windows azure design patterns

Windows Azure Design Patterns

David PallmannGM Custom App Dev, Neudesichttp://davidpallmann.blogspot.com@davidpallmann

AGENDA

1. General Cloud Computing Patterns2. Patterns in the Windows Azure platform

ComputeStorageRelational DatabaseCommunicationSecurityNetwork

3. Cloud application patterns discussionDiscussion / Q & A

“Periodic Table” of Cloud PatternsPu Pr Hy Ia SaPa Ps Su

Ro In WoWe Vr Lb Ep Ei

Bl CoQm

Qu EnTa Pk Rk Ep

Ds Db Rd Sg FrSh FmRe

General

Compute

Storage

DB

Sb Sq To FiSuComm

Vn Rg MgNetwork

Ip Rp Ts Tk ClSecurity Ra

Cd Tm Rl Rf Rd

Ca

Part 1: General Cloud Patterns

Pu Pr Hy Ia SaPa Ps Su

Cloud Types Cloud Levels of Use Platform

PUBLIC CLOUD

PRIVATECLOUD

HYBRIDCLOUD

INFRASTR.AS A SVCE

PLATFORMAS A SVCE

SOFTWAREAS A SVCE

PLATFORMSERVICE

SUBSCRIP-TION

Public, Private, Hybrid Cloud

Public Cloud Private Cloud Hybrid Cloud

Pu Pr Hy

Public CloudAdvanced data center, global presenceOn-demand, elastic scale, well-managedMulti-tenant, consumption-based pricing

PuPUBLIC CLOUD

Private CloudOn-premises virtualization infrastructureShares some characteristics of public cloudUpcoming Windows Server 8 is able to virtually pool and allocate compute, storage, network resources in a multi-tenant fashion

Pr

YOUR CLOUD INFRASTRUCTURE

PRIVATECLOUD

Hybrid CloudConnect public cloud with private cloudIntegrate via VPN or other means

Hy

YOUR CLOUD INFRASTRUCTURE

CLOUD VENDORINFRASTRUCTURE

HYBRIDCLOUD

Ia SaPa

IaaS, PaaS, SaaS

“Bring Your Own VM“ “Bring Your Own App” “Bring Your Own User”

IaaSRaw Virtual Resources

PaaSApp Services Platform

SaaSJust Use It

INFRASTR.AS A SVCE

PLATFORMAS A SVCE

SOFTWAREAS A SVCE

Platform ServiceService provided by the cloud platformCompute Service

Run your software in the cloud data centerMost intimate level of cloud computingOther services generally usable in-cloud or on-prem

RESTful ServicesMost cloud services use HTTP RESTStorage, Communication, Management, …

Interop ServicesUse a specific protocol for interop / compatibilityExample: SQL Azure Database (TDS protocol)

PsPLATFORM

SERVICE

SubscriptionOngoing billing arrangementConsumption-basedServices used have pricing metersTypes

Month-to-monthTerm subscriptionNegotiated terms

Month-to-month is easy entry / easy exit without residual obligationsTerm or negotiated subscriptions can get you a discount in exchange for a commitment

SuSUBSCRIP-

TION

Part 2: Patterns Inherent in the Windows Azure Platform

Windows Azure ServicesCompute Service

Storage Service

Blob Storage

Queue Storage

Table Storage

SQL Azure Database

SQL Azure Reporting

Cache Service

Service Bus

Windows Azure Traffic Manager

Access Control Service

SQL Azure Data Sync Service

SQL Azure Import Export Service

Windows Azure Connect

DataMarket

CDN

S

PsPLATFORM

SERVICE

Fault & Upgrade DomainsFault domain

Spreads out your redundant servers / storage across the data center so a large failure doesn’t take out all of your resources

Upgrade domainHow patches or application updates are appliedUpgrades parts of your application in sequence (“red black pattern”) to maintain availability

