metrics.

You can create an alert rule on storage metrics by navigating to Management Services -> Alert tab in the Windows Azure Management Portal. Click the Add Rule button, and then in the rule creation dialog select service type as storage, select the storage account that you want to enable alerts on, followed by the storage service (blob, table, queue).

image

Then select the blob service metric and configure threshold value and email address to send the notification:

image

Once setup and enabled the alert will be listed in the alerts tab:

image

The rule will then be monitored against the storage metric. If it triggers above the configured threshold an alert email will automatically be sent.

Monitoring: Preview release of Windows Azure Monitoring Service Library

Today we are releasing a preview of our new Window Azure Monitoring Services library. This library will allow you get monitoring metrics, and programmatically configure alerts and autoscale rules for your services.

The list of monitoring services clients that we are shipping today include:

image

Let’s walk through an example of creating an alert rule using the AlertsClient library. For creating an alert rule you will need to specify the service that you are creating the alert on and the metric on which the alert rule operates. In addition, you will need to specify the rule settings for the condition and the action taken when the alert threshold is reached.  The below code shows how to programmatically do this:

image

Once the code above executes our monitoring alert rule will be configured without us ever having to manually do anything within the management portal.  You can write similar code now to retrieve operational metrics about a service and setup autoscale rules as well.  This makes it really easy to fully automate tasks.

Installing via nuget

The monitoring service library is available via nuget. Since it is still in preview form, you’ll need to add the –IncludePrerelease switch when you go to retrieve the package.

image

Documentation

The alerts, autoscale and metrics client API documentation can be accessed here.

Summary

Today’s release includes a bunch of great features that enable you to build even better cloud solutions.  If you don’t already have a Windows Azure account, you can sign-up for a free trial and start using all of the above features today.  Then visit the Windows Azure Developer Center to learn more about how to build apps with it.

Hope this helps,

Scott

P.S. In addition to blogging, I am also now using Twitter for quick updates and to share links. Follow me at: twitter.com/scottgu

Windows Azure: Import/Export Hard Drives, VM ACLs, Web Sockets, Remote Debugging, Continuous Delivery, New Relic, Billing Alerts and More

Two weeks ago we released a giant set of improvements to Windows Azure, as well as a significant update of the Windows Azure SDK.

This morning we released another massive set of enhancements to Windows Azure.  Today’s new capabilities include:

  • Storage: Import/Export Hard Disk Drives to your Storage Accounts
  • HDInsight: General Availability of our Hadoop Service in the cloud
  • Virtual Machines: New VM Gallery, ACL support for VIPs
  • Web Sites: WebSocket and Remote Debugging Support
  • Notification Hubs: Segmented customer push notification support with tag expressions
  • TFS & GIT: Continuous Delivery Support for Web Sites + Cloud Services
  • Developer Analytics: New Relic support for Web Sites + Mobile Services
  • Service Bus: Support for partitioned queues and topics
  • Billing: New Billing Alert Service that sends emails notifications when your bill hits a threshold you define

All of these improvements are now available to use immediately (note that some features are still in preview).  Below are more details about them.

Storage: Import/Export Hard Disk Drives to Windows Azure

I am excited to announce the preview of our new Windows Azure Import/Export Service!

The Windows Azure Import/Export Service enables you to move large amounts of on-premises data into and out of your Windows Azure Storage accounts. It does this by enabling you to securely ship hard disk drives directly to our Windows Azure data centers. Once we receive the drives we’ll automatically transfer the data to or from your Windows Azure Storage account.  This enables you to import or export massive amounts of data more quickly and cost effectively (and not be constrained by available network bandwidth).

Encrypted Transport

Our Import/Export service provides built-in support for BitLocker disk encryption – which enables you to securely encrypt data on the hard drives before you send it, and not have to worry about it being compromised even if the disk is lost/stolen in transit (since the content on the transported hard drives is completely encrypted and you are the only one who has the key to it).  The drive preparation tool we are shipping today makes setting up bitlocker encryption on these hard drives easy.

How to Import/Export your first Hard Drive of Data

You can read our Getting Started Guide to learn more about how to begin using the import/export service.  You can create import and export jobs via the Windows Azure Management Portal as well as programmatically using our Server Management APIs.

It is really easy to create a new import or export job using the Windows Azure Management Portal.  Simply navigate to a Windows Azure storage account, and then click the new Import/Export tab now available within it (note: if you don’t have this tab make sure to sign-up for the Import/Export preview):

image

Then click the “Create Import Job” or “Create Export Job” commands at the bottom of it.  This will launch a wizard that easily walks you through the steps required:

image

For more comprehensive information about Import/Export, refer to Windows Azure Storage team blog.  You can also send questions and comments to the waimportexport@microsoft.com email address.

We think you’ll find this new service makes it much easier to move data into and out of Windows Azure, and it will dramatically cut down the network bandwidth required when working on large data migration projects.  We hope you like it.

HDInsight: 100% Compatible Hadoop Service in the Cloud

Last week we announced the general availability release of Windows Azure HDInsight. HDInsight is a 100% compatible Hadoop service that allows you to easily provision and manage Hadoop clusters for big data processing in Windows Azure.  This release is now live in production, backed by an enterprise SLA, supported 24x7 by Microsoft Support, and is ready to use for production scenarios.

HDInsight allows you to use Apache Hadoop tools, such as Pig and Hive, to process large amounts of data in Windows Azure Blob Storage. Because data is stored in Windows Azure Blob Storage, you can choose to dynamically create Hadoop clusters only when you need them, and then shut them down when they are no longer required (since you pay only for the time the Hadoop cluster instances are running this provides a super cost effective way to use them). 

You can create Hadoop clusters using either the Windows Azure Management Portal (see below) or using our PowerShell and Cross Platform Command line tools:

image

The import/export hard drive support that came out today is a perfect companion service to use with HDInsight – the combination allows you to easily ingest, process and optionally export a limitless amount of data.  We’ve also integrated HDInsight with our Business Intelligence tools, so users can leverage familiar tools like Excel in order to analyze the output of jobs. 

You can find out more about how to get started with HDInsight here.

Virtual Machines: VM Gallery Enhancements

Today’s update of Windows Azure brings with it a new Virtual Machine gallery that you can use to create new VMs in the cloud.  You can launch the gallery by doing New->Compute->Virtual Machine->From Gallery within the Windows Azure Management Portal:

image

The new Virtual Machine Gallery includes some nice enhancements that make it even easier to use:

  • Search: You can now easily search and filter images using the search box in the top-right of the dialog.  For example, simply type “SQL” and we’ll filter to show those images in the gallery that contain that substring.

  • Category Tree-view: Each month we add more built-in VM images to the gallery.  You can continue to browse these using the “All” view within the VM Gallery – or now quickly filter them using the category tree-view on the left-hand side of the dialog.  For example, by selecting “Oracle” in the tree-view you can now quickly filter to see the official Oracle supplied images.

  • MSDN and Supported checkboxes: With today’s update we are also introducing filters that makes it easy to filter out types of images that you may not be interested in. The first checkbox is MSDN: using this filter you can exclude any image that is not part of the Windows Azure benefits for MSDN subscribers (which have highly discounted pricing - you can learn more about the MSDN pricing here). The second checkbox is Supported: this filter will exclude any image that contains prerelease software, so you can feel confident that the software you choose to deploy is fully supported by Windows Azure and our partners.

  • Sort options: We sort gallery images by what we think customers are most interested in, but sometimes you might want to sort using different views. So we’re providing some additional sort options, like “Newest,” to customize the image list for what suits you best.

  • Pricing information: We now provide additional pricing information about images and options on how to cost effectively run them directly within the VM Gallery.

The above improvements make it even easier to use the VM Gallery and quickly create launch and run Virtual Machines in the cloud.

Virtual Machines: ACL Support for VIPs

A few months ago we exposed the ability to configure Access Control Lists (ACLs) for Virtual Machines using Windows PowerShell cmdlets and our Service Management API. With today’s release, you can now configure VM ACLs using the Windows Azure Management Portal as well. You can now do this by clicking the new Manage ACL command in the Endpoints tab of a virtual machine instance:

image

This will enable you to configure an ordered list of permit and deny rules to scope the traffic that can access your VM’s network endpoints. For example, if you were on a virtual network, you could limit RDP access to a Windows Azure virtual machine to only a few computers attached to your enterprise. Or if you weren’t on a virtual network you could alternatively limit traffic from public IPs that can access your workloads:

image

Here is the default behaviors for ACLs in Windows Azure:

  • By default (i.e. no rules specified), all traffic is permitted.
  • When using only Permit rules, all other traffic is denied.
  • When using only Deny rules, all other traffic is permitted.
  • When there is a combination of Permit and Deny rules, all other traffic is denied.

Lastly, remember that configuring endpoints does not automatically configure them within the VM if it also has firewall rules enabled at the OS level.  So if you create an endpoint using the Windows Azure Management Portal, Windows PowerShell, or REST API, be sure to also configure your guest VM firewall appropriately as well.

Web Sites: Web Sockets Support

With today’s release you can now use Web Sockets with Windows Azure Web Sites.  This feature enables you to easily integrate real-time communication scenarios within your web based applications, and is available at no extra charge (it even works with the free tier).  Higher level programming libraries like SignalR and socket.io are also now supported with it.

You can enable Web Sockets support on a web site by navigating to the Configure tab of a Web Site, and by toggling Web Sockets support to “on”:

image

Once Web Sockets is enabled you can start to integrate some really cool scenarios into your web applications.  Check out the new SignalR documentation hub on www.asp.net to learn more about some of the awesome scenarios you can do with it.

Web Sites: Remote Debugging Support

The Windows Azure SDK 2.2 we released two weeks ago introduced remote debugging support for Windows Azure Cloud Services. With today’s Windows Azure release we are extending this remote debugging support to also work with Windows Azure Web Sites.

With live, remote debugging support inside of Visual Studio, you are able to have more visibility than ever before into how your code is operating live in Windows Azure. It is now super easy to attach the debugger and quickly see what is going on with your application in the cloud.

Remote Debugging of a Windows Azure Web Site using VS 2013

Enabling the remote debugging of a Windows Azure Web Site using VS 2013 is really easy.  Start by opening up your web application’s project within Visual Studio. Then navigate to the “Server Explorer” tab within Visual Studio, and click on the deployed web-site you want to debug that is running within Windows Azure using the Windows Azure->Web Sites node in the Server Explorer.  Then right-click and choose the “Attach Debugger” option on it:

image

When you do this Visual Studio will remotely attach the debugger to the Web Site running within Windows Azure.  The debugger will then stop the web site’s execution when it hits any break points that you have set within your web application’s project inside Visual Studio.  For example, below I set a breakpoint on the “ViewBag.Message” assignment statement within the HomeController of the standard ASP.NET MVC project template.  When I hit refresh on the “About” page of the web site within the browser, the breakpoint was triggered and I am now able to debug the app remotely using Visual Studio:

image

Note above how we can debug variables (including autos/watchlist/etc), as well as use the Immediate and Command Windows. In the debug session above I used the Immediate Window to explore some of the request object state, as well as to dynamically change the ViewBag.Message property.  When we click the the “Continue” button (or press F5) the app will continue execution and the Web Site will render the content back to the browser.  This makes it super easy to debug web apps remotely.

Tips for Better Debugging

To get the best experience while debugging, we recommend publishing your site using the Debug configuration within Visual Studio’s Web Publish dialog. This will ensure that debug symbol information is uploaded to the Web Site which will enable a richer debug experience within Visual Studio.  You can find this option on the Web Publish dialog on the Settings tab:

image

When you ultimately deploy/run the application in production we recommend using the “Release” configuration setting – the release configuration is memory optimized and will provide the best production performance.  To learn more about diagnosing and debugging Windows Azure Web Sites read our new Troubleshooting Windows Azure Web Sites in Visual Studio guide.

Notification Hubs: Segmented Push Notification support with tag expressions

In August we announced the General Availability of Windows Azure Notification Hubs - a powerful Mobile Push Notifications service that makes it easy to send high volume push notifications with low latency from any mobile app back-end.  Notification hubs can be used with any mobile app back-end (including ones built using our Mobile Services capability) and can also be used with back-ends that run in the cloud as well as on-premises.

Beginning with the initial release, Notification Hubs allowed developers to send personalized push notifications to both individual users as well as groups of users by interest, by associating their devices with tags representing the logical target of the notification. For example, by registering all devices of customers interested in a favorite MLB team with a corresponding tag, it is possible to broadcast one message to millions of Boston Red Sox fans and another message to millions of St. Louis Cardinals fans with a single API call respectively.

New support for using tag expressions to enable advanced customer segmentation

With today’s release we are adding support for even more advanced customer targeting.  You can now identify customers that you want to send push notifications to by defining rich tag expressions. With tag expressions, you can now not only broadcast notifications to Boston Red Sox fans, but take that segmenting a step farther and reach more granular segments. This opens up a variety of scenarios, for example:

  • Offers based on multiple preferences—e.g. send a game day vegetarian special to users tagged as both a Boston Red Sox fan AND a vegetarian
  • Push content to multiple segments in a single message—e.g. rain delay information only to users who are tagged as either a Boston Red Sox fan OR a St. Louis Cardinal fan
  • Avoid presenting subsets of a segment with irrelevant content—e.g. season ticket availability reminder to users who are tagged as a Boston Red Sox fan but NOT also a season ticket holder

To illustrate with code, consider a restaurant chain app that sends an offer related to a Red Sox vs Cardinals game for users in Boston. Devices can be tagged by your app with location tags (e.g. “Loc:Boston”) and interest tags (e.g. “Follows:RedSox”, “Follows:Cardinals”), and then a notification can be sent by your back-end to “(Follows:RedSox || Follows:Cardinals) && Loc:Boston” in order to deliver an offer to all devices in Boston that follow either the RedSox or the Cardinals.

image

This can be done directly in your server backend send logic using the code below:

var notification = new WindowsNotification(messagePayload);

hub.SendNotificationAsync(notification, "(Follows:RedSox || Follows:Cardinals) && Loc:Boston");

In your expressions you can use all Boolean operators: AND (&&), OR (||), and NOT (!).  Some other cool use cases for tag expressions that are now supported include:

  • Social: To “all my group except me” - group:id && !user:id
  • Events: Touchdown event is sent to everybody following either team or any of the players involved in the action: Followteam:A || Followteam:B || followplayer:1 || followplayer:2 …
  • Hours: Send notifications at specific times. E.g. Tag devices with time zone and when it is 12pm in Seattle send to: GMT8 && follows:thaifood
  • Versions and platforms: Send a reminder to people still using your first version for Android - version:1.0 && platform:Android

For help on getting started with Notification Hubs, visit the Notification Hub documentation center.  Then download the latest NuGet package (or use the Notification Hubs REST APIs directly) to start sending push notifications using tag expressions.  They are really powerful and enable a bunch of great new scenarios.

TFS & GIT: Continuous Delivery Support for Web Sites + Cloud Services

With today’s Windows Azure release we are making it really easy to enable continuous delivery support with Windows Azure and Team Foundation Services

Team Foundation Services is a cloud based offering from Microsoft that provides integrated source control (with both TFS and Git support), build server, test execution, collaboration tools, and agile planning support.  It makes it really easy to setup a team project (complete with automated builds and test runners) in the cloud, and it has really rich integration with Visual Studio.

With today’s Windows Azure release it is now really easy to enable continuous delivery support with both TFS and Git based repositories hosted using Team Foundation Services.  This enables a workflow where when code is checked in, built successfully on an automated build server, and all tests pass on it – I can automatically have the app deployed on Windows Azure with zero manual intervention or work required.

The below screen-shots demonstrate how to quickly setup a continuous delivery workflow to Windows Azure with a Git-based ASP.NET MVC project hosted using Team Foundation Services.

Enabling Continuous Delivery to Windows Azure with Team Foundation Services

The project I’m going to enable continuous delivery with is a simple ASP.NET MVC project whose source code I’m hosting using Team Foundation Services.  I did this by creating a “SimpleContinuousDeploymentTest” repository there using Git – and then used the new built-in Git tooling support within Visual Studio 2013 to push the source code to it.  Below is a screen-shot of the Git repository hosted within Team Foundation Services:

image

I can access the repository within Visual Studio 2013 and easily make commits with it (as well as branch, merge and do other tasks).  Using VS 2013 I can also setup automated builds to take place in the cloud using Team Foundation Services every time someone checks in code to the repository:

image

The cool thing about this is that I don’t have to buy or rent my own build server – Team Foundation Services automatically maintains its own build server farm and can automatically queue up a build for me (for free) every time someone checks in code using the above settings.  This build server (and automated testing) support now works with both TFS and Git based source control repositories.

Connecting a Team Foundation Services project to Windows Azure

Once I have a source repository hosted in Team Foundation Services with Automated Builds and Testing set up, I can then go even further and set it up so that it will be automatically deployed to Windows Azure when a source code commit is made to the repository (assuming the Build + Tests pass).  Enabling this is now really easy. 

To set this up with a Windows Azure Web Site simply use the New->Compute->Web Site->Custom Create command inside the Windows Azure Management Portal.  This will create a dialog like below.  I gave the web site a name and then made sure the “Publish from source control” checkbox was selected:

image

When we click next we’ll be prompted for the location of the source repository.  We’ll select “Team Foundation Services”:

image

Once we do this we’ll be prompted for our Team Foundation Services account that our source repository is hosted under (in this case my TFS account is “scottguthrie”):

image

When we click the “Authorize Now” button we’ll be prompted to give Windows Azure permissions to connect to the Team Foundation Services account.  Once we do this we’ll be prompted to pick the source repository we want to connect to.  Starting with today’s Windows Azure release you can now connect to both TFS and Git based source repositories.  This new support allows me to connect to the “SimpleContinuousDeploymentTest” respository we created earlier:

image

Clicking the finish button will then create the Web Site with the continuous delivery hooks setup with Team Foundation Services.  Now every time someone pushes source control to the repository in Team Foundation Services, it will kick off an automated build, run all of the unit tests in the solution , and if they pass the app will be automatically deployed to our Web Site in Windows Azure.  You can monitor the history and status of these automated deployments using the Deployments tab within the Web Site:

image

This enables a really slick continuous delivery workflow, and enables you to build and deploy apps in a really nice way.

Developer Analytics: New Relic support for Web Sites + Mobile Services

With today’s Windows Azure release we are making it really easy to enable Developer Analytics and Monitoring support with both Windows Azure Web Site and Windows Azure Mobile Services.  We are partnering with New Relic, who provide a great dev analytics and app performance monitoring offering, to enable this - and we have updated the Windows Azure Management Portal to make it really easy to configure.

