ASP.NET Bad Practices: What you shouldn’t do in ASP.NET (Part 4)

I’ve so far covered 15 bad practices in the past three posts and I truly hope that all ASP.NET developers be aware of them including the consequences of each.

Today, I’ll be covering another 5 as the part four.

16. Style Properties on Controls

AVOID

  • The four thousand specific control style properties, e.g.
    • EditItemTemplate-AlternateItem-Font-ForeColor-Opacity-Level :S

WHY

  • Maintainability
  • Bigger page size resulting slower performance since it not being cached

PREFER

  • CSS stylesheets

 

17. Filtering records on app level, not database level

TRY TO AVOID

  • Bringing whole list of records from database and filter them on the application level
using (NorthwindEntities ent = new NorthwindEntities())
{  
    var productList = ent.Products.ToList();

    foreach (var product in productList)
    {
        if (product.UnitPrice > 1000)
            Export(product);
    } 
}

WHY

  • Unnecessary traffic
  • Unnecessary processing resource

DO

  • Write proper query (or LINQ Query) to database
  • Get only what you need
using (NorthwindEntities ent = new NorthwindEntities())
{  
    var productList = ent.Products.Where(x => x.UnitPrice > 1000).ToList();
    foreach (var product in productList)
    { 
        Export(product);
    } 
}

18. Cookieless Form Auth & Session

DO NOT

  • Enable cookieless forms authentication or session

WHY

  • It could make your users being the victim to hijacking attacks

DO

  • Enable “require cookies” for these features
  • Consider using only secure (SSL) cookies for sites serving sensitive information

 

19. Missing “!IsPostback” check

DO NOT

  • Forget the !IsPostBack check if you’re not expecting the execution on every postbacks.
  • You can say that, this is so fundamental.
  • Yes it is, but I’ve still seen quite couple of developers make this mistake!
protected void Page_Load(object sender, EventArgs e)
{
    //initialize the code here
}

WHY

  • Overhead on the unnecessary calls might occurs
  • Trigger incorrect / unexpected value

DO

  • Understand what you’re really trying to achieve
  • Put !IsPostBack check if you’re to only set the value for one first time.
protected void Page_Load(object sender, EventArgs e)
{
    if (!IsPostBack)
    {
        //initialize the code here
    }
}

20. Putting Non-common scripts in MasterPages

DO NOT

  • Putting unnecessary / non-common scripts / codes in masterpages

WHY

  • All pages using the masterpages will be inherited the scripts
  • Inappropriate usage may cause inefficiency
  • Huge page size

DO

  • Put only what really needed to be shared across child pages
  • Consider using NestedMasterPages while part of scripts need to be inherited

 

That’s all for today’s 5 bad practices. Hope that I can compile some more and share with you again in future posts.

See you!

Posted in ASP.NET, Bad Practices | Tagged | Leave a comment

ASP.NET Bad Practices: What you shouldn’t do in ASP.NET (Part 3)

Hello everyone! Hope the first and second articles are useful to you. This is third article of ASP.NET Bad Practices: What you shouldn’t do in ASP.NET. The next five bad practices are equally important as those discussed earlier.

Some of them are related to web.config. They are as following:

11. Turning “off” Custom Error in Production

DO NOT

  • Set Custom Error to OFF in Production

WHY

  • Source code, stack trace, others info will be exposed
  • Version of ASP.NET, Servers, etc. exposed

DO

  • Of course, set it ON or RemoteOnly
  • Consider using “friendly” custom error page

 

12. Setting EnableViewStateMac=false in production

DO NOT

  • Set EnableViewStateMac = false
  • Do not set it to false even though you’re not using viewstate

WHY

enableviewstatemac

DO

  • Always set it to TRUE

viewstate_mac

 

