Professional Documents
Culture Documents
Organizare
2 ore curs 2 ore laborator (B624) nota activitate = media notelor 3 lucrari || teme curs nota examen = examen grila || aplicatie
06/10/2013
Cuprins
evoluia puterii de calcul tipuri de cloud principalele platforme cloud tipuri de probleme care sunt rezolvate de tehnologiile de tip cloud impedimente n adoptarea tehnologiilor de tip cloud
06/10/2013
06/10/2013
06/10/2013
Centre de date
consum mare de energie (1.5% din toat energia electric consumat in SUA, EPA 2007) durat lung de dezvoltare capitalul investit este dificil de recuperat/refolosit
este nevoie de specialiti n diverse domenii (securitate, fiabilitate, load balancing etc.)
se pierde din concentrarea de pe domeniul principal de activitate accesibil doar pentru companiile foarte mari din cauza dificultilor de ntreinere
06/10/2013
See The Big Switch: Rewiring the World, from Edison to Google , by Nicholas Carr, Norton, 2008
06/10/2013
Tipuri de cloud
Private (On-Premise)
aplicaie runtime securitate i integrare baze de date servere virtualizare servere hardware spaiu de stocare reea
gestionat de dezvoltator
gestionat de provider
06/10/2013
06/10/2013
AWS Products
06/10/2013
10
06/10/2013
acces la infrastructur
11
06/10/2013
12
06/10/2013
On / Off
Inactivity Period
Cretere rapit
13
06/10/2013
Vrfuri predictibile
puterea de procesare nefolosit nsemn resurse irosite incapacitatea de a satisface cererile de vrf pot distruge afacerea
Vrfuri nepredictibile
incapacitatea de a gestiona un altfel de vrf poate avea efecte negative asupra afacerii
14
06/10/2013
15
06/10/2013
16
06/10/2013
SOAP
Envelope Header
Body
RESTful
operaiile sunt mapate peste verbele HTTP:
GET obine o resurs POST creaz o resurs PUT actualizeaz o resurs DELETE - terge o resurs)
format mesaj
XML: <Persoana> <Nume>Jon</Nume><Prenume>Smith</Prenume></Persoana> JSON: {nume: Jon, prenume:Smith}
17
06/10/2013
DEMO RESTful
DEMO
publicare aplicatie ca si web site creare baza de date conectare aplicaie la baza de date cost
18
08/10/2013
08/10/2013
Cloud Services
General purpose host for executing code or an executable Implement code in a Run method
WORKER ROLE
Similar to a Windows Service Host your own web server, encoder, etc. Typically used for background processing
WEB ROLE
Provides all features of a worker role and IIS 7 or 7.5 Execute ASP.NET, WCF, PHP, etc. Can include multiple web sites in the same role Optionally implement RoleEntryPoint
Ce se poate rula?
08/10/2013
08/10/2013
08/10/2013
Upgrade Domain #3
Instance #3
08/10/2013
08/10/2013
08/10/2013
Local Storage
08/10/2013
DEMO - website
create a new web site deploy an ASP.NET MVC application explore various configurations retrieve application settings enable diagnostic
simulate error
download diagnostics using azure command
DEMO
create a cloud service only web role with two instances
show fault domain and upgrade domain Production vs. staging local storage share session using Cache remote desktop
create a cloud service with web and worker role, worker role will host a WCF
08/10/2013
08/10/2013
08/10/2013
08/10/2013
Storage Security
08/10/2013
Blob Storage
08/10/2013
Blob Details
08/10/2013
Blob Details
Blob Details
08/10/2013
Blob Containers
Enumerating Blobs
08/10/2013
Pagination
APIs
REST API: http://msdn.microsoft.com/enus/library/windowsazure/dd135733.aspx
.NET Library
http://www.nuget.org/packages/WindowsAzure.Storage
08/10/2013
Demo
desktop application to publish to storage
publish course material use a third party tool to see published files make files public use RESTful API to download files
Drives
10
08/10/2013
11
08/10/2013
Drive Details
12
08/10/2013
13
08/10/2013
Demo???
