New ebook – Azure Arc enabled Kubernetes for Multicloud on O’Reilly

After 6 books with many authors from Packt, APress, & Sams/Pearson I finally had the chance to author a book with O’Reilly. This is an ebook so it can be found and read on the O’Reilly online platform.

It is a great platform that I use personally for my own learning. On their platform, you can find ebooks, books across many publishers (most of my books are on there), video training, and even live training.

This book brings together 4 exciting technologies/topics including Azure, Kubernetes, GitOps, and multi-cloud. The book is shorter than my typical books since it is an ebook. It is only 35 pages and is designed for fast & easy consumption to get an overview of the technology and get an early start.

In this book, we take a journey into one of Microsoft’s newest cloud services Azure Arc enabled Kubernetes (Arc K8s). We explore what Azure Arc K8s is, how it extends the Azure control plane to Kubernetes clusters to manage, secure, and govern them, as well as how GitOps sits are the core of application deployment to Kubernetes clusters and a driver of consistent configuration management for Kubernetes clusters.

Azure Arc is a Microsoft product that promises to extend the Azure control plane for Kubernetes across multiple clouds and on-premises, but how does it do this? In this ebook we will dissect Azure Arc K8s and how it becomes a secret weapon for managing Kubernetes clusters across on-premises, multiple clouds, and regardless of your own rolled Kubernetes clusters or managed services based Kubernetes clusters such as GKE, EKS, etc. I also want to give a shout-out to Michael Levan for reviewing this ebook!

Key Areas from the ebook include:

-Understand the new management challenges that multicloud brings
-Learn how Azure Arc drives consistent governance, security, and management across multicloud
-Gain valuable insights into Microsoft’s Azure ARM control plane for Kubernetes
-Learn how Azure Arc manages Kubernetes clusters across on-premises and multiple cloud deployments
-Explore the GitOps technology pattern and operating model for cloud native applications and Kubernetes
-Use Azure Arc-enabled Kubernetes and GitOps to deploy configurations and applications to Kubernetes clusters

Check out the new ebook here: https://www.oreilly.com/library/view/azure-arc-enabled/9781098102647

Also keep an eye on my O’Reilly author page here https://www.oreilly.com/pub/au/8326 for any future projects I have with them.

Read More

Speaking on “Containers in Azure” at Lagos State University (LASU) TechX conference

I will be speaking at the LASU TechX conference on Friday. I will be talking about the “Available Container Technologies in Azure”. I will go into what containers are, how they compare to VM’s, types of containers, things to consider before containerizing applications, what container service in Azure to use in what case, and more.

About The Event:

LASU TechX conference is an event that is aimed at attracting students and all tech enthusiasts within and outside the university (Lagos State University). This event is co-organized by Kazeem Adegboyega.

Speakers include:

Microsoft MVP – Samuel Erskine
Microsoft MVP – Isidora Kitanic
Chris Hoard
Microsoft MVP – Adnan Hendricks
Microsoft Employee – Holly Lehman
Microsoft MVP – Steve Buchanan
Ayodeji Folarin

Here is a flyer for the event:

For more details on the event and to register go here:

Read More

GitOps: The Big Picture

There is another wave coming. This wave is GitOps. GitOps is a technology pattern and operational framework. It is often used for Kubernetes however is really for cloud-native applications in general. Being that a large amount of cloud-native applications these days are designed and built to run on Kubernetes it is no surprise that GitOps is commonly adopted in Kubernetes environments. If you are running Kubernetes or looking at it chances are you may have heard of GitOps. This is how I define GitOps:

GitOps is an operating model pattern for cloud native applications storing application & declarative infrastructure code in Git as the source of truth used for automated continuous delivery.”  

Well, that sums up with GitOps is but it still is a mouthful and can take a bit to wrap ones head around it. In a nutshell GitOps is shifting everything to code, storing everything in Git, making Git the source of truth, and using an operator deploy what is described in Git in your environment including the application and the configuration. With GitOps you describe the desired state of your entire system and GitOps makes it so. It simplifies operations and makes the experience for developers much better allowing them to work out of a tool they are familiar with (Git). Here is a basic sample diagram to give you a visual idea about what GitOps is and how it works:

So in the case of Kubernetes you would have your app code in Git, your container images in Git, and your Kubernetes manifest files. Now there is more to it and how it works but we will not get into all of that in this blog post. This is a good Segway to purpose of this blog post.

