Präsentation herunterladen
Die Präsentation wird geladen. Bitte warten
Veröffentlicht von:Kathrin Wohlfeil Geändert vor über 10 Jahren
1
.NET Services Architects Council 27.01.2009 Dariusz Parys
Developer Evangelist Developer Platform and Strategy Group Microsoft Deutschland GmbH
2
Kontakt Email dparys@microsoft.com Blog http://blogs.msdn.com/dparys
IM
3
Dienste in Azure Your Applications … Service Bus Workflow Database
Analytics Identity Contacts Access Control … Reporting … Devices … Compute Storage Manage …
4
.NET Services Offene Zugriffstandards 3 Fokus Themen
REST, SOAP, RSS, AtomPub, … Bibliotheken für Java, PHP, Ruby, … 3 Fokus Themen Anwendungs Integration Zugriffskontrolle in verteilten Systemen Anwendungs Erweiterbarkeit
5
Service Bus
6
Enterprise Service Bus
Service Orchestration Service Registry Naming Federated Identity and Access Control Messaging Fabric Point Of Sale Supply Chain CRM POS Integration Product Catalog Returns Web Store Inventory Order Entry Planning Purchasing Customers Leads Trends Campaigns
7
Service Orchestration
Internet Service Bus Service Orchestration Service Registry Naming Federated Identity and Access Control Messaging Fabric Your Services Clients On-Premise ESB MS/3rd Party Services ESB Desktop, RIA, Web Desktop, RIA, & Web
8
Wer benötigt „Connectivity“?
Instant Messaging/Communication App Access Control, Relay, Direct Connect Multiplayer Spiele Home Media Integration System Enterprise Integration System Access Control, VPN/VAN
9
Was muss man tun wenn… …man Anwendungen miteinander integrieren möchte die in verschiedenen Netzwerken zu Hause sind? unterschiedliche Benutzerverwaltungen haben? nicht immer erreichbar sind?
10
Connectivity Challenges
IPv4 Adressraum Dynamic IP Adresszuordnung Network Address Translation (NAT) Internet voller “Bad Guys” Firewall auf Firewall auf Firewall… Network Address Translation Network Firewall Dynamic IP Machine Firewall ? Sender Receiver
11
Jede dieser Entscheidung bringt Risiken mit
Es gibt Möglichkeiten Dynamic DNS NAT Port Mappings / UPnP Open Inbound Firewall Ports Jede dieser Entscheidung bringt Risiken mit Network Address Translation Network Firewall Dynamic IP Machine Firewall ? Sender Receiver
12
Federated Identity and Access Control
Service Bus – Naming Federated Identity and Access Control Naming Service Registry Messaging Fabric
13
servicebus. windows. net
Naming Scheme [http|sb]://servicebus.windows.net/services/account/svc/… Service Registry Root account svc The service registry provides a mapping from URIs to services Root servicebus. windows. net services contoso Multi-Tenant …
14
Service Bus – Service Registry
Federated Identity and Access Control Naming Service Registry Messaging Fabric
15
Service Registry Registry nur für Service Endpunkte
Nichts anderes Programmatischer Zugriff über Discover: Atom 1.0 feed hierarchy Publish: Atom Publishing Protocol, WS-Transfer WS-Transfer Client Service Registry AtomPub Naming
16
Registry Feed Structure
Solution Root Feed Hierarchisch solution svc WS-Transfer Client Naming Root SBWN services AtomPub solution svc
17
Services in Registry Feeds
<?xml version="1.0" encoding="utf-8"?> <feed xmlns=" xmlns:wsa=" <title>Title</title> <link href=" rel="self"/> <id>urn:uuid:82a76c80-d498-12d5-b91C e0ef6</id> … <entry> <title>MyEndpoint</title> <link href=" <id>urn:uuid:1225c695-cfb8-4ebb-aaaa-80da344efa6a</id> <wsa:EndpointReference> <wsa:Address> </wsa:Address> </wsa:EndpointReference> </entry> </feed>
18
Service Bus – Messaging
Federated Identity and Access Control Naming Service Registry Messaging Fabric
19
Service Bus - Messaging
