DevOps, Gunnebo Business Solutions, Microsoft, Microsoft Azure

Microsoft LEAP: Design with Best Practices

All good things come to an end and LEAP is no exception. It was a great week full of interesting and enlightening sessions. Day 5 was a fitting end to the week with its focus on Design with best practices.

group-photo-2.jpg

Let’s get to the sessions; the day began with a keynote by Derek Martin on the topic Design for failure. Derek is a Principal Program Manager and spoke about what not to do when designing a product. He spoke about building Azure and how the lessons learned can be used to understand and anticipate challenges.

img_5039.jpg

The focus was given to managing unexpected incidents not only in the application environment but also in the cloud as a whole.

Brian Moore took over with his keynote on Design for Idempotency – DevOps and the Ultimate ARM Template. He is a Principal Program Manager for Azure. The focus of the session was on creating reusable Azure Resource Manager Templates and language techniques to optimize deployments on Azure. The intention of these reusable templates is to introduce a “Config as code” approach to DevOps.

He took his time to explain “the Ultimate ARM Template” and other key points about the template. Brian Moore explained that the Ultimate ARM Template utilized utilised any language constructs to increase the impact of minimal code. The template simply looks to simplify all of your work. It also offers a variety of benefits for all of its users to enjoy. To guarantee the efficiency of ARM, he explained the practice to avoid. It’s a template which provides you with the best options for the most effective results and lack nothing essential.

img_5044.jpg

Alexander Frankel, Joseph Chan, and Liz Kim conducted their join keynote on Architecting well-governed environment using Azure Policy and Governance after the morning coffee break.

They illustrated real-life examples of how large enterprises scale their Azure applications with Azure Governance services like Azure Policy, Blueprints, Management Groups, Resource Graph and Change History.

The next session was on Monitor & Optimize your cloud spend with Azure Cost Management and was conducted by Raphael Chacko. Raphael is a Principal Program Manager at Azure Cost Management.

The keynote’s main focus was optimizing expenditure on Azure and AWS through cost analysis, budgeting, cost allocation, optimization, and purchase recommendations. The main features of Azure Cost management were highlighted.

img_5052

It was right back to business after a quick lunch break. Stephen Cohen took over with his session on Decomposing your most complex architecture problems.

Most of the session was spent on analyzing and coming up with answers to complex architecture-related problems raised by participants. It was a very practical session and addressed many commonly faced issues.

img_5055.jpg

The next session was conducted by Mark Russinovich, the CTO of Microsoft Azure.

img_5063

Day 5 had a shorter agenda and was concluded with Derek Martin returning for another keynote on Networking Fundamentals. Derek spoke about Azure Networking Primitives and how it can be used to leverage the networking security of any type of organization using Azure environments. Azure Networking Primitives can be used in a flexible manner so that newer modern approaches to governance and security protocols can be adopted easily.

And that was it. The completion of a great week of LEAP. I hope all of you enjoyed this series of articles and that they gave you some level of understanding about the innovations being done in the Azure ecosystem.

DevOps, Gunnebo Business Solutions, Microsoft, Microsoft Azure

Microsoft LEAP: Design for Efficiency, Operations and DevOps

I just left Microsoft Headquarters after another interesting day at LEAP. Today’s topics were quite interesting, especially DevOps, because of all the innovations that are being made. I’m actually a little emotional that there’s just one more day remaining.

Banner of DevOps vector illustration concept-1
Jason Warner began the day’s session with his keynote on From Impossible to Possible: Modern Software Development Workflows. As the CTO of Github, Jason shared much of his experience regarding the topic.

The underlying theme of the keynote was on creating an optimal workflow that leads to the success of both the development process as well as the team. He pointed out the inevitable nature of modernization and said its important that the company does not become a mediocre or get worse.

IMG_20200130_075743

Before he went on to the topic of the day, Jason spoke about himself. He also didn’t hesitate to share some valuable history and information about his life. Jason Warner introduced the audience to some brief insight into the capabilities of GitHub and the success they have managed to achieve so far.

