make the cloud less cloudy: a perspective for software development teams
Post on 20-May-2015
111 Views
Preview:
DESCRIPTION
TRANSCRIPT
�
BW7 Concurrent�Session�11/13/2013�2:15�PM�
�����
"Make the Cloud Less Cloudy: A Perspective for Software
Development Teams" ���
Presented by:
Bill Wilder Development Partners Software Corporation
������
Brought�to�you�by:��
��
340�Corporate�Way,�Suite�300,�Orange�Park,�FL�32073�888Ͳ268Ͳ8770�ͼ�904Ͳ278Ͳ0524�ͼ�sqeinfo@sqe.com�ͼ�www.sqe.com
Bill Wilder Development Partners Software Corporation
Bill Wilder is a hands-on architect, trainer, writer, and community leader focused on helping companies and individuals succeed with the cloud using the Windows Azure Platform. Bill began working with Windows Azure when it was unveiled at the Microsoft PDC in 2008 and in 2009 founded Boston Azure (bostonazure.org), the first Windows Azure user group in the world. He is recognized by Microsoft as a Windows Azure MVP and an Azure Insider. Bill is the author of Cloud Architecture Patterns, blogs atblog.codingoutloud.com, and is on Twitter at @codingoutloud. Got cloud questions? Feel free to reach out to Bill via devpartners.comor billw@devpartners.com.
�
Make%the%Cloud%Less%Cloudy%A"Perspec)ve"for""
So.ware"Development"Teams!It’s%all%about%Produc6vity!
Be:er%So<ware%Conference%East%13CNovemberC2013%(2:15%–%3:30%PM)%
Boston%Azure%User%Group%h#p://www.bostonazure.org!@bostonazure%
Bill%Wilder%h#p://blog.codingoutloud.com!@codingoutloud%
My!name!is!Bill!Wilder!
Bill Wilder
codingoutloud@gmail.com!blog.codingoutloud.com!@codingoutloud%%www.devpartners.com%
Who!is!Bill!Wilder?!
www.devpartners.com%
www.bostonazure.org%
www.cloudarchitecturepa:erns.com%
Talk!Roadmap!1. Assume!you!are!on!a!dev!team!
– Tester,!Developer,!Release!Engineer,!Project!Manager,!Team!Leader,!Architect,!…!!
– Or!are!a!DBA!or!in!Ops!or!in!DevOps!2. You!are!a!Windows!/!.NET!shop!
– Or!Linux,!or!Python,!or!Java,!or!Node,!or!PHP,!or!…!3. Focus!on!the!PracUcal!
– Scenarios"that"can"actually"happen"in"the"real"world"– Examples!drawn!from!Public!Cloud!PlaXorms!– Emphasis!on!Scenarios!&!Demos%
4. ApplicaUon!Architecture!for!cloud[naUve!apps!(final!15!minutes)!
Overall%Theme:%specific,!acUonable!uses!for!cloud!
“The%Cloud”%(according!to!some!vendors)!
Copyright!©!2013!Elizabeth!B.!O’Connor!•!used!with!permission!•!www.elizabethboconnor.com!!
“The%Cloud”%(according!to!customers)!Let’s"be"prac)cal"and"fact?based"
Using!the!cloud!(for!anything)!means:!• Taking!a!dependency!on!the!public!Internet!• Some!loss!of!control!For!apps:!• SomeUmes!need!or!benefit!from!updaUng!For!people:!• New!concepts!&!skills!to!be!learned!&!applied!But!many!prac6cal!uses!that%work!(stay!tuned!!)!
Beyond…!
Cost!transparency!Pay[by[use!rental!Opex!(not!capex)!Measurable!Cost!"!Benefits!less!easily!quanUfied!A!Business!InnovaUon!The%Cloud%>>%a%bunch%of%useful%services%with%APIs%"!API[driven!is!mega.trend!!
NIST!Terminology!
• SaaS!=!Soiware!as!a!Service!(BYO!users)!• PaaS!=!Plaform!as!a!Service!(BYO!apps)!• IaaS!=!Infrastructure!as!a!Service!(BYO!VMs)!
Simplicity!