Enabling New Relic with a Windows Azure Web Site

Enabling New Relic support with a Windows Azure Web Site is now really easy.  Simply navigate to the Configure tab of a Web Site and scroll down to the “developer analytics” section that is now within it:

image

Clicking the “add-on” button will display some additional UI.  If you don’t already have a New Relic subscription, you can click the “view windows azure store” button to obtain a subscription (note: New Relic has a perpetually free tier so you can enable it even without paying anything):

image

Clicking the “view windows azure store” button will launch the integrated Windows Azure Store experience we have within the Windows Azure Management Portal.  You can use this to browse from a variety of great add-on services – including New Relic:

image

Select “New Relic” within the dialog above, then click the next button, and you’ll be able to choose which type of New Relic subscription you wish to purchase.  For this demo we’ll simply select the “Free Standard Version” – which does not cost anything and can be used forever: 

image

Once we’ve signed-up for our New Relic subscription and added it to our Windows Azure account, we can go back to the Web Site’s configuration tab and choose to use the New Relic add-on with our Windows Azure Web Site.  We can do this by simply selecting it from the “add-on” dropdown (it is automatically populated within it once we have a New Relic subscription in our account):

image

Clicking the “Save” button will then cause the Windows Azure Management Portal to automatically populate all of the needed New Relic configuration settings to our Web Site:

image

Deploying the New Relic Agent as part of a Web Site

The final step to enable developer analytics using New Relic is to add the New Relic runtime agent to our web app.  We can do this within Visual Studio by right-clicking on our web project and selecting the “Manage NuGet Packages” context menu:

image

This will bring up the NuGet package manager.  You can search for “New Relic” within it to find the New Relic agent.  Note that there is both a 32-bit and 64-bit edition of it – make sure to install the version that matches how your Web Site is running within Windows Azure (note: you can configure your Web Site to run in either 32-bit or 64-bit mode using the Web Site’s “Configuration” tab within the Windows Azure Management Portal):

image

Once we install the NuGet package we are all set to go.  We’ll simply re-publish the web site again to Windows Azure and New Relic will now automatically start monitoring the application

Monitoring a Web Site using New Relic

Now that the application has developer analytics support with New Relic enabled, we can launch the New Relic monitoring portal to start monitoring the health of it.  We can do this by clicking on the “Add Ons” tab in the left-hand side of the Windows Azure Management Portal.  Then select the New Relic add-on we signed-up for within it.  The Windows Azure Management Portal will provide some default information about the add-on when we do this.  Clicking the “Manage” button in the tray at the bottom will launch a new browser tab and single-sign us into the New Relic monitoring portal associated with our account:

image

When we do this a new browser tab will launch with the New Relic admin tool loaded within it:

image

We can now see insights into how our app is performing – without having to have written a single line of monitoring code.  The New Relic service provides a ton of great built-in monitoring features allowing us to quickly see:

  • Performance times (including browser rendering speed) for the overall site and individual pages.  You can optionally set alert thresholds to trigger if the speed does not meet a threshold you specify.
  • Information about where in the world your customers are hitting the site from (and how performance varies by region)
  • Details on the latency performance of external services your web apps are using (for example: SQL, Storage, Twitter, etc)
  • Error information including call stack details for exceptions that have occurred at runtime
  • SQL Server profiling information – including which queries executed against your database and what their performance was
  • And a whole bunch more…

The cool thing about New Relic is that you don’t need to write monitoring code within your application to get all of the above reports (plus a lot more).  The New Relic agent automatically enables the CLR profiler within applications and automatically captures the information necessary to identify these.  This makes it super easy to get started and immediately have a rich developer analytics view for your solutions with very little effort.

If you haven’t tried New Relic out yet with Windows Azure I recommend you do so – I think you’ll find it helps you build even better cloud applications.  Following the above steps will help you get started and deliver you a really good application monitoring solution in only minutes.

Service Bus: Support for partitioned queues and topics

With today’s release, we are enabling support within Service Bus for partitioned queues and topics. Enabling partitioning enables you to achieve a higher message throughput and better availability from your queues and topics. Higher message throughput is achieved by implementing multiple message brokers for each partitioned queue and topic.  The  multiple messaging stores will also provide higher availability.

You can create a partitioned queue or topic by simply checking the Enable Partitioning option in the custom create wizard for a Queue or Topic:

image

Read this article to learn more about partitioned queues and topics and how to take advantage of them today.

Billing: New Billing Alert Service

Today’s Windows Azure update enables a new Billing Alert Service Preview that enables you to get proactive email notifications when your Windows Azure bill goes above a certain monetary threshold that you configure.  This makes it easier to manage your bill and avoid potential surprises at the end of the month.

With the Billing Alert Service Preview, you can now create email alerts to monitor and manage your monetary credits or your current bill total.  To set up an alert first sign-up for the free Billing Alert Service Preview.  Then visit the account management page, click on a subscription you have setup, and then navigate to the new Alerts tab that is available:

image

The alerts tab allows you to setup email alerts that will be sent automatically once a certain threshold is hit.  For example, by clicking the “add alert” button above I can setup a rule to send myself email anytime my Windows Azure bill goes above $100 for the month:

image

The Billing Alert Service will evolve to support additional aspects of your bill as well as support multiple forms of alerts such as SMS.  Try out the new Billing Alert Service Preview today and give us feedback.

Summary

Today’s Windows Azure release enables a ton of great new scenarios, and makes building applications hosted in the cloud even easier.

If you don’t already have a Windows Azure account, you can sign-up for a free trial and start using all of the above features today.  Then visit the Windows Azure Developer Center to learn more about how to build apps with it.

Hope this helps,

Scott

P.S. In addition to blogging, I am also now using Twitter for quick updates and to share links. Follow me at: twitter.com/scottgu

Windows Azure: Announcing release of Windows Azure SDK 2.2 (with lots of goodies)

Earlier today I blogged about a big update we made today to Windows Azure, and some of the great new features it provides.

Today I’m also excited to also announce the release of the Windows Azure SDK 2.2. Today’s SDK release adds even more great features including:

  • Visual Studio 2013 Support
  • Integrated Windows Azure Sign-In support within Visual Studio
  • Remote Debugging Cloud Services with Visual Studio
  • Firewall Management support within Visual Studio for SQL Databases
  • Visual Studio 2013 RTM VM Images for MSDN Subscribers
  • Windows Azure Management Libraries for .NET
  • Updated Windows Azure PowerShell Cmdlets and ScriptCenter

The below post has more details on what’s available in today’s Windows Azure SDK 2.2 release.  Also head over to Channel 9 to see the new episode of the Visual Studio Toolbox show that will be available shortly, and which highlights these features in a video demonstration.

Visual Studio 2013 Support

Version 2.2 of the Window Azure SDK is the first official version of the SDK to support the final RTM release of Visual Studio 2013. If you installed the 2.1 SDK with the Preview of Visual Studio 2013 we recommend that you upgrade your projects to SDK 2.2.  SDK 2.2 also works side by side with the SDK 2.0 and SDK 2.1 releases on Visual Studio 2012:

image

Integrated Windows Azure Sign In within Visual Studio

Integrated Windows Azure Sign-In support within Visual Studio is one of the big improvements added with this Windows Azure SDK release.  Integrated sign-in support enables developers to develop/test/manage Windows Azure resources within Visual Studio without having to download or use management certificates. 

You can now just right-click on the “Windows Azure” icon within the Server Explorer inside Visual Studio and choose the “Connect to Windows Azure” context menu option to connect to Windows Azure:

clip_image002

Doing this will prompt you to enter the email address of the account you wish to sign-in with:

clip_image004

You can use either a Microsoft Account (e.g. Windows Live ID) or an Organizational account (e.g. Active Directory) as the email.  The dialog will update with an appropriate login prompt depending on which type of email address you enter:

clip_image006

Once you sign-in you’ll see the Windows Azure resources that you have permissions to manage show up automatically within the Visual Studio Server Explorer (and you can start using them):

clip_image008

With this new integrated sign in experience you are now able to publish web apps, deploy VMs and cloud services, use Windows Azure diagnostics, and fully interact with your Windows Azure services within Visual Studio without the need for a management certificate.  All of the authentication is handled using the Windows Azure Active Directory associated with your Windows Azure account (details on this can be found in my earlier blog post).

Integrating authentication this way end-to-end across the Service Management APIs + Dev Tools + Management Portal + PowerShell automation scripts enables a much more secure and flexible security model within Windows Azure, and makes it much more convenient to securely manage multiple developers + administrators working on a project.  It also allows organizations and enterprises to use the same authentication model that they use for their developers on-premises in the cloud.  It also ensures that employees who leave an organization immediately lose access to their company’s cloud based resources once their Active Directory account is suspended.

Filtering/Subscription Management

Once you login within Visual Studio, you can filter which Windows Azure subscriptions/regions are visible within the Server Explorer by right-clicking the “Filter Services” context menu within the Server Explorer.  You can also use the “Manage Subscriptions” context menu to mange your Windows Azure Subscriptions:

image

Bringing up the “Manage Subscriptions” dialog allows you to see which accounts you are currently using, as well as which subscriptions are within them:

image

The “Certificates” tab allows you to continue to import and use management certificates to manage Windows Azure resources as well.  We have not removed any functionality with today’s update – all of the existing scenarios that previously supported management certificates within Visual Studio continue to work just fine.  The new integrated sign-in support provided with today’s release is purely additive.

Note: the SQL Database node and the Mobile Service node in Server Explorer do not support integrated sign-in at this time. Therefore, you will only see databases and mobile services under those nodes if you have a management certificate to authorize access to them.  We will enable them with integrated sign-in in a future update.

Remote Debugging Cloud Resources within Visual Studio

Today’s Windows Azure SDK 2.2 release adds support for remote debugging many types of Windows Azure resources. With live, remote debugging support from within Visual Studio, you are now able to have more visibility than ever before into how your code is operating live in Windows Azure.  Let’s walkthrough how to enable remote debugging for a Cloud Service:

Remote Debugging of Cloud Services

To enable remote debugging for your cloud service, select Debug as the Build Configuration on the Common Settings tab of your Cloud Service’s publish dialog wizard:

image

Then click the Advanced Settings tab and check the Enable Remote Debugging for all roles checkbox:

image

Once your cloud service is published and running live in the cloud, simply set a breakpoint in your local source code:

image

Then use Visual Studio’s Server Explorer to select the Cloud Service instance deployed in the cloud, and then use the Attach Debugger context menu on the role or to a specific VM instance of it:

image

Once the debugger attaches to the Cloud Service, and a breakpoint is hit, you’ll be able to use the rich debugging capabilities of Visual Studio to debug the cloud instance remotely, in real-time, and see exactly how your app is running in the cloud.

image

Today’s remote debugging support is super powerful, and makes it much easier to develop and test applications for the cloud.  Support for remote debugging Cloud Services is available as of today, and we’ll also enable support for remote debugging Web Sites shortly.

Firewall Management Support with SQL Databases

By default we enable a security firewall around SQL Databases hosted within Windows Azure.  This ensures that only your application (or IP addresses you approve) can connect to them and helps make your infrastructure secure by default.  This is great for protection at runtime, but can sometimes be a pain at development time (since by default you can’t connect/manage the database remotely within Visual Studio if the security firewall blocks your instance of VS from connecting to it).

One of the cool features we’ve added with today’s release is support that makes it easy to enable and configure the security firewall directly within Visual Studio. 

image

Now with the SDK 2.2 release, when you try and connect to a SQL Database using the Visual Studio Server Explorer, and a firewall rule prevents access to the database from your machine, you will be prompted to add a firewall rule to enable access from your local IP address:

clip_image001

You can simply click Add Firewall Rule and a new rule will be automatically added for you. In some cases, the logic to detect your local IP may not be sufficient (for example: you are behind a corporate firewall that uses a range of IP addresses) and you may need to set up a firewall rule for a range of IP addresses in order to gain access. The new Add Firewall Rule dialog also makes this easy to do. 

Once connected you’ll be able to manage your SQL Database directly within the Visual Studio Server Explorer:

image

This makes it much easier to work with databases in the cloud.

Visual Studio 2013 RTM Virtual Machine Images Available for MSDN Subscribers

Last week we released the General Availability Release of Visual Studio 2013 to the web.  This is an awesome release with a ton of new features.

With today’s Windows Azure update we now have a set of pre-configured VM images of VS 2013 available within the Windows Azure Management Portal for use by MSDN customers.  This enables you to create a VM in the cloud with VS 2013 pre-installed on it in with only a few clicks:

image

Windows Azure now provides the fastest and easiest way to get started doing development with Visual Studio 2013.

Windows Azure Management Libraries for .NET (Preview)

Having the ability to automate the creation, deployment, and tear down of resources is a key requirement for applications running in the cloud.  It also helps immensely when running dev/test scenarios and coded UI tests against pre-production environments.

Today we are releasing a preview of a new set of Windows Azure Management Libraries for .NET.  These new libraries make it easy to automate tasks using any .NET language (e.g. C#, VB, F#, etc).  Previously this automation capability was only available through the Windows Azure PowerShell Cmdlets or to developers who were willing to write their own wrappers for the Windows Azure Service Management REST API.

Modern .NET Developer Experience

We’ve worked to design easy-to-understand .NET APIs that still map well to the underlying REST endpoints, making sure to use and expose the modern .NET functionality that developers expect today:

  • Portable Class Library (PCL) support targeting applications built for any .NET Platform (no platform restriction)
  • Shipped as a set of focused NuGet packages with minimal dependencies to simplify versioning
  • Support async/await task based asynchrony (with easy sync overloads)
  • Shared infrastructure for common error handling, tracing, configuration, HTTP pipeline manipulation, etc.
  • Factored for easy testability and mocking
  • Built on top of popular libraries like HttpClient and Json.NET

Below is a list of a few of the management client classes that are shipping with today’s initial preview release:

.NET Class Name

Supports Operations for these Assets (and potentially more)

ManagementClient

Locations
Credentials
Subscriptions
Certificates

ComputeManagementClient

Hosted Services

Deployments

Virtual Machines

Virtual Machine Images & Disks

StorageManagementClient

Storage Accounts

WebSiteManagementClient

Web Sites

Web Site Publish Profiles

Usage Metrics

Repositories

VirtualNetworkManagementClient

Networks

Gateways

Automating Creating a Virtual Machine using .NET

Let’s walkthrough an example of how we can use the new Windows Azure Management Libraries for .NET to fully automate creating a Virtual Machine. I’m deliberately showing a scenario with a lot of custom options configured – including VHD image gallery enumeration, attaching data drives, network endpoints + firewall rules setup - to show off the full power and richness of what the new library provides.

We’ll begin with some code that demonstrates how to enumerate through the built-in Windows images within the standard Windows Azure VM Gallery.  We’ll search for the first VM image that has the word “Windows” in it and use that as our base image to build the VM from.  We’ll then create a cloud service container in the West US region to host it within:

image

We can then customize some options on it such as setting up a computer name, admin username/password, and hostname.  We’ll also open up a remote desktop (RDP) endpoint through its security firewall:

image

We’ll then specify the VHD host and data drives that we want to mount on the Virtual Machine, and specify the size of the VM we want to run it in:

image

Once everything has been set up the call to create the virtual machine is executed asynchronously

image

In a few minutes we’ll then have a completely deployed VM running on Windows Azure with all of the settings (hard drives, VM size, machine name, username/password, network endpoints + firewall settings) fully configured and ready for us to use:

image

Preview Availability via NuGet

The Windows Azure Management Libraries for .NET are now available via NuGet. Because they are still in preview form, you’ll need to add the –IncludePrerelease switch when you go to retrieve the packages. The Package Manager Console screen shot below demonstrates how to get the entire set of libraries to manage your Windows Azure assets:

clip_image002

You can also install them within your .NET projects by right clicking on the VS Solution Explorer and using the Manage NuGet Packages context menu command.  Make sure to select the “Include Prerelease” drop-down for them to show up, and then you can install the specific management libraries you need for your particular scenarios:

image

Open Source License

The new Windows Azure Management Libraries for .NET make it super easy to automate management operations within Windows Azure – whether they are for Virtual Machines, Cloud Services, Storage Accounts, Web Sites, and more. 

Like the rest of the Windows Azure SDK, we are releasing the source code under an open source (Apache 2) license and it is hosted at https://github.com/WindowsAzure/azure-sdk-for-net/tree/master/libraries if you wish to contribute.

PowerShell Enhancements and our New Script Center

Today, we are also shipping Windows Azure PowerShell 0.7.0 (which is a separate download). You can find the full change log here. Here are some of the improvements provided with it:

  • Windows Azure Active Directory authentication support
  • Script Center providing many sample scripts to automate common tasks on Windows Azure
  • New cmdlets for Media Services and SQL Database

Script Center

Windows Azure enables you to script and automate a lot of tasks using PowerShell.  People often ask for more pre-built samples of common scenarios so that they can use them to learn and tweak/customize. With this in mind, we are excited to introduce a new Script Center that we are launching for Windows Azure.

You can learn about how to scripting with Windows Azure with a get started article. You can then find many sample scripts across different solutions, including infrastructure, data management, web, and more:

image

All of the sample scripts are hosted on TechNet with links from the Windows Azure Script Center. Each script is complete with good code comments, detailed descriptions, and examples of usage.

Summary

Visual Studio 2013 and the Windows Azure SDK 2.2 make it easier than ever to get started developing rich cloud applications. Along with the Windows Azure Developer Center’s growing set of .NET developer resources to guide your development efforts, today’s Windows Azure SDK 2.2 release should make your development experience more enjoyable and efficient.

If you don’t already have a Windows Azure account, you can sign-up for a free trial and start using all of the above features today.  Then visit the Windows Azure Developer Center to learn more about how to build apps with it.

Hope this helps,

Scott

P.S. In addition to blogging, I am also now using Twitter for quick updates and to share links. Follow me at: twitter.com/scottgu

Windows Azure: Backup Services Release, Hyper-V Recovery Manager, VM Enhancements, Enhanced Enterprise Management Support

This morning we released a huge set of updates to Windows Azure.  These new capabilities include:

  • Backup Services: General Availability of Windows Azure Backup Services
  • Hyper-V Recovery Manager: Public preview of Windows Azure Hyper-V Recovery Manager
  • Virtual Machines: Delete Attached Disks, Availability Set Warnings, SQL AlwaysOn Configuration
  • Active Directory: Securely manage hundreds of SaaS applications
  • Enterprise Management: Use Active Directory to Better Manage Windows Azure
  • Windows Azure SDK 2.2: A massive update of our SDK + Visual Studio tooling support

All of these improvements are now available to use immediately.  Below are more details about them.

Backup Service: General Availability Release of Windows Azure Backup

Today we are releasing Windows Azure Backup Service as a general availability service.  This release is now live in production, backed by an enterprise SLA, supported by Microsoft Support, and is ready to use for production scenarios.

Windows Azure Backup is a cloud based backup solution for Windows Server which allows files and folders to be backed up and recovered from the cloud, and provides off-site protection against data loss. The service provides IT administrators and developers with the option to back up and protect critical data in an easily recoverable way from any location with no upfront hardware cost.

Windows Azure Backup is built on the Windows Azure platform and uses Windows Azure blob storage for storing customer data. Windows Server uses the downloadable Windows Azure Backup Agent to transfer file and folder data securely and efficiently to the Windows Azure Backup Service. Along with providing cloud backup for Windows Server, Windows Azure Backup Service also provides capability to backup data from System Center Data Protection Manager and Windows Server Essentials, to the cloud.

All data is encrypted onsite before it is sent to the cloud, and customers retain and manage the encryption key (meaning the data is stored entirely secured and can’t be decrypted by anyone but yourself).

Getting Started

To get started with the Windows Azure Backup Service, create a new Backup Vault within the Windows Azure Management Portal.  Click New->Data Services->Recovery Services->Backup Vault to do this:

image

Once the backup vault is created you’ll be presented with a simple tutorial that will help guide you on how to register your Windows Servers with it:

image

Once the servers you want to backup are registered, you can use the appropriate local management interface (such as the Microsoft Management Console snap-in, System Center Data Protection Manager Console, or Windows Server Essentials Dashboard) to configure the scheduled backups and to optionally initiate recoveries. You can follow these tutorials to learn more about how to do this:

Below are some of the key benefits the Windows Azure Backup Service provides:

  • Simple configuration and management. Windows Azure Backup Service integrates with the familiar Windows Server Backup utility in Windows Server, the Data Protection Manager component in System Center and Windows Server Essentials, in order to provide a seamless backup and recovery experience to a local disk, or to the cloud.
  • Block level incremental backups. The Windows Azure Backup Agent performs incremental backups by tracking file and block level changes and only transferring the changed blocks, hence reducing the storage and bandwidth utilization. Different point-in-time versions of the backups use storage efficiently by only storing the changes blocks between these versions.
  • Data compression, encryption and throttling. The Windows Azure Backup Agent ensures that data is compressed and encrypted on the server before being sent to the Windows Azure Backup Service over the network. As a result, the Windows Azure Backup Service only stores encrypted data in the cloud storage. The encryption key is not available to the Windows Azure Backup Service, and as a result the data is never decrypted in the service. Also, users can setup throttling and configure how the Windows Azure Backup service utilizes the network bandwidth when backing up or restoring information.
  • Data integrity is verified in the cloud. In addition to the secure backups, the backed up data is also automatically checked for integrity once the backup is done. As a result, any corruptions which may arise due to data transfer can be easily identified and are fixed automatically.
  • Configurable retention policies for storing data in the cloud. The Windows Azure Backup Service accepts and implements retention policies to recycle backups that exceed the desired retention range, thereby meeting business policies and managing backup costs.

Hyper-V Recovery Manager: Now Available in Public Preview

I’m excited to also announce the public preview of a new Windows Azure Service – the Windows Azure Hyper-V Recovery Manager (HRM).

