2. Windows Azure Cloud & Building Block Services Haishi Bai Technical Evangelist Microsoft

3. Introduction of Windows Azure Cloud Service Windows Azure Cloud Service Lifecycle Dedicated cache Windows Azure showcase Agenda

4. Azure ecosystem Caching Access Control Service Bus CDN Traffic Manager HPC Storage Media Services SQL Database

5. Azure ecosystem Gallery SPA Social N-TierLOB Web API Specialized Legacy Hybrid Caching Access Control Service Bus CDN Traffic Manager HPC Storage On-prem Media Services SQL Database

6. Azure ecosystem GallerySocial N-Tier Sharing LOB Specialized Legacy Hybrid Caching Access Control Service Bus CDN Traffic Manager HPC Storage On-prem Media Services SQL Database

7. Azure ecosystem Gallery SPA Social Sharing LOB Web API Specialized Caching Access Control Service Bus CDN Traffic Manager HPC Storage Media Services SQL Database

8. Cloud Service Overview

9. Why Cloud Service?

10. What is a Cloud Service? Web RoleWorker Role VM Role

11. What Can It Run?

12. All features of a worker role + IIS 7 or 7.5 ASP.NET 2.0 3.5 SP1 or 4.0 Hosts Webforms or MVC FastCGI applications (e.g. PHP) Multiple Websites Http(s) Web/Worker Hybrid Can optionally implement RoleEntryPoint

13. Queue Polling Worker Poll and Pop Messages within while(true) loop E.g. Map/Reduce pattern, background image processing Listening Worker Role Create TcpListener or WCF Service Host E.g. Run a.NET SMTP server or WCF Service External Process Worker Role OnStart or Run method executes Process.Start() Startup Task installs or executes background/foreground process Custom Role Entry Point (executable or.Net assembly) E.g. Run a database server, web server, distributed cache

14. All roles may extend RoleEntryPoint Roles report status via RoleEnvironment

15. At runtime each Role will execute on one or more instances A role instance is a set of code, configuration, and local data, deployed in a dedicated VM Roles are defined in a Hosted Service A role definition specifies: Virtual machine size Communication endpoints Local storage resources etc.

16. Roles and Instances Web RolesWorker Roles

17. 99.95% Uptime Guarantee Requires 2 or more instance per role Role instance are isolated by fault domain Fault domains isolate VMs Fault domains provide redundancy At least two fault domains per role

18. Roles and Instances Example role with nine virtual machines distributed across three fault domains

20. Cloud Service – inter-role communication Input Endpoint Load-balanced HTTP/HTTPS/TCP/UDP Internal Endpoint Not load-balanced HTTP/TCP/UDP/ANY Instance Input Endpoint Route traffic to specific instance based on port TCP/UPD Other options Queue Storage Database …

22. Demo

25. Cloud Service Lifecycle

26. Windows Azure Services are described by two artifacts: Service Definition (*.csdef) Service Configuration (*.cscfg) Your code is zipped and packaged with definition (*.cspkg) Encrypted(Zipped(Code + *.csdef)) == *.cspkg Windows Azure consumes just (*.cspkg + *.cscfg)

27. Startup tasks Install software and features Configure host environment Start processes Remote Desktop support Certificate used to enable remote desktop access Endpoints Public endpoints Internal endpoints InstanceInput endpoints Runtime Settings

28. Packaging & Deployment

29. Application Upgrade Strategies

31. Demo

32. Cloud service lifecycle – Simplistic view

33. Cloud service lifecycle - Agile

34. Team Foundation Service Governance/Guidance over complete software lifecycle Integrated with Visual Studio, and now Azure Management Portal Support different methodologies and processes Source repository with gated check-in Continuous integration with auto-build Integrated bug tracking

36. Demo

37. Role Instance Starts Diagnostic Monitor Starts Monitor is configured Imperatively at Start time Remotely any time Configuration is saved in Storage Monitor buffers data locally User can set a quota (FIFO) User initiates transfer to storage from local buffer Scheduled On Demand

38. Demo

39. Application building blocks

41. What’s dedicated cache? Use spare memory on your VMs as high- performance cache Distributed cache cluster co-located with existing roles, or use dedicated roles Named caches with high availability option Notifications Support Memcached protocol

42. Why dedicated cache? Faster No external service calls (additional network hops) Co-located in roles Cheaper No external service calls (additional cost) Use spare memory that you already paid for More reliable Your service is running = cache is available No throttling as in cotenant environment

44. Demo

45. Memcached support Host a Memcached cluster in Work Roles Access a Memcached cluster from Web/Worker Roles Memcached Shim Memcached Client Memcached Shim Memcached Server

47. Demo

48. Application building blocks

49. Cloud/On-Premise Integration Cloud-Hosted, reliable asynchronous Messaging Infrastructure with Publish/Subscribe Cloud-Based Relay enabling NAT/Firewall Traversal for reach into on-premises assets

50. Relay Connect from/to machines anywhere on the planet.

51. Messaging Queue Asynchronous communication Offline processing Load-balancing Topic & Subscription Asynchronous communication Publish/Subscription pattern Message routing

53. Demo

54. Application building blocks

55. Security challenge Authentication Authorization User store Management UI Forget password? Customer support Data protection Integration with AD LDAP User mapping Synchronization Integration With Facebook More User mapping Facebook Auth API More Synchronization

56. Solution: Claim-based architecture

57. Digital identity in a nutshell ACSWIF IdP

58. AC S

60. Demo

61. Application building blocks

63. Summaries

64. Contact me