Windows Azure Cloud & Building Block Services Haishi Bai Technical Evangelist Microsoft

Introduction of Windows Azure Cloud Service Windows Azure Cloud Service Lifecycle Dedicated cache Windows Azure showcase Agenda

Azure ecosystem Caching Access Control Service Bus CDN Traffic Manager HPC Storage Media Services SQL Database

Azure ecosystem Gallery SPA Social N-TierLOB Web API Specialized Legacy Hybrid Caching Access Control Service Bus CDN Traffic Manager HPC Storage On-prem Media Services SQL Database

Azure ecosystem GallerySocial N-Tier Sharing LOB Specialized Legacy Hybrid Caching Access Control Service Bus CDN Traffic Manager HPC Storage On-prem Media Services SQL Database

Azure ecosystem Gallery SPA Social Sharing LOB Web API Specialized Caching Access Control Service Bus CDN Traffic Manager HPC Storage Media Services SQL Database

Cloud Service Overview

Why Cloud Service?

What is a Cloud Service? Web RoleWorker Role VM Role

What Can It Run?

All features of a worker role + IIS 7 or 7.5 ASP.NET SP1 or 4.0 Hosts Webforms or MVC FastCGI applications (e.g. PHP) Multiple Websites Http(s) Web/Worker Hybrid Can optionally implement RoleEntryPoint

Queue Polling Worker Poll and Pop Messages within while(true) loop E.g. Map/Reduce pattern, background image processing Listening Worker Role Create TcpListener or WCF Service Host E.g. Run a.NET SMTP server or WCF Service External Process Worker Role OnStart or Run method executes Process.Start() Startup Task installs or executes background/foreground process Custom Role Entry Point (executable or.Net assembly) E.g. Run a database server, web server, distributed cache

All roles may extend RoleEntryPoint Roles report status via RoleEnvironment

At runtime each Role will execute on one or more instances A role instance is a set of code, configuration, and local data, deployed in a dedicated VM Roles are defined in a Hosted Service A role definition specifies: Virtual machine size Communication endpoints Local storage resources etc.

Roles and Instances Web RolesWorker Roles

99.95% Uptime Guarantee Requires 2 or more instance per role Role instance are isolated by fault domain Fault domains isolate VMs Fault domains provide redundancy At least two fault domains per role

Roles and Instances Example role with nine virtual machines distributed across three fault domains

Cloud Service – inter-role communication Input Endpoint Load-balanced HTTP/HTTPS/TCP/UDP Internal Endpoint Not load-balanced HTTP/TCP/UDP/ANY Instance Input Endpoint Route traffic to specific instance based on port TCP/UPD Other options Queue Storage Database …

Demo

Cloud Service Lifecycle

Windows Azure Services are described by two artifacts: Service Definition (*.csdef) Service Configuration (*.cscfg) Your code is zipped and packaged with definition (*.cspkg) Encrypted(Zipped(Code + *.csdef)) == *.cspkg Windows Azure consumes just (*.cspkg + *.cscfg)

Startup tasks Install software and features Configure host environment Start processes Remote Desktop support Certificate used to enable remote desktop access Endpoints Public endpoints Internal endpoints InstanceInput endpoints Runtime Settings

Packaging & Deployment

Application Upgrade Strategies

Demo

Cloud service lifecycle – Simplistic view

Cloud service lifecycle - Agile

Team Foundation Service Governance/Guidance over complete software lifecycle Integrated with Visual Studio, and now Azure Management Portal Support different methodologies and processes Source repository with gated check-in Continuous integration with auto-build Integrated bug tracking

Demo

Role Instance Starts Diagnostic Monitor Starts Monitor is configured Imperatively at Start time Remotely any time Configuration is saved in Storage Monitor buffers data locally User can set a quota (FIFO) User initiates transfer to storage from local buffer Scheduled On Demand

Demo

Application building blocks

What’s dedicated cache? Use spare memory on your VMs as high- performance cache Distributed cache cluster co-located with existing roles, or use dedicated roles Named caches with high availability option Notifications Support Memcached protocol

Why dedicated cache? Faster No external service calls (additional network hops) Co-located in roles Cheaper No external service calls (additional cost) Use spare memory that you already paid for More reliable Your service is running = cache is available No throttling as in cotenant environment

Demo

Memcached support Host a Memcached cluster in Work Roles Access a Memcached cluster from Web/Worker Roles Memcached Shim Memcached Client Memcached Shim Memcached Server

Demo

Application building blocks

Cloud/On-Premise Integration Cloud-Hosted, reliable asynchronous Messaging Infrastructure with Publish/Subscribe Cloud-Based Relay enabling NAT/Firewall Traversal for reach into on-premises assets

Relay Connect from/to machines anywhere on the planet.

Messaging Queue Asynchronous communication Offline processing Load-balancing Topic & Subscription Asynchronous communication Publish/Subscription pattern Message routing

Demo

Application building blocks

Security challenge Authentication Authorization User store Management UI Forget password? Customer support Data protection Integration with AD LDAP User mapping Synchronization Integration With Facebook More User mapping Facebook Auth API More Synchronization

Solution: Claim-based architecture

Digital identity in a nutshell ACSWIF IdP

AC S

Demo

Application building blocks

Summaries

Contact me