making sense of windows azure and the azure services platform
DESCRIPTION
Making sense of Windows Azure and the Azure Services Platform. Simon Davies. Microsoft [email protected]. Software or Service?. Security & Privacy Customisability Visibility & Control Data accessibility . Global reach Ease of provisioning - PowerPoint PPT PresentationTRANSCRIPT
Global reach Ease of provisioning Business agility Deployability & manageability
Security & Privacy Customisability Visibility & Control Data accessibility
Software or Service?
+Extending tools and platform to cloud
Experience across multiple devicesBest-in-class SLAs and IT governance
Services
Software Best of both worlds
User in controlDeployment choices for IT
“It's a balance of the client and cloud together that makes for the most effective applications and the best development” Adobe Chief Technology Officer Kevin Lynch, quoted 17th Nov 2008 on www.news.com
We're only seeing the beginnings of how online applications are going to work in a world where most of the time you're online, but sometimes you're on a plane or somewhere without internet access. A good example of a 'client application' is iTunes, something that lives on your computer but works hand-in-hand with an internet component, so is sort of a hybrid”
Steven Levy – Wired, quoted 17th Nov 2008 in The Independent
Software + Services
Our Approach to Services
Extend Your Existing Investments Familiar tools, languages, and frameworks with .NET and
Visual StudioProvides the choice to build on-premises, cloud, or hybrid
solutionsIntegrate with existing assets such as AD and premises
applications
Base it on Internet StandardsMultiple protocol support including HTTP, REST, SOAP,
AtomPubBroad investment in open, community-based access to Azure
services
Provide a Flexible Services Platform with Internet ScaleSimple scenarios are simple – complex scenarios are possible
Services hosted in Microsoft’s data centersDesigned for high availability & scalability
Azure™ Services Platform
Azure™ Services Platform
“An Operating System For The Cloud”
1. Computation2. Storage3. Service Management4. Developer Experience
Demo
Azure™ Services Platform
Extending .NET technologies to the cloud Open and accessible
REST, SOAP, RSS, AtomPub, … Class libraries for Java,Ruby, …
Easy-to-use from .NET – skills move forward
Initial focus on three key developer challenges Application integration Access control in a federated world Application extensibility
.NET Services
Key developer challenges Want to make it easy and secure for
partners to use your application Don’t always know the characteristics or
scale of the integration Partners / customers / users have devices
and services running behind firewalls Approach
Provide a high-scale, high-available “Service Bus” that supports open Internet protocols
Service Bus
[http|sb]://servicebus.windows.net/services/account/svc/…
Service Registry
Rootservicebus.windows.
netservice
s
account
contoso
…
svc
Service Registry Root
Multi-Tenant
The service registry provides a mapping from URIs to services
Two key capabilities Relay Direct connect
Relay Ensure applications connect Available to all via the service registry
Direct connect Uses the relay to establish communication Then shortcuts for efficiency
Available via HTTP / REST / ATOM Available in .NET via WCF Bindings
Connectivity
Relay
sb://servicebus.windows.net/services/user/service/endpoint
One-Way Connection
Sender Receiver
Outbound SSL-Secured TCP 828Connection to Relay Rendezvous
Endpoint
One-Way Messages
through TCP Tunnel
Relay
sb://servicebus.windows.net/services/user/service/endpoint
Direct Connections
Sender Receiver
- Outbound SSL-Secured TCP 828
Connection to Relay - Out-of-Band Protocol to
negotiate Direct Connection
Upgrade to Direct when
possible
Relay
Multicast Publish/Subscribesb://servicebus.windows.net/services/user/service/
endpoint
Sender Receiver
Outbound SSL-Secured TCP 828Connection to Relay Rendezvous
Endpoint
One-Way Messages
through TCP Tunnel Receiver
ReceiverReceiver
Demo
.Net Services ServiceBus
Service Registry Relay and direct connect
connectivity Publish/Subscribe Integrated with Access Control
services
Service Bus Summary
Key developer challenges Many identity providers, many vendors, many
protocols, complex semantics – tricky to get right Application strewn with one-off access logic Hard to get right, not agile, not compliant, many
dead ends Approach
Automate federation for a wide-range of identity providers and technologies
Factor the access control logic from the application into manageable collection of rules
Easy-to-use framework that ensures correct token processing
Access Control
Access Control Interactions
Your Access Control Project(a hosted STS)
Relying Party
(Your App)
2. Send Claims4. Send Token
(output claims from
3)
5. Send Messagew/token
0. Certificate exchange; periodically refreshed
Requestor(Your
Customer)
1. Define access control rules for a
customer
6.Claims checked