Aus .NET heraus: WCF Microsoft.ServiceBus Corresponding WCF Binding Service Bus Relay Binding BasicHttpBinding BasicHttpRelayBinding WebHttpBinding WebHttpRelayBinding WSHttpBinding WSHttpRelayBinding WS2007HttpBinding WS2007HttpRelayBinding WSHttpContextBinding WSHttpRelayContextBinding WS2007HttpFederationBinding WS2007HttpRelayFederationBinding NetTcpBinding NetTcpRelayBinding NetTcpContextBinding NetTcpRelayContextBinding n/a [loosely related to NetMsmqBinding] NetOnewayRelayBinding n/a [loosely related to NetTcpPeerBinding] NetEventRelayBinding
20
NetOnewayRelayBinding
Service Bus sb://servicebus.windows.net/services/solution/a/b/ Backend Naming Routing Fabric Route Subscribe Frontend Nodes outbound connect one-way net.tcp outbound connect bidi socket NLB TCP/SSL 808/828 TCP/SSL 828 Msg Msg Sender Receiver NAT Firewall Dynamic IP
21
NetEventRelayBinding
Service Bus sb://servicebus.windows.net/services/solution/a/b/ Backend Naming Routing Fabric Route Subscribe Frontend Nodes TCP/SSL 808/828 TCP/SSL 828 TCP/SSL 828 Msg Msg Msg outbound connect one-way net.tcp outbound connect bidi socket outbound connect bidi socket Sender Receiver Receiver
22
NetTcpRelayBinding / Relayed
Service Bus sb://servicebus.windows.net/services/solution/a/b/ Backend Naming Routing Fabric Oneway Rendezvous Ctrl Msg Ctrl Frontend Nodes NLB 2 Ctrl Socket-Socket Forwarder 3 TCP/SSL 818 outbound socket connect outbound socket rendezvous 1 Sender Receiver 4
23
NetTcpRelayBinding / Hybrid
Service Bus sb://servicebus.windows.net/services/solution/a/b/ Backend Naming Routing Fabric Oneway Rendezvous Ctrl Msg Frontend Nodes relayed connect relayed rendezvous NAT Probing NAT Probing TCP/SSL 818, 819 Ctrl upgrade upgrade Sender Receiver NAT Traversal Connection
24
[WS|Basic|Web]HttpRelayBinding
Service Bus sb://servicebus.windows.net/services/solution/a/b/ Backend Naming Routing Fabric Oneway Rendezvous Ctrl Msg Ctrl Frontend Nodes NLB 2 Ctrl HTTP-Socket Forwarder 3 HTTP/S 80/443 HTTP HTTPS request outbound socket rendezvous 1 Sender Receiver 4
25
Service Bus Demo
26
Access Control
27
Motivation Customers/Partners ? On-premise services user *******
28
Motivation ? ? Cloud services 1..n Customers/Partners
On-premise services user ******* (A) STS (R) STS
29
Scenario with the ACS Customers/Partners Your ACS Trust Trust
user ******* On-premise/cloud services
30
Zugriff auf Services Diese Dienste nutzen den Access Control Service
Microsoft SQL Data Services Username / Passwort und ein Token des Access Control Service .NET Service Bus .NET Workflow Service The Portals
31
Zusammenspiel Was? Wer? WF Access Control Service UI Data Your App
Integrieren Orchestrieren Your Customers Your App <Any ID Provider> ServiceBus WF Live ID Users Access Control Service UI Data XYZ Domain Users Speichern
32
Bestandteile Portal Client API Service (STS)
Frontend zum Administrieren von Anwendungen und Regeln Client API Programmierbare Schnittstelle Service (STS) Zur Verfügung gestellter STS (Shared STS) Interaktion mittels des Geneva Frameworks
33
Ablauf der Zugriffssicherung
3. Input Claims Output Claims wie im Regelwerk beschrieben 1. Zugriffsregeln für Kunden deklarieren .NET Access Control Service (Managed STS) 0. Cert|Secret austausch; periodisch aktualisiert 4. Token senden (RSTR) (enhält Claims von 3) 6.Claims werden überprüft 2. Claims senden (RST) Relying Party (Service Bus, Ihre Anwendung, etc.) Requestor (Ihr Kunde) 5. Nachricht senden mit Token
34
Access Control Demo
35
Workflow
36
Windows Workflow Foundation