The purpose of this blog post is that I just dropped my 7th Pluralsight course GitOps: The Big Picture! This was a fun course to build as I am passionate about and like working with Containers, Kubernetes, and cloud.

A quick shoutout to both Fellow Microsoft MVP/Pluralsight Author Tim Warner and Jason Alba for amplifying my new course!

This course teaches the fundamentals of GitOps, the need for GitOps, GitOps architecture, GitOps workflow, GitOps principles, practices, & tooling such as Flux, Argo CD, AND Jenkins X. Also in this course, GitOps: The Big Picture, you’ll learn what it takes to adopt GitOps. First, you’ll explore what GitOps is and its benefits. Next, you’ll discover GitOps Tooling NS Architecture. Finally, you’ll learn how to use GitOps Workflows. When you’re finished with this course, you’ll have the skills & knowledge of the GitOps framework needed to take the next steps with GitOps.

In the course I give a couple of demos so you can see GitOps in action. The first demo is on “deploying an application using Argo CD” and the second demo is on “GitOps in Action with Azure Arc Enabled Kubernetes using Flux”. Another interesting fact about GitOps is we are starting to see the major cloud providers bring GitOps into their offerings such as Azure Arc and or couple GitOps with their services like with GCP GKE as well as create content on using GitOps with their managed Kubernetes services like with AWS EKS.

GitOps is going to continue to grow right along with the continued growth of Containers, Kubernetes, and Cloud. I am all in and you will see blogs, books, courses, speaking at events, and more from me around GitOps as I continue on my personal journey with it.

Check out the “GitOps: The Big Picture” course here: https://app.pluralsight.com/library/courses/gitops-the-big-picture

Be sure to follow my profile on Pluralsight so you will be notified as I release new courses! I will be releasing more courses soon on topics around Azure, GitOps, SAP on Azure, & Kubernetes courses soon!

Here is the link to my Pluralsight profile to follow mehttps://app.pluralsight.com/profile/author/steve-buchanan

Read More

2020 Year Review – Podcasts, Speaking, New Courses, & Certifications

2020 was an extraordinarily tough year with many downs for so many people all over the world. For me losing 3 people in a week and a half (not to COVID) along with all the funerals to follow was rough. Also, the injustice in my home city with the murder of George Floyd and unrest was unbelievable but not a surprise with injustice going un-noticed for so long. It was amazing to see the world wake up and acknowledge what has been happening for so long.

In spite of all of the bad stuff from 2020, there was a tremendous amount of good stuff happening and progress. I believe there is always an opportunity in the middle of chaos. To see the opportunity it is needed to take a step back, slow down, and analyze the board. In this post, I am going to recap the positives from this year as I have done in the past few years.

Let me start off with the fact that I was renewed for my 9th year as a Microsoft MVP! I was re-awarded in the Azure category for the 3rd year. I never take the Microsoft MVP award for granted as it is never guaranteed. I am honored to once again be among such a talented group of people across the globe!

The next thing I want to call out is a message I received from someone from my home city after listening to one of the podcasts I was featured on. In this message this upcoming tech star talked about how he was inspired by the episode and how he can relate to me. This message was inspiring to me as this is a huge part of what I want to do through sharing my story. I hope to see more of it in the future. Here is the message:

Ok, now lets get into the list of activity from 2020!

