Windows Azure is jam packed with features to choose from for building web applications and services that scale - but there are a core set of choices and features that are applicable to most scenarios. This session will get you up to speed on the essential features developers should be aware of, and how to apply them in practical scenarios. You’ll learn why cloud services are the typical choice for feature-rich applications, and learn what you can’t live without in terms of startup tasks, SMTP services, blob storage, message queuing options, diagnostics, monitoring and security features.

1. DEVintersection
Session AZ07
Windows Azure Essentials
Michele Leroux Bustamante
michelebusta@solliance.net

2. Michele Leroux Bustamante
Managing Partner
Solliance (solliance.net)
CEO and Cofounder
Snapboard (snapboard.com)
Microsoft Regional Director
Microsoft MVP
Author, Speaker
Pluralsight courses on the way!
Blog: michelebusta.com
michelebusta@solliance.net
@michelebusta
© DEVintersection. All rights reserved.
2 http://www.DEVintersection.com

3. Just a Few Essential Tips
(in < 45 minutes!)
1. Web Sites or Cloud Services?
2. Designing for Distributed Scale Out
3. Sending Email
4. Mind your Configuration
5. Which Queue Should You Use?
6. Drives and Blobs
7. Logs are Your Best Friend
8. Monitor from Outside
9. A Few Points About Data
10. Enable Social Logins and Simplify Sign Up
© DEVintersection. All rights reserved.
3 http://www.DEVintersection.com

4. Web Sites or Cloud Services?
Tip #1

5. Web Sites or Cloud Services?
Key Differences
Web Sites (Reserved) Cloud Services
 Many simple scenarios out of  VM & IIS customizations
the box or made VERY easy  Virtual networking, RDP
 Simple setup of MySQL  Distributed cache
database  Windows services equivalent
 A lot of stuff cloud services  Certificate store
can do PLUS…
 Multiple tiers (internal ep)
 Familiar development and
deployment model  Control over VM scale out
 Single file updates
SIMPLICITY CONTROL
© DEVintersection. All rights reserved.
5 http://www.DEVintersection.com

6. Designing for Distributed Scale Out
Tip #2

7. What’s Your Application Architecture?
Storage
Queue
OR
SQL
Blob
SB Storage
Azure
Queue

8. VM Allocation Goals
 VM allocations are
 Security and isolation boundary
 Domain or subdomain boundary
 Scale-out boundary
 Save costs early on
 Start with a single VM
 Small instance
 Scale up and out as needed
 Distribute load to separate VM as needed
 Increase VM size as needed
© DEVintersection. All rights reserved.
8 http://www.DEVintersection.com

9. Web Sites and VM Allocation
Web Site Reserved
Project Web Site
Web Site Reserved
VM $$$
Project Web Site
Subscription A
Region US West
Web Site Reserved
Project Web Site VM $$$
Subscription A
Region East Asia
Web Site Reserved
Project Web Site
Subscription B
VM $$$
Region East Asia
© DEVintersection. All rights reserved.
9 http://www.DEVintersection.com

10. Cloud Services and VM Allocation
Cloud
Project
Service Definition
Service Config
Role VM $$$
VDir
Site
App
EntryPoint
Endpoint © DEVintersection. All rights reserved.
10 http://www.DEVintersection.com

11. Single Role / Site
bustacloud.com

12. Single Role / Multiple Site
bustacloud.com api.bustacloud.com

13. Single Role/ Multiple Site/ Worker
bustacloud.com api.bustacloud.com

14. Scaling Out to Multiple Roles
bustacloud.com api.bustacloud.com

15. Equivalent on Web Sites?
bustacloud.com api.bustacloud.com

16. Web Sites and Reserved Instances
© DEVintersection. All rights reserved.
16 http://www.DEVintersection.com

17. Multiple Site, Single Role Deployments
demo

18. Sending Email
Tip #3

19. Sending Email
 Most applications require some form of email communication
 Email confirmations
 User notifications
 Administrator alerts
 Content delivery
© DEVintersection. All rights reserved.
20 http://www.DEVintersection.com

20. Recommendations for Email
 Local testing
 Can use System.Net.Mail.SmtpClient
 Use Smtp4Dev
 Live testing and production
 Do not use SMTP server in IIS, IP ranges could be blacklisted as SPAM
 Use a third party relay service
 SendGrid gives 25,000 FREE tx/month for Azure applications!
 Sendy, MailChimp, AuthSmtp, Jango
 Architecture
 Prefer using a queue to kick off sends to third parties
 If their service goes down, your users don’t have to know, the email is
not lost (queued)
© DEVintersection. All rights reserved.
21 http://www.DEVintersection.com

21. Sending Email from Azure
demo

22. Mind Your Configuration
Tip #4

23. Web Site Configuration
 Web.config as usual (use transforms during publish)
 Portal surfaces some settings
 Application settings, handler mappings, connection strings

