-1

I would like to make Worker Role in azure that handles some behind the scene processing for a web role. In the web role i would like to upload a plugin (a DLL most likely) which becomes avalible for the worker role to use.

What about security? If i was to let 3th party people upload a dll to my azure worker role. Can i do anything to limit what it can do. Would not be nice if they could take control over the management API or something like this.

I am new to azure and exploring if its a platform to use for this project.

Last question, i noticed that i could remote desktop my cloud service. Could i upload binary programs to that and call that from the worker role aswell? (another kind of plugin).

Poul K. Sørensen
  • 16,950
  • 21
  • 126
  • 283

3 Answers3

1

Try the Azure Plugin Library by Richard Astbury!

astaykov
  • 30,768
  • 3
  • 70
  • 86
1

There are a few things you might want to look at. Let's assume your Worker Role is an empty shell. After starting the Worker Role you could start a timer that runs every X minutes to get the latest assemblies from a blob storage container for example.

You can download these assemblies to a folder and use MEF to scan them and import all objects implementing IWorkerRolePlugin for example (this would be a custom interface you would create). MEF would be the best choice when you want to work with plugins. You could even create a custom catalog that directly links with a blob storage container.

Now about the security part. In your Worker Role you could for example create a restricted AppDomain to make sure these plugins can't do anything wrong. This code should get you started: Restricted AppDomain example

Sandrino Di Mattia
  • 24,739
  • 2
  • 60
  • 65
  • That sounds like what i need. Already know about MEF and just need to check out the security. Also a good idea about downloading the dlls to a folder on the shell (assuming the shell is just the VM that the role resist within). – Poul K. Sørensen Sep 01 '12 at 20:23
  • If you decide to download the assemblies to a folder, consider using a LocalResource for this. – Sandrino Di Mattia Sep 01 '12 at 20:30
  • Im new to azure and are not sure what you are referencing by Localresource – Poul K. Sørensen Sep 01 '12 at 21:48
  • A LocalResource represents a directory on the file system where it's safe to write (you can't simply choose to write anywhere you want). – Sandrino Di Mattia Sep 01 '12 at 22:08
  • Coming back one year later, having a follow up. Alot better at Azure now, but was wondering. Is there anyway to limit such plugins/sites cant use the RoleEnvironment class? – Poul K. Sørensen Jul 05 '13 at 01:16
  • I'm looking to do similar - would it not perhaps be even more robust to use MAF? http://stackoverflow.com/questions/835182/choosing-between-mef-and-maf-system-addin – Kram Jul 22 '14 at 12:32
0

Sounds like Lokad.Cloud is just what you need.

It has an execution framework part which consists of worker roles capable of running what they have named a Cloud Service. It comes with a web console which allows you to add new CloudService implementations by uploading assemblies, and if you configure it to allow for Azure self management you can also adjust the number of worker instances through the web console.

Alex A.
  • 2,646
  • 22
  • 36
  • As the solution above, it looks like being a simple solution to implement this with MEF, and therefore i think i will write my own little role rather then depending on 3th party. Thanks for the tip – Poul K. Sørensen Sep 03 '12 at 05:49
  • Makes sense. Note however that it is open source, so you can make it at much yours as you want. – Alex A. Sep 03 '12 at 16:37