13. Turning Off Request validation

TRY TO AVOID

  • Turning off the RequestValidation
  • RequestValidation will help to warn developer that there’s potential XSS (Cross Site Scripting) occur when it’s turned off.
  • Here’s the screenshot of the warning

request_validate

UNLESS

  • You know what you’re doing
  • Make sure that everything are properly HTML-encoded

WHY

  • It creates opportunity for Cross Site Scripting

DO

  • It’s actually on by default.
  • Use a rich editor with built-in-HTML-encoded feature

 

14. Too Much “inline” javascript / css

TRY TO AVOID

  • Writing too much inline javascript / css on the ASPX / HTML pages

WHY

  • Lack of caching
  • Code maintenance

PREFER

  • Have it on the different files
  • The files will be cached on browsers
  • *Make use of CDN (Content Delivery Network) to improve performance further

 

15. Impersonation: do you really need to do so?

TRY TO AVOID

  • Overuses / improper usage of impersonation
  • Especially, impersonate to “admin” user

WHY

  • Posing security risk
  • Prevents the efficient use of connection pooling
  • When accessing downstream databases
  • Performance degradation

DO

  • Clarify:
    • Do you really need to impersonate?
  • If you do, remember these:
    • Consider using programmatic instead of declarative impersonation
    • When impersonating programmatically, be sure to revert to the original context
  • Alternatives approaches are depending on scenarios

Some References On This Point:

 

I’ll continue to updating the post again in future, making this series of posts an awesome ones. Stay tuned.

Posted in ASP.NET, Bad Practices | Tagged | 1 Comment

ASP.NET Bad Practices: What you shouldn’t do in ASP.NET (Part 2)

This is the second article of ASP.NET Bad Practices: What you shouldn’t do in ASP.NET series of blog post. You may want to take a look at the first article here. Now let’s carry on to discuss the next 5 taboos in ASP.NET.

6. Leftover Debug Code

DO NOT

debug

*in the production

WHY

  • Longer compilation time
  • Longer code execution
  • More memory usage at runtime
  • Images and scripts are not cached

You can read the post by Scott Gu and Scott Hanselman on how serious this bad practice is.

DO

Always set debug=“false” in the production

*By default, web.config transformation will transform the debug to false during publishing. So don’t try to be naughty by turning it to true.

 

7. Improper usage of static Variable

TRY TO AVOID

Using static variable in ASP.NET improperly

UNLESS you know what you’re doing and the impact

WHY

  • Inconsistent value during concurrent access
  • It will be shared across other requests / users
  • Value might be overridden by one and another

PREFER

  • Read only scenario => use const or readonly
  • Maintaining value when post back => use viewstate
  • Maintaining value across multiple page => use session
  • To cache the data => use cache

However

Static variable is useful when:

  • Locking object to avoid multi-write synchronization
  • Global-wide level object sharing (static VS application object)

 

8. Performing heavy tasks in databound event

TRY TO AVOID

  • Calling heavy tasks in each databound event
  • Heavy tasks:
    • SQL calls,
    • Web service calls
  • DataBound Event
    • RowDataBound in GridView
    • ItemDataBound in Repeater
  • *Especially NO PAGING

WHY

It will be called N times, while N denotes page sizes

UNLESS

If your page size is relatively small. But still be careful!

PREFER

  • Using custom data source to enable server side paging
  • Generated from view (in you’re using EF)

 

9. Breaking the stack unnecessarily when you re-throw an exception

TRY TO AVOID

Breaking the stack trace unnecessarily when re-throwing exception with “throw ex”

WHY

  • Losing the original stack trace
  • It’s harder to trace back / debug which codes really causes error during production

UNLESS

You really expect the outcome

PREFER

  • “throw”
  • Wrapping up the exception with another exception while retaining the original as the inner exception

 

10. Storing clear-text password in config files

DO NOT

Storing clear-text password in config files

WHY

  • Easy to get stolen
  • Unauthorized access

DO

  • Encryption

aspnet_regiis -pe "connectionStrings" -app "/SampleApplication"

  • Combined with another mechanism such as certificate

 

Ok, I think we’re good to stop here today. Shall continue this again in the next post. See you!

