Implementing Azure Cloud Design Patterns E-Book

Implementing Azure Cloud Design Patterns

Copyright © 2018 Packt Publishing

All rights reserved. No part of this book may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written permission of the publisher, except in the case of brief quotations embedded in critical articles or reviews.

Every effort has been made in the preparation of this book to ensure the accuracy of the information presented. However, the information contained in this book is sold without warranty, either express or implied. Neither the authors, nor Packt Publishing or its dealers and distributors, will be held liable for any damages caused or alleged to have been caused directly or indirectly by this book.

Packt Publishing has endeavored to provide trademark information about all of the companies and products mentioned in this book by the appropriate use of capitals. However, Packt Publishing cannot guarantee the accuracy of this information.

Commissioning Editor: Gebin GeorgeAcquisition Editor: Heramb BhavsarContent Development Editor: Nithin VargheseTechnical Editor: Komal KarneCopy Editor: Safis EditingProject Coordinator: Virginia DiasProofreader: Safis EditingIndexer: Francy PuthiryGraphics: Tom ScariaProduction Coordinator: Melwyn Dsa

First published: January 2018

Production reference: 1250118

Published by Packt Publishing Ltd. Livery Place 35 Livery Street Birmingham B3 2PB, UK.

ISBN 978-1-78839-336-2

www.packtpub.com

Mapt is an online digital library that gives you full access to over 5,000 books and videos, as well as industry leading tools to help you plan your personal development and advance your career. For more information, please visit our website.

Why subscribe?

Spend less time learning and more time coding with practical eBooks and Videos from over 4,000 industry professionals

Improve your learning with Skill Plans built especially for you

Get a free eBook or video every month

Mapt is fully searchable

Copy and paste, print, and bookmark content

PacktPub.com

Did you know that Packt offers eBook versions of every book published, with PDF and ePub files available? You can upgrade to the eBook version at www.PacktPub.com and as a print book customer, you are entitled to a discount on the eBook copy. Get in touch with us at [email protected] for more details.

At www.PacktPub.com, you can also read a collection of free technical articles, sign up for a range of free newsletters, and receive exclusive discounts and offers on Packt books and eBooks.

Contributors

About the authors

Oliver Michalski started his IT career in 1999 as a web developer. Now, he is a senior software engineer for Microsoft .NET and an SOA architect. He also works as an independent enterprise consultant in the field of Microsoft Azure. When he started with Microsoft Azure in 2011, there was no Azure community in Germany. Therefore, Oliver founded Azure Community Germany (ACD).

Oliver has been the chairman of the ACD, since April 2016, and since July 2017 he has been a Microsoft Most Valuable Professional for Microsoft Azure.

Stefano Demiliani is a Microsoft Certified Solution Developer (MCSD) and a long-time expert on different Microsoft technologies. He has a master's degree in computer engineering from Politecnico of Turin. He works as a CTO for EID/Navlab (Microsoft partner in Italy) and he's frequently involved on helping customers on moving their business to the Azure cloud.

He has worked with Packt for many IT books and he's the author of Building ERP solutions with Microsoft Dynamics NAV, a hands-on guide to building enterprise architectures based on the Microsoft Dynamics NAV ERP and the Azure platform.

About the reviewer

Florian Klaffenbach started his IT career in 2004 as first- and second-level IT support technician and IT salesman trainee for a B2B online shop. Since then, he has taken several steps from IT admin, to support agent, to community manager, and cloud architect at Dell and CGI, and then ended up as a technology solutions professional for Microsoft in 2017. In April 2016, he was awarded the Microsoft Most Valuable Professional, honoring his work for the IT community.

Packt is searching for authors like you

If you're interested in becoming an author for Packt, please visit authors.packtpub.com and apply today. We have worked with thousands of developers and tech professionals, just like you, to help them share their insight with the global tech community. You can make a general application, apply for a specific hot topic that we are recruiting an author for, or submit your own idea.

