370 likes | 520 Vues
Making sense of Windows Azure and the Azure Services Platform. Simon Davies. Microsoft sdavies@microsoft.com. Software or Service?. Security & Privacy Customisability Visibility & Control Data accessibility . Global reach Ease of provisioning
E N D
Making sense of Windows Azure and the Azure Services Platform Simon Davies Microsoft sdavies@microsoft.com
Software or Service? Security & Privacy Customisability Visibility & Control Data accessibility Global reach Ease of provisioning Business agility Deployability & manageability
Software • Best of both worlds • User in control • Deployment choices for IT + Services • Extending tools and platform to cloud • Experience across multiple devices • Best-in-class SLAs and IT governance
Software + Services “It's a balance of the client and cloud together that makes for the most effective applications and the best development” Adobe Chief Technology Officer Kevin Lynch, quoted 17th Nov 2008 on www.news.com We're only seeing the beginnings of how online applications are going to work in a world where most of the time you're online, but sometimes you're on a plane or somewhere without internet access. A good example of a 'client application' is iTunes, something that lives on your computer but works hand-in-hand with an internet component, so is sort of a hybrid” Steven Levy – Wired, quoted 17th Nov 2008 in The Independent
Our Approach to Services Provide a Flexible Services Platform with Internet Scale • Simple scenarios are simple – complex scenarios are possible • Services hosted in Microsoft’s data centers • Designed for high availability & scalability Base it on Internet Standards • Multiple protocol support including HTTP, REST, SOAP, AtomPub • Broad investment in open, community-based access to Azure services Extend Your Existing Investments • Familiar tools, languages, and frameworks with .NET and Visual Studio • Provides the choice to build on-premises, cloud, or hybrid solutions • Integrate with existing assets such as AD and premises applications
“An Operating System For The Cloud” Computation Storage Service Management Developer Experience
.NET Services • Extending .NET technologies to the cloud • Open and accessible • REST, SOAP, RSS, AtomPub, … • Class libraries for Java,Ruby, … • Easy-to-use from .NET – skills move forward • Initial focus on three key developer challenges • Application integration • Access control in a federated world • Application extensibility
Service Bus • Key developer challenges • Want to make it easy and secure for partners to use your application • Don’t always know the characteristics or scale of the integration • Partners / customers / users have devices and services running behind firewalls • Approach • Provide a high-scale, high-available “Service Bus” that supports open Internet protocols
Service Registry [http|sb]://servicebus.windows.net/services/account/svc/… Service Registry Root account svc The service registry provides a mapping from URIs to services servicebus.windows.net services Root contoso Multi-Tenant …
Connectivity • Two key capabilities • Relay • Direct connect • Relay • Ensure applications connect • Available to all via the service registry • Direct connect • Uses the relay to establish communication • Then shortcuts for efficiency • Available via HTTP / REST / ATOM • Available in .NET via WCF Bindings
One-Way Connection Relay sb://servicebus.windows.net/services/user/service/endpoint Outbound SSL-Secured TCP 828Connection to Relay Rendezvous Endpoint One-Way Messagesthrough TCP Tunnel Sender Receiver
Direct Connections Relay sb://servicebus.windows.net/services/user/service/endpoint - Outbound SSL-Secured TCP 828Connection to Relay - Out-of-Band Protocol to negotiate Direct Connection Sender Receiver Upgrade to Direct when possible
Multicast Publish/Subscribe Relay sb://servicebus.windows.net/services/user/service/endpoint Outbound SSL-Secured TCP 828Connection to Relay Rendezvous Endpoint One-Way Messagesthrough TCP Tunnel Sender Receiver Receiver Receiver Receiver
Service Bus Summary • Service Registry • Relay and direct connect connectivity • Publish/Subscribe • Integrated with Access Control services
Access Control • Key developer challenges • Many identity providers, many vendors, many protocols, complex semantics – tricky to get right • Application strewn with one-off access logic • Hard to get right, not agile, not compliant, many dead ends • Approach • Automate federation for a wide-range of identity providers and technologies • Factor the access control logic from the application into manageable collection of rules • Easy-to-use framework that ensures correct token processing
Access Control Interactions 3. Map input claims to output claims based on access control rules 1. Define access control rules for a customer Your Access Control Project (a hosted STS) 0. Certificate exchange; periodically refreshed 4. Send Token (output claims from 3) 6.Claims checked in Relying Party • 2. Send Claims Relying Party (Your App) Requestor (Your Customer) 5. Send Message w/token
