make the cloud less cloudy: a perspective for software development teams

�

BW7 Concurrent�Session�11/13/2013�2:15�PM�

��

"Make the Cloud Less Cloudy: A Perspective for Software

Development Teams" ��

Presented by:

Bill Wilder Development Partners Software Corporation

��

Brought�to�you�by:��

��

340�Corporate�Way,�Suite�300,�Orange�Park,�FL�32073�888Ͳ268Ͳ8770�ͼ�904Ͳ278Ͳ0524�ͼ�[email protected]�ͼ�www.sqe.com

Bill Wilder Development Partners Software Corporation

Bill Wilder is a hands-on architect, trainer, writer, and community leader focused on helping companies and individuals succeed with the cloud using the Windows Azure Platform. Bill began working with Windows Azure when it was unveiled at the Microsoft PDC in 2008 and in 2009 founded Boston Azure (bostonazure.org), the first Windows Azure user group in the world. He is recognized by Microsoft as a Windows Azure MVP and an Azure Insider. Bill is the author of Cloud Architecture Patterns, blogs atblog.codingoutloud.com, and is on Twitter at @codingoutloud. Got cloud questions? Feel free to reach out to Bill via devpartners.comor [email protected].

�

Make%the%Cloud%Less%Cloudy%A"Perspec)ve"for""

So.ware"Development"Teams!It’s%all%about%Produc6vity!

Be:er%So<ware%Conference%East%13CNovemberC2013%(2:15%–%3:30%PM)%

Boston%Azure%User%Group%h#p://www.bostonazure.org!@bostonazure%

Bill%Wilder%h#p://blog.codingoutloud.com!@codingoutloud%

My!name!is!Bill!Wilder!

Bill Wilder

[email protected]!blog.codingoutloud.com!@codingoutloud%%www.devpartners.com%

Who!is!Bill!Wilder?!

www.devpartners.com%

www.bostonazure.org%

www.cloudarchitecturepa:erns.com%

Talk!Roadmap!1.  Assume!you!are!on!a!dev!team!

–  Tester,!Developer,!Release!Engineer,!Project!Manager,!Team!Leader,!Architect,!…!!

– Or!are!a!DBA!or!in!Ops!or!in!DevOps!2.  You!are!a!Windows!/!.NET!shop!

–  Or!Linux,!or!Python,!or!Java,!or!Node,!or!PHP,!or!…!3.  Focus!on!the!PracUcal!

–  Scenarios"that"can"actually"happen"in"the"real"world"–  Examples!drawn!from!Public!Cloud!PlaXorms!–  Emphasis!on!Scenarios!&!Demos%

4.  ApplicaUon!Architecture!for!cloud[naUve!apps!(final!15!minutes)!

Overall%Theme:%specific,!acUonable!uses!for!cloud!

“The%Cloud”%(according!to!some!vendors)!

Copyright!©!2013!Elizabeth!B.!O’Connor!•!used!with!permission!•!www.elizabethboconnor.com!!

“The%Cloud”%(according!to!customers)!Let’s"be"prac)cal"and"fact?based"

Using!the!cloud!(for!anything)!means:!•  Taking!a!dependency!on!the!public!Internet!•  Some!loss!of!control!For!apps:!•  SomeUmes!need!or!benefit!from!updaUng!For!people:!•  New!concepts!&!skills!to!be!learned!&!applied!But!many!prac6cal!uses!that%work!(stay!tuned!!)!

Beyond…!

Cost!transparency!Pay[by[use!rental!Opex!(not!capex)!Measurable!Cost!"!Benefits!less!easily!quanUfied!A!Business!InnovaUon!The%Cloud%>>%a%bunch%of%useful%services%with%APIs%"!API[driven!is!mega.trend!!

NIST!Terminology!

•  SaaS!=!Soiware!as!a!Service!(BYO!users)!•  PaaS!=!Plaform!as!a!Service!(BYO!apps)!•  IaaS!=!Infrastructure!as!a!Service!(BYO!VMs)!

Simplicity!

Complexity!Flexibility!

Rigidity!Power?!

Power?!h#p://csrc.nist.gov/publicaUons/nistpubs/800[145/SP800[145.pdf!

