Embed Size (px)
Citation preview
David Pallmann GM Custom App Dev, Neudesic http://davidpallmann.blogspot.com @davidpallmann
1. General Cloud Computing Patterns 2. Patterns in the Windows Azure platform
Compute Storage Relational Database Communication Security Network
3. Cloud application patterns discussion Discussion / Q & A
Pu Pr Hy Ia Sa Pa Ps Su
Ro In Wo We Vr Lb Ep Ei
Bl Co Qm Qu En Ta Pk Rk Ep
Ds Db Rd Sg Fr Sh Fm Re
General
Compute
Storage
DB
Sb Sq To Fi Su Comm
Vn Rg Mg Network
Ip Rp Ts Tk Cl Security Ra
Cd Tm Rl Rf Rd
Ca
Pu Pr Hy Ia Sa Pa Ps Su
Cloud Types Cloud Levels of Use Platform
PUBLIC CLOUD
PRIVATE CLOUD
HYBRID CLOUD
INFRASTR. AS A SVCE
PLATFORM AS A SVCE
SOFTWARE AS A SVCE
PLATFORM SERVICE
SUBSCRIP- TION
Public Cloud Private Cloud Hybrid Cloud
Pu Pr Hy
Advanced data center, global presence On-demand, elastic scale, well-managed Multi-tenant, consumption-based pricing
Pu PUBLIC CLOUD
On-premises virtualization infrastructure Shares some characteristics of public cloud Upcoming Windows Server 8 is able to virtually pool and allocate compute, storage, network resources in a multi-tenant fashion
Pr
YOUR CLOUD INFRASTRUCTURE
PRIVATE CLOUD
Connect public cloud with private cloud Integrate via VPN or other means
Hy
YOUR CLOUD INFRASTRUCTURE
CLOUD VENDOR INFRASTRUCTURE
HYBRID CLOUD
Ia Sa Pa
“Bring Your Own VM“ “Bring Your Own App” “Bring Your Own User”
IaaS Raw Virtual Resources
PaaS App Services Platform
SaaS Just Use It
INFRASTR. AS A SVCE
PLATFORM AS A SVCE
SOFTWARE AS A SVCE
Service provided by the cloud platform Compute Service
Run your software in the cloud data center Most intimate level of cloud computing Other services generally usable in-cloud or on-prem
RESTful Services Most cloud services use HTTP REST Storage, Communication, Management, …
Interop Services Use a specific protocol for interop / compatibility Example: SQL Azure Database (TDS protocol)
Ps PLATFORM
SERVICE
Ongoing billing arrangement Consumption-based Services used have pricing meters Types
Month-to-month Term subscription Negotiated terms
Month-to-month is easy entry / easy exit without residual obligations Term or negotiated subscriptions can get you a discount in exchange for a commitment
Su SUBSCRIP-
TION
Compute Service
Storage Service
Blob Storage
Queue Storage
Table Storage
SQL Azure Database
SQL Azure Reporting
Cache Service
Service Bus
Windows Azure Traffic Manager
Access Control Service
SQL Azure Data Sync Service
SQL Azure Import Export Service
Windows Azure Connect
DataMarket
CDN
S
Ps PLATFORM
SERVICE
Fault domain Spreads out your redundant servers / storage across the data center so a large failure doesn’t take out all of your resources
Upgrade domain How patches or application updates are applied Upgrades parts of your application in sequence (“red black pattern”) to maintain availability
Du Df FAULT
DOMAIN UPGRADE DOMAIN
Upgrade Domain 2
Upgrade Domain 3
Upgrade Domain 1
Fault Domain 3 Fault Domain 2 Fault Domain 1
Role A Instance 1
Role B Instance 1
Role C Instance 1
Role B Instance 2
Role C Instance 2
Role A Instance 2
Role C Instance 3
Role A Instance 3
Role B Instance 3
Roles
Ro In Wo We Vr Lb Ep Ei Ca
Endpoints Cache
ROLE INSTANCE WEB ROLE
WORKER ROLE
VM ROLE
LOAD BALANCER
INPUT ENDPOINT
INTERNAL ENDPONIT
CACHE SERVICE
Your app, hosted in Compute service Consists of one or more tiers (“roles”) Production & Staging deployment slots
Hs
Production Deployment
Slot
Staging Deployment
Slot
Windows Azure Regional
Data Center Hosted Service Project
Subscription
Role: a tier of your app (VM farm) Instance: VM, member of a role (5 sizes) Role has one or more instances (2+ for SLA) VM instances are volatile, roles are sturdy (like ants : colony or soldiers : army, you can lose an individual but the organization survives)
In Ro
VM VM VM VM VM
ROLE INSTANCE
We
Configured with Windows Server, IIS & a public LB endpoint
Upload your app
PaaS
Managed Auto patched
Configured with Windows Server
Upload your app
PaaS Managed
Auto patched
You prepare a VM
Upload a full VM
IaaS You Manage
No auto-patching
Web Role Web Container
Worker Role General-purpose Container