14
08/10/2013
Queues
15
08/10/2013
Queue Details
16
08/10/2013
Queue Details
17
08/10/2013
APIs
Demo
upload photo and create thumb nails using worker role
18
08/10/2013
Tema
50% examen HTML + JavaScript (JQuery) 25% examen (Windows Forms || WPF cu HttpClient) - inscriere laborator - publicare material curs/laborator
Web resources
http://blogs.msdn.com/b/windowsazurestorage/archive/2010/12/30/ windows-azure-storage-architecture-overview.aspx http://blogs.msdn.com/b/windowsazurestorage/archive/2010/05/10/ windows-azure-storage-abstractions-and-their-scalability-targets.aspx
http://www.windowsazure.com/en-us/develop/net/how-toguides/blob-storage/
http://blogs.msdn.com/b/windowsazurestorage/archive/2010/04/17/ windows-azure-storage-explorers.aspx
19
20/11/2013
NO-SQL
20/11/2013
Name: Jon
Dob: 01-01-1990
ZipCode: 12345
Variable schema
a single table can contain rows with different columns
20/11/2013
No-relational
there is no implicit relation between rows in database relations can be defined in code
Distributed architecture
- highly scalable database (web scale) - redundant storage - geographic distribution
20/11/2013
CAP Theorem
Availability
Relational
Consistency
Partition Tolerance
Querying
some use SQL more likely imperative programming (map-reduce)
20/11/2013
Types of NO-SQL
key-value stores
Schema-free
document stores
schema-free
graph databases
Social networks
NO-SQL in Azure
TABLE STORAGE
20/11/2013
Entity Properties
20/11/2013
No Fixed Schema
Querying
20/11/2013
20/11/2013
Demo
C# library to access Azure tables Extend photo album to store list of files in a table And list of comments in a second table
SQL
20/11/2013
10
20/11/2013
Focus on logical vs. physical administration Database and log files automatically placed Three high-availability replicas maintained for every database Databases are fully contained Tables require a clustered index Maximum database size is 50 Gb
BACKUP / RESTORE USE command, linked servers, distributed transactions, distributed views, distributed queries, four-part names Service Broker Common Language Runtime (CLR) SQL Agent
Database
Thin client database development
11
20/11/2013
Database
Data-tier Application Framework (DAC Fx)
Database
Interactive approach for dacpac v1 and v2
12
20/11/2013
Logins must have an associated user account to connect to a database The admin login is automatically associated with a special user known as dbo (database owner) The dbo has full rights in the database and should only be used for administration Manage users with CREATE / ALTER / DROP USER commands Add users to system or user-defined database roles to grant privileges via sp_add_rolemember Organize database objects into schema containers based upon common access control requirements Grant privileges to schema containers instead of individual objects for better productivity
Special considerations
Legacy tools and providers may require special format for login: [login]@[server] Idle connections terminated after 30 minutes Long running transactions terminated after 24 hours
<connectionStrings> <addname="AdventureWorks"connectionString= "Data Source=[server].database.windows.net; Integrated Security=False; Initial Catalog=ProductsDb; User Id=[login]; Password=[password]; Encrypt=true;" providerName="System.Data.SqlClient"/> </connectionStrings>
13
20/11/2013
Demo
Create new DB Create a Data project Deploy to Azure Connect from an application
ADO.NET EF
14
20/11/2013
Performance
certain types of queries can be slow for business application SQL most likely are better for fetching few bits of information but high traffic an concurrency NOSQL is better
Business Intelligence
best works with SQL NO-SQL (wide-columns) works good with BIG DATA
15
20/11/2013
20/11/2013
20/11/2013
20/11/2013
VM Costs
compute cost (includes OS license) storage costs (space + # of operations) 1cent / 100000 operations boot Windows Server 2008 = 20000 operations
20/11/2013
20/11/2013
20/11/2013
Virtual network
connect VMs separate VMs - create subnets DNS resolve
20/11/2013
Azure PowerShell
scripting language that can be used to manage IaaS on Azure CmdLets Pipe Operator .Include Variables
Scope
http://msdn.microsoft.com/en-us/library/jj156055.aspx
20/11/2013
20/11/2013
Classic approach
manage user by the application
e.g.: ASP.NET membership database 1 unauthenticated request 2 redirect to login client (browser) web application
20/11/2013
Identity provider
manage user by the application
e.g.: ASP.NET membership database 3 login procedure
Protocols
WS-Security (WS-Federation, WS-Trust) SAML 2.0
20/11/2013
Security token
unique ID of the user other claims
name e-mail address
Allows using external identity providers, e.g., Google, Facebook, Live (Windows Azure Active Directory Access Control)
20/11/2013
Running AD in VMs
http://www.windowsazure.com/en-us/develop/net/fundamentals/identity/
http://www.windowsazure.com/en-us/develop/net/fundamentals/identity/
20/11/2013
Graph API
RESTful API supports extensions defined by Odata can be used to get extra information about a user from Azure Active Directory based on the security token (e.g., social graph)
http://msdn.microsoft.com/enus/library/windowsazure/hh974476.aspx
http://www.windowsazure.com/en-us/develop/net/fundamentals/identity/
20/11/2013
Active Directory is managed by the Azure platform to ensure high availability, disaster recovery, high scalability
20/11/2013
Demo