Cloud!CompuUng!On[Premises!Soiware!

Storage

Servers

Networking

O/S

Middleware

Virtualization

Data

Applications

Runtime

You!manage!

Infrastructure!(as!a!Service)!

Storage

Servers

Networking

O/S

Middleware

Virtualization

Data

Applications

Runtime

Managed!by!vendor!

You!manage!

PlaXorm!(as!a!Service)!

Managed!by!vendor!

You!manage!

Storage

Servers

Networking

O/S

Middleware

Virtualization

Applications

Runtime

Data

Soiware!(as!a!Service)!

Managed!by!vendor!

Storage

Servers

O/S

Middleware

Virtualization

Applications

Runtime

Data

Networking

|%%%%%%%%%%Public%Cloud%Rental%Models%%%%%%%%%%%|!

So<ware%as%a%Service%(“SaaS”)!BYO%Users%(or%Dev%Team)%

!!!!

And!others…!

Key!Concept!

Pla_orm%as%a%Service%(“PaaS”)!BYO%Apps!

!!!!

And!others…!

Key!Concept!

Infrastructure%as%a%Service%(“IaaS”)!BYO%VMs%(and%Admins%&%DBAs)!

!!!

And!others…!

Key!Concept!

SaaS%#%PaaS%#%IaaS%is!a%spectrum"

How!to!choose?!Not!mutually!exclusive.!

PlaXorm!Services!are!your!friend.!

Key!Concept!

Need%Departmental%web%site%

Scenario"that"can

"actually"happen"

in"the"real"world%©"

(Ini6al)%Requirements:%%•  Public%•  Sta6c%•  Small%audience%

What!happens!to!Departmental!Web!Site…!!

Business%Requirements%1.  Public!staUc!web!site!2.  15!users!3.  Dynamic!pages!updated!

by!pulling!from!API!4.  Control!access!to!some!

pages!w/!login!5.  Add!database!6.  Open!up!to!whole!

company!of!40k!people!

Technical%Solu6on%1.  Simple!Web!App!2.  Shared!VM!3.  Need!more!memory!

and!CPU!4.  Use!Federated!

AuthenUcaUon!5.  Need!backups!6.  Need!more!resources!+!

monitoring!+!DR!

Demo%

Windows!Azure!Web!Sites!Using!Azure!Web!Site!Gallery!

Demo%

Federated!AuthenUcaUon!ASP.NET!+!WAAD!(if!4me!allows,!at!end)!

Deployment%takes%too%long%

Scenario"that"can

"actually"happen"

in"the"real"world"

!"

•  Time%from%checkCin%to%available%for%dev/test%

•  Produc6on%vs.%other%environments%

Demo%

Windows!Azure!Web!Sites!Automated!Deployment!from!GitHub!

(one!of!many!opUons)!

Need%a%test%instance%

Scenario"that"can

"actually"happen"

in"the"real"world"™"

•  Poten6al%Customer(s)%(kick%6res,%PoC)%•  CEO%(conference!demo)%•  Marke6ng%(to%brag%about%it)%•  EVEN%for%“NONCCLOUD”%SOFTWARE…%

Demo%

Windows!Azure!Virtual!Machine!1.  Use!Azure!VM!Image!GALLERY!2.  Automate!with!CLI!

Flexible!VM!“Template”!OpUons!

Out[of[the[box!Vendor!Gallery!•  Curated!by!Vendor!

Community[driven!Gallery!•  Not!limited!to!“cloud!stuff”!•  Azure!VM!Depot!h#p://vmdepot.msopentech.com/!!•  Amazon!AMI!Marketplace!h#ps://aws.amazon.com/marketplace/!!

Your!own!Images!•  Easy!to!create!within!your!account!•  Can!keep!Private!or!Share!the!VM!•  Sharing!with!other!accounts!is!out[of[band!

Need%a%Database%

Scenario"that"can

"actually"happen"

in"the"real"world"

"

•  Experiment,%Prototype,%New%Dev,%Test,%Prod,%…%•  IaaS%vs.%PaaS%&%%

Vendor%vs.%3rd%Party:%Windows!Azure!SQL!Database,!SQL!Server,!RDS,!MySQL,!Oracle,!Mongo,!Azure!Tables,!SimpleDB,!and!many!more…!

