1 Azure ™ Services Platform Microsoft.NET Services An Introduction Clemens Vasters Technical Lead...
-
Upload
damian-patterson -
Category
Documents
-
view
216 -
download
0
description
Transcript of 1 Azure ™ Services Platform Microsoft.NET Services An Introduction Clemens Vasters Technical Lead...
![Page 1: 1 Azure ™ Services Platform Microsoft.NET Services An Introduction Clemens Vasters Technical Lead Microsoft Corporation.](https://reader035.fdocuments.in/reader035/viewer/2022070605/5a4d1ada7f8b9ab05997491a/html5/thumbnails/1.jpg)
1
Azure™ Services Platform
Microsoft .NET ServicesAn Introduction
Clemens VastersTechnical LeadMicrosoft Corporation
![Page 2: 1 Azure ™ Services Platform Microsoft.NET Services An Introduction Clemens Vasters Technical Lead Microsoft Corporation.](https://reader035.fdocuments.in/reader035/viewer/2022070605/5a4d1ada7f8b9ab05997491a/html5/thumbnails/2.jpg)
2
Azure™ Services Platform
![Page 3: 1 Azure ™ Services Platform Microsoft.NET Services An Introduction Clemens Vasters Technical Lead Microsoft Corporation.](https://reader035.fdocuments.in/reader035/viewer/2022070605/5a4d1ada7f8b9ab05997491a/html5/thumbnails/3.jpg)
A Look Inside Azure
ServiceBus
AccessControl
Workflow
…
Database
Reporting
Analytics
…
Compute Storage Manage
Identity
Devices
Contacts
…
…
…
Your Applications
![Page 4: 1 Azure ™ Services Platform Microsoft.NET Services An Introduction Clemens Vasters Technical Lead Microsoft Corporation.](https://reader035.fdocuments.in/reader035/viewer/2022070605/5a4d1ada7f8b9ab05997491a/html5/thumbnails/4.jpg)
Extending .NET technologies to the cloudOpen and Interoperable
REST, SOAP, ATOM, …Class libraries for Java, Ruby, …
Easy-to-use from .NET Build on existing skills and concepts
Initial focus on three key challengesApplication IntegrationApplication ExtensibilityFederated Access Control
.NET Services - Principles
![Page 5: 1 Azure ™ Services Platform Microsoft.NET Services An Introduction Clemens Vasters Technical Lead Microsoft Corporation.](https://reader035.fdocuments.in/reader035/viewer/2022070605/5a4d1ada7f8b9ab05997491a/html5/thumbnails/5.jpg)
Enterprise Service Bus
Service Orchestration
Service Registry
NamingFederated Identity and
Access Control Messaging Fabric
CRM
Customers Leads
TrendsCampaigns
Supply Chain
Inventory Order Entry
PlanningPurchasing
Point Of Sale
POS Integration
Product Catalog
ReturnsWeb Store
![Page 6: 1 Azure ™ Services Platform Microsoft.NET Services An Introduction Clemens Vasters Technical Lead Microsoft Corporation.](https://reader035.fdocuments.in/reader035/viewer/2022070605/5a4d1ada7f8b9ab05997491a/html5/thumbnails/6.jpg)
Internet Service Bus
Service Orchestration
Service Registry
NamingFederated Identity and
Access Control Messaging Fabric
Clients MS/3rd Party ServicesOn-Premise ESB
ESBDesktop, RIA, Web
Desktop, RIA, & Web
Your Services
![Page 7: 1 Azure ™ Services Platform Microsoft.NET Services An Introduction Clemens Vasters Technical Lead Microsoft Corporation.](https://reader035.fdocuments.in/reader035/viewer/2022070605/5a4d1ada7f8b9ab05997491a/html5/thumbnails/7.jpg)
Secure Cross-Enterprise Integration
Fabrikam
AD
.NET Service Bus. NET Access Control Service
Contoso
AD
Purcha-sing
Order Entry
IdentityProvider
Trust
Access Control Rules govern endpoint access
Zero Inbound Firewall/NAT Ports
![Page 8: 1 Azure ™ Services Platform Microsoft.NET Services An Introduction Clemens Vasters Technical Lead Microsoft Corporation.](https://reader035.fdocuments.in/reader035/viewer/2022070605/5a4d1ada7f8b9ab05997491a/html5/thumbnails/8.jpg)
Secure Cross-Enterprise Integration
Fabrikam
AD
Access Control
Contoso
AD
Purcha-sing
Order Entry
IdentityProvider
Trust
Access Control Rules govern endpoint access
Outbound-only Internet edges
Access Control
AD
Purcha-sing
Order Entry
1 . Acquire Identity Token
2 . Acquire Access
Token w/ ID Token 3 . Send
Message with Access
Token
4 . Validate Access Token
5. Relay Message to
Target
![Page 9: 1 Azure ™ Services Platform Microsoft.NET Services An Introduction Clemens Vasters Technical Lead Microsoft Corporation.](https://reader035.fdocuments.in/reader035/viewer/2022070605/5a4d1ada7f8b9ab05997491a/html5/thumbnails/9.jpg)
