Hybrid Connections an introduction Sam Vanhoutte CTO Codit
Hybrid Connections, an introduction Sam Vanhoutte CTO Codit, Integration MVP
Nice to meet you Sam VANHOUTTE 2012 & 2013 CTO, Codit Partner of the Year Integration MVP – Biz. Talk V-TSP http: //blog. codit. eu @Sam. Vanhoutte 2000 Belgium 2004 France 2013 Portugal Award Finalist Application Integration International Focus HQ in BE Community Microsoft Integration
Agenda FOR THE NEXT HOUR 1) 2) 3) 4) 5) Azure Hybrid connectivity options Biz. Talk Hybrid Connections Demo time Architecture Comparing & when to use what
Questions? #azureconf on Twitter
Hybrid Connectivity in Azure overview when to use what
Evolving Enterprise Infrastructure Corporate Network Virtual Network
Virtual Networking IP/SEC VPN-STYLE CONNECTIVITY • Traditional network level connectivity • Various options • Point 2 Site • Site 2 Site • Express. Route Watch session of Vishwas
Service Bus Messaging INTEROPERABLE ASYNC COMMUNICATION • Asynchronous, message based • Features • Queues & Topics for distributed messaging • Event Hubs for scalable event ingestion • Notification hubs for phone notifications Watch session of Rick
Service Bus Relay MAKE INTERNAL SERVICES REACHABLE THROUGH AZURE ENDPOINTS • Firewall friendly service publishing • Outbound only ports • More & more used to avoid DMZ / reverse proxy • Features • Load balancing • Fail over • WCF / REST bindings available
Biz. Talk Services EAI & B 2 B INTEGRATION • EAI capabilities • On premise LOB connectivity (SQL, SAP, Oracle…) • Transformation & flat file support • Routing • EDI capabilities • Support for EDIFACT & X 12 • Trading partner management • Hybrid connections • in Free tier of Biz. Talk Services
Azure Hybrid Connections positioning & overview architecture
Goals Access on-prem w/o custom code or infra Keep existing network configuration Control & Visibility Agility & Flexibility
Introducing hybrid connections part of Biz. Talk Services supported by in preview free tier (<5 cnx) Azure Web Sites Mobile Services goal: more to come
Biz. Talk Services pricing model FREE (preview) DEVELOPER BASIC STANDARD PREMIUM EAI capabilities No Yes Yes EDI capabilities No Yes Yes 1 unit 8 units Scale limit Scale out No No Yes Yes Hy. Cnx per unit 5 5 10 50 100 Hy. Cnx data transfer / unit 5 GB 50 GB 250 GB 500 GB Connection limits for each Hybrid Connection apply. Additional Hybrid data transfer billed at $1/GB.
DEMO
Key Features • Access to on-premises resources • Connect to SQL Server, Web Services or most other resources that use TCP or HTTP connectivity • Works with most frameworks • Support for. NET, PHP, Java, Python, Node. js for Websites and Node. js and. NET for Mobile Services • No need to alter the network perimeter • Doesn’t require a VPN gateway or Firewall changes to allow incoming traffic • Applications have access only to the resource that they require • Maintains IT control over resources • Support for Group Policy and Event/Audit Logging providing Admins control and visibility
Hybrid Connections Corporate Network Microsoft SQL Server Web Sites Hybrid Connection Mobile Services Hybrid Connection Manager Other published resources
‘As-is’ situation, expense application Integration Dashboard Biz. Talk Server Process
Step 1: lift & shift dashboard web app Dashboard frontend Integration backend Dashboard Biz. Talk Server Process
Step 2: create expense mobile app Dashboard frontend Dashboard backend Biz. Talk Server Process Expense mobile svc
Step 3: Expose the expense API Expense API Dashboard frontend Dashboard backend Biz. Talk Server Process Expense mobile svc
Architecture agent topologies automation
The hybrid connection manager ON PREMISES AGENT SPECIFICS 80 Install from portal Download here Windows Service Hybrid. Connection. Mgr Port 80 required Outbound only 443 5671 9352 Optional ports Fallback on 443 - 80
Limits & constraints • Support for TCP & HTTP • Recommend using static TCP ports • Dynamic ports (ie FTP passive mode) are not supported • No buffering or traffic inspection • TLS can be negotiated end-end
SQL Server specifics • SQL Express named instances should use static ports • TCP should be enabled • SQL Always on limitations • Multi. Subnet. Failover=true is not supported for clustering or availability groups • Application. Intent=Read. Only is not supported • Integrated security not supported
Security • Shared access signatures • Secure, simple & familiar • Separate roles for on-premises connector & apps • Credentials for the on-premises connector & client apps can be rolled independently • Seamless & secure distribution & update of credentials to applications & Hybrid Connection Manager • Application authorization is independent • You can use an authorization mechanism appropriate for the Hybrid Application • In practice, depends on End-to-End authorization mechanisms supported across cloud/on-premises
Reusing connections Microsoft Azure Hybrid Connection On Premises Hybrid Connection Manager Multiple applications can share a Hybrid Connection to access an on-prem resource Applications on Azure access a resource the same way they would if it was running on-premises
Load-balanced connectors Hybrid Connection Manager Multiple instances of the Hybrid Connection Manager can be used on-premises for resiliency and load-balancing.
DEMO
Throughput SOME TIPS & GUIDANCE Performance of outbound connection Multiple agents often increase throughput No throttling on connection or agent Biz. Talk tier does not impact performance
Some #devops POWERSHELL, VISIBILITY & GROUP POLICIES • Group policy settings to allow/designate resources • Event & audit logs available • Agent comes with Power. Shell cmdlets Update-Hybrid. Connection -Connection. String "<cnxstring>" Add-Hybrid. Connection -Connection. String "<cnxstring>" Remove-Hybrid. Connection –Connection. String "<cnxstring>" Set-Hybrid. Connection. Manager. Configuration –Management. Port 9352 Get-Hybrid. Connection
When to use what Virtual networking Hybrid Connections Service Bus relay
A comparison Virtual networking (VPN) Addressing Hybrid Connections Service Bus Relay Host name / IP Public DNS Intranet style Shared. Secret, SAML, SAS TCP level SOAP / REST Load balancing Complex, traditional Use multiple agents To 20 cnx per endpoint High availability Complex, traditional Use multiple agents To 20 cnx per endpoint Billing model Time-based (gateway) Bandwidth (mostly FREE) Per connection Time to value Complex installation Very fast (outbound ports) Iaa. S vs Paa. S Iaa. S Paa. S (ier) Paa. S (iest) Security Application connectivity
wrap-up Hybrid Connections
THANK YOU !! For all your follow up questions: @Sam. Vanhoutte AND STAY TUNED FOR THE NEXT SESSIONS !!
Get started with a free trial http: //aka. ms/Azure. Conf 2014 Or, use your existing benefits… http: //aka. ms/Azure. Conf-Member. Offers
- Slides: 37
