Microsoft's cloudy chief: Azure reliability knocks your own kit for six

'If you want to reach the globe the most, we're the cloud vendor to do it'


Interview Microsoft ships an update to Azure every three weeks. Scott Guthrie, Microsoft's vice president for Windows Azure, reckons it's adding features and capacity in an effort to catch up with Amazon.

Just announced is a new Azure datacentre in São Paulo, Brazil.

"We have more regions than Amazon, we have coverage in places like China that they're not in," Guthrie told The Register at London's New Developer Conference earlier this month. "If you want to reach the globe the most, we're the cloud vendor to do it."

There is also a new scheduler service, which means you can schedule a task without relying on a specific virtual machine, and a new service called read-only secondaries.

Read-only secondaries are a way of taking advantage of globally replicated data. "We have globally replicated storage, which means that if you're storing your data in North Europe, you can automatically back up your storage account in West Europe," explains Guthrie, though this is a paid-for option, rather than something that happens by default.

"In the past it's only been in a disaster that you'd actually failover. What we give you now is the ability to access the replicated data in read-only mode. That enables you to build apps where you can failover yourself to read the secondary, or check to make sure the data's there."

Guthrie is keen to emphasize that Azure is not just a service for customers, but used extensively by Microsoft itself.

"Every Office 365 customer has a Windows Azure Active Directory login,” he said. “All authentication, all security, all access control for Office 365 goes through Windows Azure. Xbox Live and Xbox One heavily use Windows Azure on the back end. Skype, a lot of which is built here in our London developer centre, is also now running on Azure. SkyDrive, they are in the process of decommissioning their old servers and moving everything onto Azure. All new storage on SkyDrive now goes to Azure."

Guthrie says that for reliability, Azure is now ahead of on-premise systems. Reliability is a thorny subject for Microsoft. Windows Azure has suffered two massive global outages in 2013, the latter during the Xbox One launch and blamed on an botched update to its DNS servers. Skydrive and Outlook.com have also been down this year.

"From a general availability and reliability perspective I feel pretty good that our systems are better than pretty much every customer system I have met," Gutrie counters, though he recognises that lack of control is an issue for customers.

"When there's an issue the good news is you don't have to fix it, but the bad news is you feel like you're waiting for someone to fix it for you. You do need to trust that if something goes wrong, we're on it and will bring it back up."

Scott Guthrie, photo: Tim Anderson

Scott Guthrie. Pic by Tim Anderson

Why would a developer choose Azure versus Amazon or another cloud provider?

Why would a developer choose Azure versus Amazon or another cloud provider? "We're starting to have differentiated capabilities," he says, such as instant, scalable web sites with integrated application deployment built into Visual Studio.

"When you start adding in things like Visual Studio online, continuous delivery, source control hosting, remote debugging, diagnostics features, it starts to become differentiated. Azure Active Directory, the ability to synch on-premise directories to the cloud and then build apps that do single sign-on. Trying to do that on any other cloud platform is really hard. If you want to do MapReduce jobs, and integrate analytics into your system, our HDInsight service makes it easy."

He also highlights Microsoft's ability to do both private and public cloud. "Organisations want to be able to use both public and private clouds, stitch them together, and have the flexibility to deploy solutions in both places. We're the only cloud provider that's doing that."

Amazon has just announced a VDI (Virtual Desktop Infrastructure) service, does Microsoft have plans to extend Azure in that direction? "Technically we support it, especially for developers using Visual Studio 2013," he says, referring to a VM image that exists for that purpose. Such VMs have to use Windows server, since the Windows 7 license doesn't allow Azure deployment. "We do have customers who are using us for VDI, and we partner with Citrix and they have a Citrix-based offering built on Azure that enables remote desktop scenarios."

Azure has some weak spots. I mention the problems with organisational accounts, used by Office 365, and Microsoft accounts, used for signing into Microsoft services, and the problems that occur when you need both for a project, such as errors in Visual Studio. "You shouldn't see errors so it would be good to see the exact scenario. The thing we are doing is making sure you can use both Microsoft accounts and organisational accounts for everything," says Guthrie.

"Our goal is to simplify so that in the consumer's mind and in the developer's mind they don't necessarily care, it should just work. You'll see us add organisational ID support to Visual Studio online. We've already added that to Windows Azure."