Posted in ASP.NET, Bad Practices | Tagged | 1 Comment

ASP.NET Bad Practices: What you shouldn’t do in ASP.NET (Part 1)

I’ve been blogging for Windows Azure stuff for the past 3 years. Nonetheless, I’m still catching up .NET and its family pretty closely.

We’ve been listening to the best practices so far from anywhere (such as MSDN, conferences, blogs, etc.). But whether to follow the best practices or not could be another side of the story. Today, I’m gonna blog something special (at least to me). Not best practices, but bad practices. Aha! This serves as the warnings to you when developing ASP.NET application, things that you shouldn’t do in ASP.NET.

I’ve been gathered quite a few bad practices from various sources including personal experiences, feedback from colleagues, online articles and blogs, presentations, MSDN, and so many more. I’ll be discussing 5 of them first in this post will catch up more in upcoming posts.

Disclaimers!

Don’t get me wrong when you see the title. I’m not saying to use ASP.NET is a bad practice. Not even saying that ASP.NET is bad. To me, ASP.NET is awesome web development platform and I really love it. In fact, some of the web vulnerabilities or shortages has been answered and covered by ASP.NET by default.

Unfortunately, sometimes there’re always misuses, overuses, abuses, or deprecated features that we should really paying attention to. Coz they really can be timed-bomb in your house and make your days worst.

Most of them within the discussion here are ASP.NET related. However, you might see some of them are pretty generic web programming mistakes / bad practices, which also applicable in ASP.NET.

Additionally, you will also find some that are generic in .NET which applicable in others .NET app, not only applicable in ASP.NET. But I believe they’re significant enough to be in the discussion.

Alright, now let’s go for them now!

ASP.NET Bad Practices

 

1. Not Validating User Input

This is very fundamental yet frequently-made mistake. The impact might be pretty serious if it’s combined with others bad practices (discussed subsequently)

DO NOT

  • Forget to validating user input
    • Think all users are bad guys!
    • Especially Textboxes and FileUploaders

WHY

  • Potential of SQL Injection victim
  • Potential of Cross Site Scripting victim

DO

  • Validate! Validate! Validate!
    • max length
    • type (int, string, etc.)
    • special character (with Regex)
  • Double Protection
    • Client Side + Server Side
    • ASP.NET Validation Controls

 

2. Connection to database with inline SQL

DO NOT

  • Executing database command with inline SQL query and concatenated string

 

string cmd = string.Format("SELECT ProductId, ProductName, QuantityPerUnit, UnitPrice FROM PRODUCTS WHERE ProductName like ‘%{0}%’", searchText);

WHY

  • Potential of SQL Injection victim

DO

  • Cmd.Parameters.Add()
    • This is slightly better

 

sqlCmd.Parameters.Add(new SqlParameter("@ProductName", txtProductName.Text));

PREFERRED

  • Stored Procedure
  • ORM (Entity Framework / NHibernate / etc.)

 

3. User accounts privilege on database access

DO NOT

  • Give more than sufficient permission database access

WHY

  • Unauthorized access
  • If it’s SQL Injected, you will be like this:

http://images.colourbox.com/thumb_COLOURBOX3461207.jpg

DO

  • Find out what permission the app really needs
  • Give only what they need
    • Execute Store Proc only
    • Execute Table only

 

4. Paging in data controls

TRY TO AVOID

  • Using Default Paging on ASP.NET data controls
  • It’s actually depending on your data source

WHY

  • It’s bringing entire data in the table while just showing a fraction of it
  • Unnecessary round trip from web server to DB Server

UNLESS

  • When data is relatively small
  • Assess your trade-off
    • Dev effort VS performance

PREFER

  • Using custom server side paging
  • Using effective data source:
    • ADO.NET EF Data Source
  • TIPS: Use SQL Profiler to see the generated T-SQL when performing paging

 

5. Storing big objects in viewstate and sessions

TRY TO AVOID

  • Storing big / plenty objects in ViewStates and Sessions

WHY

  • Performance
  • Big size page, due to viewstate, like this:

image

  • Memory leakage on web / app server

DO

  • Know really what you need
  • Store only what you use
  • Disposing them away when no longer in used

 

Okay, that’s all for the part 1. Check out again the part 2 soon.

