c fowler azure-dojo

Migrating an Application to

Windows Azure

Cloud Dojo

Cory Fowler Consultant, ObjectSharp Microsoft MVP, Windows Azure @SyntaxC4 http://blog.syntaxc4.net gettag.mobi

I’m all in.

Starter Site: Nerd Dinner

ASP.NET MVC

SQL Server

Entity Framework

IIS

Resulting Site: Nerd Dinner

ASP.NET MVC

SQL Azure

Entity Framework

Windows Azure

Windows Identity Foundation

A Quick word on Tools

Alright, Let’s do this…

Windows Azure!!!

Windows Azure Compute

JIT Knowledge

A Hosted Service is a container for an Application.

An Application must consist of at least one Role.

A Role is Scalable to meet the demand of traffic.

Ro

le

Web Ro

le

Worker Ro

le

VM ASP.NET

WCF

Fast CGI

Emulates IIS

Long Running Process

Emulates Windows Services

Windows Server 2008 R2

Customized Guest OS

Web Site

Web Site Web Site

Web Site Back-End Services

Admin Site

Application Roles

[Web Role] [Worker Role] [VM Role]

Convert your Web Application

To a Web Role

Add Cloud Project

1. Right-Click on Solution File.

2. Hover over Add Menu Item.

3. Click New Project.

4. Select your Language of Choice.

5. Select Cloud.

6. Name your Project and hit OK.

Azurify your Web Application

1. Right-Click on Web Project

2. Click Manage NuGet Packages

3. Filter using Azure Web Role

4. Install Windows Azure Web Role

Or

1. Open Package Manager Console

2. Type

Install-Package WindowsAzure.WebRole

-ProjectName NerdDinner PM>

Associate your Web & Cloud Projects

1. Right-Click on Roles Folder in Cloud Project. 2. Click Web Role Project in Solution. 3. Select the Nerd Dinner Project from the

Dialog. 4. Click OK.

What did I just do…?

JIT Knowledge

Cloud Configuration

ServiceDefinition.csdef [Life-Time]

ServiceConfiguration.cscfg [Modifiable]

<?xml version="1.0" encoding="utf-8"?> <ServiceDefinition name="ExploringServiceDefinition" xmlns="http://schemas.microsoft.com/ServiceHosting/2008/10/ServiceDefinition"> <WebRole name="" vmsize="ExtraSmall" enableNativeCodeExecution="true"> <!-- ... --> </WebRole> <WorkerRole name="" vmsize="ExtraSmall"> <!-- ... --> </WorkerRole> <VirtualMachineRole name="" vmsize="ExtraSmall"> <!-- ... --> </VirtualMachineRole> </ServiceDefinition>

Service Definition

Service Configuration

<ServiceConfiguration serviceName="NerdDinner.Cloud" xmlns="http://schemas.microsoft.com/ServiceHosting/2008/10/ServiceConfiguration" osFamily="2" osVersion="*"> <Role name="MvcWebRole1"> <Instances count="1" /> <ConfigurationSettings> <Setting name="Microsoft.WindowsAzure.Plugins.Diagnostics.ConnectionString" value="UseDevelopmentStorage=true" /> </ConfigurationSettings> </Role> </ServiceConfiguration>

WebRole.cs public class WebRole : RoleEntryPoint

{

// Included in Both Web and Worker Role Template

public override bool OnStart()

{

RoleEnvironment.Changing += RoleEnvironmentChanging;

return base.OnStart();

}

// Included in Worker Role Template - Still available in Web Role but needs to be overridden

public override void Run() { base.Run(); }

// Not Included but available in Web and Worker Roles

public override void OnStop() { base.OnStop(); }

// Is not generated ANYWHERE but SHOULD be Implemented

private static void RoleEnvironmentChanging(object sender, RoleEnvironmentChangingEventArgs e)

{

// If a configuration setting is changing

if (e.Changes.Any(change =>

change is RoleEnvironmentConfigurationSettingChange))

e.Cancel = true; // Set e.Cancel to true to restart this role instance

}

}

Prepare your Database

For SQL Azure

SQL Azure

Feature Set

Web Edition Business Edition

1GB, 5GB 10-50GB

Data Types XML, Sparse Columns, Filestream

Partitions Full-text indexes SQL-CLR

Tables, indexes and views

Stored Procedures

Triggers

Constraints

Table variables, session temp tables (#t)

Spatial types, HierarchyId

Attach NerdDinner Database

1. Open SQL Server Management Studio (SSMS)

2. Connect to .\SQLExpress

3. Right-Click on Databases

4. Click Attach…

5. Find NerdDinner.mdf in App_Data

6. Click OK

Generate Scripts for SQL Azure

1. Right-Click Attached NerdDinner Database

2. Click Tasks

3. Click Generate Scripts…

4. Change Database Engine Type to

SQL Azure

5. Click OK

6. Click Finish

https://<servername>.database.windows.net [SSMS]

Connect to SQL Azure

Create SQL Azure Database New-SqlAzureServer -SubscriptionId -Certificate -AdministratorLogin -AdministratorLoginPassword -Location

1. Sign in to Windows Azure Portal 2. Open SQL Azure Section 3. Create Server

a) Select Region b) Create Administration Credentials c) Add Firewall Rules

4. Create Database a) Enter Database name b) Click OK

5. Copy Connection String from Properties

Powershell for Firewall Rules: http://bit.ly/qCvdpN

Run the NerdDinner Scripts

1. Open [ File | Script ] NerdDinner.sql

2. Execute Script

Cloud Aware Configuration

Get it on GitHub: http://bit.ly/r7Hvj0

web .config

Cloud Service .cscfg

ConnectionStringResolver .Create() .WithCloudConnectionStringName ("NerdDinnerEntities") .WithLocalConnectionStringName ("NerdDinnerEntities") .ConnectionString

A Quick Note on Data Migration

DTS Wizard (SSIS) http://bit.ly/gzLsl9 BCP Utility http://bit.ly/bQdAIn Import/Export [Blog on Import/Export CTP]

SQL Azure Data Sync

Tools

What About AuthN?

