UK Windows Azure User Group

Last Tuesday was another installment from the UK Windows Azure User Group (formerly London Windows Azure UG) which this time included a presentation from our very own Simon Hart, and as well as myself, two other Smarties also attended the event to heckle support Simon.

The session kicked off with an apology from Microsoft’s Mark Quirk (Azure Product Manager) due to last week’s Azure downtime. Mark described this as the first incident in two-half years and although any incident like this is never a good thing, it was great to see Mark there and helped reinforce to me just how important this stuff is to Microsoft.

The 1st agenda item was from Yossi Dahan (MS Technical Specialist) and given that he wasn’t feeling well he did a great presentation on Azure and how it can support mobile application development. Yossi demonstrated a mobile solution called BabelCam (source available here ) which goes something like this:

1. Someone takes a picture from a mobile device of a menu which is in a foreign language.
2. The solution then authenticates using the Azure Access Control Service (ACS).
3. Once authenticated, stores the image on Azure as a BLOB.
4. Passes the image to an OCR service to capture the text.
5. The text is then passed to Bing where it is translated into English.
6. Translated message is passed back to the mobile device.

A couple of things stuck out for me:

1. Due to the constraints of processing power on mobile devices, Azure enables developers to move as much logic and data as possible from the device up onto the cloud.
2. This helps deliver more powerful applications but also means that it is easier to support multiple device OS’s (Windows, iOS and Android) using the .NET SDKs.

The main realisation I had was how influential Cloud paired with Mobile will be and the combined potential that these technologies bring. Consumer-focused mobile applications (above Enterprise apps) require the type of scalability that only the cloud can provide. Couple this with the ease at which things like ACS can be configured to authenticate users via Live ID, Yahoo!, Google Mail and Facebook and MS are providing the building blocks for vastly scalable, quick-to-market solutions.

Following the beer and pizza (thanks sponsors), Simon Hart talked us through his soon to be published Azure reference architecture…in 45 minutes!

The solution enables you to notify your home-based media center of programmes you wish to record from any browser device. The effort and dedication shown by Simon in developing the reference architecture was obvious and the slides at the start helped frame the presentation; what initially looks to be a simple undertaking turns out to be quite a challenge. What Simon demonstrated was how all the facets of Azure can be used to overcome these challenges creating a solution that is:

• Secure (using ACS)
• Scalable (using the Azure Service Bus)
• Resilient (using an active-passive DR capability across regions)

It was great to see an example pulling all these different parts together in one solution…the difficult part, was grasping it all in the time! I think that Simon is penciled in for the next meeting (3rd April) to talk in more detail about the Service Bus, so it’ll be another late one for me but well worth it.

 

London Azure user group meeting – Jan 2012

On Tuesday night last week I attended my first London Windows Azure user group meeting – it’s the second time this new group have met, but the first one I’m managed to make it to. My colleague Simon Hart blogged about the inaugural event here.

There were about 35 attendees or so and it felt like a good crowd, asking intelligent questions and I had some interesting chats during the breaks with some other user group members and I also caught up with Yossi Dahan (a Microsoft technical architect I’ve met before) – it really feels like this young user group has some momentum – so hats off to the organisers for getting this off the ground! The good pizza, chips, and beer also always helps – this must be one of the best catered user group meetings I’ve ever been to – there was even someone opening my beer bottle for me…

Planky (aka Steve Plank from Microsoft) presented on two topics relating to different strategies for identity federation and application access control – Azure’s Access Control Service (ACS) and Azure Connect.

Most of the the presentation time was allocated to ACS – which is pretty intricate to use. Well – it’s probably fairer to say that there are plenty of moving parts and technologies to get to grips with if you want to federate identities from Active Directory on-premise using ADFS2, via ACS in Azure to a set of applications hosted in Azure (which will typically using Windows Identity Foundation – WIF – to process the security token issued by ACS). None of it is particularly tricky in itself, but the great man himself hit some issues along the way (which always makes for a better presentation anyway ) and I was left thinking that it was a bit of nightmare to troubleshoot exactly why user access to the end application (the “relying party”) was being denied (see the image above) – it’s just the joys of debugging a distributed architecture I guess.

Azure Connect is essentially a VPN and IPSEC tunnel offering that I guess is very roughly equivalent to the Virtual Private Cloud (VPC) offering from AWS, but with some significant differences – but it’s trying to address the same key requirement – seamless but secure network connectivity between on-premise and cloud-based networks. It’s still in beta (at least until Summer 2012) and has some inherent limitations such as the fact that it requires a separate installation of agent software on every on-premise server that will talk to/from Azure, but it looks like an interesting technology. My main concern was just whether our customer’s security team’s could live with this model though – as in addition to the installation requirement, it essentially avoids any corporate firewall by creating an out bound SSL (port 443) connection to the Relay Service on Azure, effectively creating a client-to-site VPN from each individual on-premise server to the Relay Service.

So overall – a very useful and interesting evening, I’m glad I attended and I recommend my Smart421 colleagues to make the effort to attend future events (which are planned to be monthly) – the next event (register here) is on the 7th Feb and relates to “Parallel Processing with Azure and HPC Server“, so I’m personally very interested to hear how this compares to AWS’s offerings in this area.