Session Review – Migrating Apps into Windows Azure

Simon Davies @ Microsoft

  • Not all applications, services and data will mode to or be created in Windows Azure
    • Technology Fit – Windows Azure Service / Programming Model
    • Data – some data will remain on premise
    • Economics – not worth moving some applications
    • Timing – cannot move everything at once
    • SaaS – some applications will be provided by SaaS vendors
  • What capabilities does Windows Azure provide to help migrate and connect?

Rules/Considerations about Windows Azure Applications

  • Windows Azure apps is built from one or more roles
  • A Windows Azure apps runs multiple IDENTICAL STATELESS instances of each role
    • Stateless
      • This is true but you can always use the Role File System is needed, what happens is that it won’t be permanent since if the machine fails the state in that machine won’t be maintained.
  • A Windows Azure apps behaves correctly when any role fails

Roles

  • Web Role : the role is a web app hosted in IIS on Microsoft’s Windows Image
  • Worker Role: the role is an app hosted on Microsoft’s Windows Machine
  • VM Role: The role is a pre-loaded app hosted on YOUR Windows Image
    • don’t forget that it’s not a persistent VM, is transient
  • Types of usage:
    • Web Role
    • Worker Role
    • Admin Web or Worker Role (same roles as previously but with some more Startup Tasks that allows you to customize the Microsoft’s Windows Image)
    • VM Role

Why VM Role?

  • Long running application installations
  • Error-prone application installations
  • Application installations require manual interaction

How to Build a VM Role?

  1. Take a Windows Server 2008 R2 Enterprise Image
  2. Make it your BASE.VHD
  3. Boot from the machine
  4. Customize your machine
    • Install your packages
    • Install your apps
  5. Install the Windows Azure Integration components
  6. Run the “sysprep /generalize” command in order to generalize it and you’ll get an Diff.VHD
    • generalize the name of the machine
  7. Upload both Base and Diff to the Blob Storage
    • “csupload add-vmimage –literalpath <base vhd path> –location <Chosen Data Center>” command compresses the VM and uploads
  8. Add a VM Role in Visual Studio and choose the VHD in the Blob Storage

Example Application Scenarios

  • Stateless ASP.NET Web Application or Service
    • Ideal candidate
  • Stateful ASP.NET application (either use or instance state)
    • Moves with some work
  • Highly parallel HPC application
    • Ideal Candidate
  • Windows Client Apps
    • Not suitable
  • A single instance sever application with local state (eg. Database server)
    • May work with additional design
    • Virtual Machine Role will not help (over and above web\worker role)

Windows Azure Connectivity

  • Data Sync : SQL Azure Data Sync
  • Application Layer Connectivity & Messaging: Service Bus
  • Security: Federated Identity & Access Control
  • Secure Network Connectivity: Windows Azure Connect

Windows Azure Connect

  • Secure network connectivity between on-premise and Cloud
    • Support standard IP protocols
  • Enable Azure Roles for external connectivity via service model
  • Enable computers for connectivity by installing connect agent
    • Only available in Windows Vista SP1, Windows 7, Windows Server 2008, Windows Server 2008 R2
  • Network policy managed thought portal
  • Automatic setup of secure IPv6 network between connected role instances and external computers
    • Tunnel firewalls/NAT’s thought hosted SSL-based relay service
    • Secure via end-to-end IPSec
  • Domain-joints

Identity Federation

  • WIF – Windows Identity Foundation
  • Windows Access Control

Service BUS

  • Extend reach of applications securely though the cloud
  • Enabled multi-tenant apps to integrate with tenants on-premise services
  • Securely integrate partners outside of organization boundaries
  • Extend reach of on-premises web services layer
  • Usage Patterns
    • Connectivity
      • Service Remoting
      • Cloud Eventing
      • Protocol Tunneling
    • Messaging
      • Load Leveling
      • Multicast Messaging