VM Role VM Image
Vr Wo WEB ROLE
WORKER ROLE
VM ROLE
Allows access to a role Load balancer: round-robin Input (public) endpoint: public, load-balanced Internal endpoint: only accessible by cloud app
Ei Ep
VM VM VM VM VM
Lb LOAD
BALANCER INPUT
ENDPOINT INTERNAL ENDPOINT
Di Dp
HOSTED SERVICE
APPLICATION RUNTIME
FILES
Compute Service
SERVICE METADATA
HOSTED SERVICE
CUSTOM VM IMAGE
Compute Service
SERVICE METADATA
Paas Deployment IaaS Deployment PAAS DEPLOYMENT
IAAS DEPLOYMENT
VM VM VM
Web Role Com
pute Tier W
orker Role Compute Tier
Public Endpoint
Queue
VM VM VM
Cache Service Distributed Memory Cache Available in different sizes Same programming model as Windows Server Cache (“Velocity”)
Ca CACHE
SERVICE
Attendee Bee Conference App HTML5/Mobile ASP.NET/MVC web site hosted in a Web Role
Bl Co Qm Qu En Ta Pk Rk Ep
Blob Storage Queue Storage Table Storage
BLOB CONTAINER QUEUE MESSAGE
QUEUE TABLE ENTITY PARTITION KEY
ROW KEY
ENTITY PROPERTY
Ratio of primitive : relational data is frequently higher in the cloud Cheap: pennies per gigabyte/mo Scale: no practical size limit Simple: less complexity / overhead Lighter: optimistic concurrency Trendy: fueled by trends in cloud / mobile arch/ & movements like NoSQL
Bl
Use for anything you would normally use a
file for
For queuing task messages
Structured data where you don’t need
relational features
Blob Storage File-like
Queue Storage Simple queues
Table Storage Big, cheap tables
Ta Qu BLOB QUEUE TABLE
Blob: File-like storage Container: Holds blobs, like folder Name, data, metadata Sequential/streamed access Simple put/get operations Data stored with redundancy Provides persistence for VMs Directly reference blobs as URIs 2 kinds of blobs: block (sequential), page (random)
Co Bl BLOB CONTAINER
Queue: holds messages Messages small string or XML content Access semantics may differ from enterprise queue technologies you are used to Enterprise reasons to use queues also apply in the cloud Can use queues to load-balance workers Can use queues to coordinate work across roles Strict FIFO not guaranteed due to queue semantics
Qm Qu QUEUE QUEUE
MESSAGE
Big, cheap data tables Simple record-oriented storage Table: hold entities (records) Entity: contains properties (fields) Does not enforce a schema No relational features Partition Key + Row Key = a unique key
En Ta
Rk Pk En Ep Ep Ep :
TABLE ENTITY
ENTITY PARTITION KEY
ROW KEY
ENTITY PROPERTY
ENTITY PROPERTY
ENTITY PROPERTY
IMAGES
MEDIA CONTAINER
VIDEO XML
20 GB
1000 40 40
WEB ORDERS
ORDER QUEUE
PHONE ORDERS
COUNTRY (PK) CUSTOMER ID (RK) LAST NAME FIRST NAME STREET CITY STATE POSTAL PHONE EMAIL
CONTACTS TABLE
AttendeeBee Conference App Blob & Table Storage
Db Db Rd Sh Sg Fr Re Fm
Database Reporting Service
Data Sync Service
Federation Service
DATABASE SERVER
DATABASE REPORT DEFINITION
REPORT ENDPOINT
SYNC GROUP
SYNC HUB
FEDERATION ROOT
FEDERATION MEMBER
Db
Sql Azure Database Database Service
Sql Azure Reporting Reporting Service
SQL Azure Data Sync Synchronization Service
Sy
Rs
Sql Azure Federations Database Federation Service
Fr
DATABASE SERVICE
REPORT SERVICE
SYNC SERVICE FEDERATION
SERVICE
Relational DB as a service One master and two replicants, auto failover Physical management handled for you Has most SQL Server features but not all Size limit of 150GB Database Server: virtual DB server (actually 3) Database: database contained in a DB server
Db Ds DATABASE
SERVER DATABASE
DB reporting as a service Similar experience to SSRS Source is SQL Azure Database Use BIDS to create reports, RDF format Rd: report definition Re: web-accessible reporting endpoint
Re Rd REPORT
DEFINITION REPORT
ENDPOINT
1-way or bi-directional syncing SQL Azure to SQL Azure SQL Azure to SQL Server Hub and spoke model: all syncing is to and/or from the hub SQL Azure database Can trigger a sync manually or schedule Sync: Synchronization operation Sync group: Defines group of DBs for syncing Sync hub: the hub of the sync group
Sh Sg SYNC GROUP SYNC HUB
Database federation Partition or shard to multiple databases, have a “federation database” that looks like one DB Federation Root: federation root database Federation Member: member database