Posted in ASP.NET, Bad Practices | Tagged | 2 Comments

Singapore Chapter of Global Windows Azure Bootcamp–Recap

27th April 2013 was an awesome day! Why? On that day, we have events for more than 96 locations, 154 speakers, 194 sessions, and 7432 attendees. That’s what we called Global Windows Azure Bootcamp. Cool, isn’t it?

gwab

We also ran one in Singapore, participated by about 70 attendants. Although it was a rainy Saturday morning, the attendants are all very passionate. Deeply appreciate it guys!

 _N7K3642

Welcome by Wely & Faizal (AzureUG.SG Founders)

We started the event with welcome not from me and Faizal as the founders of the Windows Azure User Group Singapore. We talked briefly about how the UG was started, some statistic on Global Windows Azure Bootcamp, Sponsors, and Agendas of the day.

Windows Azure State of Union – Hammad Rajjoub

Right after the welcome note, Hammad started his session of Windows Azure – State of Union. Hammad did a great job to describe the overview of the entire Windows Azure core components and building block.

_N7K3639 _N7K3640

Windows Azure Web Sites – Faizal

The second session was delivered by Faizal about Windows Azure Web Site. The session was more demo-centric and covers many ways deploying website on Windows Azure Web Sites (code name Antares).

_N7K3657 _N7K3642

Windows Azure Mobile Service – Hammad Rajjoub

After lunch, Hammad continued his next topic about Azure Mobile Service. Regardless what mobile platform you’re using (iOS, Android, Windows Phone), Mobile Services takes care of the backend for you.

_N7K3643 _N7K3640

Designing Allocation Planning Engine with Windows Azure Cloud Services – Wely Lau

The subsequent one was my session that describe about Windows Azure Cloud Services. But I took a different approach of delivery.

The first part illustrated about the basic concept of Windows Azure Cloud Services including the roles, service model, SDK, and deployment. I believe people would love the second part more as I illustrated on of the project as the case study. How to design a cloud application with various component on Windows Azure.

 IMG_8272 IMG_8283

Windows Azure IaaS – Richard Qi

The last session was delivered by Richard Qi, the infra guy. Richard explained Windows Azure IaaS covering Virtual Machine and Virtual Network. He also covers a few possible scenario to deploy key server apps such as SQL Server and SharePoint on Azure VM.

IMG_8291 IMG_8295 IMG_8286

And here’re some of Microsoft & MVP folks, thanks for your assistance on the event as well.

 _N7K3668  

Lucky Draws

After all sessions were done, we spent some time to have the lucky draw, sponsored by global sponsor. And here are some of the winners. Congratulations Smile 

IMG_8361 IMG_8357 IMG_8337 IMG_8374

We would like to thank a lots of people to make this happen successful:

  • Global Sponsors
  • Global Organizers
  • Microsoft (especially DPE team & MVP team)
  • Fellow MVPs and volunteers

And finally here’s our group photo!

Hope to see you again in the upcoming meet-ups and event.

Cheers,

Wely

Posted in Azure, Event Recap | Tagged | 3 Comments

Windows Azure and Online Gaming

Online Gaming

For the last recent years, online gaming industry keeps growing tremendously. The advantages are very obvious:

  • reach more audience
  • lower running cost
  • anytime and anywhere access
  • and so many more

People literally port any kind of games to online space. There are poker card games (such as partypoker.com), arcade, sports, RPG, and so many more.

