Real Life Based – My personal story on “Cattle vs Pets” and how it relates to DevOps / Automation

Introduction

Today’s post is about a story many people have probably heard me telling “in real life”… Where with this I took the opportunity to finally publish it on this blog. 😉 In our DevOps literature we have often used the concept of “Pets versus Cattle” to indicate why go for DevOps. Though in my humble opinion, the focus has always been around tactical and sometimes even framed a bit too harsh. So with this, I hope you enjoy to read my personal version on it!

 

Real Life Based

Something that not all people might now, but I actually live in… what I sometimes unrespect fully coin … “The Middle of Nowhere”. This being that I life in a more rural municipality in Belgian terms. Where I actually recently moved in the same municipality, my previous residence was actually next to “a farmer”. And to be more precise, a dairy farmer with several hundred cows. His family was hard working 7 days out of the week. Lovely folks too, every time being greeted with awesome hospitality.

Our family itself has also never been a stranger to animals. As we have two mini pigs, two rabbits, three cats … and probably provide food for the entire region worth of birds. The thing that always struck me, was that both of our families loved our animals very much so! Though we both catered to their needs in a different manner. Our were pets… and we had the luxury to spend more time (budget even…) per animal itself. Though that did not mean that our farmer neighbors did not care about their animals. Though let us be honest, with several hundred of cows, you needed to spend your time wisely. Though the animals did not fell short of anything. At the end of they, they were also providing the living hood for this family.

 

The Difference

As you can already notice, the difference in volume of animals requires a different approach. At the end of the day, they require LOTs of automation to keep everything operational. This goes from preparing food, to feeding, to cleaning, to milking, … to ventilation, to rotating shifts on the fields, etc, etc. Almost everything, except from how little cows come into the world 😉 … was being automated.

Currently I am in the IT industry for more than 20 years already. When I started out we had a mainframe with direct cables to the terminals. The world evolved, and we got physical wintel alike servers… Desktops / workstations surfaced at the desks of everyone in the company. After a while those physical servers got virtualized, and server applications went from a monolith to three tier architecture. After which containers popped up, and also brought microservices to life.

At the end of the day… we went from a technology landscape with a modest amount of machinery… to an overly complex one with A LOT of cogwheels that need to keep on turning!

 

Automation

Now let us translate this one for the typical enterprises. Each and every one out there has gone through the same evolutions. Some at a different pace then others… Though we can all say that our IT landscapes have become very complex, and have a lot of cogwheels turning. At that point, one cannot do things with the same manual care! This is the point where automation has become a necessity.

In my role I have encountered organizations, who are maintaining multiple thousands of servers… and who still do their upgrade process pretty much manually. They typically counter that they have automated installs in place, though they must admit that the lifecycle to go through this is still pretty much manual. One of those organizations, has at least two FTEs continuously upgrading their machinery, and where they always lag about two majors versions behind on their OS. Simply cause they cannot keep up… And if you discuss deep down with them, they realize that their issue is not increasing on automation. Which in turn, does not help them with creating the value that would be needed for their organization!

 

Devops?

So what about DevOps? DevOps for me has always been around the automation. How can you increase the throughput of things? How can we drive that lap faster? How can we detect (and fix) errors faster?

And in doing so, I do not even want to discuss the technologies that can enable you here, or what implementations can help. At the end of the day, whatever technology choices you make, it is evolving around increasing the efficiency. About 10 years ago, I presented a session at Experts Live on End-to-End automation. It included the following visualization ;

See it more as an inspirational roadmap… and now think this is about 10 years old… How far is your organization along on this? As I personally cannot fathom that people still want to reside on manual actions. They are slow and error prone, and we have the tools now to do these things quite “easily”. I know… things are never easy in IT. Though trust me when I say, that in 2005, when we did the above with shell scripts and without any off the shelve tooling, it was really hard. Though at that time, the organization I worked in (a manufacturing organization) already heavily relied on automation to increase our efficiency when refactoring away from mainframe and onto our custom built ERP.

 

Closing

As always, I hope these posts help you in your daily life… That it provides insights & value. My personal opinion is that in IT we should look towards near full automation. The technology stacks are enabling us in that direction, and we should not accept the drawbacks of manual actions anymore.

When you are thinking that you are able to do so. Also start thinking why you have not already? Why are you being limited here? Focus on removing those barriers. As in a lot of cases, it is cargo cult that is blocking you here.

