Windows Azure and Node.js

February 14, 2012 Leave a Comment

In essence, Node.js is a server-side JavaScript environment that uses an asynchronous event-driven model to communicate between components. The intent is to create highly-scalable interactive applications. It has been compared to the Ruby Event machine but supports interaction as a language construct.

Although (as of this writing) fairly new, Node.js has been embraced by the developer community who have written thousands of modules to do common tasks.

Is it supported in Windows Azure? Why yes it is!

Other online resources for Node.js include:

Keen to hear your experiences installing and configuring on the platform. Please send me your experiences.

Filed under Cloud

Windows Azure Learning Plan: Getting Started

January 26, 2012 Leave a Comment

Now that you’ve built your Windows Azure Development Environment, you might ask: what’s next?

If you’re new to Windows Azure and keen to get started on the right foot, your next step is to get some hands-on experience developing and deploying on the platform, and the Windows Azure Training Kit is here to help. In it, you’ll find a rich set of documentation, information and to my point: Hands-on Labs. So once you install the Windows Azure Platform Training Kit .. what’s first?

The WATK installs in the C:\WATK folder by default and creates a desktop icon. Double-clicking on the icon will open the home page with the links to the documents and labs.

So. Let’s get started:

  • Virtually all coding projects have a “hello world” application, and the WATK is no exception. If you’re new to Visual Studio 2010 as well as Windows Azure, start with “Introduction to Windows Azure”. In it, you’ll explore basic elements of a Windows Azure application.
  • Once your site is built, how do you get it into the cloud? The WATK provides a lab for this, called “Deploying Applications in Windows Azure”. In it, you’ll see how to deploy an ASP.NET MVC application three different ways.
  • Web sites and web applications hosted in Windows Azure are a little different than sites hosted on physical servers, in that local binary storage may not be attached to a physical drive (unless you include it in your project, which isn’t always practical if you have large, static binary assets). Windows Azure uses three types of storage: blobs, tables and queues, with which you can master in the “Exploring Windows Azure Storage” lab. Blobs are for binary data, tables are for structured (but not relational) data (rows and columns) and queues support application elasticity by providing a place to collect messages (transactions) quickly in times of high load.
  • Many sites are data-driven, and Windows Azure supports this with SQL Azure: database services in the cloud. To help you learn about SQL Azure, the WATK has a lab: “Introduction to SQL Azure”. Want to go deeper? You can, with the “SQL Azure Tips and Tricks” lab.
  • One of the keys to working with data in SQL Azure is getting data into SQL Azure. There are several ways to do this (although some may seem non-conventional at the start). For this you can review the “Migrating Databases to SQL Azure” lab.
    A little midnight oil, a little sweat equity, and you’ll be well on your way to to the Cloud!
    I’ll see you there.

Filed under Cloud

Building a Windows Azure Development Environment

January 2, 2012 1 Comment

As I’ve been working with some of the best and the brightest the WAISG has to offer, I think it’s time to provide a link to assist others in some Windows Azure 101 (a/k/a “Getting Started”) bits and pieces. In this post, I’ll cover setting up your development environment on a Windows 7 or Windows Server 2008 R2 system.

  • Make sure you have the current Service Pack for your operating system. The easiest way to do this is to click on the Orb (or Start, in WS2008R2) and type ‘Windows Update’. Windows Update will detect if your system is patched to current levels.
  • Install Visual Studio 2010 or Visual Studio 2010 Express (the free version). Be sure to check Windows Update again after installation (and rebooting) to ensure you have the current Service Pack (SP1) installed.
  • Using the Web Platform Installer, Install the Windows Azure SDK for .NET.
  • Install the Windows Azure AppFabric SDK. As of this writing, the current version is 1.5. There are code samples available on that page as well.
  • Install the Windows Azure Training Kit. This kit is chock-full of information, tutorials and source code. The current version is “January 2012″. As this is updated frequently, I suggest you do the full install (about 500 mb) and install into a separate folder on your hard drive.
  • Visual Studio 2010 Express installs SQL Express by default, but your development environment may include a full (or development) version of SQL Server. In either case, check Windows Update for a current Service Pack for your version. The SQL Express management UI is a separate download: SQL Express Management Studio Express. If you have full SQL Server, the UI is included. For help running the UI, please see “Using SQL Server Management Studio” on MSDN.

