Everything You Need to Know About Azure Infrastructure – January 2020 Edition
I have trouble believing that it is February already. I also have trouble believing that the San Francisco 49ers threw (or allowed Patrick Mahomes to throw) away a 10-point lead in the 4th quarter at the Superbowl, but I should put my personal problems aside. We are now in the second month of 2020 and there’s always lots to cover.
Last month I kind of wrapped up 2019. But this month I want to look forward. While I would love to talk about things that I might or might know about, such a violation of my non-disclosure agreement would get me in trouble with Redmond. So instead, I want to talk about what I think we IT pros need to learn about in 2020 to stay relevant.
As usual, you will find all my wrap-up stuff from the last month below. There’s no big “you must read this” item from the Microsoft announcements – that’s why I’m not digging deeper into any of them.
What Azure Stuff I Think You Need to Learn in 2020
When I worked in on-premises tech, I was always trying to learn more. In The Cloud, you have no choice; the tech is always changing, always being tweaked, or even always being replaced by vendors. And that is also true of Microsoft Azure, in particular. I’ve spent most of the last 12 months working in Azure networking, security, and governance, with as much of it done “by code” using JSON templates. That project has expanded over time with new skills being added, some who joined us organically, and some who I and my original project colleague asked for. That work has lead me to realize that there’s more for me, and other IT pros like me, to learn and 2020 looks like the time to learn them.
Say Goodbye to Traditional PC Lifecycle Management
Traditional IT tools, including Microsoft SCCM, Ghost Solution Suite, and KACE, often require considerable custom configurations by T3 technicians (an expensive and often elusive IT resource) to enable management of a hybrid onsite + remote workforce. In many cases, even with the best resources, organizations are finding that these on-premise tools simply cannot support remote endpoints consistently and reliably due to infrastructure limitations.
Azure Kubernetes Service (AKS)
Yes, it’s the year of the container!!! No, just kidding! But it is amazing how many large organizations consider AKS to be the preferred platform for service development. That platform needs to be deployed, secured, and connected to other assets of the organization. We IT pros might not know how to code, but we will be asked to help with the infrastructural and operational sides of things.
For the extra point, throw API Management in here. APIM is an important resource for sharing application features with internal or external “customers” or partners.
Microsoft owns two DevOps platforms, one that they paid $7.5 billion (in stock) for with tens of millions of users, and one that they developed internally.
As I said earlier, I have been doing lots of JSON work in Azure. That’s “infrastructure as code” and that code needs to be managed. My colleague, fellow MVP Damian Flynn, insisted correctly that we use Azure DevOps as a way to share our code, collaborate, and to peer review our work. Over time, we’ve added more DevOps skills and expanded how we use DevOps, using the backlog, boards, and pipelines.
In dealing with large organizations, we’re seeing the third wave of customers who are choosing to use Azure as a platform only for newly developed systems that are managed entirely through DevOps. Production systems are read-only (with a break-glass role) and all resources and code must be delivered from a code repo through a pipeline into production – think of it as group policy or desired state for the entire application.
When you see it in action, it’s awesome, and you realize the true power of The Cloud. I’m convinced that DevOps/GitHub is a necessary skill for IT pros now. But which to learn? One has advanced pipelines and (SCRUM-style) project management, one has 7.5 billion reasons for Microsoft to focus on it. Hmm!
The first tech that I mentioned is a platform for future development. The second is a technology for rapid development and continuous delivery of services. You can see the value of both to the business. The third is about creating pretty charts.
If you’re like me, you have lots of monitoring going on inside of Azure. I am a monitoring hoarder – I rather have the information and not use it, than need the information and not have it. And to be honest, having some of that information has proven to be useful months after I decided to gather it. If that information is sitting in an Azure Log Analytics Workspace (Azure Monitor Logs) then, for most people, it might as well not be there. The Kusto Query Language (KQL) is not a natural language and is not for the faint-hearted. In fact, some of the table schemas are a nightmare and require lots of parsing to get real information out of them. You can save queries, but that still gives you an ugly text report that requires some understanding of the results to turn into pretty pictures.
