/>Introducing Microsoft Azure
By rboucherLast updated: 10/01/2014
ContributorsEdit on GitHub
In this article:
Microsoft Azure is Microsoft's application platform for the public cloud. The goal of this article is to give you a
foundation for understanding the fundamentals of Azure, even if you don't know anything about cloud
computing.
How to read this article
Azure is growing all the time so it's easy to get overloaded. The basic services are listed earlier in the paper.
Start with just those, then go through the additional services. That doesn't mean you can't use just the
additional services by themselves, but the basic services make up the core of an application running in Azure.
Give feedback
Your feedback is important. This article should give you an effective overview of Azure. If it does not, tell us in
the comments section at the bottom of the page. Give some detail on what you expected to see and how to
improve the article.

Table of Contents
Basic Services - The Components of Azure - Management Portal - Compute - Data
Management - Networking - Developer Services
Additional Services - Identity and Access - Mobile - Backup - Messaging and Integration - Compute
Assistance - Performance - Big Compute and Data -Media - Commerce
Getting Started

The Components of Azure
Azure groups services into categories in the Management Portal and on various visual aids like the What Is
Windows Azure Infographic. The Management Portal is what you use to manage most (but not all) services in
Azure.


This paper will use a different organization to talk about services based on similar function, and to call out
important sub-services that are part of larger ones.

Figure: Azure provides Internet-accessible application services running in Azure datacenters.

Management Portal
Azure has a web interface called the Management Portal that allows administrators to access and administer
most, but not all Azure features. Microsoft typically releases the newer UI portal in beta before retiring an older
one. The newer one is called the "Azure Preview Portal".
There is typically a long overlap when both portals are active. While core services will appear in both portals,
not all functionality may be available in both. Newer services may show up in the newer portal first and older
services and functionality may only exist in the older one. The message here is that if you don't find something
in the older portal, check the newer one and vice-versa.

Compute
One of the most basic things a cloud platform does is execute applications. Azure provides these options:

1.
2.

Virtual Machines gives you control over your own virtual machine, including the operating system.
Websites offers a range of applications, frameworks, and templates for you to build large, scalable web
applications and presence websites quickly, and then efficiently manage development, test, and operations.

3.

Cloud Services is a platform-as-a-service (PaaS) option tuned to create highly scalable and fault
resistant applications, but with more flexibility than Websites.
Each of the Azure execution models has its own role to play.
You can use these technologies separately or combine them as needed to create the right foundation for your

application. The approach you choose depends on what problems you're trying to solve.

Azure Virtual Machines



Figure: Azure Virtual Machines gives you full control over virtual machine instances in the cloud.
The ability to create a virtual machine on demand, whether from a standard image or from one you supply, can
be very useful. This approach, commonly known as Infrastructure as a Service (IaaS), is what Azure Virtual
Machines provides. Figure 2 shows a combination of how an Virtual Machine (VM) runs and how to create one
from a VHD.
To create a VM, you specify which VHD to use and the VM's size. You then pay for the time that the VM is
running. You pay by the minute and only while it's running, though there is a minimal storage charge for
keeping the VHD available. Azure offers a gallery of stock VHDs (called "images") that contain a bootable
operating system to start from. These include Microsoft and partner options, such as Windows Server and
Linux, SQL Server, Oracle and many more. You're free to create VHDs and images, and then upload them
yourself. You can even upload VHDs that contain only data and then access them from your running VMs.
Wherever the VHD comes from, you can persistently store any changes made while a VM is running. The next
time you create a VM from that VHD, things pick up where you left off. The VHDs that back the Virtual Machines
are stored in Azure Storage blobs, which we talk about later. That means you get redundancy to ensure your
VMs won’t disappear due to hardware and disk failures. It's also possible to copy the changed VHD out of
Azure, then run it locally.
Your application runs within one or more Virtual Machines, depending on how you created it before or decide
to create it from scratch now.
This quite general approach to cloud computing can be used to address many different problems.
Virtual Machine Scenarios

1.

Dev/Test - You might use them to create an inexpensive development and test platform that you can

shut down when you've finished using it. You might also create and run applications that use whatever
languages and libraries you like. Those applications can use any of the data management options that Azure
provides, and you can also choose to use SQL Server or another DBMS running in one or more virtual machines.

2.

Move Applications to Azure (Lift-and-shift) - "Lift-and-shift" refers to moving you application much
like you'd use a forklift to move a large object. You "lift" the VHD from your local datacenter, and "shift" it to
Azure and run it there. You will typically have to do some work to remove dependencies on other systems. If
there are too many, you may choose option 3 instead.

