Whether an application runs in the cloud, uses services provided by the cloud, or both, some kind of application platform is required. Viewed broadly, an application platform can be thought of as anything that provides developer-accessible services for creating applications. In the local, on-premises Windows world, for example, this includes technologies such as the .NET Framework, SQL Server, and more. To let applications exploit the cloud, cloud application platforms must also exist. And because there are a variety of ways for applications to use cloud services, different kinds of cloud platforms are useful in different situations. Microsoft’s Windows Azure platform is a group of cloud technologies, each providing a specific set of services to application developers. The Windows Azure platform can be used both by applications running in the cloud and by applications running on local systems. The components of the Windows Azure platform can be used by local applications running on a variety of systems, including various flavors of Windows, mobile devices, and others. Those components include: Windows Azure: Provides a Windows-based environment for running applications and storing data on servers in Microsoft data centers. Microsoft .NET Services: Offers distributed infrastructure services to cloud-based and local applications. Microsoft SQL Azure: Provides data services in the cloud based on SQL Server. Each component of the Windows Azure platform has its own role to play. This overview describes all four, first at a high level, then in a bit more detail. While none of them are yet final—details and more might change before their initial release—it’s not too early to start understanding this new set of platform technologies.
Extend Migrate Compose Cloud SpaceIn Data Center App Software + Services App App Front End Services Service Back End Storage Storage Enterprise Space On-Premise Front End Front End Back End Back End Storage Storage
Private (On-Premise) Infrastructure (as a Service) Platform (as a Service) IT as a Service You manage Applications Applications Applications You manage Runtimes Runtimes Runtimes Security & Integration Security & Integration Security & Integration Managed by vendor Databases Databases Databases You manage Servers Servers Servers Managed by vendor Virtualization Virtualization Virtualization Server HW Server HW Server HW Storage Storage Storage Networking Networking Networking
Consistency Share & Reuse Security & Privacy Customizability Control High Public Cloud Economy of Scale Private Cloud (on-premise) High Ease of Provisioning Global Reach Partitioning & Redundancy Scalability & Availability A Hybrid World
Web and Clouds Developer Experience Third party Cloud Web applications Use existing skills and tools. Compute Storage Management Management Relational data Connectivity Access control On-premises Composite applications LOB Applications Windows Azure Platform
Windows Azure Fabric Controller VM Control VM VM VM WS08 Hypervisor Service Roles Control Agent Out-of-band communication – hardware control WS08 In-band communication – software control Load-balancers Node can be a VM or a physical machine Switches Highly-available Fabric Controller
Roles Web Role Worker Role Windows Server 2008 x64 .NET Start Native Code User Mode Windows Server 2008 x64 IIS 7 ASP.NET 3.5 SP1 FastCGI – PHP Native Code Full Trust User Mode
Service Models & Roles Bid Now Service Worker X Web A (port 80) Main Web 100 instances Image Resize 2 instances Worker Y Auction Processing 25 instances Web B (port 8081) Admin 2 instances Worker Z Notifications 10 instances
Azure Portal One-stop cloud service management Get the SDK Set up / administer a cloud service account Upload applications Configure application security Change runtime parameters Monitor applications Post software updates Swap between staging and production
Deploying a New Application Resource allocation Machines must be chosen to host roles of the service Fault domains, update domains, resource utilization, hosting environment, etc. Procure additional hardware if necessary IP addresses must be acquired Provisioning Machines must be setup Virtual machines created Applications configured DNS setup Load balancers must be programmed Upgrades Locate appropriate machines Update the software/settings as necessary Only bring down a subset of the service at a time Maintaining service health Software faults must be handled Hardware failures will occur Logging infrastructure is provided to diagnose issues
Developer ExperienceConsistent, Familiar Development Visual Studio Templates Debugging .NET platform .NET, IIS7, WCF “The cloud on your desktop” Complete offline cloud simulation Like Cassini (web development server)
Durable Storage Durable, scalable, available store Simple abstractions Simple interface REST ADO.NET Data Services Blobs Tables Queues …
Fundamental Data Abstractions Blobs – Provide a simple interface for storing named files along with metadata for the file Tables – Provide structured storage; A Table is a set of entities, which contain a set of properties Queues – Provide reliable storage and delivery of messages for an application
Storage Table (ACE) Scale-out using partitions Partition key & row key Operations performed on partitions Efficient queries No limit on number of partitions Use ADO.NET Data Services REST Interface w/ .NET client in SDK Blob
Pricing Compute $0.12 / CPU hour (or part thereof) ~ 1.7 GHz, 2GB Ram, Single Core $2.88 / Day $86.4 / 30 days (billing period) 2 instances = $172.80 / month Storage $0.15 / GB/Month Bandwidth $0.10 /GB inbound $0.15 /GB outbound
SQL Azure Reference Data Business Intelligence Reporting Data Sync Database Initial Services Database – Core SQL Server database capabilities Future Services Data Sync – Enables the sync framework Additional SQL Server capabilities available as a service: Business Intelligence and Reporting New services: Reference Data and Secure Data Hub
Database Replicas Single Database Multiple Replicas Replica 1 Single Primary Replica 2 DB Replica 3
