Helder Almeida - Fotolia
- Kristin Knapp, Editorial Director
Running Windows in the cloud is more common today than ever, although it's not always smooth sailing. Despite some looming challenges, however, one thing is clear: As more IT executives warm up to the public cloud, more core, enterprise workloads -- including those that run on Windows -- will move off premises and into the cloud.
"Running Windows workloads in the public cloud is on parity with open source workloads for us, in terms of being treated as a first-class citizen, in terms of SDK support and in terms of operational support," said Kris Bliesner, CTO and co-founder of 2nd Watch Inc., a cloud consultancy and Amazon Web Services (AWS) partner based in Liberty Lake, Wash.
In fact, Bliesner said, about half of the workloads his clients run in AWS today are Windows-based -- a stat that wouldn't have rung true just a year or two ago.
For the most part, this shift stems from the enterprise's evolving perception of public cloud; due to security concerns, many IT pros initially viewed public cloud as an environment only suited for Web applications -- many based on Linux. But as those concerns die down, more and more organizations deploy traditional, line of business applications -- the majority of which are Windows-based -- on public cloud platforms such as AWS.
"People are getting much more comfortable running traditional applications versus just net new Web apps [in the public cloud]," Bliesner said.
Microsoft has also taken steps to make Windows more cloud-friendly, further fueling the migration of Windows workloads to the public cloud, said Carl Brooks, analyst with 451 Research based in New York.
"Windows is not a sort of kludgy old thing, limping along, that Microsoft just decided to bless us with anymore," Brooks said. "They've modernized it since [Windows Server] 2008 and Microsoft is well aware of the new paradigms of use and consumption."
So while Windows Server is still early on in terms of support for containers, microservices and other emerging technologies that underpin modern cloud app development, the release of Windows Server 2016 this year will change -- or at least start to change -- all that.
Windows Server 2016 will include two native container services -- Windows Server Containers and Hyper-V Containers -- and also offer a lightweight installation option called Nano Server that is specifically designed for cloud and DevOps. Nano Server also has a 93% smaller virtual hard disk size than Windows Server setups, according to Microsoft.
The new version of Windows Server, expected to be available in the third quarter this year, will also help users more easily bridge their on-premises and cloud-based environments, Brooks said.
"At every step, you're going to have an option to connect what you are doing on your own personal server with external, existing systems," Brooks said. "Microsoft has been planning and sort of doing this for quite some time, but 2016 is really the intricate application of that vision."
Who runs Windows in the cloud best?
Running Windows workloads in Azure, Microsoft's own public cloud, is an option -- but it isn't the only one. And while users may encounter some differences running Windows workloads in Azure versus another public cloud platform, like AWS or Google, they aren't always significant.
This is especially true when organizations' public cloud use is limited to infrastructure as a service (IaaS), said Al Gillen, program vice president, servers and system software at IDC, a research firm based in Framingham, Mass.
"If you are talking a pure, plain and simple infrastructure as a service deployment, meaning I bring my operating system, I bring my application, I'm going to manage the whole stack from top to bottom -- all I want [the provider] to do is give me a virtual server in the cloud -- the differentiation [is difficult to see between] Amazon and Azure and Rackspace and VMware's vCloud," Gillen said.
Although running Windows workloads in Azure versus a non-Azure cloud, from a pure IaaS perspective, is a fairly apples-to-apples comparison, distinctions do start to pop when platform as a service, software as a service and other provider offerings come into play.
For example, Gillen said, if you have an application that's purpose-built for big data or the Internet of Things, you should look beyond just a provider's IaaS environment, and evaluate its data lakes, analytics capabilities and database support, as well.
That said, there are some other differences, in terms of functionality, when running Windows workloads in Azure instead of another public cloud. And one of the biggest is support for Active Directory, Microsoft's directory service for managing Windows resources and users' access to them.
"[Active Directory] is what Microsoft has essentially built the Windows empire on, and the thing that Azure can give you in a really deep way that other cloud providers generally have more trouble with," said Brooks.
Azure customers can use a tool called Azure Active Directory Connect to integrate their on-premises directory and identity management systems, such as Windows Server Active Directory, with the Azure Active Directory service. In addition, Azure Active Directory enables single sign-on capabilities for Microsoft apps, such as Office 365 and Dynamics CRM, along with third-party apps like Dropbox.
But Azure's competitors also value AD integration. In a bid to attract more Windows shops to its cloud, AWS in December revamped its existing directory service -- which included its own Active Directory (AD) Connector and Simple AD Service -- and introduced AWS Directory Service for Microsoft Active Directory (Enterprise Edition). The new service is targeted at organizations with large AD deployments -- 5,000 users or more -- either on-premises or in the cloud.
Kevin Felichko, CTO of PropertyRoom.com, an online auction company based in Frederick, Md. that uses AWS, said he would consider using the new AWS AD service, since his company had issues using Active Directory on AWS in the past.
