Building HyBrid ApplicAtions in tHe cloud on WindoWs Azure For more information explore: msdn.microsoft.com/practices Software Architecture and Software Development patterns & practices Proven practices for predictable results Save time and reduce risk on your software development projects by incorporating patterns & practices, Microsoft’s applied engineering guidance that includes both production quality source code and documentation. The guidance is designed to help software development teams: Make critical design and technology selection decisions by highlighting the appropriate solution architectures, technologies, and Microsoft products for common scenarios Understand the most important concepts needed for success by explaining the relevant patterns and prescribing the important practices Get started with a proven code base by providing thoroughly tested software and source that embodies Microsoft’s recommendations The patterns & practices team consists of experienced architects, developers, writers, and testers. We work openly with the developer community and industry experts, on every project, to ensure that some of the best minds in the industry have contributed to and reviewed the guidance as it is being developed. We also love our role as the bridge between the real world needs of our customers and the wide range of products and technologies that Microsoft provides. The IT industry has been evolving at a rapid pace; and with the advent of the cloud computing the rate of evolution is accelerating signicantly. However, most organizations still have a lot of IT assets running in on- premises datacenters. We are in the middle of a transition between running everything on-premises and hosting everything in the cloud. Hybrid is a term that represents the application that positions its architecture somewhere along this continuum. Hybrid applications span the on-premises and cloud divide, and bring with them a unique set of challenges. This guide addresses these challenges by mapping Windows Azure features to specic scenarios encountered in the hybrid application design and development. A case study of a ctitious company named Trey Research explains the challenges encountered in a hybrid application, and describes solutions using Windows Azure features such as Service Bus, Caching, Trafc Manager, Azure Connect, SQL Azure Data Sync, ACS, and more. Building HyBrid A pplicAtions in tHe cloud on WindoWs Azure ™ Scott Densmore Alex Homer Masashi Narumoto John Sharp Hanz Zhang The guide is divided into two main sections. The rst describes the specic design decisions Trey Research made when designing their application. The second provides general guidance on typical scenarios and use cases encountered in each of the challenge areas. Together they will help you to nd solutions for the challenges you will meet when developing your own hybrid applications. Building HyBrid ApplicAtions in tHe cloud on WindoWs Azure ™ Hybrid Challenge Scenarios Replicating, Distributing, and Synchronizing Data Authenticating Users and Authorizing Requests Implementing Cross-Boundary Communication Implementing Business Logic and Message Routing Maximizing Scalability, Availability, and Performance Monitoring and Managing Hybrid Applications Implementing Reliable Messaging and Communications with the Cloud The Trey Research Scenario Intro duction to the Guide Deploying Functionality and Data in the Cloud Data synchronization and Reporting Authenticating Users in the Orders Application Maximizing Scalability, Performance, and Availability in the Orders Application Monitoring and Managing the Orders Application Processing Orders in the Trey Research Solution B H A C Building Hybrid Applications in the Cloud Sco Densmore Alex Homer Masashi Narumoto John Sharp Hanz Zhang 978-1-62114-013-9 This document is provided “as-is”. Information and views expressed in this document, including URL and other Internet Web site references, may change without notice. Some examples depicted herein are provided for illustration only and arefictitious. No real association or connection is intended or should beinferred. This document does not provide you with any legal rights to any intellectual property in any Microsoft product. You may copy and use this document for your internal, reference purposes. © 2012 Microsoft. All rights reserved. Microsoft, Active Directory, BizTalk, Hotmail, MSDN, SharePoint, SQLAzure, Visual C#, Visual Studio, Windows, Windows Azure, Windows Live, and Windows PowerShell are trademarks of the Microsoftgroup of companies. All other trademarks are property of theirrespective owners. Contents Contents v Foreword xi Preface xiii Who This Book Is For xiv Why This Book Is Pertinent Now xiv How This Book Is Structured xv What You Need to Use the Code xvi Who’s Who xvii Where to Go for More Information xviii Acknowledgments xix 1 The Trey Research Scenario 1 Integrating with the Cloud 1 The Challenges of Hybrid Application Integration 2 The Trey Research Company 4 Trey Research’s Strategy 5 The Orders Application 5 The Original On-Premises Orders Application 6 The Windows Azure Hybrid Application 7 How Trey Research Tackled the Integration Challenges 10 Staged Migration to the Cloud 12 Technology Map of the Guide 12 Summary 13 More Information 14 vi 2 Deploying the OrdersApplication and Data intheCloud 15 Scenario and Context 15 Deploying the Application and Data to the Cloud 17 Choosing the Location for Data 17 Deploy All of the Data in the Cloud 18 Keep All Data On-premises 18 Deploy