Table of Contents

Preface

Who this book is for

What this book covers

To get the most out of this book

Download the example code files

Download the color images

Conventions used

Get in touch

Reviews

An Introduction to the Microsoft Azure Platform

Cloud service models and cloud deployment models

Cloud service models

Cloud deployment models

Azure execution models

Azure application building blocks

Azure data services

Azure platform services

How is access to Azure organized?

How is work with Azure organized?

Summary

Compute Design and Management

IaaS I (Azure VMs)

What is an Azure series?

Single VMs

Multiple VMs

Azure availability sets

N-tier deployment

N-tier (multi-regions) deployment

IaaS II (Azure Container Services)

What is an Azure Container Service?

Understanding containers

Cluster

Orchestrator

Which Orchestrator should I choose?

Mesosphere DC/OS

Docker Swarm

Kubernetes

PaaS I (Azure App Services)

PaaS II (Azure Service Fabric, also known as Azure microservices)

Summary

Data Storing and Processing

Choosing the right data solution

What is variety?

What is volume?

Concurrency and consistency

Replication and redundancy

Other factors

Which Azure data services are available?

Management

Azure Data Catalog

Processing

Azure Data Factory

Azure Stream Analytics

Azure Time Series Insights

Storage

Azure Storage Blob service

Azure Storage Blob service premium

Azure Storage Queue service

Azure Storage Table service

Azure Files

SQL as a service

Azure SQL Database

SQL Server Stretch Database

Azure PostgreSQL

Azure MySQL

Other offers

NoSQL as a service

Azure CosmosDB

Big data

Azure HDInsight

Azure Data Lake Store

Azure Data Lake Analytics

Analytics

Cortana Intelligence Suite

AI

Azure Machine Learning

Cognitive Services

Bot Framework

Virtualization

PowerBI

PowerBI Embedded

Azure Time Series Insights

Summary

Networking Design and Management

Anatomy of a VNet infrastructure

Connectivity

Internet connectivity

Connectivity between Azure resources (internal connectivity)

Azure VNet peering

Azure global VNet peering

Azure VNet-to-VNet (VPN gateway)

On-premises connectivity

Azure Site-to-Site

Azure Point-to-Site

Azure ExpressRoute

Azure VNet service endpoints

Important note

Routing, load balancing, or more general traffic directions

Routing

User-defined routes

Routing using the BGP

Azure Load Balancer

Azure Traffic Manager

Azure Application Gateway

Security

NSG

Application security groups

Security infrastructure

NVA

Management and monitoring

Summary

Availability

What is availability?

First approach

Second approach

Uptime and downtime

SLA

Planned maintenance

What are the effects?

Azure autoscaling

Summary

Performance and Scalability

What is performance?

What is a DTU?

Service level objectives

Analyzing and interpreting performance data

What are our business workloads?

Why is knowledge about existing business workloads important to us?

What are we still missing?

Scaling

What can you see?

What is different here?

Where can I use autoscaling?

Summary

Monitoring and Telemetry

About telemetry data

What is a metric?

Client metrics

How do I collect the data from client metrics?

What data is collected?

Business metrics

How do I collect the data from business metrics?

What is a profiler?

What data is collected?

Application metrics

How do I collect the data from application metrics?

What data is collected?

System metrics

How do I collect the data from system metrics?

What data is collected?

Service metrics

How do I collect the data from service metrics?

What data is collected?

An overview of monitoring

Azure management portal

System specific tools

Microsoft SC

Microsoft OMS

How do I start my work with the OMS?

Azure Monitor

Which capabilities can be seen here?

Which data (metric) is available?

Azure Application Insights

What data is captured by Azure Application Insights?

Grafana

How do I start my work with Grafana?

Azure Log Analytics

If Azure Log Analytics is part of OMS, why do I need to talk about it again?

Azure Network Watcher

Summary

Resiliency

What is Resiliency?