Mobile Services are a feature of Azure that lets you rapidly build back-end support for mobile apps, but limited capability reduces their usefulness. Guthrie says a more flexible implementation is coming. "One of the things you will see in future is the ability to build mobile services not just using our current Node.js extensibility, but also using C# and .NET. We will use the ASP.NET WEB API framework for that, and that's very rich. You'll be able to call on SharePoint services and Office 365 services as part of that."

Guthrie will not be drawn far on the question of how much Azure traffic between datacentres is encrypted. "I'll defer that question. We're going to share more details in the future. Different services have different policies. We do encrypt many things but we're a big company so we're cataloguing, is there anything we're not encrypting, and being clear about it."

When Microsoft first released the HTML5 portal for Windows Azure, it had "four or five icons. It had VMs, web sites, storage, networking and cloud services. Now we're up to 26. Each one of the portal extensions now is also 10 times richer than it was in June 2012," says Guthrie. With that pace of development, the extent of Microsoft's commitment to cloud is no longer in question. ®


Other stories you might like

  • Google to pay $90m to settle lawsuit over anti-competitive behavior on the Play Store
    US developers that qualify could receive more than $200,000

    Google is to pay $90 million to settle a class-action lawsuit with US developers over alleged anti-competitive behavior regarding the Google Play Store.

    Eligible for a share in the $90 million fund are US developers who earned two million dollars or less in annual revenue through Google Play between 2016 and 2021. "A vast majority of US developers who earned revenue through Google Play will be eligible to receive money from this fund," said Google.

    Law firm Hagens Berman announced the settlement this morning, having been one of the first to file a class case. The legal firm was one of four that secured a $100 million settlement from Apple in 2021 for US iOS developers.

    Continue reading
  • Start using Modern Auth now for Exchange Online
    Before Microsoft shutters basic logins in a few months

    The US government is pushing federal agencies and private corporations to adopt the Modern Authentication method in Exchange Online before Microsoft starts shutting down Basic Authentication from the first day of October.

    In an advisory [PDF] this week, Uncle Sam's Cybersecurity and Infrastructure Security Agency (CISA) noted that while federal executive civilian branch (FCEB) agencies – which includes such organizations as the Federal Communications Commission, Federal Trade Commission, and such departments as Homeland Security, Justice, Treasury, and State – are required to make the change, all organizations should make the switch from Basic Authentication.

    "Federal agencies should determine their use of Basic Auth and migrate users and applications to Modern Auth," CISA wrote. "After completing the migration to Modern Auth, agencies should block Basic Auth."

    Continue reading
  • Amazon shows off robot warehouse workers that won't complain, quit, unionize...
    Mega-corp insists it's all about 'people and technology working safely and harmoniously together'

    Amazon unveiled its first "fully autonomous mobile robot" and other machines designed to operate alongside human workers at its warehouses.

    In 2012 the e-commerce giant acquired Kiva Systems, a robotics startup, for $775 million. Now, following on from that, Amazon has revealed multiple prototypes powered by AI and computer-vision algorithms, ranging from robotic grippers to moving storage systems, that it has developed over the past decade. The mega-corporation hopes to put them to use in warehouses one day, ostensibly to help staff lift, carry, and scan items more efficiently. 

    Its "autonomous mobile robot" is a disk-shaped device on wheels, and resembles a Roomba. Instead of hoovering crumbs, the machine, named Proteus, carefully slots itself underneath a cart full of packages and pushes it along the factory floor. Amazon said Proteus was designed to work directly with and alongside humans and doesn't have to be constrained to specific locations caged off for safety reasons. 

    Continue reading
  • Microsoft gives its partners power to change AD privileges on customer systems – without permission
    Somewhat counterintuitively, this is being done to improve security

    Microsoft has created a window of time in which its partners can – without permission – create new roles for themselves in customers' Active Directory implementations.

    Which sounds bonkers, so let's explain why Microsoft has even entertained the prospect.

    To begin, remember that criminals have figured out that attacking IT service providers offers a great way to find many other targets. Evidence of that approach can be found in attacks on ConnectWise, SolarWinds, Kaseya and other vendors that provide software to IT service providers.

    Continue reading

Biting the hand that feeds IT © 1998–2022