Why Azure Stack? I can tell you some very good reasons, apart from more control at the provider side by the possibilities of offering an SLA on a single virtual machine ironing out the Upgrade Domain, there’s also the real use case of ease of setup by letting a glorified PowerShell script written by Microsoft do all the work in setting up the entire environment. Azure Stack offers a perfect platform to any large company to allow delegated usage for internal business divisions, allowing stock standard users to install whatever whenever. For example, a university with various faculties can all have access to Azure Stack and go crazy and knock themselves out by implementing anything they wish to at any time they wish to.
Differences between Azure Stack & Azure Public, there’s not many, other than the fact that Azure Public has the added advantage of global hyper-scale. Both Stack and Public are both based on Azure Resource Manager (JSON) deployment methodologies, whereas Stack’s cousin Azure Pack went hand in hand with Azure ASM (Classic).
Both Azure Stack and Azure Public (ARM) support the exact same tooling, PowerShell, Visual Studio with the exact same Azure SDK as well as programs like Azure Storage Explorer.
Azure Stack TP1 Architecture
Currently Azure Stack TP1 is out and runs entirely on a single physical host that being Windows Server 2016 TP4 – the picture below depicts the single physical host and all the services that run on the host which make up Azure Stack – consisting of a whole bunch of VMs.
In the diagram above, the PortalVM Virtual machine hosts the Control Plane (Azure Resource Manager (ARM)) and Azure portal services and various experiences (including services supporting admin experiences and tenant experiences).
All other VMs on the single host which are created at the time of Azure Stack installation all work together to privide what is Azure Stack TP1. There are a total of 10 virtual machines that are installed (out of the box) with Azure Stack just to get it off the ground and get it past GO.
- ACSVM – Azure Consistent Storage services run on the Service Fabric
- ADVM – AD / DNS / DHCP for Azure Stack
- BGPVM – BGP Network Routing
- ClientVM – Admin machine for admin work, PowerShell / Portal etc
- MuxVM – Microsoft software load balancer component & network multiplexing services
- NATVM – Network Address Translation (RRAS)
- NCVM – Microsoft network controller on the Service Fabric (software-defined networking)
- PortalVM – Control Plane (Azure Resource Manager), Azure portal & admin services
- SQLVM – Hosts SQL Servers used by fabric services (ACS & xRP services)
- xRPVM – Core Resource Providers of Azure Stack e.g. Compute, Network, Storage
The diagram screenshot above is what the ‘behind the scenes‘ looks like with Azure Stack TP1. You don’t need to really worry about these VMs, as it’s all controlled from the control plane using with the Azure Stack portal or PowerShell – like you would normally with Azure Public. However it gives you an idea to the complexity that is ‘Azure‘.
Subscriptions, Plans, Offers
Azure Stack is more or less exactly the same as Azure Public, whereas there are offers in which you as a tenant, you subscribe to. To recap, a tenant is like a person renting a house, someone that rents space in Azure Public Cloud – Public or Stack. Tenants then subscribe to an offer, which in turn has one or more plans associated with them, in which plans have services (Resource Providers) and quotas assigned.
The offers in Azure Stack are similar to what Azure Public has available which you might be familiar with, “Pay-As-You-Go” or “Free Trial“.
Azure Public Offers listed below…..
In Azure Stack you create your own offers for subscribers. These offers consist of ‘plans‘ like in the diagram above. Plans are groupings of one or more Azure services (Resource Providers) with services being things like Compute, Web/Mobile, Storage, Network or SQL Database etc. When services are added to plans they can be configured with quotas, e.g. maximum number of CPUs, RAM or VMs that can be applied to each subscription. Quotas are in place to stop a single tenant going crazy and provisioning too much stuff or bringing down the entire cloud by it running out of resources. In saying this, there are default base plans attached to offers which also have default quotas. More information.
The screenshot below is what it looks like in the Azure Stack portal when creating Offers, Plans & Services.
How does Azure AD come into play with Azure Stack? The same as before with Azure Public, the same rule where each Azure subscription either Public or Stack require Azure AD as the authentication mechanism.