24. Cloud Service Configuration
 Avoid web.config for
 Settings that vary between staging, production
 Settings for test, diagnostics or performance
 Use Configuration Profiles to distinguish settings
 Select a profile during Publish
 Select a web.config transform during Publish
 Portal surfaces settings from service configuration
 Use an indicator for which items should recycle the instance vs. not

25. Runtime Configuration Changes
demo

26. Which Queue Should You Use?
Tip #5

27. Service Bus and Storage Queues
Service Bus Queues Storage Queues
Unlimited message lifetime Message expires in 7 days
Max 64K message size Max 256K message size
Max 5GB total storage Max 100TB total storage
Duplicate detection
Order guarantees
Dead letter queue
Storage metrics
Purge capability
Long polling Manual back-off polling
Cloud Services Cloud
/ Web Sites Services

28. Drives and Blobs
Tip #6

29. Where Should You Store Content?
 IaaS VM can have one or more drives associated
 But that is a more traditional hosting model, PaaS is our focus
 Cloud Services can use AzureDrive (still preview)
 This has limitations
 Single VM can mount the drive (others require read access only)
 Snapshot is fast and works very well for read only case
 Likely you need to do multiple write as well
 Blob Storage is the standard now
 Scales across instances
 Replication
 Map storage account to domain
 CDN benefits
 Security and shared links
© DEVintersection. All rights reserved.
30 http://www.DEVintersection.com

30. Blob Storage Security
Browser Client
Service Service Service Service
read
access
for
limited
time
with
shared
shared
access
access
policy
key
list
create Shared Access
update create create Signature (SAS)
delete update update
read delete read delete >1 hour
read list list requires
authentication
header in request
(no browser)
Public
Public Blob Private Private
Container
Access Container Container
Access
© DEVintersection. All rights reserved.
31 http://www.DEVintersection.com

31. Blob Storage Recommendations
 Store content in blobs in lieu of drives
 Streaming
 CDN
 Accessible to both cloud services and web sites
 Secure access accordingly
 From JavaScript can lease a shared key
 No need to embed keys in the JS file
 Always chunk blobs for upload (best performance)
 Large file uploads
 No CORS support yet for storage
 Can upload to Web API (for example) in chunks
 Avoid large file configuration issues with IIS (can’t for web sites)
© DEVintersection. All rights reserved.
32 http://www.DEVintersection.com

32. Logs are Your Best Friend
Tip #7

33. Diagnostics Support
 Cloud Services
 ETW tracing through Azure Diagnostics
 Configure in code (for granular runtime settings) or XML (wadcfg)
 Either way make sure easy for IT to make changes
 Not a developer setting
 Numerous tools for collecting diagnostics logs and trace output
 Supports deep control over logs and performance counters
 Web Sites
 No Azure Diagnostics
 FTP access to basic IIS logs
 log4NET is a popular tool for extended logging
 Limited capabilities today
© DEVintersection. All rights reserved.
34 http://www.DEVintersection.com

34. Monitoring and Diagnostics
demo

35. Monitor from Outside
Tip #8

36. Monitoring Service
demo

37. A Few Things About Data
Tip #9

38. SQL Azure and Entity Framework Tip
 To avoid connection timeouts with Entity Framework and SQL Azure you
MUST do what this link says
 http://blogs.msdn.com/b/appfabriccat/archive/2010/12/11/sql-azure-
and-entity-framework-connection-fault-handling.aspx
© DEVintersection. All rights reserved.
39 http://www.DEVintersection.com

39. Don’t Drink the NoSQL Koolaid
 Start with relational and figure your model out first
 Get an expert involved if you need noSQL…for example…
 Lynn Langit
 www.contagiouscuriosity.com
© DEVintersection. All rights reserved.
40 http://www.DEVintersection.com

40. Enable Social Logins and
Simplify Sign-Up
Tip #10

41. Access Control and Mainstream
Identity Providers
Browser
3
Google FaceBook
1 5 2 4
Windows
Yahoo!
Live
Access
Control
Azure AD
On
On
Your App Premise
On
Premise
IdP
Premise
IdP
IdP

42. Social Login and User Provisioning
demo

43. Practically Speaking
 Applications need various combinations of security
 Username/password + social
 Active Directory on premise or in the cloud
 Other potential identity providers
 Combinations of these
 Applications still need a user profile
 Regardless how they are authenticated
 Need to track their various login choices, could be multiple
 Use Access Control for integration with non-social identity providers
with rich claims (AD, WAAD)
 Use application tools for social login for complete coverage and control
© DEVintersection. All rights reserved.
44 http://www.DEVintersection.com

44. References
 Conference resources:
 http://michelebusta.com
 See my snapboards:
 Currently at the alpha site:
http://snapboardalpha.cloudapp.net/michelebusta
 Will move these to snapboard.com/michelebusta when we go live on the
main site (SOON watch my blog for announcement)
 Contact me:
 michelebusta@solliance.net
 @michelebusta
© DEVintersection. All rights reserved.
45 http://www.DEVintersection.com

45. Questions?
Don’t forget to enter your evaluation
of this session using EventBoard!
Thank you!