Azure DevOps – Automatic user provisioning via Azure Active Directory

Introduction

When managing any IT infrastructure, you want to rely on as much automation as possible. As you probably know, you can integrate Azure DevOps with Azure Active Directory. The next step would be to ensure that you do not need to do any manual tasks in terms of adding/removing users from Azure DevOps. Which is something you can do with Group Rules. So for today, let us go through a brief setup of how we can achieve that all users from a given Azure Active Directory (AAD) group get automatically added upon login to a given access level in Azure DevOps.

What are we going to do?

The thing we want to achieve it the following outcome ;

A user got added by a group rule and not “Direct”-ly (manual). We want to choose which access level this user gets by default too.

Continue reading “Azure DevOps – Automatic user provisioning via Azure Active Directory” →

Anonymizing data with Presidio on Azure

Introduction

Earlier this week Laure showed me an awesome SDK that provides context aware, pluggable and customizable data protection and anonymization for text and images. Which is called ; Presidio! Where this has proven to be very useful for a use case we were working on. In today’s post, we’ll take a look how you can leverage both App Service and Logic Apps to build your own demo with Presidio. Though if you want to test things straight away, do check the demo website as maintained by the Presidio team themselves ; https://presidio-demo.azurewebsites.net/.

 

What does it do?

In essence, there are two steps involved ;

• Analyzing ; Where an NLP trained model will go look for sensitive data and provide a list of locations where it found those.
• Anonymization ; Where the list of locations is then used to filter out / mask sensitive information.

To get to a result where you can ensure that sensitive data like credit card numbers, locations, names, SSN numbers, bitcoin wallets, phone numbers, financial data, etc can be kept confidential. Which you can see on the following example.

Continue reading “Anonymizing data with Presidio on Azure” →

Taking a glance at running an Azure Webapp on a custom location powered by Azure Arc

Introduction

Earlier this week I published the following repository ; https://github.com/beluxappdev/demo-arc-appservice. Which basically contains all the needed steps (via Azure CLI) to create an environment that showcases how Azure AppService and Azure Arc work together. For today’s blog post, I would like to take you on the journey from a “consumer” of this App Service Environment (running on any Kubernetes distribution, managed via Arc) to deploy a Webapp onto it. Where we can then see how the it is currently looking in the preview!

 

Let us make it real! The platform…

Continue reading “Taking a glance at running an Azure Webapp on a custom location powered by Azure Arc” →

Developer onboarding experience with CodeSpaces

Introduction

The project needs to increase velocity and a new developer arrives in the team. Now is typically the time where all chaos begins, as this person needs to be onboarded with the full toolchain linked to the project. Sound familiar? It does to me at least. Which is one of the reasons why I love CodeSpaces! Here you can have a development environment for VS Code full configured, which can then be leveraged in a cloud hosted manner. Even with having a secure connection to your locally installed VS Code. Sounds too good to be true? Let us take a look at the step-by-step experience of onboarding a new developer!

 

Resources

In today’s post, we’ll be using some resources to get us started…

• Template repository with a starter .NET Core development environment for Codespaces, including basic system tools / extensions (like Functions, Copilot, etc)
• GitHub CodeSpaces
• GitHub Co-Pilot

 

Step-by-Step Experience

Continue reading “Developer onboarding experience with CodeSpaces” →

Azure API Management – What are my networking options?

Introduction

A very common discussion to have with enterprises around Azure API Management (“APIM”) is the aspect of network integration. At the end of the day, the response to that is very simple… Only the developer & premium SKU allow VNET integration. The integration is achieved by doing “injection”, which means that the service is “dedicated” to you and “the machines” are placed directly in your VNET. Azure APIM does not leverage private link (yet?)… Which then opens the next discussion, as the premium SKU is about 3,42 Euro per hour, where the basic SKU floats at about 20 Eurocent per hour. At this point, for most organizations, the cost impact will take priority over the most optimal design. Where today’s post will take a look at the various options at hand.

Update (March 2022)

Since the initial post, the ability to leverage private endpoints have been made available ; https://docs.microsoft.com/en-us/azure/api-management/private-endpoint. This concept will probably be more interesting to you than the approaches mentioned in this post!

