Towards the end of 2019, I had the opportunity to be the sole Tech Reviewer on an Azure Azure Strategy and Implementation Guide. This is the third edition of this guide so it has really current Azure information. It was authored by former MVP and now Microsoft trainer Peter De Tender (@pdtit) and others.
This guide gives a step by step introduction to using Azure
for your cloud infrastructure. The guide also covers an overview of Azure
benefits and best practices for planning your migration, assistance with cloud
architecture and design choices, and insight on how to manage and optimize your
new cloud environment.
The best part is that this guide is free! Get your copy
At Experts Live Europe 2019 I presented a session titled “Master Azure with VS Code”. This was a fun session with an engaging audience that took to twitter after the session. There was some chatter asking this session was recorded. It was not. I did note that I planned to write a blog post on this topic.
Here is that blog post and it is the first one of 2020 for me! In this post, we are going to dive into how VS code is helpful when working with Azure and many extensions I find useful when working with Azure. This post is not set to be an end-all to using VS Code with Azure but from my experience. Use this post as a starting point or a reference for expanding your use of VS Code with Azure. Also, check out the many other community experts and Microsoft MVPs for their additional knowledge plus tips and tricks on this topic.
VS Code Overview
First off if you are not using VS Code stop reading this right now, go download it and install it then come back to finish reading. 🙂 VS Code is a must-have in your toolbox and it is free! For those that are new to VS Code, it is an open-source – code editor developed by Microsoft that runs on Windows, Linux, and macOS. Here is a shortlist of the many benefits of VS Code:
Has support for hundreds of languages.
Has Integrated Terminal.
Also powerful developer tool with functionality, like IntelliSense code completion and debugging.
Includes syntax highlighting, bracket-matching, auto-indentation, box-selection, snippets, and more.
Integrates with build and scripting tools to perform common tasks making everyday workflows faster.
Has support for Git to work with source control.
Large Extension Marketplace of third-party extensions.
Note that yes, VS
Code is for the “IT Pro”. Not just developers.
Azure Extensions in VS Code
VS Code has a ton of
extensions in general. There are a number of Azure specific extensions and you
can work with Azure directly from VS Code.
If you go to the VS Code Marketplace here: https://marketplace.visualstudio.com/vscode and search on Azure you will see results for many published by Microsoft and many community based extensions for Azure. As of the time of writing this blog post, there are 93. Here is a screenshot showing some of the results:
You can also go
directly to the Azure Tools extension from Microsoft here:
In the rest of this post, I am going to share some key extensions I use with Azure. I will post the marketplace links at the end of each extension I talk about and if it is maintained by community or Microsoft.
Deploy to Azure using VS Code
It is important to
note that not all of the Azure extensions available in VS Code can be used to
deploy to Azure. Some can but most can’t here is a list of the services that
you can deploy to from extensions in VS Code.
Build and manage Azure Functions serverless apps directly in VS Code with the Azure Functions extension.
Azure resources directly in VS Code with the Azure App Service extension.
Deploy your website using a Docker container.
deploy, and update a website using a terminal and the Azure CLI.
deploy, and update a static website on Azure Storage.
NOTE: This list is current at the time of
writing this blog post. This will change over time.
Azure Cloud Shell in VS Code
Cloud Shell is something you should be using with Azure to make your life easier. It is an interactive command-line shell. You are authenticated to your Azure account when you launch it, It typically runs in the browser and is used for managing Azure resources. When you launch it you can choose the shell experience that best for you, either Bash or PowerShell. With VS Code you can launch Cloud Shell directly in VS Code!
Cloud Shell is a part of the Azure
Account extension. Here are some key points on using Cloud Shell with VS
Free (storage consumed has costs.)
Launch Azure Cloud Shell directly in VS
Launch Bash, PowerShell, or Upload.
Works in the Integrated Terminal.
Azure and open-source Tooling in Cloud Shell:
Azure Tools: blobxfer Azure CLI and Azure classic CLI Azure Functions CLI AzCopy Service Fabric CLI Batch Shipyard
You get the following PowerShell modules in Cloud Shell: Azure Modules (Az.Accounts, Az.Compute, Az.Network, Az.Resources, Az.Storage) Azure AD Management (Preview) Exchange Online (In development) MicrosoftPowerBIMgmt SqlServer
This course is a part of the AZ-400 path for the AZ-400: Microsoft Azure DevOps Solutions certification to become a Microsoft Certified: Azure DevOps Engineer Expert.