Windows Azure Hyper-V Recovery Manager helps protect your business critical services by coordinating the replication and recovery of System Center Virtual Machine Manager 2012 SP1 and System Center Virtual Machine Manager 2012 R2 private clouds at a secondary location. With automated protection, asynchronous ongoing replication, and orderly recovery, the Hyper-V Recovery Manager service can help you implement Disaster Recovery and restore important services accurately, consistently, and with minimal downtime.

image

Application data in an Hyper-V Recovery Manager scenarios always travels on your on-premise replication channel. Only metadata (such as names of logical clouds, virtual machines, networks etc.) that is needed for orchestration is sent to Azure. All traffic sent to/from Azure is encrypted.

You can begin using Windows Azure Hyper-V Recovery today by clicking New->Data Services->Recovery Services->Hyper-V Recovery Manager within the Windows Azure Management Portal.  You can read more about Windows Azure Hyper-V Recovery Manager in Brad Anderson’s 9-part series, Transform the datacenter. To learn more about setting up Hyper-V Recovery Manager follow our detailed step-by-step guide.

Virtual Machines: Delete Attached Disks, Availability Set Warnings, SQL AlwaysOn

Today’s Windows Azure release includes a number of nice updates to Windows Azure Virtual Machines.  These improvements include:

Ability to Delete both VM Instances + Attached Disks in One Operation

Prior to today’s release, when you deleted VMs within Windows Azure we would delete the VM instance – but not delete the drives attached to the VM.  You had to manually delete these yourself from the storage account.  With today’s update we’ve added a convenience option that now allows you to either retain or delete the attached disks when you delete the VM:

image 

We’ve also added the ability to delete a cloud service, its deployments, and its role instances with a single action. This can either be a cloud service that has production and staging deployments with web and worker roles, or a cloud service that contains virtual machines.  To do this, simply select the Cloud Service within the Windows Azure Management Portal and click the “Delete” button:

image

Warnings on Availability Sets with Only One Virtual Machine In Them

One of the nice features that Windows Azure Virtual Machines supports is the concept of “Availability Sets”.  An “availability set” allows you to define a tier/role (e.g. webfrontends, databaseservers, etc) that you can map Virtual Machines into – and when you do this Windows Azure separates them across fault domains and ensures that at least one of them is always available during servicing operations.  This enables you to deploy applications in a high availability way.

One issue we’ve seen some customers run into is where they define an availability set, but then forget to map more than one VM into it (which defeats the purpose of having an availability set).  With today’s release we now display a warning in the Windows Azure Management Portal if you have only one virtual machine deployed in an availability set to help highlight this:

image

You can learn more about configuring the availability of your virtual machines here.

Configuring SQL Server Always On

SQL Server Always On is a great feature that you can use with Windows Azure to enable high availability and DR scenarios with SQL Server.

Today’s Windows Azure release makes it even easier to configure SQL Server Always On by enabling “Direct Server Return” endpoints to be configured and managed within the Windows Azure Management Portal.  Previously, setting this up required using PowerShell to complete the endpoint configuration.  Starting today you can enable this simply by checking the “Direct Server Return” checkbox:

image

You can learn more about how to use direct server return for SQL Server AlwaysOn availability groups here.

Active Directory: Application Access Enhancements

This summer we released our initial preview of our Application Access Enhancements for Windows Azure Active Directory.  This service enables you to securely implement single-sign-on (SSO) support against SaaS applications (including Office 365, SalesForce, Workday, Box, Google Apps, GitHub, etc) as well as LOB based applications (including ones built with the new Windows Azure AD support we shipped last week with ASP.NET and VS 2013).

Since the initial preview we’ve enhanced our SAML federation capabilities, integrated our new password vaulting system, and shipped multi-factor authentication support. We've also turned on our outbound identity provisioning system and have it working with hundreds of additional SaaS Applications:

image

Earlier this month we published an update on dates and pricing for when the service will be released in general availability form.  In this blog post we announced our intention to release the service in general availability form by the end of the year.  We also announced that the below features would be available in a free tier with it:

  • SSO to every SaaS app we integrate with – Users can Single Sign On to any app we are integrated with at no charge. This includes all the top SAAS Apps and every app in our application gallery whether they use federation or password vaulting.
  • Application access assignment and removal – IT Admins can assign access privileges to web applications to the users in their active directory assuring that every employee has access to the SAAS Apps they need. And when a user leaves the company or changes jobs, the admin can just as easily remove their access privileges assuring data security and minimizing IP loss
  • User provisioning (and de-provisioning) – IT admins will be able to automatically provision users in 3rd party SaaS applications like Box, Salesforce.com, GoToMeeting, DropBox and others. We are working with key partners in the ecosystem to establish these connections, meaning you no longer have to continually update user records in multiple systems.
  • Security and auditing reports – Security is a key priority for us. With the free version of these enhancements you'll get access to our standard set of access reports giving you visibility into which users are using which applications, when they were using them and where they are using them from. In addition, we'll alert you to un-usual usage patterns for instance when a user logs in from multiple locations at the same time.
  • Our Application Access Panel – Users are logging in from every type of devices including Windows, iOS, & Android. Not all of these devices handle authentication in the same manner but the user doesn't care. They need to access their apps from the devices they love. Our Application Access Panel will support the ability for users to access access and launch their apps from any device and anywhere.

You can learn more about our plans for application management with Windows Azure Active Directory here.  Try out the preview and start using it today.

Enterprise Management: Use Active Directory to Better Manage Windows Azure

Windows Azure Active Directory provides the ability to manage your organization in a directory which is hosted entirely in the cloud, or alternatively kept in sync with an on-premises Windows Server Active Directory solution (allowing you to seamlessly integrate with the directory you already have). 

With today’s Windows Azure release we are integrating Windows Azure Active Directory even more within the core Windows Azure management experience, and enabling an even richer enterprise security offering.  Specifically:

1) All Windows Azure accounts now have a default Windows Azure Active Directory created for them.  You can create and map any users you want into this directory, and grant administrative rights to manage resources in Windows Azure to these users.

2) You can keep this directory entirely hosted in the cloud – or optionally sync it with your on-premises Windows Server Active Directory.  Both options are free.  The later approach is ideal for companies that wish to use their corporate user identities to sign-in and manage Windows Azure resources.  It also ensures that if an employee leaves an organization, his or her access control rights to the company’s Windows Azure resources are immediately revoked.

3) The Windows Azure Service Management APIs have been updated to support using Windows Azure Active Directory credentials to sign-in and perform management operations.  Prior to today’s release customers had to download and use management certificates (which were not scoped to individual users) to perform management operations.  We still support this management certificate approach (don’t worry – nothing will stop working).  But we think the new Windows Azure Active Directory authentication support enables an even easier and more secure way for customers to manage resources going forward. 

4) The Windows Azure SDK 2.2 release (which is also shipping today) includes built-in support for the new Service Management APIs that authenticate with Windows Azure Active Directory, and now allow you to create and manage Windows Azure applications and resources directly within Visual Studio using your Active Directory credentials.  This, combined with updated PowerShell scripts that also support Active Directory, enables an end-to-end enterprise authentication story with Windows Azure.

Below are some details on how all of this works:

Subscriptions within a Directory

As part of today’s update, we have associated all existing Window Azure accounts with a Windows Azure Active Directory (and created one for you if you don’t already have one).

When you login to the Windows Azure Management Portal you’ll now see the directory name in the URI of the browser.  For example, in the screen-shot below you can see that I have a “scottgu” directory that my subscriptions are hosted within:

image

Note that you can continue to use Microsoft Accounts (formerly known as Microsoft Live IDs) to sign-into Windows Azure.  These map just fine to a Windows Azure Active Directory – so there is no need to create new usernames that are specific to a directory if you don’t want to.  In the scenario above I’m actually logged in using my @hotmail.com based Microsoft ID which is now mapped to a “scottgu” active directory that was created for me.  By default everything will continue to work just like you used to before.

Manage your Directory

You can manage an Active Directory (including the one we now create for you by default) by clicking the “Active Directory” tab in the left-hand side of the portal.  This will list all of the directories in your account.  Clicking one the first time will display a getting started page that provides documentation and links to perform common tasks with it:

image

You can use the built-in directory management support within the Windows Azure Management Portal to add/remove/manage users within the directory, enable multi-factor authentication, associate a custom domain (e.g. mycompanyname.com) with the directory, and/or rename the directory to whatever friendly name you want (just click the configure tab to do this).  You can also setup the directory to automatically sync with an on-premises Active Directory using the “Directory Integration” tab.

Note that users within a directory by default do not have admin rights to login or manage Windows Azure based resources.  You still need to explicitly grant them co-admin permissions on a subscription for them to login or manage resources in Windows Azure.  You can do this by clicking the Settings tab on the left-hand side of the portal and then by clicking the administrators tab within it.

Sign-In Integration within Visual Studio

If you install the new Windows Azure SDK 2.2 release, you can now connect to Windows Azure from directly inside Visual Studio without having to download any management certificates.  You can now just right-click on the “Windows Azure” icon within the Server Explorer and choose the “Connect to Windows Azure” context menu option to do so:

image

Doing this will prompt you to enter the email address of the username you wish to sign-in with (make sure this account is a user in your directory with co-admin rights on a subscription):

image

You can use either a Microsoft Account (e.g. Windows Live ID) or an Active Directory based Organizational account as the email.  The dialog will update with an appropriate login prompt depending on which type of email address you enter:

image

Once you sign-in you’ll see the Windows Azure resources that you have permissions to manage show up automatically within the Visual Studio server explorer and be available to start using:

image

No downloading of management certificates required.  All of the authentication was handled using your Windows Azure Active Directory!

Manage Subscriptions across Multiple Directories

If you have already have multiple directories and multiple subscriptions within your Windows Azure account, we have done our best to create a good default mapping of your subscriptions->directories as part of today’s update.  If you don’t like the default subscription-to-directory mapping we have done you can click the Settings tab in the left-hand navigation of the Windows Azure Management Portal and browse to the Subscriptions tab within it:

image

If you want to map a subscription under a different directory in your account, simply select the subscription from the list, and then click the “Edit Directory” button to choose which directory to map it to.  Mapping a subscription to a different directory takes only seconds and will not cause any of the resources within the subscription to recycle or stop working.  We’ve made the directory->subscription mapping process self-service so that you always have complete control and can map things however you want.

Filtering By Directory and Subscription

Within the Windows Azure Management Portal you can filter resources in the portal by subscription (allowing you to show/hide different subscriptions).  If you have subscriptions mapped to multiple directory tenants, we also now have a filter drop-down that allows you to filter the subscription list by directory tenant.  This filter is only available if you have multiple subscriptions mapped to multiple directories within your Windows Azure Account:

 image

Windows Azure SDK 2.2

Today we are also releasing a major update of our Windows Azure SDK.  The Windows Azure SDK 2.2 release adds some great new features including:

  • Visual Studio 2013 Support
  • Integrated Windows Azure Sign-In support within Visual Studio
  • Remote Debugging Cloud Services with Visual Studio
  • Firewall Management support within Visual Studio for SQL Databases
  • Visual Studio 2013 RTM VM Images for MSDN Subscribers
  • Windows Azure Management Libraries for .NET
  • Updated Windows Azure PowerShell Cmdlets and ScriptCenter

I’ll post a follow-up blog shortly with more details about all of the above.

Additional Updates

In addition to the above enhancements, today’s release also includes a number of additional improvements:

  • AutoScale: Richer time and date based scheduling support (set different rules on different dates)
  • AutoScale: Ability to Scale to Zero Virtual Machines (very useful for Dev/Test scenarios)
  • AutoScale: Support for time-based scheduling of Mobile Service AutoScale rules
  • Operation Logs: Auditing support for Service Bus management operations

Today we also shipped a major update to the Windows Azure SDK – Windows Azure SDK 2.2.  It has so much goodness in it that I have a whole second blog post coming shortly on it! :-)

Summary

Today’s Windows Azure release enables a bunch of great new scenarios, and enables a much richer enterprise authentication offering.

If you don’t already have a Windows Azure account, you can sign-up for a free trial and start using all of the above features today.  Then visit the Windows Azure Developer Center to learn more about how to build apps with it.

Hope this helps,

Scott

P.S. In addition to blogging, I am also now using Twitter for quick updates and to share links. Follow me at: twitter.com/scottgu

Windows Azure: Announcing Support for Windows Server 2012 R2 + Some Nice Price Cuts

Today we released some great updates to Windows Azure:

  • Virtual Machines: Support for Windows Server 2012 R2
  • Cloud Services: Support for Windows Server 2012 R2 and .NET 4.5.1
  • Windows Azure Pack: Use Windows Azure features on-premises using Windows Server 2012 R2
  • Price Cuts: Up to 22% Price Reduction on Memory-Intensive Instances

Below are more details about each of the improvements:

Virtual Machines: Support for Windows Server 2012 R2

This morning we announced the release of Windows Server 2012 R2 – which is a fantastic update to Windows Server and includes a ton of great enhancements.

This morning we are also excited to announce that the general availability image of Windows Server 2012 R2 is now supported on Windows Azure.  Windows Azure is the first cloud provider to offer the final release of Windows Server 2012 R2, and it is incredibly easy to launch your own Windows Server 2012 R2 instance with it.

To create a new Windows Server 2012 R2 instance simply choose New->Compute->Virtual Machine within the Windows Azure Management Portal.  You can select the “Windows Server 2012 R2” image and create a new Virtual Machine using the “Quick Create” option:

image

Or alternatively click the “From Gallery” option if you want to customize even more configuration options (endpoints, remote powershell, availability set, etc):

image

Creating and instantiating a new Virtual Machine on Windows Azure is very fast.  In fact, the Windows Server 2012 R2 image now deploys and runs 30% faster than previous versions of Windows Server.

Once the VM is deployed you can drill into it to track its health and manage its settings:

image

Clicking the “Connect” button allows you to remote desktop into the VM – at which point you can customize and manage it as a full administrator however you want:

image

If you haven’t tried Windows Server 2012 R2 yet – give it a try with Windows Azure.  There is no easier way to get an instance of it up and running!

Cloud Services: Support for using Windows Server 2012 R2 with Web and Worker Roles

Today’s Windows Azure release also allows you to now use Windows Server 2012 R2 and .NET 4.5.1 within Web and Worker Roles within Cloud Service based applications.  Enabling this is easy.  You can configure existing existing Cloud Service application to use Windows Server 2012 R2 by updating your Cloud Service Configuration File (.cscfg) to use the new “OS Family 4” setting:

image

Or alternatively you can use the Windows Azure Management Portal to update cloud services that are already deployed on Windows Azure.  Simply choose the configure tab on them and select Windows Server 2012 R2 in the Operating System Family dropdown:

image

The approaches above enable you to immediately take advantage of Windows Server 2012 R2 and .NET 4.5.1 and all the great features they provide.

Windows Azure Pack: Use Windows Azure features on Windows Server 2012 R2

Today we also made generally available the Windows Azure Pack, which is a free download that enables you to run Windows Azure Technology within your own datacenter, an on-premises private cloud environment, or with one of our service provider/hosting partners who run Windows Server.

Windows Azure Pack enables you to use a management portal that has the exact same UI as the Windows Azure Management Portal, and within which you can create and manage Virtual Machines, Web Sites, and Service Bus – all of which can run on Windows Server and System Center. 

The services provided with the Windows Azure Pack are consistent with the services offered within our Windows Azure public cloud offering.  This consistency enables organizations and developers to build applications and solutions that can run in any hosting environment – and which use the same development and management approach.  The end result is an offering with incredible flexibility.

You can learn more about Windows Azure Pack and download/deploy it today here.

Price Cuts: Up to 22% Reduction on Memory Intensive Instances

Today we are also reducing prices by up to 22% on our memory-intensive VM instances (specifically our A5, A6, and A7 instances).  These price reductions apply to both Windows and Linux VM instances, as well as for Cloud Service based applications:

image

These price reductions will take effect in November, and will enable you to run applications that demand larger memory (such as SharePoint, Databases, in-memory analytics, etc) even more cost effectively.

Summary

Today’s release enables you to start using Windows Server 2012 R2 within Windows Azure immediately, and take advantage of our Cloud OS vision both within our datacenters – and using the Windows Azure Pack within both your existing datacenters and those of our partners.

If you don’t already have a Windows Azure account, you can sign-up for a free trial and start using all of the above features today.  Then visit the Windows Azure Developer Center to learn more about how to build apps with it.

Hope this helps,

Scott

P.S. In addition to blogging, I am also now using Twitter for quick updates and to share links. Follow me at: twitter.com/scottgu

Announcing the Release of Visual Studio 2013 and Great Improvements to ASP.NET and Entity Framework

Today we released VS 2013 and .NET 4.5.1. These releases include a ton of great improvements, and include some fantastic enhancements to ASP.NET and the Entity Framework.  You can download and start using them now.

Below are details on a few of the great ASP.NET, Web Development, and Entity Framework improvements you can take advantage of with this release.  Please visit http://www.asp.net/vnext for additional release notes, documentation, and tutorials.

One ASP.NET

With the release of Visual Studio 2013, we have taken a step towards unifying the experience of using the different ASP.NET sub-frameworks (Web Forms, MVC, Web API, SignalR, etc), and you can now easily mix and match the different ASP.NET technologies you want to use within a single application.

When you do a File-New Project with VS 2013 you’ll now see a single ASP.NET Project option:

image

Selecting this project will bring up an additional dialog that allows you to start with a base project template, and then optionally add/remove the technologies you want to use in it. 

For example, you could start with a Web Forms template and add Web API or Web Forms support for it, or create a MVC project and also enable Web Forms pages within it:

image

This makes it easy for you to use any ASP.NET technology you want within your apps, and take advantage of any feature across the entire ASP.NET technology span.

Richer Authentication Support

The new “One ASP.NET” project dialog also includes a new Change Authentication button that, when pushed, enables you to easily change the authentication approach used by your applications – and makes it much easier to build secure applications that enable SSO from a variety of identity providers. 

For example, when you start with the ASP.NET Web Forms or MVC templates you can easily add any of the following authentication options to the application:

  • No Authentication
  • Individual User Accounts (Single Sign-On support with FaceBook, Twitter, Google, and Microsoft ID – or Forms Auth with ASP.NET Membership)
  • Organizational Accounts (Single Sign-On support with Windows Azure Active Directory )
  • Windows Authentication (Active Directory in an intranet application)

The Windows Azure Active Directory support is particularly cool.  Last month we updated Windows Azure Active Directory so that developers can now easily create any number of Directories using it (for free and deployed within seconds).  It now takes only a few moments to enable single-sign-on support within your ASP.NET applications against these Windows Azure Active Directories.  Simply choose the “Organizational Accounts” radio button within the Change Authentication dialog and enter the name of your Windows Azure Active Directory to do this:

image

This will automatically configure your ASP.NET application to use Windows Azure Active Directory and register the application with it.  Now when you run the app your users can easily and securely sign-in using their Active Directory credentials within it – regardless of where the application is hosted on the Internet.

For more information about the new process for creating web projects, see Creating ASP.NET Web Projects in Visual Studio 2013.

Responsive Project Templates with Bootstrap

The new default project templates for ASP.NET Web Forms, MVC, Web API and SPA are built using Bootstrap. Bootstrap is an open source CSS framework that helps you build responsive websites which look great on different form factors such as mobile phones, tables and desktops. For example in a browser window the home page created by the MVC template looks like the following:

image

When you resize the browser to a narrow window to see how it would like on a phone, you can notice how the contents gracefully wrap around and the horizontal top menu turns into an icon:

image

When you click the menu-icon above it expands into a vertical menu – which enables a good navigation experience for small screen real-estate devices:

image

We think Bootstrap will enable developers to build web applications that work even better on phones, tablets and other mobile devices – and enable you to easily build applications that can leverage the rich ecosystem of Bootstrap CSS templates already out there.  You can learn more about Bootstrap here.

Visual Studio Web Tooling Improvements

Visual Studio 2013 includes a new, much richer, HTML editor for Razor files and HTML files in web applications. The new HTML editor provides a single unified schema based on HTML5. It has automatic brace completion, jQuery UI and AngularJS attribute IntelliSense, attribute IntelliSense Grouping, and other great improvements.

