Microsoft

Presenting on AKS at Tech Summit Nigeria 2022

by

I will be speaking at Tech Summit Nigeria 2022. This event is to be held in Lagos, Nigeria at the Microsoft ADC center. It is an event for Cloud & Mixed- Reality professionals & enthusiasts. The website for the is https://www.techsummitnigeria.com.

My session title is: “K8s is complex! Simplify its Deployment & Configuration“.

The abstract is: Understanding Kubernetes is complex. Designing its architecture is complex. Deploying it is complex. And Configuring it is complex. K8s in general are complex. Spend less time on getting your Kubernetes up and running and more time running your containerized apps!

In this session, Steve Buchanan will take you on a journey utilizing a tool named the AKS Construction Helper that can simplify your AKS Deployment & Configurations.

***Update***

It was a fun session with an engaged audience! Here are some pictures from the session.

If you missed my session you can watch the replay here:

Read more

Watch Learn Live Episode 7 – Introduction to Azure Arc enabled Kubernetes

by

Today Pierre Roman (@wiredcanuck) Senior Cloud Advocate of Microsoft & myself (@buchatech) streamed “Introduction to Azure Arc enabled Kubernetes” on Learn Live. Here is what we covered in this session:

In this session, showed you how Azure Arc enabled Kubernetes clusters can help customers like Contoso to optimize and simplify their operations. Here are the Learning objectives we covered:

  • Describe Kubernetes, Azure Arc, and Azure Arc-enabled Kubernetes.
  • Connect Kubernetes clusters to Azure Arc.
  • Manage Azure Arc enabled Kubernetes clusters by using GitOps.
  • Integrate Azure Arc enabled Kubernetes cluster with Azure services like Azure Monitor and Azure Policy.

If you missed it don’t worry. 🙂 You can watch the playback on the Microsoft Developer YouTube channel here:

You can check out more Learn Live episodes on the:

Or

Read more

Speaking on the Metaverse at GatherVerse Summit 2022

by

GatherVerse is a new conference about the MetaVerse. GatherVerse is the creation of entrepreneur & tech leader Christopher Lafayette. The GatherVerse is a global gathering discussing humanity first standards of education, safety, privacy, wellness, equality, community development and accessibility in the next steps of the metaverse. Here is the GatherVerse website: www.gatherversesummit.com

I will be a part of a panel discussing EdTech’s role in the Metaverse. This panel will be on day 2 – February 23rd, 2022 @ 2:00pm pst – 2:48pm pst

I will join a great panel of esteemed tech professionals. On the panel, I will give my personal point of view of how companies and technologies such as Accenture (who recently bought of 60k Oculus headsets), Microsoft, FlipGrid, TakeLessons, LinkedIn Learning, Roblox, Pluralsight, and more fit into the Metaverse.

This event is free. Here are links to learn more and sign up:

Free Tickets
https://www.eventbrite.com/e/gatherverse-summit-tickets-217609685427

Website
www.gatherversesummit.com

LinkedIn Event Link
https://www.linkedin.com/events/gatherversesummit20226871478586432454656/about/

Read more

Next Chapter – Joining Microsoft

by

I am excited to announce the next chapter in my career. It has been a long time coming, I am joining Microsoft (going to the mothership). I will be joining an elite team focused on Azure product improvement in one of the engineering orgs as a Principal Program Manager. I will be focused on improving Azure’s end-to-end open-source & Kubernetes experiences as well as working with multiple clouds. Several things excite me about this role such as; the talented folks on the team, being a part of improving the Azure, continuing to expand my open-source skills, continuing to expand my multi-cloud skills, and working with various product groups as well as leadership.

I am really looking forward to this change in my career as I will be moving from the consulting discipline to the product/cloud provider discipline. I view this as a soft reboot to my career, the next chapter in my book, and the 3rd lap in the race of my career. The possibilities where this will lead are endless and will open many new doors.

With this move, I will no longer be a Microsoft MVP. Microsoft employees cannot be Microsoft MVPs. After 10 years as a Microsoft MVP, I will surely miss being a part of the MVP family. However, I will continue to contribute to the technical community through blogging, speaking at conferences, user groups, creating content such as e-books, sharing my insights on podcasts, and creating more Pluralsight courses! Sharing my knowledge is a part of who I am. Buchatech will live on! I look forward to working with folks from the other side of the table and continuing to interact/collaborate with folks in the community!

Read more

Featured on BITTechTalk Episode #127 – PC Tech to Microsoft MVP

by

I have been waiting for this one to release! I was a guest on Blacks In Technology ‘s renowned podcast BITTechTalk.

On this episode we talk about; the pros and cons of having a coding background vs infra, what it’s like coming from infrastructure into DevOps, the importance of networking skills in DevOps.