:: whew ::    Only a few more steps (I promise).In order to use the local emulators:

  • Compute: You MUST run Visual Studio as an administrator (link to a Windows 7 Forum, but works for both W7 and 2008).
  • Storage: Your logged in user MUST be a member of the SQL Server sysadmin group (link to David Browne, who provides a script that does this for a local user .. as long as that local user is an administrator of the local system .. otherwise, contact your IT). This is required as the local user must be able to create databases for storage of Blobs, tables and Queues during development.

With these bits installed, you should be able to conquer any of the labs in the Windows Azure Training Kit with ease .. and speed your way into the Cloud!

I’ll see you there.

Filed under Architecture, Cloud

WAISG: Windows Azure Enablement Resources

December 2, 2011 1 Comment

So. Where have I been this past TWO months?

I am pleased to explain my whereabouts: I’ve joined the Windows Azure  Inside Solution Group. The WAISG is a business and technology enablement team devoted to accelerating the velocity of Windows Azure deployments worldwide.

Whew. Quite a mouthful, that. The program statement is worse .. but contains only one comma.

Our team supports 35 countries in 7 languages and will get you to the next step of your Windows Azure deployments. In a lot of cases, we’ll point you to public resources; in others, we’ll emulate and escalate as we need to get the job done with you.

We’re easy to reach: navigate to the Windows Azure home page at http://windowsazure.com and select the ‘Click to Chat’ bubble. We’ll pick up.

The best part: I get to work with some amazingly talented people, all of whom subscribe to my favorite quote: “When you stop learning, you stop growing”.

Let me tell you: this team is growing like mad .. collective brains learning from our customers and each other .. every day. It’s a great group, and one with whom I am proud to be guiding, mentoring and growing my own knowledge.

You’ll be hearing from us.

Filed under Cloud

The Cloud: A View from Above – Private Cloud and the Hybrid Evolution

September 2, 2011 Leave a Comment

As if the term “Cloud Computing” wasn’t already severely overloaded, terms within the overarching technologies are even more overloaded, and many are quite misunderstood.

In this post (and in others in this series), I’m going to try to clarify a few of the definitions, and the subtle differences between various definitions as they are used. I’ll cover the Private Cloud and the Hybrid Cloud (links to Wikipedia, but my thoughts follow):

Private Cloud: In short, a Private Cloud is a cloud where the data access is restricted to specific users, typically within the same organization (or company) and behind a corporate firewall. Beyond the basic advantages of Cloud Computing (reduced IT infrastructure costs and management, “always up”, increased business and IT agility), there are several business reasons for keeping data in a Private Cloud:

  • Your applications store customer data containing Personally-Identifiable Information (PII), which could incur legal or financial risks if compromised.
  • Your application manages e-commerce transactions, credit card numbers, shipping addresses, etc.
  • You store corporate-owned, sensitive, mission-critical or proprietary data.

In these (and in many other) cases, the knee-jerk reaction of IT and Business is to keep these applications and data on-premises, safe behind the corporate firewall. In some organizations it may be difficult to argue against this mindset, but there are alternatives that enable businesses to enjoy the basic benefits of Cloud Computing in a secure manner.

A Private Cloud typically begins life as an application or services deployed in an on-premises data center. Access to the data (Authorization, Authentication and Accounting, commonly known as the AAA Protocol) is clearly defined and controlled by local IT resources. On-premises users can get to the application over their LAN, external users can use IPsec or VPN protocols to access the application securely from outside.

Now, with proper security (AAA over secure IP protocols, as noted above) a Private Cloud can exist in a vendor data center, provided the organization utilizes the same security protocols and IT controls as they would for an on-premises deployment. The rub? Well, read the news (link to a Bing search for the latest .. there’s always more). Suffice to say: many enterprises want absolute assurances data held away from their premises will be secure.

That said, it’s not that simple. Beyond advanced and highly-controlled access security, there are a few other bits and pieces that a hosted Private Cloud (one that is hosted at a vendor data center) would need to navigate:

  • Privacy: Monitoring, monitoring, monitoring. No, not performance monitoring. The monitoring to which I refer applies to communications in and out of a Private Cloud, based on the widely-discussed “NSA has massive database of Americans’ Phone Calls” (link to USA Today) story that broke a while back. Maybe the data itself isn’t directly accessible, but inferences about how the data is being used can be captured. This isn’t just a Cloud issue, by the way; vendors and enterprises will experience these challenges; hosted or on-premises.
  • Compliance: contractual and financial assurances (read: protections and remedies) that can be activated should a vendor fail to assume the risk of protecting the data using recognized practices and protocols. Note: this requirement brings with it a handy-dandy audit cycle that a vendor must also navigate.
  • Legal durability: last I checked, a subpoena is durable (a court order for information that stands up up nicely in the courtroom) should a governing body (State or Federal) “request” (quotes are mine) data from a non-enterprise-owned data center. A vendor would surrender the data without many questions. An enterprise would consider their options. Enterprises will consult in-house counsel before releasing data.