Point Of Sale Integration
Fabrikam
AD
.NET Service Bus. NET Access Control Service
Partner StoreHelsinki
Analytics Inventory
Factory StoreMadrid
Inventory
FactoryStoreBrussels
Inventory
Real-time Sales and Inventory Analytics
![Page 10: 1 Azure ™ Services Platform Microsoft.NET Services An Introduction Clemens Vasters Technical Lead Microsoft Corporation.](https://reader035.fdocuments.in/reader035/viewer/2022070605/5a4d1ada7f8b9ab05997491a/html5/thumbnails/10.jpg)
Document Itineraries
Fabrikam
AD
.NET Workflow Service
.NET Service Bus. NET Access Control Service
Parts VendorB
Purcha-sing
Order Entry
PartsVendorA
Order Entry
LogisticsPartner
Order Entry
Just-In-Time Acquisition and Delivery
On-Demand Delivery
Workflow
![Page 11: 1 Azure ™ Services Platform Microsoft.NET Services An Introduction Clemens Vasters Technical Lead Microsoft Corporation.](https://reader035.fdocuments.in/reader035/viewer/2022070605/5a4d1ada7f8b9ab05997491a/html5/thumbnails/11.jpg)
Personal Photo Sharing
. NET Access Control Service
Borge’sHomeServer
Photos
Ahti’sPDA
Photos
Maria’sMac
Photos
Celine’sPC
Photos
.NET Service Bus
Eva’sPhone
Photos
Residential Broadband or
GSM or 3G
![Page 12: 1 Azure ™ Services Platform Microsoft.NET Services An Introduction Clemens Vasters Technical Lead Microsoft Corporation.](https://reader035.fdocuments.in/reader035/viewer/2022070605/5a4d1ada7f8b9ab05997491a/html5/thumbnails/12.jpg)
.NET Access Control Service
Service Orchestration
Service Registry
NamingFederated Identity and
Access Control Messaging Fabric
![Page 13: 1 Azure ™ Services Platform Microsoft.NET Services An Introduction Clemens Vasters Technical Lead Microsoft Corporation.](https://reader035.fdocuments.in/reader035/viewer/2022070605/5a4d1ada7f8b9ab05997491a/html5/thumbnails/13.jpg)
Many identity providers, many vendors, many protocols, complex semantics – tricky to get rightApplication strewn with one-off access logicHard to get right, not agile, not compliant, many dead ends
Access Control – Key Challenges
Corporate Directory
Solution Identities
Extranet Identities
SaaS Platform Identities
…
![Page 14: 1 Azure ™ Services Platform Microsoft.NET Services An Introduction Clemens Vasters Technical Lead Microsoft Corporation.](https://reader035.fdocuments.in/reader035/viewer/2022070605/5a4d1ada7f8b9ab05997491a/html5/thumbnails/14.jpg)
Automate federation for a wide-range of identity providers and technologiesFactor the access control logic from the application into manageable collection of rulesEasy-to-use framework that ensures correct
token processing
Access Control – Approach
Corporate Directory
Solution Identities
Extranet Identities
SaaS Platform Identities
…
.NET Access Control Service
![Page 15: 1 Azure ™ Services Platform Microsoft.NET Services An Introduction Clemens Vasters Technical Lead Microsoft Corporation.](https://reader035.fdocuments.in/reader035/viewer/2022070605/5a4d1ada7f8b9ab05997491a/html5/thumbnails/15.jpg)
Access Control Interactions
Your Access Control Project(a hosted STS)
Relying Party(Your App)
2. Send Claims4. Send Token
(output claims from 3)
5. Send Messagew/token
0. Certificate exchange; periodically refreshed
Requestor(Your Customer)
Define access control rules for a customer
6.Claims checked in
Relying Party
3. Map input claims to output claims based on access control rules
IP
1. Acquire Claims
![Page 16: 1 Azure ™ Services Platform Microsoft.NET Services An Introduction Clemens Vasters Technical Lead Microsoft Corporation.](https://reader035.fdocuments.in/reader035/viewer/2022070605/5a4d1ada7f8b9ab05997491a/html5/thumbnails/16.jpg)
Scope: Protected resource hierarchySubscope: Delegated, independent branch
Rule: ‘All’ or ‘Any’ input-claims matchPositive rule match yields single output-claim
Access Control Rules Contoso Litware Fabrikam
Scope – http://contoso.com/
Subscope – http://contoso.com/sales/Group ‘CorpSales’ from Contoso ‘Contrib-Internal’
Group ‘Contoso’ from Litware ‘Contrib-External’
Group ‘Purchasing’ from Fabrikam ‘Read-Partners’
Group ‘Admins’ from Contoso ‘Administrator’