3.

Extend your Datacenter - Use Azure VMs as an extension of your on-premises datacenter, running
SharePoint or other applications. To support this, it's possible to create Windows domains in the cloud by
running Active Directory in Azure VMs. You can use Azure Virtual Network (mentioned later) to tie your local
network and your network in Azure together.

Websites



Figure: Azure Websites runs a website application in the cloud without having to manage the underlying
web server.
One of the most common things that people do in the cloud is run websites and web applications. Azure Virtual
Machines allows this, but it still leaves you with the responsibility of administering one or more VMs and the
underlying operating systems. Cloud services web roles can do this, but deploying and maintaining them still
takes administrative work. What if you just want a website where somebody else takes care of the administrative
work for you?
This is exactly what Azure Websites provides. This compute model offers a managed web environment using the

Azure Management portal as well as APIs. You can move an existing website application into Azure Websites
unchanged, or you can create a new one directly in the cloud. Once a website is running, you can add or
remove instances dynamically, relying on Azure Websites to load balance requests across them. Azure Websites
offers both a shared option, where your website runs in a virtual machine with other sites, and a standard
option that allows a site to run in its own VM. The standard option also lets you increase the size (computing
power) of your instances if needed.
For development, Websites supports .NET, PHP, Node.js, Java and Python along with SQL Database and MySQL
(from ClearDB, a Microsoft partner) for relational storage. It also provides built-in support for several popular
applications, including WordPress, Joomla, and Drupal. The goal is to provide a low-cost, scalable, and broadly
useful platform for creating websites and web applications in the public cloud.
WebSite Scenarios
Websites is intended to be useful for corporations, developers, and web design agencies. For corporations, it's
an easy-to-manage, scalable, highly secure, and highly available solution for running presence websites. When
you need to set up a Website, it’s best to start with Azure Websites and proceed to Cloud Services once you
need a feature that’s not available in Websites. See the end of the "Compute" section for more links that can
help you to choose between the options.

Cloud Services



Figure: Azure Cloud Services provides a place to run highly scalable custom code on a Platform as a Service
(PaaS) environment
Suppose you want to build a cloud application that can support lots of simultaneous users, doesn't require
much administration, and never goes down. You might be an established software vendor, for example, that's
decided to embrace Software as a Service (SaaS) by building a version of one of your applications in the cloud.
Or you might be a start-up creating a consumer application that you expect will grow fast. If you're building on
Azure, which execution model should you use?
Azure Websites allows creating this kind of web application, but there are some constraints. You don't have
administrative access, for example, which means that you can't install arbitrary software. Azure Virtual Machines

gives you lots of flexibility, including administrative access, and you certainly can use it to build a very scalable
application, but you'll have to handle many aspects of reliability and administration yourself. What you'd like is
an option that gives you the control you need but also handles most of the work required for reliability and
administration.
This is exactly what's provided by Azure Cloud Services. This technology is designed expressly to support
scalable, reliable, and low-admin applications, and it's an example of what's commonly called Platform as a
Service (PaaS). To use it, you create an application using the technology you choose, such as C#, Java, PHP,
Python, Node.js, or something else. Your code then executes in virtual machines (referred to as instances)
running a version of Windows Server.
But these VMs are distinct from the ones you create with Azure Virtual Machines. For one thing, Azure itself
manages them, doing things like installing operating system patches and automatically rolling out new patched
images. This implies that your application shouldn't maintain state in web or worker role instances; it should
instead be kept in one of the Azure data management options described in the next section. Azure also
monitors these VMs, restarting any that fail. You can set cloud services to automatically create more or fewer
instances in response to demand. This allows you to handle increased usage, and then scale back so you aren’t
paying as much when there is less usage.
You have two roles to choose from when you create an instance, both based on Windows Server. The main
difference between the two is that an instance of a web role runs IIS, while an instance of a worker role does
not. Both are managed in the same way, however, and it's common for an application to use both. For example,
a web role instance might accept requests from users, then pass them to a worker role instance for processing.
To scale your application up or down, you can request that Azure create more instances of either role or shut
down existing instances. And similar to Azure Virtual Machines, you're charged only for the time that each web
or worker role instance is running.
Cloud Services Scenarios
Cloud Services are ideal to support massive scale out when you need more control over the platform than
provided by Azure Websites but don’t need control over the underlying operating system.

Choosing a Compute Model
The page Azure Websites, Cloud Services and Virtual Machines comparison
( ) provides more

detailed information on how to choose a Compute model.

