Azure Application Architecture Guide
masashin
1,767 views
66 slides
Mar 25, 2017
Slide 1 of 66
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
About This Presentation
Azure Application Architecture Guide Overview
Slide Content
A3G Overview Masashi Narumoto Principal lead PM AzureCAT patterns & practices Azure Application A rchitecture Guide
Traditional vs. Modern application Traditional on-premises Modern cloud Relational database Polyglot persistence Strong consistency Eventual consistency Design for predictable scalability Design for unbound scalability Serial and synchronized processing Parallel and asynchronous processing Monolithic, centralized Decomposed, de-centralized Snowflake servers Immutable infrastructure Integrated authentication Federated authentication Design to keep app running (MTBF) Design for failure (MTTR) Big bang release Frequent small update Manual management Automated self-management
Process of Software development Business alignment Technology alignment
Process of Software development Architecture style guide Design principles Compute selection guide Storage selection guide Best practices Design patterns Design review checklist Business capability Domain driven Data driven End to end traceability
Process of Software development
Analyzing business domain Functional – Domain driven or data centric Ubiquitous language to model business domains Bounded context shows service boundary Context map visualizes to service dependency Aggregate, Domain service/event lead to microservices and inter service comm Non-functional - RTO/RPO/MTO, SLO/SLA, Security, Operation RTO leads to failover period RPO leads to backup interval SLA leads to choice of services w/ level of redundancy Throughput/Latency leads to choice of SKU w/ partitioning and topology Security leads to authN / authZ , encryption (transit, at rest) Operation leads to automated monitoring, management solutions
What if we don’t model around business? Spending too much time on the features nobody’s going to use Wrong assumptions are baked into data and service model Change in technology directly affects service model System is not scalable nor secure SLA target is not met System health is not visible to operators
What if we don’t model around business?
Example – Drone delivery service
Accounts Drone management 3 rd party transportation Call center Video surveillance Drone sharing Drone management Drone sharing 3 rd party transportation Shipping (Core) Call center Shipping Context map – Drone delivery service Surveyllance Accounts
Drone management Accounts Drone sharing 3 rd party transportation Shipping (Core) Call center Context map – Problem and Solution space Surveyllance Accounts Drone management 3 rd party transportation Call center Video surveillance Drone sharing Shipping
Accounts Drone management 3 rd party transportation Call center Video surveillance Drone sharing Drone management Drone sharing 3 rd party transportation Shipping (Core) Call center Shipping Context map – Drone delivery service Surveyllance Shipping Accounts
A ggregates and services in shipping domain Shipping Drone Package Delivery DeliveryScheduler DeliverySupervisor Account 3 rd party transportation Authentication Aggregate Domain service
Non-functional requirements – Shipping 10K to 100K rps to delivery scheduler 1M write/sec to geospatial index (geo-data / 4 sec / drone) Latency in 99 percentile has to be within 1 sec 99.99% uptime for delivery scheduler Daily update for ETA/Drone optimization algorithm CI/CD to support daily deployment Recovery time objective (RTO) should be 10 mins Recovery point objective should be an hour Drones and PII need to be protected from malicious attack Monitor the system for RCA and system health
Process of Software development
Choosing architecture style Domain Model Monolith? Microservices? CQRS? Web-queue-worker?
What if we don’t c hoose right architecture?
