I presented this at a user group in Sweden, as a compilation discussion of practical customer experiences with WIndows Azure. The slides led the discussion. Enjoy.
15. Deep Thoughts on Cloud Services
• Packaging settings outside of web.config
• Proper swap, separate VM
• Application insights agent
• Mostly for worker roles, reading queues,
async processing
16. Deep Thoughts on Worker Roles
• Set up configuration settings to shut
off processing
• Implement graceful shutdown
18. SQL DB and SQL Server
• SQL DB (formerly SQL Azure)
– 150GB limit
– No backup logs / replay
– IO performance
– Other SQL features
• SQL DB Premium
– 500GB limit
– 30 days of backups
– Restore on demand
• SQL Server on Azure VM
– Popular alternative
– 1TB limit (blob storage)
19. What do YOU want in a DB?
• No limits manage yourself
– SQL Server VM
• Managed and affordable
– SQL DB
• Managed and $$$
– MySQL / ClearDB cluster
– SQL DB Premium
– Other similar options for MySQL/SQL
Server outside of Azure
20. Deep Thoughts on Relational Data
• All platforms require retry mechanism
• Mind your connection pool settings
• Practice backup and restore
• Always use data masking to dev, test
• PII, encryption
• Review queries, profile, tune
• Use transactions for Pete’s sake
21. noSQL
• It’s either obvious…
– Very large quantities of data
– Easily compartmentalized data, key value lookup or document-centric
– Logs, audit trails, notifications, profile data from social networks,
associative information about users / “things” in the relational store
• Or, it requires planning…
– Could be large quantities
– Could require noSQL scale, parallel access performance
• Many people return to relational
• Can start relational and figure your model out first
• Or, combine the two
23. Big Data/Map Reduce from 10K
Feet
Company B Company CCompany A
Aggregate
Data
(all Companies)
HD
Insight
Company A
Server
Company C
Company B
HD
Insight
(local)
HD
Insight
(local)
HD
Insight
(local)
25. Don’t Drink the Koolaid
• noSQL requires planning
• BigData is not for everyone
• Get an expert, like: Lynn Langit
– www.lynnlangit.com
– Youtube.com/socaldevgal
Shout Out!
27. Service Bus as DMZ
Service Service Service
Web API Web API
Browser Browser
Rich
ClientsMVC /
JQuery AJAX
Service
Mobile
Clients
DMZ
Corporate
Domain
MVC
Site
Web
Forms
Site
28. Service Bus to Data On Premise /
Migration
Service
Client
Web
Application
Service Bus
Corporate
Domain
Windows Azure
31. Queue Comparison
Service Bus Queues Storage Queues
Unlimited message lifetime 7 days expiry
Max 64K message size Max 256K message size
Max 5GB total storage Max 100TB total storage
Duplicate detection
Order guarantees
Dead letter queue
Storage metrics
Purge capability
Long polling Manual back-off polling
32. Queue Comparison
Service Bus Queues Storage Queues
Unlimited message lifetime 7 days expiry
Max 64K message size Max 256K message size
Max 5GB total storage Max 100TB total storage
Duplicate detection
Order guarantees
Dead letter queue
Storage metrics
Purge capability
Long polling Manual back-off polling
34. Deep Thoughts on Async Work
• Queues and worker roles
• Use error queues
• Monitor queues for expiring items
• Use service bus for parallel processing
• Use web jobs to kick off queue
processing
36. Common Blob Storage Usage
• Web site content, javascript, css, images
• Logs (setting)
• App content
– Can separate by user for key isolation via Azure Explorer
• Media
– Can use with media services, encoding services
• Replace file storage
– Retain folder structure
– Request by path
• Very large files
– Set up chunking process for upload
– Use hash to check integrity
37. Blob Storage Integrity
Windows Azure
Storage
Blob Container
Service
validate
signature
Windows
Azure
MD5
Hash
+
MD5
Hash
+
38. Shared Access Signatures
Service
Public Blob
Access
create
update
delete
read
Service
Public
Container
Access
create
update
deleteread
list
Service
Private
Container
create
update
deleteread
list
list
Service
Private
Container
read
access
for
limited
time
with
shared
access
key
shared
access
policy
Browser Client
Shared Access
Signature (SAS)
>1 hour
requires
authentication
header in request
(no browser)
39. Deep Thoughts on Blobs
• Doh, protect your content!
• Separate containers for management
roles and delegation
• Write some reusable tools for saving,
chunking, shared access, reading,
writing to streams, etc.
• Backup, backup, backup (AZCopy)
• Snapshots, maybe
47. Deep Thoughts on IAM
• Don’t write your own identity server
• Use one that can support social and
corporate identity
• Provide a smooth sign up/ registration
• Choose social login options carefully
• You are more secure with a service
• Have a back door for login (yep)
48. Deep Thoughts on Security
Audits
• Have separate security logs
• Log failed access
• Retain logs 1 yr min
• No production keys in open (encrypt)
• Encrypt PII in database
• Mask data to dev, test
• Explore every web threat
• Protect your content, APIs
50. Deep Thoughts on Deployment
• Wouldn’t automated deployment /
upgrade be nice?
• Be very very careful
– Know the location of all parts prod, staging,
dev, and test
– Review configurations, again, and again
– Beware running jobs (workers)
• Pray
• Just kidding
55. Deep Thoughts on Logs
• Is built in better?
• Know where your logs are (yep)
– WAD, table storage events, security
audits, IIS logs
• Table storage or blobs (csv)?
• Real time info
• Historical queries
• Logging can (should) evolve
56.
57. Deep Thoughts on
Troubleshooting
• Log everything possible
• Use an agent if possible for monitoring
• Configure error alerts
• Use google analytics, really
• Be ready with real time queries
62. Backup and Recovery
• Back up your data base, test recovery
• Back up blob storage nightly, keep a
rolling archive
• Know how to spin up a complete
architecture, in emergency
– State of code
– Data, storage
– Moving parts