Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

ArcReady - Architecting Modern Distributed Applications

4,475 views

Published on

Nearly every application we build today has dependencies to other systems. How do we design them to work together to meet our goals? How do we decide what to build and what to buy? Do we host it ourselves or in the cloud? With a bewildering array of choices, the biggest challenge we face today is how to architect robust applications with the right technologies to meet our user’s needs and integrate nicely into our existing IT ecosystems.

Join our Central Region Architect Evangelists for a great discussion on architecting distributed applications using all the latest technologies and best practices.

Session 1: Blueprints for Success. In this session, we will survey the modern architecture landscape from the ground up, including infrastructure, application, and client solution choices. We’ll discuss how current industry trends are shaping our architectures and present an innovative architecture mapping technique for analyzing our customer’s needs and aligning them to today’s technologies and solution patterns.

Session 2: Making It Real. In this session, we’ll take a look at several case studies to learn how to apply the mapping technique from Session 1 to architect real world solutions that add true business value. We’ll examine applications we use every day and take a walk through a Microsoft reference architecture that explores many of the decisions we face when building modern distributed applications.

Published in: Technology, Business
  • Be the first to comment

ArcReady - Architecting Modern Distributed Applications

  1. 1. Architecting Modern Distributed Applications ArcReady:
  2. 2. About ArcReady… <ul><li>A forum for aspiring and practicing architects to discuss industry trends </li></ul><ul><li>An overview of Microsoft’s roadmap as it relates to software architecture </li></ul><ul><li>A mechanism to solicit your feedback </li></ul><ul><li>An opportunity to showcase the work you do! </li></ul>
  3. 3. About your presenter(s)… Clint Edmonson Architect Evangelist Microsoft Corporation www.notsotrivial.net [email_address] Brian Prince Architect Evangelist Microsoft Corporation www.brianhprince.com [email_address] Larry Clarkin Architect Evangelist Microsoft Corporation www.larryclarkin.com [email_address] Phil Wheat Architect Evangelist Microsoft Corporation blog.austinwheats.com [email_address]
  4. 4. Agenda Session 1: Blueprints for Success Break Session 2: Making It Real Drawing for prizes
  5. 5. Session 1 Blueprints for Success
  6. 6. Industry Trends
  7. 7. Industry Trends Trend 1: Service Oriented Architecture (SOA)
  8. 8. Industry Trends
  9. 9. Industry Trends Trend 2: Software as a Service (SaaS)
  10. 10. Industry Trends
  11. 11. Industry Trends Trend 3: Web 2.0
  12. 12. Industry Trends
  13. 13. Industry Trends Trend 4: Rich Internet Applications (RIA)
  14. 14. Industry Trends
  15. 15. Industry Trends Trend 5: Cloud Computing
  16. 16. Industry Trends
  17. 17. Industry Trends SOA: Service Oriented Architecture Reuse and Agility Web 2.0 Network Effect SaaS: Software as a Service Flexible pricing and delivery RIA: Rich Internet Applications Experience Software + Services Cloud Computing Service Utility
  18. 18. Industry Trends Is this just a Microsoft thing?
  19. 19. Industry Trends “ Let me just say it: We want native third-party applications on the iPhone, and we plan to have an SDK in developers' hands in February” - Steve Jobs Apple Reverses on Third-Party iPhone Apps “ But Google's offline approach also is a recognition that Microsoft's right in insisting that not all computing will take place in the Internet cloud. Microsoft's been touting a vision of &quot;software plus services &quot; that relies on Internet-connected desktop apps, and more enterprise software-as-a-service companies, such as CRM vendor RightNow, recognize the need for some client software.” Google CEO Says Software to Play a Bigger Role