DuDfFAULT

DOMAINUPGRADEDOMAIN

Fault Domains

& UpgradeDomains

UpgradeDomain 2

UpgradeDomain 3

UpgradeDomain 1

Fault Domain 3Fault Domain 2Fault Domain 1

Role AInstance 1

Role BInstance 1

Role CInstance 1

Role BInstance 2

Role CInstance 2

Role AInstance 2

Role CInstance 3

Role AInstance 3

Role BInstance 3

Compute Patterns

Roles

Ro In WoWe Vr Lb Ep Ei Ca

Endpoints Cache

ROLE INSTANCE WEBROLE

WORKERROLE

VMROLE

LOADBALANCER

INPUTENDPOINT

INTERNAL ENDPONIT

CACHESERVICE

Hosted ServiceYour app, hosted in Compute serviceConsists of one or more tiers (“roles”)Production & Staging deployment slots

Hs

ProductionDeployment

Slot

StagingDeployment

Slot

Windows Azure Regional

Data CenterHosted Service Project

Subscription

Roles & InstancesRole: a tier of your app (VM farm)Instance: VM, member of a role (5 sizes)Role has one or more instances (2+ for SLA)VM instances are volatile, roles are sturdy (like ants : colony or soldiers : army, you can lose an individual but the organization survives)

InRo

VM VM VM VM VM

ROLE INSTANCE

We

Web Role, Worker Role, VM Role

Configured with Windows Server, IIS &a public LB endpoint

Upload your app

PaaSManaged

Auto patched

Configured with Windows Server

Upload your app

PaaSManaged

Auto patched

You prepare a VM

Upload a full VM

IaaSYou Manage

No auto-patching

Web RoleWeb Container

Worker RoleGeneral-purpose Container

VM RoleVM Image

VrWoWEBROLE

WORKERROLE

VMROLE

EndpointsAllows access to a roleLoad balancer: round-robinInput (public) endpoint: public, load-balancedInternal endpoint: only accessible by cloud app

EiEp

VM VM VM VM VM

LbLOAD

BALANCERINPUT

ENDPOINTINTERNALENDPOINT

Deployment Patterns DiDp

HOSTED SERVICE

APPLICATION RUNTIME

FILES

Compute Service

SERVICE METADATA

HOSTED SERVICE

CUSTOM VM IMAGE

Compute Service

SERVICE METADATA

Paas Deployment IaaS Deployment PAASDEPLOYMENT

IAASDEPLOYMENT

ComputePatternsExample VM VM VM

Web Role Com

pute TierW

orker Role Compute Tier

Public Endpoint

Queue

VM VM VM

Cache ServiceCache ServiceDistributed Memory CacheAvailable in different sizesSame programming model as Windows Server Cache (“Velocity”)

CaCACHE

SERVICE

Windows Azure Compute

Attendee Bee Conference AppHTML5/Mobile ASP.NET/MVC web sitehosted in a Web Role

Demo

Storage Patterns

Bl CoQm

Qu EnTa Pk Rk Ep

Blob Storage Queue Storage Table Storage

BLOB CONTAINER QUEUEMESSAGE

QUEUE TABLE ENTITY PARTITIONKEY

ROWKEY

ENTITYPROPERTY

Primitive Storage vs. Database

Ratio of primitive : relational data is frequently higher in the cloudCheap: pennies per gigabyte/moScale: no practical size limitSimple: less complexity / overheadLighter: optimistic concurrencyTrendy: fueled by trends in cloud / mobile arch/ & movements like NoSQL

Bl

Blob, Queue, & Table Storage

Use for anything you would normally use a

file for

For queuing task messages

Structured data where you don’t need

relational features

Blob StorageFile-like

Queue StorageSimple queues

Table StorageBig, cheap tables

TaQuBLOB QUEUE TABLE

Blob StorageBlob: File-like storageContainer: Holds blobs, like folderName, data, metadataSequential/streamed accessSimple put/get operationsData stored with redundancyProvides persistence for VMsDirectly reference blobs as URIs2 kinds of blobs:block (sequential), page (random)

CoBlBLOB CONTAINER

Queue StorageQueue: holds messagesMessages small string or XML contentAccess semantics may differ from enterprise queue technologies you are used toEnterprise reasons to use queues also apply in the cloudCan use queues to load-balance workersCan use queues to coordinate work across rolesStrict FIFO not guaranteed due to queue semantics

