Azure Arc Announcement

Microsoft released an 87 page “Book of New” listing the announcements  from this weeks Ignite Conference and right at the top is Azure Arc. It’s not just alphabetical order that put’s this new product here, in my opinion this is a real step forward by Microsoft towards fulfilling the early promise of their Azure Hybrid Cloud model.

Arc’s first feature provides the ability to run Azure data services – Azure SQL Server and friends- on any platform, be it on-premises, on an edge device, or in the public cloud. We saw VMware advertising this from their point of view in the VMworld Europe keynote this week. Bringing Platform-As-A-Service to your own platform, or those at another cloud provider, is an interesting concept and vital to the idea of a true hybrid environment where you can run any app on any cloud.

Whilst Azure stack provided “Azure consistent hardware” in your datacentre, Azure Arc continues this journey – in essence expanding what “Azure consistent” means to the customer in terms of data services.

Azure Arc also extends the security, governance and management from Azure into other environments – coming back to a single architecture.

Azure hybrid innovation anywhere infographic

For me this is the key feature of this technology. With Azure Arc sitting at the heart of the Azure Hybrid model we’re one step closer to that utopia where the datacentre is abstracted away in the same way that virtualisation abstracted away the server hardware. You can do this abstraction in the public clouds, but there are still workloads that have regulatory, financial, or technical reasons for staying on-premises (or even a different public cloud) and until now managing these alongside Azure has meant two different platforms.

 image

Previously Azure Stack (and to a certain extent Azure Stack HCI) came close to providing this true hybrid functionality for Microsoft but there was still a disconnect- you have to visit a separate Azure portal to manage your on-premises Azure Stack “Region” for example.

In the Arc environment, an Azure agent is deployed to non-Azure VMs (or physical servers) and then they appear on the Azure Portal as a regular resource. Policies can be applied and compliance audited (remediation is expected in the “next few months”). The people in your Security Team who got excited about what was possible with Policies in Azure can now apply the same policy features to VMs in your datacentre and from the same interface.

image

As I implied above, this is still a journey in progress and I believe Microsoft have further to travel down this roadmap, but this is definitely a big step along their way and provides very useful features now and promise of an even brighter future.

As you would expect, there’s a number of recorded sessions at Microsoft Ignite 2019 covering this new product following it’s announcement in the keynotes. If you’re interested in finding out more I would suggest starting with BRK2208 : Introducing Azure Arc. Azure Arc is currently available in Preview and usable from the portal today.

image

VMworld Europe 2019-Day 1 Keynote Highlights

VMworld Europe is happening in Barcelona this week, and today saw the annual Tuesday keynote start the morning off. I’m not amongst the 14,000 attendees from 111 countries at the event this year, so I’m recapping the highlights from the comfort of the sofa thanks to the online broadcast.

PG-Welcome-VMworld2019As has become normal for this European keynote, Jean-Paul Brulard (Senior VP and GM for VMware EMEA) welcomed the audience and introduced CEO Pat Gelsinger to deliver the core of the session. Pat focused on how digital technology has permeated all areas of our life and looked into the future to see how technologies such as AI and 5G will continue to accelerate this development.

VMware’s vision of Any Device, Any Application, and Any Cloud continues to be refined year on year- and the show looked at how VMware works to help provide consistence to the technologists trying to master the breadth of applications, clouds,  and devices in the modern world.

The product features started with Joe Beda being brought onstage to talk Kubernetes. VMware’s new Tanzu portfolio of products is designed to help build, run, and manage Kubernetes in the enterprise and is sold as a product to help both developers and IT. This section included the announcement of the betas of  Project Galleon which takes the Bitnami catalogue to the enterprise and Project Pacific which is vSphere rearchitected with Kubernetes at it’s core. VMware’s Tanzu Mission Control product which helps manage Kubernetes deployments on any platform has reached Private Beta.

image

In the hybrid cloud arena, VMware Cloud Director Service has been introduced to allow the 4000 VMware Cloud Provider Partners (VCPP) to provision the infrastructure from the hyperscale clouds to their customers. This is available on AWS and IBM clouds today and expected in Azure by the end of the year.

The VMware on AWS platform is continuing to be developed- now available in 4 times the number of regions that it was a year ago, and the Outposts product getting closer to being delivered which will open up AWS zones in customer datacentres. When Tanzu ships next year it will be also feature on the VMWonAWS platform.

rJr0l480_400x400Microsoft also got a mention, VMware are partnering there to provide the HCX migration tools on Azure, and integrating Workspace One with Microsoft Endpoint Manager. Azure SQL 2019 on VMware vSphere is an interesting concept- providing the public cloud database service but on-premises.

Staying on-prem, the private cloud is covered with VMware Cloud on Dell EMC is now available – this couples VMware Cloud Foundation with Dell’s VXRail hardware to provide Datacentre-as-a-Service.