  20. 20. Industry Trends IBM also introduced Bluehouse, the code name for services … designed to help business partners share contacts, files, project and interact via chat and Web meeting. The model is similar to what Microsoft has been pushing with its software-plus-services strategy developed by Microsoft CTO Ray Ozzie, who created the Notes platform. Microsoft is trying to define a new category with software plus services …it turns out that Microsoft may have a point and, while Salesforce.com would be unlikely to concede this, in fact it provides some supporting evidence. A few years ago Salesforce.com released its Off-line Edition for its popular customer relationship management (CRM) product.
  21. 21. Heads in the Cloud, Feet on the Ground
  22. 22. Heads in the Cloud, Feet on the Ground When it comes to running applications, organizations today face a tension between control and economy of scale Economy of Scale Low High Control High Low
  23. 23. Heads in the Cloud, Feet on the Ground Economy of Scale Low High Control High Low Application runs on-premise Buy my own hardware, and manage my own data center Application runs at a hoster Pay someone to host my application using hardware that I specify Application runs using cloud platform Pay someone to host my application without specifying the hardware (they promise to be “infinitely” scalable) Application is supplied by a vendor Pay for someone’s hosted application. Don’t care about the hardware, as long as it works.
  24. 24. Heads in the Cloud, Feet on the Ground Tension between build vs. buy Build vs. Buy Build Buy
  25. 25. Heads in the Cloud, Feet on the Ground “ Packaged” Application An application that I buy “off the shelf” and run myself “ Home Built” Application An application that I develop and run myself Build vs. Buy Build Buy Hosted “ Home Built” An application that I develop myself, but run at a hoster Hosted “ Packaged” An application that I buy “off the shelf” and then run at a hoster “ Home Built” using cloud An application that I develop myself, that is hosted using cloud platform “ Packaged” using cloud An application that I buy “off the shelf”, that is hosted using cloud platform “ Software as a Service” A hosted application that I buy from a vendor “ Platform as a Service” A vendor hosted development and runtime environment
  26. 26. Big Pharmaceutical Example “ Too costly to run this myself, but I’ve made too many customizations” “ Packaged” Application “ Home Built” Application Hosted “ Home Built” Hosted “ Packaged” “ Home Built” using cloud “ Packaged” using cloud “ Software as a Service” “ Platform as a Service” Clinical Trial Molecule Research HR System Email CRM ERP
  27. 27. Big Pharmaceutical Example “ CRM and Email are commodity services – They have no customizations, and it’s cheaper for someone else to run these” “ Packaged” Application “ Home Built” Application Hosted “ Home Built” Hosted “ Packaged” “ Home Built” using cloud “ Packaged” using cloud “ Software as a Service” “ Platform as a Service” Clinical Trial Molecule Research HR System Email CRM ERP
  28. 28. Big Pharmaceutical Example “ I can’t afford to maintain this old HR application written in VB – it’s driving me mad!” “… but due to regulatory issues, I cannot store my HR data off-premise” “ Packaged” Application “ Home Built” Application Hosted “ Home Built” Hosted “ Packaged” “ Home Built” using cloud “ Packaged” using cloud “ Software as a Service” “ Platform as a Service” Clinical Trial Molecule Research HR System Email CRM ERP
  29. 29. Big Pharmaceutical Example “ I wish I had access to cheaper compute and storage when I need it” “ Packaged” Application “ Home Built” Application Hosted “ Home Built” Hosted “ Packaged” “ Home Built” using cloud “ Packaged” using cloud “ Software as a Service” “ Platform as a Service” Clinical Trial Molecule Research Email CRM ERP HR System
