Exploring the Future Potential of AI-Enabled Smartphone Processors
CloudFest Denver Windows Azure Design Patterns
1. Windows Azure
Design Patterns
David Pallmann
GM Custom App Dev, Neudesic
http://davidpallmann.blogspot.com
@davidpallmann
2. AGENDA
1. General Cloud Computing Patterns
2. Patterns in the Windows Azure platform
– Compute
– Storage
– Relational Database
– Communication
– Security
– Network
3. Cloud application patterns
4. Discussion / Q & A
3. General Pu Pr Hy Ia Pa Sa Ps Su
Compute Ro In We Wo Vr Lb Ep Ei Ca
Storage Bl Co Qm Qu Ta En Pk Rk Ep
DB Ds Db Rd Re Sg Sh Fr Fm
Comm Sb Sq To Su Fi
Network Vn Rg Mg Cd Tm Rl Rf Rd
Security Ip Rp Ts Tk Cl Ra
“Periodic Table” of Cloud Patterns
4. Part 1:
General Cloud Patterns
Cloud Types Cloud Levels of Use Platform
Pu Pr Hy Ia Pa Sa Ps Su
PUBLIC PRIVATE HYBRID INFRASTR. PLATFORM SOFTWARE PLATFORM SUBSCRIP-
CLOUD CLOUD CLOUD AS A SVCE AS A SVCE AS A SVCE SERVICE TION
6. Pu
Public Cloud PUBLIC
CLOUD
• Advanced data center, global presence
• On-demand, elastic scale, well-managed
• Multi-tenant, consumption-based pricing
PUBLIC CLOUD
INFRASTRUCTURE
7. Pr
Private Cloud PRIVATE
CLOUD
• On-premises virtualization infrastructure
• Shares some characteristics of public cloud
• Upcoming Windows Server 8 is able to
virtually pool and allocate compute, storage,
network resources in a multi-tenant fashion
YOUR CLOUD
INFRASTRUCTURE
8. Hy
Hybrid Cloud HYBRID
CLOUD
• Connect public cloud with
• private cloud CLOUD VENDOR
INFRASTRUCTURE
• Integrate via VPN or other means
YOUR CLOUD
INFRASTRUCTURE
9. IaaS, PaaS, & SaaS
Ia Pa Sa
INFRASTR. PLATFORM SOFTWARE
AS A SVCE AS A SVCE AS A SVCE
IaaS PaaS SaaS
Raw Virtual Resources App Services Platform Just Use It
“Bring Your Own VM“ “Bring Your Own App” “Bring Your Own User”
10. Ps
Platform Service PLATFORM
SERVICE
• Service provided by the cloud platform
• Compute Service
– Run your software in the cloud data center
– Most intimate level of cloud computing
– Other services generally usable in-cloud or on-prem
• RESTful Services
– Most cloud services use HTTP REST
– Storage, Communication, Management, …
• Interop Services
– Use a specific protocol for interop / compatibility
– Example: SQL Azure Database (TDS protocol)
11. Su
Subscription SUBSCRIP-
TION
• Ongoing billing arrangement
• Consumption-based
• Services used have pricing meters
• Types
– Month-to-month
– Term subscription
– Negotiated terms
• Month-to-month is easy entry / easy exit without residual obligations
• Term or negotiated subscriptions can get you a discount in exchange for a
commitment
13. Ps
PLATFORM
Compute Service SQL Azure Reporting SERVICE
S Storage Service Cache Service
Blob Storage Service Bus
Queue Storage Access Control Service
Table Storage Windows Azure Traffic Manager
SQL Azure Database SQL Azure Data Sync Service
DataMarket SQL Azure Import Export Service
CDN Windows Azure Connect
14. Df Du
FAULT UPGRADE
DOMAIN DOMAIN
Fault & Upgrade Domains
• Fault domain
– Spreads out your redundant servers / storage across
the data center so a large failure doesn’t take out all
of your resources
• Upgrade domain
– How patches or application updates are applied
– Upgrades parts of your application in sequence (“red
black pattern”) to maintain availability
15. Fault Domain 1 Fault Domain 2 Fault Domain 3
Upgrade
Domain 1
Fault Role A
Instance 1
Role B
Instance 2
Role C
Instance 3
Domains
& Upgrade Upgrade
Domain 2
Domains Role B
Instance 1
Role C
Instance 2
Role A
Instance 3
Upgrade
Domain 3
Role C Role A Role B
Instance 1 Instance 2 Instance 3
16. Compute Patterns
Roles Endpoints Cache
