Windows Azure Web Sites – things they don’t teach kids in school - AzureConf
AzureConf 2014 - Azure hybrid connections (Sam Vanhoutte)
-
Upload
sam-vanhoutte -
Category
Technology
-
view
762 -
download
1
description
Transcript of AzureConf 2014 - Azure hybrid connections (Sam Vanhoutte)
Hybrid Connections,
an introductionSam Vanhoutte
CTO Codit, Integration MVP
Nice to meet youSam VANHOUTTECTO, CoditIntegration MVP – BizTalk V-TSP
http://blog.codit.eu@SamVanhoutte
International Focus - HQ in BE
2000 Belgium2004 France2013 Portugal
Microsoft Integration
2012 & 2013
Partner of the Year
Award FinalistApplication Integration
Community
Agenda
1) Azure Hybrid connectivity options
2) BizTalk Hybrid Connections
3) Demo time
4) Architecture
5) Comparing & when to use what
FOR THE NEXT HOUR
Questions?#azureconf
on Twitter
Hybrid Connectivityin Azure
overviewwhen to use what
Evolving Enterprise Infrastructure
Corporate Network
Virtual Network
Virtual Networking
•Traditional network level connectivity•Various options• Point2Site• Site2Site• ExpressRoute
IP/SEC VPN-STYLE CONNECTIVITY
Watch session of Vishwas
Service Bus Messaging
•Asynchronous, message based•Features•Queues & Topics for distributed messaging• Event Hubs for scalable event ingestion•Notification hubs for phone notifications
INTEROPERABLE ASYNC COMMUNICATION
Watch session of Rick
Service Bus Relay
•Firewall friendly service publishing•Outbound only ports•More & more used to avoid DMZ / reverse proxy
•Features• Load balancing• Fail over•WCF / REST bindings available
MAKE INTERNAL SERVICES REACHABLE THROUGH AZURE ENDPOINTS
BizTalk Services
• EAI capabilities• On premise LOB connectivity (SQL, SAP, Oracle…)
• Transformation & flat file support
• Routing
• EDI capabilities• Support for EDIFACT & X12
• Trading partner management
• Hybrid connections • in Free tier of BizTalk Services
EAI & B2B INTEGRATION
Azure Hybrid Connectionspositioning & overview
architecture
Goals
Keep existing network configuration
Access on-prem w/o custom code or infra Control & Visibility Agility & Flexibility
Introducing hybrid connections
Azure Web Sites Mobile Services
BizTalk Services goal: more to come
part of supported by
in previewfree tier (<5 cnx)
FREE (preview)
DEVELOPER
BASIC STANDARD PREMIUM
EAI capabilities No Yes Yes Yes Yes
EDI capabilities No Yes Yes Yes Yes
Scale limit 1 unit 8 units 8 units 8 units
Scale out No No Yes Yes Yes
HyCnx per unit 5 5 10 50 100
HyCnx data transfer / unit
5 GB 5 GB 50 GB 250 GB 500 GB
BizTalk Services pricing model
Connection limits for each Hybrid Connection apply. Additional Hybrid data transfer billed at $1/GB.