According to Jason, to ensure proper modernisation must have a workflow that consists the following; automation, intelligence and open source. Next, he identified GitHub’s ability to produce the best workflows to improve company efficiency. It didn’t end there as he continued by talking about the benefits of workflow inflation

IMG-20200130-WA0009
Abel Wang continued with the next session and his keynote was on Real World DevOps. Abel is a Principal Cloud Advocate for Azure.
This session was truly valuable as it covered the full process of a production SDLC and many other important areas such as infrastructure, DNS, web front ends, mobile apps, and Kubernetes API’s.

At the start of his presentation, Abel Wang introduced us to his team and gave a run down on some vital information about DevOps. Why do you need DevOps? Well, they are solution providers, support any language and boast a three-stage conversation process for results.

After a much-needed coffee break, we embarked on the next session on Visual Studio and Azure, the peanut butter and jelly of cloud app devs. The speaker, Christos Matskas is a Product Marketing Manager at Microsoft.

The session focused on explaining how well Azure and Visual Studio support development, live debugging, and zero downtime deployments. Christos also spoke about leveraging integrated Azure tools to modernize .Net applications.

The goal of those at Visual Studio are committed to providing developers with the best tools available. It supports all types of developers and redefines their coding experience. The great thing about Visual Studio is that they don’t rest on their laurels and are constantly in search of innovation. It even comes with a Visual Studio Live feature that allows developers share content with each other in real-time.

Evgeny Ternovsky, Shiva Sivakumar jointly conducted the next session on Full stack monitoring across your applications, services, and infrastructure with Azure Monitor. Many demonstrations were performed to overview the capabilities of Azure monitor.
The demos included monitoring VMs, Containers, other Azure services, and applications. In addition, setting up predictive monitoring for detecting anomalies and forecasting was also discussed.

Azure has a full set of services which it uses to oversee all your security and management needs. They have all the tools you need and are built into the platform to reduce any 3rd party integration. As if not enough, Azure managed to develop a set of newer features; partner integration, monitor containers everywhere, new pricing option, trouble shoot network issues later.

Screenshot_20200215-224807_Chrome

Subsequent to lunch, I joined the alternative session, which was on Artificial Intelligence and Machine Learning. The session was on the use of Azure Cognitive Services and using it with optimized scaling in order to optimize the customer care services provided organizations such as telecoms and telemarketers.
Then we were back at another joint session by Satya Srinivas Gogula and Vivek Garudi and the keynote was on the topic Secure DevOps for Apps and Infrastructure @ Microsoft Services.

IMG_20200130_091401

The speaker spoke about the wide adoption of DevOps practices and Open Source Software (OSS) and the vulnerabilities they introduce. The latter part of the session focused on best practices for secure DevOps with Azure.

The next keynote was on Transforming IT and Business operations with real-time analytics: From Cloud to the intelligent edge. It was jointly delivered by Jean-Sébastien Brunner and Krishna Mamidipaka and focussed on the challenges faced by IT and Business teams trying to understand the behavior of applications.
The speakers explained the benefits of Azure Stream Analytics to ingest, process, and analyze streaming data in order to enable better analytics.

A good example of when Azure is at its best is that it can be used for earthquake and storm predictions.

Taylor Rockey concluded the day with his keynote on MLOps: Taking machine learning from experimentation to production. MLOps is an integration between machine language and DevOps. MLOps has proven to have numerous benefits including; scalability, monitoring, repeatability, accountability, traceability and so on. This platform had impressive features that make it a first-choice for many developers.
The problems that many organizations face is the lack of proper understanding and tooling to use Machine Learning for production applications. The session focussed on the use of Machine Learning for production applications with the use of Azure Machine Learning and Azure DevOps.

And that’s a wrap. Don’t forget to tune into tomorrow’s article.