Complexity!Flexibility!
Rigidity!Power?!
Power?!h#p://csrc.nist.gov/publicaUons/nistpubs/800[145/SP800[145.pdf!
Cloud!CompuUng!On[Premises!Soiware!
Storage
Servers
Networking
O/S
Middleware
Virtualization
Data
Applications
Runtime
You!manage!
Infrastructure!(as!a!Service)!
Storage
Servers
Networking
O/S
Middleware
Virtualization
Data
Applications
Runtime
Managed!by!vendor!
You!manage!
PlaXorm!(as!a!Service)!
Managed!by!vendor!
You!manage!
Storage
Servers
Networking
O/S
Middleware
Virtualization
Applications
Runtime
Data
Soiware!(as!a!Service)!
Managed!by!vendor!
Storage
Servers
O/S
Middleware
Virtualization
Applications
Runtime
Data
Networking
|%%%%%%%%%%Public%Cloud%Rental%Models%%%%%%%%%%%|!
So<ware%as%a%Service%(“SaaS”)!BYO%Users%(or%Dev%Team)%
!!!!
And!others…!
Key!Concept!
Pla_orm%as%a%Service%(“PaaS”)!BYO%Apps!
!!!!
And!others…!
Key!Concept!
Infrastructure%as%a%Service%(“IaaS”)!BYO%VMs%(and%Admins%&%DBAs)!
!!!
And!others…!
Key!Concept!
SaaS%#%PaaS%#%IaaS%is!a%spectrum"
How!to!choose?!Not!mutually!exclusive.!
PlaXorm!Services!are!your!friend.!
Key!Concept!
Need%Departmental%web%site%
Scenario"that"can
"actually"happen"
in"the"real"world%©"
(Ini6al)%Requirements:%%• Public%• Sta6c%• Small%audience%
What!happens!to!Departmental!Web!Site…!!
Business%Requirements%1. Public!staUc!web!site!2. 15!users!3. Dynamic!pages!updated!
by!pulling!from!API!4. Control!access!to!some!
pages!w/!login!5. Add!database!6. Open!up!to!whole!
company!of!40k!people!
Technical%Solu6on%1. Simple!Web!App!2. Shared!VM!3. Need!more!memory!
and!CPU!4. Use!Federated!
AuthenUcaUon!5. Need!backups!6. Need!more!resources!+!
monitoring!+!DR!
Demo%
Windows!Azure!Web!Sites!Using!Azure!Web!Site!Gallery!
Demo%
Federated!AuthenUcaUon!ASP.NET!+!WAAD!(if!4me!allows,!at!end)!
Deployment%takes%too%long%
Scenario"that"can
"actually"happen"
in"the"real"world"
!"
• Time%from%checkCin%to%available%for%dev/test%
• Produc6on%vs.%other%environments%
Demo%
Windows!Azure!Web!Sites!Automated!Deployment!from!GitHub!
(one!of!many!opUons)!
Need%a%test%instance%
Scenario"that"can
"actually"happen"
in"the"real"world"™"
• Poten6al%Customer(s)%(kick%6res,%PoC)%• CEO%(conference!demo)%• Marke6ng%(to%brag%about%it)%• EVEN%for%“NONCCLOUD”%SOFTWARE…%
Demo%
Windows!Azure!Virtual!Machine!1. Use!Azure!VM!Image!GALLERY!2. Automate!with!CLI!
Flexible!VM!“Template”!OpUons!
Out[of[the[box!Vendor!Gallery!• Curated!by!Vendor!
Community[driven!Gallery!• Not!limited!to!“cloud!stuff”!• Azure!VM!Depot!h#p://vmdepot.msopentech.com/!!• Amazon!AMI!Marketplace!h#ps://aws.amazon.com/marketplace/!!
Your!own!Images!• Easy!to!create!within!your!account!• Can!keep!Private!or!Share!the!VM!• Sharing!with!other!accounts!is!out[of[band!
