5Windows Azure – Running your Apps Infrastructure Services (VM)Cloud ServicesWeb SitesMobile ServicesApplicationsMulti-tier AppsWeb AppsMobile AppsDataDataDataDataFirewall RulesService ModelVirtual NetworkO/SFocus on the Application
6IaaS (VM & VNET) Windows Server and Linux Virtual Private Networking Capabilities (VNET)
7Does Your App Need a Virtual Network? IP Address RequirementsVirtual Machines deployed into a virtual network have an infinite DHCP lease (not static but effectively the same thing)Deploy apps in the cloud that requires Active DirectoryHybrid On-Premises Cloud AppsRequirement for connectivity between your data center and the public cloudConnectivity between cloud servicesConnecting a PaaS to IaaS Service (for better performance / there are apps that have dependencies on resources that require VM such as SharePoint, SQL Server, Active Directory,…)CorpnetWindows AzureVM 1VM 2ROLE 1Subnet 2Subnet 1
10How does a private IP get allocated to a VM? - One of the available IP addresses is allocated as the VM is allocated!- The IP address remains the same as long as the VM is allocated.New:- You can statically set a private IP address to a VM (today only via PowerShell)- How? Configure a Static Internal IP Address (DIP) for a VM
12Built-In Extensions by Microsoft (Demo Summary) BGInfo ExtensionDisplay useful server information to the desktop as a wallpaperVMAccess ExtensionDid you previously lost your IaaS VM password? Are the RDP settings of the VM broken? With VMAccess you can now reset the password and the username !!!Custom Script ExtensionAllows you to specify a powershell script file to run in the VM immediately after it’s created.
13Built-In Extensions by Microsoft (Demo Summary) How to enable/ disable BGInfo/VMAccess extensions?How to reset a VM password? How to fix RDP settings?...by using the VMAccess extension….extensions-part-1.aspxHow to add the VM Agent on existing VMs?extensions-part-2.aspx
14EndPoint (Demo Summary) All VM within the same cloud service or VNET can automatically communicate to each other using a private network channel!All other inbound communication (such as traffic initiated from Internet hosts) requires an endpoint.Default Endpoints are created in order to remotely administer your machineRemote Desktop Protocol (RDP) Endpoint Windows OSPowerShell Endpoint Windows OSSecure Shell (SSH) Endpoint Linux OSTip: it is possible to define ACL (Access Control List) at the Endpoint level (seeDeny or permit traffic to the endpoint based on remote subnet IPv4 address rangeBlacklist IP addresses, …
15Load Balanced Set (Demo Summary) mycloudservicednsnameEndPointPublic Port (80)Local/Private Port (80)Protocol (TCP/UDP)NameCloud ServiceVM1Port 80LBPublic Port 80VM2Port 80Port 80VM3Port 80Single Public IP Per Cloud Service (VIP)
18Port Forwarding Input Endpoints Public PortLocal PortProtocol (TCP/UDP)Namemycloudservicednsname.cloudapp.netPORT 5586PORT 3389VM1LB/IPPORT 5587PORT 3389VM2Default created endpointsfor Remote Desktop (3339) andPowerShell communicationSingle Public IP Per Cloud Service (VIP) PORT 3389 VM1 PORT 3389 VM2
19What’s new in Networking? How does a private IP address get allocated to a VM?- One of the available IP address is allocated as the VM is allocated- The IP address remains the same as long as the VM is allocated.New:- You can statically set a private IP address to a VM (today only via PowerShell)- How? Configure a Static Internal IP Address (DIP) for a VMPublic IP Reservations (http://msdn.microsoft.com/en-us/library/dn aspx)- you can have static public IP addresses- up to 5 for freeInstance-Level Public IP Addresses (http://msdn.microsoft.com/en-us/library/dn aspx)- Public address that can be assigned directly to the VM (rather than to the cloud service that your VM resides within)- i.e. (Outbound traffic originating from the VM goes out with PIP as the source and this uniquely identifies the VM to external entities)Internal Load Balancing support between VMs that don’t have public facing endpoints (enables to load-balance VM with a private IP address)Accessible to VM within the same VNET or Cloud ServiceHow ? Internal Load balancing / Configure an internal load-balanced set
