Upload
kallex
View
97
Download
0
Tags:
Embed Size (px)
Citation preview
The Ball / SOS on Azure Part 2Kalle Launiala, Citrus Solutions [email protected]
#td2013fi
About the Presentation – Part 2
Developer getting started from scratchGit clone, build, debug, deploy
Developing HTML(5) + jQuery UI on The BallDemonstrating Web / Worker Role responsibilities
The Ball – Architecture Overview & Deep Dive
RégisLaurentDirector of Operations, Global KnowledgeCompetencies include:Gold LearningSilver System Management
Developer Setup
#td2013fi
Solution structures, build order, deployment options
Get The Source – And Build
Get main project from Github“git clone git://github.com/abstractiondev/TheBallOnAzure”
Get git submodule content“cd TheBallOnAzure”“gitupdateproject.cmd”
Build SolutionsTheBallADM.sln => build, run/debug “AbstractionBuilder.exe”TheBallOnAzure.sln => buildTheBallAzureConfiguration.sln => build, deploy- Then update the accelerator content
Solution Structure
TheBallADM.slnDrives the modular automation from information & process model
TheBallOnAzure.slnMain solution for implementationIncludes automation results in build
TheBallOnAzureConfiguration.slnAccelerator based Azure-deployments- Fine grained control of distributed roles
Developer Settings
IIS Express (Requires IIS set up in Windows 8)Otherwise the HTTP-handlers don’t work properlyNOTE! The IIS Express port “sharing” is evil. Debugging other solution by accident (no changes reflecting)
Debug input parameters for TheBallTool:Full path to Apps/UI/HTML/account – directoryStorage conn str: “UseDevelopmentStorage=true”
Accelerator config for worker-role and web-roleAccelerator update for worker roleAccelerator update for web-role (= VS publish)
Mind the storage key location, not necessarily in VCS
Development through design
Modify XML-model filesInformation mode & process modelGet the status tracking and architect to developer guidance OOB
Run transformation & generatorsMaintain references as see fit, add platform support
Implement manual codeCommonly used libraries as well
RégisLaurentDirector of Operations, Global KnowledgeCompetencies include:Gold LearningSilver System Management
Demo time
#td2013fi
Architecture dive in Visual Studio
Demo Sequence
Demo 1: Solution overviewADM generation role, build, deployment to Azure/Dev Storage
Demo 2: HTTP HandlersAnonymousHandler, AuhorizedHandler (Postback), DeveloperHandler (Hybrid FS)
Demo 3: Blob Storage Usage – Web ContentHTML templates + content objects = HTML pages. Dust.js + jQuery from XML (to JSON) content.
Demo 4: Queue Usage – Worker Parallel ExecutionQueue messaging, Queue envelope, Task-specific context
Demo 5: Blob Storage Usage – Advanced ContentInformationObjects; Masters/Collections, Metadata, Subscriptions, Atomic Queues
Demo 6: Logical Operations – Implementation Level ControlWorker role “manual switch”; Service Layer Migration/Exposure on priority backlog
RégisLaurentDirector of Operations, Global KnowledgeCompetencies include:Gold LearningSilver System Management
InformationContext
#td2013fi
Security boundary, object lifecycleAuthentication & Authorization Separate
Collaboration: Roles & Emails
Trusted Email Address
Collaborator
Collaborating Group
Authentication throughGoogle, Windows Live, Facebook,
Twitter, LinkedIn
The BallEcosystem
Owns& Uses
PracticalTrust
Authenticates& Trusts
Strong Authentication
CollaborationProcesses
Role Authorization& Decisions
TrustedInfra
.Cloud.Infra
Authorization Contexts
Role is assigned to email(does not have to exist
in the system)
Collaborator
Collaborating Group
Manyemail
addressesRole: Moderator,Member, Visitor
Group owns the information.
Policy clearly statedbased on group rules.
DocumentsBinary/Media
Data
DocumentsBinary/Media
Data
Publiclypublished
information
AnonymousWeb Surfer
Can accesswithout login or
registration
Can access withoutauthorization
InformationContext
Owner specific authorization boxMore detailed domain specific authorization possible
Serves as “Current.Active” static global property
Changes / caching is managed at this levelChange subscriptions are launched at context close
Analogous to Entity Framework/ORM, or web stackDataContext, ObjectContext, HttpContext
Stored as TaskID specific or HttpContext specific
Storage Layer
Owner context as content root folder
InformationObject type as base class for dataAll other content (media, plain html) supported as-is
Metadata relative to contentSpecial case for location “directory” metadata
Everything as blob content – even metadataNo benefit from table structures, even queue usage is limitedBlob access being authorization scoped reaches everywhere
Authentication layer
Authentication with DotNetOAuthCustom cookie usage to handle web-farms
Self-stored AES key; alike ASP.NET machine-keyKey expiration and per-request payload possible
Not directly connected to authorizationMultiple authentication methods result to same accountAuthentication method MAY affect the “operative authorization”
Authorization layer
Every request is either completely public/anon or completely authorizedDown to web stylesheets, images and so forth
Denormalized formRequest path is used for blob directory For account the account ID reverts to cookie
Account ID is obtained from cookieOne blob storage request to obtain authorization object
Lookup can be cached with low enough expiration
RégisLaurentDirector of Operations, Global KnowledgeCompetencies include:Gold LearningSilver System Management
Events for changes
#td2013fi
Active triggers, passive monitoring
Active tracking: Subscriptions
Source to target subscription typesWeb content to its sourcesMaster collections subscribe to master objectsMaster using objects subscribe to master objects
Update flow handled in “atomic” single processorDirected acyclic graph generated from subscriptionsDictionary<> based InformationObject update evaluation
“Human content” rendering in parallelWeb pages, reports, end-of-the-chain content
Subscription technical implementationSubscription stored in metadataInformationObject or “directory”/collection monitoring
Blob directory for atomic operations.lock file synchronizationNew items can be added while atomic operation is processingEvaluation order is strictly controlled
Azure Queue for parallel operationsProcessing is still context boundWhen evaluation order does not matter
Passive Tracking Required (no OOB support)Active tracking creates costs “outside control”Information chain/network in linked groups grow really fast
Monitoring in traditional fashionPoll periodically for changesCan use MD5/timestamp
Legacy migration apply as-is
RégisLaurentDirector of Operations, Global KnowledgeCompetencies include:Gold LearningSilver System Management
Wrap Up
#td2013fi
Food for thought…
Metrics, overhead, searches
Exact monitoring of resource usage (per context)CPU, Storage, Network. Transparent cost-based billing.Metrics are analogous and immediately applicable to real world processes
Overhead of relevant processing, any?Execution can be tailored through generators and implementation
Searches – on priority backlogAuthorization context specific indexing; Lucene.NET & AzureDirectoryCan always revert to traditional SQL (scalability issues, context issues)
Legacy migration with reference architectureADM was designed to solve this, to enable legacy constrained modernization
Material available
Tech Blog (including the links to github/abstractiondev):http://abstractiondev.wordpress.com/
Videos & Slides in Demo Videos sectionhttp://abstractiondev.wordpress.com/demo-videos/
More about ADM – in The Blog (for example MSTD 2012)Execution can be tailored through generators and implementation
LinkedIn – group(s)“The Ball – The Information Ecosystem”
Email: [email protected]
© 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentations. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
Thank you for coming!Feedback can be given via mobile or laptop through techdays.fi seminar schedule.
#td2013fi