In February Come Cloud With Us is hosting a Kubernetes panel with some of the industry’s BEST Kubernetes experts. I am honored and humbled to be one of the panelists. This panel consists of K8s experts from Dell, Google, Microsoft, Intercept, United Wholesale Mortgage, and Admincontrol. This is a global panel with panelists and hosts from the United States, Norway, United Kingdom, and Canada. Several of the panelists are also authors, Microsoft MVP’s and CNCF Ambassadors.
Here is a breakdown of the hosts and the panelists:
The panel will discuss Kubernetes and answer attendee questions. This will be a virtual event. This will be an event that you DON’T want to miss! Mark your calendars for the event on Thursday, February 16, 2023 4:00PM-5:30PM CST!
This was a fun podcast with Jez Ward, and Dave Chapman of Cloudreach. They run a podcast called Cloudbusting. On the podcast they focus on transformation, leadership, ways of working and emerging technology they explore the significant impact that cloud is having on people and businesses.
On this podcast episode, we set out to answer very important questions such as what are Jucy Lucy’s?, what are root Canals like today? oh, and yeah we also spend some time talking about what Containers, Kubernetes, & GitOps are and how they fit in the cloud.
With the growth of Kubernetes, the complexity & needs have also grown. IT Professionals need help with the operational & security challenges of managing Kubernetes clusters across multiple clouds, on-premises, & the edge.
My new course will teach you how to use Rancher for multi-Kubernetes cluster management, streamlining Kubernetes cluster deployments, & unified multi-Kubernetes cluster app management. When you’re finished with this course, you’ll have the skills and knowledge of Rancher needed for multi-K8s cluster management.
There is a learning path on Pluralsight focused on Kubernetes management. This is my 3rd course in the Kubernetes Management pathtitled “Kubernetes Tooling and Techniques” on Pluralsight. My other courses in the path are: “GitOps: The Big Picture” and “Getting Started with Argo CD“. You can get to the path using this link: https://app.pluralsight.com/paths/skills/kubernetes-tooling-and-techniques
I hope you find value in this new Getting Started with Rancher course. Be sure to follow my profile on Pluralsight so you will be notified as I release new courses related to Kubernetes and other topics!
Coming up soon I will be giving my first Pluralsight Author Talk. This live session will be on GitOps. I will cover a fundamental understanding of GitOps, the need for GitOps, GitOps architecture, GitOps workflow, GitOps principles, practices, & tooling such as Flux, Argo CD, AND Jenkins X.
SAP is the #1 business software in the world. You will find SAP applications running in a majority of Fortune 500 companies powering their business. Becoming an expert in SAP is a great career move for anyone in tech and business.
Azure is a major cloud player in the public cloud space. Microsoft has done a lot of work to make Azure the best fit for running SAP in the public cloud. Becoming an expert in Azure is also a great career move.
Both SAP and Azure are in high demand and will be for the foreseeable future. Building a combined SAP and Azure skillset to become an SAP on Azure SME can have a huge positive impact on your career.
Considering the number of organizations that run SAP with most of them looking to migrate it to the public cloud or deploy SAP new on the public cloud means you would be a key to these organizations if you have SAP on Azure skills.
One of the challenges with SAP has always been-how can one get experience with it and get some hands-on with it? It is no secret that SAP is expensive and therefore is not the easiest to get access to for anyone that is ramping up on it. In this blog, I will highlight some options for learning SAP on Azure as well as how to get some hands-on with it.
First off Microsoft has an SAP on Azure certification. This is AZ-120: Planning and Administering Microsoft Azure for SAP Workloads. This certification is for anyone that wants to demonstrate knowledge of both SAP and Azure along with the ability to run SAP on Azure public cloud. If you are a SAP Basis person, on-premises SAP administrator, Azure administrator, sysadmin, cloud admin, solution architect, business analyst, and more then this certification and career path is for you. Skills measured by this AZ-120 exam include:
Migrate SAP Workloads to Azure Create an inventory of existing SAP landscapes Design a migration strategy Design an Azure Solution to Support SAP Workloads Design a core infrastructure solution in Azure to support SAP workloads Design Azure infrastructure services to support SAP workloads Design a resilient Azure solution to support SAP workloads Build and Deploy Azure for SAP Workloads Automate deployment of Virtual Machines (VMs) Implement and manage virtual networking Manage access and authentication on Azure Implement and manage identities Monitor SAP workloads on Azure Validate Azure Infrastructure for SAP Workloads Perform infrastructure validation check Perform operational readiness check Operationalize Azure SAP Architecture Optimize performance Migrate SAP workloads to Azure
SAP has some express and developer editions of their software available as Containers. These are hosted on Dockerhub. It’s really cool that that SAP has made some of their solutions available as Docker containers. This makes it really easy to spin up the solutions and get started with them right away without having to load a server and install the SAP software. All you need is Docker Desktop to run these locally.