DevOps, Gunnebo Business Solutions

Microsoft LEAP: Design for Availability and Recoverability

Day 3 of Microsoft LEAP was just completed. It was a day packed with many interesting keynotes regarding improving the availability and recoverability of Azure applications. By now, you know the drill, check out my notes on Day 2 here.

Mark Fussell and Sudhanva Huruli co-hosted the opening keynote on the topic Open Application Model (OAM) and Distributed Application Runtime (Dapr). Mark has been with Microsoft for nearly 2 decades and is now a Principal PM Lead. Sudhanva is a Program Manager. Both of them work on the Azure Service Fabric platform.
The open application model was discussed in detail and the focus was on separating operational needs from development concerns.

ae7b0c80-eff0-11e9-94de-18e56bcaeff1

Mark Fussell started by describing the topology of applications which many users utilised. He also stated that developers write each application to interact with different services. Then, Mark spoke about the reason behind the creation of Dapr. It was a designed as a solution to tackle the problems of microservice development. Dapr would allow the building of apps using any language on any framework. Microsoft is already onboard to tap into benefits which it offers. It offers the benefits of enjoying stateful microservice in any language.

Sudhanva Huruli’s speech on OAM was intriguing and revealing. According to him, the OAM was a platform agnostic specification to help define cloud native applications. Users can trust it’s quality because it was built by the largest teams at Microsoft and Ali Baba. It can be applied in a number of ways. It’s benefits include encapsulating application code, offering discretionary runtime overlays, discretionary application boundaries and defines application instances.

The program is fully managed by Azure, so that you can focus on applications.

The opening session was followed by another join session by Muzzammil Imam and Craig Wilhite who hold the positions of Senior PM and PM respectively.
This keynote was on the topic of Windows Containers on AKS and it detailed the process of converting a legacy application into a cloud application and hosting it on a Windows container on an Azure Kubernetes service.

Their presentation showed that a lot of on-premise workload is done on windows; about 72%. There seems to to be a light at the end of the tunnel as there have been numerous good reviews about the Windows Container. It’s adoption is even growing steadily and there is room for more improvement. Microsoft containers will keep getting better with continuous innovation.

Kubernetes is a great option in Azure. It’s a vanguard in the future of app development and management and it can help you ship faster, operate easily and scale confidently. Azure Kebernetes Services will help you handle all the hard parts and give room a better future.

IMG_20200129_101806.jpg

After the coffee break, we were back for the next session conducted by Brendan Burns on Securing software from end-to-end using Kubernetes and Azure. Brendan is a Distinguished Engineer at Microsoft. This session focussed on continuous delivery with Kubernetes. Some of the sub-themes were continuous integration with GitHub Actions, Access Control in Kubernetes, and Gatekeeper for Kubernetes.

The last session before lunch was conducted by Jeff Hollan, a Principal PM Manager for Microsoft Azure Functions. The keynote was on Serverless and Event-Driven functions for Kubernetes and beyond. To put it simply, they seem just like the features of Kubernetes.

IMG_20200129_112049

The focus was on stateless event-driven serverless computing which is enabled by Azure functions. Many new hosting and programming models that enable new event-driven scenarios were discussed.

When used with severless, it allows developers focus on what really matters; their code. There are a variety of applications which it can be used as. Kubernetes also does well when dealing with event-driven applications

Next to speak was Kirpa Singh. He was a manager at Microservices and Performance Tuning. During his session, he spoke on what makes microservices a better option. He went on by speaking about the benefits of microservice architecture for projects. It was designed for large applications that require a high release velocity, complex applications that need to be highly scalable a, applications with rich domains or subdomains and so on. It offers users agility, focus, technology and isolation.

After lunch, we saw more of the Microsoft campus. Then it was back to the next session.
The session after the lunch break was the OSS Architecture Workshop conducted by Jeff Dailey, Patrick Flynn, and Terry Cook. One of the core themes of the workshop was Open Source stacks. They spoke about building Hybrid resilient data pipelines and infrastructure using open source. This was done through a breakout session at which the attendees were separated into groups and drafted architectures that supported both on-premise and cloud deployments.

