Windows Azure Design Patterns

David PallmannGM Custom App Dev, Neudesichttp://davidpallmann.blogspot.com@davidpallmann

1. General Cloud Computing Patterns2. Patterns in the Windows Azure platform Compute Storage Relational Database Communication Security Network3. Cloud application patterns discussionDiscussion / Q & A

General Pu Pr Hy Ia Pa Sa Ps SuCompute Ro In We Wo Vr Lb Ep Ei CaStorage Bl Co Qm Qu Ta En Pk Rk Ep DB Ds Db Rd Re Sg Sh Fr Fm Comm Sb Sq To Su FiNetwork Vn Rg Mg Cd Tm Rl Rf RdSecurity Ip Rp Ts Tk Cl Ra

Cloud Types Cloud Levels of Use PlatformPu Pr Hy Ia Pa Sa Ps SuPUBLIC PRIVATE HYBRID INFRASTR. PLATFORM SOFTWARE PLATFORM SUBSCRIP-CLOUD CLOUD CLOUD AS A SVCE AS A SVCE AS A SVCE SERVICE TION

Pu Pr HyPublic Cloud Private Cloud Hybrid Cloud

PuAdvanced data center, global presence PUBLIC CLOUDOn-demand, elastic scale, well-managedMulti-tenant, consumption-based pricing

PrOn-premises virtualization infrastructure PRIVATE CLOUDShares some characteristics of public cloudUpcoming Windows Server 8 is able to virtuallypool and allocate compute, storage, networkresources in a multi-tenant fashion YOUR CLOUD INFRASTRUCTURE

HyConnect public cloud with private cloud HYBRID CLOUDIntegrate via VPN or other means CLOUD VENDOR INFRASTRUCTURE YOUR CLOUD INFRASTRUCTURE

Ia Pa Sa INFRASTR. PLATFORM SOFTWARE AS A SVCE AS A SVCE AS A SVCE IaaS PaaS SaaSRaw Virtual Resources App Services Platform Just Use It“Bring Your Own VM“ “Bring Your Own App” “Bring Your Own User”

PsService provided by the cloud platform PLATFORM SERVICECompute Service Run your software in the cloud data center Most intimate level of cloud computing Other services generally usable in-cloud or on-premRESTful Services Most cloud services use HTTP REST Storage, Communication, Management, …Interop Services Use a specific protocol for interop / compatibility Example: SQL Azure Database (TDS protocol)

SuOngoing billing arrangement SUBSCRIP- TIONConsumption-basedServices used have pricing metersTypes Month-to-month Term subscription Negotiated termsMonth-to-month is easy entry / easy exitwithout residual obligationsTerm or negotiated subscriptions can get you adiscount in exchange for a commitment

Ps Compute Service SQL Azure Reporting PLATFORM SERVICES Storage Service Cache Service Blob Storage Service Bus Queue Storage Access Control Service Table Storage Windows Azure Traffic Manager SQL Azure Database SQL Azure Data Sync Service DataMarket SQL Azure Import Export Service CDN Windows Azure Connect

Df DuFault domain FAULT UPGRADE DOMAIN DOMAIN Spreads out your redundant servers / storage across the data center so a large failure doesn’t take out all of your resourcesUpgrade domain How patches or application updates are applied Upgrades parts of your application in sequence (“red black pattern”) to maintain availability

Fault Domain 1 Fault Domain 2 Fault Domain 3UpgradeDomain 1 Role A Role B Role C Instance 1 Instance 2 Instance 3UpgradeDomain 2 Role B Role C Role A Instance 1 Instance 2 Instance 3UpgradeDomain 3 Role C Role A Role B Instance 1 Instance 2 Instance 3

Roles Endpoints Cache Ro In We Wo Vr Lb Ep Ei Ca ROLE INSTANCE WEB WORKER VM LOAD INPUT INTERNAL CACHE ROLE ROLE ROLE BALANCER ENDPOINT ENDPONIT SERVICE

HsYour app, hosted in Compute serviceConsists of one or more tiers (“roles”)Production & Staging deployment slots Subscription Windows Azure Hosted Service Project Regional Data Center Production Staging Deployment Deployment Slot Slot

Ro InRole: a tier of your app (VM farm) ROLE INSTANCEInstance: VM, member of a role (5 sizes)Role has one or more instances (2+ for SLA)VM instances are volatile, roles are sturdy(like ants : colony or soldiers : army, you can lose anindividual but the organization survives) VM VM VM VM VM

We Wo Vr WEB WORKER VM ROLE ROLE ROLE Web Role Worker Role VM Role Web Container General-purpose Container VM Image Configured with Configured with You prepare a VMWindows Server, IIS & Windows Servera public LB endpoint Upload your app Upload your app Upload a full VM PaaS PaaS IaaS Managed Managed You Manage Auto patched Auto patched No auto-patching

Lb Ep EiAllows access to a role LOAD INPUT INTERNAL BALANCER ENDPOINT ENDPOINTLoad balancer: round-robinInput (public) endpoint: public, load-balancedInternal endpoint: only accessible by cloud app VM VM VM VM VM

