Windows Azure Platform

Windows Azure Platform
David Chou
david.chou@microsoft.com
blogs.msdn.com/dachou

Private
(On-Premise)
Infrastructure
(as a Service)
Platform
(as a Service)
Types of Clouds
You manage
Applications
Applications
Applications
You manage
Runtimes
Runtimes
Runtimes
Security & Integration
Managed by vendor
Databases
Databases
Databases
You manage
Servers
Servers
Servers
Managed by vendor
Virtualization
Virtualization
Virtualization
Server HW
Server HW
Server HW
Storage
Storage
Storage
Networking
Networking
Networking

Private
(On-Premise)
Types of Clouds
Infrastructure
(as a Service)
Platform
(as a Service)

Scalability & Availability
Consistency & Control
Private Cloud
(on-premise)
Public Cloud
(off-premise)
Real-Time Performance
Redundancy & Resiliency
Global Reach
Security & Privacy
Customizability
Ease of Provisioning
Abstract Resources
Physical Resources
A Hybrid World
Homogeneity
Heterogeneity

The Microsoft Cloud
~100 Globally Distributed Data Centers
Quincy, WA
Chicago, IL
San Antonio, TX
Dublin, Ireland
Generation 4 DCs

Categories of Services
Application Services
Software Services
Platform Services
Infrastructure Services
The Microsoft Cloud

Web and Clouds
Developer Experience
Third party Cloud
Web applications
Use existing skills and tools.
Compute
Storage
Management
Management
Relational data
Connectivity
Access control
On-premises
Composite applications
LOB Applications

Internet-scale, highly available cloud fabric
Globally distributed Microsoft data centers (ISO/IEC 27001:2005 and SAS 70 Type I and Type II certified)
Consumption and usage-based pricing; enterprise-class SLA commitment
Compute– auto-provisioning 64-bit application containers in Windows Server VMs; supports a wide range of application models
Storage– highly available distributed table, blob, queue, & cache storage services
Languages– .NET 3.5 (C#, VB.NET, etc.), IronRuby, IronPython, PHP, Java, native Win32 code
Data – massively scalable & highly consistent distributed relational database; geo-replication and geo-location of data
Processing – relational queries, search, reporting, analytics on structured, semi-structured, and unstructured data
Integration – synchronization and replication with on-premise databases, other data sources
Service Bus – connectivity to on-premises applications; secure, federated fire-wall friendly Web services messaging intermediary; durable & discoverable queues
Access Control – rules-driven federated identity; AD federation; claims-based authorization
Workflows – declarative service orchestrations via REST-based activities

Pricing
Compute
$0.12 / CPU hour
Storage
$0.15 / GB / month
$0.01 / 10k transactions / month
Bandwidth
$0.10 in / GB
$0.15 out / GB
Web Edition (1GB)
$9.99 / month
Business Edition (10GB)
$99.99 / month
Bandwidth
$0.10 in / GB
$0.15 out / GB
Service Bus
$0.15 / 100k messages
Access Control
$0.15 / 100k tokens
Bandwidth
$0.10 in / GB
$0.15 out / GB
Virtual Machine instances
Load balancers, routers, etc.
Automated service management
Fabric controller operations (deploy/upgrade/delete/scale)
Load balancer programming
Blob Storage
Table Storage
Multiple replicas
Ingress/Egress (to/from internet only)

Storage servicewill be available/ reachable (connectivity)
Your storage requests willbe processed successfully
.NET Service Bus endpoint willhave external connectivity
Message operation requests willbe processed successfully
Serviceavailability
Storage availability
Database availability
Role instance monitoring and restart
Compute connectivity
Your service is connected and reachable via web
Internet facing roles will have external connectivity
Database is connected to the internet gateway
Availability monitoring every 5-minute interval
All runningroles will be continuously monitored
If role is unhealthy, we will detect and initiate corrective state
Automated Systems Management
>99.9%
>99.95%
>99.9%
>99.9%
Service Guarantee

Benefits
BUSINESS
DEMANDS
TECHOLOGYDEMANDS
WINDOWS AZURE PLATFORM OFFERS
Cost-effective solution to manage IT resources
Less infrastructure to buy/configure and support
Lower TCO
Predictable cost
Focus on delivering compelling software not on managing infrastructure
Monetize new offering quickly without investment in billing and other enablement technologies.