Some of the Data in the Cloud 19 How Trey Research Chose the Location for Deploying Data 19 Customer Data 20 Product Data 20 Order Data 20 Audit Log Data 21 Choosing the Data Storage Mechanism 21 Windows Azure Storage 21 SQL Azure 22 Alternative Database System or Custom Repository 23 How Trey Research Chose a Storage Mechanism for Data 23 Encrypting Data Stored in Windows Azure Storage and Databases 23 Synchronizing Data across Cloud and On-Premises Locations 24 Choosing a Data Synchronization Solution 24 SQL Azure Data Sync 24 Microsoft Sync Framework 25 A Custom or Third Party Synchronization Solution 25 How Trey Research Chose the Data Synchronization Solution 26 How Trey Research Uses SQL Azure DataSync 26 Implementing a Reporting Solution for Cloud-Hosted Data 29 Choosing a Reporting Solution 29 SQL Server Reporting Services 30 SQL Azure Reporting Service 30 A Custom or Third Party Reporting Solution 31 How Trey Research Chose the Reporting Solution 31 How Trey Research Uses the SQL Azure Reporting Service 31 How Trey Research Makes Reporting Data Available to External Partners 32 Summary 36 More Information 37 3 Authenticating Users in the Orders Application 39 Scenario and Context 39 Authenticating Visitors to the Orders Application 42 Choosing an Authentication Technique 42 ASP.NET Forms Authentication 42 Claims-Based Authentication with Microsoft Active Directory Federation Service 42 vii Claims-Based Authentication with Windows Azure Access Control Service 43 Claims-Based Authentication with ACS and ADFS 44 Combined Forms and Claims-Based Authentication 45 How Trey Research Chose an Authentication Technique 45 How Trey Research Uses ACS and ADFS to Authenticate Visitors 45 Access Control Service Configuration 47 Handling Multiple User IDs 48 Authentication Implementation 48 Authentication with Windows Identity Foundation 49 ASP.NET Request Validation 52 Visitor Authentication and Authorization 53 The Custom Logon Page 54 Using a Custom Authorization Attribute 55 Customer Details Storage and Retrieval 56 Authenticating Access to Service Bus Queues and Topics 60 Summary 61 More Information 61 4 Implementing Reliable Messaging and Communications with the Cloud 63 Scenario and Context 63 Communicating with Transport Partners 67 Choosing a Communications Mechanism 68 Electronic Data Interchange (EDI) 68 Web Services (Push Model) 68 Web Services (Pull Model) 69 Windows Azure Storage Queues 69 Windows Azure Service Bus Queues 70 Windows Azure Service Bus Topics and Subscriptions 71 How Trey Research Communicates with Transport Partners 71 Sending Messages to a Service Bus Queue Asynchronously 75 Receiving Messages from a Service Bus Queue and Processing Them Asynchronously 77 Sending Messages to a Service Bus Topic 84 Subscribing to a Service Bus Topic 88 Receiving Messages from a Topic and Processing Them Asynchronously 90 Implementing Adapters and Connectors for Translating and Reformatting Messages 91 Correlating Messages and Replies 93 Securing Message Queues, Topics, and Subscriptions 94 Securing Messages 97 viii Sending Orders to the Audit Log 100 Choosing a Mechanism for Sending Orders to the Audit Log 100 How Trey Research Sends Orders to the Audit Log 101 Verifying Orders to Ensure Regulatory Compliance 104 Choosing Where to Host the Compliance Application 105 How Trey Research Hosted the Compliance Application 105 Summary 107 More Information 107 5 Processing Orders in the Trey Research Solution 109 Scenario and Context 109 Processing Orders and Interacting with Transport Partners 111 How Trey Research Posts Messages to a Topic in a Reliable Manner 112 Recording the Details of an Order 114 Sending an Order to a Service Bus Topic from the Orders Application 117 How Trey Research Decouples the Order Process from the Transport Partners’ Systems 131 Receiving and Processing an Order in a Transport Partner 132 Acknowledging an Order or Indicating that it has Shipped in a Transport Partner 135 Receiving Acknowledgement and Status Messages in the Orders Application 139 Summary 141 More Information 141 6 Maximizing Scalability, Availability, and Performance in the Orders Application 143 Scenario and Context 143 Controlling Elasticity in the Orders Application 144 Choosing How to Manage Elasticity in the Orders Application 144 Do Not Scale the Application 144 Implement Manual Scaling 145 Implement Automatic Scaling using a Custom Service 145 Implement Automatic Scaling using the Enterprise Library Autoscaling Application Block 146 How Trey Research Controls Elasticity in the Orders Application 146 Hosting the Autoscaling Application Block 147 Defining the Autoscaling Rules 148 ix Managing Network Latency and Maximizing Connectivity to the Orders Application 152 Choosing How to Manage Network Latency and Maximize Connectivity to the Orders Application 152 Build a Custom Service to Redirect Traffic 152 Use Windows Azure Traffic Manager to Route Customers’ Requests 153 How Trey Research Minimizes Network Latency and Maximizes Connectivity to the Orders Application 154 Optimizing the Response Time of the Orders Application 156 Choosing How to Optimize the Response Time of the Orders Application 156 Implement Windows Azure Caching 156 Configure the Content Delivery Network 157 How Trey Research Optimizes the Response Time of the Orders Application 158 Defining and Configuring the Windows Azure Cache 158 Synchronizing the Caches and Databases in the Orders Application 159 Retrieving and Managing Data in the Orders Application 159 Implementing Caching Functionality for the Products Catalog 160 Instantiating and Using a ProductsStoreWithCache Object 164 Summary 167 More Information 167 7 Monitoring and Managing the Orders Application 169 Scenario and Context 169 Monitoring Services, Logging Activity, and Measuring Performance 170 Choosing a Monitoring and Logging Solution 171 Windows Azure Diagnostics 172 Enterprise Library Logging Application Block 172 Third Party Monitoring Solution 173 Custom Logging Solution 173 How Trey Research Chose a Monitoring and Logging Solution 174 How Trey Research Uses Windows Azure Diagnostics 174 Selecting the Data and Events to Record 175 Configuring the Diagnostics Mechanism 176 Implementing Trace Message Logging and Specifying the Level of Detail 177 Writing Trace Messages 179 Transferring Diagnostics Data from the Cloud 181 [...]