DEMO
Provision BizTalk Service
Key Features• Access to on-premises resources• Connect to SQL Server, Web Services or most other resources that use TCP or HTTP
connectivity
• Works with most frameworks• Support for .NET, PHP, Java, Python, Node.js for Websites and Node.js and .NET for Mobile
Services
• No need to alter the network perimeter• Doesn’t require a VPN gateway or Firewall changes to allow incoming traffic• Applications have access only to the resource that they require
• Maintains IT control over resources• Support for Group Policy and Event/Audit Logging providing Admins control and visibility
Hybrid Connections
Web Sites
Mobile Services
Corporate Network
Microsoft SQL Server
Hybrid ConnectionOther published resourcesHybrid Connection
Manager
Integration Dashboard
‘As-is’ situation, expense application
BizTalk Server Process
Integration DashboardDashboard frontend
Step 1: lift & shift dashboard web app
BizTalk Server Process
Dashboard backend
Dashboard backend
Dashboard frontend
Step 2: create expense mobile app
BizTalk Server Process
Expense mobile svc
Dashboard backend
Dashboard frontend
Step 3: Expose the expense API
BizTalk Server Process
Expense mobile svcExpense API
Architectureagenttopologiesautomation
The hybrid connection managerON PREMISES AGENT SPECIFICS
Install from portalDownload here
Windows ServiceHybridConnectionMgr
Port 80 required Outbound only
80Optional portsFallback on 443 - 80
44356719352
Limits & constraints
•Support for TCP & HTTP• Recommend using static TCP ports•Dynamic ports (ie FTP passive mode) are not supported
•No buffering or traffic inspection• TLS can be negotiated end-end
SQL Server specifics
•SQL Express named instances should use static ports•TCP should be enabled •SQL Always on limitations•MultiSubnetFailover=true is not supported for clustering or availability groups• ApplicationIntent=ReadOnly is not supported
• Integrated security not supported
• Shared access signatures• Secure, simple & familiar
• Separate roles for on-premises connector & apps• Credentials for the on-premises connector & client apps can be rolled
independently• Seamless & secure distribution & update of credentials to applications &
Hybrid Connection Manager
• Application authorization is independent• You can use an authorization mechanism appropriate for the Hybrid
Application• In practice, depends on End-to-End authorization mechanisms supported
across cloud/on-premises
Security
Reusing connectionsOn Premises
LOB App
Web Site
Mobile Service
Microsoft Azure
Multiple applications can share a Hybrid Connection to access an on-prem resourceApplications on Azure access a resource the same way they would if it was running on-premises
Hybrid ConnectionHybrid Connection
Manager
Hostname & Port
Hostname & Port
Load-balanced connectorsOn Premises
LOB Cluster
Web Site
Mobile Service
Microsoft Azure
Multiple instances of the Hybrid Connection Manager can be used on-premises for resiliency and load-balancing.
Hybrid Connection
Hybrid Connection Manager
Cluster name & Port
Cluster name &
Port
DEMO
Load balancing agents
ThroughputSOME TIPS & GUIDANCE
Performance of outbound connection
Multiple agents often increase throughput
No throttling on connection or agent
BizTalk tier does not impact performance
Some #devops
•Group policy settings to allow/designate resources•Event & audit logs available•Agent comes with PowerShell cmdlets
POWERSHELL, VISIBILITY & GROUP POLICIES
Update-HybridConnection -ConnectionString "<cnxstring>"Add-HybridConnection -ConnectionString "<cnxstring>"Remove-HybridConnection –ConnectionString "<cnxstring>"Set-HybridConnectionManagerConfiguration –ManagementPort 9352Get-HybridConnection
When to use whatVirtual networkingHybrid ConnectionsService Bus relay
A comparisonVirtual networking (VPN)
Hybrid Connections
Service Bus Relay
High availability Complex, traditional Use multiple agents To 20 cnx per endpoint
Load balancing Complex, traditional Use multiple agents To 20 cnx per endpoint
Addressing Host name / IP Host name / IP Public DNS
Application connectivity
TCP level TCP level SOAP / REST
Security Intranet style Intranet style SharedSecret, SAML, SAS
Time-based (gateway)
Bandwidth (mostly FREE)
Per connectionBilling model
Time to value Complex installation Very fast (outbound ports)
Very fast (outbound ports)
IaaS vs PaaS IaaS PaaS (ier) PaaS (iest)
Hybrid Connections
The fastest way to build hybrid applications.
Lift and Shift web workloads to Azure Websites whilst connecting to on-premises data.
On-premises data just clicks away from Azure Websites & Mobile Services.
wrap-up
THANK YOU !!
AND STAY TUNED FOR THE NEXT SESSIONS !!
For all your follow up questions: @SamVanhoutte
Get started with a free trial
Or, use your existing benefits…
http://aka.ms/AzureConf2014
http://aka.ms/AzureConf-MemberOffers
© 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.