Perfect patterns for cloud model

Likewise some of the system that may experience burst (either predictable or unpredictable), online gaming would face the similar challenges as well.

I believe the following scenarios are not a stranger to you. They are a few patterns that suits most for cloud computing.

image image image image

Figure 1. Perfect scenario for cloud!

Case Study: Games on Windows Azure

Many gaming companies are aware of the power of the cloud and have started to build new or migrate the existing game on Windows Azure.

1. Halo 4

343 Industries

One of the very popular example would be Halo 4. Apart from using high computing power, it also uses Service Bus as messaging engine.

2. Gameizon

4000012324

Gamizone is another case study of online gaming company that utilize Windows Azure improve service, simplify IT maintenance, and obviously reduce costs.

3. Waappy

Waappy

Waappy was is online gaming company that make use of Windows Azure to accommodate the demand that grew periodically

Windows Azure Toolkit for Social Gaming

 

For those who are not aware, Microsoft also released Windows Azure Toolkit for Social Gaming, a set of guidance, samples, and tools that helps developers quickly get started building a casual or social game on Windows Azure.

  1. There are two main components of this project. First, there is the toolkit. This download contains the core services and samples needed to learn the basics of social game development. The toolkit contains several simple games and the required server APIs.
  2. The second portion of this project is the game Tankster. Tankster is a multi-player social game that is built on top of the core toolkit. The full source Tankster sample is available for download including images, audio, JavaScript, and more.

Check out the tutorial on Cloud Cover Show and an introduction to tankster here.

Download from GitHub https://github.com/WindowsAzure-Toolkits/wa-toolkit-games

Happy gaming with Windows Azure!

Posted in Azure | Leave a comment

Invitation: Global Windows Azure Boot Camp, Singapore Chapter

I’m pleased to announce AzureUG.SG (Singapore Windows Azure User Group) is taking part to conduct an Azure Boot Camp in Singapore together with other UG from more than 66+ location world-wide.

This’s gonna be an interesting one as we’re all doing one-day boot camp at Saturday, 27 April 2013!

Here’s the flyer!

flyer

Remember to register yourself at http://gwabsg.eventbrite.com.

See you!

Posted in Invitation | Leave a comment

Preserving Static IP Address in Windows Azure

It is a pretty common practice to use an IP address to provide access on whitelisting service. As an example a trading partner Contoso only allows my company Northwind to access their web service. Only the predefined IP address will be accepted by Contoso while others will be denied.

a

The question now is: Am I able to preserve the IP address of my Windows Azure application in the cloud environment? This article is to explain how to preserve a static IP address for both PaaS and IaaS.

While there is internal IP address being assigned to each VM, this article emphasizes on public VIP (virtual IP address). We don’t really care about the internal IP address since it’s invisible to external parties.

PaaS: Web and Worker Role

In PaaS, the IP address is assigned on the deployment (either production or staging) of our service package. The IP address will be stay static through the lifecycle of service deployment. As of today, there’s no way to reserve an IP address outside the lifetime of the deployment:

“Windows Azure currently does not support a customer reserving a VIP outside of the lifetime of a deployment.”

The following diagram illustrates how the deployment looks like:

b

You won’t lose your IP address

  • Operations including in-place upgrade, VIP swap, and scaling will not make you to lose your public IP address.
  • Fortunately, you will also never lose your IP Address in any case of hardware failure recovery.

You will lose your IP address

  • When you delete a deployment of a cloud service, you will lose the IP address. Windows Azure will assign you another new public IP address on the new deployment.

Thus, please be reminded that do not delete the deployment if you want your IP address to be persisted. You should always consider using in-place upgrade or VIP swap to keep the public VIP.

IaaS: Virtual Machine

There is only production deployment in IaaS Virtual Machine. The IP address is assigned when a VM attached to an empty cloud service.

c  d

The left hand side of the following figure shows the assignment of a public VIP when VM 1 is being created. The right hand side of the figure shows that there isn’t any IP address change when a new VM attached to the existing cloud service.