  30. 30. Big Pharmaceutical Example “ THIS is where I want to spend my IT resources – I’m going to double down on this application!” “ Packaged” Application “ Home Built” Application Hosted “ Home Built” Hosted “ Packaged” “ Home Built” using cloud “ Packaged” using cloud “ Software as a Service” “ Platform as a Service” Clinical Trial Molecule Research Email CRM ERP HR System
  31. 31. Architectural Blueprints
  32. 32. Architectural Blueprints
  33. 33. Architectural Blueprints Physical, Dedicated Single service on dedicated hardware Physical, Shared Multiple services sharing same hardware Physical, HPC Physical hardware supporting HPC scenario Virtual, Single Single instance virtual image Virtual, Shared Multiple instance virtual image
  34. 34. Architectural Blueprints
  35. 35. Architectural Blueprints
  36. 36. Architectural Blueprints File Fileshare, flat, page-based Relational Hosted relational database, familiar, transactional, finite Unstructured Key/value Pair, no atomicity, infinitely scalable
  37. 37. Architectural Blueprints
  38. 38. Architectural Blueprints Service Bus Asynchronous, reliable messaging, publish/subscribe model Peer to Peer Node registration, directory, presence awareness
  39. 39. Architectural Blueprints
  40. 40. Architectural Blueprints Authentication Username / Password or claims based Role Based Authorization Role-checking and authorization
  41. 41. Architectural Blueprints
  42. 42. Architectural Blueprints Event Based Triggered based on events (e.g. document upload) High Throughput Low latency, high volume (e.g. trading confirmations)
  43. 43. Architectural Blueprints
  44. 44. Architectural Blueprints
  45. 45. Architectural Blueprints Search Text Search, Image Search, Indexing Social Social Graphs, Profiles Content Management Indexing, Retrieval, Conflict Management
  46. 46. Architectural Blueprints
  47. 47. Architectural Blueprints Transaction Pay for each transaction Subscription Pay per month/period Licensing Pay per user/machine Advertising Advert funded model
  48. 48. Architectural Blueprints
  49. 49. Architectural Blueprints Service Composition Composition, brokering results, aggregation Line of Business Integration Service wrapping of mainframe and other LOB applications
  50. 50. Architectural Blueprints
  51. 51. Architectural Blueprints Business Logic (Rules) Entities (Schema) Workflow (Process)
  52. 52. Architectural Blueprints
  53. 53. Architectural Blueprints Static Static content, HTML etc Dynamic Asynchronous interaction, AJAX etc. RIA Rich Internet Applications, high visuals, limited offline support Streaming Optimized for content delivery, videos etc.
  54. 54. Architectural Blueprints
  55. 55. Architectural Blueprints Web Services SOAP based, WS-I compliant, WS-* REST CRUD access to services via HTML RSS Syndication services for subscriptions
  56. 56. Architectural Blueprints VoiceXML Mobile Application Speech API SIP Session Initiation Protocol – IM Clients SMTP Email inbound and outbound delivery SMS Mobile inbound and outbound text messaging
  57. 57. Architectural Blueprints
  58. 58. Architectural Blueprints
  59. 59. Architectural Blueprints Browser Consumer of web based content, HTML etc., including RIA plug in Office Office Suite, including Email and RSS reader capability Client Application Rich (Smart) client applications installed locally on machine Gadgets Locally installed, desktop based Instant Messaging Locally installed Instant Messaging client
  60. 60. Architectural Blueprints
  61. 61. Architectural Blueprints Browser Consumer of web based content, HTML etc., including RIA plug in Office Office Suite, including Email and RSS reader capability Client Application Rich (Smart) client applications installed locally on machine SMS / IM Text messaging and IM using Mobile Device Speech Speech enabled interface
  62. 62. Architectural Blueprints
  63. 63. Architectural Blueprints Devices Dedicated devices Consoles Games Consoles