Ro In We Wo Vr Lb Ep Ei Ca
ROLE INSTANCE WEB WORKER VM LOAD INPUT INTERNAL CACHE
ROLE ROLE ROLE BALANCER ENDPOINT ENDPONIT SERVICE
17. Hs
Hosted Service HOSTED
SERVICE
• Your app, hosted in Compute service
• Consists of
one or more
tiers (“roles”) Subscription
• Production Windows Azure
& Staging Hosted Service Project Regional
deployment Data Center
slots
Production Staging
Deployment Deployment
Slot Slot
18. Ro In
Roles & Instances ROLE INSTANCE
• Role: a tier of your app (VM farm)
• Instance: VM, member of a role (5 sizes)
• Role has one or more instances (2+ for SLA)
• VM instances are volatile, roles are sturdy
VM VM VM VM VM
19. We Wo Vr
WEB WORKER VM
ROLE ROLE ROLE
Web Role Worker Role VM Role
Web Container General-purpose Container VM Image
Configured with Configured with You prepare a VM
Windows Server, IIS & Windows Server
a public LB endpoint
Upload your app Upload your app Upload a full VM
PaaS PaaS IaaS
Managed Managed You Manage
Auto patched Auto patched No auto-patching
20. Lb Ep Ei
LOAD INPUT INTERNAL
Endpoints
BALANCER ENDPOINT ENDPOINT
• Allows access to a role
• Load balancer: round-robin
• Input (public) endpoint: public, load-balanced
• Internal endpoint: only accessible by cloud app
VM VM VM VM VM
21. Dp Di
Deployment Patterns PAAS
DEPLOYMENT
IAAS
DEPLOYMENT
PaaS IaaS
Compute Service Compute Service
HOSTED HOSTED
SERVICE SERVICE
APPLICATION
SERVICE SERVICE CUSTOM VM
RUNTIME
METADATA METADATA IMAGE
FILES
22. Web Role Compute Tier Worker Role Compute Tier
VM
VM
VM
VM
Queue
VM
VM
Compute
Patterns
Example
23. Ca
Cache Service CACHE
SERVICE
• Cache Service
• Distributed Memory Cache
• Available in different sizes
• Same programming model as Windows Server Cache
(“Velocity”)
24. Windows Azure
Compute
Attendee Bee Conference App
HTML5/Mobile ASP.NET/MVC web site
hosted in a Web Role
25. Storage Patterns
Blob Storage Queue Storage Table Storage
Bl Co Qm Qu Ta En Pk Rk Ep
BLOB CONTAINER QUEUE QUEUE TABLE ENTITY PARTITION ROW ENTITY
MESSAGE KEY KEY PROPERTY
26. Primitive Storage vs. Database
• Ratio of primitive : relational data is frequently higher
in the cloud
• Cheap: pennies per gigabyte/mo
• Scale: no practical size limit
• Simple: less complexity / overhead
• Lighter: optimistic concurrency
• Trendy: fueled by trends in cloud / mobile arch/ &
movements like NoSQL
27. Blob, Queue, & Table Storage
Bl Qu Ta
BLOB QUEUE TABLE
Blob Storage Queue Storage Table Storage
File-like Simple queues Big, cheap tables
Use for anything you For queuing task Structured data where
would normally use a messages you don’t need
file for relational features
28. Bl Co
Blob Storage BLOB CONTAINER
• Blob: File-like storage
• Container: Holds blobs, like folder
• Name, data, metadata
• Sequential/streamed access
• Simple put/get operations
• Data stored with redundancy
• Provides persistence for VMs
• Directly reference blobs as URIs
• 2 kinds of blobs:
block (sequential), page (random)
29. Qu Qm
Queue Storage QUEUE QUEUE
MESSAGE
• Queue: holds messages
• Messages: small string or XML content
• Access semantics may differ from enterprise queue
technologies you are used to
• Enterprise reasons to use queues also apply in the cloud
• Can use queues to load-balance workers
• Can use queues to coordinate work across roles
• Strict FIFO not guaranteed due to queue semantics
30. Ta En
Table Storage TABLE ENTITY
• Big, cheap data tables
• Simple record-oriented storage
• Table: hold entities (records)
• Entity: contains properties (fields)
• Does not enforce a schema
• No relational features
• Partition Key + Row Key = a unique key
