Post on 11-Jan-2016
Migrating Business Apps to Windows Azure
Marc MüllerPrincipal Consultant, 4tecture GmbH
www.4tecture.chwww.dotnetacademy.chmmueller@4tecture.ch
Agenda
Agenda
Short Introduction to Windows Azure Overview Differences to On-Premise Development
Migration Strategies Logic / Frontend / Storage
Cloud Computing Topics Scale Out / Scale up Architecture / Cost Oriented Architecture
SecurityRole ManagementCall to ActionQuestions
Windows AzureWhat, Cloud is just computers? – differences to on-premise systems
Demo
Definition of Cloud Computing
Software-as-a-Service
consume
“SaaS”Platform-as-a-Service
build
“PaaS”Infrastructure-as-a-Service
host
“IaaS”
Packaged Software
Storage
Servers
Networking
O/S
Middleware
Virtualization
Data
Applications
Runtime
You
manag
eInfrastructure
(as a Service)
Storage
Servers
Networking
O/S
Middleware
Virtualization
Data
Applications
Runtime
Managed b
y v
endor
You
manag
e
Platform(as a Service)
Manag
ed b
y v
en
dor
You
manage
Storage
Servers
Networking
O/S
Middleware
Virtualization
Applications
Runtime
Data
Software(as a Service)
Managed b
y v
en
dor
Storage
Servers
Networking
O/S
Middleware
Virtualization
Applications
Runtime
Data
Image Source: Windows Azure Training Kit
The transition to the cloudWindows Server Single Instance Persistent
File System Network Shares
Windows Security (AD)Windows Azure Multi Instance Stateles OS
Azure Storage SQL Azure
ACS (AD ADFS) Azure Connect / Service Bus
Benefits Automated Updates Multi-Instance-Management Scale-Out High Availability / Failover
Standard Cloud Tiers
Front end: e.g. load-balanced stateless web servers
Middle worker tier: e.g. order processing, encoding
Backend storage: e.g. SQL tables or files Multiple instances of each for scalability and
availability Front-End
Cloud Application
Front-End
HTTP/HTTPSWindows
AzureStorage,
SQL Azure
Load Balancer
Middle-Tier
Image Source: Windows Azure Training Kit
Top migration effort points
Stateful vs Stateless
Scheduled Jobs
Complex Business Logic in Database
File Handling
Migration StrategiesAzure ComputeHow to migrate your processing logic
Windwos Azure Roles
Role is an executableCreate your own web server, host a database, etc.
Inbound onAny TCP PortHTTP/HTTPS
Worker Role Role is hosted on IIS HTTP/HTTPS ASP.NET Fast CGI + PHP
Web Role
“Move” applications to Windows Azure Full control over OS Image VHD Image Designed for long or non-automated installs Image must be Windos Server 2008 R2
Enterprise
VM Role
Azure Package and Endpoints
Configuration Service Definition (*.csdef) Service Configuration (*.cscfg)
Deployment Package Encrypted(Zipped(Code +
*.csdef)) *.cspkg file
Deplyoment (*.cspkg + *.cscfg)
Endpoints Input Internal Windows Azure Connect
Startup Tasks
Enables short, unattended setups on role startup Silent MSIs, COM Components, Registry Keys, Configuring Windows Server, etc.
Configured in the .csdef Task Type
Simple – System waits for the task to exit Background – System does not wait for the task to exit Foreground – Same as background, but blocks role restart until tasks exit
<WebRole name=“FabrikamShipping.App.Web"> <Startup> <Task commandline="relative\path\ToSetupExecutable" executionContext="limited|elevated" taskType=“simple|foreground|background"/> </Startup></WebRole>
Workflow (simplified)
Define your Endpoints Define Roles and Instance Count Create a deployment package (application
binaries) Provide additional Installers and Binaries for
Startup Tasks Deploy!
… but there are some important points to consider!