Data Management


Applications need data, and different kinds of applications need different kinds of data. Because of this, Azure
provides several different ways to store and manage data. Azure provides many storage options, but all are
designed for very durable storage. With any of these options, there are always 3 copies of your data kept in
sync across and Azure datacenter -- 6 if you allow Azure to use geo-redundancy to back up to another
datacenter at least 300 miles away.

In Virtual Machines
The ability to run SQL Server or another DBMS in a VM created with Azure Virtual Machines has already been
mentioned. Realize that this option isn't limited to relational systems; you're also free to run NoSQL
technologies such as MongoDB and Cassandra. Running your own database system is straightforward-it
replicates what we're used to in our own datacenters-but it also requires handling the administration of that
DBMS. In other options, Azure handles more or all of the administration for you.
Again, the state of the Virtual Machine and any additional data disk you create or upload are backed by blob
storage (which we talk about later).

Azure SQL Database



Figure: Azure SQL Database provides a managed relational database service in the cloud.
For relational storage, Azure provides the feature SQL Database. Don't let the naming fool you. This is different
than a typical SQL Database provided by SQL Server running on top of Windows Server.
Formerly called SQL Azure, Azure SQL Database provides all of the key features of a relational database
management system, including atomic transactions, concurrent data access by multiple users with data
integrity, ANSI SQL queries, and a familiar programming model. Like SQL Server, SQL Database can be accessed

using Entity Framework, ADO.NET, JDBC, and other familiar data access technologies. It also supports most of
the T-SQL language, along with SQL Server tools such as SQL Server Management Studio. For anybody familiar
with SQL Server (or another relational database), using SQL Database is straightforward.
But SQL Database isn't just a DBMS in the cloud-it's a PaaS service. You still control your data and who can
access it, but SQL Database takes care of the administrative grunt work, such as managing the hardware
infrastructure and automatically keeping the database and operating system software up to date. SQL Database
also provides high availability, automatic backups, point-in-time restore capabilities, and can replicate copies
across geographical regions.
There is also a Premium option that you can pay a little more for so you can have your own dedicated server
underneath. With the Standard option, the database runs on shared hardware, which can throttle your database
queries if you happen to be on a particularly busy server.
Scenarios for SQL Database
If you're creating an Azure application (using any of the compute models) that needs relational storage, SQL
Database can be a good option. Applications running outside the cloud can also use this service, though, so
there are plenty of other scenarios. For instance, data stored in SQL Database can be accessed from different
client systems, including desktops, laptops, tablets, and phones. And because it provides built-in high
availability through replication, using SQL Database can help minimize downtime.

Tables



Figure: Azure Tables provides a flat NoSQL way to store data.
This feature is sometimes called different terms as it's part of a larger feature called "Azure Storage". If you see
"tables", "Azure tables" or "storage tables", it's all the same thing.
And don't be confused by the name: this technology doesn't provide relational storage. In fact, it's an example
of a NoSQL approach called a key/value store. Azure Tables let an application store properties of various types,
such as strings, integers, and dates. An application can then retrieve a group of properties by providing a
unique key for that group. While complex operations like joins aren't supported, tables offer fast access to
typed data. They're also very scalable, with a single table able to hold as much as a terabyte of data. And

matching their simplicity, tables are usually less expensive to use than SQL Database's relational storage.
Scenarios for Tables
Suppose you want to create an Azure application that needs fast access to typed data, maybe lots of it, but
doesn't need to perform complex SQL queries on this data. For example, imagine you're creating a consumer
application that needs to store customer profile information for each user. Your app is going to be very popular,
so you need to allow for lots of data, but you won't do much with this data beyond storing it, then retrieving it
in simple ways. This is exactly the kind of scenario where Azure Tables makes sense.

Blobs



Figure: Azure Blobs provides unstructured binary data.
Azure Blobs (again "Blob Storage" and just "Storage Blobs" are the same thing) is designed to store
unstructured binary data. Like Tables, Blobs provides inexpensive storage, and a single blob can be as large as
1TB (one terabyte). Azure applications can also use Azure drives, which let blobs provide persistent storage for a
Windows file system mounted in an Azure instance. The application sees ordinary Windows files, but the
contents are actually stored in a blob.
Blob storage is used by many other Azure features (including Virtual Machines), so it can certainly handle your
workloads too.
Scenarios for Blobs
An application that stores video, massive files, or other binary information can use blobs for simple, cheap
storage. Blobs are also commonly used in conjunction with other services like Content Delivery Network, which
we will talk about later.