Architecture design patterns for Resiliency

Retry pattern with transient failures

Load balancing

Data replication

Circuit Breaker pattern

Throttling pattern

Queue-Based Load Leveling pattern

Compensating Transaction pattern

Summary

Identity and Security

Security in the cloud

Azure network security

SSO and MFA

Azure MFA setup

Federation and the Federated Identity Pattern

Gatekeeper pattern

Valet Key pattern

Summary

Other Books You May Enjoy

Leave a review - let other readers know what you think

Preface

A well-designed cloud infrastructure covers factors such as consistency, maintenance, simplified administration and development, security, scalability, and reusability. Hence, it is important to choose the right architectural pattern as it has a huge impact on the quality of cloud-hosted services.

This book covers all Azure design patterns and functionalities needed to help you build your cloud infrastructure to fit your system requirements. Each of these patterns describes a problem that you normally could have when implementing a cloud infrastructure—a recommended solution for your problem (pattern appliance) and pros and cons of applying this pattern.

Using a pattern (or at least thinking about it) is a recommended way of working when designing an enterprise cloud-based infrastructure.

Who this book is for

This book is targeted at cloud architects and cloud solution providers who are looking for an extensive guide to implementing different patterns for the deployment and maintenance of services in Microsoft Azure. Prior experience with Azure is required as the book is completely focused on design patterns.

What this book covers

Chapter 1, An Introduction to the Microsoft Azure Platform, gives an overview of the Azure platform. Also, we will learn the basics of cloud services and cloud deployment models,  the Azure execution model, the Azure application building blocks, the Azure data services, and how to access and work with Azure.

Chapter 2, Compute Design and Management, discusses the basic architectures behind the compute services from the Azure platform, such as Azure VMs, Azure Container Services, Azure App Services, and Azure Service Fabric. We will also learn that services never act alone, but rather interact with various Azure resources.

Chapter 3, Data Storing and Processing, gives basic information on data storage and processing. Here we will get an answer to the question: How do you choose the right data solution? We will also see an overview of the Azure data services that are available.

Chapter 4, Networking Design and Management, takes you through the anatomy of a VNet, and the network elements also deep dives into connectivity, routing, and more.

Chapter 5, Availability, starts with an insight into specific aspects of architecture that are important for the daily use of the Azure platform and are part of the design process for your own Azure solutions.

Chapter 6, Performance and Scalability, provides an answer to all your questions related to these topics and also part of the design process for your own Azure solutions.

Chapter 7, Monitoring and Telemetry, covers these topics in two parts. In part one, we discuss the question of what type of data we are actually talking about. In part two, we discuss the possible ways to capture this data.

Chapter 8, Resiliency, describes the recommended patterns to implement in order to create a cloud-based solution that can handle and recover from failures in a secure way without compromising data and transactions.

Chapter 9, Identity and Security, describes the recommended patterns for implementing identity and security features on Azure (for users and for applications and cloud services).

To get the most out of this book

Activate a free Azure subscription (30 days with all the Azure features available to test). Practice with the samples described in the book.

Download the example code files

You can download the example code files for this book from your account at www.packtpub.com. If you purchased this book elsewhere, you can visit www.packtpub.com/support and register to have the files emailed directly to you.

You can download the code files by following these steps:

Log in or register at

www.packtpub.com

.

Select the

SUPPORT

tab.

Click on

Code Downloads & Errata

.

Enter the name of the book in the

Search

box and follow the onscreen instructions.

Once the file is downloaded, please make sure that you unzip or extract the folder using the latest version of:

WinRAR/7-Zip for Windows

Zipeg/iZip/UnRarX for Mac

7-Zip/PeaZip for Linux

The code bundle for the book is also hosted on GitHub athttps://github.com/PacktPublishing/Implementing-Azure-Cloud-Design-Patterns. We also have other code bundles from our rich catalog of books and videos available athttps://github.com/PacktPublishing/. Check them out!

Download the color images

We also provide a PDF file that has color images of the screenshots/diagrams used in this book. You can download it here: https://www.packtpub.com/sites/default/files/downloads/ImplementingAzureCloudDesignPatterns_ColorImages.pdf.

Conventions used

There are a number of text conventions used throughout this book.

