Join me at SDEC 2011 in Winnipeg

If you’re going to be around Winnipeg between October 17-19, why not join me at the Software Development and Evolution Conference? [Register Today]

I’ll be giving two talks both, surprise surprise, on Windows Azure and Cloud Computing.

Windows Azure Sessions at SDEC 2011

The 7 Deadly Sins of Cloud Development

Are you a sinner, a saint, or a lost soul in your journey to the clouds? Come identify potential sins in your current/future cloud deployment, and discover ways to repent. In this session we will look at tools, code and architectural decisions that will lead you on the right path heading into the cloud.

Azure Deep Dive – Migrate an Application to Windows Azure

This is a hands on event so be sure to BRING YOUR LAPTOP loaded with the pre-requisite software below. Take an existing application and prepare it for the cloud. During this Dojo you’ll be able to register for your very own Windows Azure Account, or use one of the limited time accounts provided. Then take a guided tour to moving an existing application (provided) modify it so it’s "cloud ready", then deploy the application to Windows Azure. Required pre-requisite software:

  1. Visual Studio 2010
  2. SQL Server Management Studio 2008 R2
  3. Windows Azure Tools for Visual Studio 2010
  4. Windows Identity Foundation
    1.  Windows Identity Foundation SDK

[Or setup an Ultimate Windows Azure Development Environment]

Configure Windows Azure Diagnostics–One Config To Rule Them All!

One thing each developer strives for is maintaining less code. I don’t know why anyone would code something more than once, or have to modify code when it could be placed in a configuration file, which is much simpler to modify, not to mention easier to share between projects.

At first, I considered creating a base class for RoleEntryPoint which contained my Diagnostics Configuration for my Windows Azure Projects. Although this would have done a decent job of facilitating my Diagnostics Configuration, it didn’t quite sit right with me as it would need to either load a large set of configurations from the Cloud Service Configuration file which would need to be added to every project, or I would be stuck hardcoding a number of defaults which I deemed to be a good baseline set, neither of these options were very appealing.

Configuration Settings could have been handled by creating a new Project Template within Visual Studio but this still seems like a larger effort than is needed.

I started thinking about how a Windows Azure VM Role would configure it’s diagnostics and started searching around the web of a solution. I’m glad I did as I ended up finding this Golden Nugget. Enter Windows Azure Diagnostics Configuration File:

Web Role: Role [Root] Bin Directory
Worker Role Placement:
Role Root
VM Role Placement: %ProgramFiles%\Windows Azure Integration Components\<VersionNumber>\Diagnostics

Windows Azure Diagnostics Configuration File

Schema: %ProgramFiles%\Windows Azure SDK\<VersionNumber>\schemas\DiagnosticsConfig201010.xsd

For more information, see the Windows Azure Libarary Article: Using the Windows Azure Diagnostics Configuration File.

I would suggest reading the Section: “Installing the Diagnostics Configuration File” which outlines how the diagnostics configuration file is handled along side the DiagnosticManager configurations.

Happy Clouding!

[Info Graphic] Costs: Private vs. Public Cloud

 

Here’s an interesting Info Graphic on Private vs. Public Cloud. My Favourite part is the following code snippet which is found on the left hand side of the graphic below the red light saber.

if ($CompanyWorth >= 1 billion dollar)
{
   $PrivateCloud = "Yes."
} else {
   $PrivateCloud = "Try the public cloud."
}
//end cloud computing evaluation.

[Note: Visualization was removed]

Dealing with Windows Azure SDK1.3 MachineKey issue causing inconsistent Hash/Encryption with Powershell [Work in Progress]

There has been a rise in the number of Encryption questions on the Windows Azure Forums. First off, I’d have to applaud those who are playing the safety card in the cloud and encrypting their data.

With the recent FBI Take over of Instapaper’s Servers due to an unrelated raid, looming in the minds of Business and Technical Decision makers are thought of how secure their systems may be in a similar scenario. Fortunately instapaper had encrypted their users passwords, however other potentially sensitive data like email addresses, and bookmark information were not encrypted which may have exposed a number of their user base.

[NOTE: This post is currently a work in progress, but I wanted to share what I was working on. Currently this work around for the SDK 1.3 Machine Key issue is subject to a Race Condition which is described in more detail in my previous post: Windows Azure Role Startup Life-Cycle]

Known Issue: Windows Azure Machine Key is replaced on Deployment

To better understand the Machine Key Element in the web.config file check out the documentation on MSDN Library. You can also Generate a Machine Key using an online tool provided by ASPNetResources.com.