Architecture imposes constraints f or desirable outcome
Constraints in microservices - A service represents a single responsibility - Services don’t share its data Service calls only via API Every service has to be independently deployable R elease pipeline has to be de-centralized
Applying architecture style Business Domain Data access Business logic API
Choosing architecture style Business domain (Functional, Non-functional) Type/Complexity of domain Prerequisites Skillset, Team, Culture Benefits vs. Challenges Does benefits justify taking challenges? Degree of conformity Purist vs. Pragmatist
When to choose Microservices? Benefits Independent deployment Fault isolation Diverse technology Small focused team Separate scalability Challenges Complexity Network congestion Data integrity/consistency Testing Reliability Business domain Complex domain Deployment at high velocity Many independent teams Prerequisites Skill set for distributed system Domain knowledge DevOps culture M onitoring capability
Degree of distribution Monolith (Big ball of mud) microservices Corse grained Somewhat decomposed
Choosing architecture styles Dependency management Domain type/complexity N-Tier+ Horizontal layers (open/close) Traditional business domain Frequency of update is low Web-Queue-Worker Front/Backend jobs Decoupled by async messaging Relatively simple domain with some resource intensive tasks Microservices Vertical (functional) decoupling Service calls via API Complicated domain Frequent update is required CQRS R/W segregation Schema/Scale are optimized separately Collaborative domain where lots of users access the same data EDA Data ingested into streaming Independent view per sub-system Internet of things Big data Divide huge dataset into small chunks Parallel processing on local dataset Batch and real-time data analysis Predictive analysis using ML Big compute Data allocation to thousands of cores Embarrassingly parallel processing Compute intensive domain such as simulation, number crunching
User Business logic Polyglot Storage Device Gateway Streaming & analytics Device control Device State & Mgmt Business System Hot & Cold Storage Serving & BI Device API Gateway Web/Mobile application IIoT Data analysis Batch Analysis Near Real-time Analysis Notification Remote Service Cloud application architecture User management
User Business logic Polyglot Storage Device Gateway Streaming & analytics Device control Device State & Mgmt Business System Hot & Cold Storage Serving & BI Device API Gateway Web/Mobile application IIoT Data analysis Batch Analysis Near Real-time Analysis Notification Remote Service User management Microservices Cloud application architecture SPA Event Driven Big data N-Tier Web-Queue-Worker CQRS Big compute Lift & Shift
User Business logic Polyglot Storage Device Gateway Streaming & analytics Device control Device State & Mgmt Business System Hot & Cold Storage Serving & BI Device API Gateway Web/Mobile application IIoT Data analysis Batch Analysis Near Real-time Analysis Notification Remote Service Cloud application architecture User management
N-Tier+ architecture
N−Tier+ architecture Web tier Database Storage Remote service NVA Middle tier 2 Messaging Cache Middle tier 1 Jump Box User Admin
Best practices for N−Tier+ architecture Web tier Database Storage Remote service NVA Middle tier 2 Messaging Cache Middle tier 1 Jump Box User Admin Place multiple NVA for HA Use messaging to decouple tiers Cache semi-static data Protect internet access by NVA Restrict access to data tier Admin tasks via jump box Use separate subnet/availability set per tier with multi VMs Configure redundancy such as SQL AlwaysOn AG
N-Tier+ When to use : Migration scenario with m inimum refactoring from existing app Simple web applications(e.g. admin web site) You need unified development/management across on-premises and cloud Benefits : High portability Less learning curve Natural evolution from traditional model Open to heterogeneous environment (Windows/Linux) Challenges : Monolith prevents independent deployment Manageability is not optimal Versioning of each service running on VMs Configuring network security is not trivial Conforming to industry regulations (e.g. PCI, SOX, HIPPA)
Web-Queue-Worker architecture
Web-Queue-Worker architecture SPA & Mobile Web frontend services SQL NoSQL CDN Remote service Cache Worker s Messaging IdP
Best practices for Web-Queue-Worker SPA & Mobile Web frontend services SQL NoSQL CDN Remote service Cache Workers Messaging IdP Partition data Use polyglot storage Auto-scale instances Decouple resource intensive jobs Host static content Expose consumer friendly API Retry transient faults Cache semi-static data
SPA & Mobile Web frontend services SQL NoSQL CDN Remote service Cache Workers Blob Messaging IdP Design patterns for Web-Queue-Worker Throttling Circuit breaker Cache aside Federated authentication Index table Sharding Static content hosting Competing consumers Load leveling Valet key
SPA & Mobile Web frontend services SQL NoSQL CDN Remote service Cache Workers Messaging IdP Anti-patterns in Web-Queue-Worker Busy frontend No Cache Synchronous IO Improper instantiation Busy database Monolithic persistence Serial message processing Chatty IO Extraneous fetching
Web-Queue-Worker When to use Web applications with straightforward business logic You want to take advantage of managed services Benefits : Very first Azure architecture Relatively simple architecture that is easy to understand Easy to deploy and manage Clear separation of concerns The front end is decoupled from the worker using asynchronous messaging Challenges Without careful design, the web front end and the worker can become large, monolithic components that are difficult to maintain and update. There may be hidden dependencies, if the front end and worker share data schemas or code modules.
