CTU June 2011 - Windows Azure App Fabric
Upcoming SlideShare
Loading in...5
×
 

CTU June 2011 - Windows Azure App Fabric

on

  • 2,344 views

 

Statistics

Views

Total Views
2,344
Views on SlideShare
2,192
Embed Views
152

Actions

Likes
0
Downloads
22
Comments
0

6 Embeds 152

http://innovativesingapore.com 103
url_unknown 29
http://spiffy.sg 17
http://www.slideshare.net 1
http://www.spiffy.sg 1
http://spiffy1.capturepagedesigns.com 1

Accessibility

Categories

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment
  • There’s a number of things that I’d like to point out to you before we break into a demo.First, the caching service comes with out-of-the-box ASP.NET providers for both session state and page output caching. This makes it extremely easy to quickly speed up your existing applications by leveraging these providers and updating your web.config files. You can also leverage the local cache, which stores data on the client to speed up access to data retrieved from the Caching service.You can cache any managed object, with no object size limits. Also, when you leverage the local caching option, you won’t pay any serialization costs, as the data will stay on the client. This can make for some extremely fast solutions.You will leverage the exact same APIs you have used with Windows Server AppFabric Caching, which are .NET assemblies. This makes it very easy to get going.The Caching service is secured by the Access Control Service. Through config or at runtime, you simply specific an ACS token that is used for authentication.Finally, as we move towards commercial launch, we’ll add many of the features that make Windows Server AppFabric Caching extremely popular, such as High Availability, which minimizes data loss by persisting the cache, regions for partitioning and co-locating data, the ability to emit notifications to clients when then need to refresh their local cache, and more.
  • Slide ObjectiveExplains the operation of Session state in Windows Azure multi instance rolesSpeaking NotesMust move session state off the Web Role instances In this animationFirst request hits one instanceSubsequent request hits another instanceAt the end of the animation the value of Foo is hard to determine.Is it 1, 2 or null?Will depend on which server the LB routes our request toNotes

CTU June 2011 - Windows Azure App Fabric CTU June 2011 - Windows Azure App Fabric Presentation Transcript

