Skydiving through the cloud: Windows Azure gambles with 'Full Trust'

When Microsoft first unveiled its Windows Azure cloud-based platform last October, the company made clear it was not some kind of virtual hosting service -- in other words, not a place to house virtual implementations of Windows Server, like Amazon EC2. More to the point, Azure was designed to be a staging service for the deployment of server-based distributed applications, for clients without the data center capacity to deploy it themselves or without the cash on hand necessary to acquire that capacity.

But in its initial description, those distributed applications were essentially .NET managed apps, which don't exactly encompass the gamut of enterprise apps throughout the world. By "managed," I mean the use of a real Common Language Runtime -- in this case, within Microsoft's cloud -- to interpret code from a program or script, using a .NET language like C#. The operating system in Microsoft's cloud truly is Windows, and it manages the .NET platform in a similar way to any other version of Windows residing on Earth's surface.

This week at the MIX 09 conference in Las Vegas, however, the Azure team -- perhaps drowned out a bit by the noise from the Silverlight and Internet Explorer 8 aficionados in the crowd -- unveiled the next very precarious step in Azure's construction: the deployment for the service's testers of native code capability. In other words, not managed code, not .NET programs, but binary code compiled to run in Windows.

The immediate windfall from this new capability, which Microsoft announced Wednesday, is the ability for clients to deploy PHP-based Web sites in the Azure cloud. Up to now, Azure-based sites were limited to ASP.NET, which is nice if you want to run a database-driven Web app with Silverlight on the client side. But a great deal more sites use PHP, and now at least the theoretical capability exists to relocate those sites to Azure.

Another new service tested by Microsoft to be functional within Azure today is FastCGI, the independent standard interface for communicating request/response transactions between Web servers.

"One of the key value propositions for Windows Azure in the services platform is really utilizing your existing skills, and providing that bridge from on-premises to the cloud," remarked Microsoft's Director of Product Management for Windows Azure, Steven Yi, in an interview with Betanews from MIX 09 this week. That's the basis behind the marketing motif of Azure's new feature, which Microsoft is calling "Full Trust." It may very well be full trust, in the same sense as a blindfolded dancer trusts his instincts not to fall off the stage.

As Yi told us (but which we at Betanews know by heart already), if a client keeps his PHP Web site on premises, then the client typically has to add so-called "non-functional requirements" just to keep the site in running order during periods of high traffic. "You're talking about hardware expenditure like load balancers, adding additional code to accommodate failover from one box to the other. By uploading that PHP code to Windows Azure, if [the customer] complies with a couple of architectural rules and utilizes some of the added features [such as Full Trust], we're providing them with the dynamic scaling and also the ability to dynamically scale up and down with traffic, that they wouldn't be able to do on premises."

The term "Full Trust" technically refers to what's going on in the cloud, on the server side, when control is handed off to an element of native code, such as a PHP server or a FastCGI interpreter. The way Azure has worked to this point, its .NET platform creates a condition called partial trust, which does not refer to its reliability. It refers to the design ethic that everything in the .NET program is marshaled and monitored, under an intensified code access security (CAS) model.

As many .NET developers even on single systems are presently aware, the quickest and dirtiest method for enabling managed code from a .NET program to pass control to native code, such as a compiled dynamic link library (DLL), is through a method arbitrarily called platform invocation, or "P/Invoke" for short. It's a non-managed process for triggering a non-managed process; and "non-managed" in this instance means that the CLR will not be handling matters in the case of a type mismatch or a program crash.

At the local level, .NET developers have become quite skilled with P/Invoke, but that's when they can see what's going on in the implementation phase and debug problems as they come up. In the cloud, they may not have that option, which is why those developers will need to institute...Full Trust.
And once again, the way Microsoft engineers its way around a potential dilemma...is to sell its way straight through it.

"We actually see this when we talk with software vendors who are actually trying to take an existing ISV solution and go toward this faster [data center] model...customers are expecting a service type of model and a fast delivery," Yi told Betanews. "All of a sudden, these ISVs that are focused on delivering a line-of-business application or unique IP for a specific industry, are in the infrastructure business, because they have to stand up these data centers and actually incur all these costs, maintain all these operations, and architect things like failover that actually don't provide any additional end-user value. So [with Azure and Full Trust], [the customer] can focus on features of that Web site for rich media or rich Internet applications, to actually capture users more effectively, and worry much less -- and maybe not at all -- about the architectural implications."

Next: The architectural implications...