Microservices architecture
Microservices SPA & Mobile Microservices SQL NoSQL API Gateway CDN Remote Service Blob IdP
Microservices – Best practices SPA & Mobile Microservices SQL NoSQL API Gateway Remote Service IdP DevOps Release process Release process Each service has a single responsibility Don’t share the data directly Every request goes through GW Model service around business domain Isolate failure Decentralize all things Don’t leak implementation details Service calls via API Offload cross cutting concerns to GW Use polyglot storage
Microservices When to use Requires continuous innovation Requires d eployment at high velocity Deals with complex domain Benefits Independent deployment Fault isolation Diverse technology Small focused team Separate scalability Challenges Complexity Network congestion Data integrity/consistency Testing Reliability
CQRS architecture
Microservices + CQRS SPA & Mobile Microservices SQL NoSQL API Gateway CDN Remote Service Cache Read model Write model Microservices Blob Command Query Messaging IdP
Decoupling data by CQRS Delivery Account DeliveryID PackageID Drones 1234 0011 003154 DeliveryID PackageID Date Delivered 1234 0011 99 01/19/2017 Write model ( Event sourcing) Read model (Materialized View) Eventually consistent Account Delivery history Drone Message Broker PackageDelivered
SPA & Mobile Microservices SQL NoSQL API Gateway CDN Remote Service Cache Read model Write model Microservices Blob Command Query Messaging IdP Design patterns for microservices/CQRS Read model GW- aggregation Bulkhead Sidecar Backend for frontend Event sourcing Materialized view Ambassodar GW- offloading
CQRS When to use Collaborative domain with lots of operations to the same data R/W mismatch causes issues High scalability is required Benefits Separate scalability for R/W Decoupling Read from Write Optimal schema for read and write Challenges Data consistency issues Complex implementation
User Business logic Polyglot Storage Device Gateway Streaming & analytics Device control Device State & Mgmt Business System Hot & Cold Storage Serving & BI Device API Gateway Web/Mobile application IIoT Data analysis Batch Analysis Near Real-time Analysis Notification Remote Service IIoT User management
Event Driven Event ingestion Event producers Event consumers Event consumers Event consumers
Event Driven When to use Multiple subsystems process the same event Real-time processing with minimum time lag Complex event processing such as pattern matching Event processing with high ingestion rate such as IoT Benefits No point to point Integrations Immediate actions at consumer (minimum time lag) Very well decoupling producers from consumers Highly scalable and distributable Challenges Reliability, losing a single event could make system unstable (guaranteed delivery) Order of processing Exact once processing
EDA( IoT ) Reference Architecture Device Serving layer Application backend Cloud gateway Device gateway Provisioning API Identity and registry store Device state store Stream processors Storage Analytics & Machine learning BI Adaptor to External system
EDA( IoT ) Reference Architecture Device Serving layer Application backend Cloud gateway Device gateway Provisioning API Identity and registry store Device state store Stream processors Storage Analytics & Machine learning BI Adaptor to External system Car Machine e tc. IoT Hub EvenytHub IoT Hub Azure storage Custom app Azure stream analysis Storm Spark Azure storage ADLS Azure ML Spark HBase SQL DB SQL DWH Spark Cassandra Power BI Excel SSAS Tableau Qlikview Custom app Actor FW Azure Batch Custom app
Cloud Design Patterns ‘Cloud Design Patterns’ http://aka.ms/cloud-design-patterns
User Business logic Polyglot Storage Device Gateway Streaming & analytics Device control Device State & Mgmt Business System Hot & Cold Storage Serving & BI Device API Gateway Web/Mobile application IIoT Data analysis Batch Analysis Near Real-time Analysis Notification Remote Service Big Data User management
