The Ball / SOS on Azure Part 2 Kalle Launiala, Citrus Solutions Oy [email protected].

The Ball / SOS on Azure Part 2Kalle Launiala, Citrus Solutions [email protected]

#td2013fi

About the Presentation – Part 2

Developer getting started from scratchGit clone, build, debug, deploy

Developing HTML(5) + jQuery UI on The BallDemonstrating Web / Worker Role responsibilities

The Ball – Architecture Overview & Deep Dive

RégisLaurentDirector of Operations, Global KnowledgeCompetencies include:Gold LearningSilver System Management

Developer Setup

#td2013fi

Solution structures, build order, deployment options

Get The Source – And Build

Get main project from Github“git clone git://github.com/abstractiondev/TheBallOnAzure”

Get git submodule content“cd TheBallOnAzure”“gitupdateproject.cmd”

Build SolutionsTheBallADM.sln => build, run/debug “AbstractionBuilder.exe”TheBallOnAzure.sln => buildTheBallAzureConfiguration.sln => build, deploy- Then update the accelerator content

Solution Structure

TheBallADM.slnDrives the modular automation from information & process model

TheBallOnAzure.slnMain solution for implementationIncludes automation results in build

TheBallOnAzureConfiguration.slnAccelerator based Azure-deployments- Fine grained control of distributed roles

Developer Settings

IIS Express (Requires IIS set up in Windows 8)Otherwise the HTTP-handlers don’t work properlyNOTE! The IIS Express port “sharing” is evil. Debugging other solution by accident (no changes reflecting)

Debug input parameters for TheBallTool:Full path to Apps/UI/HTML/account – directoryStorage conn str: “UseDevelopmentStorage=true”

Accelerator config for worker-role and web-roleAccelerator update for worker roleAccelerator update for web-role (= VS publish)

Mind the storage key location, not necessarily in VCS

Development through design

Modify XML-model filesInformation mode & process modelGet the status tracking and architect to developer guidance OOB

Run transformation & generatorsMaintain references as see fit, add platform support

Implement manual codeCommonly used libraries as well

RégisLaurentDirector of Operations, Global KnowledgeCompetencies include:Gold LearningSilver System Management

Demo time

#td2013fi

Architecture dive in Visual Studio

Demo Sequence

Demo 1: Solution overviewADM generation role, build, deployment to Azure/Dev Storage

Demo 2: HTTP HandlersAnonymousHandler, AuhorizedHandler (Postback), DeveloperHandler (Hybrid FS)

Demo 3: Blob Storage Usage – Web ContentHTML templates + content objects = HTML pages. Dust.js + jQuery from XML (to JSON) content.

Demo 4: Queue Usage – Worker Parallel ExecutionQueue messaging, Queue envelope, Task-specific context

Demo 5: Blob Storage Usage – Advanced ContentInformationObjects; Masters/Collections, Metadata, Subscriptions, Atomic Queues

Demo 6: Logical Operations – Implementation Level ControlWorker role “manual switch”; Service Layer Migration/Exposure on priority backlog

RégisLaurentDirector of Operations, Global KnowledgeCompetencies include:Gold LearningSilver System Management

InformationContext

#td2013fi

Security boundary, object lifecycleAuthentication & Authorization Separate

Collaboration: Roles & Emails

Trusted Email Address

Collaborator

Collaborating Group

Authentication throughGoogle, Windows Live, Facebook,

Twitter, LinkedIn

The BallEcosystem

Owns& Uses

PracticalTrust

Authenticates& Trusts

Strong Authentication

CollaborationProcesses

Role Authorization& Decisions

TrustedInfra

.Cloud.Infra

Authorization Contexts

Role is assigned to email(does not have to exist

in the system)

Collaborator

Collaborating Group

Manyemail

addressesRole: Moderator,Member, Visitor

Group owns the information.

Policy clearly statedbased on group rules.

DocumentsBinary/Media

Data

DocumentsBinary/Media

Data

Publiclypublished

information

AnonymousWeb Surfer

Can accesswithout login or

registration

Can access withoutauthorization

InformationContext

Owner specific authorization boxMore detailed domain specific authorization possible

Serves as “Current.Active” static global property

Changes / caching is managed at this levelChange subscriptions are launched at context close

Analogous to Entity Framework/ORM, or web stackDataContext, ObjectContext, HttpContext

Stored as TaskID specific or HttpContext specific

Storage Layer

Owner context as content root folder

InformationObject type as base class for dataAll other content (media, plain html) supported as-is

Metadata relative to contentSpecial case for location “directory” metadata

Everything as blob content – even metadataNo benefit from table structures, even queue usage is limitedBlob access being authorization scoped reaches everywhere

Authentication layer

Authentication with DotNetOAuthCustom cookie usage to handle web-farms

Self-stored AES key; alike ASP.NET machine-keyKey expiration and per-request payload possible

Not directly connected to authorizationMultiple authentication methods result to same accountAuthentication method MAY affect the “operative authorization”

Authorization layer

Every request is either completely public/anon or completely authorizedDown to web stylesheets, images and so forth

Denormalized formRequest path is used for blob directory For account the account ID reverts to cookie

Account ID is obtained from cookieOne blob storage request to obtain authorization object

Lookup can be cached with low enough expiration

RégisLaurentDirector of Operations, Global KnowledgeCompetencies include:Gold LearningSilver System Management

Events for changes

#td2013fi

Active triggers, passive monitoring

Active tracking: Subscriptions

Source to target subscription typesWeb content to its sourcesMaster collections subscribe to master objectsMaster using objects subscribe to master objects

Update flow handled in “atomic” single processorDirected acyclic graph generated from subscriptionsDictionary<> based InformationObject update evaluation

“Human content” rendering in parallelWeb pages, reports, end-of-the-chain content

Subscription technical implementationSubscription stored in metadataInformationObject or “directory”/collection monitoring

Blob directory for atomic operations.lock file synchronizationNew items can be added while atomic operation is processingEvaluation order is strictly controlled

Azure Queue for parallel operationsProcessing is still context boundWhen evaluation order does not matter

Passive Tracking Required (no OOB support)Active tracking creates costs “outside control”Information chain/network in linked groups grow really fast

Monitoring in traditional fashionPoll periodically for changesCan use MD5/timestamp

Legacy migration apply as-is

RégisLaurentDirector of Operations, Global KnowledgeCompetencies include:Gold LearningSilver System Management

Wrap Up

#td2013fi

Food for thought…

Metrics, overhead, searches

Exact monitoring of resource usage (per context)CPU, Storage, Network. Transparent cost-based billing.Metrics are analogous and immediately applicable to real world processes

Overhead of relevant processing, any?Execution can be tailored through generators and implementation

Searches – on priority backlogAuthorization context specific indexing; Lucene.NET & AzureDirectoryCan always revert to traditional SQL (scalability issues, context issues)

Legacy migration with reference architectureADM was designed to solve this, to enable legacy constrained modernization

Material available

Tech Blog (including the links to github/abstractiondev):http://abstractiondev.wordpress.com/

Videos & Slides in Demo Videos sectionhttp://abstractiondev.wordpress.com/demo-videos/

More about ADM – in The Blog (for example MSTD 2012)Execution can be tailored through generators and implementation

LinkedIn – group(s)“The Ball – The Information Ecosystem”

Email: [email protected]

© 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentations. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Thank you for coming!Feedback can be given via mobile or laptop through techdays.fi seminar schedule.

#td2013fi