... that Share Data by Using Windows Azure Caching 329 Updating Cached Data 331 Implementing a Local Cache 334 Caching Web Application Session State 335 xiv Caching HTML Output Guidelines for Using Windows Azure Caching Limitations of Windows Azure Caching Guidelines for Securing Windows Azure Caching More Information 335 336 346 347 347 Appendix F: Monitoring and Managing Hybrid Applications 349 Use Cases... Latency 323 Limitations of Using Windows Azure Traffic Manager 323 Maximizing Availability for Cloud Applications with Windows Azure Traffic Manager 324 Guidelines for Using Windows Azure Traffic Manager to Maximize Availability 326 Optimizing the Response Time and Throughput for Cloud Applications by Using Windows Azure Caching 327 Provisioning and Sizing a Windows Azure Cache 327 Implementing Services that... Using Windows Azure Connect 251 Windows Azure Connect Architecture and Security Model 253 xii Limitations of Windows Azure Connect 255 Accessing On- Premises Services from Outside the Organization Using Windows Azure Service Bus Relay 256 Guidelines for Using Windows Azure Service Bus Relay 256 Guidelines for Securing Windows Azure Service Bus Relay 264 Guidelines for Naming Services in Windows Azure Service... Performance in a Hybrid Application by Using Windows Azure Diagnostics 355 Guidelines for Using Windows Azure Diagnostics 356 Guidelines for Securing Windows Azure Diagnostic Data 360 Deploying, Updating, and Restoring Functionality by Using the Windows Azure Service Management API and PowerShell 360 Guidelines for using the Windows Azure Service Management API and PowerShell 361 Guidelines for Securing Management... Volume 2, Developing Applications for the Cloud on Windows Azure, discusses the design considerations and implementation details of applications that are designed from the beginning to run in the cloud It also extends many of the areas covered in Volume 1 to provide information about more advanced techniques that you can apply in Windows Azure applications This third volume in the series demonstrates how... caching Chapter 7, “Monitoring and Managing the Orders Application” describes the techniques that Trey Research examined and chose for monitoring and managing the Orders application These techniques include capturing diagnostic information, setting up and configuring the Windows Azure services, and remotely managing the application configuration and operation While the main chapters of this guide concentrate... 316 Actions 316 Guidelines for Using the Autoscaling Application Block 317 Reducing Network Latency for Accessing Cloud Applications with Windows Azure Traffic Manager 318 How Windows Azure Traffic Manager Routes Requests 319 Using Monitoring Endpoints 321 Windows Azure Traffic Manager Policies 321 Guidelines for Using Windows Azure Traffic Manager 322 Guidelines for Using Windows Azure Traffic Manager... Performance Monitoring and Managing Hybrid Applications Implementing Reliable Messaging and Communications with the Cloud Processing Orders in the Trey Research Solution Monitoring and Managing the Orders Application Chapter 1, The Trey Research Scenario” provides an introduction to Trey Research and its plan for evolving the on- premises Orders application into a hybrid application It also contains overviews... remote cloud- hosted applications, monitor the day-to-day operation of these applications, and have access to logging and auditing data They must also be able to configure, upgrade, and administer the applications, just as they would if the applications were running in an on- premises datacenter Companies also need to obtain relevant and timely business information from their applications to ensure that they... Azure, and has no on- premises components The Trey Research Company The services exposed by Windows Azure are useful for both integrating on- premises applications with the cloud, and for applications that run entirely in the cloud The Orders application is just one of the many applications that Trey Research uses to run its business Other on- premises applications are used to manage invoicing, raw materials, . Developing Applications for the Cloud on Windows Azure, discusses the design considerations and implementation details of applications that are designed from the beginning to run in the cloud. . Azure Caching 336 Limitations of Windows Azure Caching 346 Guidelines for Securing Windows Azure Caching 347 More Information 347 Appendix F: Monitoring and Managing Hybrid Applications 349 Use. Implementing Cross-Boundary Communication 249 Accessing On- Premises Resources from Outside the Organization Using Windows Azure Connect 251 Guidelines for Using Windows Azure Connect 251 Windows Azure