Fm Fr FEDERATION
ROOT FEDERATION
MEMBER
Accessing & Managing a SQL Azure Database
Sb Sq To Fi Su
Service Bus Service Bus Queues
SERVICE BUS
SERVICE BUS QUEUE
TOPIC SUBSCRIP- TION
FILTER
Using the cloud as a communication relay Navigates NATs, firewalls, proxies well Supports client-service, eventing/pub-sub messaging patterns Volatile (best effort) messaging
Sb SERVICE
BUS
Service Bus Queue: Durable messaging Topic: publish point for durable messaging Subscription: receiver of durable messaging Filter : criteria on which messages to receive
Sq
Su
To
Fi
SERVICE BUS QUEUE
TOPIC
SUBSCRIP- TION
FILTER
T-Shirt World Using a Service Bus Queue to Relay Orders for Processing
Vn Rg Mg
VPN Connection
Cd
CDN
Tm
Traffic Manager
Rl Rf Rd VIRTUAL
NETWORK ROLE
GROUP MACHINE
GROUP CONTENT DELIVERY NETWORK
TRAFFIC MANAGER
LOCALE-BASED ROUTING
FAILOVER ROUTING
DISTRIBUTED ROUTING
Windows Azure Connect Virtual Network: VPN connection between cloud and on-prem machines Role Group: indicates which roles are members of a virtual network Machine Group: indicates which on-prem machines are members of a virtual network
Vn
Mg
Rg
VIRTUAL NETWORK
ROLE GROUP
MACHINE GROUP
S
WEB ROLE
S
3
S
SQL SERVER DATABASE
Content Delivery Network CDN: Utilizes worldwide network of 24+ edge server to deliver content efficiently Often used for media Locale-directed DNS goes to nearest node to serve up cached content Content sources from blob storage or your hosted service
Cd CONTENT DELIVERY NETWORK
Windows Azure Traffic Manager Traffic Manager: Routes DNS access to your hosted service to one of several possible deployments based on rules Locale-based Routing: route to a deployment based on locale Failover Routing: route to a secondary if primary is not healthy (via a heartbeat) Distributed Routing: route based on a desired distribution across data centers
Tm
Rl
Rf
Rd
TRAFFIC MANAGER
LOCALE-BASED ROUTINE
FAILOVER ROUTING
DISTRIBUTED ROUTING
Ip Rp Ts
Claims-based Security
Tk Cl Ra IDENTITY
PROVIDER RELYING PARTY
SECURITY TOKEN
SERVICE
TOKEN CLAIM REDIRECTED AUTHENTICATION
Modern way to do AuthN/AuthZ Use with web identity, domain identity Identity Provider: Party providing security token with claims Relying Party: application that wants to authenticate/authorize user Security Token Service: how application/user authenticates (interactively or programmatically) Redirected Authentication: user visits app, user redirected to STS to sign in, redirected back to app with token
Ip
Ts
Rp
Ra
IDENTITY PROVIDER
RELYING PARTY
SECURITY TOKEN
SERVICE
REDIRECTED AUTHENTICATION
S
WEB ROLE
S
2+
Windows Azure
RP ACS
Yahoo!
Live ID
S
WEB ROLE
S
2+
Windows Azure
RP
ADFS
AD
Enterprise
Can “load balance” back end of worker roles using queues
Worker Role
Queue
Front end can submit tasks for the back end Both front end and back end can be scaled to accommodate load
Web Role
Worker Role
Q
Command/Query Responsibility Segregation Best for large implementations Separate read & write
WEB FARM CQRS-READS
PUBLIC CLOUD
WEB FARM CQRS-WRITES
CLUSTERED / PARTITIONED DB
FILES, QUEUES
RELATIONAL DATA
NON-RELATIONAL DATA
You probably don’t do the same amount of each Take advantage of lightweight read mechanisms Safer – avoid accidental updates/deletes
DECENTRALIZED BACK END
Business Services
Application
TABLET
CLOU
D
HETEROGENEOUS FRONT END
DESKTOP BROWSER
PHONE
Identity Services
IP
Data Stores
Platform Services
Directories
Partner Services
PARTNER
Data Stores
Attendee Bee Conference App Open, Mobile, Global, & Social
Pu Pr Hy Ia Sa Pa Ps Su
Ro In Wo We Vr Lb Ep Ei
Bl Co Qm Qu En Ta Pk Rk Ep
Ds Db Rd Sg Fr Sh Fm Re
General
Compute
Storage
DB
Sb Sq To Fi Su Comm
Vn Rg Mg Network
Ip Rp Ts Tk Cl Security Ra
Cd Tm Rl Rf Rd
Ca
David Pallmann GM Custom App Dev, Neudesic http://davidpallmann.blogspot.com @davidpallmann
Thanks!
![[Microsoft] Patterns & Practices - Building Hybrid Applications in the Cloud - On Windows Azure [2012]](https://img.dokumen.tips/doc/110x75/55cf9433550346f57ba047c1/microsoft-patterns-practices-building-hybrid-applications-in-the-cloud.jpg)