The Hybrid Windows Azure Application

About Me

Michael S. Collier

National Architect,

Windows Azure

michael.collier@neudesic.com

@MichaelCollier

www.MichaelSCollier.com

A Look Ahead

• Windows Azure Components (quick)• The Case for Hybrid• Scenarios and Concerns• Windows Azure Service Bus• Additional Connectivity Options

Windows Azure Core Components

WORKERROLE

WEBROLE

VM

VMROLE

QUEUESERVICE

BLOBSERVICE

TABLESERVICE

DATABASESERVICE

DATA SYNCSERVICE

IMPORT EXPORTSERVICE

REPORTINGSERVICE

Compute

Storage Database

DataMarket Service

Windows Azure Connect

Service Bus

Access Control Service

Cache Service

Windows Azure Traffic ManagerWindows Azure graphics courtesy of David Pallmann (http://azuredesignpatterns.com)

HYBRID APPLICATIONS

Application Trends

1970s• Mainframe

• COBOL

1980s• Client-Server

• COM+, Two tier architectures, C/C++

1990s• Web

• ASP, PHP, Tight Coupling, Web Servers

2000s• SOA

• .NET & Java, N-Tier Architectures, ESB, Data Warehousing

2010+• Hybrid /

Cloud

Disruptors and Trends

CHEAP PROCESSING AND STORAGE

TECHNOLOGY DISRUPTORS APPLICATION TRENDS

Service-Orientated

Composite Applications

Model Driven

Scale-Out

Elastic

Failure Resilient

Always Available

VIRTUALIZATION

ADVANCES IN NETWORKING

ADVANCES IN WEB TECHNOLOGIES

EMERGENCE OF SERVICES

PLATFORMS

Multi-Tenant

Staged Production

Hybrid Clouds – The New Reality?

• Destined to be the most common “type” of cloud.

• Determine what to keep private vs. what is OK for public exposure.

• Architectures become complex.

• Balance of cost, control, flexibility, and risk.

* Cloud Computing Use Cases White Paper 2009

Composite Systems

“By 2015, 80% of transformational systems implemented by midsize and large enterprise will be compositions.”

- Gartner

Why Consider a Hybrid Approach?

• Expose key functional areas as services enable agility

• Improvements in on-premises and cloud

• Shift from single product, big iron approach -> best in class, capability driven model

• SOA – service composition of on-premises and in the cloud.

• Reduce the big spend.

COMMON SCENARIOS AND CONCERNS

Looking at a few

How can the Cloud Help?

Not Everything Has To or Can Live in the Cloud

Security Concerns

Regulatory & Certification

Only Move to the Cloud That Which Can Benefit

Data in MotionC

loud

On-p

rem

ises

1011011101110111

DOH! 1011011101110111Msg 1Msg 2Msg 3

Image courtesy Windows Azure Boot Camp

SQL AZUREDATABASE

QUEUE

DATABASESERVER

System

BLOB CONTAINER

Mass StorageC

loud

On-p

rem

ises

ApplicationHTML

Bandwidth

Doc/Img/JSBandwidth

DATABASESERVER

Image courtesy Windows Azure Boot Camp

BLOB CONTAINER

Data Archival

Network Storage

Clo

ud

On-p

rem

ises 2

DATABASESERVER

Image courtesy Windows Azure Boot Camp

Web ApplicationsC

loud

On-p

rem

ises

M

WEB ROLE

M

2+

SQL Database

SQL Server

The Application

SQL Data Sync(Sync to Hub)

Additional Scenarios

Big Data• Embrace Apache Hadoop on Windows Server and Windows

Azure (see https://www.hadooponazure.com/)

HPC• Financial risk, engineering, weather modeling, etc.• Windows Azure HPC Scheduler• http://www.windowsazure.com/en-us/home/scenarios/parallel/

Cloud Bursting (extending data center to cover peak load)• Kelly Blue Book uses Windows Azure as a secondary data

center to handle bursts in traffic and new features. Saved $100,000/year.

Windows Azure Service Bus

• Robust messaging and routing services

• Hybrid apps that span on-premises and the cloud

• Specifically designed to traverse NAT and firewall devices.

• Security via ACS

Service Bus

Client Applicatio

nService

Service Bus

sb://namespace.servicebus.windows.net/service

Upgrade connection – NAT traversal connection

Software Firewall

NAT

Hardware Firewall

Software Firewall

NAT

Hardware Firewall

TCP: 818/828HTTP:80

Message Relay

Service Bus Message Queues(Brokered Messaging)

• Reliable and durable – backed by SQL Database• Store up to 1GB per queue• No maximum TTL – unlike Windows Azure queues• 256KB maximum message size• Messaging API, WCF, and REST interfaces

Publisher ReceiverQueueReceiver

ReceiverReceiver

Service Bus Topics (pub/sub)(Brokered Messaging)

• Takes SB Queues to the next level• 2,000 subscriptions on a single Topic• Subscription is a virtual queue – gets a copy of each message• Filters

– SQL92 syntax to receive only messages with matching properties

• Actions– Modify message properties as they’re selected

PublisherSubscription

Topic

Receiver

Audit ReceiverSubscription

ReceiverFulfillment Receiver

Rules

Rules

Which to Chose?

