Embed Size (px)
Citation preview
Windows Azure Windows Azure Building web sites and Building web sites and services in the cloudservices in the cloud
Manu Cohen-YasharSela Grouphttp://blogs.microsoft.co.il/blogs/applisec
AgendaAgenda
• Why cloud services• Windows azure• Main programming elements• Demo• Q & A• Summary
Why cloud servicesWhy cloud services
Scalability in another dimationScalability in another dimation
Azure™ Services Platform
A Look Inside AzureA Look Inside Azure
ServiceBus
AccessControl
Workflow
…
Database
Reporting
Analytics
…
Compute Storage Manage
Identity
Devices
Contacts
…
…
…
Your Applications
ACCESS CONTROLACCESS CONTROL
Access ControlAccess Control
Your CustomersYour CustomersYour AppYour App
Acce
ss C
ontr
ol
Serv
ice
Acce
ss C
ontr
ol
Serv
ice
< Any IDProvider>
<Any ID Provider>
Live ID UsersLive ID Users
XYZ Domain Users
XYZ Domain Users
Who is the caller?
Who is the caller?
What can they
do?
What can they
do?
UIUI
IntegrateIntegrate
ServiceBus
ServiceBus
OrchestrateOrchestrate
StoreStore
WFWF
DataData
Access Control Moving PartsAccess Control Moving Parts
• Portal– A UI for creating and managing
collections of access control rules• Client API
– Provides a programmatic way to manage collections of access control rules
• Service (STS)– A hosted service that issues tokens– Developers interact with the
service via the “Geneva” Framework
Access Control InteractionsAccess Control Interactions
Your .NET Access Control Service STS
(Managed STS)
Your .NET Access Control Service STS
(Managed STS)
Relying Party( ,Service Bus
,Your Appetc).
Relying Party(Service Bus,
Your App, etc).
2 .
Send Claim
s(R
ST) 4 .
Send Token )RSTR
((
output claims from
4
)
5 .Send Messagew/token
0 .Cert|Secret exchange;
periodically refreshed
Requestor( Your
Customer)
Requestor(Your
Customer)
1 . Define access control rules for a
customer
1 .Define access control rules for a
customer
6. Claims checked
in RelyingParty
6.Claims checked
in Relying Party
3 .Map input claims to output claims based on
access control rules
SERVICE BUSSERVICE BUS
Enterprise Service BusEnterprise Service Bus
Service OrchestrationService Orchestration
Service RegistryService RegistryNamingNamingFederated Federated
Identity and Identity and Access ControlAccess Control Messaging FabricMessaging Fabric
CRMCRMCRMCRM
CustomersCustomers LeadsLeads
TrendsTrendsCampaignsCampaigns
Supply ChainSupply ChainSupply ChainSupply Chain
InventoryInventory Order EntryOrder Entry
PlanningPlanningPurchasingPurchasing
Point Of SalePoint Of SalePoint Of SalePoint Of SalePOS POS
IntegrationIntegration Product Product CatalogCatalog
ReturnsReturnsWeb StoreWeb Store
Internet Service BusInternet Service Bus
Service OrchestrationService Orchestration
Service RegistryService RegistryNamingNamingFederated Federated
Identity and Identity and Access ControlAccess Control Messaging FabricMessaging Fabric
ClientsClientsClientsClients MS/3MS/3rdrdParty Services Party Services MS/3MS/3rdrd Party Services Party ServicesOn-Premise ESBOn-Premise ESBOn-Premise ESBOn-Premise ESB
ESBESBDesktop, Desktop, RIA, WebRIA, Web
Desktop, Desktop, RIA, & RIA, &
WebWeb
Your Your ServicesServices
Your Your ServicesServices
SERVICE SERVICE ORCHESTRATIONORCHESTRATION
Your OwnHost
Your OwnHost
“Dublin” “Dublin”
. NET WorkflowService
.NET Workflow Service
Hosting WFHosting WF
WFWF
Service OrchestrationService Orchestration
http//:
Service Bus
SQL DATA SQL DATA SERVICESSERVICES
SQL Services FuturesSQL Services FuturesExtending the SQL Data Platform to the cloudExtending the SQL Data Platform to the cloud
Reference Data
Reporting
ETLData Mining
• Data services tier of the Azure Services Platform• Built on SQL Server foundation• Broad data platform capabilities as a service
– Friction-free provisioning, scaling– Significant investments in scale, HA, lights-out
operation and TCO
SDS is built on three key pillars1. Storage for all data types from
birth to archival2. Rich data processing services3. Operational excellence
SQL Data Services (SDS)SQL Data Services (SDS)“Database as a Service”“Database as a Service”
Trey Research Media MarketplaceTrey Research Media Marketplace
Photo ManagementWPF App
PhotographerIn FieldMobile App
• It is an operating system for the cloud• It is designed for utility computing• It has four primary features:
– Service management– Compute– Storage– Developer experience
What Is What Is Windows AzureWindows Azure??