Demo%

1.!Show!IaaS!and!PaaS!and!Partner%%%%%%%%%(Store/Marketplace)!OpUons!2.!Example!PaaS!database:!!!!!!Windows!Azure!SQL!Database!

Need%to%Share%Files%Publicly%%(or%selec6vely)%

Scenario"that"can

"actually"happen"

in"the"real"world"

"

•  Videos,%Documents,%Installa6ons,%…%•  Amazon%S3,%Azure%Blob%•  CDNCbacked,%Global,%SuperCscalable,%

CrazyCreliable,%Inexpensive%

Highly!Durable!Blob!Storage!(Azure)!

24!CDN!Nodes!(8!Data!Centers)!

Image!credit:!h#p://welyClau.net/2012/05/10/an[introducUon[to[windows[azure[part[2/!

Need%a%temporary[?]%dev%environment%

Scenario"that"can

"actually"happen"

in"the"real"world"

"

•  Hire%a%ShortCterm%Contractor%•  Need%to%test%on%fresh%OS%•  Dev%on%vaca%needs%to%debug%•  Or%“just%because”…%•  Give%a%talk%or%give%demos%

Demo%

Windows!Azure!Virtual!Machines!with!MSDN!Benefits!(The!meta[demo!!)!

download_blob_to_file.py!from!azure.storage!import!*!!blob_service!=!BlobService(!!!!!!!!!!account_name!=!!az_storage_account_name,!!!!!!!!!!!account_key!=!az_storage_account_key)!%stream!=!blob_service.get_blob(!!!!!!!!!!!blob_container_name,!blob_name)!with!open(file_path,!'w')!as!f:!!!!!!!!!!!f.write(stream)!

Too%many%usernames%&%passwords%

Scenario"that"can

"actually"happen"

in"the"real"world"

"

•  Internal%apps%•  Our%customerCfacing%app%

requires%custom%username%•  Our%dev%tools%are%guilty%too%

Demo%

Federated!AuthenUcaUon!ASP.NET!+!WAAD!

I%have%a%startup%or%want%to%learn%

Scenario"that"can

"actually"happen"

in"the"real"world"

∏"

•  Join%BizSpark%(Microso<)%or%AWS%Ac6vate%(Amazon)%

•  Use%the%free%6er%or%free%trial%•  GitHub%is%free%for%open%source%•  Apply%“unused”%MSDN%credits…%•  But%even%“full%price”%ain’t%bad%azure%aws%

Customers%complain%about%stability%

Scenario"that"can

"actually"happen"

in"the"real"world"

Monitoring!AlerUng!!Autoscale!

[your%scenario%here]%

Scenario"that"can

"actually"happen"

in"the"real"world"

!"

•  What’s%le<?%%•  Ques6ons?%

Service%[or%app]%needs%to%scale%

Scenario"that"can

"actually"happen"

in"the"real"world"

≠"

Service%[or%app]%needs%to%really%scale%

Scenario"that"can

"actually"happen"

in"the"real"world

"""

•  CloudCNa6ve:%HA,%high%resourceCefficiency,%and%high%costCefficiency%

•  Impact%is%Architectural%•  Some%pa:erns%may%help…%

Windows Azure Compute Options

•  Hadoop!(HDInsight)!–!specialized:!big!data!•  Mobile!Services!–!specialized:!devices!•  Virtual!Machines!–!most!flexible!•  Web!Sites!–!most!convenient!•  Cloud!Services!–!most!scalable,!most!efficient!

Traditional Architecture (“SOA”)

Web!Tier!Load!!Balancer!

Service!Tier!

Cloud-Native Services •  Build!highly!scalable!apps!and!services!

•  MulU[Uer,!mulU[instance!architectures!

•  Can!be!combined!with!other!compute!services!

•  Maintain%stateless%nodes%&%horizontal%scaling%approach%

•  Automatable!management!

Cloud Services

Web!Roles!!•  1+!types!•  Windows!Server!!

•  Running!IIS!

.csdef cscfg

Worker!Roles!!•  1+!types!•  Windows!Server!!

•  Could!run!Tomcat,!etc.!

“Service!Model”!•  Deployment!Package!