You could also run these containers in the cloud as well. It is critical to note that you still need a considerable amount of resources (CPU, RAM, Disk space) to support running the SAP solutions as containers. Do not cut corners on this. Allocate the required amount of resources. Overall this is a great option if you want to get the SAP software up and running as fast as possible to focus on getting hands-on with the SPA software itself. Here are the container options:
SAP HANA, express edition (database and application services)
This option is a full download of the SAP software that you install on a virtual machine running in Azure. As opposed to the SAP containers you will need to go through the process of deploying a VM, configuring any prereqs, and then installing the SAP software. Overall if you want to get the experience of configuring the VM’s and installing the SAP software then this is a great option. Here is the option:
The first option SAP Cloud Appliance Library (SAP CAL) is a service from SAP that allows you to select a preconfigured SAP solution on your cloud of choice letting SAP deploy the SAP solution in your cloud subscription for you. This option includes trials of the SAP software. This a great option to get hands-on experience in Azure. It does not help you gain experience with deploying and configuring the Azure estate though and that is something you will need to do on a real project.
The last two options will take you through the journey of using Infrastructure as Code (IaC) to deploy the estate needed to support SAP running in the cloud, the VM’s that will run the SAP software, and deployment of trial SAP software.
Overall the first option SAP CAL is a great way to quickly get started with SAP on Azure and see what the experience is like. The last two options are the best giving you hands-on both with Azure and with SAP the closest you will get to the real world.
SAP Cloud Appliance Library (SAP CAL)
SAP CAL is an online library of preconfigured and ready-to-use SAP solutions on a trial basis. SAP CAL gives you a quick & easy way to spin up SAP solutions directly in Azure and other clouds. It includes SAP S/4HANA, SAP HANA Express Edition, and more.
Terraform to deploy the architecture needed for SAP and the SAP virtual machines. Ansible to configure the virtual machines and install the SAP on Azure software.
That brings us to the end of this blog post. I hope you find this helpful with tips on how to get started with SAP on Azure including some hands on! Thanks for reading.
When working with
Containers a common need is to store Container images somewhere. Container
Registries are the go-to for this. Docker hub is an example of a Container
Registry and it is the most well-known Container Registry.
What is a Container Registry?
A Container Registry is a group of repositories used to store container images. A container repository is used to manage, pull or push container images. A Container Registry does more than a repository in that it has API paths, tasks, scanning for vulnerabilities, digital signature of images, access control rules and more.
Container registries can be public or private. For example, a public registry is Docker Hub and anyone can access its container repositories to pull images. A private registry is one that you would host either on-premises or on a cloud provider. All of the major cloud providers including Azure has a Container Registry offering.
Integrate ACR with AKS
With AKS it is a good idea to use a private container registry to host your container images. The process is used Docker to build your image>push the image to your Azure Container Registry>Pull the image from the registry when deploying a Pod to your AKS cluster.
There are 3 ways to
integrate AKS with Azure Container Registry. I typically only use one way and
will focus on that in this blog post.
2 of the ways you can integrate AKS with Azure Container Registry. The first is through an Azure AD service principal name (SPN) that assigns the AcrPull role to the SPN. More on this here. You would use this first way in scenarios where you only have one ACR and this will be the default place to pull images from.
The second is to create a Kubernetes ServiceAccount that would be used to pull images when deploying pods. With this you would add “kind: ServiceAccount” to your Kubernetes cluster and it would use the ACR credentials. Then in your pods yaml files you would need to specify the service account for example “serviceAccountName: ExampleServiceAccountName”.