You won’t lose your IP address

  • Operations including vertical scale (changing size of VM) and adding new VM to cloud service will not make you to lose your public IP address.
  • Likewise PaaS, you will also never lose your IP Address in any case of hardware failure recovery.

You will lose your IP address

  • When there isn’t any VM attached to a cloud service, you will lose the IP address. This can be shown with the following figure.

e

What if you really need to delete a VM but you don’t want to lose the public VIP? The workaround is to deploy a “dummy” VM for a time being until the new deployment is done. This will ensure that your public VIP will be retained.

Conclusion

To conclude, this article explains under certain circumstances, you will lose or will not lose the public VIP of your Windows Azure service. It also covers both PaaS and IaaS on how they differs each other on deployment management. Hope this gives you better insight on managing your Windows Azure public VIP.

Posted in Azure | 4 Comments

An Awesome Experience in MVP Global Summit 2013

Aha, I’m back to Singapore after a long long flight from Seattle. The trips was actually to attend 2013 MVP Global Summit from Feb 18 – 21 in Redmond and Bellevue.

What’s MVP Global Summit?

The MVP Global Summit is a multi-day event that is hosted in Bellevue and at Microsoft headquarters in Redmond, Washington. With a large catalog of technical sessions and a variety of networking opportunities, the MVP Global Summit enables MVPs to connect with other MVPs, build relationships with Microsoft product managers, and provide feedback on Microsoft products and technologies.

Source: http://www.2013mvpsummit.com/about

Departure from Singapore

I departed from Singapore with fellow MVPs (Triston Wan, David Lim, Jeffrey Tay, Riwut Libinuko) and later joined by Alvin Lau who missed the departure flight.

It took about 6.5 hours from Singapore to Tokyo/Narita and another 9 hours from Tokyo/Narita to Seattle/Tacoma. It’s indeed a long and tiring flight. Interestingly, we departed at 08:30 AM from Singapore and arrived at 09:00 AM in Seattle because timezone difference.

MVP Showcases @ 17 Feb 2013

The registration started at 17 Feb 2013 in Hyatt Regency Bellevue where we would verify ourselves to get the conference pass. On the afternoon, there was MVP Showcases. It was awesome to see world-wide MVPS showcasing their projects and products.

My favorite one was done by Korean MVP (HugeFlow). It’s to capture our photo which automatically sync to Surface Board. We could furthermore edit the photo using different digital stamps. It will then be sent through email or printed out as hardcopy. Well, that’s pretty simple but it’s interesting!

Here’s a sample.

wely-mvp-summit

It’s all about technical sessions! 18 – 21 Feb 2013

We have very very pack sessions everyday from 8 AM till 6 PM. As most of the contents are Microsoft NDA, I’m not able to disclosed anything here Open-mouthed smile.

20130218_093449But I would say it was a very great exposure to interact with Microsoft Product Group (program managers, development leads, and top executives), understanding the product roadmap and strategy.

Here’s a shot with Scott Guthrie, Corp Vice President in Microsoft Server and Tools Business. Although at his senior position in the corporation, he is still very humble and such a nice person to chat with.

He always listens to communities and customers expectation. I believe that’s the reason why he is respected by many people in communities.

While sharing Microsoft strategy and roadmap, Microsoft also gathers various feedbacks from MVPs, the practical experts in the industry.

In addition, it was also a good chance to get to know and network with others MVPs coming from different parts of the world.

 

 

 

Parties and networking sessions

Aside of technical sessions in the morning till afternoon, we have numerous of parties and networking sessions in the evening. That varies depending on our MVPs competency and origin as well. And here are mine:

  • Sunday : We had Azure MVP Mixer Party at Tap Grill House. It was a great opportunity to meet and greet Azure MVPs, Azure Product Group, and Azure Partners / Sponsors.
  • Monday : Welcome Reception and Dinner at Hyatt Grand Ballroom. This was where by all attendees are gathered around, clustered by regions. Here we are from South-east Asia, leaded by Captain Lilian Quek.