  • A Lap AroundWindows Azure AppFabric
    Wely Lau
    Microsoft MVP, Windows Azure
    “Cloud” Architect, NCS
    Email : wely@ncs.com.sg
    Blog: http://wely-lau.net/
  • Agenda
    Windows Azure Platform In One Slide
    What is Windows Azure AppFabric?
    Identity and Access Control
    Service Bus
    Caching
  • “Windows Azure Platform” In One Slide
    Compute
    Storage
    • Tables
    • Blobs
    • Queues
    Virtual Network
    • Connect
    • Traffic Manager
    Reporting
    Database
    Data Sync
    Access Control
    Service Bus
    Caching
  • Agenda
    Windows Azure Platform In One Slide
    What is Windows Azure AppFabric?
    Identity and Access Control
    Service Bus
    Caching
  • Motivating Challenges
    How do you expose your software to users outside of your organization?
    Can they use their existing identities? Social identities?
    How do you integrate with components outside your corporate network?
    What about smaller, non-enterprise customers?
    How do you reduce latency and increase performance?
    Access Control
    Service Bus
    Caching
  • What is Windows Azure AppFabric?
    Comprehensive building block services / middleware for developing, deploying, and managing app
    Goals
    Extend .NET technologies to the cloud
    Increase developer productivity
    Bridge existing applications to the cloud
    Open and accessible service API
    REST, SOAP, RSS, AtomPub, …
    Class libraries for .NET, Java, PHP, Ruby,
  • Agenda
    Windows Azure Platform In One Slide
    What is Windows Azure AppFabric?
    Identity and Access Control
    Service Bus
    Caching
  • Identity – Stuff to think about
    Login / Federated Login
    Authentication
    Authorization
    Username & Password
    Membership Database
    Identity Providers
    Single Sign On
    Tokens & Its Format
    Security & Certificate
    And the list goes on…
  • Single Identity Approach
    The site is the Identity Provider
    I have 100s of these identities
    “island of identity”
    It’s annoying
  • Using a 3rd party
    Pick a 3rd party, rely on it
    Somewhat limiting, but a step in the right direction
    Typically “claim-based”
  • Claim-based Identity Term Definitions
    Relying Party
    Your application that rely on IdP for authentication and authorization
    Identity Provider (IdP)
    Third party service that will authenticate your users
    Ex: GoogleID, WindowsLiveID, Yahoo!, or even your app
    Claims
    A statement that one subject makes about itself or another subject.
    E.g. : name, email, groups, privilege, etc…
    Security Token
    A piece of token representation of claims that is cryptographically signed by the issuer
    Security Token Service (STS)
    A service that issues claims and packages them in encrypted security tokens
  • Typical Claims-based App Sequence
    Browser
    Identity Provider / STS
    Application (Relying Party)
    1. Request Resource
    2. Redirect to Identity Provider
    4. Authenticate &
    Issue Token
    3. Login
    5. Redirect to Relying Party
    7. Validate
    Token
    6. Send Token to Relying Party
    8. Return resource representation
  • But… I want more IdP…
    I want my user, can log-in with
    Challenges:
    Deal directly with different IdP
    Deal directly with different Security Token Format?
    Deal directly with different Protocol
    Deal directly with different …
    Enterprise
    Active Directory
  • Access Control Service
    Integration SSO and centralized auth into your web
    Hides one layer of abstraction
    Just to deal with ACS, not with many IdP
    Access Control Service
    Your App
    ….
    ADFS 2.0
  • Access Control Website Sequence
    Browser
    Identity Provider / STS
    Access Control
    Application (Relying Party)
    1. Request Resource
    2. Redirect to Identity Provider
    4. Authenticate &
    Issue Token
    3. Login
    5. Redirect to AC service
    7. Validate Token, Run Rules Engine,
    Issue Token
    6. Send Token to ACS
    8. Redirect to RP with ACS Token
    10. Validate
    Token
    9. Send ACS Token to Relying Party
    11. Return resource representation
  • Access Control Features
    Integrates with Windows Identity Foundation and tooling
    Claims-based access control
    Support for OAuth WRAP, WS-Trust, and WS-Federation protocols
    Support for the SAML 1.1, SAML 2.0, and Simple Web Token token formats
    Integrated and customizable Home Realm Discovery
    OData-based Management Service to ACS configuration
  • demo
    Access Control Service- Preparing simple app- Setting up ACS account- Add STS Ref- Security Token Visualizer- Simple Authorization
  • Agenda
    Windows Azure Platform In One Slide
    What is Windows Azure AppFabric?
    Identity and Access Control
    Service Bus
    Caching
  • Service Bus
    Provides secure messaging and connectivity across different network topologies
    Enables hybrid applications that span on-premises and the cloud
    Enables various communication protocols and patterns for developers to engage in reliable messaging
  • … and here’s why this is interesting …
    Existing code, not designed for the cloud
    Things you can’t run in the cloud
    Things you might not want to run in the cloud
  • Enabling hybrid applications
    Datacenter
    Partner
    LOB app
    Mobile Device
    LOB web service
  • Enabling hybrid applications
    Partner
    Datacenter
    ACS
    LOB app
    SB
    Mobile Device
    LOB web service
  • Enabling hybrid applications
    Datacenter
    Partner
    ACS
    LOB app
    SB
    Mobile Device
    LOB web service
  • Enabling hybrid applications
    Datacenter
    Partner
    ACS
    LOB app
    SB
    Mobile Device
    LOB web service
  • Relay
    Relay Connections
    http://{account}.servicebus.windows.net/a/b
    Outbound SSL TCP connection to relay rendezvous endpoint
    Receiver can also listen over
    HTTP to overcome port restrictionson the receiving side (“Web sockets”)
    One-Way Messagesthrough TCP Tunnel
    Sender
    Receiver
  • Relay
    Direct Connections
    http://{account}.servicebus.windows.net/a/b
    - Outbound SSL TCP connection to relay - Out-of-band protocol to negotiate Direct Connection
    Sender
    Receiver
    Upgrade to direct connection when possible
  • Relay
    Eventing: Publish/Subscribe
    http://{account}.servicebus.windows.net/a/b
    Outbound SSL TCPconnection to relay rendezvous endpoint
    One-way messagesthrough TCP Tunnel
    Sender
    Receiver
    Receiver
    Receiver
    Receiver
  • Have a Service Listen on the SB
    Listen on SB address
    Enable ACS Auth behavior
    Use a ‘relay’ binding
  • Connect to a Service as a Client
    Again, just use a SB address and binding
    Use a behavior to handle ACS authorization
  • demo
    Service Bus- Local Svc Hosted on IIS- Exposing WCF to Service Bus- Establishing Direct Connection- Eventing
  • Agenda
    Windows Azure Platform In One Slide
    What is Windows Azure AppFabric?
    Identity and Access Control
    Service Bus
    Caching
  • Latency Pyramid
    Memory
    Windows Azure AppFabric Caching (local cache)
    Lowest latency
    Network
    Windows Azure AppFabric Caching (distributed cache)
    Lower latency
    Disk
    Highest latency
    Storage
  • What is the Caching service?
    A distributed, in-memory cache for applications running in Windows Azure:
    In-memory cache located near your Windows Azure applications
    Simple administration
    Based on Windows Server AppFabricCaching
    Benefits:
    Highly scalable 64-bit caching solution with low latency and high throughput
    Can dynamically increase and decrease as needed, without redeploying or modifying your application
    Doesn’t have to bother with configuration, deployment, or management of their cache infrastructure
  • Windows Azure AppFabric Caching
    Differentiators
    Built-in ASP.NET providers for session state & page output
    Extreme low latency with the local cache
    Caches any managed object
    (CLR objects, rows, XML, Binary Data…)
    Only requirement is that the object should be serializable
    Easily integrates into existing applications
    Secured by the Access Control Service
  • Anatomy of A Distributed Cache
    Cache footprint or bandwidth requirement may grow beyond a single VM
    Distributed caches scale out
    Multiple role instances may be cache clients
    Clients access the cache as if it was a single large namespace
    Unified Cache View
    Cache layer distributes data across the various cache instances
  • Caching Features
    ASP.NET providers for session state and page output caching
    Cache any managed object
    No object size limits
    No serialization costs for local caching
    Easily integrates into existing applications
    Secured by Access Control
  • Windows Azure Session State
    Windows Azure Load Balancer uses round-robin allocation. Session state must persist to client or storage on every request
    session[“foo”] = 1;
    session[“foo”] = 2;
    LB
    What is the value of session[“foo”]?
  • AppFabric Caching Session State
    Session state stored using Windows Azure AppFabric Caching and an out-of-the-box session state provider
    session[“foo”] = 1;
    session[“foo”] = 2;
    LB
    What is the value of session[“foo”]?
    AppFabric Caching
  • demo
    Caching- Standard data cache API- Measuring data throughput- “built-in” Session Cache Provider