•  Config:!VM!sizes%&!instance!counts,!seyngs,!endpoints,!certs…!

Reliable Queue Services •  Rentable!–!off[the[shelf!service!•  Efficient!–!resource[!and!cost[efficient!•  Reliable!–!backed!by!SLA!and!ops!team!•  Durable!–!won’t!lose!your!data!•  Scalable!–!Internet"scale"•  Approachable!–!REST!+!SDKs!•  Feature!rich!–!!support!“at!least!once”!and!“at!most!once”!delivery!guarantees!

•  Examples:!!$  Azure!Service!Bus!&!Storage!Queue!Services!$  Amazon!Simple!Queue!Service!(SQS)!

Scalable Architecture

Service!Bus!Queue!

Web!Tier! Service!Tier!(“Workers”)!

Pa#ern!in!AcUon:!User!Uploads!Photo!

Web!Server!

Compute!Service!Reliable%Queue%

Reliable%Storage%

QCW![on!Windows!Azure]!

WE%NEED:%•  Compute!(VM)!resources!to!run!our!code!

% Web%Roles!(IIS)!and!Worker%Roles!(w/o!IIS)!•  Reliable!Queue!to!communicate!

% Azure!Storage!Queues!•  Durable/Persistent!Storage!

% Azure!Storage!Blobs%&!Tables;!WASD!

Pa#ern!in!AcUon:!User!Uploads!Photo!

Web!Tier!

Service!Tier!

Reliable%Queue%

Reliable%File%Storage%

UX%implica6ons:%user!does!not!wait!for!thumbnail!(architecture!)!

www.pageo

fpho

tos.com! push! pull!

Pa#ern!enables!Responsive!UX!

•  Response!to!interacUve!users!is!as!fast!as!a!work!request!can!be!persisted!

•  Time!consuming!work!done!asynchronously!•  Comparable!total!resource!consumpUon,!arguably!be#er!subjecUve!UX!

•  UX%challenge!–!how!to!express!Async!to!users?!– Communicate!Progress!– Display!Final!results!– Long!Polling/Web!Sockets!(e.g.,!SignalR!or!Node.io)!

Pa#ern!supports%bi[direcUonal!scaling!

•  Decoupled!front/back!provides!insula6on%–  Blocking!is!Bane!of!Scalability!– Order!processing!partner!doing!maintenance!–  Twi#er!down!–  Email!server!unreachable!–  Internet!connecUvity!interrupUon!

•  Loosely!coupled,!concernCindependent%scaling%–  (see!next!slide)!– Get!Scale%Units!right!– “Scale”!in!BOTH!DIRECTIONS!– Key!to!opUmizing!operaUonal!CO$T$%

General!Case:!!Many!Roles,!Many!Queues%

Web!Role!(IIS)!

Worker!Role!

Web!Role!(IIS)!

Web!Role!

(Public)!

Worker!Role!Worker!Role!Worker!Role!Type!1!

Worker!Role!Worker!Role!Worker!Role!Worker!Role!Type!2!

Queue!Type!1!

Queue!Type!2!

Queue!Type!1!

Queue!Type!2!

Queue!Type!3!

• !Scaling!best!when!Investment%α%Benefit%• %Op6mize%for%CO$T%EFFICIENCY%

• !Logical!vs.!Physical!Architecture!depends!on!current!scale!

Worker!Role!Type!2!

Worker!Role!Type!2!

Worker!Role!Type!2!

Web!Role!

(Admin)!

Reliable!Queue!&!2[step!Delete!

Web%Tier%

Service%Tier%

(Workers)%

var%url!=!“h#p://pageofphotos.blob.core.windows.net/up/<guid>.png”;%queue.AddMessage(!new!CloudQueueMessage(!url!)!);!

var!invisibilityWindow!=!TimeSpan.FromSeconds(!10!);%CloudQueueMessage!!msg!=!!!!!!!!!!!!!!!!!queue.GetMessage(!invisibilityWindow!);!

(…"do"some"processing"then"…)"

queue.DeleteMessage(%msg%);!

Queue%

Pa#ern!requires!Idempotent!

•  Perform"idempotent"opera)on"more"than"

once,"end"result"same"as"if"we"did"it"once"

•  Example!with!Thumbnailing!(easy!case)!•  App[specific!concerns!dictate!approaches!