-Podcasts-

In 2020 I was honored to be featured on 7 podcasts! Some of the podcasts in the US, Europe, and Africa! Here are the podcasts:

Guest on “Lisa at the Edge” Podcast EP13: In the podcast episode Lisa and I talked about: Evolving your career as technology evolves, Transformation of IT dept to Strategic Business Partner, DevOps, Containers 101, Azure Kubernetes Service, Diversity in tech. Episode link here

Guest on Packet Pushers podcast Cloud Governance, Bringing Order To Your Cloud Chaos. Podcast episode here:

Guest on a #podcast by @blacktechtalent. The founder & I discuss topics such as: breaking into tech, finding black tech talent, black employee retention, racism, colorism & more. You can listen here: https://www.blacktechtalent.org/btt-discussions-ep-3-ft-steve-buchanan/

Was a guest on Tech Talk Wednesday podcast and radio show with Kazeem Adegboyega Topic: Azure Kubernetes Service (AKS) in 30 minutes. Streamed online via Microsoft Teams and aired in Lagos, Nigeria on Lagos State University (LASU) radio (95.7).

10/31/2020 FEATURED ON BITTECHTALK EPISODE #127 – BITTechTalk ep. #127 Steve Buchanan – PC Tech to Microsoft MVP

Guest on Black Tech Talent podcast.

11/5/2020 Guest on the RunAs Radio Podcast

Guest on  Headinthecloud Heartinthecommunity a community show by Isidora Katanic and Holly Lehman.

-Pluralsight Courses-

In 2020 I developed 5 new courses for Pluralsight bringing the total to 6! This is an opportunity to continue sharing my knowledge with the world through Pluralsight’s global platform. You can find my Pluralsight Author page here:

https://app.pluralsight.com/profile/author/steve-buchanan

Here are my blogs about the courses throughout 2020:

One more highlight from my journey with Pluralsight in 2020 is that my AZ-900 course broke into the top 100 courses on Pluralsight! This actually stayed here for multiple months!

I am excited about the potential with Pluralsight for 2021!

-Speaking-

In 2020 I presented at some conferences and user groups. Here is where I presented in 2020:

Inside Azure Management event conference

I was a speaker during the “Inside Azure Management Summit” on 7/23/2020. This was a free community event. It featured Microsoft cloud experts from the authoring team of “Inside Azure Management” book, Microsoft MVP’s, and community experts from around the world. I presented on Azure Policy! My session can be watched here:

I was one of the experts in several Ask the Expert sessions during Microsoft Ignite 2020! Sessions included PowerShell on Azure, Kubernetes on Azure, and Azure Migrations.

Presented at an Azure User Group based in Ghana, in Africa on Terraform for Azure!

-Interviews-

I was featured on AzureCrazy.com in an article! In the Interview we discuss being a #Microsoft MVP, getting certified in #Azure, the positive impact #PowerShell can have on your #ITCareer, getting started with #AKS#AzureStackHub & more. Check it out here:

-Certifications-

Since 2020 was full of time spent inside at home I took some time to knock out a few certifications.

I took and passed the Docker certification! CKA will be in my future.

I decided to study for and passed an AWS certification!

I also gained a Terraform certification by contributing to the Terraform associate exam and helped out with a Terraform certification study guide!

-More-

I also spent time writing blogs, volunteering with some youth tech programs, as well as shared a couple of scripts on GitHub! Here are some posts about some of these:

2020 was a full year. I already have plans and stuff in the works to make 2021 an exciting year continuing with a focus on Azure, Containers, Kubernetes, IaC, Terraform, GitOps, and more! Please check back here often for new blogs, scripts, and more.

Read More

Speaking at Microsoft Ignite 2020

I am excited to announce that I am one of the experts in several Ask the Expert sessions during Microsoft Ignite 2020 this week.

I will be a part of a variety of sessions with topics ranging from Linux and PowerShell on Azure, Kubernetes on Azure, Azure Migration, and Transforming Windows Server workloads in Azure.

My Speaker profile:

https://myignite.microsoft.com/speaker/ce1ea0e0-3f42-4986-90ab-aee809e3735d

The sessions are:

Here is the link to the Ignite home page myignite.microsoft.com. I hope to see you on the digital Ignite event and in one of the Ask the Expert Sessions!

Update 9/30/2020

Being a part of several Ask the Expert sessions was really fun! My most memorable session was the Ask the Expert: Linux and PowerShell on Azure session.