• The same facilities that a desktop OS provides, but on a set of connected servers:– Abstract execution environment– Shared file system– Resource allocation– Programming environments
• Utility computing– 24/7 operation– Pay for what you use– Simpler, transparent administration
What Should The Cloud OS Provide?What Should The Cloud OS Provide?
• The Windows Azure provides core technologies for building rich services on top of unreliable but scalable hardware (i.e., a cloud operating system)– Supports building applications that scale– Programming tools and interfaces are
designed to be familiar to traditional desktop programmer
• Introduce new concepts that are similar to existing ones at a different abstraction level
Windows AzureWindows Azure
Desktop And Related Azure ConceptsDesktop And Related Azure Concepts
Desktop
• EXE• Application Configuration• Manifest• DLL
– Windows forms library– Windows service
• Local data stores
Windows Azure
• Service package• Service configuration• Service definition• Service role
– Web role– Worker role
• Internet data stores
• Service definition– Defines aspects of a service that cannot be changed without redeployment
• Types of roles and static role configuration• Set of configuration settings for a role• Contract with the environment code runs
• Service configurations– Defines values for properties that can be dynamically updated for a running deployment
• Values of a configuration parameter• Number of running instances
Service ConceptsService Concepts
Storage ServicesStorage Services
Web RoleWeb Role
• Web farm that handles request from the internet
• IIS7 hosted web core– Hosts ASP.NET– XML based
configuration of IIS7 – Integrated managed
pipeline– Supports SSL
Public InternetPublic Internet
Web RoleWeb RoleLoad
Balancer
Worker RoleWorker Role
• No inbound network connections
• Can read requests from queue in storage
Storage ServiceStorage Service
Public InternetPublic Internet
Worker Role
Worker Role
• Every role has access to APIs for common functionality needed for services– Read configuration setting values– Write messages to set
of standard logging streams• “Printf” sitting on top of a lot of plumbing
so logs are downloadable and archived easily• Critical messages generate live alerts
– Get access to unreliable local storage for caching
• Defines interface for worker role
Service Runtime APIService Runtime API
RoleEntryPoint For Worker RoleRoleEntryPoint For Worker Role
public abstract class RoleEntryPoint { //Constructors protected RoleEntryPoint(); //Methods … public abstract RoleStatus
GetHealthStatus(); public abstract void Start(); … } public enum RoleStatus { Healthy …, Unhealthy, … }
• Blobs – provide a simple interface for storing named files along with metadata for the file
• Tables – provide structured storage. A table is a set of entities, which contain a set of properties
• Queues – provide reliable storage and delivery of messages for an application
Windows Azure Storage Windows Azure Storage AbstractionsAbstractions
Block
Blob Storage ConceptsBlob Storage ConceptsKey concepts account, container, blob, and blocksKey concepts account, container, blob, and blocks
BlobContainerAccount
Account
Pictures
IMG001.JPG
IMG002.JPG
Movies MOV1.AVI
Block AAAA
Block AAAB
Block AAAC
Queue Storage ConceptsQueue Storage ConceptsAccount, queue, and messageAccount, queue, and message
MessageQueueAccount
Account
Thumbnail Jobs
128x128, http…//:
256x256, http…//:
Indexing Jobs
http…//:
http…//:
Table Storage ConceptsTable Storage ConceptsAccount, table, and entityAccount, table, and entity
EntityTableAccount
Account
Users
Name=…hash…=
Name=…hash…=
PhotoIndex
Tag=…id…=
Tag=…,id…=
• Every table has a partition key– It is the first property (column) of your table– All entities in a table with the same partition key value
live in the same partition • Need to choose partitioning scheme to make data
access scalable
Partition Key and PartitionPartition Key and Partition
DEMODEMOBuilding your first application
SummarySummary
• The hosting problem• Windows azure platform enables you to
concentrate on your business logic • A new programming model
– Web role – Worker role– Blobs, Tables and queues
Additional ResourcesAdditional Resources
• www.azure.com• http://www.microsoftpdc.com/
© 2008 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.
The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after
the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
