Based on some recently published reports, it appears Microsoft is revamping the way it packages services delivered by Azure Stack, preferring lighter-weight and modular containers over dedicated Infrastructure VMs. Code-named “Project Saturn”, this evolution of Microsoft’s promise of a hybrid cloud experience, may actually be a nod to something that goes beyond just a customer’s data center. Just like Saturn’s rings encircle the planet, maybe the next generation of Azure Stack will deliver modularized services as the intelligent edge surrounding Azure. Can you say Azure anytime and anywhere?
Azure in your data center . . . sort of
Azure Stack is an on-premise version of Azure that runs on dedicated hardware in a customer’s site or data center. This is great for customers who want to standardize on Azure services and APIs to deliver applications, but may have data access or security needs that require the workloads to run on-premise as opposed to in an Azure data center. This offering is unique compared to the other large public cloud providers (Amazon and Google) who are currently only offering their services in their regional data centers. (At the date of this writing, AWS Outposts was slated for a late 2019 release and not GA.) Today, Azure Stack is only available on specific certified hardware, sold and implemented by one of four vendors: Dell, Lenovo, HPE and Cisco.
Unfortunately for Azure Stack customers, not all public Azure services are available on Azure Stack, namely PaaS offerings like Cosmos DB, CDN, Logic Apps or Redis Cache, just to name a few. (Services like Redis Cache can be run on Azure Stack, but as IaaS VMs that still require traditional operational oversight, not as a self-managed PaaS offering.) To be honest, it is difficult to find a definitive comparison of what’s not available on Azure Stack that is available in Azure cloud. Nonetheless, I am sure Microsoft’s goal is to eventually offer any and all Azure services in both Azure Stack and Azure public cloud.
How the Stack is built
Azure Stack services are facilitated through resource providers, which are in essence the web and API gateway for accessing and controlling service resources. There are IaaS providers (Compute, Network, and Storage) as well as PaaS (App Services, SQL, and MySQL Servers). These resource providers leverage Infrastructure controllers (called roles) to configure the underlying components that service the providers. Today, those roles are hosted on shared (or in some cases dedicated) IaaS instances. And while in the initial releases this may have been acceptable, containerizing these roles and making resource providers more modular will allow Microsoft to bring more PaaS offerings to the existing Azure Stack product line.
On a side note, containerizing service delivery modules isn’t anything new. Many on-premise appliance vendors and providers execute their control planes and pluggable services as containers. Its more resource efficient on the hardware, easier to upgrade, and prevents “OS-sprawl” which increases complexity and security vulnerability.
Containers to the Edge!
However, the most exciting aspect of Project Saturn isn’t necessarily how the current offering may grow to include more PaaS services because of efficient containerization, but where those services will be able to run. Imagine the current confines of Azure Stack services being shattered by light-weight, portable and consistent container runtimes. DevOps engineers and teams are adopting containers at a lightening pace for multiple reasons, including the very small image size containers take up, the ability to deploy containers directly from code, and the consistent behavior of containers between environments. It all but eliminates the “works on my computer” argument that Developers and Operations teams have battled over since the dawn of time.
If Project Saturn successfully migrates the underlying resource providers for Azure services to containers, then there’s no reason those services can’t be hosted way beyond the scope of Azure Stack as it stands today. Microsoft’s Intelligent Edge, which includes IoT and Data Services, would stand to benefit from the possibility of running any number of Azure native services directly in the edge without having to send that data back to an Azure Stack instance, or even to Azure cloud directly. The ability to choose which services and modules you want deployed and where, greatly extends the reach of Azure right to where the customer needs it to be. Container technology ensures consistent results from those applications and services. The minimal resources needed to run those containers opens the possibilities that those could be run on almost anything anywhere.
There’s very little information in the wild about Project Saturn. Here’s hoping it is everything we’re thinking it will be.