For example, typing “ng-“ on an HTML element will show the intellisense for AngularJS:

image

This support for AngularJS, Knockout.js, Handlebars and other SPA technologies in this release of ASP.NET and VS 2013 makes it even easier to build rich client web applications:

image

The screen shot below demonstrates how the HTML editor can also now inspect your page at design-time to determine all of the CSS classes that are available. In this case, the auto-completion list contains classes from Bootstrap’s CSS file. No more guessing at which Bootstrap element names you need to use:

image

Visual Studio 2013 also comes with built-in support for both CoffeeScript and LESS editing support. The LESS editor comes with all the cool features from the CSS editor and has specific Intellisense for variables and mixins across all the LESS documents in the @import chain.

Browser Link – SignalR channel between browser and Visual Studio

The new Browser Link feature in VS 2013 lets you run your app within multiple browsers on your dev machine, connect them to Visual Studio, and simultaneously refresh all of them just by clicking a button in the toolbar. You can connect multiple browsers (including IE, FireFox, Chrome) to your development site, including mobile emulators, and click refresh to refresh all the browsers all at the same time.  This makes it much easier to easily develop/test against multiple browsers in parallel.

image

Browser Link also exposes an API to enable developers to write Browser Link extensions.  By enabling developers to take advantage of the Browser Link API, it becomes possible to create very advanced scenarios that crosses boundaries between Visual Studio and any browser that’s connected to it. Web Essentials takes advantage of the API to create an integrated experience between Visual Studio and the browser’s developer tools, remote controlling mobile emulators and a lot more.

You will see us take advantage of this support even more to enable really cool scenarios going forward.

ASP.NET Scaffolding

ASP.NET Scaffolding is a new code generation framework for ASP.NET Web applications. It makes it easy to add boilerplate code to your project that interacts with a data model. In previous versions of Visual Studio, scaffolding was limited to ASP.NET MVC projects. With Visual Studio 2013, you can now use scaffolding for any ASP.NET project, including Web Forms.

When using scaffolding, we ensure that all required dependencies are automatically installed for you in the project. For example, if you start with an ASP.NET Web Forms project and then use scaffolding to add a Web API Controller, the required NuGet packages and references to enable Web API are added to your project automatically.  To do this, just choose the Add->New Scaffold Item context menu:

image

Support for scaffolding async controllers uses the new async features from Entity Framework 6.

ASP.NET Identity

ASP.NET Identity is a new membership system for ASP.NET applications that we are introducing with this release.

ASP.NET Identity makes it easy to integrate user-specific profile data with application data. ASP.NET Identity also allows you to choose the persistence model for user profiles in your application. You can store the data in a SQL Server database or another data store, including NoSQL data stores such as Windows Azure Storage Tables. ASP.NET Identity also supports Claims-based authentication, where the user’s identity is represented as a set of claims from a trusted issuer.

Users can login by creating an account on the website using username and password, or they can login using social identity providers (such as Microsoft Account, Twitter, Facebook, Google) or using organizational accounts through Windows Azure Active Directory or Active Directory Federation Services (ADFS).

To learn more about how to use ASP.NET Identity visit http://www.asp.net/aspnet/overview/authentication-and-identity

ASP.NET Web API 2

ASP.NET Web API 2 has a bunch of great improvements including:

Attribute routing

ASP.NET Web API now supports attribute routing, thanks to a contribution by Tim McCall, the author of http://attributerouting.net. With attribute routing you can specify your Web API routes by annotating your actions and controllers like this:

image

OAuth 2.0 support

The Web API and Single Page Application project templates now support authorization using OAuth 2.0. OAuth 2.0 is a framework for authorizing client access to protected resources. It works for a variety of clients including browsers and mobile devices.

OData Improvements

ASP.NET Web API also now provides support for OData endpoints and enables support for both ATOM and JSON-light formats. With OData you get support for rich query semantics, paging, $metadata, CRUD operations, and custom actions over any data source. Below are some of the specific enhancements in ASP.NET Web API 2 OData.

  • Support for $select, $expand, $batch, and $value
  • Improved extensibility
  • Type-less support
  • Reuse an existing model

OWIN Integration

ASP.NET Web API now fully supports OWIN and can be run on any OWIN capable host. With OWIN integration, you can self-host Web API in your own process alongside other OWIN middleware, such as SignalR.

For more information, see Use OWIN to Self-Host ASP.NET Web API.

More Web API Improvements

In addition to the features above there have been a host of other features in ASP.NET Web API, including

  • CORS support
  • Authentication Filters
  • Filter Overrides
  • Improved Unit Testability
  • Portable ASP.NET Web API Client

To learn more go to http://www.asp.net/web-api/

ASP.NET SignalR 2

ASP.NET SignalR is library for ASP.NET developers that dramatically simplifies the process of adding real-time web functionality to your applications.

Real-time web functionality is the ability to have server-side code push content to connected clients instantly as it becomes available. SignalR 2.0 introduces a ton of great improvements. We’ve added support for Cross-Origin Resource Sharing (CORS) to SignalR 2.0. iOS and Android support for SignalR have also been added using the MonoTouch and MonoDroid components from the Xamarin library (for more information on how to use these additions, see the article Using Xamarin Components from the SignalR wiki).

We’ve also added support for the Portable .NET Client in SignalR 2.0 and created a new self-hosting package. This change makes the setup process for SignalR much more consistent between web-hosted and self-hosted SignalR applications.

To learn more go to http://www.asp.net/signalr.

ASP.NET MVC 5

The ASP.NET MVC project templates integrate seamlessly with the new One ASP.NET experience and enable you to integrate all of the above ASP.NET Web API, SignalR and Identity improvements. You can also customize your MVC project and configure authentication using the One ASP.NET project creation wizard. The MVC templates have also been updated to use ASP.NET Identity and Bootstrap as well. An introductory tutorial to ASP.NET MVC 5 can be found at Getting Started with ASP.NET MVC 5.

This release of ASP.NET MVC also supports several nice new MVC-specific features including:

  • Authentication filters: These filters allow you to specify authentication logic per-action, per-controller or globally for all controllers.
  • Attribute Routing: Attribute Routing allows you to define your routes on actions or controllers.

To learn more go to http://www.asp.net/mvc

Entity Framework 6 Improvements

Visual Studio 2013 ships with Entity Framework 6, which bring a lot of great new features to the data access space:

Async and Task<T> Support

EF6’s new Async Query and Save support enables you to perform asynchronous data access and take advantage of the Task<T> support introduced in .NET 4.5 within data access scenarios.  This allows you to free up threads that might otherwise by blocked on data access requests, and enable them to be used to process other requests whilst you wait for the database engine to process operations. When the database server responds the thread will be re-queued within your ASP.NET application and execution will continue.  This enables you to easily write significantly more scalable server code.

Here is an example ASP.NET WebAPI action that makes use of the new EF6 async query methods:

image

Interception and Logging

Interception and SQL logging allows you to view – or even change – every command that is sent to the database by Entity Framework. This includes a simple, human readable log – which is great for debugging – as well as some lower level building blocks that give you access to the command and results. Here is an example of wiring up the simple log to Debug in the constructor of an MVC controller:

image

Custom Code-First Conventions

The new Custom Code-First Conventions enable bulk configuration of a Code First model – reducing the amount of code you need to write and maintain. Conventions are great when your domain classes don’t match the Code First conventions. For example, the following convention configures all properties that are called ‘Key’ to be the primary key of the entity they belong to. This is different than the default Code First convention that expects Id or <type name>Id.

image

Connection Resiliency

The new Connection Resiliency feature in EF6 enables you to register an execution strategy to handle – and potentially retry – failed database operations. This is especially useful when deploying to cloud environments where dropped connections become more common as you traverse load balancers and distributed networks.

EF6 includes a built-in execution strategy for SQL Azure that knows about retryable exception types and has some sensible – but overridable – defaults for the number of retries and time between retries when errors occur. Registering it is simple using the new Code-Based Configuration support:

clip_image002[4]

These are just some of the new features in EF6. You can visit the release notes section of the Entity Framework site for a complete list of new features.

Microsoft OWIN Components

Open Web Interface for .NET (OWIN) defines an open abstraction between .NET web servers and web applications, and the ASP.NET “Katana” project brings this abstraction to ASP.NET.

OWIN decouples the web application from the server, making web applications host-agnostic. For example, you can host an OWIN-based web application in IIS or self-host it in a custom process. For more information about OWIN and Katana, see What's new in OWIN and Katana.

Summary

Today’s Visual Studio 2013, ASP.NET and Entity Framework release delivers some fantastic new features that streamline your web development lifecycle. These feature span from server framework to data access to tooling to client-side HTML development.  They also integrate some great open-source technology and contributions from our developer community.

Download and start using them today!

Scott

P.S. In addition to blogging, I am also now using Twitter for quick updates and to share links. Follow me at: twitter.com/scottgu

Windows Azure: New Virtual Machine, Active Directory, Multi-Factor Auth, Storage, Web Site and Spending Limit Improvements

This week we released some great updates to Windows Azure.  These new capabilities include:

  • Compute: New 2-CPU Core 14 GB RAM instance option
  • Virtual Machines: Support for Oracle Software Images, Management Operations on Stopped VMs
  • Active Directory: Richer Directory Management and General Availability of Multi-Factor Authentication Support
  • Spending Limit: Reset your Spending Limit, Virtual Machines are no longer deleted if it is hit
  • Storage: New Storage Client Library 2.1 Released
  • Web Sites: IP and Domain Restriction Now Supported

All of these improvements are now available to use immediately.  Below are more details about them.

Compute: New 2-CPU Core 14 GB RAM instance

This week we released a new memory-intensive instance for Windows Azure. This new instance, called A5, has two CPU cores and 14 gigabytes (GB) of RAM and can be used with Virtual Machines (both Windows and Linux) and Cloud Services:

clip_image001

You can begin using this new A5 compute option immediately.  Additional information on pricing can be found in the Cloud Services and Virtual Machines sections of our pricing details pages on the Windows Azure website.

Virtual Machines: Support for Oracle Software Images

Earlier this summer we announced a strategic partnership between Microsoft and Oracle, and that we would enable support for running Oracle software in Windows Azure Virtual Machines.

Starting today, you can now deploy pre-configured virtual machine images running various combinations of Oracle Database, Oracle WebLogic Server, and Java Platform SE on Windows, with licenses for the Oracle software included.  These ready-to-deploy Oracle software images enable rapid provisioning of cost-effective cloud environments for development, testing, deployment, and easy scaling of enterprise applications.  The images can now be easily selected in the standard “Create Virtual Machine” wizard within the Windows Azure Management Portal:

clip_image002

During preview, these images are offered for no additional charge on top of the standard Windows Server VM rate.  After the preview period ends, these Oracle images will be billed based on the total number of minutes the VMs run in a month.  With Oracle license mobility, existing Oracle customers that are already licensed on Oracle software also have the flexibility to deploy them on Windows Azure. 

To learn more about Oracle on Windows Azure, visit windowsazure.com/oracle and read the technical walk-through documentation for the Oracle Images.

Virtual Machines: Management Operations on Stopped VMs

Starting with this week’s release, it is now possible to perform management operations on stopped/de-allocated Virtual Machines.  Previously a VM had to be running in order to do operations like change the VM size, attach and detach disks, configure endpoints and load balancer/availability settings.  Now it is possible to do all of these on stopped VMs without having to boot them:

clip_image003

Active Directory: Create and Manage Multiple Active Directories

Starting with this week’s release it is now possible to create and manage multiple Windows Azure Active Directories in a single Windows Azure subscription (previously only one directory was supported and once created you couldn’t delete it).  This is useful both for development/test scenarios as well as for cases where you want to have separate directory tenants or synchronize with different on-premises domains or forests. 

Creating a New Active Directory

Creating a new Active Directory is now really easy.  Simply select New->Application Services->Active Directory->Directory within the management portal:

clip_image004

When prompted configure the directory name, default domain name (you can later change this to any custom domain you want – e.g. yourcompanyname.com), and the country or region to use:

clip_image005

In a few seconds you’ll have a new Active Directory hosted within Windows Azure that is ready to use for free:

clip_image006

You can run and manage your Windows Azure Active Directories entirely in the cloud, or alternatively sync them with an on-premises Active Directory deployment - which allows you to automatically synchronize all of your on-premises users into your Active Directory in the cloud.  This later option is very powerful, and ensures that any time you add or remove a user in your on-premises directory it is automatically reflected in the cloud as well.

You can use your Windows Azure Active Directory to manage identity access to custom applications you run and host in the cloud (and there is new support within ASP.NET in the VS 2013 release that makes building these SSO apps on Windows Azure really easy).  You can also use Windows Azure Active Directory to securely manage the identity access of cloud based applications like Office 365, SalesForce.com, and other popular SaaS solutions.

Additional New Features

In addition to enabling the ability to create multiple directories in a single Windows Azure subscription, this week’s release also includes several additional usability enhancements to the Windows Azure Active Directory management experience:

  • With this week’s release, we have added the ability to change the name of a directory after its created (previously it was fixed at creation time).
  • As an administrator of a directory, you can now add users from another directory of which you’re a member. This is useful, for example, in the scenario where there are other members of your production directory who will need to collaborate on an application that is under development or testing in a non-production environment. A user can be a member of up to 20 directories.
  • If you use a Microsoft account to access Windows Azure, and you use a different organizational account to manage another directory, you may find it convenient to manage that second directory with your Microsoft account. With this release, we’ve made it easier to configure a Microsoft account to manage an existing Active Directory. Now you can configure this even if the Microsoft account already manages a directory, and even if the administrator account for the other directory doesn’t have a subscription to Windows Azure. This is a common scenario when the administrator account for the other directory was created during signup for Office 365 or another Microsoft service.
  • In this release, we’ve also added support to enable developers to delete single tenant applications that they’ve added to their Windows Azure AD. To delete an application, open the directory in which the application was added, click on the Applications tab, and click Delete on the command bar. An application can be deleted only when External Access is set to ‘Off’ on the configure tab.

As always, if there are aspects of these new Azure AD experiences that you think are great, or things that drive you crazy, let us know by posting in our forum on TechNet.

Active Directory: General Availability of Multi-Factor Authentication Service

With this week’s release we are excited to ship the general availability release of a great new service: the Windows Azure Multi-Factor Authentication (MFA) Service.  Windows Azure Multi-Factor Authentication is a managed service that makes it easy to securely manage user access to Windows Azure, Office 365, Intune, Dynamics CRM and any third party cloud service that supports Windows Azure Active Directory.  You can also use it to securely control access to your own custom applications that you develop and host within the cloud.

Windows Azure Multi-Factor Authentication can also be used with on-premise scenarios. You can optionally download our new Multi-Factor Authentication Server for Windows Server Active Directory and use it to protect on-premise applications as well.

Getting Started

To enable multi-factor authentication, sign-in to the Windows Azure Management Portal and select New->Application Services->Active Directory->Multi-Factor Auth Provider and choose the “Quick Create” option.  When you create the service you can point it at your Windows Azure Active Directory and choose from one of two billing models (per user pricing, or per authentication pricing):

image

Once created the Windows Azure Multi-Factor Authentication service will show up within the “Multi-Factor Auth Providers” section of the Active Directory extension:

image

You can then manage which users in your directory have multi-factor authentication enabled by drilling into the “Users” tab of your Active Directory and then click the “Manage Multi-Factor Auth” button:

image

Once multi-factor authentication is enabled for a user within your directory they will be able to use a variety of secondary authentication techniques including verification via a mobile app, phone call, or text message to provide additional verification when they login to an app or service.  The management and tracking of this is handled automatically for you by the Windows Azure Multi-Factor Authentication Service.

Learn More

You can learn more about today’s release from this 6 minute video on Windows Azure Multi-Factor Authentication. 

Here are some additional videos and tutorials to learn even more:

Start making your applications and systems more secure with multi-factor authentication today!  And give us your feedback and feature requests via the MFA forum.

Billing: Reset your Spending Limit on MSDN subscriptions

When you sign-up for Windows Azure as a MSDN customer you automatically get a MSDN subscription created for you that enables deeply discounted prices and free “MSDN credits” (up to $150 each month) that you can spend on any resources within Windows Azure.  I blogged some details about this last week.

By default MSDN subscriptions in Windows Azure are created with what is called a “Spending Limit” which ensures that if you ever use up all of the MSDN credits you still don’t get billed – as the subscription will automatically suspend when all of the free credits are gone (ensuring your bill is never more than $0).

You can optionally remove the spending limit if you want to use more than the free credits and pay any overage on top of them.  Prior to this week, though, once the spending limit was removed there was no way to re-instate it for the next billing cycle.

Starting with this week’s release you can now:

  • Remove the spending limit only for the current billing cycle (ideal if you know that it is a one time spike)
  • Remove the spending limit indefinitely if you expect to continue to have higher usage in future
  • Reset/Turn back on the spending limit from the next billing cycle forward in case you’ve already turned it off

To enable or reset your spending limit, click the “Subscription” button in the top of the Windows Azure Management Portal and the click the “Manage your subscriptions” link within it:

image

This will take you to the Windows Azure subscription management page (which lists all of the Windows Azure subscriptions you have active).  Click your MSDN subscription to see details on your account – including usage data on how much services you’ve used on it:

image

Above you can see usage data on my personal MSDN subscription.  I’ve done a lot of talks recently and have used up my free $150 credits for the month and have $23.64 in overages.  I was able to go above $0 on the subscription because I’ve turned off my spending limit (this is indicated in the text I’ve highlighted in red above).

If I want to reapply the spending limit for the next billing cycle (which starts on October 3rd) I can now do so by clicking the “Click here to change the spending limit option” link.  This will bring up a dialog that makes it really easy for me to re-active the spending limit starting the next billing cycle:

image

We hope this new flexibility to turn the spending limit on and off enables you to use your MSDN benefits even more, and provides you with confidence that you won’t inadvertently do something that causes you to have to pay for something you weren’t expecting to.

Billing: Subscription suspension no longer deletes Virtual Machines

In addition to supporting the re-enablement of the spending limit, we also made an improvement this week so that if your MSDN (or BizSpark or Free trial) subscription does trigger the spending limit we no longer delete the Virtual Machines you have running.

Previously, Virtual Machines deployed in suspended subscriptions would be deleted when the spending limit was passed (the data drives would be preserved – but the VM instances themselves would be deleted). Now when a subscription is disabled, VMs deployed inside it will simply move into the stopped de-provision state we recently introduced (which allows a VM to stop without incurring any billing).

This allows the Virtual Machines to be quickly restarted with all the previously attached disks and endpoints when a fresh monetary credit is applied or the subscription is converted into a paid subscription. As a result, customers don’t have to worry about losing their Virtual Machines when spending limits are reached, and they can quickly return back to business by re-starting their VMs immediately.

Storage: New .NET Storage Client Library 2.1 Release

Earlier this month we released a major update of our Windows Azure Storage Client Library for .NET.  The new 2.1 release includes a ton of awesome new features and capabilities:

  • Improved Performance
  • Async Task<T> support
  • IQueryably<T> Support for Tables
  • Buffer Pooling Support
  • .NET Tracing Integration
  • Blob Stream Improvements
  • And a lot more…

Read this detailed blog post about the Storage Client Library 2.1 Release from the Windows Azure Storage Team to learn more.  You can install the Storage Client Library 2.1 release and start using it immediately using NuGet.

Web Sites: IP and Domain Restriction Now Supported

This month we have also enabled the IP and Domain Restrictions feature of IIS to be used with Windows Azure Web Sites. This provides an additional security option that can also be used in combination with the recently enabled dynamic IP address restriction (DIPR) feature (http://blogs.msdn.com/b/windowsazure/archive/2013/08/27/confirming-dynamic-ip-address-restrictions-in-windows-azure-web-sites.aspx).

Developers can use IP and Domain Restrictions to control the set of IP addresses, and address ranges, that are either allowed or denied access to their websites. With Windows Azure Web Sites developers can enable/disable the feature, as well as customize its behavior, using web.config files located in their website.