The issue, Felichko said, stemmed from low disk space and manifested after PropertyRoom.com migrated one of its AD servers to AWS. The company imported one of its Active Directory VMs into AWS, and encountered a problem with low disk space. In resolving that problem, Felichko said, Amazon pointed out a known but undocumented problem in which an EC2 instance was adjusting the time, causing an issue in syncing with on-premises servers. The EC2 instance would stop responding and, ultimately, the company just decided to build the server from scratch both to resolve the low disk space issue and to have it properly sync.
"It didn't take a long time to figure out, but… I would prefer the idea of not even having to worry about that aspect and having somebody else handle that," Felichko said.
AWS offers its new AD service at $0.40 per hour, while its AD Connector and Simple AD are priced at $0.05 or $0.15 per hour, based on configuration. Microsoft's Azure Active Directory service is priced in three tiers: Free, Basic and Premium. The Basic tier is priced per user based on an organization's enterprise agreement, and the Premium version is $6 per user, per month.
In addition to Active Directory support, Felichko noted some of the newer AWS services aren't Windows-based, which can make it more difficult to blend on-premises Windows environments with some AWS offerings. For instance, because the AWS Lambda service doesn't support C# programming, PropertyRoom.com can't migrate existing services written in C# to Lambda without performing a complete rewrite.
"You've got these great [AWS services] coming out, but you might not necessarily be able to use them in what's native to the rest of your platform," Felichko said.
Licensing options for Windows in the cloud
And then, there's Windows licensing. Not surprisingly, different cloud providers treat it differently.
For instance, AWS users who want to run Windows software on Amazon EC2 can run instances that have the associated Windows licensing fees "baked in" to the overall instance cost, or, in the case of SQL Server, SharePoint and a number of other types of Windows software, to bring their existing Microsoft license to AWS.
But there wasn't always a practical option for users to bring their own Windows Server licenses into AWS, said Bliesner.
"If you had an EA [enterprise agreement] that covered you for 100 Windows Server licenses and you were moving 50 of your on-premises servers into AWS, you had to double pay for a little while," Bliesner said. "You had to shrink your license count over time with Microsoft."
In fact, AWS allows users to bring their own Windows Server licenses, but it requires visibility into the specific core and socket in use, which AWS didn't always provide. But that changed with the launch of AWS EC2 Dedicated Hosts last November. With EC2 Dedicated Hosts, users have greater control of and visibility into a dedicated AWS server. This, in turn, allows users to bring their own Windows Server licenses into AWS EC2.
"It's your dedicated host," Bliesner said. "You can own the operating system license, you can port that, and you can then carve it up into however many instances you want."
Outside of EC2 Dedicated Hosts or Dedicated Instances -- which launched in 2011 and gave users some visibility into their AWS hardware, but not as much as Dedicated Hosts -- users cannot practically bring their own Windows Server operating system license into AWS. And Bliesner said he hasn't seen many AWS users "jump on the dedicated host bandwagon yet."
Microsoft in October disclosed similar plans to let users bring their existing Windows Server licenses into Azure—just as they already can with SQL Server and SharePoint—through its bring your own license (BYOL) program.
Google Compute Engine users also have the option of using their existing licenses for some Microsoft applications, but not for the Windows Server operating system. Instead, Google customers need to continue to run the software through Windows-based instances on Google Compute Engine, according to the Google licensing website.
IaaS pricing roundup
Azure -- Rounds up to the nearest minute your VMs run
AWS -- Rounds up to the nearest hour your VMs run
Google -- Charges for a minimum of 10 minutes and in one-minute increments thereafter
"If I rent a VM for 47 minutes and then release it back, I get charged for 47 minutes," said Bill Wilder, CTO at Finomial Corporation, an investment services firm based in New York.
It's still a Windows world
While Microsoft still has its work cut out in terms of evolving Windows in the cloud, it's clear that Azure has what it takes to nip at the heels of public cloud market leader AWS, said 451's Brooks. In its first fiscal quarter of 2016, Azure revenue and compute usage more than doubled year-over-year, according to Microsoft, while its commercial cloud annualized revenue run rate exceeded $8.2 billion.
"If you look at the trajectory for Azure, too, in terms of revenue -- there is a reason [Microsoft] is breaking out those numbers more explicitly than they were a year ago," Brooks said. "It's because they have now finally hit the speed of acceleration that they need in order to say they legitimately compete with AWS."
Of course, Microsoft's massive enterprise install base plays a big role there -- and will continue to do so for years to come, said IDC's Gillen.
"There is an awful lot of Windows out in the industry, and as much excitement as there is around Linux and next-generation applications and so forth, the install base is really dominated by Windows," he said. "It's going to a Windows-centric world for years to come."
Explore recent Azure updates for containers, IoT
Weigh the pros, cons of the Azure Management Console
How the top cloud vendors performed in 2015
- Containers: Making security and business sense –ComputerWeekly.com
Dig Deeper on Managing cloud applications
A cloud services cheat sheet for AWS, Azure and Google Cloud
Cloud storage 101: NAS file storage on AWS, Azure and GCP
Microsoft Azure AD complements Active Directory
Overcome app portability hurdles of containers in cloud computing