Upload
veronica-fox
View
217
Download
0
Embed Size (px)
Citation preview
Windows Azure Cloud & Application Services
NameTitleOrganization
ManagementComplexity
Azure ecosystem
Web Sites
Cloud Services Virtual Machines
Control
Gallery
SPA
Social N-Tier
Sharing
LOB
Web APISpecialized
Legacy
Hybrid
Caching Access Control
Service Bus
CDN
TrafficManager
HPC Storage
On-prem
MediaServices
SQL Database
Flexibility
Hello World! .
Cloud Service Overview
Why Cloud Service?
Build infinitely scalable applications and services
Support rich multi-tier architectures
Automated application management
What is a Cloud Service?
A collection of related service roles
Web Role Worker Role
What Can It Run?
Web Role
All features of a worker role + IIS 7 or 7.5ASP.NET 3.5 SP1 or 4.0 – 64bitHostsWebforms or MVCFastCGI applications (e.g. PHP)Multiple Websites
Http(s)Web/Worker HybridCan optionally implement RoleEntryPoint
Worker Role Patterns
Queue Polling WorkerPoll and Pop Messages within while(true) loopE.g. Map/Reduce pattern, background image processing
Listening Worker RoleCreate TcpListener or WCF Service HostE.g. Run a .NET SMTP server or WCF Service
External Process Worker RoleOnStart or Run method executes Process.Start()Startup Task installs or executes background/foreground processCustom Role Entry Point (executable or .Net assembly)E.g. Run a database server, web server, distributed cache
Role Lifecycle
All roles may extend RoleEntryPointRoles report status via RoleEnvironment
StatusCheck
StatusCheck
StatusCheck
Stopping
METHODS EVENTS STATUS
Roles and Instances
At runtime each Role will execute on one or more instances A role instance is a set of code, configuration, and local data, deployed in a dedicated VM
Roles are defined in a Hosted ServiceA role definition specifies:Virtual machine sizeCommunication endpointsLocal storage resourcesetc.
Roles and Instances
Cloud ServiceWeb Roles Worker Roles
Web_instance_0
Web_instance_1
Worker_instance_2
Worker_instance_1
Worker_instance_0
Fault Domains
99.95% Uptime GuaranteeRequires 2 or more instance per role
Role instance are isolated by fault domainFault domains isolate VMsFault domains provide redundancyAt least two fault domains per role
Roles and InstancesExample role with nine virtual machines distributed across three fault domains
ROLE
VM1 VM3
VM5 VM8
VM2 VM4
VM6 VM9
VM6 VM9
Upgrade Domains
Hello WorldDemo
Cloud Service Lifecycle
Understanding Packaging and ConfigWindows Azure Services are described by two artifacts:Service Definition (*.csdef)Service Configuration (*.cscfg)
Your code is zipped and packaged with definition (*.cspkg)Encrypted(Zipped(Code + *.csdef)) == *.cspkg
Windows Azure consumes just (*.cspkg + *.cscfg)
Startup tasksInstall software and featuresConfigure host environmentStart processes
Remote Desktop supportCertificate used to enable remote desktop access
EndpointsPublic endpointsInternal endpointsInstanceInput endpoints
Runtime Settings
Upload to Windows Azure
Packaging & Deployment
Microsoft Visual Studio
Web Role
Worker Role
Application Upgrade Strategies
Staging vs. ProductionDeploy to staging for testing and validation; Promote to production using VIP swap
In-place upgradeReplace an old deployment with a new deployment
Service ManagementDemo
Package
Cloud service lifecycle – Simplistic view
Upload DeployCode©
Cloud service lifecycle - Agile
Product planning
Sprintplanning
Sprint
Shippable increment
Dailyscrum
©
Team Foundation Service• Governance/Guidance over complete software
lifecycle• Integrated with Visual Studio, and now Azure
Management Portal• Support different methodologies and processes• Source repository with gated check-in• Continuous integration with auto-build• Integrated bug tracking
TFS Continuous Integration Demo
Role Instance
Windows Azure DiagnosticsRole Instance StartsDiagnostic Monitor StartsMonitor is configuredImperatively at Start timeRemotely any timeConfiguration is saved in Storage
Monitor buffers data locallyUser can set a quota (FIFO)
User initiates transfer to storage from local bufferScheduled On Demand
Windows Azure Diagnostics Demo
Applicationbuilding blocks
StorageBig data
Caching
CDN
Database
Identity
Media
Messaging
Networking
Traffic
Applicationbuilding blocks
StorageBig data
Caching
CDN
Database
Identity
Media
Messaging
Networking
Traffic
What’s Windows Azure Cache?
• Use spare memory on your VMs as high-performance cache
• Distributed cache cluster co-located with existing roles, or use dedicated roles
• Named caches with high availability option
• Notifications• Support Memcached protocol
Why Windows Azure Cache?
FasterNo external service calls (additional network hops)Co-located in roles
CheaperNo external service calls (additional cost)Use spare memory that you already paid for
More reliableYour service is running = cache is availableNo throttling as in cotenant environment
Windows Azure CacheDemo
Applicationbuilding blocks
StorageBig data
Caching
CDN
Database
Identity
Media
Messaging
Networking
Traffic
Cloud/On-Premise Integration
Cloud-Hosted, reliable asynchronous Messaging Infrastructure with Publish/Subscribe
Cloud-Based Relay enabling NAT/Firewall Traversal for reach into on-premises assets
RelayService Bus Relay solves the challenges of communicating between on-premises applications and the outside world by allowing on-premises web services to project public endpoints. Systems can then access these web services, which continue to run on-premises from anywhere on the planet.
NATFirewall
Dynamic IP
Messaging
QueueAsynchronous communicationOffline processingLoad-balancing
Topic & SubscriptionAsynchronous communicationPublish/Subscription patternMessage routing
Queue Queue
Service Bus: RelayDemo
Applicationbuilding blocks
StorageBig data
Caching
CDN
Database
Identity
Media
Messaging
Networking
Traffic
Security challenge
Your App
Authentication
Authorization
User store
ManagementUI
Forget password?
Customersupport Data
protection
Integrationwith AD
LDAPUser
mapping
Synchronization
IntegrationWith
MoreUser
mapping
FacebookAuth API
MoreSynchronizatio
n
Solution: Claim-based architecture
Your App
?“User is Joe”“Role is Administrator”
ACS +
WIF
Mob
ile
ACSACS
ADFS2 . WS-Federation
Your ApplicationIdentity Providers
Bro
wse
r-b
ase
dR
ich
Clie
nt
WS-Federation
SAML
SWT
SAML
SWT
Service Identities
ADFS2 . WS-Trust
WS-Trust
OAuth WRAP/2.0
WIF
Claims
Federated security with ACS
Demo
© 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.