There is an overview of the IP and Domain Restrictions feature from IIS available here:  http://www.iis.net/configreference/system.webserver/security/ipsecurity. A full description of individual configuration elements and attributes is available here: http://msdn.microsoft.com/en-us/library/ms691353(v=vs.90).aspx

The example configuration snippet below shows an ipSecurity configuration that only allows access to addresses originating from the range specified by the combination of the ipAddress and subnetMask attributes. Setting allowUnlisted to false means that only those individual addresses, or address ranges, explicitly specified by a developer will be allowed to make HTTP requests to the website. Setting the allowed attribute to true in the child add element indicates that the address and subnet together define an address range that is allowed to access the website.

  <system.webServer>  

    <security>

      <ipSecurity allowUnlisted="false" denyAction="NotFound">

        <add allowed="true" ipAddress="123.456.0.0" subnetMask="255.255.0.0"/>

      </ipSecurity>

    </security>   

  </system.webServer>

If a request is made to a website from an address outside of the allowed IP address range, then an HTTP 404 not found error is returned as defined in the denyAction attribute.

One final note, just like the companion DIPR feature, Windows Azure Web Sites ensures that the client IP addresses “seen” by the IP and Domain Restrictions module are the actual IP addresses of Internet clients making HTTP requests.

Summary

Today’s release includes a bunch of great features that enable you to build even better cloud solutions.  If you don’t already have a Windows Azure account, you can sign-up for a free trial and start using all of the above features today.  Then visit the Windows Azure Developer Center to learn more about how to build apps with it.

Hope this helps,

Scott

P.S. In addition to blogging, I am also now using Twitter for quick updates and to share links. Follow me at: twitter.com/scottgu

MSDN Subscribers: Windows Azure Aston Martin Sweepstakes through Sept 30th

Earlier this summer we announced a number of great changes to Windows Azure that make it a fantastic cloud environment to use for Dev/Test scenarios.  These Dev/Test capabilities work great even for scenarios where you are building apps that ultimately will still be deployed using on-premises servers.

Some of the dev/test changes we announced for Windows Azure included:

  • No Charge for Stopped VMs
  • Pay by the Minute Billing
  • MSDN Use Rights Support on Windows Azure
  • Heavily Discounted MSDN Dev/Test Rates – up to 97% discount off standard rates

We also introduced a new MSDN Monthly Monetary Credit program – which allows you to use up to $150 per month of free monetary credits on Windows Azure for dev/test scenarios.  These credits renew every month – enabling you to use $1000+ of free dev/test capacity every year

You can spend these dev/test credits on anything in Windows Azure – VMs, Web Sites, Mobile Backends, Cloud Services, Databases, Storage, Hadoop, Media, and more.  They enable you to never have to wait on your IT department for dev/test capacity again.

No Credit Card Required for MSDN Users to Sign-Up to Windows Azure

Earlier this summer we also modified the Windows Azure sign-up process to no longer require credit card validation when you are a MSDN user and create your account on Windows Azure.  Simply sign-up to Windows Azure using the same Microsoft ID (formerly Live ID) registered with your MSDN account and you’ll be able to activate your MSDN Benefits on Windows Azure in seconds with no credit card or payment details required.

Once activated you can immediately start using your free MSDN credits on any Windows Azure resource – enabling $1000+ of free dev/test capacity every year. 

Special Aston Martin Sweepstakes through Sept 30th

As an added incentive to try out your free MSDN benefits we are currently holding a special Aston Martin Sweepstakes offer through Sept 30th.  The lucky winner will win a 2013 Aston Martin V8 Vantage:

 image

No purchase is necessary to enter the sweepstakes (and we cover both the tax and shipping costs!).  To enroll for a chance to win the offer, all you need to do is:

  1. Sign-up for Windows Azure and activate your MSDN Benefits
  2. Create and deploy a Windows Azure Web Site or Windows Azure Virtual Machine (both cost you nothing with your MSDN benefits)

Once you do the above we’ll automatically enroll you in the sweepstakes draw and if you are lucky you might drive away in your very own 2013 Aston Martin V8 Vantage.  Click here to learn more and activate your MSDN Windows Azure Benefits today.

Activate Your MSDN Benefits Today

If you are a MSDN subscriber and haven’t tried out Windows Azure you should really give it a try.  In addition to enabling you to build great cloud, web and mobile apps, it also enables you to leverage the cloud to quickly spin up (and down) virtual machines, web sites, databases and more that you can use to make your development and testing much more productive – even if you ultimately are deploying the production apps on-premises.

Activate your MSDN benefits and try out Windows Azure before Sept 30th and you might also drive away in your dream car.  Even if you don’t win the car you’ll be able to use up to $1000+ of free dev/test capacity every year.

Hope this helps,

Scott

P.S. In addition to blogging, I also use Twitter for quick updates and to share links. Follow me at: twitter.com/scottgu

Windows Azure: New Distributed, Dedicated, High Performance Cache Service + More Cool Improvements

This morning we released some great updates to Windows Azure.  These new capabilities include:

  • Dedicated Cache Service: Announcing the preview of our new distributed, dedicated, high performance cache service
  • AutoScale: Schedule-based auto-scaling for Web Sites and Virtual Machines and richer AutoScale history logs
  • Web Sites: New Web Server Logging Support to save HTTP Logs to Storage Accounts
  • Operation Logs: New Filtering options on top of Operation Logs

All of these improvements are now available to use immediately (note: some are still in preview).  Below are more details about them.

Windows Azure Cache Service: Preview of our new Distributed Cache Service

I’m excited today to announce the preview release of the new Windows Azure Cache Service – our latest service addition to Windows Azure. The new Windows Azure Cache Service enables you to easily deploy dedicated, high performance, distributed caches that you can use from your Windows Azure applications to store data in-memory and dramatically improve their scalability and performance.

The new Windows Azure Cache Service can be used by any type of Windows Azure application – including those hosted within Windows or Linux Virtual Machines, as well as those deployed as a Windows Azure Web Site and Windows Azure Cloud Services.  Support for Windows Azure Mobile Services will also be enabled in the future.

You can instantiate a dedicated instance of a Windows Azure Cache Service for each of your apps, or alternatively share a single Cache Service across multiple apps.  This later scenario is particularly useful when you wish to partition your cloud backend solutions into multiple deployment units – now they can all easily share and work with the same cached data.

Benefits of the Windows Azure Cache Service

Some of the benefits of the new Windows Azure Cache Service include:

  • Ability to use the Cache Service from any app type (VM, Web Site, Mobile Service, Cloud Service)
  • Each Cache Service instance is deployed within dedicated VMs that are separated/isolated from other customers – which means you get fast, predictable performance. 
  • There are no quotas or throttling behaviors with the Cache Service – you can access your dedicated Cache Service instances as much or as hard as you want. 
  • Each Cache Service instance you create can store (as of today’s preview) up to 150GB of in-memory data objects or content.  You can dynamically increase or shrink the memory used by a Cache Service instance without having to redeploy your apps. 
  • Web Sites, VMs and Cloud Service can retrieve objects from the Cache Service on average in about 1ms end-to-end (including the network round-trip to the cache service and back).  Items can be inserted into the cache in about ~1.2ms end-to-end (meaning the Web Site/VM/Cloud Service can persist the object in the remote Cache Service and gets the ACK back in 1.2ms end-to-end). 
  • Each Cache Service instance is run as a highly available service that is distributed across multiple servers.  This means that your Cache Service will remain up and available even if a server on which it is running crashes or if one of the VM instances needs to be upgraded for patching.
  • The VMs that the cache service instances run within are managed as a service by Windows Azure – which means we handle patching and service lifetime of the instances.  This allows you to focus on building great apps without having to worry about managing infrastructure details.
  • The new Cache Service supports the same .NET Cache API that we use today with the in-role cache option that we support with Cloud Services.  So code you’ve already written against that is compatible with the new managed Cache Service.
  • The new Cache Service comes with built-in provider support for ASP.NET Session State and ASP.NET Output Page Caching.  This enables you to easily scale-out your ASP.NET applications across multiple web servers and still share session state and/or cached page output regardless of which customer hit which server. 
  • The new Cache Service supports the ability to either use a separate Cache Service instance for each of your apps, or instead share a single Cache Service instance across multiple apps at once (which enables easy data sharing as well as app partitioning). This can be very useful for scenarios where you want to partition your app up across several deployment units.

Creating a Cache Service

You can easily create a new Cache Service by going to the Windows Azure Management Portal and using the NEW -> DATA SERVICES -> CACHE option:

image

In the screenshot above, we specified that we wanted to create a new Premium cache of 5 GB named “scottgucache” in the “North Europe” region. Once we click the “Create a New Cache” button it will take about a few minutes to provision:

image

Once provisioned, the cache will show up in the Windows Azure Management Portal just like all of the other Windows Azure services (Web Sites, VMs, Databases, Storage Accounts, etc) within our subscription.  We can click the DASHBOARD tab to see more details about it:

image

We can use the cache as-is (it comes with smart defaults and doesn’t require changes to get started).  Or we can also optionally click the CONFIGURE tab to manage custom settings - like creating named cache partitions and configuring expiration behavior, evicition policy, availability settings (which means a cached item will be saved across multiple VM instances within the cache service so that they will survive even if a server crashes), and notification settings (which means our cache can call back our app when an item it updated or expired):

image

Once you make a change to one of these settings just click the “Save” button and it will be applied immediately (no need to redeploy).

Using the Cache

Now that we have created a Cache Service, let’s use it from within an application. 

To access the Cache Service from within an app, we’ll need to retrieve the endpoint URL for the Cache Service and retrieve an access key that allows us to securely access it.  We can do both of these by navigating to the DASHBOARD view of our Cache Service within the Windows Azure Management Portal:

image

The endpoint URL can be found in the “quick glance” view of the service, and we can retrieve the API key for the service by clicking the “Manage Keys” button:

image

Once we have saved the endpoint URL and access key from the portal, we’ll update our applications to use them.

Using the Cache Service Programmatically from within a .NET application

Using the Cache Service within a .NET or ASP.NET applications is easy.  Simply right-click on your project within Visual Studio, choose the “Manage NuGet Packages” context menu, search the NuGet online gallery for the “Windows Azure Caching” NuGet package, and then add it to your application:

image

After you have installed the NuGet Windows Azure Caching package, open up your web.config/app.config file and replace the cache Service EndPoint URL and access key in the dataCacheClient section of your application’s config file:

image

Once you do this, you can now programmatically put and get things from the Cache Service using a .NET Cache API with code like below:

image

The objects we programmatically add to the cache will be automatically persisted within the Cache Service and can then be shared across any number of VMs, Web Sites, Mobile Services and Cloud Services that are using the same Cache Service instance.  Because the cache is so fast (retrievals take on average about 1ms end-to-end across the wire and back) and because it can save 100s of GBs of content in-memory, you’ll find that it can dramatically improve the scalability, performance and availability of your solutions.  Visit our documentation center to learn more about the Windows Azure Caching APIs.

Enabling ASP.NET Session State across a Web Farm using the Cache Service

The new Windows Azure Cache Service also comes with a supported ASP.NET Session State Provider that enables you to easily use the Cache Service to store ASP.NET Session State.  This enables you to deploy your ASP.NET applications across any number of servers and have a customer’s session state be available on any of them regardless of which web server the customer happened to hit last in the web farm.

Enabling the ASP.NET Session State Cache Provider is really easy.  Simply add the below configuration to your web.config file:

image

Once enabled your customers can hit any web server within your application’s web farm and the session state will be available.  Visit our documentation center to learn more about the ASP.NET session state provider as well as the Output caching provider that we also support for ASP.NET.

Monitoring and Scaling the Cache

Once your Cache Service is deployed, you can track the activity and usage of the cache by going to its MONITOR tab in the Windows Azure Management Portal. You can get useful information like bandwidth used, cache miss percentage, memory used, read requests/sec, write requests/sec etc. so that you can make scaling decisions based on your real-world traffic patterns:

image

You can also customize the monitoring page to see other metrics of interest instead of or in addition to the default ones.  Clicking the “Add Metrics” button above provides an easy UI to configure this:

image

If you need to scale your cache due to increased traffic to your application, you can go to the SCALE tab and easily change the cache offering or cache size depending on your requirements.  For this example we had initially created a 5GB Premium Cache.  If we wanted to scale it up we could simply expand the slider below to be 140GB and then click the “Save” button.  This will dynamically scale our cache without it losing any of the existing data already persisted within it:

image

This makes it really easy to scale out your cache if your application load increases, or reduce your cache size if you find your application doesn’t need as much memory and you want to save costs.

Learning More

The new Windows Azure Cache Service enables you to really super-charge your Windows Azure applications.  It provides a dedicated Cache that you can use from all of your Windows Azure applications – regardless of whether they are implemented within Virtual Machines or as Windows Azure Web Sites, Mobile Services, or Cloud Services.  You’ll find that it can help really speed up your applications, improve your app scalability, and make your apps even more robust.

Review our Cache Service Documentation to learn more about the service.  Visit here to learn more about more the details about the various cache offering sizes and pricing.  And then use the Windows Azure Management Portal to try out the Windows Azure Cache Service today.

AutoScale: Schedule Updates for Web Sites + VMs, Weekend Schedules, AutoScale History

Three weeks ago we released scheduled AutoScale support for Cloud Services. Today, we are adding scheduled AutoScale support to Web sites and Virtual Machines as well, and we are also introducing support for setting up different time schedule rules depending on whether it is a weekday or weekend.

Time Scheduled AutoScale Support for Web Sites and Virtual Machines

Just like for Cloud Services, you can now go to the Scale tab for a Virtual Machines or a Web site, and you’ll see a new button to Set up schedule times:

image

Scheduled AutoScale works the same way now for Web Sites and Virtual Machines as for Cloud Services. You can still choose to scale the same way at all times (by selecting No scheduled times), but you can now click the “Set up schedule times” dialog to setup scale rules that run differently depending on the time of day:

image

Once you define the start and stop of the day using the dialog above, you can then go back to the main scale tab and setup different rules for each time segment.  For example, below I’ve setup rules so that during Week Days we’ll have between 2 and 5 small VMs running for our Web Site.  I want AutoScale to scale-up/down the exact number depending on the CPU percentage of the VMs:

image

On Week Nights, though, I don’t want to have as many VMs running, so I’ll configure it to AutoScale only between 1 and 3 VMs.  All I need to do to do this is to change the drop down from “Week Day” to “Week Night” and then edit a different set of rules and hit Save:

image

This makes it really easy to setup different policies and rules to use depending on the time of day – which can both improve your performance during peak times and save you more money during off-peak times.

AutoScale History

Previously, we supported an instance count graph on the scale tab so you can see the history of actions for your service. With today’s release we’ve improved this graph to now show the sum of CPU usage across all of your instances:

image

This means that if you have one instance, the sum of the CPU can go from 0 to 1, but if you have three instances, it can go from 0 to 3. You can use this to get a sense of the total load across your entire role, and to see how well AutosSale is performing.

Finally, we’ve also improved the Operation Log entry for AutoscaleAction: it now shows you the exact Schedule that was used to scale your service, including the settings that were in effect during that specific scale action (it’s in the section called ActiveAutoscaleProfile):

image

Web Sites: Web Server Logging to Storage Accounts

With today’s release you can now configure Windows Azure Web Sites to write HTTP logs directly to a Windows Azure Storage Account.  This makes it really easy to persist your HTTP logs as text blobs that you can store indefinitely (since storage accounts can maintain huge amounts of data) and which you can also use to later perform rich data mining/analysis on them. 

Storing HTTP Log Files as Blobs in Windows Azure Storage

To enable HTTP logs to be written directly to blob storage, navigate to a Web Site using the Windows Azure Management Portal and click the CONFIGURE tab.  Then navigate to the SITE DIAGNOSTICS section.  Starting today, when you turn “Web Server Logging” ON, you can choose to store your logs either on the file system or in a storage account (support for storage accounts is new as of today):

image

Logging to a Storage Account

When you choose to keep your web server logs in a storage account, you can specify both the storage account and the blob container that you would like to use by clicking on the green manage storage button.  This brings up a dialog that you can use to configure both:

image

By default, logs stored within a storage account are never deleted. You can override this by selecting the Set Retention checkbox in the site diagnostics section of the configure tab.  You can use this to instead specify the number of days to keep the logs, after which they will be automatically deleted:

image

Once you’ve finished configuring how you want the logs to be persisted, and hit save within the portal to commit the settings, Windows Azure Web Sites will begin to automatically upload HTTP log data to the blob container in the storage account you’ve specified.  The logs are continuously uploaded to the blob account – so you’ll quickly see the log files appear and then grow as traffic hits the web site. 

Analysis of the Logs

The HTTP log files are persisted in a blob container using a naming scheme that makes it easy to identify which log file correlates to which activity.  The log format name scheme is:

[sitename]/[year]/[month]/[day]/[hour]/[VMinstancename].log

The HTTP logs themselves are plain text files that store many different settings in a standard HTTP log file format:

image

You can easily download the log files using a variety of tools (Visual Studio Server Explorer, 3rd Party Storage Tools, etc) as well as programmatically write scripts or apps to download and save them on a machine.  Because the content of the files are in a standard HTTP log format you can then use a variety of tools (both free and commercial) to parse and analyze their content.

For more advanced scenarios, you can also now spin up your own Hadoop cluster using the Windows Azure HDInsight service.  HDInsight enables you to easily spin up, as well as quickly tear down, Hadoop clusters on Windows Azure that you can use to perform MapReduce and analytics jobs with.  Because HDInsight natively supports Windows Azure Blob Storage, you can now use HDInsight to perform custom MapReduce jobs on top of your Web Site Log Files stored there.  This provides an even richer way to understand and analyze your site traffic and obtain rich insights from it.

Operation Logs: Richer Filtering

Today’s release adds some improvements to the Windows Azure OPERATION LOGS feature (which you can now access in the Windows Azure Portal within the MANAGEMENT SERVICES section of the portal).  We now support filtering based on several additional fields: STATUS, TYPE and SERVICE NAME. This is in addition to the two filters we already support – filter by SUBSCRIPTION and TIME.

image

This makes it even easier to filter to the specific log item you are looking for quickly.

Summary

Today’s release includes a bunch of great features that enable you to build even better cloud solutions.  If you don’t already have a Windows Azure account, you can sign-up for a free trial and start using all of the above features today.  Then visit the Windows Azure Developer Center to learn more about how to build apps with it.

Hope this helps,

Scott

P.S. In addition to blogging, I am also now using Twitter for quick updates and to share links. Follow me at: twitter.com/scottgu

Windows Azure: General Availability of SQL Server Always On Support and Notification Hubs, AutoScale Improvements + More

This morning we released some major updates to Windows Azure.  These new capabilities include:

  • SQL Server AlwaysOn Support: General Availability support with Windows Azure Virtual Machines (enables both high availability and disaster recovery)
  • Notification Hubs: General Availability Release of Windows Azure Notification Hubs (broadcast push for Windows 8, Windows Phone, iOS and Android)
  • AutoScale: Schedule-based AutoScale rules and richer logging support
  • Virtual Machines: Load Balancer Configuration and Management
  • Management Services: New Portal Extension for Operation logs + Alerts

All of these improvements are now available to use immediately (note: AutoScale is still in preview – everything else is general availability).  Below are more details about them.

SQL Server AlwaysOn Support with Windows Azure Virtual Machines

I’m excited to announce the general availability release of SQL Server AlwaysOn Availability Groups support within Windows Azure.  We have updated our official documentation to support Availability Group Listeners for SQL Server 2012 (and higher) on Windows Server 2012.

SQL Server AlwaysOn Availability Group support, which was introduced with SQL Server 2012, is Microsoft’s premier solution for enabling high availability and disaster recovery with SQL Server.  SQL Server AlwaysOn Availability Groups support multi-database failover, multiple replicas (5 in SQL Server 2012, 9 in SQL Server 2014), readable secondary replicas (which can be used to offload reporting and BI applications), configurable failover policies, backups on secondary replicas, and easy monitoring. 

Today, we are excited to announce that we support the complete SQL Server AlwaysOn Availability Groups technology stack with Windows Azure Virtual Machines - including enabling support for SQL Server Availability Group Listeners.  We are really excited to be the first cloud provider to support the full range of scenarios enabled with SQL Server AlwaysOn Availability Groups – we think they are going to enable a ton of new scenarios for customers.

