bit slow getting these out. Day 2 was great. Service bus rocks and the opportunities that the cloud & Azure offer are really exciting. Unfortunately by the end of the day I had 0 energy left and today was insanely busy so this took longer to get out than I expected. Hope you enjoy it. By the way: all of the materials for the boot camp are available here. Slide decks, Lab materials.
Thanks to Tracy Bazzell for leading the class. Great job!
Building a business on Azure
· Train your people (duh)
· Learn the sales strategies
· Determine your offerings
· Understand how Azure bills
Know Azure (duh) –
· Azure bootcamp
· Development time – MSDN
Where can Azure overcome project challenges? (IT as an adoption blocker) Overcome the challenges: prototypes, startups, leverage no startup costs, cost is below managers spending limit
Nice azure features:
· Reduce project costs
· Improve time to delivery
· New capabilities
Where do the reduced costs come from? Cutting out the need to deploy infrastructure. This can be as much as 25% of a project’s total budget and time.
Determine your offering
Not all things to all people
· Learn to use the TCO calculator
· Focus on managing services, not servers
· Customers want to shift CapEx -> OpEx
· Low risk, can’t guess wrong. Just delete the stuff and move on.
· Partners receive special pricing
· You get a percentage of the customer’s ongoing monthly charges (18% for year 1, 6% thereafter)
· You aren’t in middle of the billing
· You add value on top of BPOS (MOSS customization, bespoke application developer, etc)
· Internal use: 250 seats of BPOS for the first year free of charge, sell 2 deals w/ at least 25 seats
· Get up to 20 demo accounts
· CRM - $19/mo per seat up to 100 users
Basic Worker Roles
Worker role – focuses on backend process. No inbound processes. Basically a windows 2008 hyper V instance to do work. Normal use:
· Batch processing
· Queue processing
· Hosting non HTTP WCF services
· Number crunching
· volatile storage. Gets wiped when the instance restarts or moves between servers.
· Can allocate up to 20Gb but cannot be resized.
Local resources are not the same as the XDrive thing you can mount to an instance. Local storage basically give you the ability to work with temp files. First you configure the storage item:
<LocalStorage name="Storage1" cleanOnRoleRecycle="false" sizeInMB="5" />
Keep in mind that once you’ve hit 5mb in Storage1 you are done. It will not grow. However, don’t go off setting it to 20Gb because you’re going to pay for it. Figure out how much room you really need and go with that. To work with the file you’ll do the following:
LocalResource storage = RoleEnvironment.GetLocalResource("Storage1");
string filePath = Path.Combine(storage.RootPath, "tempfile.txt");
StreamWriter writer = new StreamWriter(filePath);
Pretty easy stuff. Just keep in mind that when your process recycles the file will be gone, if the app fabric decides to move your service the file will be gone. Simply put: do not expect that file to be there. Although you might want to check first. :*)
Endpoints for Worker processes
Exposes WCF services to the internet. These end points get enrolled with the Azure load balancer. You can use HTTP, HTTPS and TCP and open as many as you like. You can also open internal WCF endpoints using other protocols. The internal endpoints do not get enrolled with the load balancer.
You must configure the end points in your service’s configuration file. You cannot dynamically open up new end points.
The WCF end points are just WCF so you need to know how to program against WCF’s API.
The sample application includes a chat application that runs in a worker role. The azure specific stuff is pretty easy:
Threads in Workers
You can create threads inside your worker just like normal, however: be careful. AppFabric will allow many instances of your worker to be up and running so you need to write good threadsafe code and think about parallelism. Consider using the parallel extension for .NET.
Given the right problem though, breaking crypto keys for instance, Azure could kick some serious ass.
Other things workers can do
· PHP on Azure
· External Processes (run EXEs)
· Call Native Libraries (call unsafe code)
Diagnostics and Service Management
· Azure will log all the usual stuff (trace, iis logs, perf counters, event log, crash dump, files), but you have to configure it.
· The default vs project already has the basic diagnostic stuff (trace) configured.
· You need a storage account to put the data in. trace goes to a table, iis logs to a blob, events to a table)
· Have to start it up (DiagnosticMonitor.Start("DiagnosticsConnectionString");)
· You can change your configuration for diagnostic on the fly. The change only affects the instance and will go away when the instance gets restarted.
· To trace stuff just call Trace.Information like you would Trace.WriteLine
Service management API
Can do almost everything the Azure portal does
· No access to billing or utilization data
· Azure subscriptions
· Create Storage or compute service accounts
· Deploy management certificates
API Auth uses an x509 certificate
API is built on rest
Can use PowerShell to talk to the API
Csmanage is a command line tool to push packages to Azure
Can swap IP addresses to swap staging and production very quickly
In place upgrades
You can create upgrade domains and azure will manage the process of shutting down the services in each domain, upgrading them and then restarting them.
Azure does not autoscale
Azure does give you tools to help determine how to scale. Recommend against completely automating the scaling of your service. You don’t want to spin up tons of instances just because the GoogleBot comes a calling.
It’s mostly just SQL server in the cloud. You talk to it via ADO.NET (actually anything that speaks TDS can use it). So your EntityFramework and NHibernate stuff will still work.
· Database can go up to 10Gb (50Gb in June). You pay for the storage. Clarification you can have 1Gb or 10Gb (apparently they don’t grow the db
· Can hook up with Enterprise Manager 2008R2
· Use SQL Auth so protect that password!
· Setup via the azure portal
· There is a migration wizard that will allow you to move around.
Just use it
Authentication and authorization is hard. The cloud makes it harder
Tokens & Claims
· Token contains a group of claims
· Should be signed to protect against changes
Claims/tokens are better b/c they provide more information than applications typically get (username). This usually requires calls to AD or something else. This way the app tells the client what it wants and the client provides it.
· Open standard
· Microsoft, Google, Yahoo
· REST oriented
· OAuth service authenticates the user
· Creates a SWT Token
· No xml
· Put in request body or on query string
WCF has an ACSTokenValidator
The client just authenticates against an OAuth service that the service trusts. Anybody can create this service. Then the client puts its token in the request headers and calls the service. The service will have to trust the issuer of the token.
Your service will use the ACSTokenValidator to make sure the caller has the token. If they do then your service will use the claims in the token to provide authentication & authorization. This is really awesome.
Basically it is WS-Routing. The services do not have to run in Azure, they just have to register with the Azure service bus. So Service A could be running at Microsoft and Service B could be running at Google and they could communicate with each other by using Azure’s service bus.
It’s just more WCF stuff.
Cloud Computing Scenarios
Only 2 reason for going to the cloud: Improve bottom line or improve strategy
· Current hosting costs
· Current staff costs
· Migration costs
· Dynamic scale/reduce costs – load shunting
· Startups & POCs
· Data in motion
· Mass storage
Common road blocks
· Security concerns
· Legacy systems
· Regulations & certifications
· Local hardware integration
· BizSpark – for startups (less than $1MM revenue)
· WebSiteSpark – for web design firms
· DreamSpark – for students
· WABCD – boot camp
· Pinpoint – place to register your product or service
· FrontRunner – get access to MSFT products early
· MTC Visit – for partners
· TAP – for customers wanting to use new products