Relay Messaging

• Built for WCF• Push model• Service connection

routing

Brokered Messaging

• WCF, .NET, REST APIs• Pull model• Eventually consistent

https://twitter.com/#!/clemensv/status/182176529369939968/photo/1

ADDITIONAL CONNECTIVITY OPTIONS

A Few

Access Control Services (ACS)

• No need to build your own identity management solution.• Authenticate (WIF – OAuth and WS-Federation)• Claims-based authorization• Multiple Identity Providers (ADFSv2, Google, Live ID,

etc.)• Ability to bring your own via membership• Write to ACS and let Microsoft worry about the rest

Windows Azure Virtual Machines

• Persistent VM• Full control and management of virtual machines• Windows or Linux• Support for Active Directory, SharePoint, BizTalk & SQL

Server

Image courtesy of http://blogs.msdn.com/b/windowsazure/archive/2012/06/25/infrastructure-as-a-service-series-virtual-machines-and-windows.aspx

Windows Azure Virtual Network

Corp Network

IIS Servers

AD / DNS

SQL Servers

S2S VPN Device

Image courtesy of the Windows Azure Training Kit

Windows Azure

IIS ServersSQL Servers

Site-to-Site VPN Tunnel

Windows Azure Connect

• Secure network connectivity between on-premises and cloud.

• Hybrid apps access to on-premises servers– App access to SQL

Server– Role domain-joined to

AD

• Setup & management Enterprise

Windows Azure

Image courtesy Windows Azure Platform Training Kit

Windows Azure Connect A Closer Look

• Windows Azure roles enabled via service model.

• Install Connect agent for local machines.

• Network policy managed via portal.

• Auto-setup of secure IP-level network between role instances and local machines. Enterprise

Windows Azure

Databases

Dev machines

Relay

Role BRole A

Role C(multiple VM’s)

Image courtesy Windows Azure Platform Training Kit

Tale of the Tape

Windows Azure Virtual Network

• IP connection between on-premises and Windows Azure role instances

• Direct IP connection; Active Directory domain-join

• Windows Azure Connect Agent

• Network connectivity• Local database• Remote PowerShell• Network file share• Active Directory

Windows Azure Service Bus

• Services running on-premises or in Windows Azure

• Protocol connection (HTTP, HTTPS, NetTCP)

• Nothing new (WCF and REST)• Expose a (Intranet) service to

the Internet• Take advantage of other

services• ACS (Facebook, Windows Live ID,

etc.)• Windows Azure Cache

Windows Azure Integration Services

Enhancements to the existing Windows Azure Service Bus

EAI Bridges• Content-based routing rules• Stages enable message validation, enrichment, and transform• Send XML output via HTTP, Service Bus Topics/Queues, or other

bridges• Receive XML via HTTP

Transforms• Change XML structure between applications• XSLT mapping tool . . . . A lot like BizTalk

Windows Azure Integration Services

Connect• Enables cloud apps to securely communicate with LOB systems

(SAP, Siebel, SQL Server, Oracle, etc.)

EDI• Trading Partner Management solution for EDI (B2B)• Configure partners and create a B2B pipeline – deployed to

Windows Azure Service Bus• Send EDI via HTTP, FTP, and AS2• X12 and AS2 only (current CTP release)

Try it now at http://portal.appfabriclabs.com

Enabling the Hybrid Enterprise

Windows Azure Service BusSB

SBCOMPUTE SERVICE

S

STORAGESERVICE

DATABASESERVICE

Windows Azure

New Platform Services

Services

Caching Service Bus/ Messaging Access Control Integration Composite App

[Workflow, Web Services]

Platform Services.NET +

Composition Model & Tools

Container

SQL Azure SQL Server

Windows Azure

Windows Server

Management

WindowsAzure.com – 90 days free!

http://bit.ly/MikeAzureTrial

Activate MSDN benefits

Install SDK via Web PI

Windows Azure Training Kit

How to Get Started

Windows Azure Developer Center

Resources

• Windows Azure Platform Training Kit– http://bit.ly/hb7om9

• Windows Azure Boot Camp– http://www.WindowsAzureBootCamp.com

• Windows Azure Service Bus– http://www.windowsazure.com/en-us/home/features/service-bus/

• Rick Garibay’s Blog– http://rickgaribay.net/

• Windows Azure Service Bus Samples– http://servicebus.codeplex.com

• Windows Azure Queues and Windows Azure Service Bus Queues - Compared and Contrasted– http://msdn.microsoft.com/en-us/library/windowsazure/hh767287(d=default,v=vs.103).aspx

• Neudesic Cloud– http://cloud.neudesic.com/

• Neudesic Connected Systems– http://www.neudesic.com/What/Expertise/Pages/ConnectedSystems.aspx

Q &

A

Ask your questions

What’s New in Windows Azure

Wednesday. 10:15am – 11:30am

Conv. Ctr. – 12 (Orasi)

The Hybrid Windows Azure Application

Thursday. 9:30am – 10:45am

Conv. Ctr. – G (Pearson)

Using Windows Azure for Solving Identity Management Challenges

Friday. 9:30am – 10:45am

Conv. Ctr. – G (Pearson)

My Sessions at DevLink