Dp DiPaas Deployment IaaS Deployment PAAS DEPLOYMENT IAAS DEPLOYMENT Compute Service Compute Service HOSTED HOSTED SERVICE SERVICE APPLICATION SERVICE SERVICE CUSTOM VM RUNTIME METADATA METADATA IMAGE FILES

Web Role Compute Tier Worker Role Compute Tier VM VMPublic Endpoint VM VM Queue VM VM

CaCache Service CACHE SERVICEDistributed Memory CacheAvailable in different sizesSame programming model as Windows Server Cache(“Velocity”)

Attendee Bee Conference AppHTML5/Mobile ASP.NET/MVC web sitehosted in a Web Role

Blob Storage Queue Storage Table Storage Bl Co Qm Qu Ta En Pk Rk Ep BLOB CONTAINER QUEUE QUEUE TABLE ENTITY PARTITION ROW ENTITY MESSAGE KEY KEY PROPERTY

Ratio of primitive : relational data is frequentlyhigher in the cloudCheap: pennies per gigabyte/moScale: no practical size limitSimple: less complexity / overheadLighter: optimistic concurrencyTrendy: fueled by trends in cloud / mobile arch/& movements like NoSQL

Bl Qu Ta BLOB QUEUE TABLE Blob Storage Queue Storage Table Storage File-like Simple queues Big, cheap tablesUse for anything you For queuing task Structured data wherewould normally use a messages you don’t need file for relational features

Bl CoBlob: File-like storage BLOB CONTAINERContainer: Holds blobs, like folderName, data, metadataSequential/streamed accessSimple put/get operationsData stored with redundancyProvides persistence for VMsDirectly reference blobs as URIs2 kinds of blobs:block (sequential), page (random)

Qu QmQueue: holds messages QUEUE QUEUE MESSAGEMessages small string or XML contentAccess semantics may differ from enterprisequeue technologies you are used toEnterprise reasons to use queues also apply inthe cloudCan use queues to load-balance workersCan use queues to coordinate work across rolesStrict FIFO not guaranteed due to queuesemantics

Ta EnBig, cheap data tables TABLE ENTITYSimple record-oriented storageTable: hold entities (records)Entity: contains properties (fields)Does not enforce a schemaNo relational featuresPartition Key + Row Key = a unique key En : Pk Rk Ep Ep Ep ENTITY PARTITION ROW ENTITY ENTITY ENTITY KEY KEY PROPERTY PROPERTY PROPERTY

MEDIA CONTAINER 20 GB CONTACTS TABLE 1000 40 40 COUNTRY (PK)IMAGES VIDEO XML CUSTOMER ID (RK) LAST NAME FIRST NAME STREET CITY STATE POSTAL PHONE ORDER QUEUE EMAIL WEB PHONE ORDERS ORDERS

AttendeeBee Conference AppBlob & Table Storage

Database Reporting Data Sync Federation Service Service Service Db Db Rd Re Sg Sh Fr FmDATABASE DATABASE REPORT REPORT SYNC SYNC FEDERATION FEDERATION SERVER DEFINITION ENDPOINT GROUP HUB ROOT MEMBER

Db Rs DATABASE REPORT SERVICE SERVICESql Azure Database Sql Azure Reporting Database Service Reporting Service Sy Fr SYNC FEDERATION SERVICE SERVICESQL Azure Data Sync Sql Azure FederationsSynchronization Service Database Federation Service

Ds DbRelational DB as a service DATABASE DATABASE SERVEROne master and two replicants, auto failoverPhysical management handled for youHas most SQL Server features but not allSize limit of 150GBDatabase Server: virtual DB server (actually 3)Database: database contained in a DB server

Rd ReDB reporting as a service REPORT REPORT DEFINITION ENDPOINTSimilar experience to SSRSSource is SQL Azure DatabaseUse BIDS to create reports, RDF formatRd: report definitionRe: web-accessible reporting endpoint

Sg Sh1-way or bi-directional syncing SYNC GROUP SYNC HUBSQL Azure to SQL AzureSQL Azure to SQL ServerHub and spoke model: all syncing is to and/orfrom the hub SQL Azure databaseCan trigger a sync manually or scheduleSync: Synchronization operationSync group: Defines group of DBs for syncingSync hub: the hub of the sync group

Fr FmDatabase federation FEDERATION FEDERATION ROOT MEMBERPartition or shard to multiple databases, have a“federation database” that looks like one DBFederation Root: federation root databaseFederation Member: member database

Accessing & Managinga SQL Azure Database

Service Bus Service Bus QueuesSb Sq To Su FiSERVICE SERVICE BUS TOPIC SUBSCRIP- FILTER BUS QUEUE TION

SbUsing the cloud as a SERVICE BUScommunication relayNavigates NATs, firewalls, proxies wellSupports client-service, eventing/pub-submessaging patternsVolatile (best effort) messaging

SqService Bus Queue: Durable messaging SERVICE BUS QUEUETopic: publish point for durablemessaging ToSubscription: receiver of durable TOPICmessagingFilter : criteria on which messages to Sureceive SUBSCRIP- TION Fi FILTER