![Page 17: 1 Azure ™ Services Platform Microsoft.NET Services An Introduction Clemens Vasters Technical Lead Microsoft Corporation.](https://reader035.fdocuments.in/reader035/viewer/2022070605/5a4d1ada7f8b9ab05997491a/html5/thumbnails/17.jpg)
Flexible, rules-driven access controlRich support for a wide range of identity providersThe Geneva framework is the .NET developer experienceEasy to incorporate into existing applicationsWorks with lots of other environments; e.g. Sun’s Java Metro 1.3, …
Access Control Summary
![Page 18: 1 Azure ™ Services Platform Microsoft.NET Services An Introduction Clemens Vasters Technical Lead Microsoft Corporation.](https://reader035.fdocuments.in/reader035/viewer/2022070605/5a4d1ada7f8b9ab05997491a/html5/thumbnails/18.jpg)
.NET Workflow Service
Service Orchestration
Service Registry
NamingFederated Identity and
Access Control Messaging Fabric
![Page 19: 1 Azure ™ Services Platform Microsoft.NET Services An Introduction Clemens Vasters Technical Lead Microsoft Corporation.](https://reader035.fdocuments.in/reader035/viewer/2022070605/5a4d1ada7f8b9ab05997491a/html5/thumbnails/19.jpg)
Want to describe long-running processesWant to orchestrate work across servicesWant modularity and nestingEasy to describe but in practice harder to run
Hosting and scaling can be challengingSetup and installing, define scale-out approach, ensure long-running availability, manage upgrades, …
Workflow – Key Challenges
![Page 20: 1 Azure ™ Services Platform Microsoft.NET Services An Introduction Clemens Vasters Technical Lead Microsoft Corporation.](https://reader035.fdocuments.in/reader035/viewer/2022070605/5a4d1ada7f8b9ab05997491a/html5/thumbnails/20.jpg)
Internet-Scoped Service OrchestrationSpecialized Activity Library
Workflow Service – Overview
.NET Workflow
ServiceTypes Instances
WF Models(XOML)
Control Flow
+Activities
Portal API
Visual Studio Workflow Designer
Custom Designers / Generators
![Page 21: 1 Azure ™ Services Platform Microsoft.NET Services An Introduction Clemens Vasters Technical Lead Microsoft Corporation.](https://reader035.fdocuments.in/reader035/viewer/2022070605/5a4d1ada7f8b9ab05997491a/html5/thumbnails/21.jpg)
WF is a general-purpose FrameworkBroad extensibility: Custom and code activitiesSimple hosting options (standalone or via WCF)Sophisticated hosting options via extensions
.NET Workflow Service builds on WFSpecialized, high-scale, resilient hosting environmentSpecialized set of activities for OrchestrationIntentionally not a general-purpose host
Windows Workflow Foundation vs.
.NET Workflow Service
Scalability & Fault Resilience
Less Constrained Runtime More Constrained Runtime
![Page 22: 1 Azure ™ Services Platform Microsoft.NET Services An Introduction Clemens Vasters Technical Lead Microsoft Corporation.](https://reader035.fdocuments.in/reader035/viewer/2022070605/5a4d1ada7f8b9ab05997491a/html5/thumbnails/22.jpg)
22
Supported Workflow Activities (PDC)
Standard WF Activity Description
IfElse Conditional Branch
Sequence Sequence of Activities
Suspend Suspends execution until external intervention
Terminate Terminates the workflow
While Executes a conditional loop
.NET Workflow Activity Description
Delay Delays execution for a period of time
HttpSend Sends an outbound HTTP request
HttpReceive Waits for an inbound HTTP request
ServiceBusSend Sends a message via the Service Bus
XPathRead Extracts a value from a message using XPath
XPathUpdate Updates a value in a message using XPath
![Page 23: 1 Azure ™ Services Platform Microsoft.NET Services An Introduction Clemens Vasters Technical Lead Microsoft Corporation.](https://reader035.fdocuments.in/reader035/viewer/2022070605/5a4d1ada7f8b9ab05997491a/html5/thumbnails/23.jpg)
Execute Workflows with high availabilityDesign Workflows using existing toolsEasily deploy and manage WorkflowsPortal for easy accessManagement APIs for rich automation
Workflow Service Summary
![Page 24: 1 Azure ™ Services Platform Microsoft.NET Services An Introduction Clemens Vasters Technical Lead Microsoft Corporation.](https://reader035.fdocuments.in/reader035/viewer/2022070605/5a4d1ada7f8b9ab05997491a/html5/thumbnails/24.jpg)
.NET Service Bus