CodeInText: Indicates code words in text, database table names, folder names, filenames, file extensions, pathnames, dummy URLs, user input, and Twitter handles. Here is an example: "Mount the downloaded WebStorm-10*.dmg disk image file as another disk in your system."

A block of code is set as follows:

public interface IOrderRepository { List<Order> Read(); void Write(Order order); }

When we wish to draw your attention to a particular part of a code block, the relevant lines or items are set in bold:

public interface IOrderRepository {

List<Order> Read();

void Write(Order order); }

Bold: Indicates a new term, an important word, or words that you see onscreen. For example, words in menus or dialog boxes appear in the text like this. Here is an example: "Now select the Queues option and add a new queue"

Get in touch

Feedback from our readers is always welcome.

General feedback: Email [email protected] and mention the book title in the subject of your message. If you have questions about any aspect of this book, please email us at [email protected].

Errata: Although we have taken every care to ensure the accuracy of our content, mistakes do happen. If you have found a mistake in this book, we would be grateful if you would report this to us. Please visit www.packtpub.com/submit-errata, selecting your book, clicking on the Errata Submission Form link, and entering the details.

Piracy: If you come across any illegal copies of our works in any form on the Internet, we would be grateful if you would provide us with the location address or website name. Please contact us at [email protected] with a link to the material.

If you are interested in becoming an author: If there is a topic that you have expertise in and you are interested in either writing or contributing to a book, please visit authors.packtpub.com.

Reviews

Please leave a review. Once you have read and used this book, why not leave a review on the site that you purchased it from? Potential readers can then see and use your unbiased opinion to make purchase decisions, we at Packt can understand what you think about our products, and our authors can see your feedback on their book. Thank you!

For more information about Packt, please visit packtpub.com.

An Introduction to the Microsoft Azure Platform

Cloud computing was, and still is, one of the biggest trends in Information Technology (IT) in the last 15 years, with many new topics still to be discovered.

At the beginning of this century, most of us didn't use the phrase, cloud computing, but the concept, as well as data centers with massive computing power, was already in existence and being used. Later in that first decade, the word cloud became a synonym for nearly anything that was not tangible or online. But the real rise of cloud computing didn't start until the big IT companies (Amazon, Google, and Microsoft) started with their cloud offerings. Now, companies from start-ups to the Fortune 500 are enabled to use cloud services, virtual machines and the like, all with a billing exactly to the minute.

The focus of this book is the Azure platform, which is the cloud offering from Microsoft. In this chapter, I would like to introduce you to the platform, but not in great detail, as over 200 services and 500 updates last year alone cannot be covered in the space we have. 

In this chapter, we'll explore the following topics:

Cloud service models and cloud deployment models

Azure execution models

Azure data services

Azure application blocks

Azure platform services

How is Azure access organized?

How is the work with Azure organized?

Cloud service models and cloud deployment models

Before we start on the actual topic (the Azure platform), we should clarify some terms related to cloud computing. Knowing these concepts, we will then be in a position to identify individual parts of the Azure platform.

Let's start.

Cloud service models

The first term we will look at is cloud service models.

All workloads in a cloud scenario use resources from an extremely large resource pool that is operated (managed) by you or a cloud service provider. These resources include servers, storage, networks, applications, services, and much more.

The cloud service models describe to what extent your resources are managed by yourself or by your cloud service providers.

Let's look at the available service models. In the following diagram, you will find a comparison of the models and the existing management responsibilities. Areas that are colored in blue are managed by you: all others are the responsibility of your provider:

The offers are mainly categorized into the following service models:

On-premises

: On-premises describes a model in which the user manages all resources alone.

Infrastructure as a Service

(

IaaS

): IaaS describes a model in which the cloud provider gives the consumer the ability to create and configure resources from the computing layer upwards. This includes virtual machines, containers, networks, appliances, and many other infrastructure-related resources.

Platform as a Service

(

PaaS

): PaaS gives the consumer an environment from the operating system upwards. So the consumer is not responsible for the underlying infrastructure.