During this session, they discussed about Open Source. But why open source? It allows easier migration, deliver poly cloud options via APIs, drives Azure consumption and so on.

Mark Brown conducted the next session on Building high-performance distributed applications using Azure Cosmos DB. He is a Principal PM in the Azure Cosmos DB Team.
The session’s key theme was building globally distributed cloud applications with high availability while ensuring extreme low latency. Many real-world demos were explored during the session and these will help us, developers, to tackle these issues in our own projects.

Hans Olav Norheim, a Principal Software Engineer, concluded the sessions for the day with a keynote on Designing for 99.999% – Lessons and stories from inside Azure SQL DB.
The session focussed on building applications with almost 100% uptime while covering design choices, principles, and lessons learned that can be used in our own projects to overcome uptime issues.

Thus were the proceedings of Day 3. I conclude my note while looking forward to the next set of sessions with the theme Design for efficiency & Operations & DevOps.
I’ll be publishing another article tomorrow.

DevOps, Gunnebo Business Solutions, Microservices, Operations, Technical

Microsoft LEAP: Accelerating Business Value

This is my third article from Microsoft LEAP and todays’ focus is the use of microservices and Kubernetes.

Containers Are Crucial For the More Essential Microservices

A very important topic that was discussed throughout the agenda of the conference was the use of Microservices and how essential they are for most applications for the business sectors. With different approaches and angles to this topic, Brendand Buns, one of Kubernetes co-founder, gave a session which focused on the use of containers for microservices. He focused on his product, Kubernetes, which is one of the best and most recommended open-source services for the use containers with the use of policies. Microservices are important due to their ability of being agile and their sophisticated architecture which helps in a faster digital offering.

Conceptual business illustration with the words microservices-1

However, currently found microservices are used on physical services which leads to many problems. This is why the use of containers is a breakthrough which gives the user a light runtime environment. It can also be used on physical or virtual servers which is a huge development compare to older technologies.

The use of containers will also help in providing better isolation, due to the use of many executions on only one operating system. Such an opportunity will aid developers in minimizing the use of many different VMs. Brendand discussed the use of Domain driven developments against using test driven developments; in terms the more relatable for businesses and how to pick the right method. Overall, the final conclusion was to reflect the scaling levels that could be reached through using Kubernetes as a service to provide containers while using microservices for your business.

The Use of Service Fabric Mesh

One popular session in the program was by Mark Fussell and Vaclav Turecek. This talk discussed the introduction of the anticipated future product called Service Fabric Mesh, with a full comparison with the currently used cloud service. Many different points have been discussed to describe the service fabric fully. However, the audience got more excited when they heard the different benefits that are met while using this new service.

1Azure20Service20Fabric20Mesh-1532006671541.png

Mark spoke about the time taken to create instances of VMs and the hassle in the whole process. This is where service fabric shines as it creates the VMs only once, allowing it to be used through the platform. More packages can be added to the cluster further on without any time consumptions. The second point tackled by Vaclav was the hosting opportunities with service fabric which is described as high-density. Which explains why the cost is lower for service fabrics, as the applications are not connected to the VMs in particular, giving a space to connect more than one application to a single VM.

Last but not least, they both discussed the flexibility of the service fabric mesh to be used with different servers or any different environments, disregarding the current existing infrastructure. They added the fact that service fabric helps in controlling the machine lifecycle. Developers were more educated on the differences between cloud technologies and whether to transfer or not.

The Touch Point: ACI and AKS

When it comes to the use of Azure Container Instances(ACI), Justin Luk, the product manager for Azure and Kuberentes, was the best pick for such content. Developers were glad to know that containers by AKS can be used with their ACIs. The containers can be quickly used when needed without any preps, saving time and effort. Instances will also be easily deleted directly after the needed work is done. AKS is used in these on-demand moments to monitor the work and control the creation and deletion process. This can help developers provide new severs instantly when needed without any hassle. When a certain problem or demand is asked for, AKS are used to reach the needed output without any extra services or products.