Need%a%Database%
Scenario"that"can
"actually"happen"
in"the"real"world"
"
• Experiment,%Prototype,%New%Dev,%Test,%Prod,%…%• IaaS%vs.%PaaS%&%%
Vendor%vs.%3rd%Party:%Windows!Azure!SQL!Database,!SQL!Server,!RDS,!MySQL,!Oracle,!Mongo,!Azure!Tables,!SimpleDB,!and!many!more…!
Demo%
1.!Show!IaaS!and!PaaS!and!Partner%%%%%%%%%(Store/Marketplace)!OpUons!2.!Example!PaaS!database:!!!!!!Windows!Azure!SQL!Database!
Need%to%Share%Files%Publicly%%(or%selec6vely)%
Scenario"that"can
"actually"happen"
in"the"real"world"
"
• Videos,%Documents,%Installa6ons,%…%• Amazon%S3,%Azure%Blob%• CDNCbacked,%Global,%SuperCscalable,%
CrazyCreliable,%Inexpensive%
Highly!Durable!Blob!Storage!(Azure)!
24!CDN!Nodes!(8!Data!Centers)!
Image!credit:!h#p://welyClau.net/2012/05/10/an[introducUon[to[windows[azure[part[2/!
Need%a%temporary[?]%dev%environment%
Scenario"that"can
"actually"happen"
in"the"real"world"
"
• Hire%a%ShortCterm%Contractor%• Need%to%test%on%fresh%OS%• Dev%on%vaca%needs%to%debug%• Or%“just%because”…%• Give%a%talk%or%give%demos%
Demo%
Windows!Azure!Virtual!Machines!with!MSDN!Benefits!(The!meta[demo!!)!
download_blob_to_file.py!from!azure.storage!import!*!!blob_service!=!BlobService(!!!!!!!!!!account_name!=!!az_storage_account_name,!!!!!!!!!!!account_key!=!az_storage_account_key)!%stream!=!blob_service.get_blob(!!!!!!!!!!!blob_container_name,!blob_name)!with!open(file_path,!'w')!as!f:!!!!!!!!!!!f.write(stream)!
Too%many%usernames%&%passwords%
Scenario"that"can
"actually"happen"
in"the"real"world"
"
• Internal%apps%• Our%customerCfacing%app%
requires%custom%username%• Our%dev%tools%are%guilty%too%
Demo%
Federated!AuthenUcaUon!ASP.NET!+!WAAD!
I%have%a%startup%or%want%to%learn%
Scenario"that"can
"actually"happen"
in"the"real"world"
∏"
• Join%BizSpark%(Microso<)%or%AWS%Ac6vate%(Amazon)%
• Use%the%free%6er%or%free%trial%• GitHub%is%free%for%open%source%• Apply%“unused”%MSDN%credits…%• But%even%“full%price”%ain’t%bad%azure%aws%
Customers%complain%about%stability%
Scenario"that"can
"actually"happen"
in"the"real"world"
Monitoring!AlerUng!!Autoscale!
[your%scenario%here]%
Scenario"that"can
"actually"happen"
in"the"real"world"
!"
• What’s%le<?%%• Ques6ons?%
Service%[or%app]%needs%to%scale%
Scenario"that"can
"actually"happen"
in"the"real"world"
≠"
Service%[or%app]%needs%to%really%scale%
Scenario"that"can
"actually"happen"
in"the"real"world
"""
• CloudCNa6ve:%HA,%high%resourceCefficiency,%and%high%costCefficiency%
• Impact%is%Architectural%• Some%pa:erns%may%help…%
Windows Azure Compute Options
• Hadoop!(HDInsight)!–!specialized:!big!data!• Mobile!Services!–!specialized:!devices!• Virtual!Machines!–!most!flexible!• Web!Sites!–!most!convenient!• Cloud!Services!–!most!scalable,!most!efficient!
Traditional Architecture (“SOA”)
Web!Tier!Load!!Balancer!
Service!Tier!
Cloud-Native Services • Build!highly!scalable!apps!and!services!
• MulU[Uer,!mulU[instance!architectures!
• Can!be!combined!with!other!compute!services!
• Maintain%stateless%nodes%&%horizontal%scaling%approach%
• Automatable!management!
Cloud Services
Web!Roles!!• 1+!types!• Windows!Server!!
• Running!IIS!