Software as a Service

(

SaaS

): SaaS is the model with the lowest levels of control and required management. A SaaS application is reachable from multiple clients and consumers, and the owning consumer doesn't have any control over the backend, except for application-related management tasks.

Cloud deployment models

The second term we will look at is cloud deployment models.

Cloud deployment models describe the way in which resources are provided in the cloud.

Which cloud deployment models are available?

Let's look at the following diagram first:

The deployment model based on the on-premises service model is called the private cloud. A private cloud is an environment/infrastructure, built and operated by a single organization, which is only for internal use.

In the context of this book, you should know that the Windows Azure Pack (a free add-on for the Windows server) gives you the opportunity to deploy Azure technologies in a private cloud environment.

The deployment model based on the IaaS and the PaaS service model is called the public cloud. A public cloud is an offer from a service provider (for example, Microsoft Azure), that can be accessed by the public. This includes individuals as well as companies.

There is still a third deployment model available, which is the hybrid cloud. A hybrid cloud combines parts of the private and public clouds. It is defined as a private cloud environment at the consumer's site, as well as the public cloud infrastructure that the consumer uses.

In the context of this book, you should know that Azure Stack (a new offering from Microsoft) gives you the opportunity to build a hybrid cloud environment:

Azure execution models

Now we have acquired some basic knowledge about cloud computing, the question arises: Where do we go Each of these models can be used independently, but also in combination. from here?

I think that when we start talking about the Microsoft Azure platform, we should first talk about running applications in the cloud. For this, Microsoft Azure provides five deployment models (also known as Azure execution models), that are outlined in the following diagram:

The five execution models are:

Cloud services

: Cloud services are the oldest part of the Azure platform and they have been available since its first preview (announced at the Microsoft Professional Developers Conference 2008). Cloud services are a PaaS offering from Azure and even though there are now some alternatives, they are still the leading solution. Cloud services are highly available, scalable, and multi-layered web apps hosted on a Windows Virtual Machine with an installed IIS.

Virtual machines

(

VM

): This model is the IaaS offer from Azure. With VMs (based on Windows or Linux OS) you have the flexibility to realize your own workloads. In order to work with VMs as easily as possible, over 3,000 prefabricated images are available in the Azure Marketplace.

Batch

: Azure Batch is a platform service for running large-scale parallel and

high

performance computing

(

HPC

) applications efficiently in the cloud.

Websites

: With this model, you can quickly create and deploy your websites.

Mobile services

: With this model, you can quickly create and host a backend for any mobile device.

Each of these models can be used independently, but also in combination.

As I mentioned earlier, there are hundreds of updates every year on the Azure platform and the Azure execution models have also been affected. The execution models' websites and mobile services are now out of date and have been replaced by the execution model, App Services (Azure App Services):

Just look at the following diagram:

As you can see, the Azure App Services execution model currently consists of the following elements:

Web Apps

: Web Apps is simply the new name for the Azure websites' execution model and does not really differ in its functionality from the previous component (by combining it with other app service elements, but there are extended features).

Mobile Apps

: Mobile Apps is the new name for the Azure mobile services execution model and does not differ in its functionality from the previous component (by combining it with other app service elements, but there are more features).

Logic Apps

: With Logic Apps, you can easily build and deploy powerful integration solutions by automating business processes or integrating your SaaS and enterprise applications. A visual designer is available for creating the necessary workflows. Logic Apps are the next evolutionary step in the Integration Services and the BizTalk services, and starting from 2018 are the only offer in this area.

API Apps

: First of all, I must mention that the Azure API Apps are the only truly new component of this model. API Apps allows you to discover, host, manage, and market APIs and SaaS connectors in a modern, feature-rich, scalable, and globally available platform. API Apps is a complete solution for enterprise developers and system integrators, which extends the development of Web Apps (mobile applications) with numerous useful features.

Function Apps

: This is not really a component of the Azure App Services. Azure Functions uses the Azure App Services environment only to handle the functionality.