 20130218_192527 

  • Tuesday : Another dinner in Tuesday night featuring SEA + Greater China (PRC, Taiwan, and Hong Kong) MVPs. This time was at Kobe Restaurant. It was attended by about 60+ MVPs. Here’s again Lilian’s army.

  • Wednesday : Product Group Evening Evening. This one was seriously cool and very cold as it’s winter in US! Happened in Century Link Field, a soccer field. Various activities from dinner, dancing, fire-crackers, and many more.

20130220_201942 20130220_201925

20130220_210052 20130220_210427

The last photo was with Captain Identity (who recently promoted to Admiral Identity), Vittorio Bertocci.

All in all, it was fun and enjoyable experience. Hope to attend another MVP Summit in the future.

Cheers!

Posted in Event Recap | Leave a comment

Windows Azure Virtual Machine: A look at Windows Azure IaaS Offerings (Part 2)

We’ve seen the basic concept of Azure IaaS in my last article. This article will take a deeper look at how Images and Disks are being used in Windows Azure Virtual Machine. Later in the article I’ll bring you another tutorial to let you have better understanding and hands-on experience.

There are two basic yet important concepts in Windows Azure Virtual Machine: Images and Disks. Although both of them are eventually in VHD format, there are significant differences between them.

Images

Images are virtual hard drives (VHDs) that have already been generalized (technically, beensys-prepped /generalize). They are basically templates that will be used to clone the Virtual Machine. They come without any specific settings such as computer name, user account, and network settings.

Predefined / Platform Images

Windows Azure provides numbers of predefined images including Windows and Linux. The following figure shows the predefined images on Windows Azure as of today.

VM platform images

Figure 1 – Virtual Machine Platform Images

Creating or Bringing Our Own Images

Apart from predefined image, we can actually provide our own images as well. This will be certainly useful when we want to reuse the configured VM in the future. It could be done either by capturing a running VM on Windows Azure or uploading the VHD On-Premise with CSUPLOAD.

Both techniques require us to sysprep the VHD properly. Eventually, the image should be created in the portal.

creating image from vhd

Figure 2 – Creating Image from VHD

Disk

Disks are the actual VHDs that are ready to be mounted by the Virtual Machine. There are two kinds of Disk: OS Disk and Data Disk.

OS Disk

OS Disk is a VHD that is being instantiated by an image and obviously contains operating system files. At the time a VM is being provisioned, the OS Disk will be automatically created and mounted as C:\ drive.

The default caching policy for OS Disk is enabled for ReadWrite. Meaning that, although the OS Disk is stored at Windows Azure Storage as Page Blob, there will be a caching disk sitting on the host OS. At any time reading / writing happens on the OS Disk, it will always reach the caching disk first and gradually flush them to Blob Storage. The reason why ReadWrite cache being enabled for OS Disk is because the usage pattern that Azure team expects. As the working sets of data being read and written are relatively small, it fits perfectly to have a local cache so that it can perform efficiently.

The maximum size of OS Disk is 127 GB as of today. The recommended approach is to let customers store larger data in the Data Disk.

Data Disk

Data Disk is VHD that allows us to store any data. The Data Disk can then be mounted on the VM. T As the data disks are stored in Windows Azure Blob Storage as page blobs, it inherits from the maximum size of 1 TB. However, there are limits on how many disk can be mounted. This depends on the size of Virtual Machine as presented below.

VM size for Azure VM

Figure 3 – VM Size for Azure VM
(From WAPTK – WindowsAzureVirtualMachines.pptx slide 16)

The default caching policy for Data Disk is “None” or No Cache. This means that when any reading or writing happens, it always goes directly to Blob Storage.