T-Shirt WorldUsing a Service Bus Queue toRelay Orders for Processing

VPN Connection CDN Traffic Manager Vn Rg Mg Cd Tm Rl Rf Rd VIRTUAL ROLE MACHINE CONTENT TRAFFIC LOCALE-BASED FAILOVER DISTRIBUTEDNETWORK GROUP GROUP DELIVERY MANAGER ROUTING ROUTING ROUTING NETWORK

VnWindows Azure Connect VIRTUAL NETWORKVirtual Network: VPN connectionbetween cloud and on-prem machines RgRole Group: indicates which roles are ROLE GROUPmembers of a virtual networkMachine Group: indicates which on- Mgprem machines are members of a virtual MACHINEnetwork GROUP

WEB ROLE 3S S SSQL SERVER DATABASE

CdContent Delivery Network CONTENT DELIVERYCDN: Utilizes worldwide network of 24+ NETWORKedge server to deliver content efficientlyOften used for mediaLocale-directed DNS goes to nearestnode to serve up cached contentContent sources from blob storage oryour hosted service

TmWindows Azure Traffic Manager TRAFFIC MANAGERTraffic Manager: Routes DNS access toyour hosted service to one of several Rlpossible deployments based on rules LOCALE-BASED ROUTINELocale-based Routing: route to adeployment based on locale RfFailover Routing: route to a secondary if FAILOVERprimary is not healthy (via a heartbeat) ROUTINGDistributed Routing: route based on a Rddesired distribution across data centers DISTRIBUTED ROUTING

Claims-based Security Ip Rp Ts Tk Cl RaIDENTITY RELYING SECURITY TOKEN CLAIM REDIRECTEDPROVIDER PARTY TOKEN AUTHENTICATION SERVICE

IpModern way to do AuthN/AuthZ IDENTITY PROVIDERUse with web identity, domain identityIdentity Provider: Party providing Rpsecurity token with claims RELYING PARTYRelying Party: application that wants toauthenticate/authorize user TsSecurity Token Service: how SECURITY TOKENapplication/user authenticates SERVICE(interactively or programmatically) RaRedirected Authentication: user visits REDIRECTEDapp, user redirected to STS to sign in, AUTHENTICATIONredirected back to app with token

GooglWindows Azure e ACS Yaho RP o! WEB ROLE 2+ S S Live ID

Windows Azure WEB ROLE 2+ S S RPEnterprise ADF S AD

Can “load balance” back end of worker rolesusing queues Queue Worker Role

Web RoleFront end cansubmit tasks for theback endBoth front end andback end can bescaled toaccommodate load Q Worker Role

WEB FARM CQRS-READS RELATIONAL DATACommand/QueryResponsibilitySegregation PUBLIC CLOUD CLUSTERED / PARTITIONED DBBest for large WEB FARM CQRS-WRITES NON-RELATIONAL DATAimplementationsSeparate read& write FILES, QUEUESYou probably don’t do the same amount of eachTake advantage of lightweight read mechanismsSafer – avoid accidental updates/deletes

HETEROGENEOUS FRONT END DECENTRALIZED BACK END Platform DESKTOP Application Services BROWSER CLOUD Business Data Stores Services TABLET Identity IP Directories Services PHONE PARTNER Partner Data Stores Services

Attendee Bee Conference AppOpen, Mobile, Global, & Social

General Pu Pr Hy Ia Pa Sa Ps SuCompute Ro In We Wo Vr Lb Ep Ei CaStorage Bl Co Qm Qu Ta En Pk Rk Ep DB Ds Db Rd Re Sg Sh Fr Fm Comm Sb Sq To Su FiNetwork Vn Rg Mg Cd Tm Rl Rf RdSecurity Ip Rp Ts Tk Cl Ra

Thanks!David PallmannGM Custom App Dev, Neudesichttp://davidpallmann.blogspot.com@davidpallmann

http://davidpallmann.blogspot.com	746
http://davidpallmann.blogspot.in	68
http://davidpallmann.blogspot.com.au	17
http://davidpallmann.blogspot.de	14
http://davidpallmann.blogspot.co.uk	6
http://davidpallmann.blogspot.fr	5
http://davidpallmann.blogspot.com.es	2
http://davidpallmann.blogspot.ca	2
http://davidpallmann.blogspot.se	2
http://davidpallmann.blogspot.com.br	2
http://reader.googleusercontent.com	2
http://translate.googleusercontent.com	2
http://us-w1.rockmelt.com	2
http://davidpallmann.blogspot.co.nz	2
http://davidpallmann.blogspot.com.ar	2
http://michaelcollier.wordpress.com	1
http://www.brijj.com	1
http://webcache.googleusercontent.com	1
http://davidpallmann.blogspot.it	1

Windows Azure Design Patterns

by David Pallmann on Feb 01, 2012

Accessibility

Categories

Tags

Upload Details

Usage Rights

19 Embeds 878

Statistics

Windows Azure Design Patterns — Presentation Transcript