The way I like to integrate AKS with Azure Container Registry is to use Kubernetes Secret of type docker-registry. With this option basically, you create a secret in the Kubernetes cluster for your Azure Container Registry. You then specify the secret in your pod yaml files. This allows you to have multiple container registries to pull from. This option is also quick and easy to setup. Ok.
To get started you need to build your Docker image and push it up to your Azure Container Registry. In this blog post, I will not cover deploying ACR, or building the Docker image assuming you have already done these things. Now let’s set up the ACR and AKS integration using a docker-registry Kubernetes secret.
1. For the first step, you will need the credentials to your Azure Container Registry. To get this go navigate to:
2. The second step push your Docker image up to your ACR.
# Log into the Azure Container Registry
docker login ACRNAMEHERE.azurecr.io -u ACRUSERNAMEHERE -p PASSWORDHERE
# Tag the docker image with ACR
docker tag DOCKERIMAGENAMEHERE ACRNAMEHERE.azurecr.io/DOCKERIMAGENAMEHERE:v1
# Push the image to ACR
docker push ACRNAMEHERE.azurecr.io/DOCKERIMAGENAMEHERE:v1
3. The third step create the docker-registry Kubernetes secret by running following syntax from Azure Cloud Shell:
I recently published a blog post on 4sysops.com about Web App for Containers on Azure here: https://4sysops.com/archives/web-app-for-containers-on-azure. That blog post is about the often-overlooked service in Azure that can be used to host a container/s on a web app in Azure App service.
This is a great service if you just need to run a single container or even a couple of containers that you have in Docker Compose. This service is PaaS and abstracts away an orchestration system like Kubernetes. If you need insight into the Azure App Service Web App for Containers service check out the blog post on 4sysops.
In this long blog post I am going to take things a step further and walk-through the build & release of a Container from Azure DevOps to Azure Web App for Containers. The overall goal of this post is to help someone else out if they want to setup a build and release pipeline for building and deploying a container to Azure App Service. We will use a very simple PHP web app I built that will run in the container.
Here are the components that are involved in this scenario:
Azure Container Registry (ACR): We will use this to store our container image. We will be pushing up the container image and pull it back down from the registry as a part of the build and release process.
Azure DevOps (ADO): This is the DevOps tooling we will use to build our container, push it up to ACR, pull it down into our release pipeline and then deploy to our Azure App Service.
App Service Web App for Containers: This is the web server service on Azure that will be used to host our container. Under the hood this will be a container that is running Linux and Apache to host the PHP web app.
Here is the data Flow for our containerized web app:
Deploy the Azure App Service Web App for Containers instance
Deploy the Azure Container Registry
Deploy the Azure DevOps organization and project, create repository to host the code, clone repository in VS Code (Not shown in this blog post. Assume you know how to this up.)
Update the application code (PHP code and Docker image) in Visual Studio code
Commit application code from Visual Studio code to the Azure DevOps repo (Not shown in this blog post. Assume you know how to this up.)
Setup build and then run container build and push the container image to ACR
Setup release pipeline and then kick off the release pipeline pulling down the container image from ACR and deploys the container to the App Service Web App for Containers instance.
Here is a diagram detailing out the build and release process we will be using:
Ok. Let’s get into the setup of core components of the solution and the various parts of the build and release pipeline.
For starters this solution will need a project in Azure DevOps with a repo. Create a project in Azure DevOps and a repo based on Git. Name the repo exerciseoftheday. Next up let’s create the core framework we need in Azure.
Deploy Azure App Service Web App for Containers
Let’s create the Azure App Service Web App for Containers that will be needed. We will need a resource group, an app service plan and then we can setup the app service. The PHP app we will be running is named Exercise Of The Day (EOTD) for short so our resources will use EOTD. Use the following steps to set all of this up.
We will do everything via Azure Cloud Shell. Go to https://shell.azure.com/ or launch Cloud Shell within VS Code.
Run the following Syntax:
# Create a resource group
az group create –name EOTDWebAppRG –location centralus
# Create an Azure App Service plan
az appservice plan create –name EOTDAppServicePlan –resource-group EOTDWebAppRG –sku S1 –is-linux
# Create an Azure App Service Web App for Containers
Note the loginServer from the output. This is the FQDN of the registry. Normally we would need this, admin enabled, and the password to log into the registry. In this scenario we won’t need admin enabled or the password because we will be adding a connection to Azure DevOps and the pipelines will handle pushing to and pulling the image from the registry.