QmQuQUEUE QUEUE

MESSAGE

Table StorageBig, cheap data tablesSimple record-oriented storageTable: hold entities (records)Entity: contains properties (fields)Does not enforce a schemaNo relational featuresPartition Key + Row Key = a unique key

EnTa

RkPkEn Ep Ep Ep:

TABLE ENTITY

ENTITY PARTITIONKEY

ROWKEY

ENTITYPROPERTY

ENTITYPROPERTY

ENTITYPROPERTY

Storage Examples

IMAGES

MEDIA CONTAINER

VIDEO XML

20 GB

1000 40 40

WEB ORDERS

ORDER QUEUE

PHONE ORDERS

COUNTRY (PK)CUSTOMER ID (RK)LAST NAMEFIRST NAMESTREETCITYSTATEPOSTALPHONEEMAIL

CONTACTS TABLE

Windows Azure Storage

AttendeeBee Conference AppBlob & Table Storage

Demo

Relational Data Patterns

Db Db Rd ShSg FrRe Fm

Database ReportingService

Data SyncService

FederationService

DATABASESERVER

DATABASE REPORTDEFINITION

REPORTENDPOINT

SYNCGROUP

SYNCHUB

FEDERATIONROOT

FEDERATIONMEMBER

Db

Relational Database Services

Sql Azure DatabaseDatabase Service

Sql Azure ReportingReporting Service

SQL Azure Data SyncSynchronization Service

Sy

Rs

Sql Azure FederationsDatabase Federation Service

Fr

DATABASESERVICE

REPORTSERVICE

SYNCSERVICE FEDERATION

SERVICE

SQL Azure DatabaseRelational DB as a serviceOne master and two replicants, auto failoverPhysical management handled for youHas most SQL Server features but not allSize limit of 150GBDatabase Server: virtual DB server (actually 3)Database: database contained in a DB server

DbDsDATABASE

SERVERDATABASE

SQL Azure ReportingDB reporting as a serviceSimilar experience to SSRSSource is SQL Azure DatabaseUse BIDS to create reports, RDF formatRd: report definitionRe: web-accessible reporting endpoint

ReRdREPORT

DEFINITIONREPORT

ENDPOINT

SQL Azure Data Sync1-way or bi-directional syncingSQL Azure to SQL AzureSQL Azure to SQL ServerHub and spoke model: all syncing is to and/or from the hub SQL Azure databaseCan trigger a sync manually or scheduleSync: Synchronization operationSync group: Defines group of DBs for syncingSync hub: the hub of the sync group

ShSgSYNC GROUP SYNC HUB

SQL Azure FederationsDatabase federationPartition or shard to multiple databases, have a “federation database” that looks like one DBFederation Root: federation root databaseFederation Member: member database

FmFrFEDERATION

ROOTFEDERATION

MEMBER

Database Service

Accessing & Managing a SQL Azure Database

Demo

Communication Patterns

Sb Sq To FiSu

Service Bus Service Bus Queues

SERVICEBUS

SERVICE BUSQUEUE

TOPIC SUBSCRIP-TION

FILTER

Service BusUsing the cloud as acommunication relayNavigates NATs, firewalls, proxies wellSupports client-service, eventing/pub-sub messaging patternsVolatile (best effort) messaging

SbSERVICE

BUS

Service Bus QueuesService Bus Queue: Durable messagingTopic: publish point for durable messagingSubscription: receiver of durable messagingFilter : criteria on which messages to receive

Sq

Su

To

Fi

SERVICE BUSQUEUE

TOPIC

SUBSCRIP-TION

FILTER

Service Bus

T-Shirt WorldUsing a Service Bus Queue toRelay Orders for Processing

Demo

Networking Patterns

Vn Rg Mg

VPN Connection

Cd

CDN

Tm

Traffic Manager

Rl Rf Rd

VIRTUALNETWORK

ROLEGROUP

MACHINEGROUP

CONTENTDELIVERYNETWORK

TRAFFICMANAGER

LOCALE-BASEDROUTING

FAILOVERROUTING

DISTRIBUTEDROUTING

VPN ConnectionWindows Azure ConnectVirtual Network: VPN connection between cloud and on-prem machinesRole Group: indicates which roles are members of a virtual networkMachine Group: indicates which on-prem machines are members of a virtual network