Flavors / Tiers

When taking a look at the pricing info, you will notice there are multiple flavors you can choose from ;

• The consumption tier is the one where you are charged for the amount of calls you make. It is an awesome model in terms of linking your business outcome to the cost model at hand. The downside is, that is does not offer a developer portal or any typical enterprise features (like VNET integration or a self-hosted gateway).
• The basic and standard tiers are economic tiers at both about 45 and 130 Euros per month. They do include a developer portal.
• The developer and premium tiers are the ones typically picked by enterprises due to their VNET integration, HA/DR options (for Premium) and the self-hosted gateway.

Continue reading “Azure API Management – What are my networking options?” →

Visual Studio Licensing Explained

Introduction

The objective behind today’s post, is to serve as an overview for all those who want to learn more on Visual Studio Licensing. In my role as a Specialist in the field, I have gotten a wide range of questions on the subject. These range from license specific exceptions, towards benefits and ending up in full range license optimization exercises.

 

Visual Studio Editions

In terms of Visual Studio, there are currently four editions used ;

• Visual Studio Code
• Visual Studio Community
• Visual Studio Professional
• Visual Studio Enterprise

Where Visual Studio Code and Visual Studio Community are free, they do differ quite from the others. Where we will go into the detail of those in more detail individually. To get a full feature comparison between Community, Professional & Enterprise, do check out this page ; https://visualstudio.microsoft.com/vs/compare/

 

Product Terms

Looking for the product terms? You can find them here ; https://www.microsoft.com/licensing/terms/productoffering/VisualStudioSubscriptions/EAEAS

Continue reading “Visual Studio Licensing Explained” →

Azure DevOps Governance 101 – How does Identity, Billing and Service Endpoints intertwine?

Introduction

A common discussion I have had in my role is around the “billing structure” of Azure DevOps. Though the discussion typically spreads out to other topics like identity and service connections for deployment. In today’s post, we’ll go over the general governance structure behind Azure DevOps.

 

High Level Structure

For this, let us start with a complex drawing! 😉

 

As a bit of an introduction ;

• Azure Active Directory is a component used for identity on both the Azure DevOps side (organization level), Azure Subscription and on the contract level for Role Based Access Control (RBAC).
• Azure DevOps has the concept of an organization, which can hold multiple projects. The billing & identity part reside on organizational level (marked in red). Where the service connections for deployment (pipelines) resides on project level (marked in green).
  
• There can only be one AAD linked to an Azure DevOps subscription. Though you can invite users from another AAD tenant via a typical B2B invite. Thus granting access to users outside of the AAD tenant linked to that organization.
• There can only be one Azure subscription linked for billing. Though you can have multiple Azure subscriptions linked as service connections for deployment.
• Multiple Azure DevOps organizations can use the same Azure subscription for billing. This will even allow the scenario of multi org billing.

So far for the basics… Let us now delve deeper into various topics.

Continue reading “Azure DevOps Governance 101 – How does Identity, Billing and Service Endpoints intertwine?” →

How to reverse engineer 3rd party mobile API calls with Postman

Introduction

Long story short… I have a heat pump that I can control via an app. At the end of the day, there is no official documentation on how I can directly (without the app) communicate to my heat pump. So I embarked on a journey to reverse engineer the API connectivity and see how I could tweak this. For those curious, my end goal I have in mind is to align the heat pump to the production of my solar installation. Or just call me a technical nutcase, that also works. 😉

 

Setup

For today’s post, I will show you how you can combine the native proxy function of your iOS device to route to Postman. Where you can then start tracing the API calls made by a native mobile application. Makes sense so far? Cool! Let’s get to it!

Continue reading “How to reverse engineer 3rd party mobile API calls with Postman” →

Moving an existing CosmosDB database/collection to CosmosDB Serverless when using MongoDB

Introduction

If we go several years back, I already leveraged the instant scaling of CosmosDB… Recently a new plan has been introduced to cover this behavior, being the Consumption Based / Serverless option! For a new project I immediately started using this one, and I am very happy about it. Where I came to a point where I said to myself, let us migrate the other databases (where fit) to this option too. For today’s post, I will go into the differences I noticed… and hopefully save you some time looking up things. 😉 Though be aware that I have been leveraging the MongoDB API/endpoint.

Continue reading “Moving an existing CosmosDB database/collection to CosmosDB Serverless when using MongoDB” →