When it’s all done you should see the following resources in the new resource group:
Next, we will need to build an application and a container image.
Today I passed the Docker Certified Associate exam! In this post, I will share some details about the exam and the resources I used to study for it.
The certification is good for 2 years after passing the exam. It demonstrates that you have foundational real-world Docker skills. It is multiple choice with 55 questions, you have 1.5 hours to finish it and costs $195 USD. It is recommended that you have 6 to 12 months of hands-on experience with Docker before taking the exam. You can read about and sign up for the exam here: https://success.docker.com/certification.
I have had some folks ask me why I would waste my time taking the Docker exam. They say to focus on Kubernetes and Open Shift instead of Docker. Lets talk about why I chose to pursue the Docker certification. First off you have to run containers on those orchestration platforms mentioned before and chances are you will run Docker containers on them. Therefore before diving into an orchestration platform it is important to be knowledgable on containers. Also, I have seen many scenarios in the cloud where it makes sense to run containers directly on the cloud platform itself and again chances are those will be Docker containers. Docker is still a leader in the container space. There are several reports and articles that point to this. Here are some of the reports and articles backing this up:
Docker listed as the leader in the “Container Tools Used” section of the RightScale 2019 State of the Cloud Report” here:
Docker is listed as #2 with 31.35% market share on Datanyze 2020 “Containerization Market Share Competitor Analysis Report” here:
I will call out that the Docker exam covers Swarm mode orchestration platform that is included with Docker. Swarm mode is a lot easier to learn and use compared to Kubernetes however, Kubernetes has won the orchestration platform war. It would be nice if Docker would revamp the exam reducing or removing Swarm and replace with some Kubernetes objectives. This would make more sense because there is a strong chance Swarm will not be used in the real world.
The Docker exam was not an easy exam and you definitely want to have some hands-on with Docker before taking it. There are a ton of resources out there that you can leverage beyond hands-on to assist in your study for this certification. There are many books available. You can do a quick search on Amazon and check the reviews for one that would be a good fit for you. I have read a couple of books on Docker and have co-authored a book on AKS with a chapter dedicated to Docker in it.
Here is the list of what I used to study.
Free Hands on Docker labs (This resource was huge for me. It gave me environments to use and scenarios for training with Docker and Docker Swarm mode.):
I attended a “Docker JumpStart Virtual Workshop” by Microsoft MVP Mike Pfeiffer and Microsoft MVP/Docker Captain Dan Wahlin (This workshop ocurred in the past but I beleive you can sign up and watch the recordings from the workshop.):
Free Docker Certification review questions here (This blogger has a bunch of review questions to help you get in the right mindset. They cover all the exam areas.):
Docker courses and learning checks on Pluralsight (The courses are great. I found the learning checks very useful becuase it was a good way to check my knowledge in all of the exam areas.):
Spent time working with Docker on some projects (self explanatory).
Overall the Docker certification is a good move for your career as an IT Pro, developer, if you work in DevOps, and with cloud. I definitely recommend getting this certification. If you decide to go after it good luck!
Stay tuned for more blog posts with insights on certifications in the future.
This will be a short
post and this one is mostly for me so I can easily find this information in the
future when I need it again. 🙂
Recently I was
containerizing some PHP websites that use Composer. If you are not familiar
with Composer but you are working with PHP, you will run across it at some
point. Composer is a dependency package manager for PHP. Composer manages
(install/update) any required libraries and dependencies needed for your PHP
site.
To use Composer you must first declare the libraries and dependencies in a composer.json file in your site directory and then you would run Composer and it will do its magic. For more information on Composer visit: https://getcomposer.org/doc/00-intro.md
Back to my task, I
needed to install Composer in the containers I was building and run it to
install all the dependencies. I needed these actions in the Dockerfile so it
would all happen during the container build. After some research on Composer I
was able to pull something together. Here is the syntax that I ended up putting
in the Dockerfile:
# Install Composer
RUN curl -sS https://getcomposer.org/installer | php -- --install-dir=/usr/local/bin --filename=composer
# Set working directory for composer (Contains the composer.json file)
WORKDIR /var/www/html/sitename
# Run Composer
RUN composer install
Note: I placed the above code at the end of the
Dockerfile ensuring Apache, PHP etc was all in place first.