Speed of development
Interoperability
Leverage existing IP
Simplified deployment
Scale up or down as business needs change
Go to market faster
Reliable service
SLAs
Security
Global data centers
Lower costs
Efficiency
Stay Competitive
Innovation
Generate New Revenue Quickly
Agility
Reduced
Risk
Reliability

Platform of Choice

Sign up at the Windows Azure Platform developers’ portal
Windows Azure access
Developer tools
White papers
Sample applications
Plan pilot applications, proofs of concept, and architectural design sessions with Windows Azure partners
http://www.azure.com

Application Architecture

Application Models
Web Hosting
Massive scale infrastructure
Burst & overflow capacity
Temporary, ad-hoc sites
Application Hosting
On-premise extensions
Composite applications
Automated agents / jobs
Media Hosting & Processing
CGI rendering
Content transcoding
Media streaming
Distributed Storage
External backup and storage
High performance computing
Parallel & distributed processing
Massive modeling & simulation
Advanced analytics
Information Sharing
Common data repositories
Reference data
Knowledge discovery & mgmt
Collaborative Processes
Multi-enterprise integration
B2B& e-commerce
Supply chain management
Health & life sciences
Domain-specific services

Internet-Scale Application Architecture
Design
Horizontal scaling
Service-oriented composition
Eventual consistency
Fault tolerant (expect failures)
Security
Claims-based authentication & access control
Federated identity
Data encryption & key mgmt.
Management
Policy-driven automation
Aware of application lifecycles
Handle dynamic data schema and configuration changes
Data & Content
De-normalization
Logical partitioning
Distributed in-memory cache
Diverse data storage options (persistent & transient, relational & unstructured, text & binary, read & write, etc.)
Processes
Loosely coupled components
Parallel & distributed processing
Asynchronous distributed communication
Idempotent (handle duplicity)
Isolation (separation of concerns)

Presentation
ASP.NET C#, PHP, Java
Internet-Scale Application Architecture
Services
.NET C#, Java, native code
Asynchronous processes
Distributed parallel processes
Transient file storage
Connectivity
Message queues
Service orchestrations
Identity federation
Claims-based access control
External services connectivity
SERVICE BUS
ACCESS CONTROL
WORK
FLOWS
Storage
Relational & transactional data
Federated databases
Unstructured, de-normalized data
Logical partitioning
Persistent file & blob storage
Encrypted storage

Application Patterns
Cloud Web Application
User
Silverlight
Application
Web Browser
Mobile
Browser
WPF
Application
ASP.NET
(Web Role)
Web Svc
(Web Role)
Jobs
(Worker Role)
ASP.NET
(Web Role)
ASP.NET
(Web Role)
ASP.NET
(Web Role)
ASP.NET
(Web Role)
ASP.NET
(Web Role)
ASP.NET
(Web Role)
Private Cloud
Public Cloud Services
ASP.NET
(Web Role)
ASP.NET
(Web Role)
ASP.NET
(Web Role)
ASP.NET
(Web Role)
ASP.NET
(Web Role)
ASP.NET
(Web Role)
Enterprise Application
Application
Service
Enterprise Web Svc
Data
Service
Table Storage
Service
Blob Storage
Service
Queue
Service
Enterprise Data
Storage
Service
Identity
Service
Enterprise Identity
Service Bus
Access Control Service
Workflow
Service
User
Data
Application
Data
Reference Data

Composite Services Application
User
Silverlight
Application
Web Browser
Mobile
Browser
WPF
Application
ASP.NET
(Web Role)
Web Svc
(Web Role)
Jobs
(Worker Role)
ASP.NET
(Web Role)
ASP.NET
(Web Role)
ASP.NET
(Web Role)
ASP.NET
(Web Role)
ASP.NET
(Web Role)
ASP.NET
(Web Role)
Private Cloud
Public Services
ASP.NET
(Web Role)
ASP.NET
(Web Role)
ASP.NET
(Web Role)
ASP.NET
(Web Role)
ASP.NET
(Web Role)
ASP.NET
(Web Role)
Application
Service
Enterprise Web Svc
Data
Service
Table Storage
Service
Blob Storage
Service
Queue
Service
Enterprise Data
Storage
Service
Identity
Service
Enterprise Identity
Service Bus
Workflow
Service
User
Data
Application Data
Reference Data