I know from experience that a pretty picture sells. What really impacts management about an IT service/architecture is seeing pretty pictures that simplify understanding how IT is working. If you want to do that, then use technology such as Azure Workbooks. You can use KQL queries in a template format and share those formats with Azure “users” so they can understand how the services that they are working with, or paying for, are performing. The value is hidden, but it is significant.
Other Announcements from Microsoft
Here are other Azure IaaS headlines from the past month:
- Service-aided subnet configuration for managed instance in Azure SQL Database is now available
- Azure Cost Management 2019 year in review
- Azure is now certified for the ISO/IEC 27701 privacy standard
- Learning from cryptocurrency mining attack scripts on Linux
- New Azure blueprint for CIS Benchmark
- Assess your servers with a CSV import into Azure Migrate
- Azure Cost Management updates – January 2020
- 10 recommendations for cloud privacy and security with Ponemon research
- Update Rollup 43 for Azure Site Recovery
- Private Link for Azure Database for PostgreSQL single server now in preview
- Private Link for Azure Database for MySQL is now in preview
- Private Link for Azure Database for MariaDB is now in preview
- Azure Storage Blobs User Delegation SAS Tokens now generally available
- New support for Network Security Group flow logs, a feature of Azure Network Watcher
- Updating hardware generation in managed instance now available in Azure portal
- Azure Backup – Soft delete for SQL Server in Azure VM and SAP HANA
- Azure Lighthouse: New features are now generally available
- Upgrade to new solution for Azure Monitor for virtual machines
- Azure Site Recovery now supports customer-managed keys
- Azure Backup now supports selective disk backup and restore using Azure Virtual machine backup solution
And Now for Something Different
Now that you’ve finished all those Windows 7, Windows Server 2008/R2 and SQL Server migrations, you have some time to sit back and learn tech for the next generation of IT in your career. This investment in yourself will pay off – it repeatedly has for me. But here’s the thing, you do not have to pay Microsoft $2,500 (plus more in expenses) to attend Microsoft Ignite in New Orleans this September. There are other great ways to learn.
Start off with free or trial subscriptions to your cloud service of choice. Azure has a free subscription option – it requires a credit card only to validate you.
Next, find some free online training. There is plenty of free online content to read. Microsoft runs a site called Learn that has plenty of small labs you can run. An official YouTube channel, unfortunately, called WindowsAzure, has lots of content on it – skip the glossy marketing fluff and look for videos where you can see two people talking tech. Now you might be ready to tackle the official Azure documentation. If you want paid-for content, consider LinkedIn Learning, Pluralsight, and other similar providers – watch out for free periods or sample content to evaluate the providers first. Don’t forget to supplement any online content with independent blogs that can correct mistakes or fill in gaps. My tip of the day is that you always check the publication date of content because “what is correct” can change from month to month.
Attending events is a great way to learn from others who are also out there learning and sharing their knowledge. I started out that way in a small online forum that had a great community that has since disbanded. Tech forums today, such as MSDN, are all too distant, unfriendly, and far too full of unhelpful people. But local community events, which are typically free or ask only for a small charge to cover costs, are full of people from the area who want to learn and share. Look for one that has a regular change of content and isn’t run by one company trying to shove their brand down your throat. Over time, you might notice your role in these events change from the quiet consumer at the back to a contributor as you start to learn, gain experience, and know other things that others have not learned yet.
Now you might be ready for a professional tech-focused conference. Here you will find well-known experts who have fought the bloody battles on your behalf and want to tell you how to avoid those sword swings and bullets. There are lots of these events, that range from low- to mid-cost running all around the world.
Then, you might be ready for Microsoft Ignite. Ignite is huge. It’s eye-opening. It’s a great way to learn about future announcements, but it’s not really a learning event anymore – that all ended when Microsoft greatly reduced the number of external speakers to focus on “the message” of the year. But for those of you who have become specialists in an area, it is a great way to get ready for what is coming in the following year.
And now … it’s time for you to start planning how to migrate from all that legacy 2016 tech you have running!