Tooling VS Designer VS Debugger Rehosted Designer Beschreibung eines Programmablaufs Tools/Designers Activity Library Runtime Hosts WF Runtime Workflow Activity Library Hosts IIS/WAS+ “Dublin” Workflow Service your.exe “Direct”
37
Workflow Service – Überblick
Zuverlässiger, skalierbarer off-premises host für Workflows Portal Neue Aktivitäten für die Windows Azure Plattform APIs zum installieren, ausführen und betreiben von Workflows “in-the-cloud” Orchestrierung von Diensten Unternehmensübergreifende Dienste Zugriff für Kunden und Partner durch Access Control
38
Arbeiten mit Workflows
Design Workflows Auswahl des Workflow Templates Designer unterstützt Neue Azure Activities und Subset der WF Activities Workflows installieren Upload und Validierung Verwalten von Workflow Typen Add, delete, update, view instances Verwalten von Workflow Instanzen Create, run, control, track execution
39
Workflow Service – Design Flow
1 Visual Studio WF Designer Design Workflows 1 Deploy Workflows 2 VS – one click deploy 2 Manage Workflow Types 3 Manage Workflow Instances 4 Your Apps & Services Workflow Portal WorkflowClient API SOAP Web Service 2 3 4 Workflow & Rules XAML ServiceBus
40
Workflow Portal Demo
41
SQL Data Service
42
Data Model And ACE Concepts
Authority Container Entity Unit of geo-location and billing Tied to DNS name Collection of Containers Unit of Consistency Scope for Query and Update Collection of Entities Unit of Storage Property Bag of Name/ Value pairs No Schema Required
43
Different Instance Types
Concepts Entity Entity properties may differ in type and instance Property Type Value Metadata ID EntityId VWGOLF-01 Kind EntityKind Car FlexProps Description String Reliable, one owner, … Price Numeric ListingDate Datetime LocationZip 98052 Different Kinds Different Instance Types Property Type Value Metadata ID EntityId MINICOOPER-264 Kind EntityKind FunCar FlexProps Description String Reliable, one owner, … Price Numeric ListingDate 1st January, 2008 LocationZip 98052 EngineSize 1600 Additional Property
44
Architecture SQL Data Services Front End SQL Data Services Back End
REST / SOAP REST / SOAP REST / SOAP REST / SOAP REST / SOAP REST / SOAP REST / SOAP SDS Runtime SDS Runtime SDS Runtime SDS Runtime SDS Runtime SDS Runtime SDS Runtime Data Access Lib Data Access Lib Data Access Lib Data Access Lib Data Access Lib Data Access Lib Data Access Lib Data Cluster SQL Data Services Back End Master Cluster SQL Server SQL Server SQL Server SQL Server SQL Server SQL Server SQL Server Distributed Data Fabric Distributed Data Fabric Distributed Data Fabric Distributed Data Fabric Distributed Data Fabric Distributed Data Fabric Distributed Data Fabric Mgmt. Services Mgmt. Services Mgmt. Services Mgmt. Services Mgmt. Services Mgmt. Services Mgmt. Services
45
SDS - Reliable Master Cluster Manager Partition Placement Advisor
Data And Master Nodes SDS - Reliable Master Cluster Manager SDS – Data Nodes SDS - Back-end Partition Manager Global Partition Map SQL Server Partition Placement Advisor Leader Elector Distributed Data Fabric SQL Server Database P1 P2 P3 P4 P5 P6 Data Node 105 Data Node 104 Data Node 103 Data Node 102 Data Node 101 P6 S6 P5 S5 P3 S3 P4 S4 P1 P2 S1 S2 S2 S1
46
Zusammenfassung Anwendungsintegration durch den .NET Service Bus
Zugriffskontrolle durch den .NET Access Control Service Wiederverwenden von Anwendungslogik durch .NET Workflow Service Melden Sie sich für den momentanen CTP an unter
47
Weiterführende Informationen
PDC Videos BB01, BB02, BB12, BB23, BB28, BB38, BB55 Blog Posts Federating with the ACS Other resources Blogs
Ähnliche Präsentationen
© 2024 SlidePlayer.org Inc.
All rights reserved.