En : Pk Rk Ep Ep Ep
ENTITY PARTITION ROW ENTITY ENTITY ENTITY
KEY KEY PROPERTY PROPERTY PROPERTY
31. Storage Examples
MEDIA CONTAINER 20 GB
CONTACTS TABLE
1000 40 40
COUNTRY (PK)
IMAGES VIDEO XML CUSTOMER ID (RK)
LAST NAME
FIRST NAME
STREET
CITY
STATE
POSTAL
PHONE
ORDER QUEUE EMAIL
WEB PHONE
ORDERS ORDERS
33. Relational Data Patterns
Database Reporting Data Sync Federation
Service Service Service
Db Db Rd Re Sg Sh Fr Fm
DATABASE DATABASE REPORT REPORT SYNC SYNC FEDERATION FEDERATION
SERVER DEFINITION ENDPOINT GROUP HUB ROOT MEMBER
34. Relational Database Services
Db Rs
DATABASE REPORT
SERVICE SERVICE
Sql Azure Database Sql Azure Reporting
Database Service Reporting Service
Sy Fr
SYNC
FEDERATION
SERVICE
SERVICE
SQL Azure Data Sync Sql Azure Federations
Synchronization Service Database Federation Service
35. Ds Db
DATABASE DATABASE
SERVER
SQL Azure Database
• Relational DB as a service
• One master and two replicants, auto failover
• Physical management handled for you
• Has most SQL Server features but not all
• Size limit of 150GB
• Database Server: virtual DB server (actually 3)
• Database: database contained in a DB server
36. Rd Re
REPORT REPORT
DEFINITION ENDPOINT
SQL Azure Reporting
• DB reporting as a service
• Similar experience to SSRS
• Source is SQL Azure Database
• Use BIDS to create reports, RDF format
• Rd: report definition
• Re: web-accessible reporting endpoint
37. Sg Sh
SYNC GROUP SYNC HUB
SQL Azure Data Sync
• 1-way or bi-directional syncing
• SQL Azure to SQL Azure
• SQL Azure to SQL Server
• Hub and spoke model: all syncing is to and/or from the hub
SQL Azure database
• Can trigger a sync manually or schedule
• Sync: Synchronization operation
• Sync group: Defines group of DBs for syncing
• Sync hub: the hub of the sync group
38. Fr Fm
FEDERATION FEDERATION
ROOT MEMBER
SQL Azure Federations
• Database federation
• Partition or shard to multiple databases, have
a “federation database” that looks like one DB
• Federation Root: federation root database
• Federation Member: member database
41. Sb
Service Bus SERVICE
BUS
• Using the cloud as a
communication relay
• Navigates NATs, firewalls, proxies well
• Supports client-service, eventing/pub-sub
messaging patterns
• Volatile (best effort) messaging
42. Sq
Service Bus Queues SERVICE BUS
QUEUE
• Service Bus Queue: Durable messaging To
• Topic: publish point for durable messaging TOPIC
• Subscription: receiver of durable messaging
• Filter : criteria on which messages to receive Su
SUBSCRIP-
TION
Fi
FILTER
45. Service Bus – Topics & Subscriptions
Subscriber
Subscription
Sender Topic
Subscription
Subscriber
46. Service Bus – Filters
Subscription
Subscriber
Ship = AIR
Sender Topic
Subscription
Ship = GROUND Subscriber
47. Web Site (Compute, Storage) Queue (Service Bus)
1 Submit Order
orders
Back End (Compute)
3 Order is Dequeued
2 Order is Queued
Database (SQL Azure)
orders
4 Order is Stored in Database
50. Ip
Claims-based Security IDENTITY
PROVIDER
• Modern way to do AuthN/AuthZ Rp
• Use with web/social identity, domain identity
• Access Control Service provides federated identity RELYING
PARTY
• Identity Provider: Party providing security token with
claims
• Relying Party: application that wants to Ts
authenticate/authorize user
• Security Token Service: how application/user SECURITY
TOKEN
authenticates (interactively or programmatically) SERVICE
• Redirected Authentication: user visits app, user
redirected to STS to sign in, redirected back to app with Ra
token
REDIRECTED
AUTHENTICATION
51. Claims-based Security
Web Identity
Google
Windows Azure
ACS Yahoo!