An Environment of AKS: Best Practices

Another session that stood out from all the Kubernetes sessions was the one conducted by Saurya Das, another product manager in Azure. This session was to reflect the success stories by some of the developers out there that used AKS in their platforms. Developers were happy to know about the multi-tenancy when using the cluster isolation. In addition, was the different network designs that could be used with their new service. These networks can also be implemented using policies, that help make the development easier and more secure. Overall, everyone in the session was satisfied to know about the scaling opportunities to expect and the strong control for monitoring and handling it possesses.

Monitoring Your Procedures Using Azure Monitoring

On the other hand, Ralph Squillace, gave a wider image and a better understanding on multi-tenancy and their use with AKS. He discussed how it is commonly mistakenly used through the AKS products itself, whereas it is actually recommended to be used in the application directly. Ralph emphasized on such points, by relating to some best practices which were mainly of SaaS products. He gave a few tips and tricks on how your service should be in terms of security, designs, policies and much more in order to be able to integrate and handle the multi-tenancy directly and easily through the application.

dashboard

Kubernetes: Guide for its Tools

The end of this section of containers being used was bent towards introducing the different operating tools that will assess developers while using kubernetes services. Bridget Kromhout was able to introduce the developers to new tools as Terraform, Helm, Draft, Brigade, Kashti and many others. These different tools were discussed thoroughly on how to use them in terms of configurations and app development. They were also helpful in scripting for event-driven operations and to manage the app fully. Developers were happy to learn how to efficiently use Kubernetes and containers for their currently existing architectures and structures.

All in all, a very on-topic and interesting day at Micrososft LEAP 2019. I look forward to the next sessions. If you have any questions, feel free to contact me at bjorn.nostdahl@nostdahl.com

Business Intellegence (BI), DevOps, Gunnebo Business Solutions, Methodology, OpenID Connect

Microsoft LEAP: Deploying for the cloud

The second day of Microsoft LEAP we focused on Deploying for the Cloud. Deploying applications in the cloud and offering Software, Platform and Infrastructure as a Service are hot topics at the moment (Well, it has been a hot topic for some time now). Choosing a good cloud provider is a very important decision to make in this process. Microsoft Azure and Amazon AWS are two of the leading cloud service providers. Since this article is based on my visit to Redmond and the LEAP keynotes, I will be looking at some of the services Azure provides.

DevOps with Microsoft Azure

Jessica Deen, the Deen of DevOps, had a great session on how DevOps is about people, process, and products. Getting it all right requires effort, but the benefits to your organization and customers can be huge. The aim of DevOps is to merge Developments, Operations and Quality Assurance for continuous delivery. DevOps is not a process or a job role. It is a total culture. You live in it. Your application lives in it.

DevOps-process-diagram-lifecycle.png

Why DevOps was created? How DevOps increase the profit of a company? DevOps mostly focus on three main areas: Reducing human errors, reduce downtime and increase productivity. With proper DevOps processes you can reduce costs and increase productivity.

There are 3 main sections in DevOps. Continuous Integration, Continuous Deployment, and Continuous learning and monitoring. Azure has a very broad ecosystem to support that. There are 5 main tools in Azure DevOps ecosystem. Those are:

  • Azure Boards
  • Azure Pipelines
  • Azure Repos
  • Azure Test Plans
  • Azure Artifacts

You can track all the development stages, from idea to release, with Azure Boards. Azure Boards gives you Kanban boards, backlogs, team dashboards, and custom reporting to track all works. This helps to keep your team aligned with all the code changes throughout the development life cycle. Azure Pipelines are available for Linux, Windows, and MacOS. It supports any language. You can build, test and deploy apps written from Java, Net, PHP, NodeJS, C/C++, Ruby, Android, iOS etc. Also, it is easily extensible. With Azure Pipelines, you can easily build and push images to container registries like docker hub and Aure container Registry.