Migration StrategiesAzure StorageHow to hanlde files in the cloud…
Storage Challange
Don’t think in terms of «file system access» Think RESTful
4 HTTP Verbs for CRUD Ressources
Local file system should be used for «local cache» only Create logical storage storage interfaces / abstractions CreateAzure Storage adapters in your application
Migrate your local file system
Blobs - Simple named files along with metadata for the file Two level hierarchy – container / file Security on container / file – policy or signature Two Types
Block BLOB (streaming workload [“file”], blocks, max 200GB) Page BLOB (random read / write, pages, max 1TB)
Drives - Durable NTFS volumes Page BLOB formatted as a NTFS single volume VHD one instance read/write, read-only snapshot for multiple instances Drive API, not REST Calls – NTFS API for read/write
Access BLOB Files
RESTful URL
Can include ‘/‘ or other delimeter in name
e.g. /<container>/f1/blob1.jpg e.g. /<container>/f1/blob2.jpg http://.../<container>?comp=list&prefix=f1&delimiter=/ f1/blob1.jpg,
f1/blob2.jpg Image Source: Windows Azure Training Kit
BLOB Security
Control the access to your files Fine grain access rights to blobs and containers Sign URL with storage key – permit elevated rights Revocation
Use short time periods and re-issue Use container level policy that can be deleted
Two broad approaches Ad-hoc Policy based
Create Shared Access Keys by Tool API
Web App
Client
Blob Storage
Request Shared Access KeyURL
Signed URL
Demo
Tools
Windows Azure Storage Explorerhttp://azurestorageexplorer.codeplex.com
New Concepts
Azure Table Storage Not a RDBMS! Tables and Entities
CRUD No fixed Schema (except
Partition Key, Row Key, Timestamp) Up to 255 properties per
Entity type (standard .NET Types)
Azure Queue Storage Used for instance synchronization Messages (max. 8kb) Reliable Delivery / Poisonous Message detection
Image Source: Windows Azure Training Kit
Migration StrategiesDatabaseSQL Database in the cloud
SQL Azure
Click icon to add picture
SQL Server EngineShared infrastructure
Request routing, security, isolation
Scalable / high availability Automatic replication and failover
Working with SQL Azure TDS Protocol (Firewall rules!) Use existing clint libraries: ADO.NT, ODBC, PHP, … Cannot switch between DBs (no USE command) Only SSL connections are supported (encrypt = true) Standard SQL Auth Logins (username + password)
Challenge
SQL Azure focusses on logical administration Schema creation and management Query optimization Securiy management
No physical management needed / possible
Restrictions Not supported: Sparse Columns, Filestreams, Partitions, Full-Text-indexes, SQL-CLR Tables require clustered indexes
New features SQL Azure Federations
How do I migrate my database?
TSQL Management Studio – Script database as… Size restrictions (data)! use BCP
TSQL with BCP (Bulk Copy Utility) SQL Azure Migration Wizard (http://sqlazuremw.codeplex.com) SQL Azure Federation Data Migration Wizard (http://sqlazurefedmw.codeplex.com)
SQL Server Data-Tier Applications (DAC) DACPAC / BACPAC
Sync Framework 2.1
How do I backup by database?
Import / Export (DAC) Not transactional consistent! create a copy first! CREATE DATABASE destination_database_name AS COPY OF
[source_server_name.]source_database_name No job scheduler!
Sync with on-premise database SQL Azure Datasync Full backup functionality on on-premise database
BCP (bulk copy utility) bcp AdventureWorksLTAZ2008R2.SalesLT.Customer out C:\Users\user\Documents\GetDataFromSQLAzure.txt -c
-U username@servername -S tcp:servername.database.windows.net -P password
SQL Azure Backup Tools Quest Spotlight for SQL Azure, Enzo Backup for SQL Azure, Redgate SQL Azure Backup Tool,
SQLAzureBackup
Restriction Workarounds
Job Scheduler Use an on-premise database (sync) and run the jobs locally On-premise job scheduler with connection to SQL Azure (TSQL) Local SQL Server Integration Services with connection to cloud Use an Azure Worker Role with a scheduler
Full Text Search Lucene.net
Unique identifier Clustered Indexes NEWSEQUANTIALID() ist not supported! Don’t use unique identifiers for clustered indexes or provide custom index generator (App Tier)
Migration StrategiesCloud FeaturesDesign your application for the cloud!