Pricing WEB Edition 1 GB Database $9.99 / month Bandwidth $0.10 /GB inbound $0.15 /GB outbound Business Edition 10GB Database $99.99 / month Bandwidth $0.10 /GB inbound $0.15 /GB outbound Type specified by MAXSIZE on CREATE DATABASE command or portal (post-CTP1) Cannot switch between Web and Business Editions Monthly billing period
Windows Azure Platform Benefits Windows Azure SQL Azure High Level of Abstraction Hardware Server OS Network Infrastructure Web Server Availability Automated Service Management Scalability Instance & Partitions Developer Experience Familiar Developer Tools Higher Level of Abstraction Hardware Server OS Network Infrastructure Database Server Availability Automated Database Management & Replication Scalability Databases Partitioning Developer Experience Familiar SQL Environment
.NET Services Extending .NET to the cloud with Internet Scale Utility Services ServiceBus AccessControl Service Bus: General purpose application bus Access Control: Rules-driven, claims-based access control
Service Bus - Overview Service Bus makes it easy to connect applications together over the Internet Why it exists – to solve these challenges: Want to make it easy and secure for partners to communicate with your application Don’t always know the characteristics or scale of the integration Partners / customers / users have devices and services running behind firewalls, NATs Microsoft’s Approach Provide a high-scale, highly-available “Service Bus” that supports open Internet protocols
Pricing & SLA $0.15 / 100k “transactions” Transaction: ACS Tokens Messages on Service bus Bandwidth $0.10 /GB inbound $0.15 /GB outbound
Service Bus - Connectivity Relay Ensure applications connect Available to all via the service registry Direct connect Uses the relay to establish communication Then shortcuts for efficiency Publish-Subscribe Builds on the relay and direct connect connectivity capabilities Available via HTTP / REST / ATOM Available in .NET via WCF Bindings
Access Control Service - Overview Helps you avoid the complicated programming normally required to secure applications that extend beyond organizational boundaries.
Access Control Service - Overview Why it Exists – To solve these challenges: Many identity providers, many vendors, many protocols, complex semantics – tricky to get right Applications strewn with one-off access logic Hard to get right, not agile, not compliant, many dead ends Approach Automate federation for a wide-range of identity providers and technologies Factor the access control logic from the application into manageable collection of rules Easy-to-use framework that ensures correct token processing
Access Control – Interaction 3. Map input claims to output claims based on access control rules 1. Define access control rules for a customer Your Access Control Project (a hosted STS) 4. Send Token (output claims from 3) 0. Certificate exchange; periodically refreshed 6.Claims checked in Relying Party 2. Send Claims Requestor (Your Customer) Relying Party (Your App) 5. Send Message w/token
Grid Computing Application Worker Roles Front end – web roles, load-balanced Back end – worker roles Front end and back endcommunicate through storage Front end queues work items Back end executes work items Front end / back end separatelyconfigurable instance counts GRID LOADER ON-PREMINPUT DATA TASKQUEUE WORKERROLE WORKERROLE RESULTSQUEUE GRID AGGREGATOR ON-PREMRESULT DATA
6 Reasons To Consider Cloud Cost - Azure may reduce your costs significantly. The migration project we're currently working on is going to reduce our client's costs by a whopping 90%. You can use our calculator at http://azureroi.cloudapp.net to compute cloud costs and predict your ROI on migrating to the cloud. Headache - You can eliminate much of your I.T. headache by outsourcing the problems of scalability and high availability to the cloud. Let's face it, not all organizations do I.T. well. Expenditures - Using the cloud converts capital expenditures into operating expenditures, as you aren't buying hardware up front. This makes for a healthier balance sheet and enables pay-as-you-go business initiatives.
6 Reasons To Consider Cloud (cont) Dynamic scale - Dynamically adjust your deployment any time you wish. Scale up or down on a whim. You'll only pay for capacity you are using. If your business is seasonal or your growth patterns are uncertain, this is especially appealing. Anticipate - You don't have to anticipate your load in advance. In the enterprise, you have to try to predict your peak load, buy a bunch of servers, and hope you got it right. In the cloud you don't have to make these predictions because you can simply adjust the size of your deployment as needed. Risk - Using the cloud reduces risk. You don't have a long-term commitment, you only pay for what you use, there's no up-front hardware purchases to make. You can walk away any time with no residual financial or contractual obligations.
The Backend – Virtual 8+ cores per server 1,2,4 cores per VM 1 SB Node per VM “Lights out” model VM reimaged on failure Server retired on failure Quick deployment 100 VMs in ~20 minutes “Go” to “System Up” Management & Deployment Fabric
The Backend – Messaging Overlay SB SB SB SB SB SB SB SB SB Unicast: Point to point SB SB Multicast: Routed along ring SB Distributed Hash TableNames hash to nodes SB SB SB SB Replication Neighborhood SB SB Volatile Storage Distributed Naming Uni-/Multicast Routing SB SB SB
Access Control Service – Key Points Stop tying your apps to a specific security model Instead, check claims within the application Enable security scheme external to application Multiple security schemes can be enabled Rules used to map claims to what app expects Integrate with standards-based identity providers, including enterprise directories and web identity systems such as Windows Live ID .NET Developers use the Geneva Framework
Service Bus – Key Points Services that register on the Bus can easily be discovered and accessed, across any network topology The Service Bus provides the familiar Enterprise Service Bus application pattern Helps to solve some of the hard issues that arise when implementing this pattern across network, security, and organizational boundaries Internet-scale