This is why enterprises will tend to run scared of deploying content in a non-enterprise-owned data center. Can you blame them? Before we find ourselves in the courtroom, let’s discuss for a bit. The logical evolution is not necessarily to avoid hosted private clouds, but to evaluate the content stored in on- and off-premises data centers. In this exercise, an Enterprise will identify types of data, including sensitive data (this is a short list):

  • Static public content (easily hosted in CDNs worldwide .. icons, static “about” pages, legal pages, etc.).
  • Some dynamic content that needs to be available to the public (and therefore, will need to scale, or be redirected to public, scalable resources) .. calendar- or location-based query results, catalogs or pricing data (updated via business rules), and so on.
  • Other dynamic content that needs to be held securely, and exposed only during relevant need. This can include PII, Credit Card, Customer status, and much more. In fact, some of these data need not be exposed at all; rather, secure queries to an internal system can yield responses that let the application get what it needs without viewing the actual data (querying if a token to a credit card account has sufficient balance, or confirming a shipping address via an encrypted form post).
  • Mission-critical data that has explicitly-defined audiences and uses.

Avoiding the issue of publicly-available data (the first two bullets, above), we raise several questions for Enterprises regarding sensitive data:

  • Are there ways that an Enterprise can protect sensitive data in an Internet paradigm?
  • How should an Enterprise control access to sensitive data by authorized entities?
  • How can an Enterprise protect sensitive and mission-critical data?

In this post, I am not proposing the answers. Not yet, anyway. I am, however, posing questions an Enterprise should ask. For starters:

  • Perform an analysis and inventory of systems, audiences and security requirements.
  • Prioritize systems based on business need and expected life; consider replacing, rewriting or redirecting system assets based on audiences, expected life and other factors.
  • Create a project plan with clear (and widely-publicized) milestones so the enterprise is aware of progress and potential impacts to system availability.

In this exercise, you will discover your enterprise is describing an evolution of establishing secure access to assets residing in a local data center or in a Private Cloud. The analysis will further suggest certain assets be addressed in another logical paradigm: the Hybrid Cloud. So, let’s talk about the Hybrid Cloud. My thoughts follow:

Hybrid Cloud: Loosely stated, a Hybrid Cloud consists of data and services held in on- and off-premises facilities, with access to sensitive data secured by VPN and IPsec protocols. Consider a company who stores customer address data in their local data center, under the physical control of their Enterprise IT. IT enables access FROM public resources (catalog and shipping sites) via secure protocols.

Here lies the objective of this post: in considering the evolution from Private to Hybrid, Enterprise will arrive at the fact some data must reside under the control of on-premises IT .. control over these bits will include the questions above. That said, I am not suggesting (extraction of any suggestions are at the risk and responsibility of the affected parties) that Enterprises expose their data to the world at large, without adequate (and tested) protections.

Solutions? Yah. Lots:

  • Windows Azure offers a the AppFabric Service Bus, a component that provides endpoint security .. a paradigm where secure connectivity is maintained by connecting applications to single points of access to other components. Disparate applications can connect to a single endpoint, simplifying and securing Hybrid Cloud components.
  • Amazon Web Services offers the Amazon Virtual Private Cloud (VPC), which enables an enterprise to launch a private and isolated section of AWS in a user-defined virtual network.
  • VMWare offers their vCloud product which enables enterprises to deploy workloads on shared infrastructure with built-in security and role-based access controls.

In these three cases (and there are others), Out-of-Cloud access can be enabled via IPsec and VPN. Your mileage may vary widely, depending on the analysis of your infrastructure and mapping this analysis against your requirements.

I do not intend this to be a pitch for deploying a Hybrid Cloud. However, I do suggest that enterprises consider and weigh their options when identifying the types of data that should be hosted on-premises, versus a trusted vendor.

Want to know more? Please read my collection of Cloud Computing posts, or reach out to me for more detail.