Session Review – Windows Azure In Depth

Simon Davies ( World Wide Technical Support Professional @ Microsoft )

Windows Azure Overview

  • Is “An Operating System for the Data Center”
    • Treat the data center as a machine
  • Compute
    • Virtualized compute environment based o Windows Server
  • Storage
    • Durable (Automatically Managed by Microsoft. Always have 3 copies for Disaster Recovery purposes)
    • Scalable
    • High Availability
  • Network
    • Automated network provision and management
    • On Premise Connectivity
    • Global Content Delivery Network (CDN)
  • Management
    • Automated
    • Model Driven Management as a Service
    • Resources
    • Management
    • Provisioning
    • Monitoring
  • Allows Developers to think their app and data only

Windows Azure In Depth

  • Modeling Cloud Applications
    • A could app is typically made up of different components
      • Front End
      • Middle Tier
      • Backend storage
      • Multiple instances of each for scalability and availability
  • Windows Azure Service
    • Windows Azure Hosts “Services”
    • A service is
      • An isolated boundary
      • A set of component roles, each within endpoints
      • At runtime numbered, identical instances of each role are created, each instance is a Virtual Machine
    • All of this specified declaratively in the service model and configured at runtime using a service configuration
  • What is a role?
    • Definition
      • Role Name
      • Role Type
      • VM Size
      • Network Endpoints
    • Code
      • Web/Worker: Hosted DLL and other executable
      • VM Role: VHD
    • Configuration
      • Number of instances
      • Number of update and fault domains
    • Example:
      • Front-End Role
        • Definition
          • Type: Web
          • VM Size: Small
          • Endpoints: External 1
        • Configuration
          • Instances:2
          • Update Domains: 2
          • Fault Domains: 2
  • Service Model Files
    • Service Definition in in ServiceDefinition.csdef (Definition Part of the Role)
    • Service Configuration is in ServiceConfiguration.cscfg (Configuration Part of the Role)
    • CSPack, program that exists in the SDK, will zips a service binary into a package (Code Part of the Role)
  • Compute Runtime Environment
    • Fabric Controller talks to the Fabric Agent in order to configure and run the App
    • Fabric Agent runs inside the Host OS and talks with the Windows Azure Agend in order to manage their configurations
    • Each instance runs inside a Guest OS managed by the Host OS and is composed by
      • Windows Azure Agent
      • Windows Azure Compute
      • YOUR APP
  • Service Isolation
    • Your Services are isolated from other services
  • The Fabric Controller
    • The “kernel” of the cloud operating system
      • Manages datacenter hardware
      • Manages Windows Azure Services
    • Some of the  main responsibilities
      • Datacenter resource allocation
      • Datacenter resource provisioning
  • Managing Availability
    • Upgrade Domains
      • Default and Max Fault Domain is 5
      • Vertical concept
    • Fault Domains
      • Default 2 Fault Domains
  • Provisioning a role instance
    • 3 VHDs are created
      • Guest OS Image (D:\)
      • Resource VHD (C:\)
      • Role VHD (E:\ or the next available letter) = contains the package we deployed
  • Fabric Controller Security
    • The VM is the security boundary upon which Windows Azure security is based
      • the host OS and FC agent are trusted
      • The guest agent is untrusted
  • Updating the OS
    • Initiated by Windows Azure Team
    • Goal: update all machines as quickly as possible
    • Constraint: must not violate the SLA and so we need at least 2 instances in order not to have a outage of the service

Session Review – Windows Azure – From Startup to the Cash Cow

Luis Alves Martins (Architect Evangelist @ Microsoft Portugal)

How do we Start?

  • Think BIG / Globally
    • Multi-Language
    • Multi-Currency
  • Start SMALL
    • Start building things step by step, instead of trying to conquer all at once
    • Think only on the Application and Data instead of all of those and also Hardware, Hardware Management, and so on.

How to Get Windows Azure?