In this course you will be prepared to use Azure Monitor, including Application Insights and Log Analytics to monitor and optimize your web applications.
Also in this course, Microsoft Azure DevOps Engineer: Optimize Feedback Mechanisms, you’ll learn how to monitor and optimize your web applications. First, you’ll learn how to use Application Insights and Log Analytics. Next, you’ll explore analyzing alerts and telemetry data. Finally, you’ll discover how to perform tuning to reduce noise. When you’re finished with this course, you’ll have the foundational knowledge of how to use Azure Monitor to optimize feedback mechanisms and improve your web application.
Next week I will
travel across the pond again to speak at Experts Live Europe 2019. I am excited
to reunite with many friends and fellow Microsoft MVPs in the Microsoft
community. I am honored to be a part of this conference again. I will be
speaking about Azure, participating in Ask the Experts as a cloud expert, and
will sit on an Azure Stack Hub panel.
Here are the details
for the sessions I will be a part of:
Master Azure with VS Code
22nd of November, 3:30pm – 4:20pm
There are many ways
to work with Azure and its services including the: Azure portal, CloudShell,
Azure CLI, and Azure REST APIs. And there are even more tools to choose when it
comes to working with other services on Azure such as Docker, Kubernetes and more.
It can be overwhelming to decipher what Azure tool to use for your day-to-day
Azure administration and deployment.
VS Code to the
rescue!!!! You can deploy and administer Azure and supporting services direct
from VS Code through the plethora of extensions built for Azure. These
extensions can be used to work with ARM Templates, Storage, App Service,
Docker, Azure Kubernetes Service, Functions, Logic Apps, Event Hub, Cosmos DB,
and more. Also, VS Code brings CloudShell directly in so you can work from a
Azure Stack Experts Panel
21st of November, 5:00pm – 5:50pm
Join this global list of Azure Stack Experts for an open question and answer session as we discuss real-world scenarios.
include: Kristopher Turner Global Azure Stack Hub CSA, Dino Bordonaro Microsoft
Azure MVP, and Thomas Maurer Cloud Advocate at Microsoft.
These days the growth of Kubernetes is on fire! Azure Kubernetes Service (AKS) Microsoft’s managed Kubernetes offering is one of the fastest-growing products in the Azure portfolio of cloud services with no signs of slowing down. For some time me and two fellow Microsoft MVPs Janaka Rangama (@JanakaRangama) and Ned Bellavance (@Ned1313) have been working hard on an Azure Kubernetes Service (AKS) book. We are excited that the book has been finished and is currently in production. The publisher Apress plans to publish it on December 28th, 2019.
Besides my co-authors, we had additional rock stars to help with this project. For the Tech Review, we had the honor to work with Mike Pfeiffer (@mike_pfeiffer) Microsoft MVP, Author, Speaker, CloudSkills.fm podcast and Keiko Harada (@keikomsft) Senior Program Manager – Azure Compute – Containers. Shout out to them and huge thanks for being a part of this!
We also had the honor of the foreword being written by Brendan Burns (@brendandburns) Distinguished Engineer at Microsoft and co-founder of Kubernetes. A shout out to him and a world of thanks for taking the time to help with this project!
In this book, we take a journey inside Docker containers, container registries, Kubernetes architecture, Kubernetes components, and core Kubectl commands. We then dive into topics around Azure Container Registry, Rancher for Kubernetes management, deep dive into AKS, package management with HELM, and using AKS in CI/CD with Azure DevOps. The goal of this book is to give the reader just enough theory and lots of practical straightforward knowledge needed to start running your own AKS cluster.
For anyone looking to work with Azure Kubernetes Service or already working with it, this book is for you! We hope you get a copy and it becomes a great tool you can use on your Kubernetes journey.
BITCon is back in Minnesota this year. The event is shaping up to be another great one! This year BIT locked in the mayor of Minneapolis to keynote one of the days!
The conference also has a new website. The new website is https://bitcon.tech. It will be held at multple locations again through Minneapolis and Saint Paul.
I have the honor to speak at the event again. I will be giving one session and will potentially sit on a panel.
Here is the information on my session:
When: Friday, October 11 • 1:45pm – 3:00pm
Title: Azure DevOps + VS Code + Teams = Perfect Match
Description: For anyone getting started with or already working with Azure managing your cloud environments through Infrastructure as Code (IaC) with ARM Templates at some point is guaranteed.
There are many extensions available to optimize VS Code for an enhanced ARM Template authoring experience. Discover how to integrate your Azure DevOps CI/CD pipeline with Teams for enhanced collaboration across your DevOps team. Get updates directly in a Teams channel for commits, pull requests, and learn how to work with an Azure DevOps Kanban board directly from Teams.
Come to this session and see why Azure DevOps + VS Code + Teams = Perfect Match.
What you will learn:
About the various ARM Template related extensions in VS Code
How to integrate Microsoft Teams with Azure DevOps
A few months back I blogged about Azure DevOps and Teams intergration here. It was a popular blog so I decided to turn this into a presentation with demos!
In my day to day I do cloud foundations work helping companies with their Azure governance and management. On projects we will develop a tagging strategy. A tagging strategy is only good if it is actually used. One way to ensure that tags are used is by using Azure Policy to require tags on resource groups or resources.
In the past I have used the deny effect in an Azure Policy to require tags upon resource creation. I basically use the template as previously blogged about here: http://www.buchatech.com/2019/03/requiring-many-tags-on-resource-groups-via-azure-policy. This policy works but can be a problem because the error that is given when denied during deployment is not clear about what tags are required. Also, folks think it is a pain and slows down the provisioning process.
I set out to require tags using a different method. The idea was to use the effect append vs deny so that resources without the proper tags would be flagged as non-compliant and the policy would add the required tags with generic values. Someone from the cloud team could then go put in the proper values for the tags bringing the resources into compliance. Th end result was that the effect append does work remediating with a single tag but falls down when trying to remediate using multiple tags.
I discovered that this behavior was intended and that the append effect only supports one remediation action (i.e. one tag). On 9-20-19 Microsoft updated the modify effect so that Modify can handle multiple ‘operations’ – where each operation specifies what needs to be remediated.
Now let’s walk through using the modify effect in an Azure Policy to add multiple tags on a resource group.
You will need to start off by coding your Azure Policy definition template. There are three important parts you need to ensure you have in template. You need to have modify effect for the proper effect, roleDefinitionIds as this is the role that will be used by the managed identity set as contributor, and operations to tell Azure policy what to do when remediation out of compliance resources.
Moving an Azure VM from one virtual network (VNet) to another VNet is not a new problem. If you find yourself having to do this just know it is a pain. Anyone that has faced the Vnet-to-Vnet VM Move conundrum before knows that moving a VM to another subnet is a trivial task and would think a VM move to another VNet would be the same. However, when it comes to moving a VM to a new VNet there is no supported way to do this from Microsoft and that is by design. There are some workarounds to moving a VM to a new VNet but in the end these boil down to redeploying the VM. When moving a VM to a new VNet you will need to plan for downtime.
In this blog post, I am not going to go through the steps of the workarounds for moving a VM to a new VNet. There are plenty of other blog posts out there covering how to do this manually or using ASR. If you want to read up on this there is one article I keep bookmarked by Microsoft MVP Tim Warner that you can find here. In this blog post, I am going to share and talk about a PowerShell script I pulled together to make the Vnet-to-Vnet VM Migration less painful by automating it. Download link is at the end of this blog post. I put together the script to work with PowerShell 5 using the AzureRM Module and one that works with PowerShell 7 (Core) using the AZ module.
Again, in general, the script is not moving the VM. The script is facilitating a migration of sorts by creating a new VM in new VNet while retaining the original VMs configuration and data disks. Here are the steps that are performed in the script:
(1) Gathers info on existing VM, VNet, and subnet. (2) Removes the original VM while saving all data disks and VM info. (3) Creates VM configuration for new VM, creates nic for new VM, and new availability set. (4) Adds data disks to new VM, adds nics to new VM, adds VM to the new VNet. (5)Creates new VM and adds the VM to the new VNet.
Let’s look at some other general information about the script. The script is a single script that has code for both PowerShell 5 using the AzureRM Module and PowerShell 7 (Core) using the AZ module. When you run the script it prompts you to choose what Azure module you are using. The script is interactive so it will prompt you to log in and prompt you for your Azure subscription in case you are running multiple subscriptions. The script is intended to migrate a single VM. It assumes the VM is deployed into an availability set and will migrate to a new availability set or in the existing availability set. You can also migrate to a new resource group or place the new VM in the existing resource group. Ok. Let’s dive into running the script. Here is a walk-through of running the script.
Open PowerShell and run Vnet-to-Vnet VM migration.ps1.
You will first be prompted for the following information:
Enter the Resource Group of the original VM: Enter the original VM name: Enter the new VM name: Enter the new availability set name: Enter the new VNet resource group: Enter the new VNet name: Enter the new Subnet name:
Next, you will be prompted to select your PowerShell version and Azure module as shown in the following screenshot.
The main differences
between PowerShell 5 using the AzureRM Module and PowerShell 7 (Core) using the
AZ module are the interactive login methods as well as cmdlets. Here are
screenshots of the different logins.
PowerShell 5 with AzureRM Module:
A window will pop up
for you to log into your Azure account.
Next a grid will pop
up for you to select your subscription from the list.
PowerShell 7 (Core) with AZ module:
A warning will pop up prompting you with the device login info. To log into Azure go to https://microsoft.com/devicelogin and entering the code the warning gave you as shown in the screenshot.
List of your subscriptions will output. Go ahead and copy the subscription ID you plan to use. NOTE* Ignore this if you only have one subscription.
You are prompted to enter your subscription ID. This is to set the PowerShell session to the specified Azure subscription. Again ignore this if you only have 1 subscription. Note if you leave it blank and click enter it will error. Even with the error, it will finish the rest of the script just fine.
Next in both PS 5 or
PS 7 you will see the following prompt confirming that you want to remove the
specified original VM. Confirm yes and press enter.
Virtual machine removal operation This cmdlet will remove the specified virtual machine. Do you want to continue? [Y] Yes [N] No [S] Suspend [?] Help (default is “Y”): Y
NOTE* the rest of the script will run. It will take a while so be patient. As it runs you should see some output similar to this:
WARNING: Since the VM is created using premium storage or managed disk, existing standard storage account, diagstwfyhhi3jyz54e, is used for boot diagnostics. VERBOSE: Performing the operation “New” on target “VMMove012”.
When it is all said
and done if it was successful you will see:
RequestId : IsSuccessStatusCode : True StatusCode : OK ReasonPhrase : OK
That’s it. Now go
into the Azure portal and you will see that your VM is moved to a new VNet and
will have the data disks still. Check out the following screenshots for an
example showing what the resource groups look like before and after the script
Recently Microsoft announced they have 13 million daily users in Teams outpacing Slack. You can read about this announcement here: https://www.theverge.com/2019/7/11/20689143/microsoft-teams-active-daily-users-stats-slack-competition. There are many reasons Microsoft Teams has seen tremendous growth since its launch. I use Teams daily across all of my projects. In this post, I am going to write about one that has been exciting and useful for me. In this post, I am going to explore the integration with Microsoft Teams and Azure DevOps.
Are you working on Azure? If so, you are
probably working with ARM Templates for Infrastructure as Code (IaC). Azure
DevOps can help you centralize DevOps teams IaC ARM Templates. In addition, you
will want to use VS Code and Microsoft Teams. There are many extensions in VS
Code for ARM Templates. With Teams, you can integrate with Azure DevOps to
track commits, pull requests, and even 2-way integration with Kanban boards.
Within Microsoft Teams you can add what is called “Apps”. These Apps are how you extend Teams and or integrate with other systems. This is how you integrate with Azure DevOps. Before we dive into this there are two important prereqs to note.
#1 You can only
integrate a Teams channel with Azure DevOps when they both exist in the same
Azure Active Directory tenant organization.
#2 Your Teams needs to
be a part of an Office 365 account. The free version of Teams does have an
Azure Pipelines app but does not have the Azure DevOps app that gives you full
2-way integration. The Azure Pipelines app is for notifications while the Azure
DevOps app is for full collaboration.
Here are the high-level steps to integrate a
Teams channel with the Azure DevOps App.
In your Teams channel go to Manage Team and
then click on Apps.
Click on More Apps.
Search for Azure DevOps and click on it.
Input your Teams channel in the field next to
Add to a team and then click on Install. This will load the Azure DevOps app
into your teams’ channel. Note this needs to be done for each teams’ channel if
you want this integration across multiple channels.
Next click the Set up button next to the
feature you want to configure and use. The following screenshot shows the 3