Filed under Cloud

Cloud Computing: How-To eBook for Office 365

August 22, 2011 Leave a Comment

This 337-page gem comes to us free, courtesy of Microsoft Press and the Office 365 team.

The book shows you how businesses can use the online versions of Microsoft productivity applications to collaborate and work more flexibly than ever before. It also covers creating and administrating Office 365 accounts, team and online meeting sites and ways to work on- and off-line.

Office 365 includes a wide range of services, including Exchange Online (email, contacts and calendar), Lync Online (communications and meetings), SharePoint Online (document and workflow collaboration) and Office Web Apps (online versions of Excel, Word, OneNote and PowerPoint, plus online storage).

If you’re a business or IT department seeking to plan a deployment or learn more about the product, this is a terrific starting point for you.

Office 365: Connect and Collaborate virtually anywhere, anytime.

Filed under Cloud

Want Some Windows Azure AppFabric Goodness?

June 7, 2011 Leave a Comment

I just finished a project producing scripts and demos for count ‘em: lucky 13 videos for Windows Azure AppFabric. I managed to spend more time in Visual Studio than I have in years .. and it was actually quite fun.

These videos target the breadth developer and get you off on the right foot with "An Introduction to Windows Azure AppFabric”. From there, we introduce several new services, highlighted below.

Windows Azure AppFabric Cache
The AppFabric Cache is a distributed, in-memory, application caching service for Windows Azure and SQL Azure applications. The cache  provides applications with high-speed access, scale and high availability to application data. The service requires no installation or instance management, and can be resized dynamically to meet your needs.

Windows Azure Service Bus Topics
Topics enable one-to-many message delivery and filter rules which ensure delivery to relevant systems in a publish / subscribe model. Topics are provisioned in code, requiring no installation or instance management.

Windows Azure Service Bus Queues
Queues enable your application to be more resilient by providing an always-present receipt location for messages, even if the receiving listener is offline. Queues can also load-level your application when traffic spikes occur, or load-balance .the application to improve processing performance.

Windows Azure Service Bus Relay
The Service Bus Relay supports Service Remoting: a way to expose on-premises services so they be called by Cloud components, and One-Way messaging, a means to send to one or many recipients.

The video series includes both “what is” and “how to”pivots, complete with code samples so you can try these new services out for yourself. Visit the AppFabric Demos Channel on CodePlex.

Filed under Architecture, Cloud

“Anything” as a Service (XaaS) .. you knew this was coming ..

March 18, 2011 Leave a Comment

In the Cloud Computing world, where so many things are in flux, it should come as no surprise that virtually “anything” can (and will) be provided “as a Service”. For starters, we had (I go into more detail on this from my “Cloud Computing: IT as a Service” post):

  • IaaS (Infrastructure as a Service): Virtual, but logically-physical hardware. Servers in the sky that you can connect to remotely as though they were actual hardware. You expend a lot of effort into managing servers (imaging, patching, load-balancing, etc.), but have high flexibility as they support most types of existing applications you can deploy without rewriting or porting code.
  • PaaS (Platform as a Service): A virtual platform, where applications are deployed as services. You have next to no server management, and automagic scalability is built-in, but an existing application code must be written or ported into the new environment.
  • SaaS (Software as a Service): An application you customize / configure atop a base application, owned by the service provider. Some allow only configuration (tailoring organization- and and user-specific information), while others have higher levels of UI customization opportunities; think adding applications to Facebook or customizing your iGoogle or MSN home pages.

Then, realization and logical extension brought us (in no particular order):

  • IT as a Service (ITaaS): Standard IT applications, like Email, online file sharing,  online backup, online meetings online workspace collaboration and more.  The keyword here is ‘online’, of course, but these are commodity (common, and available from multiple providers) applications that every organization utilizes to one extent or another. ITaaS creates the opportunity for an organization to make a ‘rent’ versus ‘buy and maintain’ decision that can help them preserve capital.
  • Extended ITaaS applications grew out of the above and include online disaster recovery (backup plus online storage), online synchronization (synchronization plus online storage), online content sharing (photo uploads, players for slide shows plus online storage) and more. Thanks to Cloud Computing, any size company can offer value-added services to enable these functions, acquire customers and pocket the difference between what they collect from their users and their monthly Cloud Computing fees.