Cloud Agent Application
User
Silverlight
Application
Web Browser
Mobile
Browser
WPF
Application
ASP.NET
(Web Role)
Web Svc
(Web Role)
Jobs
(Worker Role)
ASP.NET
(Web Role)
ASP.NET
(Web Role)
ASP.NET
(Web Role)
ASP.NET
(Web Role)
ASP.NET
(Web Role)
ASP.NET
(Web Role)
Private Cloud
Public Services
ASP.NET
(Web Role)
ASP.NET
(Web Role)
ASP.NET
(Web Role)
ASP.NET
(Web Role)
ASP.NET
(Web Role)
ASP.NET
(Web Role)
Application
Service
Enterprise Web Svc
Data
Service
Table Storage
Service
Blob Storage
Service
Queue
Service
Enterprise Data
Storage
Service
Identity
Service
Enterprise Identity
Service Bus
Workflow
Service
User
Data
Application Data
Reference Data

B2B Integration Application
User
Silverlight
Application
Web Browser
Mobile
Browser
WPF
Application
ASP.NET
(Web Role)
Web Svc
(Web Role)
Jobs
(Worker Role)
ASP.NET
(Web Role)
ASP.NET
(Web Role)
ASP.NET
(Web Role)
ASP.NET
(Web Role)
ASP.NET
(Web Role)
ASP.NET
(Web Role)
Private Cloud
Public Services
ASP.NET
(Web Role)
ASP.NET
(Web Role)
ASP.NET
(Web Role)
ASP.NET
(Web Role)
ASP.NET
(Web Role)
ASP.NET
(Web Role)
Application
Service
Enterprise Web Svc
Data
Service
Table Storage
Service
Blob Storage
Service
Queue
Service
Enterprise Data
Storage
Service
Identity
Service
Enterprise Identity
Service Bus
Workflow
Service
User
Data
Application Data
Reference Data

Grid / Parallel Computing Application
User
Silverlight
Application
Web Browser
Mobile
Browser
WPF
Application
ASP.NET
(Web Role)
Web Svc
(Web Role)
Jobs
(Worker Role)
ASP.NET
(Web Role)
ASP.NET
(Web Role)
ASP.NET
(Web Role)
ASP.NET
(Web Role)
ASP.NET
(Web Role)
ASP.NET
(Web Role)
Private Cloud
Public Services
ASP.NET
(Web Role)
ASP.NET
(Web Role)
ASP.NET
(Web Role)
ASP.NET
(Web Role)
ASP.NET
(Web Role)
ASP.NET
(Web Role)
Application
Service
Enterprise Web Svc
Data
Service
Table Storage
Service
Blob Storage
Service
Queue
Service
Enterprise Data
Storage
Service
Identity
Service
Enterprise Identity
Service Bus
Workflow
Service
User
Data
Application Data
Reference Data

Hybrid Enterprise Application
User
Silverlight
Application
Web Browser
Mobile
Browser
WPF
Application
ASP.NET
(Web Role)
Web Svc
(Web Role)
Jobs
(Worker Role)
ASP.NET
(Web Role)
ASP.NET
(Web Role)
ASP.NET
(Web Role)
ASP.NET
(Web Role)
ASP.NET
(Web Role)
ASP.NET
(Web Role)
Private Cloud
Public Services
ASP.NET
(Web Role)
ASP.NET
(Web Role)
ASP.NET
(Web Role)
ASP.NET
(Web Role)
ASP.NET
(Web Role)
ASP.NET
(Web Role)
Application
Service
Enterprise Web Svc
Data
Service
Table Storage
Service
Blob Storage
Service
Queue
Service
Enterprise Data
Storage
Service
Identity
Service
Enterprise Identity
Service Bus
Workflow
Service
User
Data
Application Data
Reference Data

BUSINESSES
CONSUMERS
INTERNET
Windows Azure Architecture

Fabric
Fabric controller
Compute
Storage
The Fabric Controller communicates with every server within the Fabric. It manages Windows Azure, monitors every application, decides where new applications should run – optimizing hardware utilization.