Claims Based Windows Azure Storage SQL Azure

SQL Membership Approach

Remember aspnet_regsql?

Download the Updated SQL Azure supported Scripts

http://bit.ly/gB5DIt

PM> Install-Package System.Web.Providers

Windows Azure Storage

Account Container Item

BLOB Storage

TABLE Storage

QUEUE[S] Storage

http[s]://account.*.core.windows.net

NerdDinner images

videos Blobs

NerdDinner

NerdDinner

locations

dinners Entities

rsvp

resize Messages

Windows Azure Storage Membership Approach

** Experimental **

Download ASP.NET Samples: http://bit.ly/pEguoW

<membership defaultProvider="TableStorageMembershipProvider"> <providers> <clear />

<add name="TableStorageMembershipProvider“ type="Microsoft.Samples.ServiceHosting.AspProviders.TableStorageMembershipProvider" description="Membership provider using table storage" applicationName="/" enablePasswordRetrieval="false" enablePasswordReset="true" requiresQuestionAndAnswer="false" minRequiredPasswordLength="1" minRequiredNonalphanumericCharacters="0" requiresUniqueEmail="true" passwordFormat="Hashed" allowInsecureRemoteEndpoints="true" />

</providers> </membership>

Claims Based Authentication

Windows Azure Access Control Service

ACS (v2.0) enables AuthN with: Active Directory Federation Service [ADFS] Facebook Google LiveID Yahoo! WS-Fed WS-Trust

How Does Claims Based AuthN Work?

JIT Knowledge

Access Control Services Customer

3. Send claims

Google ID Application

0.2 No Auth

0.3 Redirect to provider

Application 6. Send identity

Claims Framework

Your App

7. Consume identity

4. Normalize identity

Access Control Services

Customer

ACS Friendly AuthN Screen Changing this…

Into this…

Create Access Control Namespace

1. Open the Windows Azure Platform Portal 2. Select Service bus, Access Control & Caching from the lower

left-hand menu 3. Click New 4. Ensure Access Control is selected

5. Provide a Namespace for your AppFabric Endpoint

6. Click Check Availability 7. Select a Region 8. Click Create Namespace 9. Click on Manage Access Control Service

Add an Identity Provider

1. Select Identity Provider (IP) i. Google ii. Yahoo!

2. Click Next 3. Add path to IP Logo 4. Click Save

Create Relying Party Application

1. Enter Name 2. Enter Realm [localhost is allowed] 3. Enter Return URL [localhost is allowed] 4. Select SAML 1.1 5. Select Identity providers

i. Google ii. Windows Live

6. Select Create new rule group 7. Select Use service namespace certificate

Enable Claims-Based AuthN

1. In Visual Studio. Tools > Add STS Reference 2. Ensure the Web.config location is correct 3. Enter the Application Url

Requires Windows Identity Foundation SDK

4. Select Use an existing STS 5. Login to Windows Azure Portal 6. Navigate to ACS Menu 7. Select AppFabric endpoint 8. Click manage ACS Service 9. Click on Application integration 10. Select & Copy WS-Federation Metadata Url 11. Switch back to Federation Utility 12. Paste Endpoint in Textbox 13. Next through the remainder of the Tool.

Enable Claims-Based AuthN

MVC WS-Federation Fix

<httpRuntime requestValidationType= "SyntaxC4.WindowsAzure.ACSManagement.Mvc.WsFederationRequestValidator" />

PM> Install-Package SyntaxC4.WindowsAzure.ACSManagement.Mvc

Include WIF in cspkg

Copy Local = True isn’t enough in this case

Specific Version must be False

Home Realm Discovery Wrapped Up!

public ActionResult LogOn() { var manager = new ACSServiceManager("nerddinnerc4", "http://127.0.0.1:81/"); IIdentityProvider[] providers = manager.GetIdentityProviders<IdentityProvider>(); return View(providers); }

PM> Install-Package SyntaxC4.WindowsAzure.ACSManagement

Home Realm Discovery is the act of retrieving a list of the Identity Providers that are available to your application.

Create a Custom Login Screen

<ul class="login"> <% foreach (var ip in Model) { %> <li class="login-item">

<object data="<%: ip.ImageUrl %>" onclick="javascript:location.href='<%: ip.LoginUrl %>'"> <a href="<%: ip.LoginUrl %>" class="login-item-link"> <%: ip.Name %></a> </object> </li>

<% } %> </ul>

To the Cloud!

Publish to Windows Azure 1. Right-Click on Cloud Project 2. Select Publish… 3. Select <Add…> from Credentials Dropdown list

a) Give Certificate a Friendly Name b) Copy Certificate Path c) Upload Certificate to Management Portal d) Paste SubscriptionId into dialog

4. Select Deployment Environment 5. Select Storage Account 6. Select Cloud Service

Configuration 7. Select Release Build

Configuration 8. Click Publish

Dinner Time!

Next Steps…

Geo-Distributed with

Traffic Manager

Decrease Latency with Windows Azure CDN

Phone App?

Cloudy Reading

Resources

Blog http://blog.syntaxc4.net

GitHub http://github.com/syntaxc4

Windows Azure Platform Training Kit http://bit.ly/jXfyyD

Windows Azure Powershell Cmdlets http://bit.ly/m75gEc

Windows Azure Tools http://bit.ly/miooC4

Cloud Cover Show http://bit.ly/g4nQbT

Essential Resources for Windows Azure http://bit.ly/efmzGo