Import / Export



Figure: Azure Import / Export provides the ability to ship a physical hard drive to or from Azure for faster

and cheaper bulk data import or export.
Sometimes you want to move a lot of data into Azure. That would take a long time, perhaps days, and use a lot
of bandwidth. In these cases you can use Azure Import/Export, which allows you to ship Bitlocker-encrypted
3.5" SATA hard drives directly to Azure data centers, where Microsoft will transfer the data into blob storage for
you. After the upload is completed, Microsoft ships the drives back to you. You can also request that large
amounts of data from Blob Storage be exported onto hard drives and sent back to you via mail.
Scenarios for Import / Export

•

Large Data Migration - Anytime you have large amounts of data (Terabytes) that you want to upload
to Azure, the Import/Export service is often much faster and perhaps cheaper than transferring it over the
internet. Once the data is in blobs, you can process it into other forms such as Table storage or an SQL
Database.

•

Archived Data Recovery - You can use Import/Export to have Microsoft transfer large amounts of data
stored in Azure Blob Storage to a storage device that you send and then have that device delivered back to a
location you desire. Because this will take some time, it's not a good option for disaster recovery. It's best for
archived data that you don't need quick access to.

Azure File Service



Figure: Azure File Services provides SMB \\server\share paths for applications running in the cloud.
On-premises, it’s common to have large amounts of file storage accessible through the Server Message Block
(SMB) protocol using a \\Server\share format. Azure now has a service that allows you to use this protocol in
the cloud. Applications running in Azure can use it to share files between VMs using familiar file system APIs like

ReadFile and WriteFile. In addition, the files can also be accessed at the same time via a REST interface, which
allows you to access the shares from on-premises when you also set up a virtual network. Azure Files is built on
top of the blob service, so it inherits the same availability, durability, scalability, and geo-redundancy built into
Azure Storage.
Scenarios for Azure Files

•

Migrating existing apps to the cloud - Its easier to migrate on-premises applications to the cloud that
use file shares to share data between parts of the application. Each VM connects to the file share and then it can
read and write files just like it would against an on-premises file share.

•

Shared Application Settings - A common pattern for distributed applications is to have configuration
files in a centralized location where they can be accessed from many different virtual machines. These
configuration files can be stored in an Azure File share, and read by all application instances. The settings can
also be managed via the REST interface, which allows worldwide access to the configuration files.

•

Diagnostic Share - You can save and share diagnostic files like logs, metrics, and crash dumps. Having
these files available through both the SMB and REST interface allows applications to use a variety of analysis
tools for processing and analyzing the diagnostic data.

•

Dev/Test/Debug - When developers or administrators are working on virtual machines in the cloud,
they often need a set of tools or utilities. Installing and distributing these utilities on each virtual machine is
time consuming. With Azure Files, a developer or administrator can store their favorite tools on a file share and

connect to them from any virtual machine.

Networking
Azure runs today in many datacenters spread across the world. When you run an application or store data, you
can select one or more of these datacenters to use. You can also connect to these datacenters in various ways
using the services below.

Virtual Network



Figure: Virtual Networks provides a private network in the cloud so different services can talk to each other,
or to on-premises resources if you set up a VPN connection.a cross-premises connection.
One useful way to use a public cloud is to treat it as an extension of your own datacenter.
Because you can create VMs on demand, then remove them (and stop paying) when they're no longer needed,
you can have computing power only when you want it. And since Azure Virtual Machines lets you create VMs
running SharePoint, Active Directory, and other familiar on-premises software, this approach can work with the
applications you already have.
To make this really useful, though, your users ought to be able to treat these applications as if they were
running in your own datacenter. This is exactly what Azure Virtual Network allows. Using a VPN gateway device,
an administrator can set up a virtual private network (VPN) between your local network and your VMs that are
deployed to a virtual network in Azure. Because you assign your own IP v4 addresses to the cloud VMs, they
appear to be on your own network. Users in your organization can access the applications those VMs contain as
if they were running locally.
For more information about planning and creating a virtual network that works for you, see Virtual Network.

Express Route




Figure: ExpressRoute uses an Azure Virtual Network, but routes connections through faster dedicated lines
instead of the public Internet.
If you need more bandwidth or security than an Azure Virtual Network connection can provide, you can look
into ExpressRoute. In some cases, ExpressRoute can also save you money. You’ll still need a virtual network in
Azure, but the link between Azure and your site uses a dedicated connection that does not go over the public
Internet. In order to use this service, you’ll need to have an agreement with either a network service provider, or
an exchange provider.
Setting it up an ExpressRoute connection requires more time and planning, so you might want to start with a
site-to-site VPN, then migrate to an ExpressRoute connection.
For more information about ExpressRoute, see ExpressRoute Technical Overview.

Traffic Manager