The Fabric Controller automates load balancing and computes resource scaling
Security and Control Features include storage encryption, access authentication, and over-the-wire encryption using HTTPS. Industry certification is part of the Windows Azure roadmap.
Computation provides application scalability. Developers can build a combination of web and worker roles. Those roles can be replicated as needed to scale the applications and computational processing power.
Storage Services allow customers to scale to store large amounts of data – in any format – for any length of time, only paying for what they use or store.
Geographically distributed, state-of-the-art data centers host your applications and data, internet-accessible from everywhere you choose to allow.

Interacts with a “Fabric Agent” on each machine
Monitors every VM, application and instance
Performs load balancing, check pointing and recovery
Fabric Controller

Compute
GOAL:
SCALABILITY
Two instance types: Web Role & Worker Role
Windows Azure applications are built with
web role instances, worker role instances,
or a combination of both.
Scale out by replicating worker instances as needed.
Allow applications to scale
user and compute processing independently.
Each instance runs on its own VM (virtual machine), replicated as needed

Storage
GOAL:
SCALABLE, DURABLE STORAGE
Tables: simply structured data, accessed using ADO.NET Data Services
Queues: serially accessed messages or requests, allowing web-roles and worker-roles to interact
Blobs: large, unstructured data (audio, video, etc)
Windows Azure storage is an application managed by the Fabric Controller
Windows Azure applications can use native storage or SQL Azure
Application state is kept in storage services, so worker roles can replicate as needed

Services Management
GOAL:
AUTOMATED APPLICATION MANAGEMENT AND CONTROL
Fabric
The Fabric Controller automates service management

SQL Server
SQL Server on-premises
Resource governance @ machine
Security @ SQL Server/OS
Roll-your-own HA/DR/scale
Dedicated
Hosted RDBMS
Hosted SQL Server
Resource governance @ VM
Security @ SQL Server/OS
Roll-your-own HA/DR/scale
SQL Azure Database (RDBMS)
Resources
Virtual DB server
Logical user database (LUDB)
Resource governance @ LUDB
Security @LUDB
Shared
Low
High
“Friction”/Control
Value Propositions :
XSPs, Server Ops
SQL CLR
100% compatibility
Value Propositions:
Auto HA, Fault-Tolerance
Friction-free scale
Self-provisioning
High compatibility
Value Propositions :
Full h/w control – size/scale
100% compatibility
Data Storage Options

SQL Azure Architecture
Simple storage and hosted RDBMS
Flexible access to data in the cloud
Create client applications that access data in the cloud via TDS – just like on-premise SQL Server
Create cloud-based Web applications in Azure that use standard SQLClient libraries with ADO.NET
Create cloud-based REST data interfaces in Azure with ADO.NET Data Services and the Entity Framework
Low friction data storage provisioning
Web interface for simple, database provisioning
Scale seamlessly as needed
Self-managing data center
Automated maintenance
Built in high-availability and data recoverability
ODBC, OLEDB, ADO.Net PHP, Ruby, …
BrowserApplication
Application
Application
REST Client
SQL Client*
Cloud
REST(Astoria)
ADO.Net +EF
HTTP+REST
HTTP
TDS
Windows Azure
Web App
SQL Client*
Data Center
TDS + TSQL Model
SQL Azure
* Client access enabled using TDS for ODBC, ADO.Net, OLEDB, PHP-SQL, Ruby, …

Goal: A storage platform built for extreme scale and low cost
Architecture:
An Azure account provides access to SQL Azure
Each account can have one or more logical server
Implemented as multiple physical servers within a given geo-location
Each logical server can contain one or more logical database
Implemented as replicated partitioned data across multiple physical databases
Account
Azure wide
Billing instrument
Has one or more
Server
Database metadata
Unit of authorization
Unit of geo-location
Has one or more
Database
Unit of consistency
Contains Users, Tables, Views, etc…
Data Platform Design

