What is a Proximity Placement Group?

When you have a larger Virtual Machine architecture it is important to ensure they are located as close as possible. This will ensure the effective communication between resources by reducing the latency between the two VMs.

You can simply start creating a Proximity Placement Group on Azure via the portal.

Currently only India Central does not have support for creating Proximity Placement Groups.

Once the Proximity Placement Group is created, you can add Virtual Machines to it. When you go to the Advance tab of your new VM creation wizard, you can see an option for selecting the Proximity Placement Group.

.NET Code for Obtaining an Azure AD Bearer Token

Source: Azure Blog

Azure AD provides great ways to connect applications and worker roles so that they can be secured to outside while easily communicated with inside. Service principles are a great way to ensure the applications within the same subscription are communicating security. But you can claim a security token and communicate with the other applications that are hosted internally.

For example, imagine you have a publicly exposed API that gets you some data output. Now you need to secure the API such that only applications authorized via Azure AD is granted with data access.

You can simply secure this with the [Authorize] tag at either controller or the output HTTP method level. Also on the Api end, at the Startup.cs file's ConfigureService method you need to add Azure AD authorization with the following code.

AKS with Confidential Computing. WHAAAT?

A lot of you might not know what confidential computing is. Yes, even I did not till a few weeks back when Microsoft introduced it for Azure Kubernetes. Confidential Computing Consortium is a community with contributions from leaders in the information technology industry. 

So what is really confidential computing?

At the storage level, data are secured by encrypting them. When you are transferring data, they can be encrypted by using secured channels and other protocols. But when an application actually uses your data, they are decrypted. 

Azure Key Vault and App Configuration Together

Azure App Configuration provides a great set of options for the people who would like to store the configuration on cloud and manage through a central location. On the other hand, Azure Key Vault is a service that lets you manage all your Secrets, Keys and Certificates. There is a hint of both being connected, but for the time being they are working as two separate services. Connecting them would be great as it will help storing secured app configurations. 

This article focus on how the each service is available as of now. 

Think of an application that is hosted on Azure and distributed across multiple regions. If it is a large scale application, you may have divided different worker roles across the regions. Eg: An App Service along with a Database separate for the East US. Then another for Australia, while the load balancer and metadata information are geo replicated. 

Managing a simple Azure Container Registry

Azure Container Registry provides an excellent support for maintaining and distributing containers across multiple regions. But for this article, lets focus on a simpler container registry where my requirement is likely to host a few services on a Kubernetes Cluster. 

Publishing to Container Registry

You can simply use PowerShell. A sample code for uploading a local docker image to ACR can be done with the following command. 

First you need to login to Azure using az login command. Then,

az acr login -n <ContainerRegistryName>
docker tag <LocalImageName>:<LocalTag> <ACRName>.azurecr.io/<Repository>:<Tag>
docker push <ACRName>.azurecr.io/<Repository>:<Tag>

Serverless Apps with Azure Functions

Azure functions are getting updated and developed rapidly. The latest feature Microsoft has introduced to Azure function is to work with Serverless applications. Not all developers may like this. Some may fear or feel challenges when going Serverless. Azure functions can help them overcome these. 

• The Azure Functions premium plan, enables a whole new range of low latency and networking scenarios.
• PowerShell support in Azure Functions is on preview and it provides a way to tackle some difficult cloud automation scenarios.

Using Azure DevOps to collaborate Data Scientists and App Developers

What is your most favorite IDE? A developer can mention various of IDE’s. How about data scientist?

Normally, the Developers develop the code and data scientists train develop and train the model. Tools such as VSCode come in handy as easy to install and use. Many have many preferences so the chances are that it can be a choice of the developer or the development team. Usually the trained model is handed over to the app developer for integrating it and build the final application. There are times where the mismatches in compatibility can cost both the app developer and the model developer. The resulting friction between app developers and data scientists to identify and fix the root cause can be a slow, frustrating, and expensive process

We often here organizations including managers continuously talking about Artificial Intelligence. People like to find solutions that are integrated with AI. So as the developers have a development lifecycle, the data scientists follow a data science lifecycle. 