This session was packed full of superstars from Microsoft product groups and fellow MVPs including; Jeffery Snover, Jason Helmick, Janaka Rangama, and Alexander Nikolić. Here is a screenshot from the session:

After the session, I tweeted about the session and shared some wisdom about PowerShell, and both Jeffery Snover and Jason Helmick retweet my tweet!

2020 is not all bad. It’s pretty cool when the inventor of PowerShell and the PowerShell Program Manager retweet you!

Read More

30 Minutes of Azure Kubernetes Services (AKS)

Today I went on “Tech Talk Wednesday” a podcast and radio show with Kazeem Adegboyega The topic was “30 Minutes of Azure Kubernetes Services (AKS)“. It streamed online via Microsoft Teams and aired in Lagos, Nigeria on Lagos State University (LASU) radio (95.7).

I had a great time talking with Kazeem! Even Sam Erskine made a guest appearance. If you missed the live show you can watch it on YouTube:

Or go directly to the video here: https://www.youtube.com/watch?v=q7GCHQudCWg

Read More

Tech Talk Wednesday Guest – Topic: Azure Kubernetes Service (AKS)

I am honored to be a guest next Wednesday, August 26th on the “Tech Talk Wednesday” podcast and radio show with Kazeem Adegboyega (@KazeemCanTeach)! We will be chatting about Azure Kubernetes Service (AKS).

This show will be streamed online via Microsoft Teams and will air in Lagos, Nigeria on Lagos State University (LASU) radio (95.7)!

One of my goals is to help spread knowledge about tech in Africa and showcase African technologists in the US. This is the first step in that journey.

Be sure to tune in. Go here to register: http://kazeem.com.ng/index.php/tech-talk

Don’t worry if you can’t make the live stream. It will be recorded and posted later on Kazeem’s website.

Read More

Guest on “Lisa at the Edge” Podcast EP13

I recently had the honor of being a guest on the “Lisa at the Edge” Podcast. Lisa is a Microsoft Hybrid Cloud Strategist and an influencer in the hybrid cloud community based out of Scotland. She runs a blog and this year she started a popular podcast.

On Lisa’s podcast, she covers Careers in Tech and Microsoft Hybrid Cloud and a range of other topics with experts across the tech community.

This is an episode you don’t want to miss. This was one of the most entertaining podcasts I have been on. It took some interesting turns in regards to topics and very engaging. In the podcast episode Lisa and I talk about:

  • Evolving your career as technology evolves
  • Transformation of IT dept to Strategic Business Partner
  • DevOps
  • Containers 101
  • Azure Kubernetes Service
  • Diversity in tech

You can listen to the episode here:


or here
https://anchor.fm/lisaattheedge/episodes/EP13—Career-Development–Containers-101-and-Diversity-in-Tech-with-Steve-Buchanan-efnjrp

You can stay up to date with what Lisa is doing in the tech community here:

Lisa at the Edge Podcast – – https://anchor.fm/lisaattheedge
Lisa at the Edge Blog – https://lisaattheedge.com/blog/
Twitter – https://twitter.com/lisaattheedge

Read More

Application Gateway Ingress Controller Deployment Script

In Kubernetes, you have a container or containers running as a pod. In front of the pods, you have something known as a service. Services are simply an abstraction that defines a logical set of pods and how to access them. As pods move around the service that defines the pods it is bound to keeps track of what nodes the pods are running on. For external access to services, there is typically an Ingress controller that allows access from outside of the Kubernetes cluster to a service. An ingress defines the rules for inbound connections.

Microsoft has had an Application Gateway Ingress Controller for Azure Kubernetes Service AKS in public preview for some time and recently released for GA. The Application Gateway Ingress Controller (AGIC) monitors the Kubernetes cluster for ingress resources and makes changes to the specified Application Gateway to allow inbound connections.

This allows you to leverage the Application Gateway service in Azure as the entry into your AKS cluster. In addition to utilizing the Application Gateway standard set of functionality, the AGIC uses the Application Gateway Web Application Firewall (WAF). In fact, that is the only version of the Application Gateway that is supported by the AGIC. The great thing about this is that you can put Application Gateways WAF protection in front of your applications that are running on AKS.