  64. 64. Architectural Blueprints
  65. 65. Architectural Trends
  66. 66. Architectural Trends How can we analyze our architectures using these blueprints?
  67. 67. Static Web Site, On Premise
  68. 68. Static Web Site, On Premise (Add Content Mgt)
  69. 69. Static Web Site, On Premise (Add Search/Social)
  70. 70. Static Web Site, On Premise (Add Ad Service)
  71. 71. Static Web Site, On Premise (Move to Hoster)
  72. 72. Static Web Site, On Premise (Add AJAX)
  73. 73. Static Web Site, On Premise (Add Mobile RSS)
  74. 74. Architectural Trends How about the trends we talked about earlier?
  75. 75. Architectural Trends Trend 1: Service Oriented Architecture (SOA)
  76. 76. Trend 1: SOA - Single Service, On Premise
  77. 77. Trend 1: SOA - Single Service, On Premise
  78. 78. Trend 1: SOA - Single Service, On Premise
  79. 79. Trend 1: SOA - Single Service, On Premise
  80. 80. Trend 1: SOA - Single Service, On Premise
  81. 81. Trend 1: SOA - Single Service, On Premise
  82. 82. Trend 1: SOA - Single Service, On Premise
  83. 83. Trend 1: SOA - Single Service, On Premise
  84. 85. Architectural Trends Trend 2: Software as a Service (SaaS)
  85. 86. Trend 2: SaaS – Web Based SaaS Provider
  86. 87. Trend 2: SaaS – Web Based SaaS Provider
  87. 88. Trend 2: SaaS – Web Based SaaS Provider
  88. 89. Architectural Trends Trend 3: Web 2.0
  89. 90. Trend 3: Web 2.0 – Social Networking Site
  90. 91. Trend 3: Web 2.0 – Social Networking Site
  91. 93. Architectural Trends Trend 4: Rich Internet Applications
  92. 94. Trend 4: RIA – eCommerce Site
  93. 95. Trend 4: RIA – eCommerce Site
  94. 96. Trend 4: RIA – eCommerce Site
  95. 97. Trend 4: RIA – eCommerce Site
  96. 99. Architectural Trends Trend 5: Cloud Computing
  97. 100. Trend 5: Cloud Computing – Backup Provider
  98. 101. Trend 5: Cloud Computing – Backup Provider
  99. 102. Trend 5: Cloud Computing – Backup Provider
  100. 103. Architectural Trends How about Microsoft’s own products?
  101. 104. Windows Live Mesh CTP (Current, Primary)
  102. 105. Exchange Lifecycle (Exchange 4.0, Outlook 97)
  103. 106. Exchange Lifecycle (Exchange 5.0, Outlook 97)
  104. 107. Exchange Lifecycle (Exchange 5.0 SP1, Outlook XP)
  105. 108. Exchange Lifecycle (Exchange 2003, Outlook 2003)
  106. 109. Exchange Lifecycle (Exchange 2007, Outlook 2007)
  107. 110. Exchange Lifecycle (Hosted Exchange, Outlook 2007)
  108. 111. Architectural Challenges
  109. 112. Big Pharmaceutical Example “ Packaged” Application “ Home Built” Application Hosted “ Home Built” Hosted “ Packaged” “ Home Built” using cloud “ Packaged” using cloud “ Software as a Service” “ Platform as a Service” Clinical Trial Molecule Research Email CRM ERP HR System
  110. 113. Architectural Challenges Challenge 1 - Identity
  111. 114. Challenge 1 - Identity
  112. 115. Challenge 1 - Identity
  113. 116. Challenge 1 - Identity <ul><li>Accessing Hosted Assets with Internal Credentials </li></ul><ul><li>AuthN and AuthZ across FW </li></ul><ul><li>Credential Storage </li></ul>
  114. 117. Challenge 1 - Identity
  115. 118. Architectural Challenges Challenge 2 – Data
  116. 119. Challenge 2 - Data
  117. 120. Challenge 2 - Data <ul><li>Import and Export of Data </li></ul><ul><li>Privacy of External Data </li></ul><ul><li>Reporting and Analytics </li></ul>
  118. 121. Architectural Challenges Challenge 3 – Management
  119. 122. Challenge 3 - Management
  120. 123. Challenge 3 - Management <ul><li>Holistic View of Application? </li></ul><ul><li>Integration into existing System Management solutions? </li></ul><ul><li>Contracts and SLAs </li></ul>
  121. 124. Architectural Blueprints – Next Steps
  122. 125. Architectural Blueprints – Next Steps Step 1 – Use the “blueprints” to decompose and recompose existing applications
  123. 126. Architectural Blueprints – Next Steps Step 2 – Get the right people involved