We get into the fact that many folks in the tech industry have to jump ship to get the promotion & better pay, being in consulting vs internal tech, what it’s like being a Microsoft MVP, changing the narrative of blacks in tech, tech salaries and much more!

Check out the podcast episode with the BIT founder Greg Greenlee & me here:

https://www.blacksintechnology.net/bittechtalk-ep-127-steve-buchanan-pc-tech-to-microsoft-mvp/

Read more

Speaking at Microsoft Ignite 2020

by

I am excited to announce that I am one of the experts in several Ask the Expert sessions during Microsoft Ignite 2020 this week.

I will be a part of a variety of sessions with topics ranging from Linux and PowerShell on Azure, Kubernetes on Azure, Azure Migration, and Transforming Windows Server workloads in Azure.

My Speaker profile:

https://myignite.microsoft.com/speaker/ce1ea0e0-3f42-4986-90ab-aee809e3735d

The sessions are:

Here is the link to the Ignite home page myignite.microsoft.com. I hope to see you on the digital Ignite event and in one of the Ask the Expert Sessions!

Update 9/30/2020

Being a part of several Ask the Expert sessions was really fun! My most memorable session was the Ask the Expert: Linux and PowerShell on Azure session.

This session was packed full of superstars from Microsoft product groups and fellow MVPs including; Jeffery Snover, Jason Helmick, Janaka Rangama, and Alexander Nikolić. Here is a screenshot from the session:

After the session, I tweeted about the session and shared some wisdom about PowerShell, and both Jeffery Snover and Jason Helmick retweet my tweet!

2020 is not all bad. It’s pretty cool when the inventor of PowerShell and the PowerShell Program Manager retweet you!

Read more

Third Pluralsight Course Published – Microsoft Azure Pricing and Support Options

by

Today my third Pluralsight course has been published. This course is titled “Microsoft Azure Pricing and Support Options“. It is a part of an AZ-900 learning path that will help you prepare for the Microsoft Azure Fundamentals AZ-900 exam. Learn more about that exam here: https://docs.microsoft.com/en-us/learn/certifications/exams/az-900 .

I was excited about this course as it is a part of my day to day focus on Azure. Also, this is a chance to help those that are getting started with Azure. Here is what you will gain from this course:

This course will teach you the fundamental knowledge about the pricing and support options in Azure one of the core skills measured in the AZ-900: Azure Fundamentals exam.

In this course, Microsoft Azure Pricing and Support Options, you’ll learn to estimate the pricing and support of Azure cloud services. First, you’ll explore Azure subscriptions, subscription management, and management groups.

Next, you’ll discover, plan, and manage Azure costs. Finally, you’ll learn how to understand Azure SLA’s, various Azure service lifecycles, and how to select the right support options. When you’re finished with this course, you’ll have the skills and knowledge of Azure pricing and available support needed to estimate Azure costs and select the right support options.

Please check out this new course here: https://app.pluralsight.com/library/courses/microsoft-azure-pricing-support-options

Also, be sure to follow my profile on Pluralsight so you will be notified as I release new courses! I will be releasing more courses soon!

Here is the link to my Pluralsight profile: https://app.pluralsight.com/profile/author/steve-buchanan

Read more

Microsoft MVP Summit 2019

by

This year’s summit was one of the best MVP summits I have been to since being a Microsoft MVP! I focused on Azure, Azure Stack, containers, and orchestration platforms. That’s about all I can say about the summit. Everything else is NDA!

On top of all the learning at the summit it was great connecting with other MVP’s and the Microsoft teams. This I can share. Here are some highlights from the summit in pictures:

It was full of cool stickers starting off with one for the 2019 MVP Summit.

Here are a some of the core CDM MVPs in front of building 92 including Bob Cornelissen, John Joyner, Janaka Rangama, Jakob Svendsen, Sam Erskine, Cameron Fuller, Robert Hedblom, Dieter Wijckmans, and others.

Read more

5th Book Published! Azure Stack Book!

by

The latest book project I have be a part of has completed and recently published. Back in August in this blog post (https://www.buchatech.com/2017/08/azure-stack-book-coming-soon-training) I mentioned this book was on its way. It is a book about Azure Stack that was officially published on December 21, 2017 by Pearson publishing. This book release has been very exciting as it is a part of the Unleashed series and this one marks the 5th book I have published. Here is a screenshot of all 5 from my Amazon author page:

In total I have published 2 books on System Center Data Protection Manager, 2 books on System Center Service Manager, and now this book covering Microsoft’s Hybrid Cloud with Azure and Azure Stack. This book also comes at the right time as I recently made a transition to a new company (Avanade) with a new focus on Cloud (Azure/Azure Stack) and DevOps. 2018 and beyond look to be exciting times as I “Hit Refresh” on my career focus.