This blog post is not a detailed deep dive into AGIC. To learn more about AGIC visit this link: https://azure.github.io/application-gateway-kubernetes-ingress. In this blog post, I want to share a script I built that deploys the AGIC. There are many steps to deploying the AGIC and I figured this is something folks will need to deploy over and over so it makes sense to make it a little easier to do. You won’t have to worry about creating a managed identity, getting various id’s, downloading and updating YAML files, or installing helm charts. Also, this script will be useful if you are not familiar with sed and helm commands. It combines PowerShell, AZ CLI, sed, and helm code. I have already used this script about 10 times myself to deploy the AGIC and boy has it saved me time. I thought it would be useful to someone out there and wanted to share it.

You can download the script here: https://github.com/Buchatech/Application-Gateway-Ingress-Controller-Deployment-Script

I typically deploy RBAC enabled AKS clusters so this script is set up to work with an RBAC enabled AKS cluster. If you are deploying AGIC for a non-RBAC AKS cluster be sure to view the notes in the script and adjust a couple of lines of code to make it non-RBAC ready. Also note this AGIC script is focused on brownfield deployments so before running the script there are some components you should already have deployed. These components are:

  • VNet and 2 Subnets (one for your AKS cluster and one for the App Gateway)
  • AKS Cluster
  • Public IP
  • Application Gateway

The script will deploy and do the following:

  • Deploys the AAD Pod Identity.
  • Creates the Managed Identity used by the AAD Pod Identity.
  • Gives the Managed Identity Contributor access to Application Gateway.
  • Gives the Managed Identity Reader access to the resource group that hosts the Application Gateway.
  • Downloads and renames the sample-helm-config.yaml file to helm-agic-config.yaml.
  • Updates the helm-agic-config.yaml with environment variables and sets RBAC enabled to true using Sed.
  • Adds the Application Gateway ingress helm chart repo and updates the repo on your AKS cluster.
  • Installs the AGIC pod using a helm chart and environment variables in the helm-agic-config.yaml file.
Application Gateway Ingress Controller Architecture

Now let’s take a look at running the script. It is recommended to upload to and run this script from Azure Cloud shell (PowerShell). Run:

./AGICDeployment.ps1 -verbose

You will be prompted for the following as shown in the screenshot:

Enter the name of the Azure Subscription you want to use.:

Enter the name of the Resource Group that contains the AKS Cluster.:

Enter the name of the AKS Cluster you want to use.:

Enter the name of the new Managed Identity.:

Here is a screenshot of what you will see while the script runs.

That’s it. You don’t have to do anything else except entering values at the beginning of running the script. To verify your new AGIC pod is running you can check a couple of things. First, run:

kubectl get pods

Note the name of my AGIC pod is appgw-ingress-azure-6cc9846c47-f7tqn. Your pod name will be different.

Now you can check the logs of the AGIC pod by running:

kubectl logs appgw-ingress-azure-6cc9846c47-f7tqn 

You should not have any errors but if you do they will show in the log. If everything ran fine the output log should look similar to:

After its all said and done you will have a running  Application Gateway Ingress Controller that is connected to the Application Gateway and ready for new ingresses.

This script does not deploy any ingress into your AKS cluster. That will need to be done in addition to this script as you need. The following is an example YAML code for an ingress. You can use this to create an ingress for a pod running in your AKS cluster.

apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: myapp
  annotations:
    kubernetes.io/ingress.class: azure/application-gateway
spec:
  rules:
  - http:
      paths:
      - path: /
        backend:
          serviceName: myapp
          servicePort: 8080

Thanks for reading and check back soon for more blogs on AKS and Azure.

Read More

Master Azure with VS Code

At Experts Live Europe 2019 I presented a session titled “Master Azure with VS Code”. This was a fun session with an engaging audience that took to twitter after the session. There was some chatter asking this session was recorded. It was not. I did note that I planned to write a blog post on this topic.