ASP.NET MVC application that logins through google using Windows Azure Active Directory Access Control
20/11/2013
20/11/2013
http://msdn.microsoft.com/en-us/library/hh221549.aspx
20/11/2013
20/11/2013
20/11/2013
20/11/2013
Operations
Ingest bring assets into the system Process encoding, converting and generating media assets
Deliver retrieve media out of the Media services (streaming content live or on-demand to clients)
Programming entities
Assets virtual entity that contains metadata about media; can contain one or many files Files an actual video or audio blob, always associated with a file Jobs entity that contains metadata about tasks; a job is associated with one or more tasks Tasks individual operation of work AccessPolicies define permissions to a file or asset Locator URI that provides time-based access to a specific asset
20/11/2013
Programming entities
JobTemplates provides reusable settings for jobs ContentKeys store key data, which is used to encrypt an asset TaskTemplate provides reusable settings for tasks
http://msdn.microsoft.com/enus/library/windowsazure/hh973632.aspx
http://msdn.microsoft.com/enus/library/windowsazure/jj129584.aspx
http://msdn.microsoft.com/enus/library/windowsazure/jj129575.aspx
20/11/2013
Service Bus
service relay
WCF model
messaging
queues publish-subscribe
notification hubs
Windows phone Windows store iOS Android
20/11/2013
Cloud/On-Premise Integration
20/11/2013
Cloud/On-Premise Integration
20/11/2013
Tightly Coupled
Drivers
Tracking
Shipping Service
Tightly Coupled
Drivers
Tracking
Shipping Service
20/11/2013
Loosely Coupled
Drivers
Tracking
Order Queue
Shipping Service
Loosely Coupled
Drivers
Tracking
Order Queue
Shipping Service
20/11/2013
Loosely Coupled
Drivers
Tracking
Order Queue
Shipping Service
Loosely Coupled
Tracking
Tracking
Order Queue
Shipping Service
20/11/2013
Connectivity Options
20/11/2013
Oneway
20/11/2013
20/11/2013
Windows Azure
10
20/11/2013
Windows Azure
Existing Datacenter
On Premises
Windows Azure
On Premises
11
20/11/2013
12
20/11/2013
Ways to Pull
13
20/11/2013
Messages
Queues
14
20/11/2013
Queues
Topics
15
20/11/2013
Subscription Filters
16
20/11/2013
17
04/12/2013
Context
service design
SOAP (Simple Object Access Protocol), well defined message formats (there is a lot of protocol information)
POX (Plain Old XML) builds on top of HTTP and uses XML to exchange data, there are no constrains
REST (REpresentational State Tranfser), builds on top of POX but adds some constrains
04/12/2013
Context
web data formats
XML
common data format open format
Atom
based on XML, supports embedded data
used for feeds (e.g., RSS feeds)
What is OData
a data access protocol provide CRUD access to a data source via a REST service open
based on web standards HTTP, JSON, AtomPub
data
designed to query and update data flexible enough to be used with relational databases, files, etc.
protocol
convention for representing data entities query string convention (addressing and filtering data) constrained HTTP operations for submitting requests
04/12/2013
What is OData
metadata support well defined parameters for query http://www.odata.org/
DataService base class for the service configure access to entities add custom operations define filters and interceptors
04/12/2013
use attributes to hook the process (e.g., QueryInterceptor, ChangeInterceptor) apply to a particular entity in the model
Demo
OData service using WCF
discuss how data is represented and how entities are linked filtering Metadata
04/12/2013
04/12/2013
Updates
DataServiceRequest DataServiceResponse
04/12/2013
Demo
DataServiceContext
query data find extra information about query
OData Client in JS
jQuery Datajs (http://datajs.codeplex.com/wikipage?title=OData%20Code%20Snipp ets&referringTitle=Documentation)
04/12/2013
Demo
JS OData client fro students enrol Invoke GetInscrieri using JSONP
04/12/2013
04/12/2013
What is OAuth
delegating authorization authorize service to service communication without using username and password ability to revoke authorization authorization throw OAuth consists of to steps:
request access token from authorization service use token to access resources on a different server
Main scenario
resource owner client resource
user
cloud resource
04/12/2013
OAuth parties
resource owner resource server authorization server client (trusted / untrusted)
Oauth parties
03 is registered with client 04 authorizes 05 accesses 02 uses trusts authorization server
user
01 own resource
resource server
04/12/2013
Security Token
protected data structures
contains information about issuer and subject signed expiration date
04/12/2013
Tokens historic
SAML (WS-*)
XML based support complex cryptography
Claims
issuer audience issued at expiration subject application defined claims
04/12/2013
Demo
JWT encoded eyJ0eXAiOiJKV1QiLCJhbGciOiJub25lIn0.eyJpc3MiOiJDbG91ZExhYiIsI mF1ZCI6Imh0dHA6Ly9odHRwOi8vY2xvdWRsYWIuYXp1cmV3ZWJzaX Rlcy5uZXQvIiwibmJmIjoxMzg1NTg1NjkyLCJleHAiOjEzODU1ODYyOTIsI mh0dHA6Ly9zY2hlbWFzLnhtbHNvYXAub3JnL3dzLzIwMDUvMDUvaW RlbnRpdHkvY2xhaW1zL3NpZCI6IjEiLCJEaXNjaXBsaW5hIjoiREFUQyIsIl VVSUQiOiJqS0pBaFZPcE0zTUp6cmdmbUVVY25pZVRaKzhneHZjTUorS UZ4U3ZmYjhZPSJ9.
04/12/2013
.Net Library
System.IdentityModel.Tokens.JWT (NuGet)
Demo
Generating JWT in .net (TokenGenerator) Consuming JWT in .net (enrol service)
04/12/2013
implicit flow
native / local clients
request authorization & token access ressource