Big data architecture
Big data reference architecture Data source Batch processing Stream analysis Serving layer Data streaming Business intelligence Orchestration Data storage
Data ingestion pattern Data source Batch processing Stream analysis Serving layer Data streaming Business intelligence Orchestration Data storage
Best practices for Big data Data source Batch processing Stream analysis Serving layer Data streaming Business intelligence Orchestration Data storage Implement retention policy Upload large dataset using multiple threads in parallel Scrub sensitive data before publishing Partition the data Automate data ingestion and process by orchestration tools Provision a separate cluster for Hbase /Storm than batch processing Prevent data skew issue Use protocol conversion to speed up
Big data – service mapping Data source B atch processing Stream analysis Serving layer Data streaming Business intelligence Orchestration Data storage Device Weblogs Click stream OLTP Azure Data Lake Store Azure storage EventHub IoT Hub Kafka ASA Spark Storm ADLA HDInsight HBase Cassandra DocumentDB SQL DB/DWH Spark Power BI Excel SSAS Tableau Qlikview Custom app Azure Data Factory Oozie SSIS
Big data When to use Process TB ~ PB of data in a timely manner Pre-process raw data and pass the aggregated results to BI Real-time processing Experiment new data type quickly Predictive analysis Benefits Cost effective solution for large dataset High performance by parallel processing with data locality Challenges Data ingestion Numerous combination of technologies Too many knobs to optimize performance Security
Example – Drone delivery service
Accounts Drone management 3 rd party transportation Call center Video surveillance Drone sharing Drone management Accounts Drone sharing 3 rd party transportation Shipping (Core) Call center Shipping Context map – Drone delivery service Surveyllance
A ggregates and services in shipping domain Shipping Drone Package Delivery DeliveryScheduler DeliverySupervisor Account 3 rd party transportation Authentication DeliveryScheduler DeliverySupervisor Delivery Package Authentication Drone Account 3 rd party transportation Microservices Microservices In different BC
DeliveryScheduler Package Drone Delivery Mobile app Event sourcing Delivery Supervisor DeliveryEvents RequestEvents GW Status 3 rd party Service Account Service DroneMgmt Service Microservices in Shipping BC Account Service Auth Service 3 rd party transportation Account Account Service
DeliveryScheduler Package Drone Delivery Mobile app Delivery Supervisor GW Design patterns Auth Service 3 rd party transportation Account Load leveling GW- routing Throttling Scheduler-Agent-Supervisor Event sourcing Circuit breaker Competing consumers Bulkhead Sidecar Ambassador GW- offloading Federated auth Sharding Ambassador 3 rd party Service Account Service DroneMgmt Service Account Service Pub-Sub
User Business logic Polyglot Storage Device Gateway Streaming & analytics Device control Device State & Mgmt Business System Hot & Cold Storage Serving & BI Device API Gateway Web/Mobile application IIoT Data analysis Batch Analysis Near Real-time Analysis Notification Remote Service Drone delivery application architecture User management Drone geolocation and ETA User device geolocation Account management Drone scheduling ETA Drone placement
Tags
Download
Download Slideshow Get the original presentation fileQuick Actions
Statistics
- Views 1,767
- Slides 66
- Favorites 8
- Age 3173 days
Related Slideshows
1
MGV Residential Design projects for different clients, including a New Mexico Adobe project-1-.pdf
mannyvesa
26 views
16
EUNITED_Advocacy and Public Engagement through Visual Media
GeorgeDiamandis11
30 views
31
DESIGN THINKINGGG PPT 2 TOPIC IDEATION.pptx
HibaZaidi2
24 views
36
DESIGN THINKING CHAPTER 1 PPTT PPT 1.pptx
HibaZaidi2
27 views
112
Hinduism and Its History - PowerPoint Slides.pptx
ConorMcCormack10
23 views
20
Service Attributes of Manufactured Parts.pptx
MustafaEnesKrmac
24 views