NSX, the “secret sauce” of previous VMworld keynotes, continues to develop- the acquisition of AVI Networks providing load balance capabilities and software-defined intrusion detection to bring features only seen within the datacentre in special purpose devices or next-gen firewalls right down into the hypervisor and adjacent to the applications.

Sanjay Poonen (COO) interspersed customer chats in amongst the presentation and towards the end took centre stage to discuss VMware’s security stance.  Their strategy is to provide proactive security whilst tying the network security, endpoint security, cloud security, identity, and analytics together. The Carbon Black acquisition closed between the US and Europe events and this technology will be layered into vSphere, Workspace One, and NSX, providing agentless antivirus protection and threat detection.

There’s a wide range of announcements here- and whilst a lot of the content is similar to the US event back in August, albeit further along the roadmap- it sets up for a good week in Barcelona. You can tune in to the full keynote (1 hour 48 minutes) on Youtube.

246520-vmworld2019-contentcatalog-eu-blank-1600x250

Improving Documentation via the Community.

Have you ever had to deal with incorrect documentation? Or been frustrated by a typo? Or been annoyed that a how-to guide uses an old version of an interface?

Now you can fix it!

Many software providers are now using community-editable documentation online. This isn’t a Wikipedia style free-for-all, but a carefully moderated process ensuring that the resulting document is accurate.  If you come across an error in an online doc, or even a PowerShell help page, check and see if you can submit edits.

Continuous deployment pipelines mean that these edits can make it into live documentation in a matter of hours or days- impressive times if you’ve ever submitted an errata to a printed book, or submitted a bug request to get online documentation fixed.

docs.Microsoft.com

If you visit a Microsoft docs page, you’ll see an Edit link at the top of the screen (see (1) in the screenshot below). Clicking on this takes you to a page on Github with the source of the document. Click there to edit the file and a git fork will be made under your own profile- make your edits and submit a merge request and, once approved, your updates will appear in the original website. You’ll even get a little credit (see (2) in the screenshot below) for your contribution.

image

In this particular example I was following the step-by-step guide and noticed that the wording in the document no longer matched the Azure Portal. I was quickly able to suggest a fix and later that day the page was updated and anyone else following the instructions wouldn’t be misled. Two minutes of my time hopefully saved ten minutes of head-scratching by someone else.

VMware PowerCLI Example Scripts

As the name suggests, the source code for some example PowerCLI scripts has been published by VMware supported by members of the #vCommunity. If you find an error in the scripts you can pop over to Github and correct them- and remember this isn’t just the code of the script, but also it’s accompanying documentation.

image

In this example a typo in the get-help file was spotted and quickly corrected. Whilst the spelling mistake wasn’t a show-stopper this shows how quick and easy it is to contribute to these projects without being a coding guru.

Summary

Many of these projects use Github and learning how to use that version control platform isn’t arduous- especially for small changes like these- and is a useful skill to pickup if you don’t already have it. The important message here is you don’t need to be a developer to contribute to the code.

So, next time you spot a mistake in documentation, see if you can fix it yourself and help the next person who comes along.

Azure: Deploy a WebApp with PowerShell

A quick runthrough on using PowerShell to deploy a new WebApp. ASP.NET code for the website has been zipped up (into myapp.zip) and this code snippet will upload it to a new WebApp, hosted in a new App Service Plan and a new Resource Group.

From a local PowerShell session use Connect-AZAccount before running this code to sign-in to Azure. Alternatively this code can be run (with the exception of the upload itself) from the Cloud Shell directly in the Azure Portal.

The code also writes out the URL of the resulting WebApp and the PowerShell necessary to tear down the resources when they are no longer required.

#Set some parameters
$location="UK South"
$resourceGroupName= “rsg-myapp”
$webAppName=”web-myapp”
$appServicePlanName=”asp-myapp”
$codeZIPPath=”C:\myapp.zip”

#Create Resource Group
"-- Creating Resource Group"
New-AzResourceGroup -Location $location -Name $resourceGroupName -tag $Tags

#Create ServicePlan
"-- Creating Service Plan"
New-AzAppServicePlan -ResourceGroupName $resourceGroupName -Name $appServicePlanName -Location $location -Tier Free

#Create Web App
"-- Creating Web App"
New-AzWebApp -ResourceGroupName $resourceGroupName -Name $webAppName -Location $location -AppServicePlan $appServicePlanName

#Upload the web code
"-- Uploading Web App Code"
Publish-AzWebApp -ResourceGroupName $resourceGroupName -Name $webAppName -ArchivePath $codeZIPPath –Force

#Show user code to destroy this (useful for testing)
#  and the website that has been created.
"-- Tidy Up Code: "
" Remove-AzResourceGroup -Name $resourceGroupName"
"-- Website: "
"-- https://$WebAppName.azurewebsites.net"

"-- Done"

The resulting website can be viewed just by pointing a browser at the given URL. The created resources can be checked in the Azure portal:

image