Books like this require a team effort. On this book I was honored to work with an expert team of authors. All of the authors are fellow Microsoft MVP’s. The other authors are: Kerrie Meyler,‎ Mark Scholman,‎ Jakob Gottlieb Svendsen,‎ Janaka Rangama. Me and the other authors are pictured below + a former Microsoft MVP Nirmal.

A part of the books team also included some members of the Azure Stack product group and Azure CAT team. We lucked out having Daniel Savage Principal PM Manager from the Azure Stack team write the foreword and Marc van Eijk Senior Program Manager from the Azure CAT team serve as our technical reviewer keeping us authors in line. 🙂

Each of us authors had so much to contribute and added much value across a variety of topics for Azure Stack. In this book I focused on bringing the readers into the cloud journey, showing the value of ITIL applied to cloud as well as the value of DevOps and then bringing ITIL and DevOps together applying them to Hybrid Cloud, took a deep dive into resource providers and management of Azure Stack through a CloudOps perspective.

Other topics covered in the book consist of preparing for Azure Stack deployments both with the development kit and integrated system, deep dive into the architecture of Azure Stack including the development kit and integrated system, data center integration with Azure Stack, configuring Azure Stack including delegation and for tenants, provisioning in Azure Stack, using OMS/DSC/VM extensions with Azure Stack, Customizing Azure Stack, automating in Azure Stack, and much more.

This book gives you the information you need around Azure Stack single and multi-node. It is a great place to start as you venture into the world of Microsoft Hybrid Cloud. The plan is to update this book as Microsoft continues to mature Azure Stack so this book will continue to be relevant.

Here is the book cover:

Here is the official description for the book:

“Microsoft Hybrid Cloud Unleashed brings together comprehensive and practical insights into hybrid cloud technologies, complete CloudOps and DevOps implementation strategies, and detailed guidance for deploying Microsoft Azure Stack in your environment.

Written by five Microsoft Cloud and Datacenter Management MVPs, this book is built on real-world scenarios and the authors’ extraordinary hands-on experiences as early adopters. Step by step, the authors help you integrate your optimal mix of private and public cloud, with a unified management experience that lets you move workloads at will, achieving unprecedented flexibility.

The authors also guide you through all aspects of building your own secure, high-performance hybrid cloud infrastructure. You’ll discover how Azure Stack enables you to run data centers with the same scalability, redundancy, and reliability as Microsoft’s Azure data centers; how to integrate Azure infrastructure and platform services with internal operations; and how to manage crucial external dependencies. The book concludes with a deep dive into automating and customizing Azure Stack for maximum reliability, productivity, and cost savings.

Detailed information on how to

  •     Run a private/hybrid cloud on your hardware in your data center, using APIs and code identical to public Azure
  •     Apply ITIL and DevOps lifecycles to your hybrid cloud implementation
  •     Gain a deep understanding of Azure Stack architecture, components, and internals
  •     Install and configure Azure Stack and master the Azure Stack Portal
  •     Integrate and utilize infrastructure, core, and custom resource providers
  •     Effectively provision, secure, and manage tenants
  •     Manage, monitor, troubleshoot, and back up Azure Stack with CloudOps
  •     Automate resource provisioning with PowerShell, the Azure CLI, templates, and Azure Stack’s API
  •     Write your own Azure Resource Manager templates
  •     Centrally automate cloud management and complex tasks connected to external systems
  •     Develop customized, production-ready Azure Stack marketplace items”

Here is a link to the book:

https://www.amazon.com/Microsoft-Hybrid-Cloud-Unleashed-Azure/dp/0672338505

Happy Azure Stacking!

Read more

Backup Strategy should include Security

by

Planning for protection as a part of an IT Service Continuity plan often takes into consideration backup of applications and data as well as restore. But what about security?

When planning for protection of applications and data in your environment security should right up there in the forefront. “Backup Security” should be a key part of the plan.

Security in the context of backup can be thought of #1 as securing the backups, and #2 backups being used as an added measure for security breach mitigation. Let me break this down further.

In regards to securing backups you want to do things like encrypt backup data as it travels offsite, encrypting backup data at rest, being able to protect encrypted data, requiring security pins or further authentication of admins and more.

In regards to backup as an added measure for security backup becomes a direct part of Security planning in organizations. Sometimes when security measures fail backups are the only thing that can save you as a last resort. Backups are commonly becoming a way to recover from ransomware attacks as an alternative to paying the hackers. Here is a real world example.

Recently an unnamed hosting providers entire data center became hostage to a ransomware attack. This hacker got in due to a mistake of one of the system admins (more on how to protect at this level later) and basically had full domain admin rights to everything. Keep in mind majority of the servers in this scenario are for customers.

In this case the hosting provider had two choices. Option #1 go to the dark web via a tor network and pay a ton of money in bitcoin for the decryption key. Option #2 Restore everything from offsite backups and pray.