.csdef cscfg
Worker!Roles!!• 1+!types!• Windows!Server!!
• Could!run!Tomcat,!etc.!
“Service!Model”!• Deployment!Package!
• Config:!VM!sizes%&!instance!counts,!seyngs,!endpoints,!certs…!
Reliable Queue Services • Rentable!–!off[the[shelf!service!• Efficient!–!resource[!and!cost[efficient!• Reliable!–!backed!by!SLA!and!ops!team!• Durable!–!won’t!lose!your!data!• Scalable!–!Internet"scale"• Approachable!–!REST!+!SDKs!• Feature!rich!–!!support!“at!least!once”!and!“at!most!once”!delivery!guarantees!
• Examples:!!$ Azure!Service!Bus!&!Storage!Queue!Services!$ Amazon!Simple!Queue!Service!(SQS)!
Scalable Architecture
Service!Bus!Queue!
Web!Tier! Service!Tier!(“Workers”)!
Pa#ern!in!AcUon:!User!Uploads!Photo!
Web!Server!
Compute!Service!Reliable%Queue%
Reliable%Storage%
QCW![on!Windows!Azure]!
WE%NEED:%• Compute!(VM)!resources!to!run!our!code!
% Web%Roles!(IIS)!and!Worker%Roles!(w/o!IIS)!• Reliable!Queue!to!communicate!
% Azure!Storage!Queues!• Durable/Persistent!Storage!
% Azure!Storage!Blobs%&!Tables;!WASD!
Pa#ern!in!AcUon:!User!Uploads!Photo!
Web!Tier!
Service!Tier!
Reliable%Queue%
Reliable%File%Storage%
UX%implica6ons:%user!does!not!wait!for!thumbnail!(architecture!)!
www.pageo
fpho
tos.com! push! pull!
Pa#ern!enables!Responsive!UX!
• Response!to!interacUve!users!is!as!fast!as!a!work!request!can!be!persisted!
• Time!consuming!work!done!asynchronously!• Comparable!total!resource!consumpUon,!arguably!be#er!subjecUve!UX!
• UX%challenge!–!how!to!express!Async!to!users?!– Communicate!Progress!– Display!Final!results!– Long!Polling/Web!Sockets!(e.g.,!SignalR!or!Node.io)!
Pa#ern!supports%bi[direcUonal!scaling!
• Decoupled!front/back!provides!insula6on%– Blocking!is!Bane!of!Scalability!– Order!processing!partner!doing!maintenance!– Twi#er!down!– Email!server!unreachable!– Internet!connecUvity!interrupUon!
• Loosely!coupled,!concernCindependent%scaling%– (see!next!slide)!– Get!Scale%Units!right!– “Scale”!in!BOTH!DIRECTIONS!– Key!to!opUmizing!operaUonal!CO$T$%
General!Case:!!Many!Roles,!Many!Queues%
Web!Role!(IIS)!
Worker!Role!
Web!Role!(IIS)!
Web!Role!
(Public)!
Worker!Role!Worker!Role!Worker!Role!Type!1!
Worker!Role!Worker!Role!Worker!Role!Worker!Role!Type!2!
Queue!Type!1!
Queue!Type!2!
Queue!Type!1!
Queue!Type!2!
Queue!Type!3!
• !Scaling!best!when!Investment%α%Benefit%• %Op6mize%for%CO$T%EFFICIENCY%
• !Logical!vs.!Physical!Architecture!depends!on!current!scale!
Worker!Role!Type!2!
Worker!Role!Type!2!
Worker!Role!Type!2!
Web!Role!
(Admin)!
Reliable!Queue!&!2[step!Delete!
Web%Tier%
Service%Tier%
(Workers)%
var%url!=!“h#p://pageofphotos.blob.core.windows.net/up/<guid>.png”;%queue.AddMessage(!new!CloudQueueMessage(!url!)!);!
var!invisibilityWindow!=!TimeSpan.FromSeconds(!10!);%CloudQueueMessage!!msg!=!!!!!!!!!!!!!!!!!queue.GetMessage(!invisibilityWindow!);!
(…"do"some"processing"then"…)"
queue.DeleteMessage(%msg%);!