RP
WEB ROLE 2+
S
Live ID
S
52. Windows Azure
WEB ROLE 2+
Claims-based Security S S
Domain Identity RP
Enterprise ADFS
AD
54. Networking Patterns
VPN Connection CDN Traffic Manager
Vn Rg Mg Cd Tm Rl Rf Rd
VIRTUAL ROLE MACHINE CONTENT TRAFFIC LOCALE-BASED FAILOVER DISTRIBUTED
NETWORK GROUP GROUP DELIVERY MANAGER ROUTING ROUTING ROUTING
NETWORK
55. Vn
VPN Connection VIRTUAL
NETWORK
• Windows Azure Connect Rg
• Virtual Network: VPN connection between ROLE
GROUP
cloud and on-prem machines
• Role Group: indicates which roles are Mg
members of a virtual network
MACHINE
• Machine Group: indicates which on-prem GROUP
machines are members of a virtual network
56. Windows Azure Connect Example
ASP.NET web site in the cloud accessing
on-prem SQL Server DB
WEB ROLE 3
S S S
SQL SERVER DATABASE
57. Cd
CDN CONTENT
DELIVERY
NETWORK
• Content Delivery Network
• CDN: Utilizes worldwide network of 24+ edge server to
deliver content efficiently
• Often used for media
• Locale-directed DNS goes to nearest node to serve up
cached content
• Content sources from blob storage or your hosted
service
58. Tm
Traffic Manager TRAFFIC
MANAGER
• Windows Azure Traffic Manager Rl
• Traffic Manager: Routes DNS access to your hosted service
to one of several possible deployments based on rules LOCALE-BASED
ROUTINE
• Locale-based Routing: route to a deployment based on
locale
• Failover Routing: route to a secondary if primary is not Rf
healthy (via a heartbeat)
• Distributed Routing: route based on a desired distribution FAILOVER
across data centers ROUTING
Rd
DISTRIBUTED
ROUTING
62. Web Role
Use Queues to
Coordinate Roles
• Front end can submit
tasks for the back end
• Both front end and Q
back end can be scaled
to accommodate load
Worker Role
63. WEB FARM CQRS-READS RELATIONAL DATA
CQRS Pattern
• Command/Query PUBLIC CLOUD
CLUSTERED / PARTITIONED DB
Responsibility WEB FARM CQRS-WRITES NON-RELATIONAL DATA
Segregation
• Best for large
implementations FILES, QUEUES
• Separate read & write
• You probably don’t do the same amount of each
• Take advantage of lightweight read mechanisms
• Safer – avoid accidental updates/deletes
65. HOMOGENOUS FRONT END DEDICATED BACK END
WEB SERVER DATABASE SERVER
Web
Application
SQL
DESKTOP Web Services
Server
BROWSER
IIS
Windows
Server
66. Modern Web Application
HETEROGENEOUS FRONT END DECENTRALIZED BACK END
Platform
DESKTOP Application
Services
BROWSER
CLOUD
Business
Data Stores
Services
TABLET
Identity
IP
Directories
Services
PHONE
PARTNER
Partner
Data Stores
Services
67. Modern Web
Application
Attendee Bee Conference App
Open, Mobile, Global & Social
68. General Pu Pr Hy Ia Pa Sa Ps Su
Compute Ro In We Wo Vr Lb Ep Ei Ca
Storage Bl Co Qm Qu Ta En Pk Rk Ep
DB Ds Db Rd Re Sg Sh Fr Fm
Comm Sb Sq To Su Fi
Network Vn Rg Mg Cd Tm Rl Rf Rd
Security Ip Rp Ts Tk Cl Ra
69. Thanks!
Windows Azure
Design Patterns
David Pallmann
GM Custom App Dev, Neudesic
http://davidpallmann.blogspot.com
@davidpallmann