High Availability of SQL Servers running in Virtual Machines

You can now use SQL Server AlwaysOn within Windows Azure Virtual Machines to achieve high availability and global business continuity.  As part of this support you can now deploy one or more readable database secondaries – which not only improves availability of your SQL Servers but also improves efficiency by allowing you to offload BI reporting tasks and backups to the secondary machines.

Today’s Windows Azure release includes changes to better support SQL Server AlwaysOn functionality with our Windows Azure Network Load Balancers.  With today’s update you can now connect to your SQL Server deployment with a single client connection string using the Availability Group Listener endpoint.  This will automatically route database connections to the primary replica node – and our network load balancer will automatically update to route requests to a secondary replica node in the event of an automatic or manual failover scenario:

image

This new SQL Server Availability Group Listener support enables you to easily deploy SQL Databases in Windows Azure Virtual Machines in a high-availability configuration, and take full advantage of the full SQL Server feature-set.  It can also be used to ensure no downtime during upgrade operations or when patching the virtual machines.

Disaster Recovery of an on-premises SQL Server using Windows Azure

In addition to enabling high availability solutions within Windows Azure, the new SQL Server AlwaysOn support can also be used to enable on-premise SQL Server solutions to be expanded to have one or more secondary replicas running in the cloud using Windows Azure Virtual Machines.  This allows companies to enable high-availability disaster recovery scenarios – where in the event of a local datacenter being down (for example: due to a hurricane or natural disaster, or simply a network HW failure on-premises) they can failover and continue operations using Virtual Machines that have been deployed in the cloud using Windows Azure.

image

The diagram above shows a scenario where an on-premises SQL Server AlwaysOn Availability Group has been defined with a 2 database replicas - a primary and secondary replica (S1).  One more secondary replica (S2) has then been configured to run in the cloud within a Windows Azure Virtual Machine.  This secondary replica (S2) will continuously synchronize transactions from the on-premises primary replica.  In the event of a disaster on-premises, the company can failover to the replica in the cloud and continue operations without business impact. 

In addition to enabling disaster recovery, the secondary replica(s) can also be used to offload reporting applications and backups. This is valuable for companies that require maintaining backups outside of the data center for compliance reasons, and enables customers to leverage the replicas for compute scenarios even in non-disaster scenarios. 

Learn more about SQL Server AlwaysOn support in Windows Azure

You can learn more about how to enable SQL Server AlwaysOn Support in Windows Azure by reading the High Availability and Disaster Recovery for SQL Server in Windows Azure Virtual Machines documentation.  Also review this TechEd 2013 presentation: SQL Server High Availability and Disaster Recovery on Windows Azure VMs.  We are really excited to be the first cloud provider to enable the full range of scenarios enabled with SQL Server AlwaysOn Availability Groups – we think they are going to enable a ton of new scenarios for customers.

Windows Azure Notification Hubs

I’m excited today to announce the general availability release of Windows Azure Notification Hubs.  Notification Hubs enable you to instantly send personalized, cross-platform, broadcast push notifications to millions of Windows 8, Windows Phone 8, iOS, and Android mobile devices. 

I first blogged about Notification Hubs starting with the initial preview of Notification Hubs in January.  Since the initial preview, we have added many new features (including adding support for Android and Windows Phone devices in addition to Windows 8 and iOS ones) and validated that the system is ready for any amount of scale that your next app requires.

You can use Notification Hubs from both Windows Azure Mobile Services or any other custom Mobile Backend you have already built (including non-Azure hosted ones) – which makes it really easy to start taking advantage of from any existing app.

Notification Hubs: Personalized cross platform broadcast push at scale

Push notifications are a vital component of mobile applications.  They’re the most powerful customer engagement mechanism available to mobile app developers.  Sending a single push notification message to one mobile user is relatively straight forward (and is already easy to-do with Windows Azure Mobile Services today).  But sending simultaneous push notifications in a low-latency way to millions of mobile users, and handling real world requirements such as localization, multiple platform devices, and user personalization is much harder.

Windows Azure Notification Hubs provide you with an extremely scalable push notification infrastructure that helps you efficiently route cross-platform, personalized push notification messages to millions of users:

  • Cross-platform. With a single API call using Notification Hubs, your app’s backend can send push notifications to your users running on Windows Store, Windows Phone 8, iOS, or Android devices.
  • Highly personalized. Notification Hubs' built-in templating functionality allows you to let the client chose the shape, format and locale of the notifications it wants to see, while keep your backend code platform independent and really clean.
  • Device token management. Notification Hubs relieves your backend from the need to store and manage channel URIs and device tokens used by Platform Notification Services (WNS, MPNS, Apple PNS, or Google Cloud Messaging Service). We securely handle the PNS feedback, device token expiry, etc. for you.
  • Efficient tag-based multicast and pub/sub routing. Clients can specify one or more tags when registering with a Notification Hub thereby expressing user interest in notifications for a set of topics (favorite sport/teams, geo location, stock symbol, logical user ID, etc.). These tags do not need to be pre-provisioned or disposed, and provide a very easy way for apps to send targeted notifications to millions of users/devices with a single API call, without you having to implement your own per-user notification routing infrastructure.
  • Extreme scale. Notification Hubs are optimized to enable push notification broadcast to thousands or millions of devices with low latency. Your server back-end can fire one message into a Notification Hub, and thousands/millions of push notifications can automatically be delivered to your users, without you having to re-architect or shard your application.
  • Usable from any backend. Notification Hubs can be easily integrated into any back-end server app using .NET or Node.js SDK, or easy-to-use REST APIs. It works seamlessly with apps built with Windows Azure Mobile Services. It can also be used by server apps hosted within IaaS Virtual Machines (either Windows or Linux), Cloud Services or Web-Sites.

Bing News: Using Windows Azure Notification Hubs to Deliver Breaking News to Millions of Devices

A number of big apps started using Windows Azure Notification Hubs even before today’s General Availability Release.  One of them is the Bing News app included on all Windows 8 and Windows Phone 8 devices.

The Bing News app needs the ability to notify their users of breaking news in an instant. This can be a daunting task for a few reasons:

  • Extreme scale: Every Windows 8 user has the News app installed, and the Bing backend needs to deliver hundreds of millions of breaking news notifications to them every month
  • Topic-based multicast: Broadcasting push notifications to different markets, based on interests of individual users, requires efficient pub sub routing and topic-based multicast logic
  • Cross-platform delivery: Notification formats and semantics vary between mobile platforms, and tracking channels/tokens across them all can be complicated

Windows Azure Notification Hubs turned out to be a perfect fit for Bing News, and with the most recent update of the Bing News app they now use Notification Hubs to deliver push notifications to millions of Windows and Windows Phone devices every day.

image

The Bing News app on the client obtains the appropriate ChannelURIs from the Windows Notification Service (WNS) and the Microsoft Push Notification Service (MPNS), for the Windows 8 and Windows versions respectively, and then registers them with a Windows Azure Notification Hub . When a breaking news alert for a particular market has to be delivered, the Bing News app uses the Notification Hubs to instantly broadcast appropriate messages to all the individual devices.  With a single REST call to the Notification Hub they can automatically filter the customers interested in the topic area (e.g. sports update) and instantly deliver the message to millions of customers:

image

Windows Azure handles all of the complex pub/sub filtering logic for them, and efficiently handles deliver of the messages in a low-latency way.

Create your first Notification Hubs Today

Notification Hubs support a free tier of usage that allows you to send 100,000 operations every month to 500 registered devices at no cost – which makes it really easy to get started. 

To create a new Notification Hub simply choose  New->App Services->Service Bus->Notification Hub within the Windows Azure Management Portal:

image

Creating a new Notification Hub takes less than a minute, and once created you can drill into it to see a dashboard view of activity with it.  Among other things, the dashboard allows you to see how many devices have been registered with it, how many messages have been pushed to it, how many messages have been successfully delivered via it, and how many have failed:

image

Once your hub is created, click the “Configure” tab to enter your app credentials for the various push notifications services (Windows Store/Phone, iOS, and Android) that your Notification Hub will coordinate with:

image

And with that your notification hub is ready to go!

Registering Devices and Sending out Broadcast Notifications

Now that a Notification Hub is created, we’ll want to register device apps with it.  Doing this is really easy – we have device SDKs for Windows 8, Windows Phone 8, Android, and iOS. 

Below is the code you would write within a C# Windows 8 client app to register a user’s interest in broadcast notifications sent to the “myTag” or “myOtherTags” tags/topics:

await hub.RegisterNativeAsync(channel.Uri, new string[] { "myTag", "myOtherTag" });

Once a device is registered, it will automatically receive a push notification message when your app backend sends a message to topics/tags it is registered with.   You can use Notification Hubs from a Windows Azure Mobile Service, a custom .NET back-end app, or any other app back-end with our Node.js SDK or REST API.  The below code illustrates how to send a message to the Notification Hub from a custom .NET backend using the .NET SDK:

var toast = @"<toast><visual><binding template=""ToastText01""><text id=""1"">Hello everybody!</text></binding></visual></toast>";

await hub.SendWindowsNativeNotificationAsync(toast);

A single call like the one above from your app backend will now securely deliver the message to any number of devices registered with your Notification Hub.  The Notification Hub will handle all of the details of the delivery irrespective of how many users you are sending it to (even if there are 10s of millions of them). 

Scaling and Monitoring your Notification Hub

Once you’ve built your app, you can easily scale it to millions of users directly from the Windows Azure management portal.  Just click the “scale” tab in your Notification Hub within the management portal to configure the number of devices and messages you want to support:

image

In addition to scaling capacity, you can also monitor and track nearly 50 different metrics about your notifications and their delivery to your customers:

image

Learn More about Notification Hubs

Learn more about Notification Hubs using the Notification Hubs service page, where you will find video tutorials, in-depth scenario guidance, and link to SDK references.

We are happy to continue offering Notification Hubs at no charge to all Windows Azure subscribers through September 30, 2013.  We will begin billing for Notification Hubs consumption in the Basic and Standard tiers on October 1, 2013.  A Free Tier will continue to also be available and supports 100,000 notifications with 500 registered devices each month at no cost.

AutoScale: Scheduled AutoScale Rules and Richer Logging

This summer we introduced new AutoScale support to Windows Azure that enables you to automatically scale Web Sites, Cloud Services, Mobile Services and Virtual Machines.  AutoScale enables you to configure Windows Azure to automatically scale your application dynamically on your behalf (without any manual intervention required) so that you can achieve the ideal performance and cost balance. Once configured, AutoScale will regularly adjust the number of instances running in response to the load in your application.

Today, we are introducing even more AutoScale features – including the ability to proactively adjust your Cloud Service instance count using time scheduled rules.

Schedule AutoScale Rules

If you click on the Scale tab of a Cloud Service, you’ll see that we’ve now added support for you to configure/control different scaling rules based on schedule rules.

By default, you’ll edit scale settings for No scheduled times – this means that your scale settings will always be the same regardless of the time/day. You can scale manually by selecting None in the Scale by Metric section – this will give you the traditional Instance Count slider that you are familiar with:

image

Or you can AutoScale dynamically by reacting to CPU activity or Queue Depth.  The below screen-shot demonstrates configuring an auto-scale rule based on the CPU of the WebTier role and indicates to scale between 1 and 3 instances – depending on the aggregate CPU:

image

With today’s release, we also now allow you to setup different scale settings for different times of the day.  You can enable this by clicking the “Set up Schedule Times” button above.  This brings up a new dialog:

image

With today’s release we now offer the ability to define two different recurring schedules: Day and Night. The first schedule, Day Time, runs from the start of the day to the end of the day (which I’ve defined above as being between 8am and 8pm). The second schedule, Night Time, runs from the end of one day to the start of the next day. Both use the options in Time to define start and end of a day, and the time zone. This schedule respects daylight savings time, if it is applicable to that timezone. In the future we will add other types of time based schedules as well.

Once you’ve setup a day/night schedule, you can return to the Scale page and see that the schedule dropdown now has the two schedules you created populated within it:

image

You can now select each schedule from the list and edit scaling rules specific to it within it. For example, you can select the Day Time Schedule and set Instance Count on a Cloud Service role to 5, and then select Night Time and set Instance Count to 3.  This will ensure that Windows Azure scales up your service to 5 instances during the day, and then cycles them down to 3 instances overnight.

You can also combine Scheduled Autoscale rules and the Metric Based AutoScale rules together.  Select the CPU or Queue toggle and you can configure AutoScale rules that apply differently during the day or night. For example, you could set the Instance Range from 5 to 10 during the day, and 3 to 6 at night based on CPU activity.

Today’s release only supports Scheduled AutoScale rules on Cloud Services – but you’ll see us enable these with all types of compute resources (including Web Sites, Mobile Services + VMs) shortly.

AutoScale History

It’s now easy to know and log exactly what AutoScale has done for your service: there are four new AutoScale history features with today’s release to help with this.

First, we have added two new operations to Windows Azure’s Operation Log capability: AutoscaleAction and PutAutoscaleSetting. We now record each time that AutoScale takes a scale up or scale down action, and include the new and previous instance counts in the details. In addition, we record each time anyone changes autoscale settings – you can use this to see who on your team changed autoscale options and when.  These are both now exposed in the Operation Logs tab of the new Management Services node within the Windows Azure Management Portal:

image

For Cloud Services, we are also adding a historical graph that shows of the number of instances over the past 7 days. This way, you can see trends in AutoScale over the span of a week:

image

Third, if AutoScale ever fails for more than 2 hours at a time, we will automatically notify the Service Administrator and Co-Admin of the subscription via email:

image

Fourth, if you are the Account Administrator for your subscription, we will now show you billing information about Autoscale in your account’s currency:

image

If AutoScale is on, it will show you the difference between your current instance count, and the maximum instance count – and how much you are saving by using it.

If AutoScale is off, we will show you how much we predict you could save if you were to turn on AutoScale.  Put another way - we are updating your bill to include suggestions on how you can pay us less in the future (please don’t tell my boss about this… <g>)

Virtual Machines: Support for Configuring Load Balancer Probes

Every Virtual Machine, Cloud Service, Web Site and Mobile Service you deploy in Windows Azure comes with built-in load balancer support that you can use to both scale out your app and enable high availability.  This load balancer support is built-into Windows Azure and included at no extra charge (most other cloud providers make you pay extra for it).

Today’s update of Windows Azure includes some nice new features that make it even easier to configure and manage load balancing support for Virtual Machines – and includes support for customizing the network probe logic that our load balancers use to determine whether your Virtual Machines are healthy and should be kept in the load balancer rotation.

Understanding Load Balancer Probes

Load-balancing network traffic across multiple Virtual Machine instances is important, both to enable scale-out of your traffic across multiple VMs, as well as to enable high availability of your app’s front-end or back-end virtual machines (as discussed in the SQL Server AlwaysOn section earlier). A network probe is how the Windows Azure load balancer detects failure of one or more of your virtual machine instances - whether due to software or hardware failure.  If the network probe detects there is an issue with a specific virtual machine instance it will automatically failover traffic to your healthy virtual machine instances, and prevent customers thinking your application is down.

The default configuration for a network probe from the Windows Azure load balancer is simply using TCP on the same port your application is load-balancing.  As shown in the below example, each Virtual Machine in a load-balanced set is receiving TCP traffic on port 80 from the public internet (likely a website or web service). With a simple TCP probe, the load-balancer sends an ongoing message, every 15 seconds by default, on that same port to each Virtual Machine, checking for health. Because the Virtual Machine is running a website, if the Virtual Machine and web service is healthy, it will automatically reply back to the TCP probe with a simple ACK to the load balancer. While this ACK continues, the load-balancer will continue to send traffic, knowing the website is responsive. 

In any situation where the website is unhealthy, the load balancer will not receive a response from the website.  When this happens the load balancer will stop sending traffic to the virtual machine that is having problems, and instead direct traffic to the other two instances, as shown for Virtual Machine 2 below. This simple high availability option will work without having to write any special code inside the VM to respond to the network probes and can protect you from failure due to the application, the virtual machine, or the underlying hardware (note: if Windows Azure detects a hardware failure we’ll automatically migrate your Virtual Machine instance to a new server).

 

clip_image001[4]

Windows Azure allows you to configure both the time interval for sending each network probe (15 seconds is the default) and the number of probe attempts that must fail before the load balancer takes the instance offline (the default is 2). Thus, with the defaults, after 30 seconds of receiving no response from a web service, the load balancer will consider it unresponsive and stop sending traffic to it until a healthy response is received later (15 seconds per probe * 2 probes).

You can also now configure custom HTTP probes – which is a more advanced option. With HTTP probes, you can configure the load balancer’s network probe request to be sent to a separate network port than the one you are load-balancing (and this port does not have to be open to the Internet – the recommendation is for it to be a private port that only the load balancer can access). This will require your service or application to be listening on this separate port and respond to the probe request, based upon the health of the application. With HTTP probes, the load balancer will continue to send traffic to your Virtual Machine if it receives an HTTP 200 OK response from the network probe request. Similar to the above TCP intervals, with the defaults, when a Virtual Machine does not respond with an HTTP 200 OK after 30 seconds (2 x 15 second probes), the load balancer will automatically take the machine out of traffic rotation until hearing a 200 OK back on the next probe. This advanced option does require the creation of code to listen and respond on a separate port, but gives you a lot more control over traffic being delivered to your service:

clip_image001[6]

Configuring Load Balancer Probe Settings

Before today’s release, configuring custom network probe settings used to require you to use PowerShell, our Cross Platform CLI tools, or write code against our REST Management API.  With today’s Windows Azure release we’ve added support to configure these settings using the Windows Azure Management Portal as well. 

You can configure load-balanced sets for new or existing endpoints on your virtual machines.  You can do this by adding or editing an endpoint on a Virtual Machine.  To do this with an existing Virtual Machine, select the VM within the portal and navigate to the Endpoints tab within it.  Then add or edit the endpoint you want to open to external callers:

image

The Edit Endpoint dialog allows you to view or change a port that is open to the Internet (and existed before today’s release): 

image

Selecting the “Create Load-Balanced Set” or “Reconfigure the Load-Balanced Set” checkbox within the dialog above will now allow you to proceed to another page within the wizard that surfaces the load balanced set and network probe properties:

image

Using the screen above you can now change the network probe settings to be either TCP or HTTP based, configure which internal port you wish to probe on (if you want your network probe to be private and different than the port you use to serve public traffic), configure the probe interval (default is every 15 seconds), as well as configure the number of times the network probe is allowed to fail before the machine is automatically removed from network rotation (default is 2 failures).

Identifying Network Probe Problems

In addition to allowing you to create/edit the network probe settings, today’s Windows Azure Management Portal release also now surfaces cases where network probes are misconfigured or having problems.  For example, if during the Virtual Machine Preview you created a VM and configured a load-balanced sets prior to probes being a required configuration item, we will show an error icon that indicates missing probe configuration under the load-balanced set name column to indicate that the load-balanced set is not configured correctly:

image

Operation Logs and Alerts Now in “Management Services” section of Portal

Previously “Alerts” and “Operation Logs” tabs were under the “Settings” extension in the Windows Azure Management Portal.  With today’s update, we are moving these cross cutting management and monitoring functionality to a new extension in the Windows Azure Portal named “Management Services”. The goal is to increase discoverability of common management services as well as to provide better categorization of functionality that cuts across all Windows Azure services. We will continue to enrich and add to such cross cutting functionality in Windows Azure over the next few releases.

Note that this change will not affect existing alert rules that were previously configured, only the location where they show up in the portal is different.

image

Additions to Operation Logs

Prior to today, you could find operation history for Cloud Services and Storage operations. With this release, we are adding additional operation history data for the following additional areas:

  • Disk operations – add and delete Virtual Machine Disks
  • Autoscale: Autoscale settings changes, autoscale actions
  • Alerts
  • SQL Backup configuration changes

We’ll add to this list in later updates this year to include all other services/operations as well.

Summary

Today’s release includes a bunch of great features that enable you to build even better cloud solutions.  If you don’t already have a Windows Azure account, you can sign-up for a free trial and start using all of the above features today.  Then visit the Windows Azure Developer Center to learn more about how to build apps with it.