The reason behind this blog post is due to a known issue which was introduced in the Windows Azure SDK 1.3 which will replace the Machine Key in your web.config file in deployment. There is a work around for this issue that is posted within the Windows Azure Documentation on MSDN, however, their solution does have a security warning attached [See Below], which this solution is trying to mitigate.

Security Note

Elevated privileges are required to use IIS 7.0 Managed Configuration API for any purpose, such as programmatic configuration of sites.

The role entry point must run with elevated privileges for this workaround to function correctly. The steps below configure the role for elevated execution privilege. This configuration applies only to the role entry point process. It does not apply to the site itself. Note that the role entry point process remains runs with elevated privileges indefinitely. Exercise caution.

Avoiding an Indefinite Elevation of Privileges with Startup Tasks

Startup Tasks which were also introduced in Windows Azure SDK 1.3 are a very powerful tool in a Windows Azure Developers Arsenal.

Startup Task allow the execution of any Command Shell executable file, including msi, bat, cmd, and Powershell (ps1). The purpose is to modify the base Operating System provided to work for the Application that is being deployed.

Each individual startup task allows for a different elevation of privileges to be applied.

Scripting a Machine Key into the web.config of each Website within IIS with Powershell

Powershell is a powerful  scripting language which allows Access to IIS by using it’s WebAdministration Module. Below you will find a reusable script that will replace the machinekey in the web.config file located in the ‘siteroot’ in a Windows Azure Deployment.

This script could potentially be cleaned up by someone that has more experience with Powershell, but it definitely achieves the goal that has been set out.

Slight Script Assumption

As you can see, this script iterates over all of the sites within IIS, meaning each site will effectively get the same Machinekey within their individual web.config files. It’s up to you if this is acceptable behavior or not for your particular scenario. This might not be a desired case for a Multi-Tenant Application.

The powershell above is only one part of the equation. The secondary piece is where we actually call this powershell script, which can be handed off to a Command Script (.cmd) to be used as our startup task.

In order to run powershell script files within Windows Azure you *MUST* change the ExecutionPolicy, I suggest using RemoteSigned. Next -Command is referencing the Powershell Script and accepts the Arguments for the Decryption Type, DecryptionKey, Validation Type, and ValidationKey  which are the necessary values for the attributes in the machinekey element.

Then to setup the startup task add the following to the Service Definition File within the WebRole Definition.

When dealing with Startup Tasks it is important you set them up properly within your Web Project File [Read: How to Resolve Cannot Find File Error for Windows Azure Startup Tasks in Visual Studio].

How to Resolve ‘error: Cannot find file named ‘approot\bin\startup.cmd’’ for Windows Azure Startup Tasks in Visual Studio

A number of people have been coming across an issue when attempting to create Startup Tasks in their Windows Azure Deployments. Typically I’ve been packaging my deployments with the CSPack Utility which is part of the Windows Azure Tools for Visual Studio. [Read: Installing PHP in Windows Azure Leveraging Full IIS Support: Part 3]

You can resolve this issue by selecting your startup script file in the Solution Explorer, and Navigating to the Properties [Alt + Enter]. The Second Item down on the List is “Copy to Output Directory” this needs to be set to either “Copy Always” or “Copy if Newer”.

image

In the example above, my startup script is named PowershellRun, but this could be renamed to match the startup script name in the title startup.cmd.

Happy Clouding!

Cloud Startup Challenge [Powered By Microsoft]

cloud-startup-challengeA few weeks ago, I was involved with a Cloud Startup Challenge at Microsoft Canada Meadowvale Campus. The Cloud Startup Challenge invited Startups from across Canada to submit their Business Plan. Out of the 500 Entries, only 5 companies were selected to participate. My role in the Cloud Startup Challenge was a Cloud Mentor. My responsibility as a Cloud Mentor was to help any of the Startups get their application up and running on Windows Azure.

The Participants

Presentation: Windows Azure for Startups

Cloud Startup Challenge Outcome

The winner of the Cloud Startup Challenge was YourVirtualButler.com. YourVirtualButler is a Service which organizes Co-Work Spaces [like my friends at threefortynine* in Guelph]. This Software as a Service [SaaS] Application inventories and manages Shared-Space Environments keeping track of both the rooms available as well as equipment and refreshments.

Congrats! I look forward to seeing how YourVirtualButler takes off in the coming months.

* ThreeFortyNine is not a Client of YourVirtualButler