This hosting provider went for option #2 and thank goodness it worked. In this case if it weren’t for a solid offsite backup solution this hosting provider would have been up a creek without a paddle.

It is becoming more common that ransomeware will actually target backups because these are a high target and hackers understand this is a last resort for companies to save themselves. If the backups are deleted there is no other choice but to pay the ransom. This raises the security level of the backups. Administrative actions on backups need an extra layer of security.

Microsoft Business Continuity products help with not only protection but also security. These products consist of System Centers Data Protection Manager (DPM) and Operations Management Suites Azure Backup (AB) and Azure Site Recovery (ASR). In this post I am only going to touch on DPM and AB.

Some exciting things have been happening with Azure Backup and Data Protection Manager to ensure security is front and center as a part of your enterprise backup solution. Microsoft’s goal with the backup security is to provide prevention, alerting, and recovery.

More about this including a video can be found here:
https://azure.microsoft.com/en-us/blog/azure-backup-security-feature

Just yesterday DPM update rollup 12 for 2012 and update rollup 2 for 2016 was announced. Along with UR2 comes some enhanced security features for DPM. These will be called out later in this blog post. Microsoft has rolled out some great security features to both across hybrid clouds. I will go ahead and break these down.

– Azure Backup –

Encrypted backup data at rest
Described in DPM section.

Security PIN
With Azure Backup you can require a security pin for sensitive operations such as removing protection, deleting data, or changing other settings in Azure Backup itself such as changing a Passphrase.

Azure Backup also has some other security measures in place like a minimum retention range to ensure a certain amount of backup data is always available and notifications upon critical operations to subscription admins or others as specified.

NOTE: These security features are now also available in DPM with the UR’s (UR 12 for 2012 and UR2 for 2016) announced yesterday. When an administrator changes the passphrase, or delete backup data, you need to enter the PIN if you have Enhanced Security Enabled. Also, there is a minimum retention range of 14 days for cloud protected data that is deleted.

MFA
MFA is Multi-Factor Authentication. Microsoft has MFA available as a part of Azure Active Directory. Within Azure Backup you can configure it to require MFA of admins when performing critical operations. By enabling MFA you would then ensure via authentication from a second device usually physical to the user that they are who they say they are.

NOTE: When you enable security settings they cannot be disabled.

Ransomware attacks
Described in DPM section.

– Data Protection Manager –

Backup data encrypted during offsite transfer
When data is sent from DPM to Azure Backup it is encrypted before it even leaves your four walls. Data is encrypted on the on-premises server/client/SCDPM machine using AES256 and the data is sent over a secure HTTPS link.

Encrypted backup data at rest
Once backup data is on Azure it is encrypted at rest. Microsoft does not decrypt the backup data at any point. The customer is the only one with the encryption key that can decrypt the backup data. If this key is lost not even Microsoft can decrypt your backup data. This is very secure.

Protection and recovery of encrypted computers
The release of Hyper-V on Windows Server 2016 included a new feature known as Shielded virtual machines (VM’s). This feature essentially utilizes Virtual Trusted Platform Module (vTPM) technology and BitLocker to encrypt a VM to encrypt virtual machines at the virtual layer. This means if a VM is physically copied off a Hyper-V host whoever has the VM will not be able to get to the data on the virtual hard drive.

With the release of DPM 2016 it supports protecting Shielded VM’s. DPM can protect Shielded VM’s regardless if they are VHD or VHDX. This is great news because as a secure organization you should want to encrypt your virtual machines and DPM can protect them. This gives you an added layer of security on top of having backups.

Ransomware attacks
In today’s world ransomware attacks are a common thing. These type of attacks are targeted at small, medium, and large enterprise businesses. No company is too small or too big to be put in the crosshairs of ransomware attacks. A well-known attack is Cryptolocker.

As mentioned before in this blog post backups are an alternative to paying the ransom of a ransomware attack. They key here is to ensure you have a solid offsite backup in place such as Azure Backup. Having that offsite backup will ensure you can get your data back even if the ransomware attack get ahold of your onsite backup data.

I even go as far as to recommend sticking to the 3-2-1 rule (3 copies of backup data 2 offsite and 1 onsite). This way if something happens to one of your offsite copies of data you have another one. It may seem overkill to have 2 offsite copies but you would be surprised how often offsite backup data is accidently destroyed.

So there you have it. Security is a critical part of any backup solution. It is clear that Microsoft realizes this based on the security enhancements they have made to both Azure Backup and Data Protection Manager 2016. Their goal is to ensure both backup solutions are enterprise ready. I have been working with DPM for years and Azure Backup as soon as it came out. I know the team behind these products have a lot of new features and functionality planned for the future of these products and I am looking forward to it.

Read more