20190129_004454653_iOS

Azure is integrated with GitHub now, and with Azure Repos, now you can have Unlimited private Git repo hosting and support for TFVC that scales from a hobby project to the world’s largest Git repositories. Azure Test Plan is expected to give you end-to-end traceability. You can Run tests and log defects from your browser. Track and assess quality throughout your testing lifecycle. Finally, with Azure Artifacts, you can Create and share Maven, npm, and NuGet package feeds from public and private sources – fully integrated into CI/CD pipelines.

Vulnerabilities and Azure Monitor

Barry Dorrans, author of “Beginning ASP.NET Security” had a great session on the vulnerabilities of applications. OWASP illustrates that developers keep making the same mistakes over and over again, but what about more esoteric vulnerabilities. Actually, Microsoft releases a report called Microsoft Bulletin about their vulnerabilities. Microsoft has particularly mentioned about 8 vulnerabilities and their actions and process to fix them in one of their latest conferences. Some of them are:

  1. Hash DoS
  2. Padding Oracle
  3. SharePoint ViewState RCE
  4. Exchange RCE
  5. Infinite Regex DoS

It’s not the time for a detailed study of them. But it’s good to have some understanding of it. Let’s discuss a couple of them.

breakpoint-in-the-form-of-binary-code-3D-illustration-1.png

Hash DoS is a denial of service attack caused parsing to form inputs. Let’s take an example to understand it. Assume a scenario where all form fields with A would go into slot A. To get a value back you go to the slot and look through everything. The more A fields there are the longer it takes. If you can force everything into a single slot then lookups will take more and more CPU which leads to DoS. Microsft advice not to use user inputs as dictionaries unless the user input is a string or a Hash Code for the user input is strong and you implement a session key. In the Padding Oracle, there will be a cryptographic attack to disclose information. You can avoid it by Not exposing padding oracles and Not returning detailed errors.

Azure Monitor service gives you full visibility across your App & your Infrastructure Health. Catherine Wang and Michael Milirud took us through how Azure Monitoring helps us discovering and fix issues with Diagnostics and Analytics tools. That’s not all. It tracks KPIs and proactively optimizes end-user experience. It is built around three concepts.

  • Unified Monitoring – A common platform for all metrics, logs, and another monitoring telemetry.
  • Data-Driven Insights – Advanced diagnostics and analytics powered by machine learning capabilities
  • Partner Integration – the Rich ecosystem of popular DevOps, issue management, SIEM, and ITSM tools

Power BI

Sergei Gundorov took us through a great keynote on Business Decisions and reminded us how most decisions are made from data. If you have better ways to analyze and present data, you can make better decisions. Microsoft introduced Power BI for business analytics. It is intended to be for both small and big businesses. But Power BI is not just a self-service tool for business analysts. Power BI has introduced many tools which enable you to analyze and visualize data very quickly. A striking feature of Power BI is its Ability to create and share reports.

With the introduction of Power BI embedded in Azure, now you can integrate power BI capabilities with your cloud application ever so smoothly. It drastically simplifies creating reports, visuals, dashboards in your app. Meanwhile, Power BI Embedded API allows developers to customize how intelligence is added to their applications.

Investor analyzing stock market report and financial dashboard with business intelligence (BI), with key performance indicators (KPI).png

Let’s see how Power BI Embedded have made integration easier. Power BI contents can be embedded in any application. It relies on web standards such as HTML5 and JavaScript. It works in web applications, mobile applications, and even thick client applications. SDK resources support many development platforms such as C#, JavaScript, TypeScript.

We discussed DevOps, Monitoring and Power BI here. There are more to add. Deploying your application in a good cloud service provider will make life easier. This article intended to give you an explanation about the current trends in the cloud world. Particularly, how Microsoft has improved their cloud business. There are other cloud services who provide similar functionalities. For example, Google and Amazon that also have a huge set of services.  I look forward to the next LEAP sessions, and as always – If you have any questions, feel free to contact me at bjorn.nostdahl@gunnebo.com