Container Apps

: This is not really a component of the Azure App Services. Azure Container Services uses the Azure App Services environment only to handle the functionality.

Microsoft PowerApps

: This is not really a component of the Azure App Services. Microsoft PowerApps is a SaaS variant of the Azure App Services and uses the Azure App Services and the Azure App Services environment only to handle the functionality.

A further change to the area of Azure execution models is the addition of another model, Azure Service Fabric (also known as Azure Microservice Architecture), in 2016:

With Azure Service Fabric, you can focus on building applications and business logic, and let the Azure platform solve all other problems by analyzing reliability, scalability, management, and latency.

Azure application building blocks

Let's return to the last diagram in the previous section. In the bottom layer, you'll find two other components of the Azure platform:

Azure application building blocks

Azure data services

Both Azure application building blocks and Azure data services, are managed services that extend the platform with so-called common capabilities (shared functionalities).

In the following diagram, you will find an overview of the Azure application building blocks. Because of the high number of individual components on offer, they are only represented in categories:

The service categories are as follows:

Media

: With the Azure Media Services, the Azure platform provides an extensive portfolio for on-demand and live video processing, video and audio encoding, and much more.

Cache

: The use of a cache allows you high throughput and consistent data access with low latency for fast and scalable Azure applications. The solution for the Azure platform called

Azure Redis Cache

is based on the popular open source Redis cache and has been realized as a fully managed service.

CDN

: The

Content Delivery Network

(

CDN

) offers a global solution for delivering high-bandwidth content that is hosted in Azure or any other location (for example any HTTP/HTTPS location).

Identity

: This category contains the identity services, such as the Azure

Active Directory

(

AD

), Azure AD B2C, Multi-Factor Authentication, and Azure Key Vault which is a safe place for your certificates.

Networking

: This category contains the basic networking services. For example, Azure ExpressRoute, VNet Peering, and VPN gateways.

Integration

: The integration services include interfaces for hybrid connections,

Enterprise Application Integration

(

EAI

) and

Electronic Data Interchange

(

EDI

) message processing, an easy-to-use administrative portal for trading partners as well as support for common EDI schemas and comprehensive EDI processing via X12 and AS2.

Messaging

: The messaging services include all interfaces from the Azure Service Bus not included in the integration category,  for example, Azure Service Bus topics and Azure Service Bus Notification Hubs.

Dev Services

: These are cloud-based development tools for version control, collaboration, and other development-related tasks, for example

Visual Studio Team Services

(

VSTS

) and the Azure DevTest Labs.

IoT

: IoT services include the fundamental tools needed to work with devices used for the IoT,  for example Azure IoT Hub, IoT Edge, and Azure Event Hubs.

Blockchain

: Blockchain is a way for businesses, industries, and organizations to make and verify transactions—streamlining business processes, and reducing the potential for fraud.

Azure data services

Azure data services are managed services that extend the platform with so-called common capabilities (shared functionalities). Because of the special importance of data in today's digital world, they were separated from the Azure application building blocks and represent a separate kind of service.

In the following diagram, you will find an overview of the Azure data services. Because of the high number of individual components on offer, these are only represented in categories:

The service categories are as follows:

Storage

: This category includes a total of five very different services: Blob Storage (storage of unstructured data), Table Storage (NoSQL storage based on key-value pairs), Queue Storage (for message processing), File Storage, and Disk Storage (Premium Storage).

SQL Database as a Service

: This category includes three full managed Databases as a Service: SQL Server, MySQL and PostgreSQL. This category also includes some special offers: SQL Server DWH, SQL Server Stretch DB, SQL Server Elastic DB. All special offers are further developments of the SQL Server as a Service and cover specific cloud workloads.

NoSQL Database as a Service

: This category includes a fully managed NoSQL Database as a Service: Azure CosmosDB. A NoSQL database is used to store semi-structured data. A NoSQL database distinguishes between storing key-values, graphs, and document data. You can specify what type of storage you want to use when creating the database.

Big Data