Go Windows Azure Client Library

Merge lp:~julian-edwards/gwacl/licence-readme-etc into lp:gwacl

  1. licence-readme-etc
  2. Merge into trunk
Proposed by Julian Edwards
Status: Merged
Approved by: Julian Edwards
Approved revision: 212
Merged at revision: 209
Proposed branch: lp:~julian-edwards/gwacl/licence-readme-etc
Merge into: lp:gwacl
Diff against target: 202 lines (+148/-24)
3 files modified
HACKING.txt (+102/-2)
LICENSE (+16/-0)
README (+30/-22)
To merge this branch: bzr merge lp:~julian-edwards/gwacl/licence-readme-etc
Reviewer Review Type Date Requested Status
Jeroen T. Vermeulen (community) Approve
Review via email: mp+177989@code.launchpad.net

Commit message

Clean up of licence info and add a lot more info to HACKING and README.

To post a comment you must log in.
Revision history for this message
Jeroen T. Vermeulen (jtv) wrote :
Download full text (4.1 KiB)

Oh, this is very nice. Just the overview people will need.

A few odds and ends:

37 +Role instances are virtual machine resources. Many instances may exist in a
38 +deployment (and hence hosted service) but if there is more than one they are
39 +intended to be running the same load balanced application via the service;
40 +they must all share the same DNS entry and open endpoints.

Calling them virtual machine "resources" seems confusingly vague. Isn't a role instance essentially a virtual machine?

Also, is it really true that multiple VMs are meant to run the same application in a load-balanced configuration? My understanding was that you might just as well have different components of the same application (e.g. database, application process, httpd) running on different VMs in the same service. The wording here seems to rule that out.

Might it be more accurate to say that a hosted service exposes one application on the internet, and it may comprise multiple virtual machines for load-balancing and/or different components of the application?

Also, I wouldn't say they "must" all share the same DNS entry — they all share the same DNS entry and the same IP address, and there's no way around it. As for endpoints, they can of course have their own port mappings on that same IP address (and possibly load-balanced shared endpoints, but I never read the documentation for that part).

42 +For this reason, if you want several separate resources, you must create a
43 +separate service, deployment and role instance for each.

"Resources" again is very vague. If there are resources I want to share and ones I don't want to share, this sentence leaves me completely in the dark about what to do.

48 +Each service can only see as much of each other service as any public observer
49 +does. It's possible to place them in a private network so they are
50 +effectively on a share LAN segment with no firewall.

I think these two sentences would fit together more clearly with a "However." The second sentence is a way to escape the limitations laid out by the first, so there's a clear contrast. It's not a case where the second sentence follows naturally on the first.

52 +In Azure this is called a "virtual network". The virtual network must be
53 +defined before any services are created, and then supplied at service creation
54 +time. The virtual network can be assigned any valid networking range which
55 +becomes private to all the virtual instances defined to use it.

The "before any services are created" is a bit ambiguous, to the extent that "any services" here means "any services that will use the virtual network." How about "You can define a virtual network, and supply it when you create a service. This will attach the service to the virtual network for the service's entire lifetime." Some people dislike addressing the reader directly, but it beats having most of the text in passive voice.

Another thing that may puzzle the unschooled reader is "any valid network range which becomes private to all the virtual instances defined to use it." (Where "virtual instances" should probably be "virtual machines"). It reads as if something happens t...

Read more...

review: Approve
lp:~julian-edwards/gwacl/licence-readme-etc updated
212. By Julian Edwards

tweaks as per review

Revision history for this message
Julian Edwards (julian-edwards) wrote :

Ok I've tweaked things. Not always exactly as you want because you like dangling prepositions and they are generally considered bad form :)

Thanks for the review!