    • Microsoft BizSpark Program (Startup with less than 3 years)
    • MSDN Subscriptions (Microsoft Partner Benefit)
    • Windows Azure Subscriptions
    • Windows Azure Pay-as-you-Go

Why Azure?

  • Cost
  • Agility
  • Risk Mitigation
  • Expertise
    • Join the expertise that you already have about developing solutions and Managing Data and connect that with the Expertise by Microsoft on Managing Data Centers
  • Symmetry
    • Cloud SQL Azure Windows Azure
      On-Premise SQL Server Microsoft Windows Server 2008 or greater
  • Platform Continuum
    • The same code in Traditional DataCenters, Public or Private Windows Server, Windows Azure, Azure Appliance
      • This can happen if we have some considerations prior to beginning the development
  • It’s a natural Evolution, not Revolution
    • Step forward in terms of:
      • Costs
      • Economy of Scale
      • Don’t think about the Machines and the Hardware

Business Model

  • Without any change:
    • Customer pays for the software
    • Customer buys its own Windows Azure Account
  • Provide SaaS
    • Customer pays for the solution that already includes the Windows Azure costs

Windows Azure Internals Interesting facts

Pricing is easy (Example)

  • Compute       =       42,52 €/month (1 role – no Licensing fees)
  • Data             =       7,085 €/GB/month  (SQL)
  • Transfer       =        0,1064 €/GB/month

How to Start with Azure?

Some Q&A about Windows Azure AppFabric Caching

Today someone asked me about Windows Azure AppFabric Caching, and how it works and so I thought it would be interesting to do a blog post about it, with the Questions and Answers for everyone to see and comment and even ask more, to complete it.

Question: What are the Cache Sizes available in the Windows Azure AppFabric Caching Service?

Answer: 128 MB, 256MB, 512MB, 1GB, 2GB, 4GB

 

Question: What happens when provisioning Windows Azure AppFabric Caching in the Portal?

Answer: When you do the provisioning of the Caching Service, you define the Cache Size you want to use, and so that Cache Size is Reserved for you in the Internal Cluster of Cache Machines that are associated with the Service.

Question: Is Windows Azure AppFabric Caching Cache Size Always Available?

Answer: Yes, the complete size is always Reserved for you only.

Question: Is Windows Azure AppFabric Caching Cache Size all stored in the same Machine?

Answer: No. Caching Service has a Distributed Architecture and so it spreads your cache size across several machines.

 

Question: Security is very important and it’s important to understand how does Windows Azure AppFabric Caching Service works in terms of Security? How can we define the security of the Data?

Answer: Windows Azure AppFabric Caching Service is highly integrated with the Windows Azure AppFabric Access Control Service (ACS), and so that is the way to define the security that will be used to access the cache.

 

Question: What about the Princing? What is the pricing associated with Windows Azure AppFabric Caching Service?

Answer: The Price depends on the Caching Size you choose.

  • 128 MB cache for $45.00/month
  • 256 MB cache for $55.00/month
  • 512 MB cache for $75.00/month
  • 1 GB cache for $110.00month
  • 2 GB cache for $180.00/month
  • 4 GB cache for $325.00/month

But you have it free until August 1st, 2011. More about this check here.

 

If you have any more questions just ask away and I’ll try to answer them.

MIX11 – Session Review – Building Windows Phone 7 Applications with the Windows Azure Platform

Wade Wegner ( Technical Evangelist @ Windows Azure Team )

Why Phone + Cloud?

  • The cloud levels the playing field
  • The cloud provides larger pool of resources from which to pull
  • The cloud provides a way to reach across device platforms

Why Windows Phone 7 and Windows Azure?

  • Because Windows Azure is PaaS. you build, Windows Azure runs it
  • Automatic OS patching
  • Scalable
  • Utility billing model
  • Additional services
    • Access Control Services (Provides Identity Federations)
    • Traffic Manager (Provides an easy way to manage the location from which Data Center the app is served)
    • Caching ( Provides a Caching Service that allows us to easily create cache in our apps)
    • CDN (Content Delivery Network)
  • Common Development tools
    • Visual Studio
    • Languages
    • Emulators for development
  • Demo Source Code: http://www.wadewegner.com/

What was shown in the Demo

  • Identity
    • Identity Options
      • Create your own (eg. username + password, token, …)
        • Custom Model
        • ASP.NET Membership Providers
      • Use a single existing identity system (eg. Live Id, Facebook, Twitter, …)
      • Outsource identity management (eg. Access Control Service)
      • More information about this:
        • Authenticating Users in a Windows Phone 7 App via ACS, OData and Windows Azure – http://bit.ly/wp7acs
  • Storage
    • Storage Options
      • SQL Azure
        • Relational Database
        • Highly available
        • Managed for you as a Service
        • Pattern
          • WebRole that exposes an OData Service
            • Create a Web role with an OData Service that will expose your SQL Azure data to your clients
      • Windows Azure Tables
        • Non-relational structured Storage
        • Massive scale-out
        • OData
        • Pattern
          • Using Public Blobs
            • Client sends data to the Web Role
            • Web Role stores data in blobs
            • Client fetches public blobs directly
          • Shared Access Signatures (SAS)
            • Client gets Shared Access Signature from the Web Role
            • Client inserts the SAS in the URI and stores data in blobs
            • Client fetches public blobs and even private containers as long as the SAS allows it
      • Windows Azure Blobs
        • Big files
        • REST
        • Pattern:
          • Proxy Calls
            • Client sends data to the Web role
            • Web role stores data in Blobs
  • Services
    • Web Role vs Worker Role
    • Web Role has IIS
    • Worker role does not
      • think about it as being a DLL with a Main()
    • Both implement the RoleEntryPoint
    • Scaling Work in Windows Azure
      • Traditionally
        1. Web role receives message
        2. Web role enqueues work
        3. Worker role pools queue
        4. Worker role sends notifications
        • Interesting because it splits the IIS and Services parts allowing you to scale them independently
    • Multitenancy
      • You can have more than one application running in your role instance
      • based on the Sites tag in the ServiceDefinition.csdef
    • Content Delivery Network (CDN)
      • Currently at least 24 nodes that will cache data locally in order to provide the data faster
    • Traffic Manager
      • Intelligently routes the request to the most appropriate Data Center according to the policies defined in it
  • Communications
    • Two primary communication models
      • Phone-initiated
        • Options
          • Http-based, request/response
          • Can be based on pooling of User Initiated requests
          • Frameworks choises (WCF, OData, WebRequest, …)
          • Wire Formats (SOAP, JSON, POX, …)
      • Cloud-initiated
        • Push Notifications
          • Single connection between phone and Microsoft Push Notification Service
            • The cloud cannot connect directly to the phone, just passing by the Microsoft Push Notification
          • There’s no warranty of delivery
          • Bandwidth and battery friendly
        • There kinds of push notifications
          • Raw – send a message to an app
          • Toast – send a message to the user
            • Blue bar at the top
          • Tile – Update an image, title or count
        • How does this works?
          1. Phone opens a channel in the Microsoft Push Notifications Service
          2. Phone sends the URL to the cloud
          3. Cloud pushes notifications via URL
          4. Microsoft Push Notification Service notifies the phone

Important Best Practice: DO NOT STORE SECRETS ON YOUR PHONE

What is there to make this easier?

  • Announcing: Windows Azure Toolkit for Windows Phone 7 (v1.1.0)
  • Make it easier for phone developers to use Windows Azure
  • Toolkit includes:
    • Client libraries
    • Sample apps
    • Source code
    • Documentations
  • Available on http://watoolkitwp7.codeplex.com
  • The phone will only communicate with a Service over HTTPs if
    • The cert is installed on the device
    • The cert is signed by a Trusted Authority
  • In order to use the self signed certs you need to install it on the phone