– CompensaUng!acUon,!Last!write!wins,!etc.!

•  PARTNERSHIP:!division!of!responsibility!between!cloud!plaXorm!&!app!– Far!cry!from!database!transacUon!

Pa#ern!expects%Poison!Messages!

•  A!Poison!Message!cannot!be!processed!– Error!condiUon!for!non[transient!reason!– Use!dequeue!count!property!

•  Be!proacUve!– Falling!off!the!queue!may!kill!your!system!

•  Determine!a!Max!Retry!policy!per!queue!– Delete,!put!on!“bad”!queue,!alert!human,!…!

Pa#ern!assumes%“Plan!for!Failure”!

•  VM%restarts%will%happen%– Hardware!failure,!O/S!patching,!crash!(bug)!

•  Bake!in!handling!of!restarts!into!our!apps!– Restarts!are!rouUne:!system!“just!keeps!working”!–  Idempotent!support!needed!important!– Event!Sourcing!(commonly!seen!with!CQRS)!may!help!

•  Not!an!excepUon!case!!Expect!it!!•  Consider!N+1!Rule!

Typical%Site% Any%1%Role%Inst% Overall%System%

Opera6ng%System%Upgrade%

Applica6on%Code%Update%%

Scale%Up,%Down,%or%In%

Hardware%Failure%

So<ware%Failure%(Bug)%

Security%Patch%

What’s%Up?%Reliability!as!EMERGENT!PROPERTY!

Aside:!Is!QCW!same!as!CQRS?!

•  Short%answer:%“no”%•  CQRS%

–  Command%Query%Responsibility%Segrega6on%

•  Commands!change!state!•  Queries!ask!for!current!state!•  Any!operaUon!is!one!or!the!other!•  SomeUmes!includes!Event!Sourcing!•  SomeUmes!modeled!using!Domain!Driven!Design!(DDD)!

What!about!the!DATA?!

•  You:%Azure!Web!Roles!and!Azure!Worker!Roles!– Taking!user!input,!dispatching!work,!doing!work!– Follow!a!decoupled!queue[in[the[middle!pa#ern!– Stateless!compute!nodes!

•  Cloud:!“Hard!Part”:!persistent,!scalable!data!– Azure!Queue!&!Blob%Services!– Three!copies!of!each!byte!– Geo[replicated!to!sister!data!center!– Busy%Signal%Pa:ern%

Azure!Services!

In!Closing…!

•  SaaS!+!APIs!– ALM,!user!feedback!gathering,!…!

•  PaaS!– Host!enUre!applicaUons!(e.g.,!Web!Sites)!– Make!it!easier!to!build!applicaUons!(leverage!Database!/!Queue!/!File!Storage!/!VM!services)!

•  IaaS!– Also!many!uses!for!dev/test!!

•  Use!services!to!help!you!scale!cost[!and!resource[efficiently!using!Architecture!

QuesUons?!Comments?!

More!informaUon?!

?!

Business!Card!

BostonAzure.org!

•  Boston!Azure!cloud!user!group!•  Focused!on!Microsoi’s!Public!Cloud!PlaXorm!

•  Monthly,!6:00[8:30!PM!in!Boston!area!– Food;!wifi;!free;!great!topics;!growing!community!

•  Follow!on!Twi#er:!@bostonazure%%•  More!info!or!to!join!our!Meetup.com!group:!!

h:p://www.bostonazure.org%

Looking"for"…"

•  consul)ng"help"with"Windows"Azure"PlaJorm?""

•  someone"to"bounce"Azure"or"cloud"ques)ons"off?"

•  a"speaker"for"your"user"group"or""company"technology"event?"

Just!Ask!!%

%Bill%Wilder%%@codingoutloud%%h:p://blog.codingoutloud.com%%community%inquiries:%[email protected]%%business%inquiries:%www.devpartners.com%%%book:%www.cloudarchitecturepa:erns.com%%

Contact%Me%

Find!this!slide!deck!here!

Cloud!Architecture!Pa#erns!book!Primer%Chapters%

1.  Scalability!2.  Eventual!Consistency!3.  MulUtenancy!and!!

Commodity!Hardware!4.  Network!Latency!