Hope this helps,

Scott

P.S. In addition to blogging, I am also now using Twitter for quick updates and to share links. Follow me at: twitter.com/scottgu

Announcing the release of the Windows Azure SDK 2.1 for .NET

Today we released the v2.1 update of the Windows Azure SDK for .NET.  This is a major refresh of the Windows Azure SDK and it includes some great new features and enhancements. These new capabilities include:

  • Visual Studio 2013 Preview Support: The Windows Azure SDK now supports using the new VS 2013 Preview
  • Visual Studio 2013 VM Image: Windows Azure now has a built-in VM image that you can use to host and develop with VS 2013 in the cloud
  • Visual Studio Server Explorer Enhancements: Redesigned with improved filtering and auto-loading of subscription resources
  • Virtual Machines: Start and Stop VM’s w/suspend billing directly from within Visual Studio
  • Cloud Services: New Emulator Express option with reduced footprint and Run as Normal User support
  • Service Bus: New high availability options, Notification Hub support, Improved VS tooling
  • PowerShell Automation: Lots of new PowerShell commands for automating Web Sites, Cloud Services, VMs and more

All of these SDK enhancements are now available to start using immediately and you can download the SDK from the Windows Azure .NET Developer Center.  Visual Studio’s Team Foundation Service (http://tfs.visualstudio.com/) has also been updated to support today’s SDK 2.1 release, and the SDK 2.1 features can now be used with it (including with automated builds + tests).

Below are more details on the new features and capabilities released today:

Visual Studio 2013 Preview Support

Today’s Window Azure SDK 2.1 release adds support for the recent Visual Studio 2013 Preview. The 2.1 SDK also works with Visual Studio 2010 and Visual Studio 2012, and works side by side with the previous Windows Azure SDK 1.8 and 2.0 releases.

To install the Windows Azure SDK 2.1 on your local computer, choose the “install the sdk” link from the Windows Azure .NET Developer Center. Then, chose which version of Visual Studio you want to use it with.  Clicking the third link will install the SDK with the latest VS 2013 Preview:

image

If you don’t already have the Visual Studio 2013 Preview installed on your machine, this will also install Visual Studio Express 2013 Preview for Web.

Visual Studio 2013 VM Image Hosted in the Cloud

One of the requests we’ve heard from several customers has been to have the ability to host Visual Studio within the cloud (avoiding the need to install anything locally on your computer).

With today’s SDK update we’ve added a new VM image to the Windows Azure VM Gallery that has Visual Studio Ultimate 2013 Preview, SharePoint 2013, SQL Server 2012 Express and the Windows Azure 2.1 SDK already installed on it.  This provides a really easy way to create a development environment in the cloud with the latest tools. With the recent shutdown and suspend billing feature we shipped on Windows Azure last month, you can spin up the image only when you want to do active development, and then shut down the virtual machine and not have to worry about usage charges while the virtual machine is not in use.

You can create your own VS image in the cloud by using the New->Compute->Virtual Machine->From Gallery menu within the Windows Azure Management Portal, and then by selecting the “Visual Studio Ultimate 2013 Preview” template:

image

Visual Studio Server Explorer: Improved Filtering/Management of Subscription Resources

With the Windows Azure SDK 2.1 release you’ll notice significant improvements in the Visual Studio Server Explorer. The explorer has been redesigned so that all Windows Azure services are now contained under a single Windows Azure node.  From the top level node you can now manage your Windows Azure credentials, import a subscription file or filter Server Explorer to only show services from particular subscriptions or regions.

Note: The Web Sites and Mobile Services nodes will appear outside the Windows Azure Node until the final release of VS 2013. If you have installed the ASP.NET and Web Tools Preview Refresh, though, the Web Sites node will appear inside the Windows Azure node even with the VS 2013 Preview.

Once your subscription information is added, Windows Azure services from all your subscriptions are automatically enumerated in the Server Explorer. You no longer need to manually add services to Server Explorer individually. This provides a convenient way of viewing all of your cloud services, storage accounts, service bus namespaces, virtual machines, and web sites from one location:

image

Subscription and Region Filtering Support

Using the Windows Azure node in Server Explorer, you can also now filter your Windows Azure services in the Server Explorer by the subscription or region they are in.  If you have multiple subscriptions but need to focus your attention to just a few subscription for some period of time, this a handy way to hide the services from other subscriptions view until they become relevant. You can do the same sort of filtering by region.

To enable this, just select “Filter Services” from the context menu on the Windows Azure node:

image

Then choose the subscriptions and/or regions you want to filter by. In the below example, I’ve decided to show services from my pay-as-you-go subscription within the East US region:

image

Visual Studio will then automatically filter the items that show up in the Server Explorer appropriately:

image

With storage accounts and service bus namespaces, you sometimes need to work with services outside your subscription. To accommodate that scenario, those services allow you to attach an external account (from the context menu). You’ll notice that external accounts have a slightly different icon in server explorer to indicate they are from outside your subscription.

Other Improvements

We’ve also improved the Server Explorer by adding additional properties and actions to the service exposed. You now have access to most of the properties on a cloud service, deployment slot, role or role instance as well as the properties on storage accounts, virtual machines and web sites. Just select the object of interest in Server Explorer and view the properties in the property pane.

We also now have full support for creating/deleting/update storage tables, blobs and queues from directly within Server Explorer.  Simply right-click on the appropriate storage account node and you can create them directly within Visual Studio:

image

Virtual Machines: Start/Stop within Visual Studio

Virtual Machines now have context menu actions that allow you start, shutdown, restart and delete a Virtual Machine directly within the Visual Studio Server Explorer. The shutdown action enables you to shut down the virtual machine and suspend billing when the VM is not is use, and easily restart it when you need it:

image

This is especially useful in Dev/Test scenarios where you can start a VM – such as a SQL Server – during your development session and then shut it down / suspend billing when you are not developing (and no longer be billed for it).

You can also now directly remote desktop into VMs using the “Connect using Remote Desktop” context menu command in VS Server Explorer. 

Cloud Services: Emulator Express with Run as Normal User Support

You can now launch Visual Studio and run your cloud services locally as a Normal User (without having to elevate to an administrator account) using a new Emulator Express option included as a preview feature with this SDK release.  Emulator Express is a version of the Windows Azure Compute Emulator that runs a restricted mode – one instance per role – and it doesn’t require administrative permissions and uses 40% less resources than the full Windows Azure Emulator. Emulator Express supports both web and worker roles.

To run your application locally using the Emulator Express option, simply change the following settings in the Windows Azure project.

  1. On the shortcut menu for the Windows Azure project, choose Properties, and then choose the Web tab.
  2. Check the setting for IIS (Internet Information Services). Make sure that the option is set to IIS Express, not the full version of IIS. Emulator Express is not compatible with full IIS.
  3. On the Web tab, choose the option for Emulator Express.

image

Service Bus: Notification Hubs

With the Windows Azure SDK 2.1 release we are adding support for Windows Azure Notification Hubs as part of our official Windows Azure SDK, inside of Microsoft.ServiceBus.dll (previously the Notification Hub functionality was in a preview assembly).

You are now able to create, update and delete Notification Hubs programmatically, manage your device registrations, and send push notifications to all your mobile clients across all platforms (Windows Store, Windows Phone 8, iOS, and Android).

Learn more about Notification Hubs on MSDN here, or watch the Notification Hubs //BUILD/ presentation here.

Service Bus: Paired Namespaces

One of the new features included with today’s Windows Azure SDK 2.1 release is support for Service Bus “Paired Namespaces”.  Paired Namespaces enable you to better handle situations where a Service Bus service namespace becomes unavailable (for example: due to connectivity issues or an outage) and you are unable to send or receive messages to the namespace hosting the queue, topic, or subscription. Previously,to handle this scenario you had to manually setup separate namespaces that can act as a backup, then implement manual failover and retry logic which was sometimes tricky to get right.

Service Bus now supports Paired Namespaces, which enables you to connect two namespaces together. When you activate the secondary namespace, messages are stored in the secondary queue for delivery to the primary queue at a later time. If the primary container (namespace) becomes unavailable for some reason, automatic failover enables the messages in the secondary queue.

For detailed information about paired namespaces and high availability, see the new topic Asynchronous Messaging Patterns and High Availability.

Service Bus: Tooling Improvements

In this release, the Windows Azure Tools for Visual Studio contain several enhancements and changes to the management of Service Bus messaging entities using Visual Studio’s Server Explorer. The most noticeable change is that the Service Bus node is now integrated into the Windows Azure node, and supports integrated subscription management.

Additionally, there has been a change to the code generated by the Windows Azure Worker Role with Service Bus Queue project template. This code now uses an event-driven “message pump” programming model using the QueueClient.OnMessage method.

PowerShell: Tons of New Automation Commands

Since my last blog post on the previous Windows Azure SDK 2.0 release, we’ve updated Windows Azure PowerShell (which is a separate download) five times. You can find the full change log here. We’ve added new cmdlets in the following areas:

  • China instance and Windows Azure Pack support
  • Environment Configuration
  • VMs
  • Cloud Services
  • Web Sites
  • Storage
  • SQL Azure
  • Service Bus

China Instance and Windows Azure Pack

We now support the following cmdlets for the China instance and Windows Azure Pack, respectively:

  • China Instance: Web Sites, Service Bus, Storage, Cloud Service, VMs, Network
  • Windows Azure Pack: Web Sites, Service Bus

We will have full cmdlet support for these two Windows Azure environments in PowerShell in the near future.

Virtual Machines: Stop/Start Virtual Machines

Similar to the Start/Stop VM capability in VS Server Explorer, you can now stop your VM and suspend billing:

image

If you want to keep the original behavior of keeping your stopped VM provisioned, you can pass in the -StayProvisioned switch parameter.

Virtual Machines: VM endpoint ACLs

We’ve added and updated a bunch of cmdlets for you to configure fine-grained network ACL on your VM endpoints. You can use the following cmdlets to create ACL config and apply them to a VM endpoint:

  • New-AzureAclConfig
  • Get-AzureAclConfig
  • Set-AzureAclConfig
  • Remove-AzureAclConfig
  • Add-AzureEndpoint -ACL
  • Set-AzureEndpoint –ACL

The following example shows how to add an ACL rule to an existing endpoint of a VM.

image

Other improvements for Virtual Machine management includes

  • Added -NoWinRMEndpoint parameter to New-AzureQuickVM and Add-AzureProvisioningConfig to disable Windows Remote Management
  • Added -DirectServerReturn parameter to Add-AzureEndpoint and Set-AzureEndpoint to enable/disable direct server return
  • Added Set-AzureLoadBalancedEndpoint cmdlet to modify load balanced endpoints

Cloud Services: Remote Desktop and Diagnostics

Remote Desktop and Diagnostics are popular debugging options for Cloud Services. We’ve introduced cmdlets to help you configure these two Cloud Service extensions from Windows Azure PowerShell.

Windows Azure Cloud Services Remote Desktop extension:

  • New-AzureServiceRemoteDesktopExtensionConfig
  • Get-AzureServiceRemoteDesktopExtension
  • Set-AzureServiceRemoteDesktopExtension
  • Remove-AzureServiceRemoteDesktopExtension

Windows Azure Cloud Services Diagnostics extension

  • New-AzureServiceDiagnosticsExtensionConfig
  • Get-AzureServiceDiagnosticsExtension
  • Set-AzureServiceDiagnosticsExtension
  • Remove-AzureServiceDiagnosticsExtension

The following example shows how to enable Remote Desktop for a Cloud Service.

image

Web Sites: Diagnostics

With our last SDK update, we introduced the Get-AzureWebsiteLog –Tail cmdlet to get the log streaming of your Web Sites. Recently, we’ve also added cmdlets to configure Web Site application diagnostics:

  • Enable-AzureWebsiteApplicationDiagnostic
  • Disable-AzureWebsiteApplicationDiagnostic

The following 2 examples show how to enable application diagnostics to the file system and a Windows Azure Storage Table:

image

image

SQL Database

Previously, you had to know the SQL Database server admin username and password if you want to manage the database in that SQL Database server. Recently, we’ve made the experience much easier by not requiring the admin credential if the database server is in your subscription. So you can simply specify the -ServerName parameter to tell Windows Azure PowerShell which server you want to use for the following cmdlets.

  • Get-AzureSqlDatabase
  • New-AzureSqlDatabase
  • Remove-AzureSqlDatabase
  • Set-AzureSqlDatabase

We’ve also added a -AllowAllAzureServices parameter to New-AzureSqlDatabaseServerFirewallRule so that you can easily add a firewall rule to whitelist all Windows Azure IP addresses.

Besides the above experience improvements, we’ve also added cmdlets get the database server quota and set the database service objective. Check out the following cmdlets for details.

  • Get-AzureSqlDatabaseServerQuota
  • Get-AzureSqlDatabaseServiceObjective
  • Set-AzureSqlDatabase –ServiceObjective

Storage and Service Bus

Other new cmdlets include

  • Storage: CRUD cmdlets for Azure Tables and Queues
  • Service Bus: Cmdlets for managing authorization rules on your Service Bus Namespace, Queue, Topic, Relay and NotificationHub

Summary

Today’s release includes a bunch of great features that enable you to build even better cloud solutions.  All the above features/enhancements are shipped and available to use immediately as part of the 2.1 release of the Windows Azure SDK for .NET.

If you don’t already have a Windows Azure account, you can sign-up for a free trial and start using all of the above features today.  Then visit the Windows Azure Developer Center to learn more about how to build apps with it.

Hope this helps,

Scott

P.S. In addition to blogging, I am also now using Twitter for quick updates and to share links. Follow me at: twitter.com/scottgu

Windows Azure July Updates: SQL Database, Traffic Manager, AutoScale, Virtual Machines

This morning we released some great updates to Windows Azure. These new enhancements include:

  • SQL Databases: Support for Automated SQL Export and a New Premium Tier SQL Database option
  • Traffic Manager: New support for managing Windows Azure Traffic Manager in the HTML Portal
  • AutoScale: Support for Windows Azure Mobile Services, AutoScale rules for Service Bus Queue Depth, Alerts on AutoScale actions
  • Virtual Machines: Updates to the IaaS management experiences in the Management Portal

All of these improvements are now available to use immediately (note: some are still in preview).  Below are more details about them.

SQL Databases: Support for Automated SQL Database Exports

One commonly requested feature we’ve heard has been the ability for customers to perform recurring, fully automated, exports of a SQL Database to a Storage account.  Starting today this is now a built-in feature of Windows Azure.  You can now export transactional-consistent copies of your SQL Databases, in an automated recurring way, to a .bacpac file in a Storage account using any schedule you wish to define.

To take advantage of this feature, click on the “Configuration” tab of any SQL Database you would like to set up an automated export rule on:

image

Clicking the “Automatic” setting on “export status” will expand the page to include several additional configuration options that allow you to configure the database to be automatically exported to a transactionally consistent .bacpac file in a storage account of your choosing:

image

You can fully automate and control the time and schedule of the exports. By default, it’s set to once per week, but you may set it up to be as frequent as once per day. The start date and time allows you to define when the first export will happen. The time is in UTC, so if you want backups to happen each day at midnight US Eastern time, put 5:00 AM UTC. Keep in mind that exports can take several hours depending on the size of the database, so the start time is not a guarantee about when exports will be completed.

Next, specify the number of days to keep each export file. You can retain multiple export files. Use the “Always keep at least one export” option to ensure that you always have at least one export file to use as a backup. This overrides the retention period, so even if you stop backups for 30 days, you’ll still have an export.

Lastly, you’ll need to specify the server login and password for Automated Export to use. After providing the required information for your automated export, click Save, and your first automated export will be kicked off once the Start Date + Time is reached.  You can check the status of your database exports (and see the date/time of the last one) in the quick glance list on the “Dashboard” tab view of your SQL Database.

Creating a new Database from an Exported One

If you want to create a new SQL Database instance from an exported copy, simply choose the New->Data Services->Sql Database->Import option within the Windows Azure Management Portal:

image

This will then launch a dialog that allows you to select the .bacpac file for your SQL Database export from your storage account, and easily recreate the database (and name it anything you want).

Cost Impact

When an automated export is performed, Windows Azure will first do a full copy of your database to a temporary database prior to creating the .bacpac file. This is the only way to ensure that your export is transactionally consistent (this database copy is then automatically removed once the export has completed). As a result, you will be charged for this database copy on the day that you run the export. Since databases are charged by the day, if you were to export every day, you could in theory double your database costs.  If you run every week then it would be much less.

If your storage account is in a different region from the SQL Database, you will be charged for network bandwidth.  If your storage account is in the same region there are no bandwidth charges.  You’ll then be charged the standard Windows Azure Storage rate (which is priced in GB saved) for any .bacpac files you retain in your storage account.

Conditions to set up Automated Export

Note that in order to set up automated export, Windows Azure has to be allowed to access your database (using the server login name/password you configured in the automated export rule in the screen-shot above) . To enable this, go to the “Configure” tab for your database server and make sure the switch is set to “Yes”:

image 

SQL Databases: Announcing New Premium Tier for Windows Azure SQL Databases

Today, we’re excited to announce the preview of a new Premium Tier for Windows Azure SQL Databases that delivers more predictable performance for business-critical applications.  The Premium Tier helps deliver more powerful and predictable performance for cloud applications by dedicating a fixed amount of reserved capacity for a database including its built-in secondary replicas. This capability will help you scale databases even better and with more isolation.

Reserved capacity is ideal for cloud-based applications with the following requirements:

  • High Peak Load – An application that requires a lot of CPU, Memory, or IO to complete its operations. For example, if a database operation is known to consume several CPU cores for an extended period of time, it is a candidate for using a Premium database.
  • Many Concurrent Requests – Some database applications service many concurrent requests. The normal Web and Business Editions in SQL Database have a limit of 180 concurrent requests. Applications requiring more connections should use a Premium database with an appropriate reservation size to handle the maximum number of needed requests.
  • Predictable Latency – Some applications need to guarantee a response from the database in minimal time. If a given stored procedure is called as part of a broader customer operation, there might be a requirement to return from that call in no more than 20 milliseconds 99% of the time. This kind of application will benefit from a Premium database to make sure that dedicated computing power is available.

To help you best assess the performance needs of your application and determine if your application might need reserved capacity, our Customer Advisory Team has put together detailed guidance. Read the Guidance for Windows Azure SQL Database premium whitepaper for tips on how to continually tune your application for optimal performance and how to know if your application might need reserved capacity. Additionally, our engineers have put together a whitepaper, Managing Premium Databases, on how to setup, use and manage your new premium database once you are accepted into the Premium preview and quota is approved.

Requesting an invitation to the reserved capacity preview requires two steps:

  1. Visit the Preview Features page to request access to the Premium preview program. Initial acceptance requires customers with active, paid Windows Azure subscriptions and account administrator responsibility.
  2. Once your subscription has been activated for the preview program, request a Premium database quota from either the server dashboard or server quickstart in the SQL Databases extension of the Windows Azure Management Portal.

For a closer look at signing up for the Premium preview, please review the short tutorial page, Sign up for Premium preview for Windows Azure SQL Database.  For more details on Premium for SQL Database pricing, please visit the Windows Azure SQL Database pricing page.

Traffic Manager: Integrated within the Windows Azure Management Portal

The Windows Azure Traffic Manager is the newest service we’ve added to the Windows Azure Management Portal. Windows Azure Traffic Manager allows you to control the distribution of network traffic to your Cloud Services and VMs hosted within Windows Azure. It does this by allowing you to group multiple deployments of your Cloud Services under a single public endpoint, and allows you to manage the traffic load rules to them.

As an example of how to use this, let’s consider a scenario in which a Traffic Manager would help a Cloud Service be highly reliable and available. Let’s say that we have a Cloud Service that has been deployed across three regions: East US, West US and North Central US (using three different cloud service instances: myServiceEastUS, myServiceWestUS and myServiceCentralUS):

image

If we now wanted to make our Cloud Service efficient and minimize the response time for any request that is made to it, we might want to direct our network requests so that a request originating from an IP range or location goes to the deployed server with the lowest response time for that particular range or location. With Windows Azure Traffic Manager we can now easily do this.

Windows Azure Traffic Manager creates a routing table by pinging your cloud service from various locations around the world and calculates the response times. It then uses this table to redirect requests to your cloud service so that they are served with the lowest possible response times.