20Persistent Disks and Highly Durable Windows Azure Storage (Disaster Recovery)Secondary regionWindows Azure StoragePrimary regionVirtual Machine
21Persistent Disks and Highly Durable Windows Azure Storage (Disaster Recovery)Secondary regionWindows Azure StoragePrimary regionVirtual MachineVirtual Machine
22VM disk layout OS Disk Persistent SATA Drive C: Temporary Storage Disk Local (Not Persistent)SATADrive D:Data Disk(s)PersistentSCSICustomer Defined Letter
23Virtual Machine Sizes and Storage VM SizeCPU CoresMemoryBandwidth# (1TB) Data DisksExtra Small (A0)Shared768 MB5 (Mbps)1Small (A1)1.75 GB100 (Mbps)2Medium (A2)3.5 GB200 (Mbps)4Large (A3)7 GB400 (Mbps)8Extra Large (A4)14 GB800 (Mbps)16A5A628 GB1000 (Mbps)A756 GB2000 (Mbps)A840 Gbit/s InfiniBandA9112 GBFor an up to date view see Virtual Machine and Cloud Service Sizes for Azure
24Bring Your Own Server/VHD On-PremisesCloudBlog StorageUpload VHDMyApp.vhdCreate Disk orImageProvision VM from Image or Disk using portal, script or APIOn Premises Virtual ServerUse CaseForklift Migration of VMsSys Prepped ImagesVHD Must Be Fixed Disk* CSUpload Can Convert on Upload
25Imaging VMs in the Cloud BootVMBase.VHDIdentical/similar deployment instances using common OS image as startCapture VM Saves Customized Image to Your Image LibraryBlog StorageCaptureVMBlog StorageCustomizeVHDGeneralizeVHD
26Web SitesBuild with popular web framework (ASP.NET, PHP, Java, Python or Node.js)With a SQL DB or MySQL databaseDeploy in seconds with WebDeploy, FTP Source Control Deployment (ex. Git/TFS )Start for free, scale up as your traffic grows
28Cloud Services (PaaS) Automated application management Support rich multi-tier architecturesWeb Role / Worker RoleBuild stateless highly scalable apps and services
29A collection of related service roles What is a Cloud Service?A collection of related service rolesWeb RoleWorker Role
30What Can It Run? General Rule Choice of Language Choice of Frameworks If it runs in Windows it can run as a Cloud ServiceC#, VB, C++, Java, PHP, Node.js, Phython, etc..NET, ExpressJS, Rails, Zend, etc.
31Role LifecycleAll roles may extend RoleEntryPoint Roles report status via RoleEnvironmentMethodsEventsStatusFabric CallsOnStartStatusCheckBusyRequests RoutedRunStatusCheckReadyRole LifetimeSlide Objective:Understand the lifecycle of a Windows Azure roleUnderstand the methods that can be overridden in RoleEntryPointUnderstand the events that are raised by role instances when their status is changingSpeaker Notes:Roles will typically extend RoleEntryPointThe fabric calls RoleEntryPoint methods as it starts and stops a roleWaWorkerHost process is started.Worker Role assembly is loaded and surfed for a class that derives from RoleEntryPoint. This class is instantiated.RoleEntryPoint.OnStart() is called.RoleEntryPoint.Run() is called.If the RoleEntryPoint.Run() method exits, the RoleEntryPoint.OnStop() method is called .WaWorkerHost process is stopped. The role will recycle and startup again.As a role changes state it will raise the StatusCheck event.A status of Busy will mean the load balancer will not route requests to the instance.Notes:OnStopStatusCheckBusyStopping
36A collection of related service roles What is a Cloud Service?A collection of related service rolesWeb RoleWorker Role
37Application building blocks Big dataDatabaseStorageTrafficCachingMessagingIdentityApplication building blocksMediaCDNNetworking
38DB Azure SQL Database Relational SQL Server Engine in the Cloud Fully Managed ServiceEnteprise-Ready with automatic support for HADesigned to scale out elastically with demandAzure SQL Database != SQL Server SQL Server Feature Limitations (Azure SQL Database)DB