  124. 127. Architectural Blueprints – Next Steps Infrastructure Architect / Data Center Operations Solutions and Infrastructure Architect Solutions Architect and Development Team Solutions Architect and Development Team (inc. Web Design) Solutions Architect and Development Team (inc. Designer) Enterprise Architect and CIO Data Center Operations
  125. 128. Architectural Blueprints – Next Steps Step 3 – Understand the Technology Mappings
  126. 129. Architectural Blueprints – Next Steps IE8 Windows Mobile 7 XBOX 360 IIS 7 SL Streaming WCF .NET Framework MOSS 2007 BTS Adapters MOSS 2007 BDC AD / ADFS Ad Center .NET Framework 3 rd Party BizTalk 2006 R2 ILM BizTalk / BizTalk.Net Mesh CTP IIS 7 SQL Server SSDS Windows WF MOSS 2007 Windows WF BizTalk Server Windows Server 2008 WS 2008 HPC Windows Server 2008 Hyper-V Office WPF Vista OC Win Embed .NET CF
  127. 130. Architectural Blueprints – Next Steps Step 4 – Document repeatable patterns
  128. 131. Architectural Blueprints – Next Steps
  129. 132. Architectural Blueprints – Next Steps
  130. 133. Architectural Blueprints – Next Steps Step 5 –Resources
  131. 134. Break Please complete an Eval
  132. 135. Session 2 Making it Real
  133. 136. Look at Identity
  134. 137. Look at Identity Authentication Ÿ Authorization
  135. 138. Look at Identity Role Based Access Control Roles -> Rights -> Resources
  136. 139. Rights represent actions in the system
  137. 140. Rights are grouped into roles
  138. 141. Roles are assigned to users
  139. 142. User authenticates User Application Username, Pwd
  140. 143. System finds all of the users roles, calculates the effective rights User Application Rights Storage Username, Pwd Roles: Operator, Manager Rights: vDash, vOrders, …
  141. 144. Attach Principal/Identity to Thread User Application Rights Storage Username, Pwd Roles: Operator, Manager Rights: vDash, vOrders, … P Principal & Identity I
  142. 145. Code Checks for Permission Defense in Depth!
  143. 146. Evolution of Security Manager
  144. 147. Problems with this approach?
  145. 148. Companies have lots of applications
  146. 149. Each with their own silo of identity data
  147. 150. Each system is hardcoded for Az/An
  148. 151. Duplicated Code
  149. 152. Tedious to implement every time
  150. 153. Leads to greater risk as well
  151. 154. Many companies have 0 or n directories
  152. 155. Username & Password just isn’t enough anymore
  153. 156. An array of accounts for users
  154. 157. Intracompany ?
  155. 158. Doesn’t work in the cloud
  156. 159. Hard for calling services
  157. 160. Single hop and Impersonation
  158. 161. Zermatt
  159. 162. Framework for Claims Based Identity
  160. 163. Three geeks walk into a bar…
  161. 164. What is a Claim? Web Application/Service Username: Brian Roles: Manager, Sales Email: Brian.Prince@microsoft.com IsOfLegalVotingAge: True
  162. 165. Your app is no longer concerned with <ul><li>Authentication </li></ul><ul><li>Storing and securing usernames and pwds </li></ul><ul><li>Connecting to directories </li></ul><ul><li>Managing roles/rights/claims </li></ul>
  163. 166. Allows for Federation
  164. 167. “ A Cloudy World” Example The “Cloud” Big Pharma “on premise” Cloud Storage (new molecule research in purple) Cloud Platform Cloud Compute <ul><li>Big Pharma deploys software to cloud </li></ul>employees Clinical trial software Firewall Management IT Directory STS Internet Service Bus (Identity) STS <ul><li>Employees access cloud software </li></ul>
  165. 168. “ A Cloudy World” Example The “Cloud” Big Pharma “on premise” employees Clinical trial software Firewall Management IT Directory STS (big pharma data in purple) “ cloud” CRM <ul><li>Employees use “cloud” CRM </li></ul><ul><li>IT Manages “cloud” CRM </li></ul>
  166. 169. “ A Cloudy World” Example The “Cloud” Clinical trial patients Big Pharma “on premise” employees Clinical trial software Firewall Management IT Directory STS Cloud Platform Internet Service Bus (Connectivity) Internet Service Bus (Identity) STS Relay <ul><li>External Patients using Relay to access “on premise” clinical trial software </li></ul>