in Relying Party
3. Map input claims to output claims based on access control rules
Use the web site or web APIs… Define and manage application scopes
Delegate access to scopes Define and manage access control rules
Rules are defined within an application scope
Rules can be chained; e.g. bob manager and manager allowed
Simple model: the output security token is a collection of claims based on the claims in the incoming token
Define and manage claim types Define and manage signing and
encryption keys Standards compliant – works with Java,
Ruby, …
Hosted Security Token Service
Key developer challenges Want to easily describe long-running processes Want modularity and nesting Easy to describe but in practice harder to run
Hosting and scaling can be challenging Setup and installing, define scale-out approach,
ensure long-running availability, manage upgrades, …
Approach .NET 3.0/3.5/4.0 addresses key developer
requests .NET Services makes it easy to deploy, manage
and run Workflows
Workflow
WF Runtime
Easily describe coordinated work with minimal ceremony
Tools/Designers Activity Library Runtime Hosts
Windows Workflow FoundationTooling
VS Designer VS Debugger
Rehosted Designer
WorkflowActivity Library
IIS/WAS+“Dublin”
WorkflowService
your.exe“Direct”
Hosts
A portal at workflow.ex.azure.microsoft.com New activities for the Azure Services Platform APIs that allow you to deploy, manage, and
run your workflows on the cloud Enables you to orchestrate services
Connect to services in your enterprise anywhere on the Internet – uses the connectivity services
Give you partners and customer access – uses the access control services
Workflow Service – Overview A reliable, scalable off-premises host for
workflows
Demo
.Net Services Workflow
Execute Workflows with high availability Design Workflows using existing tools Easily deploy and manage Workflows Portal for easy access Management APIs for rich automation
Workflow Service Summary
SQL ServicesExtending the SQL data platform to the cloud
Data Services tier of the Azure Services Platform
Extends Data Platform to Cloud Rich data platform services
Data Mining
SQL DataService
ETLReference Data ReportingData
Sync
Data Warehouse
Business Grade Quality of Service• Highly available and fully
redundant • Business ready SLA• Operational excellence• Flexible authentication and
authorization• Consumption based billing
SQL Data ServicesThe Database in the CloudSQL Data Services• Internet based database service
• Relational query processing• Transactional consistency and
concurrency support• Flexible data model• Built on proven SQL Server
technologies
Service Interop:• HTTP Based Web Service• Standards Compliant:
• REST, SOAP, APP
SQL Data ServicesEnabling ApplicationsExtend to Cloud• Integrate with existing solutions• Data Platform solutions scale to cloud
Low friction deployment and scaling• Pay as you go scaling• Don’t need to provision to peak demand
Create secure data hubs• Secure access and movement of structured data• Across devices, locations, partners
0
100
200
300
400
500
600
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24
% o
f Ini
tial C
apac
ity
Months
Planned vs. Required Capacity
SQL Data ServicesDeveloper ExperienceInterop and Choice• Access SQL Services with standard protocols and
formats• REST, SOAP, HTTP, etc.
Community Based Libraries and Examples• Ruby, PHP, Java, …• Ruby Active Resource
Rich Tooling• Familiar tooling experience with Visual Studio• Leverage skills to extend to Cloud
See: http://github.com/sdsteam
AppsDevices DataSync
Communication And PresenceIdentity
Directory Search And Geospatial
Users
Foundation: Cloud at the core Identity: People, devices, and
applications Data: Universal representation Devices: Topology and
management Sync: Bring data closer to users
and apps Sharing: Distribute data among
users State: Complete awareness Comms: Seamless connections
The Hard Problems
Application Types
Bring exciting new devices into the Mesh, integrate with core infrastructure and experience
Seamlessly integrate social applications across invites, news feeds, local devices experiences, and more
Take your web application and content to the client, enable a rich and seamless offline experience
Service-enable client applications, make them Mesh-aware, enable multi-user sharing-based experiences
World of Devices
Social and Community
Sites
Client-to-the Web
Web-to-the Client
Demo
Live Framework
Three things to remember Makes S+S possible: Azure
Services platform puts scalable service applications in the reach of most developers
This is a Community Technology Preview: We’re looking for customer and partner feedback
It’s not OR it’s AND: Run some applications locally, extend some to the cloud, and some all in the cloud. It isn’t about everything being in the cloud
Register for Services accounts at http://www.azure.com/register
Download the SDKs http://www.azure.com/sdk
Learn more and get involved http://www.azure.com/community
Resources