Uses shared infrastructure at SQL database and below
Each user database is replicated to one or more servers (configurable based on SLA)
Client requests are routed to current “primary server” for read and write operations (based on SQL session)
Security, lockdown and isolation enforced in SQL tier
Highly scalable and state-of-the-art HA technology
Automatic failure detection; client request re-routed to new primary on failure
High SLA guarantee using logical replication (hot standby replicas)
Automatic management, self-healing and load balancing across shared resource pool
SQL Azure Database provides provisioning, metering and billing infrastructure
Machine 5
Machine 6
Machine 4
SQL Instance
SQL Instance
SQL Instance
SQL DB
SQL DB
SQL DB
UserDB1
UserDB2
UserDB3
UserDB4
UserDB1
UserDB2
UserDB3
UserDB4
UserDB1
UserDB2
UserDB3
UserDB4
Scalability and Availability: Fabric, Failover, Replication, and Load balancing
SQL Azure Database Provisioning (databases, accounts, roles, …, Metering, and Billing
DBA role will change to focus on policy/logical management
Logical User Databases

Security
Uses regular SQL security model
Authenticate logins, map to users and roles
Authorize users and roles to SQL objects
Supports standard SQL logins
Logins are username + password strings
Service enforces use of SSL to secure credentials
Future support for AD Federation, WLID, etc as alternate authentication protocols
Connections
Connect using common client libraries
ADO.NET, OLE DB, ODBC, etc.
Clients connect to a database directly
Cannot hop across DBs
Large surface of SQL supported within the database boundary
Future work will relax many of these constraints
Security and Connection Models

Account and server provisioning
Portal and API based access
Ex: enumerate my servers, show server usage metrics, etc
Each account has one or more servers
Ex: srv123.data.database.windows.net
Each server has a virtual master database
Has subset of SQL Server master DB interface
Each server has one or more SQL logins
System creates sysadmin login on “server creation”
Databases created using “CREATE DATABASE”
Can be called by sysadmin or anyone with create DB permission
*
*
Provisioning Model

SQL Server has many patterns for accomplishing tasks
SQL Azure Database supports a subset of full SQL Server patterns
Focus on logical and policy based administration
Patterns work in both SQL Azure Database and SQL Server
Enables migration of on-premise application to/from SQL Azure
SQL Azure Database is a multi-tenant service
Throttling and load balancing policies
Examples: limit on DB size, duration of transaction, …
In Scope for v1
Out of Scope for v1
CLR
Service Broker
Distributed Transactions
Distributed Query
Spatial
All server level DDL
All physical DDL and physical catalog views
Create/Alter/Drop on Database/Index/View
Stored Procedures (Transact-SQL)
Triggers
Constraints
Table variables, session temp tables (#t)
+ lots of others
SQL Server Compatibility

Departmental Applications
Web Applications
Departmental workgroup applications with low concurrency and cyclical usage patterns
Small customers or start ups with Web applications of all scale that have simple RDBMS needs
Data Hubs
ISV/SaaS Offerings
Secure data hubs that consolidate multiple data sources and enable access from multiple locations and devices
Traditional ISVs extending offering or selling software hosted in the cloud (including SaaS ISVs)
Application Scenarios

Common patterns and problems
Service Bus
Access Control
How can you use cloud services to connect apps and services across deployment locations?
Bridge cloud, on-premises, and hosted assets
Navigate network and security boundaries, securely and simply
Handle identity and access across organizations and ID providers
Interoperate across languages, platforms, standards
Perform protocol mediation and schema mapping
Customers need a way to:

.NET Services provides solutionsfor developers facing those problems
Service Bus
Connect Endpoints
firewall
firewall
NAT
0101 0111 0011 0111
0101 0111 0011 0111
0101 0111 0011 0111
0101 0111 0011 0111
Your app
Customer/partner app

.NET Services provides solutionsfor developers facing those problems
Control Access
3. Map input claims
to output claims
1. Define access control rules for a customer
4. Token
0. periodic cert exchange
2. Claims
6. Check claims
5. Msg w/token
Your app
Customer/partner users & apps