The lifecycle includes processes such as,

Data Ingestion --> Data Preparation --> Model Development --> Model Deployment

There can be many iterations of this lifecycle as there can be requirements for changing the data labels, removing anomalies, changes upon user feedback and timely decision changes and many more. 

Serverless with Azure Kubernetes Service

As I have said before, Kubernetes is the future and organizations are migrating to containers. That makes Azure a top choice in the industry. Even non container based solutions right now are planned with intentions to get into cloud in future. 

Speed, reliability and portability are among the main reasons for people to move to containers. Those qualities make virtual machines a less preferred option. Self healing reduces maintenance overlook needs.

DevOps Integration with GitHub and Azure

Customers need faster, yet reliable solutions. Developers would love to relax the weekends after doing a deployment. Both these did not happen together very often. As a result, various iterative development methodologies such as Agile and Scrum are introduced. DevOps is the latest explanation introduced by Microsoft for such organizations where the team of developers and the requirement holders are connected very efficiently.

Microsoft made GitHub a friend by acquiring GitHub rather than sticking only with Visual Studio Teams services. Thanks to that decision, over 10,000 open source projects are handled with the support of both GitHub and Azure DevOps TOGETHER.

Visual interface for Azure Machine Learning Service

Microsoft has been great with interfaces for visualizing workflows. SharePoint has it, Microsoft Flow has it and many other services including Logic Apps has it. The preview for the Azure ML visual interface was announced during Microsoft Build. 

Not only visualizing and understanding, drag and drop helps ease the processes of testing and deploying ML models as well. Nothing helps more than a visual diagram for a developer to understand the logic of, may be his own work sometime later. 

Source: Azure Blog

MS Flow Options for Azure DevOps

Microsoft Flow is in the Microsoft's business application platform to work on IFTT basis. It has many connectors and Azure DevOps triggers have been added recently along with some of them being on preview.

Firstly, lets look at the triggers.

As it can be seen, the build completion, work item actions (creation, update, assigning and closing) as well as code actions are included for checkins. One question that may raise is why use Flow over inbuilt options on Azure DevOps when build happens? Both has their good and bad. With Flow, you get the ability to connect to many other platforms. Name it a OneDrive document, Tweet, email or any what you like. 

Azure DevOps Data in PowerBI

Recently I was able to tryout the Azure DevOps connector for PowerBI and visualize some crazy charts to see the work in progress for one of the organizations. It is still at Beta stage but looks solid with the way how it behaves.

You can simply search and find it on the connector search when you go to Get Data button and click on the More option down.

Azure Service Health Dashboard

Azure Service Health provides information on the Azure Service issues, health alerts and scheduled maintenance.

This is different and more user friendly than the Global Azure Status page which can be accessed from here. 

New 'Basic' Process for Azure DevOps

By default Azure DevOps supported Agile, Scrum and CMMI. If you know atleast one of these, that works a lot better for your task management with sprints. What would happen if you are a newbie? If you do not know any of these?

Luckily, Azure DevOps Team has thought about them too. Now it allows you to select 'Basic' as the work item process type.

AKS Cluster Autoscaler is now on Preview

Cluster autoscaler (CA) is designed to manage the resource demand when the resource demand changes. CA does a good job on scaling up and down the cluster when in need as the resource demand increases due to any issues or actual demand as well as when they can be set to idle and save the resources.

• CA will periodically check the pending pods or empty nodes for increasing the size of the AKS cluster. If possible, it will increase. 
• This happens so fast, it will keep scanning the pending pods for every 10 seconds. 
• It will remove the node if it is not needed for more than 10 minutes. 
• Horizontal Pod Autoscaler (HPA) will update pod replicas and resources when needed. (Need to use HPA with CA)
• If not enough or excess, CA will respond and act on it.