For background, let me discuss some earlier methodologies and new technologies:

  • Application programming interfaces (APIs): Command and content structures exposed by a software program to allow access by another program. APIs allow the second program to control and obtain data from the first. We’ve had APIs for years and years.
  • Web Services: APIs exposed to the Internet and accessible by web sites, web applications and other web services. Web services are used to provide data to most client applications .. odds are, your mobile phone gets weather data from one web service, bus information from another, and so on. I discuss this at length in “Composite Applications: Do You Use Them?”. The answer is: “yes”, though you may not realize it.

With these, evolution brings us to:

  • Content as a Service: Previously known as “web pages” (I’m kidding .. a little). Once a standard connection methodology (Web Services) allowed programmatic access to applications (via APIs), the sky becomes the limit. Content contained web pages and enjoyed by end users could now be mashed into other applications on other sites. The new content enhances the host application, making it a more valuable resource. Zillow is a good example of a site that does this: publicly-available data like maps and real estate tax records are mashed together with local multiple-listing services data (which may or may not be available at no cost), resulting in a site that displays map with home plats, taxes, prices and realtor references (and more) that the user can use to do research.
  • Data as a Service: Lots of companies have lots of accumulated data. Some accept the data in the form of online customer backups from their products, like Intuit (Quicken). Intuit could (I do not know if they do this) create an anonymous data warehouse with this end user data, assembling income and spending patterns by geography, and providing this data as a service to companies making business decisions about branch locations based on these criteria.

While assembling these data is only an API access away, creating and validating business use cases for these assemblies is the real magic in this cauldron. Many companies are providing programmatic access to composite content and data as a service, and for a price. Aggregators of these data (Microsoft’s Windows Azure Marketplace, for one) broker transactions and collect fees for data access. Virtually any company can buy and sell data through this kind of marketplace, making even more interesting business models.

There’s more (there always is). Applications as a service is a paradigm that has been around for a long time, but are now expanding into more fee- and transaction-based models, including those with API access.

Back to the original topic: Are we now in the world of ‘anything-as-a-service’? Does XaaS exist?

It does, and you’re using it .. even though you might not realize it.

Filed under Architecture, Cloud

How Well Does Your Architecture Accommodate Change?

March 2, 2011 Leave a Comment

Designing and maintaining a flexible architecture is the grail of the IT, application development and business triumvirate in a company. A flexible architecture allows:

  • Rapid addition of new, and extending existing application features.
  • Enhancing applications by including data from internal and external sources.
  • Exposing application data to a wider variety of devices and audiences.

With this flexibility, the business can pursue opportunities with minimal impact to baseline infrastructure.

The sad part: many architectures evolve (or mutate) over time, adding new, function-enhancing components to existing components as afterthoughts. In short, this is not an ideal scenario. The company may have achieved short-term business goals, but in an inflexible (and risk-ridden) way.

Without a flexible architecture, we see more than technical challenges: we see friction in company units:

  • IT and development can be seen as blockers, while the business is viewed as making unreasonable demands.
  • Time-to-market, and therefore, potential competitive advantage is lost.
  • Development cycles can be disrupted, adding significant expense to projects and products .

How do flexibility constraints manifest in the enterprise?

  • Physical and IT: not enough servers and / or not enough time / resources to deploy them.
  • Development of new features takes too long to code, or application / IT infrastructure won’t support enablement without changes to underlying components.
  • Access to internal and external data is restricted by policy, especially if business requirements require enhanced security levels in light of the modern online world.

If poorly-supported changes are implemented, success can become company’s worst enemy. Launching a product or feature atop an architecture that isn’t ready creates a new set of issues:

  • End user impact: users have a less-than-positive experience with your product.
  • Competitive risk: your great and game-changing ideas are exposed to the world before your application is ready for prime time.
  • Unanticipated downtime / impact on other systems: ‘bolt-on’ additions to an existing architecture can pose risks to the original components.

Avoiding issues and achieving success requires planning, execution and resources. The first two are wholly depending on an organization’s ability to complete IT and development projects. The last item is a hardware and resource issue that extending components into a solution that includes cloud computing (even if only on an interim basis) can help manage. Identifying your business goals and performing an inventory on your current state is an excellent place to start; a skilled architect can help you describe the future state and a migration path to your grail.

Filed under Architecture, Cloud

Cloud: Oh EC2 .. Say it ain’t so!

March 1, 2011 Leave a Comment

Seen today when starting a single large EC2 instance:

Untitled

Gives another new meaning to the term ‘unlimited’.

Filed under Cloud

Older posts

Follow

Get every new post delivered to your Inbox.

Join 215 other followers