  167. 170. “ A Cloudy World” Example The “Cloud” (big pharma data in purple) (big pharma instance in purple) Clinical trial patients Internet Service Bus (Connectivity) Big Pharma “on premise” Cloud Storage (new molecule research in purple) Internet Service Bus (Identity) STS Relay Cloud Compute Cloud Platform CRM Online Hosted ERP @ Hoster employees Clinical trial software Firewall Management IT Directory STS
  168. 171. Claim <ul><li>A piece of your identity </li></ul><ul><li>A property </li></ul><ul><li>Come from issuers. You only trust the claim as much as the issuer </li></ul>
  169. 172. Zermatt : Claim Object
  170. 173. Identity <ul><li>A set of claims that describes a user or entity </li></ul>
  171. 174. IClaimsIdentity
  172. 175. Security Token <ul><li>A serialized set of claims that are signed by the issuer </li></ul><ul><li>Presented when system access is requested </li></ul><ul><li>Found in the SOAP envelope for a web service call </li></ul><ul><li>Found in the HTTP POST in a web application </li></ul>
  173. 176. IClaimsPrincipal
  174. 177. Easy Change
  175. 178. Sample Code
  176. 179. Issuing Authority <ul><li>Many types: </li></ul><ul><ul><li>Kerberos tickets </li></ul></ul><ul><ul><li>Certificate authorities </li></ul></ul><ul><ul><li>X.509 certificates </li></ul></ul><ul><li>We want one that creates our security tokens. </li></ul><ul><ul><li>Knows how to issue the right claims for the right user </li></ul></ul><ul><ul><li>Interacts with AuthN systems, and authenticates the user </li></ul></ul>
  177. 180. Security Token Service (STS) <ul><li>A type of Issuer </li></ul><ul><li>Uses standards </li></ul><ul><ul><li>WS-MEX </li></ul></ul><ul><ul><li>WS-Trust </li></ul></ul><ul><ul><li>Security Assertion Markup Language (SAML) </li></ul></ul>
  178. 181. Relying Party (RP) <ul><li>The system that relies on the claim tokens </li></ul><ul><li>YOUR SYSTEM </li></ul>
  179. 182. Basic Scenario – Active Client (WS-Trust) Relying Party (Web Service) Smart Client Trusted Authority (Web Service) Directory/ Credential Store STS 1. Get Policy 3. Send Claims 2. Get Claims Business Rules
  180. 183. Basic Scenario – Passive Client (WS-Federation) Relying Party (Web App) Browser Trusted Authority (Web App) Directory/ Credential Store STS 1. HTTP GET 3. HTTP POST 2. Redirect Business Rules
  181. 184. Federated Scenario Relying Party (Web Service) Smart Client Trusted Authority (Web Service) Internet Trusted Authority (Web Service) STS Business Rules STS Business Rules 1 2 3 (Java?) (.NET?)
  182. 185. Federated Authentication Module
  183. 186. Zermatt ASP.NET Controls
  184. 187. Wiring Zermatt up to ASP.NET
  185. 188. Calling a Claims Aware Service <ul><li>Client side WCF already has everything it needs </li></ul>
  186. 189. Wiring Zermatt up to a Service <ul><li>WCF handles SAML tokens out of the box </li></ul><ul><li>Needs to be configured with a custom binding </li></ul><ul><li>Zermatt wires in custom behaviors into the WCF config </li></ul><ul><li>This lets you use the simplified Zermatt claims model instead of the normal WCF model </li></ul>
  187. 190. Service Identity Client / UX Data Store User User Service Account SSRS Service Domain Objects Persistence Layer
  188. 191. Delegation and ActAs Web Front End Trusted Authority Directory/ Credential Store ID: svcInv STS 3. Get Claims for svcInv ActAs Dieter 2. Dieter 1. Get Claims for Dieter Business Rules Dieter’s Browser ID: Dieter Back End Web Service ID: Dieter 4. svcInv ActAs Dieter
  189. 192. Authentication Assurance
  190. 193. Zermatt Resources <ul><li>http://connect.microsoft.com/site/sitehome.aspx?SiteID=642 </li></ul><ul><ul><li>Download the whitepaper, bits, and samples </li></ul></ul>
  191. 194. Resources… Slide deck: www.slideshare.net/ArcReady
  192. 195. © 2008 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

×