Here is that blog post and it is the first one of 2020 for me! In this post, we are going to dive into how VS code is helpful when working with Azure and many extensions I find useful when working with Azure. This post is not set to be an end-all to using VS Code with Azure but from my experience. Use this post as a starting point or a reference for expanding your use of VS Code with Azure. Also, check out the many other community experts and Microsoft MVPs for their additional knowledge plus tips and tricks on this topic.

VS Code Overview

First off if you are not using VS Code stop reading this right now, go download it and install it then come back to finish reading. 🙂 VS Code is a must-have in your toolbox and it is free! For those that are new to VS Code, it is an open-source – code editor developed by Microsoft that runs on Windows, Linux, and macOS. Here is a shortlist of the many benefits of VS Code:

  • Has support for hundreds of languages.
  • Has Integrated Terminal.
  • Also powerful developer tool with functionality, like IntelliSense code completion and debugging.
  • Includes syntax highlighting, bracket-matching, auto-indentation, box-selection, snippets, and more.
  • Integrates with build and scripting tools to perform common tasks making everyday workflows faster.
  • Has support for Git to work with source control.
  • Large Extension Marketplace of third-party extensions.

Note that yes, VS Code is for the “IT Pro”. Not just developers.

Azure Extensions in VS Code

VS Code has a ton of extensions in general. There are a number of Azure specific extensions and you can work with Azure directly from VS Code.

If you go to the VS Code Marketplace here: https://marketplace.visualstudio.com/vscode and search on Azure you will see results for many published by Microsoft and many community based extensions for Azure. As of the time of writing this blog post, there are 93. Here is a screenshot showing some of the results:

You can also go directly to the Azure Tools extension from Microsoft here: 

https://marketplace.visualstudio.com/itemdetails?itemName=ms-vscode.vscode-node-azure-pack

Or the

Azure Extensions from Microsoft here:

https://code.visualstudio.com/docs/azure/extensions

In the rest of this post, I am going to share some key extensions I use with Azure. I will post the marketplace links at the end of each extension I talk about and if it is maintained by community or Microsoft.

Deploy to Azure using VS Code

It is important to note that not all of the Azure extensions available in VS Code can be used to deploy to Azure. Some can but most can’t here is a list of the services that you can deploy to from extensions in VS Code.

Azure Service Description
Azure Functions Build and manage Azure Functions serverless apps directly in VS Code with the Azure Functions extension.
App Service Manage Azure resources directly in VS Code with the Azure App Service extension.
Docker Deploy your website using a Docker container.
Azure CLI Create, deploy, and update a website using a terminal and the Azure CLI.
Static website Create, deploy, and update a static website on Azure Storage.

NOTE: This list is current at the time of writing this blog post. This will change over time.

Azure Cloud Shell in VS Code

Cloud Shell is something you should be using with Azure to make your life easier. It is an interactive command-line shell. You are authenticated to your Azure account when you launch it, It typically runs in the browser and is used for managing Azure resources. When you launch it you can choose the shell experience that best for you, either Bash or PowerShell. With VS Code you can launch Cloud Shell directly in VS Code!

Cloud Shell is a part of the Azure Account extension. Here are some key points on using Cloud Shell with VS Code:

  • Free (storage consumed has costs.)
  • Launch Azure Cloud Shell directly in VS Code.
  • Launch Bash, PowerShell, or Upload.
  • Works in the Integrated Terminal.

Azure and open-source Tooling in Cloud Shell:

Azure Tools:
blobxfer Azure CLI and Azure classic CLI Azure Functions CLI AzCopy Service Fabric CLI Batch Shipyard  
Open-Source:
Bash Terraform Packer Ansible Chef InSpec Puppet Bolt Docker Kubectl Helm DC/OS CLI iPython Client Cloud Foundry CLI

PowerShell Modules in Cloud Shell

You get the following PowerShell modules in Cloud Shell:
Azure Modules (Az.Accounts, Az.Compute, Az.Network, Az.Resources, Az.Storage)
Azure AD Management (Preview)
Exchange Online (In development)
MicrosoftPowerBIMgmt
SqlServer

Marketplace Link:

Azure Account: https://marketplace

Maintained By Microsoft

Read More