Here is how we could set this up: Create a Traffic Manager profile via NEW -> Network Services -> Traffic Manager -> Quick Create:

image

We’ll choose the Performance option from the “Load Balancing Method” drop down. We’ll select the three instance deployment endpoints we wish to put within the Traffic Manager (in this case our separate deployments within East US, West US and North Central US) and click the Create button:

image

Once we have created our Traffic Manager Profile, we can update our public facing domain www.myservice.com to resolve to our Traffic Manager DNS (in this case myservicetm.test.trafficmgr.com).

By clicking on the traffic manager profile we just created within the Windows Azure Management Portal, we can also later add additional cloud service endpoints to our traffic manager profile, change monitoring and health settings, and change other configuration settings such as DNS TTL and the Load Balancing Method.

For example, let’s assume we want to later change our Load Balancing Method so that instead of being about performance it is instead optimized for failover scenarios and high availability.  Lets say we want all our requests to be served by West US, and in the event the West US instance fails, we want the East US deployment to take point, followed by the deployment in North Central US if that fails too.  We can enable this by going to the Configure tab of our Traffic Manager Profile and changing the Load Balancing Method to Failover:

image

Next, we’ll change the Failover Priority List so that the deployment in West US, myServiceWestUS, is first in the list followed by myServiceEastUS and myServiceCentralUS.

image

Then we’ll click on Save to finalize the changes:

image

By changing these settings we’ve now enabled automatic failover rules for our cloud service instances and enabled multi-region reliability.  The new integrated Traffic Manager experience within today’s Windows Azure Management Portal update makes configuring all of this super easy to setup.

AutoScale: Mobile Services, Service Bus, Trends and Alerts

Three weeks ago we added new automatic scaling support for Web Sites, Cloud Services and Virtual Machines. 

AutoScale enables you to configure Windows Azure to automatically scale your application dynamically on your behalf (without any manual intervention required) so that you can achieve the ideal performance and cost balance. Once configured, AutoScale will regularly adjust the number of instances running in response to the load in your application. We’ve seen a huge adoption of AutoScale in the three weeks that it has been available.  Today I’m excited to announce that even more AutoScale features are now available for you to use:

Windows Azure Mobile Services Support

AutoScale now supports automatically scaling Mobile Service backends (in addition to Web Sites, VMs and Cloud Services).  This feature is available in both the Standard and Premium tiers of Mobile Services.

To enable AutoScale for your Mobile Service, simply navigate to the “Scale” tab of your Mobile Service and set AutoScale to “On”, and the configure the minimum and maximum range of scale units you wish to use:

image

When this feature is enabled, Windows Azure will periodically check the daily number of API calls to and from your Mobile Service and will scale up by an additional unit if you are above 90% of your API quota (until reaching the set maximum number of instances you wish to enable).

At the beginning of each day (UTC), Windows Azure will then scale back down to the configured minimum.  This enables you to minimize the number of Mobile Service instances you run – and save money.

Service Bus Queue Depth Rules

The initial preview of AutoScale supported the ability to dynamically scale Worker Roles and VMs based on two different load metrics:

  • CPU percentage of the Worker/VM machine
  • Storage queue depth (number of messages waiting to be processed in a queue)

With today’s update, you can also now scale your VMs and Cloud Services based on the queue depth of a Service Bus Queue as well.  This is ideal for scenarios where you want to dynamically increase or decrease the number of backend systems you are running based on the backlog of messages waiting to be processed in a queue.

To enable this, choose the “Queue” AutoScale option within the “Scale” tab of a VM or Cloud Service.  When you select 'Queue' in the AutoScale section, click on the ' Account / Namespace ' dropdown. You will now see a list of both your Storage Accounts and Service Bus Namespaces:

image

Once you select a Service Bus namespace, the list of queues in that namespace will appear in the ‘Queue Name’ section. Choose the individual queue that you want AutoScale to monitor:

image

As with Storage Queues, scaling by Service Bus Queue depth allows you to define a 'Target Per Machine'. This target should represent the amount of messages that you believe each worker role can handle at a time. For example, if you have a target of 200, and 2000 messages are in the queue, AutoScale will scale until you have 10 machines.  It will then dynamically scale up/down as your application load changes.

Historical Trend Monitoring

When you AutoScale by CPU, we also now show a miniature graph of your role’s CPU utilization over the past week. This can help you set appropriate targets when first configuring AutoScale, and see how AutoScale has affected CPU once it’s turned on.

image

Alerts

In certain rare scenarios, something may cause the AutoScale engine to fail to execute a rule. We will now inform you in the Windows Azure Management Portal if an AutoScale failure is ongoing:

image

If you ever see this in the Portal, we recommend monitoring the responsiveness and capacity of your service to make sure that there are currently enough compute instances deployed to meet your goals.

In addition, if the AutoScale engine fails to get metrics, such as CPU percentage, from your virtual machines or website (this can be caused by intermittent network failures or diagnostics failure on the machine), the engine may possibly take a special one-time scale-up action, if your capacity was previously determined to be too low. After this, no further scale actions will be taken until the AutoScale engine can receive metrics again.

Virtual Machines:

Today’s Windows Azure update also includes several nice enhancements to how you create and manage Virtual Machines using the Windows Azure Management Portal. 

Richer Custom Create Wizard

We now expose more Virtual Machine options when you create a new Virtual Machine using the “From Gallery” option in the management portal:

image

When you select a VM image from the gallery there are now two updates screens that you can use to configure additional options with it – including the ability to place it within a Cloud Service and create/manage availability sets and virtual network subnet settings:

image

There is also a new screen that allows you to configure and manage network endpoints as part of VM creation within the wizard:

image

We now enable remote PowerShell by default, and make it really easy for users to configure other well-known protocol endpoints.  You can select from well known protocols from a drop-down list (the screen-shot above shows how this is done) or you can manually enter your own port mapping settings.

Exposing the Cloud Services that are Behind a Virtual Machine

Starting this month you may have noticed that we also now expose the underlying Cloud Service used to host one or more Virtual Machines grouped within a single deployment. Previously we didn’t surface the fact that there was a Cloud Service behind VMs directly in the management portal – now you’ll always be able to access the underlying cloud service if you want (which allows you to control/configure more advanced settings). 

Some additional notes:

  • You can now use the VM gallery to deploy a VM into an existing – empty - Cloud Service. This enables the scenario where you want to customize the DNS name for the deployment before deploying any VMs into it.
  • You can now more easily add multiple VMs to a cloud service container using changes we’ve made to the Create VM wizard.
  • You can now use the new Traffic Manager support to enable network load traffic distribution to VMs hosted within Cloud Services.
  • There are no additional charges for VMs now that the Cloud Services are exposed. They were always created; we’re simply un-hiding them going forward to enable more advanced configuration options to be surfaced.

Summary

Today’s release includes a bunch of great features that enable you to build even better cloud solutions.  If you don’t already have a Windows Azure account, you can sign-up for a free trial and start using all of the above features today.  Then visit the Windows Azure Developer Center to learn more about how to build apps with it.

Hope this helps,

Scott

P.S. In addition to blogging, I am also now using Twitter for quick updates and to share links. Follow me at: twitter.com/scottgu

Windows Azure: General Availability of Web Sites + Mobile Services, New AutoScale + Alerts Support, No Credit Card Needed for MSDN

This morning we released a major set of updates to Windows Azure.  These updates included:

  • Web Sites: General Availability Release of Windows Azure Web Sites with SLA
  • Mobile Services: General Availability Release of Windows Azure Mobile Services with SLA
  • Auto-Scale: New automatic scaling support for Web Sites, Cloud Services and Virtual Machines
  • Alerts/Notifications: New email alerting support for all Compute Services (Web Sites, Mobile Services, Cloud Services, and Virtual Machines)
  • MSDN: No more credit card requirement for sign-up

All of these improvements are now available to use immediately (note: some are still in preview).  Below are more details about them.

Web Sites: General Availability Release of Windows Azure Web Sites

I’m incredibly excited to announce the General Availability release of Windows Azure Web Sites. The Windows Azure Web Sites service is perfect for hosting a web presence, building customer engagement solutions, and delivering business web apps.  Today’s General Availability release means we are taking off the “preview” tag from the Free and Standard (formerly called reserved) tiers of Windows Azure Web Sites.  This means we are providing:

  • A 99.9% monthly SLA (Service Level Agreement) for the Standard tier
  • Microsoft Support available on a 24x7 basis (with plans that range from developer plans to enterprise Premier support)

The Free tier runs in a shared compute environment and supports up to 10 web sites. While the Free tier does not come with an SLA, it works great for rapid development and testing and enables you to quickly spike out ideas at no cost.

The Standard tier, which was called “Reserved” during the preview, runs using dedicated per-customer VM instances for great performance, isolation and scalability, and enables you to host up to 500 different Web sites within them.  You can easily scale your Standard instances on-demand using the Windows Azure Management Portal.  You can adjust VM instance sizes from a Small instance size (1 core, 1.75GB of RAM), up to a Medium instance size (2 core, 3.5GB of RAM), or Large instance (4 cores and 7 GB RAM).  You can choose to run between 1 and 10 Standard instances, enabling you to easily scale up your web backend to 40 cores of CPU and 70GB of RAM:

image

Today’s release also includes general availability support for custom domain SSL certificate bindings for web sites running using the Standard tier. Customers will be able to utilize certificates they purchase for their custom domains and use either SNI or IP based SSL encryption. SNI encryption is available for all modern browsers and does not require an IP address.  SSL certificates can be used for individual sites or wild-card mapped across multiple sites (we charge extra for the use of a SSL cert – but the fee is per-cert and not per site which means you pay once for it regardless of how many sites you use it with). 

Today’s release also includes the following new features:

Auto-Scale support

Today’s Windows Azure release adds preview support for Auto-Scaling web sites.  This enables you to setup automatic scale rules based on the activity of your instances – allowing you to automatically scale down (and save money) when they are below a CPU threshold you define, and automatically scale up quickly when traffic increases.  See below for more details.

64-bit and 32-bit mode support

You can now choose to run your standard tier instances in either 32-bit or 64-bit mode (previously they only ran in 32-bit mode).  This enables you to address even more memory within individual web applications.

Memory dumps

Memory dumps can be very useful for diagnosing issues and debugging apps. Using a REST API, you can now get a memory dump of your sites, which you can then use for investigating issues in Visual Studio Debugger, WinDbg, and other tools.

Scaling Sites Independently

Prior to today’s release, all sites scaled up/down together whenever you scaled any site in a sub-region. So you may have had to keep your proof-of-concept or testing sites in a separate sub-region if you wanted to keep them in the Free tier. This will no longer be necessary.  Windows Azure Web Sites can now mix different tier levels in the same geographic sub-region. This allows you, for example, to selectively move some of your sites in the West US sub-region up to Standard tier when they require the features, scalability, and SLA of the Standard tier.

Full pricing details on Windows Azure Web Sites can be found here.  Note that the “Shared Tier” of Windows Azure Web Sites remains in preview mode (and continues to have discounted preview pricing). 

Mobile Services: General Availability Release of Windows Azure Mobile Services

I’m incredibly excited to announce the General Availability release of Windows Azure Mobile Services.  Mobile Services is perfect for building scalable cloud back-ends for Windows 8.x, Windows Phone, Apple iOS, Android, and HTML/JavaScript applications. 

Customers

We’ve seen tremendous adoption of Windows Azure Mobile Services since we first previewed it last September, and more than 20,000 customers are now running mobile back-ends in production using it.  These customers range from startups like Yatterbox, to university students using Mobile Services to complete apps like Sly Fox in their spare time, to media giants like Verdens Gang finding new ways to deliver content, and telcos like TalkTalk Business delivering the up-to-the-minute information their customers require.  In today’s Build keynote, we demonstrated how TalkTalk Business is using Windows Azure Mobile Services to deliver service, outage and billing information to its customers, wherever they might be.

Partners

When we unveiled the source control and Custom API features I blogged about two weeks ago, we enabled a range of new scenarios, one of which is a more flexible way to work with third party services.  The following blogs, samples and tutorials from our partners cover great ways you can extend Mobile Services to help you build rich modern apps:

  • New Relic allows developers to monitor and manage the end-to-end performance of iOS and Android applications connected to Mobile Services.
  • SendGrid eliminates the complexity of sending email from Mobile Services, saving time and money, while providing reliable delivery to the inbox.
  • Twilio provides a telephony infrastructure web service in the cloud that you can use with Mobile Services to integrate phone calls, text messages and IP voice communications into your mobile apps.
  • Xamarin provides a Mobile Services add on to make it easy building cross-platform connected mobile aps.
  • Pusher allows quickly and securely add scalable real-time messaging functionality to Mobile Services-based web and mobile apps.

Visual Studio 2013 and Windows 8.1

This week during //build/ keynote, we demonstrated how Visual Studio 2013, Mobile Services and Windows 8.1 make building connected apps easier than ever.

Developers building Windows 8 applications in Visual Studio can now connect them to Windows Azure Mobile Services by simply right clicking then choosing Add Connected Service.

image

You can either create a new Mobile Service or choose existing Mobile Service in the Add Connected Service dialog. Once completed, Visual Studio adds a reference to Mobile Services SDK to your project and generates a Mobile Services client initialization snippet automatically.

Add Push Notifications

Push Notifications and Live Tiles are a key to building engaging experiences. Visual Studio 2013 and Mobile Services make it super easy to add push notifications to your Windows 8.1 app, by clicking Add a Push Notification item:

image

The Add Push Notification wizard will then guide you through the registration with the Windows Store as well as connecting your app to a new or existing mobile service.

image

Upon completion of the wizard, Visual Studio will configure your mobile service with the WNS credentials, as well as add sample logic to your client project and your mobile service that demonstrates how to send push notifications to your app.

Server Explorer Integration

In Visual Studio 2013 you can also now view your Mobile Services in the the Server Explorer. You can add tables, edit, and save server side scripts without ever leaving Visual Studio, as shown on the image below:

image

Pricing

With today’s general availability release we are announcing that we will be offering Mobile Services in three tiers – Free, Standard, and Premium.  Each tier is metered using a simple pricing model based on the # of API calls (bandwidth is included at no extra charge), and the Standard and Premium tiers are backed by 99.9% monthly SLAs.  You can elastically scale up or down the number of instances you have of each tier to increase the # of API requests your service can support – allowing you to efficiently scale as your business grows.

The following table summarizes the new pricing model (full pricing details here):

image 

You can find the full details of the new pricing model here.

Build Conference Talks

The //BUILD/ conference will be packed with sessions covering every aspect of developing connected applications with Mobile Services. The best part is that, even if you can’t be with us in San Francisco, every session is being streamed live. Be sure not to miss these talks:

AutoScale: Dynamically scale up/down your app based on real-world usage

One of the key benefits of Windows Azure is that you can dynamically scale your application in response to changing demand. In the past, though, you have had to either manually change the scale of your application, or use additional tooling (such as WASABi or MetricsHub) to automatically scale your application. Today, we’re announcing that AutoScale will be built-into Windows Azure directly.  With today’s release it is now enabled for Cloud Services, Virtual Machines and Web Sites (Mobile Services support will come soon).

Auto-scale enables you to configure Windows Azure to automatically scale your application dynamically on your behalf (without any manual intervention) so you can achieve the ideal performance and cost balance. Once configured it will regularly adjust the number of instances running in response to the load in your application. Currently, we support two different load metrics:

  • CPU percentage
  • Storage queue depth (Cloud Services and Virtual Machines only)

We’ll enable automatic scaling on even more scale metrics in future updates.

When to use Auto-Scale

The following are good criteria for services/apps that will benefit from the use of auto-scale:

  • The service/app can scale horizontally (e.g. it can be duplicated to multiple instances)
  • The service/app load changes over time

If your app meets these criteria, then you should look to leverage auto-scale.

How to Enable Auto-Scale

To enable auto-scale, simply navigate to the Scale tab in the Windows Azure Management Portal for the app/service you wish to enable.  Within the scale tab turn the Auto-Scale setting on to either CPU or Queue (for Cloud Services and VMs) to enable Auto-Scale.  Then change the instance count and target CPU settings to configure the Auto-Scale ranges you want to maintain.

The image below demonstrates how to enable Auto-Scale on a Windows Azure Web-Site.  I’ve configured the web-site so that it will run using between 1 and 5 VM instances.  The exact # used will depend on the aggregate CPU of the VMs using the 40-70% range I’ve configured below.  If the aggregate CPU goes above 70%, then Windows Azure will automatically add new VMs to the pool (up to the maximum of 5 instances I’ve configured it to use).  If the aggregate CPU drops below 40% then Windows Azure will automatically start shutting down VMs to save me money:

image

Once you’ve turned auto-scale on, you can return to the Scale tab at any point and select Off to manually set the number of instances.

Using the Auto-Scale Preview

With today’s update you can now, in just a few minutes, have Windows Azure automatically adjust the number of instances you have running  in your apps to keep your service performant at an even better cost.

Auto-scale is being released today as a preview feature, and will be free until General Availability. During preview, each subscription is limited to 10 separate auto-scale rules across all of the resources they have (Web sites, Cloud services or Virtual Machines). If you hit the 10 limit, you can disable auto-scale for any resource to enable it for another.

Alerts and Notifications

Starting today we are now providing the ability to configure threshold based alerts on monitoring metrics. This feature is available for compute services (cloud services, VM, websites and mobiles services). Alerts provide you the ability to get proactively notified of active or impending issues within your application.  You can define alert rules for:

  • Virtual machine monitoring metrics that are collected from the host operating system (CPU percentage, network in/out, disk read bytes/sec and disk write bytes/sec) and on monitoring metrics from monitoring web endpoint urls (response time and uptime) that you have configured.
  • Cloud service monitoring metrics that are collected from the host operating system (same as VM), monitoring metrics from the guest VM (from performance counters within the VM) and on monitoring metrics from monitoring web endpoint urls (response time and uptime) that you have configured.
  • For Web Sites and Mobile Services, alerting rules can be configured on monitoring metrics from monitoring endpoint urls (response time and uptime) that you have configured.

Creating Alert Rules

You can add an alert rule for a monitoring metric by navigating to the Setting -> Alerts tab in the Windows Azure Management Portal. Click on the Add Rule button to create an alert rule.

image

Give the alert rule a name and optionally add a description. Then pick the service which you want to define the alert rule on:

image

The next step in the alert creation wizard will then filter the monitoring metrics based on the service you selected:

image 

Once created the rule will show up in your alerts list within the settings tab:

image

The rule above is defined as “not activated” since it hasn’t tripped over the CPU threshold we set.  If the CPU on the above machine goes over the limit, though, I’ll get an email notifying me from an Windows Azure Alerts email address (alerts-noreply@mail.windowsazure.com). And when I log into the portal and revisit the alerts tab I’ll see it highlighted in red.  Clicking it will then enable me to see what is causing it to fail, as well as view the history of when it has happened in the past.

Alert Notifications

With today’s initial preview you can now easily create alerting rules based on monitoring metrics and get notified on active or impending issues within your application that require attention. During preview, each subscription is limited to 10 alert rules across all of the services that support alert rules.

No More Credit Card Requirement for MSDN Subscribers

Earlier this month (during TechEd 2013), Windows Azure announced that MSDN users will get Windows Azure Credits every month that they can use for any Windows Azure services they want. You can read details about this in my previous Dev/Test blog post.

Today we are making further updates to enable an easier Windows Azure signup for MSDN users. MSDN users will now not be required to provide payment information (e.g. no credit card) during sign-up, so long as they use the service within the included monetary credit for the billing period. For usage beyond the monetary credit, they can enable overages by providing the payment information and remove the spending limit.

This enables a super easy, one page sign-up experience for MSDN users.  Simply sign-up for your Windows Azure trial using the same Microsoft ID that you use to manage your MSDN account, then complete the one page sign-up form below and you will be able to spend your free monthly MSDN credits (up to $150 each month) on any Windows Azure resource for dev/test:

image 

This makes it trivially easy for every MDSN customer to start using Windows Azure today.  If you haven’t signed up yet, I definitely recommend checking it out.

Summary

Today’s release includes a ton of great features that enable you to build even better cloud solutions.  If you don’t already have a Windows Azure account, you can sign-up for a free trial and start using all of the above features today.  Then visit the Windows Azure Developer Center to learn more about how to build apps with it.

Hope this helps,

Scott

P.S. In addition to blogging, I am also now using Twitter for quick updates and to share links. Follow me at: twitter.com/scottgu