Scale-Out Architecture
StorageTables
LB
Blobs
Worker ServiceWorker Service
Worker Role
Managed Interface
Call
Web Site(ASPX, ASMX,
WCF)
Web Site(ASPX, ASMX,
WCF)Web RoleIIS as Host
Queues
Windows Azure Data Center
LB
LB
The InternetThe Internet via TCP or HTTP
Image Source: Windows Azure Training Kit
Scale-Out ArchitectureIntelligent Network Load Balancer
Async Activation
Network Activation
Blob Storage
Partitioned RDBMS
Key/ValueDatastor
es
State Tier Queues
Stateless Web and/or Application Servers
Stateless ‘Worker’ Machines
Role Patterns
Click icon to add pictureClick icon to add picture
Click icon to add picture
Web Role IIS Web Application / Web Farm
Worker Role Queue Polling Worker
Poll and Pop Messages (i.e. map/reduce pattern) Listening Worker Role
TcpListener / WCF (i.e. run a .NET SMTP) External Process Worker Role
Start process from application or startup task E.g. Run a database server, web server,
distributed cache
Web / Worker Hybrid Role Web Application and Background Worker in
same Instance
Web Role Worker Role
Hybrid Role
Asynchronous Programming
Use queue messages for tasks A message should be small, use BLOB or Table storage for
the payload
Web Role Worker Role
Storage
Queue
LB LB
Worker RoleWorker Role
Web Role Worker Role
Blob Container
Table
30mb JPEG
Map Reduce
Upload Web Role
Map Worker Role
Reduce Worker Role
Image Uploaded
Image Split
SlicesSaved To
Blob Storage
Slices Pulled from Blob Storage
Images Processedin Worker Instances
Processed Slices Pushed Back to Blob Storage
Splits ReducedBack to Full Image
Final ImageSaved as BLOBReady for Use
Queue Best Practices
Ensure that messages are idempotent [f(x) = f(f(x))] and have a
compensation mechanism you implement poison detection
To do so, you have to Check the «dequeue count» of a message Use Transaction with Rollback / Comit Use an Action-Log to recover last state Move poisonous message to a separate queue or delete
them
Data Partitioning
Why should we partition the data? Data volume (too large) Work load (too many transactions) Costs (COA – Cost Oriented Architecture) Elasticity (JIT Partitioning during high load periods)
Horizontal Partitioning: Vertical Partitioning:
Migration StrategiesSecurityHow to authenticate in your cloud application
Authentication & Authorization
Click icon to add picture
Click icon to add pictureClick icon to add picture
We do not want to implement another security system integrate the cloud server into our
domain
We want to integrate into our existing security
system (AD) integrate partners and customers use open an flexible standards
TrustSecurity
Token
Integrate in company’s AD
Migration StrategiesRole ManagementScale Out / Scale Up
Cloud Computing Patterns
Optimize your instance usage Save money Have responsive apps
Manage Instances Manually through management portal Manuelly through management service Automatically
Trac diagnostic information Modify instance count automatically (i.e. EntLib 5 Autoscaling Block)
Click icon to add pictureClick icon to add picture
Click icon to add pictureClick icon to add picture
Let’s get startedMSDN Benefits
MSDN Benefits
http://www.windowsazure.com/en-us/pricing/member-offers/msdn-benefits/
Special Training Offer
http://www.4tecture.ch/Media/Default/Flyer/AzureQuickstartFlyer.pdf
Questions?