Service Orchestration
Service Registry
NamingFederated Identity and
Access Control Messaging Fabric
![Page 25: 1 Azure ™ Services Platform Microsoft.NET Services An Introduction Clemens Vasters Technical Lead Microsoft Corporation.](https://reader035.fdocuments.in/reader035/viewer/2022070605/5a4d1ada7f8b9ab05997491a/html5/thumbnails/25.jpg)
Key developer challengesWant to make it easy and secure for partners to use your applicationDon’t always know the characteristics or scale of the integrationPartners / customers / users have devices and services running behind firewalls
Approach Provide a high-scale, high-available “Service Bus” that supports open Internet protocols
Service Bus
![Page 26: 1 Azure ™ Services Platform Microsoft.NET Services An Introduction Clemens Vasters Technical Lead Microsoft Corporation.](https://reader035.fdocuments.in/reader035/viewer/2022070605/5a4d1ada7f8b9ab05997491a/html5/thumbnails/26.jpg)
IPv4 Address ShortageDynamic IP address allocationNetwork Address Translation (NAT)
Internet is pwn3d by the bad guysFirewalls layered over firewalls over firewalls
Connectivity Challenges
Sender Receiver?Machine Firewall
Network FirewallNetwork Address Translation
Dynamic IP
![Page 27: 1 Azure ™ Services Platform Microsoft.NET Services An Introduction Clemens Vasters Technical Lead Microsoft Corporation.](https://reader035.fdocuments.in/reader035/viewer/2022070605/5a4d1ada7f8b9ab05997491a/html5/thumbnails/27.jpg)
Service Bus Naming
Federated, hierarchical, DNS-integrated, transport-neutral naming system
Root
Solution
Solution
Solution
NameB
NameC
Name1
Name2
Name3
NameA
![Page 28: 1 Azure ™ Services Platform Microsoft.NET Services An Introduction Clemens Vasters Technical Lead Microsoft Corporation.](https://reader035.fdocuments.in/reader035/viewer/2022070605/5a4d1ada7f8b9ab05997491a/html5/thumbnails/28.jpg)
[http|sb]://servicebus.windows.net/services/account/svc/…
Service Registry
Rootservicebus.windows.
netservices
account
contoso
…
svc
Service Registry Root
Multi-Tenant
The service registry provides a mapping from URIs to services
![Page 29: 1 Azure ™ Services Platform Microsoft.NET Services An Introduction Clemens Vasters Technical Lead Microsoft Corporation.](https://reader035.fdocuments.in/reader035/viewer/2022070605/5a4d1ada7f8b9ab05997491a/html5/thumbnails/29.jpg)
Three key capabilitiesMulti-protocol, relayed connectivity
Ensure applications can interconnectDiscovery via common service registry
NAT-NAT Traversal Uses the relay to establish communication Then shortcuts for efficiency
One-way datagram/event distributionUnicast, Multicast and – soon – Anycast Lightweight publish/subscribe modelModel will expand to cover queues and topics
Available in .NET via WCF Bindings
Connectivity
![Page 30: 1 Azure ™ Services Platform Microsoft.NET Services An Introduction Clemens Vasters Technical Lead Microsoft Corporation.](https://reader035.fdocuments.in/reader035/viewer/2022070605/5a4d1ada7f8b9ab05997491a/html5/thumbnails/30.jpg)
Relayed Communication
Service Bus
Sender Receiver
sb://servicebus.windows.net/services/solution/a/b/
outb
ound
conn
ect o
ne-w
ay n
et.tc
p TCP/SSL 828
BackendNamingRoutingFabric
Frontend Nodes
TCP/SSL 808/828
outbound connect bidi socket
Msg Msg
NATFirewallDynamic IP
SubscribeRoute
NLB
![Page 31: 1 Azure ™ Services Platform Microsoft.NET Services An Introduction Clemens Vasters Technical Lead Microsoft Corporation.](https://reader035.fdocuments.in/reader035/viewer/2022070605/5a4d1ada7f8b9ab05997491a/html5/thumbnails/31.jpg)
Service RegistryRelay and direct connect connectivityEvent distributionIntegrated with Access Control services
Service Bus Summary
![Page 32: 1 Azure ™ Services Platform Microsoft.NET Services An Introduction Clemens Vasters Technical Lead Microsoft Corporation.](https://reader035.fdocuments.in/reader035/viewer/2022070605/5a4d1ada7f8b9ab05997491a/html5/thumbnails/32.jpg)
32
Q & A
![Page 33: 1 Azure ™ Services Platform Microsoft.NET Services An Introduction Clemens Vasters Technical Lead Microsoft Corporation.](https://reader035.fdocuments.in/reader035/viewer/2022070605/5a4d1ada7f8b9ab05997491a/html5/thumbnails/33.jpg)