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
=== modified file 'HACKING.txt'
--- HACKING.txt 2013-07-19 14:44:21 +0000
+++ HACKING.txt 2013-08-01 07:52:29 +0000
@@ -20,8 +20,108 @@
20.. _Bazaar: http://bazaar.canonical.com/20.. _Bazaar: http://bazaar.canonical.com/
2121
2222
23API philosophy23Overview of Azure
24--------------24-----------------
25
26Computing services
27^^^^^^^^^^^^^^^^^^
28
29Azure was originally designed as SaaS for Microsoft Windows and later amended
30to allow individual virtual machines to run up with Linux distributions.
31Some remnants of this SaaS architecture remain today, and understanding them
32is crucial to understanding how GWACL works when spinning up virtual
33instances.
34
35There are three main components to any virtual instance:
36
37 * A hosted service
38 * A deployment
39 * A role instance
40
41Hosted services are the "top level" of a virtual resource. Each one
42contains up to two deployments, and has its own DNS entry and firewall
43settings (known as "endpoints" in Azure). The name of the service forms the
44DNS entry as "<name>.cloudapp.net".
45
46Deployments are Azure's abstraction of whether something is running on its
47staging or production environment. They are only exposed in the API and not
48the web management UI. Deployments contain one or more role instances.
49
50Role instances are virtual machines. Many instances may exist in a deployment
51(and hence hosted service) but if there is more than one they are intended to
52be running components from the same application and they will all share the
53same DNS entry and open endpoints. Thus, a hosted service exposes a single
54application on the internet and may be composed of multiple role instances
55for load balancing and differing components.
56
57For this reason, if you want several separate applications, you must create a
58separate service, deployment and role instance for each.
59
60Networking across hosted services
61^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
62
63Each service can only see as much of each other service as any public observer
64does, however it's possible to place them in a private network so they are
65effectively on a share LAN segment with no firewall.
66
67In Azure this is called a "virtual network". The virtual network must be
68defined before any services that use it are created, and then associated at
69service creation time. The virtual network can be assigned any valid
70networking range which is then private to all the virtual instances defined to
71use it.
72
73Storage services
74^^^^^^^^^^^^^^^^
75
76Azure supports data storage which is accessed separately to role instances
77and hosted services. This is organised into several components:
78
79 * A storage account
80 * Containers within an account
81 * Blobs inside containers
82
83A storage account can be created via the web management UI or API. Its name
84forms the DNS entry for that storage as "<name>.blob.core.windows.net".
85
86A container forms the next, and only, level of indirection under the account.
87You cannot have a container under a container. Containers control the
88default privacy of files therein.
89
90Blobs are the actual files in the storage. They can be of two main types:
91
92 * Block blobs
93 * Page blobs
94
95Block blobs are used for sequential access and are optimised for streaming.
96Page blobs are used for random access and allow access to ranges of bytes in a
97blob.
98
99The full URL to a file in a storage account looks like:
100
101 https://<accountname>.blob.core.windows.net/<containername>/<blobname>
102
103
104RESTful API access
105------------------
106
107There are two API endpoints for Azure, the management API and the storage API.
108Each also uses its own authentication method:
109
110 * x509 certificates for the management API
111 * HMAC signed request for the storage API
112
113The GWACL code hides most of this complexity from you, it just requires the
114cerificate data for the management API access, and the storage key for storage
115API access.
116
117The storage key can be fetched either from the management UI, or management
118API call.
119
120Generating x509 certificates is explained in the :doc:`README <README>`
121
122
123GWACL's API philosophy
124----------------------
25125
26API functions in the library should take a single struct parameter, which126API functions in the library should take a single struct parameter, which
27itself contains one or more parameters. Existing functions that do not follow127itself contains one or more parameters. Existing functions that do not follow
28128
=== added file 'LICENSE'
--- LICENSE 1970-01-01 00:00:00 +0000
+++ LICENSE 2013-08-01 07:52:29 +0000
@@ -0,0 +1,16 @@
1GWACL - Go API for talking to Windows Azure.
2
3Copyright 2012-2013, Canonical Ltd.
4
5Except where explicitly noted, all files herein are part of GWACL.
6
7GWACL is free software: you can redistribute it and/or modify it under the
8terms of the GNU Lesser General Public License as published by the Free
9Software Foundation, either version 3 of the License, or (at your option) any
10later version.
11
12This program is distributed in the hope that it will be useful, but WITHOUT ANY
13WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
14PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
15
16See COPYING for the full terms of the GNU Lesser General Public License.
017
=== modified file 'README'
--- README 2013-07-22 14:14:42 +0000
+++ README 2013-08-01 07:52:29 +0000
@@ -3,11 +3,8 @@
3===========================================3===========================================
44
55
6(Work In Progress)6How to generate an x509 key to talk to Azure
77--------------------------------------------
8
9Generate an x509 key to talk to Azure
10-------------------------------------
118
12Azure requires that API clients use an x509 certificate to authenticate to the9Azure requires that API clients use an x509 certificate to authenticate to the
13management API. Create the certificate with::10management API. Create the certificate with::
@@ -27,20 +24,31 @@
27You can now upload ``azure.cer`` to Azure as a management certificate.24You can now upload ``azure.cer`` to Azure as a management certificate.
2825
2926
30Licensing27Using the key in GWACL
31---------28----------------------
3229
33Except where explicitly noted, all files herein are part of GWACL.30GWACL requires the key in the .pem file, so make sure you keep that file
3431around. The .cer file can be deleted as you won't need it again, and it's easy
35GWACL is free software: you can redistribute it and/or modify it under32to regenerate if you want to re-upload it.
36the terms of the GNU Lesser General Public License as published by the33
37Free Software Foundation, either version 3 of the License, or (at your34
38option) any later version.35Example programs
3936----------------
40GWACL is distributed in the hope that it will be useful, but WITHOUT ANY37
41WARRANTY; without even the implied warranty of MERCHANTABILITY or38Storage
42FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public39^^^^^^^
43License for more details.40
4441The storage example is a stand-alone tool which allows the user to manipulate
45You should have received a copy of the GNU Lesser General Public License42a storage account::
46along with GWACL. If not, see <http://www.gnu.org/licenses/>.43
44 go run example/storage/run.go --help
45
46Management
47^^^^^^^^^^
48
49The management example is a piece of code that starts up a new role instance,
50optionally pauses so you can play with it, and then shuts everything down
51again. It is intended to be useful for testing the library itself, but also
52serves as an example of how to use the GWACL API::
53
54 go run example/management/run.go -cert <your pem file> -subscriptionid <your Azure subscription ID> [-wait]

Subscribers

People subscribed via source and target branches

to all changes: