Next week I will
travel across the pond again to speak at Experts Live Europe 2019. I am excited
to reunite with many friends and fellow Microsoft MVPs in the Microsoft
community. I am honored to be a part of this conference again. I will be
speaking about Azure, participating in Ask the Experts as a cloud expert, and
will sit on an Azure Stack Hub panel.
Here are the details
for the sessions I will be a part of:
Master Azure with VS Code
22nd of November, 3:30pm – 4:20pm
There are many ways
to work with Azure and its services including the: Azure portal, CloudShell,
Azure CLI, and Azure REST APIs. And there are even more tools to choose when it
comes to working with other services on Azure such as Docker, Kubernetes and more.
It can be overwhelming to decipher what Azure tool to use for your day-to-day
Azure administration and deployment.
VS Code to the
rescue!!!! You can deploy and administer Azure and supporting services direct
from VS Code through the plethora of extensions built for Azure. These
extensions can be used to work with ARM Templates, Storage, App Service,
Docker, Azure Kubernetes Service, Functions, Logic Apps, Event Hub, Cosmos DB,
and more. Also, VS Code brings CloudShell directly in so you can work from a
Azure Stack Experts Panel
21st of November, 5:00pm – 5:50pm
Join this global list of Azure Stack Experts for an open question and answer session as we discuss real-world scenarios.
include: Kristopher Turner Global Azure Stack Hub CSA, Dino Bordonaro Microsoft
Azure MVP, and Thomas Maurer Cloud Advocate at Microsoft.
These days the growth of Kubernetes is on fire! Azure Kubernetes Service (AKS) Microsoft’s managed Kubernetes offering is one of the fastest-growing products in the Azure portfolio of cloud services with no signs of slowing down. For some time me and two fellow Microsoft MVPs Janaka Rangama (@JanakaRangama) and Ned Bellavance (@Ned1313) have been working hard on an Azure Kubernetes Service (AKS) book. We are excited that the book has been finished and is currently in production. The publisher Apress plans to publish it on December 28th, 2019.
Besides my co-authors, we had additional rock stars to help with this project. For the Tech Review, we had the honor to work with Mike Pfeiffer (@mike_pfeiffer) Microsoft MVP, Author, Speaker, CloudSkills.fm podcast and Keiko Harada (@keikomsft) Senior Program Manager – Azure Compute – Containers. Shout out to them and huge thanks for being a part of this!
We also had the honor of the foreword being written by Brendan Burns (@brendandburns) Distinguished Engineer at Microsoft and co-founder of Kubernetes. A shout out to him and a world of thanks for taking the time to help with this project!
In this book, we take a journey inside Docker containers, container registries, Kubernetes architecture, Kubernetes components, and core Kubectl commands. We then dive into topics around Azure Container Registry, Rancher for Kubernetes management, deep dive into AKS, package management with HELM, and using AKS in CI/CD with Azure DevOps. The goal of this book is to give the reader just enough theory and lots of practical straightforward knowledge needed to start running your own AKS cluster.
For anyone looking to work with Azure Kubernetes Service or already working with it, this book is for you! We hope you get a copy and it becomes a great tool you can use on your Kubernetes journey.
BITCon is back in Minnesota this year. The event is shaping up to be another great one! This year BIT locked in the mayor of Minneapolis to keynote one of the days!
The conference also has a new website. The new website is https://bitcon.tech. It will be held at multple locations again through Minneapolis and Saint Paul.
I have the honor to speak at the event again. I will be giving one session and will potentially sit on a panel.
Here is the information on my session:
When: Friday, October 11 • 1:45pm – 3:00pm
Title: Azure DevOps + VS Code + Teams = Perfect Match
Description: For anyone getting started with or already working with Azure managing your cloud environments through Infrastructure as Code (IaC) with ARM Templates at some point is guaranteed.
There are many extensions available to optimize VS Code for an enhanced ARM Template authoring experience. Discover how to integrate your Azure DevOps CI/CD pipeline with Teams for enhanced collaboration across your DevOps team. Get updates directly in a Teams channel for commits, pull requests, and learn how to work with an Azure DevOps Kanban board directly from Teams.
Come to this session and see why Azure DevOps + VS Code + Teams = Perfect Match.
What you will learn:
About the various ARM Template related extensions in VS Code
How to integrate Microsoft Teams with Azure DevOps
A few months back I blogged about Azure DevOps and Teams intergration here. It was a popular blog so I decided to turn this into a presentation with demos!
In my day to day I do cloud foundations work helping companies with their Azure governance and management. On projects we will develop a tagging strategy. A tagging strategy is only good if it is actually used. One way to ensure that tags are used is by using Azure Policy to require tags on resource groups or resources.
In the past I have used the deny effect in an Azure Policy to require tags upon resource creation. I basically use the template as previously blogged about here: http://www.buchatech.com/2019/03/requiring-many-tags-on-resource-groups-via-azure-policy. This policy works but can be a problem because the error that is given when denied during deployment is not clear about what tags are required. Also, folks think it is a pain and slows down the provisioning process.
I set out to require tags using a different method. The idea was to use the effect append vs deny so that resources without the proper tags would be flagged as non-compliant and the policy would add the required tags with generic values. Someone from the cloud team could then go put in the proper values for the tags bringing the resources into compliance. Th end result was that the effect append does work remediating with a single tag but falls down when trying to remediate using multiple tags.
I discovered that this behavior was intended and that the append effect only supports one remediation action (i.e. one tag). On 9-20-19 Microsoft updated the modify effect so that Modify can handle multiple ‘operations’ – where each operation specifies what needs to be remediated.
Now let’s walk through using the modify effect in an Azure Policy to add multiple tags on a resource group.
You will need to start off by coding your Azure Policy definition template. There are three important parts you need to ensure you have in template. You need to have modify effect for the proper effect, roleDefinitionIds as this is the role that will be used by the managed identity set as contributor, and operations to tell Azure policy what to do when remediation out of compliance resources.
Moving an Azure VM from one virtual network (VNet) to another VNet is not a new problem. If you find yourself having to do this just know it is a pain. Anyone that has faced the Vnet-to-Vnet VM Move conundrum before knows that moving a VM to another subnet is a trivial task and would think a VM move to another VNet would be the same. However, when it comes to moving a VM to a new VNet there is no supported way to do this from Microsoft and that is by design. There are some workarounds to moving a VM to a new VNet but in the end these boil down to redeploying the VM. When moving a VM to a new VNet you will need to plan for downtime.
In this blog post, I am not going to go through the steps of the workarounds for moving a VM to a new VNet. There are plenty of other blog posts out there covering how to do this manually or using ASR. If you want to read up on this there is one article I keep bookmarked by Microsoft MVP Tim Warner that you can find here. In this blog post, I am going to share and talk about a PowerShell script I pulled together to make the Vnet-to-Vnet VM Migration less painful by automating it. Download link is at the end of this blog post. I put together the script to work with PowerShell 5 using the AzureRM Module and one that works with PowerShell 7 (Core) using the AZ module.
Again, in general, the script is not moving the VM. The script is facilitating a migration of sorts by creating a new VM in new VNet while retaining the original VMs configuration and data disks. Here are the steps that are performed in the script:
(1) Gathers info on existing VM, VNet, and subnet. (2) Removes the original VM while saving all data disks and VM info. (3) Creates VM configuration for new VM, creates nic for new VM, and new availability set. (4) Adds data disks to new VM, adds nics to new VM, adds VM to the new VNet. (5)Creates new VM and adds the VM to the new VNet.
Let’s look at some other general information about the script. The script is a single script that has code for both PowerShell 5 using the AzureRM Module and PowerShell 7 (Core) using the AZ module. When you run the script it prompts you to choose what Azure module you are using. The script is interactive so it will prompt you to log in and prompt you for your Azure subscription in case you are running multiple subscriptions. The script is intended to migrate a single VM. It assumes the VM is deployed into an availability set and will migrate to a new availability set or in the existing availability set. You can also migrate to a new resource group or place the new VM in the existing resource group. Ok. Let’s dive into running the script. Here is a walk-through of running the script.
Open PowerShell and run Vnet-to-Vnet VM migration.ps1.
You will first be prompted for the following information:
Enter the Resource Group of the original VM: Enter the original VM name: Enter the new VM name: Enter the new availability set name: Enter the new VNet resource group: Enter the new VNet name: Enter the new Subnet name:
Next, you will be prompted to select your PowerShell version and Azure module as shown in the following screenshot.
The main differences
between PowerShell 5 using the AzureRM Module and PowerShell 7 (Core) using the
AZ module are the interactive login methods as well as cmdlets. Here are
screenshots of the different logins.
PowerShell 5 with AzureRM Module:
A window will pop up
for you to log into your Azure account.
Next a grid will pop
up for you to select your subscription from the list.
PowerShell 7 (Core) with AZ module:
A warning will pop up prompting you with the device login info. To log into Azure go to https://microsoft.com/devicelogin and entering the code the warning gave you as shown in the screenshot.
List of your subscriptions will output. Go ahead and copy the subscription ID you plan to use. NOTE* Ignore this if you only have one subscription.
You are prompted to enter your subscription ID. This is to set the PowerShell session to the specified Azure subscription. Again ignore this if you only have 1 subscription. Note if you leave it blank and click enter it will error. Even with the error, it will finish the rest of the script just fine.
Next in both PS 5 or
PS 7 you will see the following prompt confirming that you want to remove the
specified original VM. Confirm yes and press enter.
Virtual machine removal operation This cmdlet will remove the specified virtual machine. Do you want to continue? [Y] Yes [N] No [S] Suspend [?] Help (default is “Y”): Y
NOTE* the rest of the script will run. It will take a while so be patient. As it runs you should see some output similar to this:
WARNING: Since the VM is created using premium storage or managed disk, existing standard storage account, diagstwfyhhi3jyz54e, is used for boot diagnostics. VERBOSE: Performing the operation “New” on target “VMMove012”.
When it is all said
and done if it was successful you will see:
RequestId : IsSuccessStatusCode : True StatusCode : OK ReasonPhrase : OK
That’s it. Now go
into the Azure portal and you will see that your VM is moved to a new VNet and
will have the data disks still. Check out the following screenshots for an
example showing what the resource groups look like before and after the script
Recently Microsoft announced they have 13 million daily users in Teams outpacing Slack. You can read about this announcement here: https://www.theverge.com/2019/7/11/20689143/microsoft-teams-active-daily-users-stats-slack-competition. There are many reasons Microsoft Teams has seen tremendous growth since its launch. I use Teams daily across all of my projects. In this post, I am going to write about one that has been exciting and useful for me. In this post, I am going to explore the integration with Microsoft Teams and Azure DevOps.
Are you working on Azure? If so, you are
probably working with ARM Templates for Infrastructure as Code (IaC). Azure
DevOps can help you centralize DevOps teams IaC ARM Templates. In addition, you
will want to use VS Code and Microsoft Teams. There are many extensions in VS
Code for ARM Templates. With Teams, you can integrate with Azure DevOps to
track commits, pull requests, and even 2-way integration with Kanban boards.
Within Microsoft Teams you can add what is called “Apps”. These Apps are how you extend Teams and or integrate with other systems. This is how you integrate with Azure DevOps. Before we dive into this there are two important prereqs to note.
#1 You can only
integrate a Teams channel with Azure DevOps when they both exist in the same
Azure Active Directory tenant organization.
#2 Your Teams needs to
be a part of an Office 365 account. The free version of Teams does have an
Azure Pipelines app but does not have the Azure DevOps app that gives you full
2-way integration. The Azure Pipelines app is for notifications while the Azure
DevOps app is for full collaboration.
Here are the high-level steps to integrate a
Teams channel with the Azure DevOps App.
In your Teams channel go to Manage Team and
then click on Apps.
Click on More Apps.
Search for Azure DevOps and click on it.
Input your Teams channel in the field next to
Add to a team and then click on Install. This will load the Azure DevOps app
into your teams’ channel. Note this needs to be done for each teams’ channel if
you want this integration across multiple channels.
Next click the Set up button next to the
feature you want to configure and use. The following screenshot shows the 3
It has been a while since presenting on Azure Stack. On June 26th I will be presenting on “Azure Stack 101 in 45 minutes” at an Azure Virtual Day Camp for a D365 user group. Here is a link to the main site:
In July I will be co-presenting with Kyle Weeks at the Minnesota Azure User Group on Azure Management. The session is titled “Scale Matters: Policy + Azure Management Groups”. Come check out this session if you want to go through what Azure Management Groups are, how they scale to any complexity and the best part… how to do this with policy configurations + Azure blueprints + RBAC. Here is a link to register for the meeting:
For anyone working with Azure sooner or later, you will end up authoring Azure Resource Manager (ARM) Templates. Working with ARM templates, in the beginning, can seem painful but once you get the hang of them it is a great way to build out and deploy your Azure as code. In this blog post, I am not going to go into detail on authoring ARM Templates. In this blog post, I am going to list out the extensions that I use in VS Code to enhance the ARM Template authoring experience. Recently whenever I am demoing or showing others my ARM Templates in VS Code they ask me how they can also make their VS Code look like mine when working with ARM Templates. I figured it makes sense to write up a blog about how I have my VS Code configured for ARM Templates.
If you are not using VS code, you should change that and start using it today! I use it pretty much for any scripting such as PowerShell, coding, any time I need a text editor and more. I even use it to work directly with Azure via cloud shell and to work with Docker containers and Kubernetes clusters. Here is a quick snapshot of what VS Code is for anyone not familiar with it. VS Code is an open source – code editor developed by Microsoft that is cross-platform able to run on Windows, Linux and macOS. At a high level here is what VS Code includes:
Has support for hundreds of languages.
Has Integrated Terminal.
Powerful developer tool with functionality, like IntelliSense code completion and debugging.
Includes syntax highlighting, bracket-matching, auto-indentation, box-selection, snippets, and more.
Integrates with build and scripting tools to perform common tasks making everyday workflows faster.
Has support for Git to work with source control systems such as Azure DevOps, Bitbucket and more.
Large Extension Marketplace of third-party extensions.
can see there is a ton of stuff you can do with VS Code. VS Code is a must have
for anyone doing CloudOps work with Azure and more. Now let’s look at the VS
Code extensions I use for ARM Templates. I am including the link for each
extension I will talk about. You can also simply load these right in VS Code.
The Azure Resource Manager Tools extension provides language support for ARM Templates and language expressions. It can be used to create and edit Azure Resource Manager templates. High-level features include:
ARM Template Outline.
Support for built-in ARM functions, Parameter references, Variable references, resourceGroup() properties, subscription() properties, and more.
Bracket matching, Errors/Warnings and more.
natively supports JSON. Azure Resource Manager Tools makes VS Code ARM Template
aware. One of the biggest benefits it gives me is the ARM Template Outline
making it much easier and faster to navigate the sections of an ARM Template.
Here is what it looks like.
Next up is two
extensions that both should be added. It is Material Theme and Material Theme
extension gives you some very cool themes and works in combination with the
Azure Resource Manager Tools extension to give you the new color coding of your
ARM Template code. The color coding highlights different parts of the ARM
Template code such as parameters, variables, functions and more making it much
easier to read through all of the code in ARM templates. Here is an example:
This extension adds
a nice set of icons to your VS code. This extends beyond just ARM Templates.
Again this makes it visually easier when navigating around VS code and ARM
Templates. I typically use a PowerShell deployment script to deploy ARM
Templates from VS Code into Azure. This icon them makes it easy to see ARM
Template files and PowerShell files.
Here is a what it
looks like without and with the Materials Icon Theme.
The final extension I want to cover is ARM Snippets. This extension was developed by Sam Cogan (@samcogan) a fellow Microsoft MVP. In addition to the aforementioned marketplace link for this extension, you can find Sam’s Github repo for it here https://github.com/sam-cogan/arm-snippets-vscode.
This extension adds
snippets to VS Code for creating Azure Resource Manager Templates. This is
helpful when you are working in VS Code and need to add something to your
template for example a parameter, resource etc. You simply type arm and a menu
appears with a list of the available snippets. For example if you want to add a
virtual machine you could type arm-vm and a list of Windows and Linux VM
resources snippets will appear. Click on the one you want and it will add the
code block for you. This makes authroing templates much-much faster. This is
shown in the following screenshot:
Skeleton ARM Template (Note: This will load a skeleton for a fresh new ARM Template.)
Windows and Linux Virtual Machines
Azure Web Apps
Virtual Networks, Subnets and NSG’s
Network Interfaces and IP’s
Note that the ARM Snippets extension is derived from the Cross Platform Tooling Samples. The Cross Platform Tooling Samples are a set of templates, snippets, and scripts for creating and deploying Azure Resource Management Templates in cross-platform environments. It sounds like this is updated more often and worth looking into loading. It does not have a friendly installer though like the ARM Snippets extension does though. Here is the link to the Cross Platform Tooling Samples Github repo: https://github.com/Azure/azure-xplat-arm-tooling
a screenshot of what your ARM Templates will look like after loading all of the
extensions mentioned in this blog post into your VS Code.
That wraps up this
blog post. I hope this is helpful to those out there working with ARM Templates
in VS Code. If you have any additional tips to share please add a comment.
I recently read a Career Advice for IT professionals in 2019 article and was reminded again by a friend and fellow MVP’s on his blog that “Change is always constant in IT.
Part of being an IT professional is keeping an eye on and ramping up on new technology. Change in IT is constant and it is critical to explore new technology so you can bring innovation to your organization and ensure you are ready if the business decides they want to use a specific technology to gain an edge in the market.
With all the excitement around Blockchain, I decided to spend time ramping up on Azure’s Blockchain technology specifically Azure Blockchain Workbench. Azure Blockchain Workbench is a way for developers and IT pros to get A blockchain network up and running quickly.
Once Azure Blockchain Workbench is up and running IT pros can administrator the network and developers can dive right into building blockchain apps. Most people that have heard of blockchain are familiar with cryptocurrency such as Bitcoin. Most people don’t know of or associate blockchain with smart contracts. Azure Blockchain Workbench powers smart contract technology. A smart contract is a self-executing contract between two or more parties involved in a transaction. Getting started with Blockchain can seem intimidating but with Azure Blockchain Workbench it is not hard to get started. I wrote a white paper that you can use to get started and takes you beyond cryptocurrency into the world of smart contracts using Azure Blockchain Workbench.
The white paper covers the following:
Explorers blockchain beyond cryptocurrency
Has an in-depth overview of Ethereum and smart contracts
Helps identify when and what to use blockchain for?
Almost every day when you go to a news website, a news program on the radio or news on the TV you can expect to hear some mention of Cryptocurrency and increasingly something about Blockchain.
Blockchain has a strong buzz and yet it is still misunderstood by many. It is an exciting time for technology and blockchain is one of the many reasons why. Blockchain is a public distributed digital ledger. Transactions between parties are processed in an efficient, verifiable and immutable way using cryptography. Transactions are tracked without a central entity such as a bank processing and keeping a record of the transactions. The ledger in a Blockchain is distributed across many nodes in the Blockchain network. Each time a transaction occurs the ledger is reconciled across all the nodes.
The Blockchain you typically
hear about is related to some cryptocurrency such as Bitcoin, Litecoin, or
Ripple. Blockchain goes way beyond this and is a technology that is being
widely explored in use by some enterprises. Here are some examples of
Blockchain in use within the enterprise. Microsoft’s Xbox uses Blockchain to
deliver royalty statements to game publishers, FedEx uses Blockchain for
storing shipping records, and 3M is using Blockchain for a new
label-as-a-service concept. The commonality those examples is that they are
using Blockchain smart contract technology.
A smart contract is a self-executing contract between two or more parties involved in a transaction. A smart contract holds each party in the transaction responsible without the need for a third-party authority. Smart contracts are essentially code running on top of a blockchain that are digitally facilitated, verified, and auto-enforced under the set of terms laid out within the contract.
Opposite of Blockchain used
for cryptocurrency Blockchain used for smart contracts enable more complex
scenarios beyond the exchange of digital currency. To illustrate an example of
a Blockchain smart contract think about being able to buy and sell cars without
a DMV processing the exchange of titles but instead the exchange of the title
being verified and transferred digitally.
In today’s fast-moving world
of technology, it is important to be able to take your solution from idea to
MVP aka 0 to 60 as fast as possible. That is the goal of the Azure Blockchain
Workbench (ABW). As shown in the following image with ABW you can literally go
from idea>consortium blockchain network>code/use pre-built blockchain
app>Blockchain app ready to use in a short amount of time.
When I first started
with Blockchain I was able to go from nothing to a fully functional Blockchain
app in a couple of hours using ABW. As seen in the previous image ABW is made
up of a combination of Azure services and capabilities. The main services
An App Service Plan with two web apps and two web APIs
An Application Insights instance
An Event Grid Topic
A couple of Key Vaults
A Service Bus Namespace
A SQL Server with a SQL Databases
A couple of Azure Storage accounts
Two Virtual Machine scale sets that consist of the ledger
nodes and workbench microservices
A couple of virtual Network
resource groups that contain Load Balancers, Network Security Groups, Public IP
Address, and Virtual Network, VNet peering, and Subnets
Other components leveraged by
ABW are Azure Active Directory for identity, Azure Monitor (optional), and log
analytics workspace for logging (deployed with Azure Monitor), a mobile app for
both iOS and Android along with a REST-based gateway service API to integrate
to blockchain apps. Workbench provides the infrastructure needed to build and
deploy blockchain applications so when you deploy ABW it includes everything
you need. As of now ABW only supports Ethereum as its target blockchain.
Microsoft has plans to add Hyperledger and Corda Blockchains in the future.
ABW is designed to make it
easy for developers to bring Blockchain to the enterprise. ABW is deployed in
the Azure Portal via a solution template. You can deploy Ethereum or attach to
an existing one. After the Blockchain Workbench is deployed developers have the
option to either create a Blockchain app or use one of the Applications
and Smart Contract Samples from a repository maintained by
These Blockchain apps consist of a configuration metadata and smart contract. The configuration metadata file is in JSON format and determines the multi-party workflow the smart contract is in a language named Solidity and determines the business logic of the Blockchain application itself. The configuration and smart contract together make up the Blockchain application user experience. The Applications and Smart Contract Samples can be used as is to take Blockchain for a test run or can be modified to fit an organization’s specific need. As an example, some of the information you can modify with the configuration is application name, display name, state, and application roles.
As you can see it is relatively easy to get a Blockchain application up and going. Another real benefit to running a Blockchain application on Azure is the integration points with many of the other services available on Azure. Here are a few examples. ABW writes a copy of the Blockchains on-chain data from the Blockchain distributed ledgers to an off-chain SQL database. Developers can connect to this database to work with the Blockchain data for any number of scenarios one of them could be reporting in Power BI. The Workbench has a REST API, Service Bus, IoT Hub, and Event Grid that could be used for integration with other technology such as IoT devices, other systems, and Azure Streaming Analytics to further expand the possibilities. With the Blockchain workbench developers also have access to one of Azures automation tools called Logic Apps opening the door to a world of further automation scenarios.
There is much more to the Azure Blockchain Workbench then can be covered in a single blog. The main point of this post is to show how a developer can go from 0 to 60 within a short amount of time with minimal effort to stand up the scaffolding needed to support a Blockchain app. For a deeper dive into the Azure Workbench it is recommended to download my Blockchain Beyond Cryptocurrency whitepaper once it is released. Thanks for reading. To get started with the Azure Blockchain Workbench visit this link: https://azure.microsoft.com/en-us/features/blockchain-workbench