Queue%
Pa#ern!requires!Idempotent!
• Perform"idempotent"opera)on"more"than"
once,"end"result"same"as"if"we"did"it"once"
• Example!with!Thumbnailing!(easy!case)!• App[specific!concerns!dictate!approaches!
– CompensaUng!acUon,!Last!write!wins,!etc.!
• PARTNERSHIP:!division!of!responsibility!between!cloud!plaXorm!&!app!– Far!cry!from!database!transacUon!
Pa#ern!expects%Poison!Messages!
• A!Poison!Message!cannot!be!processed!– Error!condiUon!for!non[transient!reason!– Use!dequeue!count!property!
• Be!proacUve!– Falling!off!the!queue!may!kill!your!system!
• Determine!a!Max!Retry!policy!per!queue!– Delete,!put!on!“bad”!queue,!alert!human,!…!
Pa#ern!assumes%“Plan!for!Failure”!
• VM%restarts%will%happen%– Hardware!failure,!O/S!patching,!crash!(bug)!
• Bake!in!handling!of!restarts!into!our!apps!– Restarts!are!rouUne:!system!“just!keeps!working”!– Idempotent!support!needed!important!– Event!Sourcing!(commonly!seen!with!CQRS)!may!help!
• Not!an!excepUon!case!!Expect!it!!• Consider!N+1!Rule!
Typical%Site% Any%1%Role%Inst% Overall%System%
Opera6ng%System%Upgrade%
Applica6on%Code%Update%%
Scale%Up,%Down,%or%In%
Hardware%Failure%
So<ware%Failure%(Bug)%
Security%Patch%
What’s%Up?%Reliability!as!EMERGENT!PROPERTY!
Aside:!Is!QCW!same!as!CQRS?!
• Short%answer:%“no”%• CQRS%
– Command%Query%Responsibility%Segrega6on%
• Commands!change!state!• Queries!ask!for!current!state!• Any!operaUon!is!one!or!the!other!• SomeUmes!includes!Event!Sourcing!• SomeUmes!modeled!using!Domain!Driven!Design!(DDD)!
What!about!the!DATA?!
• You:%Azure!Web!Roles!and!Azure!Worker!Roles!– Taking!user!input,!dispatching!work,!doing!work!– Follow!a!decoupled!queue[in[the[middle!pa#ern!– Stateless!compute!nodes!
• Cloud:!“Hard!Part”:!persistent,!scalable!data!– Azure!Queue!&!Blob%Services!– Three!copies!of!each!byte!– Geo[replicated!to!sister!data!center!– Busy%Signal%Pa:ern%
Azure!Services!
In!Closing…!
• SaaS!+!APIs!– ALM,!user!feedback!gathering,!…!
• PaaS!– Host!enUre!applicaUons!(e.g.,!Web!Sites)!– Make!it!easier!to!build!applicaUons!(leverage!Database!/!Queue!/!File!Storage!/!VM!services)!
• IaaS!– Also!many!uses!for!dev/test!!
• Use!services!to!help!you!scale!cost[!and!resource[efficiently!using!Architecture!
QuesUons?!Comments?!
More!informaUon?!
?!
Business!Card!
BostonAzure.org!
• Boston!Azure!cloud!user!group!• Focused!on!Microsoi’s!Public!Cloud!PlaXorm!
• Monthly,!6:00[8:30!PM!in!Boston!area!– Food;!wifi;!free;!great!topics;!growing!community!
• Follow!on!Twi#er:!@bostonazure%%• More!info!or!to!join!our!Meetup.com!group:!!
h:p://www.bostonazure.org%
Looking"for"…"
• consul)ng"help"with"Windows"Azure"PlaJorm?""
• someone"to"bounce"Azure"or"cloud"ques)ons"off?"
• a"speaker"for"your"user"group"or""company"technology"event?"
Just!Ask!!%
%Bill%Wilder%%@codingoutloud%%h:p://blog.codingoutloud.com%%community%inquiries:%codingoutloud@gmail.com%%business%inquiries:%www.devpartners.com%%%book:%www.cloudarchitecturepa:erns.com%%
Contact%Me%
Find!this!slide!deck!here!