Private Network Space
Service Bus: Core Capabilities
Internet-scoped overlay-network bridging across IP NATs and Firewalls with federated access control
Network Listen/Send from any Internet-Connected Device
Internet-scoped, per-endpoint Naming and Discovery
NAT/FW Traversal via TCP, TCP/Direct, and HTTP Web Streams
Internet Space
B
C
D
A
ACS
ACS
ACS
ACS
ACS

Transfer raw and structured data allowing for any common shape of communication
Raw Data, Text, XML, JSON, …
Datagrams, Sessions, Correlated Messages
Unicast, Multicast
A
B
Octet-Streams
Text
…
JSON
XML
…
A
B
SOAP
XML-RPC
…
A
B

Built-In messaging primitives for temporally decoupled communication, routing, and message processing
Push/Pull translation for occasionally connected receivers
Publish/subscribe and message processing (after V1)
Push
Pull
B
A
B
A
C
D
E
Push
Push

Pattern: Notification Fan-Out(Sessionless Unicast or Multicast Datagrams)
Windows Azure, Datacenter, Hosting, Amazon EC2, Google App Engine
“Worker Role” App Instance
AppInstance
ACS
ACS
ACS
ACS
unicast
ACS
ACS
ACS
unicast
multicast
Client
Client
Client
Client
Client
Client
NATs
ACS
ACS

Pattern: REST Resource Management(Request/Response HTTP/HTTPS w/ arbitrary payloads)
Windows Azure, Datacenter, Hosting, Amazon EC2, Google App Engine
Storage
Storage
Storage
AppInstance
AppInstance
AppInstance
ACS
ACS
POST, PUT, DELETE
POST, PUT, DELETE
POSTPUTDELETE
ACS
POST, PUT, DELETE
ACS
ACS
GET
On-Premise App(s)
On-Demand ‘Pull’ Sync
Cache
Continuous ‘Push’ Sync

In-House
Outsourced
Pattern: Document Exchange(session-bound, app-level ack’d document transfers + notifications)
Hosted
ACS
Storage
Storage
Storage
E-CommerceFront
Inventory / ShippingSystem
OrderingSystem
Ready
PO
SO
Shipped
ACS
ACS
Delivered
ACS
ACK
ACK
Hi-Fi Client Experience
Web Client Experience
ACS
Order AcceptedOrder Processed

Pattern: External DMZ(any communication style, secure NAT traversal for TCP & HTTP/S)
Home
Internal Datacenter
Storage
Storage
Storage
Devices
Enterprise App Instance
Home Automation or Home Media Server
Balance / Filter Reverse Proxy
ACS
ACS
ACS
net.tcp/direct
http(s) / net.tcp
Web or Hi-Fi Client Experience
Web or Hi-Fi Client Experience

Pattern: Integrate “Anything”(session-bound, raw-binary transport tunneling)
Windows Azure, Datacenter, Hosting, Amazon EC2 (Windows)
NP Agent
Socket Agent
AppInstance
ASP.NETADO.NET
J2EE, JDBC, JMS
TDSPassthrough
SocketPassthrough
HTTP/HTTPSPassthrough
w/ URI Rewriting
ACS
ACS
On-Premise Data
On-Premise Infra
Apps & Services
NP Bridge
Socket Bridge
HTTP Bridge
Exchange/Mail (SMTP/IMAP)Active Directory (LDAP)System Center (SNMP)…
SQL Server
ERP, CRM, Custom Apps.NET, J2EE, ROR, PHP…

Thank you
david.chou@microsoft.com
blogs.msdn.com/dachou
© 2009 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.
The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

http://digiman89.wordpress.com	93
http://syberdyne.com	81
http://www.slideshare.net	60
http://javabloger.wordpress.com	13
http://www.techgig.com	13
http://paper.li	8
http://simpletone.tech.officelive.com	3
url_unknown	2

Windows Azure Platform

by David Chou on Oct 17, 2009

Accessibility

Categories

Upload Details

Usage Rights

8 Embeds 273

Statistics

Windows Azure Platform Presentation Transcript