*Temporary Disk

Apart from OS Disk and Data Disk, there is also a temporary disk stored in the VM itself. This is used for the OS Paging file. Importantly, the disk is considered not persistent.

The following diagram illustrates how the disks are being stored in Windows Azure Storage.

How disks are stored

Figure 4 – How disks are stored

A hands-on tutorial

We have talked about the concepts above. Now let’s jump into the demo to see them in action. I assume you have gone through the tutorial in my previous article, please do so if you have not.

Attaching Disks to Virtual Machines

1. Log in to New Management Portal with your Live Id. After successfully logging in, navigate to the Virtual Machine section and you will see the Dashboard tab appear. At the bottom part of Dashboard, you will notice the “disk” section. By default, there is only one disk attached, which type is OS Disk. If you notice carefully, the OS Disk VHD refers to Windows Azure Storage URL.

Virtual Machine dashboard

Figure 5 – Virtual Machine dashboard

2. Now, click on the “Attach” button and select the “Attach Empty Disk”.

Attaching Disk to VM

Figure 6 – Attaching Disk to VM

As the dialog box show up, define the File Name as “DataDisk1” and Size as “1023”.

Attaching an Empty Disk

Figure 7 – Attaching an Empty Disk

It may take a while (2 to 3 minutes) to get the Data Disk ready.

3. Repeat Step 2 one more time.  Define File Name as “DataDisk2” and let the Size remain the same as “1023”.

4. After a while, you can see that there are two additional data disks being attached besides the original OS Disk.

OS Disk and Data Disk on VM

Figure 8 – OS Disk and Data Disk on VM

5. Click “Connect” to remote desktop inside the VM. When the RPD file is prompted, simply open it.

6. Once you have successfully remote desktopped inside the VM, open up Server Manager and expand the Storage – Disk Management Menu.

7. You might be prompted with the Initialize Disk dialog. This dialog appears since we have just attached two disks on the VM but haven’t initialized them yet. We are required to select the partition type either: MBR and GPT.  In this demo, we select “MBR” and click “OK”.

Initializing Data Disks

Figure 9 – Initializing Data Disks

Striping Volume to Data Disks in VM

The earlier section of this article mentions that the maximum size of each blob is 1 TB. People often make the mistake of thinking that the maximum size of data you can store in Azure Disk is 1 TB. This is not really true, as we can actually store up to 16 TB data (for Extra Large VM). The idea is to use Striped Volume in Windows.

8. Right click on “Disk 2″ which we have just initialized and click “New Striped Volume”.

new striped volume

Figure 10 – New Striped Volume

9. As the dialog comes up, add the “Disk 3” on the Available list and click “Add”. Click “Next” to proceed.

Adding Disk to Striped Volume

Figure 11 – Adding Disk to Striped Volume

10. Choose your preferred Drive Letter. In this example, I selected E. Click “Next”.

assign drive letter or path

Figure 12 – Assign Drive Letter or Path

11. The next step is about formatting the volume. Simply give the volume a label. In this case, I call it DATA. Click “Next” to finalize the wizard

defining format volume

Figure 13 – Defining Format Volume

12. Open up Windows Explorer, notice that the DATA Volume can take up to 2 TB size as they are basically stored in two different Data Disks.

Result of striped disk

Figure 14 – Result of striped disk

Conclusion and coming up next

We’ve seen how the image and disk being design and used in Windows Azure Virtual Machine.

In the subsequent article, we will discuss other aspects of Windows Azure IaaS in more detail such virtual network capabilities and also how PaaS and IaaS work together to bring more possibilities.

Review

Technical Reviewer: Corey Sanders, Principal Program Manager Lead, Microsoft Corporation.

References

-          Windows Azure Platform Training Kit

-          Mark Russinovich – Windows Azure IaaS: Virtual Machine and Virtual Network

-          Corey Sanders – Windows Azure IaaS and How It Works

Posted in Azure, IaaS | 1 Comment