Cloud!Architecture!Pa#erns!book!Primer%Chapters%
1. Scalability!2. Eventual!Consistency!3. MulUtenancy!and!!
Commodity!Hardware!4. Network!Latency!
Cloud!Architecture!Pa#erns!book!!Pa:ern%Chapters%
1. Horizontally!Scaling!Compute!Pa#ern!2. Queue[Centric!Workflow!Pa#ern!3. Auto[Scaling!Pa#ern!4. MapReduce!Pa#ern!5. Database!Sharding!Pa#ern!6. Busy!Signal!Pa#ern!7. Node!Failure!Pa#ern!8. Colocate!Pa#ern!9. Valet!Key!Pa#ern!10. CDN!Pa#ern!11. MulUsite!Deployment!Pa#ern!
DONE!
Reality!is!Resource[Constrained!
“Security!is!always!a!tradeoff;!it!must!be!balanced!with!the!cost.”"! ! ![!Bruce!Schneier!
!!h#p://www.schneier.com/essay[207.html!
@Bill!Wilder! 68!
Members%of%%Windows%Azure%Security%Team%
@Bill!Wilder! 69!
Data
Defense!in!Depth!Approach!
Physical
Applica6on*
Host
Network
& Strong!storage!keys!for!access!control!& SSL!support!for!data!transfers!between!all!parUes!
& Front[end!.NET!framework!code!running!under!parUal!trust!& Windows!account!with!least!privileges!
& Hardened!version!of!Windows!Server!2008!OS!for!both!VM!Host!and!VM!Guest!operaUng!systems!
& Host!boundaries!enforced!by!external!hypervisor!
& Host!firewall!limiUng!traffic!to!VMs!& VLANs!and!packet!filters!in!routers!
& World[class!physical!security!& ISO!27001!and!SAS!70!Type!II!cerUficaUons!for!datacenter!
processes!
Layer DefenseCinCDepth
@Bill!Wilder! 70!
Defenses!Inherited!by!Windows!Azure!PlaXorm!ApplicaUons!
Spoofing! Tampering/!Disclosure!
ElevaUon!of!Privilege!
!Configurable!scale[out!
Denial!of!Service!
VM!switch!hardening!!CerUficate!Services!!Shared[Access!Signatures!!HTTPS!!!Sidechannel!protecUons!
VLANs!!Top!of!Rack!Switches!!Custom!packet!filtering!
ParUal!Trust!RunUme!!Hypervisor!custom!sandboxing!!Virtual!Service!Accounts!
RepudiaUon!
Monitoring!!!DiagnosUcs!Service!
@Bill!Wilder! 71!
Compliance!
• Surrogate!for!“security”!• Windows!Azure:!h#p://www.windowsazure.com/en[us/support/trust[center/compliance/!
• Amazon!Web!Services:!h#p://aws.amazon.com/compliance/!!
Developer!Resources!• www.windowsazure.com/develop/!is!LOADED!with!Dev!Libraries,!Training!Kits,!How!To!Guides!across:!– Mobile!(iOS,!Android,!Win!Phone,!Win!8!SDKs)!– .NET,!Node.js,!Java,!PHP,!Python,!REST!– PowerShell,!CLI!
• Example:!Create!Node.js%web%site!from!Mac!CLI!h#ps://www.windowsazure.com/en[us/develop/nodejs/tutorials/create[a[website[(mac)/!!
• Example:!Create!Linux%(CentOS)%VM!from!CLI!(Node[based!CLI!–!Windows!not!required)!h#ps://www.windowsazure.com/en[us/develop/php/how[to[guides/command[line[tools/!h#ps://www.windowsazure.com/en[us/develop/nodejs/how[to[guides/command[line[tools/!!!
• Example:!Install!Couchbase%+%VNet!on!VM!h#p://blogs.msdn.com/b/jimoneil/archive/2012/06/16/couchbase[on[azure[a[tour[of[new[windows[azure[features.aspx!! @Bill!Wilder! 73!
PORTAL%DEMO%%
www.windowsazure.com%manage.windowsazure.com%%
@Bill!Wilder! 74!
top related