Cloud!Architecture!Pa#erns!book!!Pa:ern%Chapters%

1.  Horizontally!Scaling!Compute!Pa#ern!2.  Queue[Centric!Workflow!Pa#ern!3.  Auto[Scaling!Pa#ern!4.  MapReduce!Pa#ern!5.  Database!Sharding!Pa#ern!6.  Busy!Signal!Pa#ern!7.  Node!Failure!Pa#ern!8.  Colocate!Pa#ern!9.  Valet!Key!Pa#ern!10. CDN!Pa#ern!11. MulUsite!Deployment!Pa#ern!

Reality!is!Resource[Constrained!

“Security!is!always!a!tradeoff;!it!must!be!balanced!with!the!cost.”"! ! ![!Bruce!Schneier!

!!h#p://www.schneier.com/essay[207.html!

@Bill!Wilder! 68!

Members%of%%Windows%Azure%Security%Team%

@Bill!Wilder! 69!

Data

Defense!in!Depth!Approach!

Physical

Applica6on*

Host

Network

&  Strong!storage!keys!for!access!control!&  SSL!support!for!data!transfers!between!all!parUes!

&  Front[end!.NET!framework!code!running!under!parUal!trust!&  Windows!account!with!least!privileges!

&  Hardened!version!of!Windows!Server!2008!OS!for!both!VM!Host!and!VM!Guest!operaUng!systems!

&  Host!boundaries!enforced!by!external!hypervisor!

&  Host!firewall!limiUng!traffic!to!VMs!&  VLANs!and!packet!filters!in!routers!

&  World[class!physical!security!&  ISO!27001!and!SAS!70!Type!II!cerUficaUons!for!datacenter!

processes!

Layer DefenseCinCDepth

@Bill!Wilder! 70!

Defenses!Inherited!by!Windows!Azure!PlaXorm!ApplicaUons!

Spoofing! Tampering/!Disclosure!

ElevaUon!of!Privilege!

!Configurable!scale[out!

Denial!of!Service!

VM!switch!hardening!!CerUficate!Services!!Shared[Access!Signatures!!HTTPS!!!Sidechannel!protecUons!

VLANs!!Top!of!Rack!Switches!!Custom!packet!filtering!

ParUal!Trust!RunUme!!Hypervisor!custom!sandboxing!!Virtual!Service!Accounts!

RepudiaUon!

Monitoring!!!DiagnosUcs!Service!

@Bill!Wilder! 71!

Compliance!

•  Surrogate!for!“security”!•  Windows!Azure:!h#p://www.windowsazure.com/en[us/support/trust[center/compliance/!

•  Amazon!Web!Services:!h#p://aws.amazon.com/compliance/!!

Developer!Resources!•  www.windowsazure.com/develop/!is!LOADED!with!Dev!Libraries,!Training!Kits,!How!To!Guides!across:!– Mobile!(iOS,!Android,!Win!Phone,!Win!8!SDKs)!–  .NET,!Node.js,!Java,!PHP,!Python,!REST!–  PowerShell,!CLI!

•  Example:!Create!Node.js%web%site!from!Mac!CLI!h#ps://www.windowsazure.com/en[us/develop/nodejs/tutorials/create[a[website[(mac)/!!

•  Example:!Create!Linux%(CentOS)%VM!from!CLI!(Node[based!CLI!–!Windows!not!required)!h#ps://www.windowsazure.com/en[us/develop/php/how[to[guides/command[line[tools/!h#ps://www.windowsazure.com/en[us/develop/nodejs/how[to[guides/command[line[tools/!!!

•  Example:!Install!Couchbase%+%VNet!on!VM!h#p://blogs.msdn.com/b/jimoneil/archive/2012/06/16/couchbase[on[azure[a[tour[of[new[windows[azure[features.aspx!! @Bill!Wilder! 73!

PORTAL%DEMO%%

www.windowsazure.com%manage.windowsazure.com%%

@Bill!Wilder! 74!

make the cloud less cloudy: a perspective for software development teams

Technology

cloud questions

dosomeprocessingthen

windows azure mvp

windows azure platform

azure insider

windows azure user group

founded boston azure

software development