Vn

Mg

Rg

VIRTUALNETWORK

ROLEGROUP

MACHINEGROUP

Windows Azure Connect ExampleASP.NET web site in the cloud accessing on-prem SQL Server DB

S

WEB ROLE

S

3

S

SQL SERVER DATABASE

CDNContent Delivery NetworkCDN: Utilizes worldwide network of 24+ edge server to deliver content efficientlyOften used for mediaLocale-directed DNS goes to nearest node to serve up cached contentContent sources from blob storage or your hosted service

CdCONTENTDELIVERYNETWORK

Traffic ManagerWindows Azure Traffic ManagerTraffic Manager: Routes DNS access to your hosted service to one of several possible deployments based on rulesLocale-based Routing: route to a deployment based on localeFailover Routing: route to a secondary if primary is not healthy (via a heartbeat)Distributed Routing: route based on a desired distribution across data centers

Tm

Rl

Rf

Rd

TRAFFICMANAGER

LOCALE-BASEDROUTINE

FAILOVERROUTING

DISTRIBUTEDROUTING

Security Patterns

Ip Rp Ts

Claims-based Security

Tk Cl Ra

IDENTITYPROVIDER

RELYINGPARTY

SECURITYTOKEN

SERVICE

TOKEN CLAIM REDIRECTEDAUTHENTICATION

Claims-based SecurityModern way to do AuthN/AuthZUse with web identity, domain identityIdentity Provider: Party providing security token with claimsRelying Party: application that wants to authenticate/authorize userSecurity Token Service: how application/user authenticates (interactively or programmatically)Redirected Authentication: user visits app, user redirected to STS to sign in, redirected back to app with token

Ip

Ts

Rp

Ra

IDENTITYPROVIDER

RELYINGPARTY

SECURITYTOKEN

SERVICE

REDIRECTEDAUTHENTICATION

Claims-based SecurityWeb Identity

S

WEB ROLE

S

2+

Windows Azure

RP ACS

Google

Yahoo!

Live ID

Claims-based SecurityDomain Identity

S

WEB ROLE

S

2+

Windows Azure

RP

ADFS

AD

Enterprise

Part 3: Cloud Application Patterns

Competing ConsumersCan “load balance” back end of worker roles using queues

Worker Role

Queue

Use Queues to Coordinate RolesFront end can submit tasks for the back endBoth front end and back end can be scaled to accommodate load

Web Role

Worker Role

Q

CQRS PatternCommand/Query Responsibility SegregationBest for large implementationsSeparate read& write

WEB FARM CQRS-READS

PUBLIC CLOUD

WEB FARM CQRS-WRITES

CLUSTERED / PARTITIONED DB

FILES, QUEUES

RELATIONAL DATA

NON-RELATIONAL DATA

You probably don’t do the same amount of eachTake advantage of lightweight read mechanismsSafer – avoid accidental updates/deletes

Modern Web Solutions“Connected Devices, Continuous Services”

HTML5 M

OBILE

SOCIA

L CLOUD

Modern Web ApplicationDECENTRALIZED BACK END

Business Services

Application

TABLET

CLOU

D

HETEROGENEOUS FRONT END

DESKTOPBROWSER

PHONE

Identity Services

IP

Data Stores

Platform Services

Directories

PartnerServices

PARTNER

Data Stores

Modern Web Application

Attendee Bee Conference AppOpen, Mobile, Global, & Social

Demo

Discussion – Cloud PatternsPu Pr Hy Ia SaPa Ps Su

Ro In WoWe Vr Lb Ep Ei

Bl CoQm

Qu EnTa Pk Rk Ep

Ds Db Rd Sg FrSh FmRe

General

Compute

Storage

DB

Sb Sq To FiSuComm

Vn Rg MgNetwork

Ip Rp Ts Tk ClSecurity Ra

Cd Tm Rl Rf Rd

Ca

Windows Azure Design Patterns

David PallmannGM Custom App Dev, Neudesichttp://davidpallmann.blogspot.com@davidpallmann

Thanks!