Hosted Security Token Service • Use the web site or web APIs… • Define and manage application scopes • Delegate access to scopes • Define and manage access control rules • Rules are defined within an application scope • Rules can be chained; e.g. bob manager and manager allowed • Simple model: the output security token is a collection of claims based on the claims in the incoming token • Define and manage claim types • Define and manage signing and encryption keys • Standards compliant – works with Java, Ruby, …
Workflow • Key developer challenges • Want to easily describe long-running processes • Want modularity and nesting • Easy to describe but in practice harder to run • Hosting and scaling can be challenging • Setup and installing, define scale-out approach, ensure long-running availability, manage upgrades, … • Approach • .NET 3.0/3.5/4.0 addresses key developer requests • .NET Services makes it easy to deploy, manage and run Workflows
Windows Workflow Foundation Workflow • Easily describe coordinated work with minimal ceremony • Tools/Designers • Activity Library • Runtime • Hosts Activity Library WF Runtime Tooling VS Designer VS Debugger Rehosted Designer Hosts IIS/WAS+ “Dublin” Workflow Service your.exe “Direct”
Workflow Service – Overview A reliable, scalable off-premises host for workflows • A portal at workflow.ex.azure.microsoft.com • New activities for the Azure Services Platform • APIs that allow you to deploy, manage, and run your workflows on the cloud • Enables you to orchestrate services • Connect to services in your enterprise anywhere on the Internet – uses the connectivity services • Give you partners and customer access – uses the access control services
Workflow Service Summary • Execute Workflows with high availability • Design Workflows using existing tools • Easily deploy and manage Workflows • Portal for easy access • Management APIs for rich automation
SQL ServicesExtending the SQL data platform to the cloud • Data Services tier of the Azure Services Platform • Extends Data Platform to Cloud • Rich data platform services Data Mining ETL Reporting Data Sync Reference Data SQL DataService Data Warehouse
SQL Data ServicesThe Database in the Cloud SQL Data Services • Internet based database service • Relational query processing • Transactional consistency and concurrency support • Flexible data model • Built on proven SQL Server technologies Business Grade Quality of Service • Highly available and fully redundant • Business ready SLA • Operational excellence • Flexible authentication and authorization • Consumption based billing Service Interop: • HTTP Based Web Service • Standards Compliant: • REST, SOAP, APP
SQL Data ServicesEnabling Applications • Extend to Cloud • Integrate with existing solutions • Data Platform solutions scale to cloud • Create secure data hubs • Secure access and movement of structured data • Across devices, locations, partners • Low friction deployment and scaling • Pay as you go scaling • Don’t need to provision to peak demand
SQL Data ServicesDeveloper Experience • Interop and Choice • Access SQL Services with standard protocols and formats • REST, SOAP, HTTP, etc. • Community Based Libraries and Examples • Ruby, PHP, Java, … • Ruby Active Resource See: http://github.com/sdsteam • Rich Tooling • Familiar tooling experience with Visual Studio • Leverage skills to extend to Cloud
DataSync Users Devices Apps Identity Communication And Presence Directory Search And Geospatial
The Hard Problems • Foundation: Cloud at the core • Identity: People, devices, and applications • Data: Universal representation • Devices: Topology and management • Sync: Bring data closer to users and apps • Sharing: Distribute data among users • State: Complete awareness • Comms: Seamless connections
Application Types World of Devices Bring exciting new devices into the Mesh, integrate with core infrastructure and experience Social and Community Sites Seamlessly integrate social applications across invites, news feeds, local devices experiences, and more Web-to-the Client Take your web application and content to the client, enable a rich and seamless offline experience Client-to-the Web Service-enable client applications, make them Mesh-aware, enable multi-user sharing-based experiences
Live Framework Demo
Three things to remember • Makes S+S possible: Azure Services platform puts scalable service applications in the reach of most developers • This is a Community Technology Preview: We’re looking for customer and partner feedback • It’s not OR it’s AND: Run some applications locally, extend some to the cloud, and some all in the cloud. It isn’t about everything being in the cloud
Resources • Register for Services accounts at • http://www.azure.com/register • Download the SDKs • http://www.azure.com/sdk • Learn more and get involved • http://www.azure.com/community