At Experts Live Europe 2019 I presented a session titled “Master Azure with VS Code”. This was a fun session with an engaging audience that took to twitter after the session. There was some chatter asking this session was recorded. It was not. I did note that I planned to write a blog post on this topic.
Here is that blog post and it is the first one of 2020 for me! In this post, we are going to dive into how VS code is helpful when working with Azure and many extensions I find useful when working with Azure. This post is not set to be an end-all to using VS Code with Azure but from my experience. Use this post as a starting point or a reference for expanding your use of VS Code with Azure. Also, check out the many other community experts and Microsoft MVPs for their additional knowledge plus tips and tricks on this topic.
VS Code Overview
First off if you are not using VS Code stop reading this right now, go download it and install it then come back to finish reading. 🙂 VS Code is a must-have in your toolbox and it is free! For those that are new to VS Code, it is an open-source – code editor developed by Microsoft that runs on Windows, Linux, and macOS. Here is a shortlist of the many benefits of VS Code:
Has support for hundreds of languages.
Has Integrated Terminal.
Also powerful developer tool with functionality, like IntelliSense code completion and debugging.
Includes syntax highlighting, bracket-matching, auto-indentation, box-selection, snippets, and more.
Integrates with build and scripting tools to perform common tasks making everyday workflows faster.
Has support for Git to work with source control.
Large Extension Marketplace of third-party extensions.
Note that yes, VS
Code is for the “IT Pro”. Not just developers.
Azure Extensions in VS Code
VS Code has a ton of
extensions in general. There are a number of Azure specific extensions and you
can work with Azure directly from VS Code.
If you go to the VS Code Marketplace here: https://marketplace.visualstudio.com/vscode and search on Azure you will see results for many published by Microsoft and many community based extensions for Azure. As of the time of writing this blog post, there are 93. Here is a screenshot showing some of the results:
You can also go
directly to the Azure Tools extension from Microsoft here:
In the rest of this post, I am going to share some key extensions I use with Azure. I will post the marketplace links at the end of each extension I talk about and if it is maintained by community or Microsoft.
Deploy to Azure using VS Code
It is important to
note that not all of the Azure extensions available in VS Code can be used to
deploy to Azure. Some can but most can’t here is a list of the services that
you can deploy to from extensions in VS Code.
Azure Service
Description
Azure Functions
Build and manage Azure Functions serverless apps directly in VS Code with the Azure Functions extension.
App Service
Manage
Azure resources directly in VS Code with the Azure App Service extension.
Docker
Deploy your website using a Docker container.
Azure CLI
Create,
deploy, and update a website using a terminal and the Azure CLI.
Static website
Create,
deploy, and update a static website on Azure Storage.
NOTE: This list is current at the time of
writing this blog post. This will change over time.
Azure Cloud Shell in VS Code
Cloud Shell is something you should be using with Azure to make your life easier. It is an interactive command-line shell. You are authenticated to your Azure account when you launch it, It typically runs in the browser and is used for managing Azure resources. When you launch it you can choose the shell experience that best for you, either Bash or PowerShell. With VS Code you can launch Cloud Shell directly in VS Code!
Cloud Shell is a part of the Azure
Account extension. Here are some key points on using Cloud Shell with VS
Code:
Free (storage consumed has costs.)
Launch Azure Cloud Shell directly in VS
Code.
Launch Bash, PowerShell, or Upload.
Works in the Integrated Terminal.
Azure and open-source Tooling in Cloud Shell:
Azure Tools: blobxfer Azure CLI and Azure classic CLI Azure Functions CLI AzCopy Service Fabric CLI Batch Shipyard
You get the following PowerShell modules in Cloud Shell: Azure Modules (Az.Accounts, Az.Compute, Az.Network, Az.Resources, Az.Storage) Azure AD Management (Preview) Exchange Online (In development) MicrosoftPowerBIMgmt SqlServer