39Cache Low latency, in-memory distributed cache 3 Types of Cache: Azure Redis Cache (preview)Managed Cache ServiceIn-Role Cache (only for Cloud Services app)We recommend all new developments use the Azure Redis Cache!!! Learn more here: Azure Redis Cache (Preview)
40Redis Cache Service Full Functionality Redis Cache Cluster Master/Slave ConfigurationUp to 26GBSSL Supported
41distributed cache In-Role Cache (co-located) 300MB Web Roles300MB1.2GB Distributed Cache
44Cache Resources Integrating Cache within your app Redis CacheCache ServiceIn-Role CacheHow to Use In-Role Cache for Windows Azure CacheCache Capacity Planning Considerations:Capacity Planning for Windows Azure Cache ServiceIn-Role Cache Capacity Planning Considerations
46Windows Azure Traffic Manager Intelligently directs requests from users across instances of an app deployed in different Azure datacenterPolicy options:Performance: all requests sent to the closest datacenterFailover: all requests sent to specified datacenter, unless datacenter is not availableRound Robin: all requests equally spread across all datacentersSupport for external Endpoints (outside Azure)!!!!
48What Do We Mean by Media Services? Your Choice of Components for Building Custom Media Workflows in the Cloud (you only pay for what you use)Windows Azure Media Services“The Media Services team is working on a long list of upcoming blog updates for the week of the International Broadcasters Convention in Amsterdam starting on September 10th, so stay tuned for more details on our Live Streaming and Content protection services”…from John Deutscher is currently the Principal Program Manager Lead for Azure Media Services….IngestionEncodingContent ProtectionLiveStreamingOn-DemandStreamingAnalyticsAdvertisingFormat ConversionLive Streaming: currently in private previewAnalytics: will be rolled out as they become available
49Mobile Services Easily build cloud back-ends Data, identity, push notifications, and scheduled scriptsWindows Store, Windows Phone, iOS, and Android, Xamarin, …
51Cloud application Service bus relay App behind firewall Internet Windows AzureService bus relayCloud applicationInternetEnterpriseApp behind firewall
52Service Bus as primary option Service bus relayRequest/response and web service basedLeverage existing know-how & implementationDependent on availability/stability of networkService bus messaging, events, topicsLose way of integrationMore reliable – not dependent on network availabilityHigher implementation and coordiation efforts
53Service Bus Messaging R S R R Queue Load Balancing Multiple receivers compete for messages on the same queue (or subscription). Provides automatic load balancing of work to receivers volunteering for jobs.Observing the queue length allows to determine whether more receivers are required.
54Service Bus Messaging S R Topic Message Distribution SubService Bus MessagingMessage DistributionEach receiver gets its own copy of each message. Subscriptions are independent. Allows for many independent ‘taps’ into a message stream. Subscriber can filter down by interest.Constrained Message Distribution (Partitioning)Receiver get mutually exclusive slices of the message stream by creating appropriate filter expressions.
56Meaning of 9’sService Availability(%)System TypeAnnualized Down MinutesQuarterly Down MinutesMonthly Down MinutesPractical MeaningFAA rating90Unmanaged52,596.0013,149.004,383.00Down 5 weeks per year99Managed5,259.601,314.90438.30Down 4 days per yearROUTINE99.9Well managed525.96131.4943.83Down 9 hours per yearESSENTIAL99.99Fault tolerant52.6013.154.38Down 1 hour per year99.999High availability5.261.310.44Down 5 minutes per yearCRITICALVery high availability0.530.130.04Down 30 seconds per yearUltra availability0.050.01-Down 3 seconds per yearSAFETY CRITICALFrom Generic Requirements for Operation Systems Platform Reliability, Telcordia Technologies System Documentation,GR-2841-CORE andFederation Aviation Administration Handbook: Reliability, Maintainability, and Availability (RMA) Handbook, FAA-HDBK-006A, Jan 7, 2008.Service Level Agreemtents: