Category: Cloud

Azure 10 Birthday

A decade later: Microsoft Azure at ten – Interview on Nigel Frank

Microsoft Azure just celebrated its 10th birthday. I had the chance to be interview by Nigel Frank International about the last ten years, today and the future. Right for the 10th birthday of Microsoft Azure. you can read the full interview here, where Microsoft MVPs, Mark Scholman and Charbel Nemnom together with myself answer a couple of questions like:

  • Did you encounter any skepticism in the early days, surrounding both Azure and broader cloud technology?
  • In the ten years since Azure’s official launch, has the product evolved as you expected?
  • How does each of you view the influence Azure has had on the cloud technology industry?
  • Can you pinpoint any turning points over the last ten years when Azure stood out as something of a game-changer?
  • Finally, what would you like to see next from Microsoft Azure?

Originally titled Windows Azure upon its official launch in February 2010—a moniker that would change to Microsoft Azure some four years later—the cloud platform has changed the face of computing on a scale previously unimagined.

A decade on, the service has arguably developed beyond recognition, expanding and adapting at regular intervals to help businesses of all shapes and sizes. The freedom to build, deploy and manage applications on a global scale is just one consequence, with 95% of Fortune 500 companies putting their faith (and trust) in the product.

To mark the platform’s tenth birthday, we sat down with Azure Stack consultant Mark Scholman, Microsoft Senior Cloud Advocate Thomas Maurer, and Cloud Architect and ICT Security Expert Charbel Nemnom—three Microsoft MVPs who have used Azure in all of its guises on a daily basis—to talk about the journey so far and the future of cloud computing.

I am looking forward to the next ten years of Microsoft Azure, especially since I am now part of the Azure team. And if you want to learn more about Microsoft Azure, check out my blog post about learning Microsoft Azure in 2020!

  • Azure Architecture Center – The Azure Architecture Center contains guidance for building end-to-end solutions on Microsoft Azure. Here you will find reference architectures, best practices, design patterns, scenario guides, and reference implementations.
  • Cloud Adoption Framework – The Cloud Adoption Framework is the One Microsoft approach to cloud adoption in Azure, consolidating, and sharing best practices from Microsoft employees, partners, and customers. The framework gives customers a set of tools, guidance, and narratives that help shape technology, business, and people strategies for driving desired business outcomes during their adoption effort. This guidance aligns to the following phases of the cloud adoption lifecycle, like Strategy, Plan, Ready, Migrate, Innovate, Govern, and Manage.
  • Azure Migration Center – Get all the tools and resources you need to migrate your apps, data, and infrastructure at your own pace, with confidence.
  • Azure Architecture Framework – A successful cloud solution requires to focus on these five pillars of architecture excellence: Cost, DevOps, Resiliency, Scalability, and Security. The Azure Architecture Framework helps you to build on these pillars.
  • Azure Reference Architectures – The Reference Architectures are a set of recommended architectures for Azure. Each architecture includes best practices, prescriptive steps, and a deployable solution.
  • Architectural decision guides – The architectural decision guides in the Cloud Adoption Framework describe patterns and models that help when creating cloud governance design guidance.
  • Cloud Operating model – Establish an operating model for the cloud
  • Azure Hybrid – Learn about Azure Hybrid Cloud with features and services like Azure Stack, Azure Arc, and many more.
  • Azure Security – Learn about Azure and security
  • Azure compliance – Get an overview of compliance in Microsoft Azure, with more than 90 compliance offerings
  • Azure pricing – learn about how Azure pricing works and how you can save costs and get the best value at every stage of your cloud journey.

I hope you enjoy the interview. If you have any questions, let me know in the comments.



Speaking at Microsoft Ignite 2019

Speaking at Microsoft Ignite The Tour 2020 Copenhagen

My 5th Microsoft Ignite The Tour (MITT) stop after Shenzhen, London, Milan and Prague will be Microsoft Ignite The Tour in Copenhagen. Microsoft Ignite The Tour brings the very best of Microsoft Ignite to a city near you. The tour provides technical training led by Microsoft experts and your community. You’ll learn new ways to build solutions, migrate and manage infrastructure, and connect with local industry leaders and peers.

  • Date: February 24–25, 2020
  • Location: Bella Center, Copenhagen

Microsoft Ignite The Tour Copenhagen

Our industry-leading conference is hitting the road—and coming to a city near you. You don’t want to miss the very latest in cloud technologies and developer tools with guest speakers, industry experts, and more. Get on the list today!

I will be speaking in the Microsoft Ignite The Tour learning paths. I am thrilled to show you some cool stuff about PowerShell, Windows Server 2019, Windows Admin Center, Azure Arc, and much more! I will be presenting the following sessions:

MSI20 - Hybrid management technologies

Tailwind Traders has now migrated the majority of their server hosts from Windows Server 2008 R2 to Windows Server 2019. Now, they are interested in the Azure hybrid technologies that are readily available to them. In this session, learn how Tailwind Traders began using Windows Admin Center and Azure Arc to manage its fleet of Windows Server computers and integrated hybrid technologies, such as Azure File Sync, Azure Site Recovery, and Azure Update Management, to improve deployment performance and manageability.

MCO20 - Azure governance and management

Tailwind Traders’ deployments are occurring in an ad hoc manner, primarily driven by lack of protocol and unapproved decisions by various operators or employees. Some deployments even violate the organization’s compliance obligations, such as being deployed in an unencrypted manner without DR protection. After bringing their existing IaaS VM fleet under control, Tailwind Traders wants to ensure future deployments comply with policy and organizational requirements. In this session, walk through the processes and technologies that will keep Tailwind Traders’ deployments in good standing with the help of Azure Blueprints, Azure Policy, role-based access control (RBAC), and more.

By the way, if you are interested in taking a Microsoft certification exam for free, check out the following blog post: Free Microsoft Certification exam voucher at Microsoft Ignite The Tour 2020. We also offer free certification vouchers at Microsoft Ignite in Copenhagen.

I am looking forward to speaking at Microsoft Ignite The Tour (MITT) 2019-2020 in Copenhagen. Let me know in the comments if you are going too, and I hope to see you there!



Azure Locks - Governance

Prevent Azure Resources from unexpected deletion using Locks

In this blog post, we will have a quick look at the basics of Azure Governance and how you can use Locks in Azure to govern your environment and protect resources from accidental deletion or changes. Cloud Computing is excellent, and you can deploy and delete services in seconds and go full speed. However, with that, there are also many challenges that are coming your way. Think about control over cost, security, or compliance. You don’t want everyone to be able to deploy a large Mv2-series virtual machine to test their application, and you might also not want people deploying services all over the world using one of the 55 Azure regions worldwide. The way to prevent things like this is called technical governance. However, it can be implemented in different ways.

Technical Governance

Technical Governance

The traditional approach was that you set a team or a person in front of the cloud, which can be called a cloud custodian or cloud broker team. And this team then decided on which services are going to get deployed and how. Now with that approach, people and processes become the limiting factor if you look at speed and agility.

Traditional approach

Traditional approach

To take advantage of speed and agility of the cloud, you want to give developers, operations people, or even teams and divisions in your company, but stay in control of the cloud environment. With Azure, we provide you with exactly these management tools, to make sure that you can keep control, but also keep the speed and agility the cloud promises.

Cloud-Native Governance

Cloud-Native Governance

Azure Resource Manager offers a couple of different tools for Azure Governance like Management Groups, Azure Policies, Azure Blueprints, Cost Management, and many more. In this quick blog, we will have a look at one of the basics called Azure Locks, which are part of the foundation. If you need to get started with Azure and especially Azure Governance, I created a blog post with some useful links.

Lock resources to prevent unexpected changes and deletion of Azure resources

We all have been there, we wanted to clean up some resources quickly or quickly run a script which changes a couple of settings, and we realized we just made a huge mistake. That is why it is great to have some locks in place to prevent unexpected changes and deletion to happen. With locks in Azure, you can lock a subscription, resource group, or resource to prevent other users in your organization from accidentally deleting or modifying critical resources.

Lock Types

You can set the lock level to CanNotDelete or ReadOnly. In the portal, the locks are called Delete and Read-only, respectively.

  • CanNotDelete means authorized users can still read and modify a resource, but they can’t delete the resource.
  • ReadOnly means authorized users can read a resource, but they can’t delete or update the resource. Applying this lock is similar to restricting all authorized users to the permissions granted by the Reader role.

You can find more information about the lock types here.

Permissions to create or delete locks

You will need to have access to Microsoft.Authorization/* or Microsoft.Authorization/locks/* to create or delete locks. By default, only the build-in roles Owner and User Access Administrator have these permissions.

Locks apply restrictions across all users and roles and are be applied to different scopes. These scopes are subscription, resource groups, or resources, and all resources within that scope inherit the same lock. If you have multiple locks in place, the most restrictive lock in the inheritance is applied. If you want to know more about permissions to set locks, you can find more information here.

How to lock a resource group

As an example of how locks can work, I wanted to show you how you can lock a resource group. You can create and assign locks using different methods and tools like the Azure Portal, Azure CLI, Azure PowerShell, Azure Resource Manager templates, or the REST API.

In the portal open up your resource group, in the settings blade, you click on Locks.

Azure Locks

Azure Locks

After that, you can click on Add and configure the lock.

Add a lock to an Azure Resource Group

Add a lock to an Azure Resource Group

Now, if someone tries to delete this resource group, he will get the following error.

Azure Resource Group is locked and can't be deleted

Azure Resource Group is locked and can’t be deleted

You can also set the lock using PowerShell:

New-AzResourceLock -LockName LockMyVNET -LockLevel CanNotDelete -ResourceGroupName azure-rg

Or the Azure CLI:

az lock create --name LockMyVNET --lock-type CanNotDelete --resource-group azure-rg

If you want to learn more about Azure Governance and especially Azure Locks, check out the following link to Microsoft Docs:

I hope this gives you an understanding of locks in Azure if you have any questions, feel free to leave a comment.



Tom Microsoft HoloLens

One Year at Microsoft

Time went by so fast, that I almost missed that this is my one year work anniversary at Microsoft. I have to admit that this year went really fast. I got to work on a lot of exciting projects, had the opportunity to meet and work with insanely brilliant people, and was able to work on things I enjoy.

Since I am treating my blog kind of like my diary, I think this deserves a short blog post. I am currently back in Redmond for our annual Cloud Advocate Summit, and yes, it is the same time as the internal Microsoft Ready conference. I am a little jetlagged, and so I can use the early morning to write this blog. And that reminds me of my start in February 2019, where I also traveled to Redmond on my second day of work.

People often ask me, how are you doing? are you still happy with your decision? iI can only say yes, it was a great decision to join Microsoft, and I have no regrets leaving my old job. Not because I didn’t like my old job, I really did enjoy it. But after seven years working for the same company, it was time to take on a new challenge.

Another question is, what are your highlights? Well, there are too many to count and list them all but expect being part of an awesome team and working on the thing I enjoy, I have a couple of things I want to highlight. The first thing I want to share is it is insane how helpful everyone is, and I can’t remember how many times I got the words “tell me if I can help you”. Most importantly, I realized that these were not just words, but every one meant it. If I had questions or needed help, every single person was there to help. The second thing I want to highlight is how much I was able to learn. Working with so many clever and talented people helps to learn new things, get fresh perspectives, and new ways of achieving something. The company is also set up with this learn it all, versus know it all mentality.

Of course, there are also things you might don’t like that much, especially if you join a large corporation. However, since I was working with Microsoft before, I knew what I was getting into, and I knew what to expect.

One year after joining Microsoft, I want to say thank you to my team and my manager, who hired me and gave me this opportunity. I also want to thank people I worked with inside and outside of Microsoft as well as my girlfriend, who needs to deal with my travel schedule 😉 and supports me. I am also really looking forward to the time in front of us, and keep working with the Microsoft community.



Microsoft Ignite The Tour 2020

Speaking at Microsoft Ignite The Tour 2020 Prague

After my first three Microsoft Ignite The Tour (MITT) stops in Shenzhen, London, and Milan, I am happy and honored that my fourth stop of Microsoft Ignite The Tour will be in Prague. By the way, if you are interested in taking a Microsoft certification exam for free, check out the following blog post: Free Microsoft Certification exam voucher at Microsoft Ignite The Tour 2020. We also offer the free certification vouchers at Microsoft Ignite in Prague.

  • Date: February 24–25, 2020
  • Location: Prague Congress Centre

Microsoft Ignite The Tour Prague

Our industry-leading conference is hitting the road—and coming to a city near you. You don’t want to miss the very latest in cloud technologies and developer tools with guest speakers, industry experts, and more. Get on the list today!

I will be speaking in the Microsoft Ignite The Tour learning paths. I am thrilled to show you some cool stuff about PowerShell, Windows Server 2019, Windows Admin Center, Azure Arc, and much more! I will be presenting the following sessions:

MSI20 - Hybrid management technologies

Tailwind Traders has now migrated the majority of their server hosts from Windows Server 2008 R2 to Windows Server 2019. Now, they are interested in the Azure hybrid technologies that are readily available to them. In this session, learn how Tailwind Traders began using Windows Admin Center and Azure Arc to manage its fleet of Windows Server computers and integrated hybrid technologies, such as Azure File Sync, Azure Site Recovery, and Azure Update Management, to improve deployment performance and manageability.

MCO20 - Azure governance and management

Tailwind Traders’ deployments are occurring in an ad hoc manner, primarily driven by lack of protocol and unapproved decisions by various operators or employees. Some deployments even violate the organization’s compliance obligations, such as being deployed in an unencrypted manner without DR protection. After bringing their existing IaaS VM fleet under control, Tailwind Traders wants to ensure future deployments comply with policy and organizational requirements. In this session, walk through the processes and technologies that will keep Tailwind Traders’ deployments in good standing with the help of Azure Blueprints, Azure Policy, role-based access control (RBAC), and more.

I am looking forward to speaking at Microsoft Ignite The Tour (MITT) 2019-2020 in Prague. Let me know in the comments if you are going too, and I hope to see you there!



MCT Microsoft Certified Trainer 2020

MCT Microsoft Certified Trainer 2020

I am happy to let you know that I just got the confirmation that I requalified as a Microsoft Certified Trainer (MCT) in 2020. After being a Microsoft Certified Trainer in 2017 and in 2019, I am happy to be part of this community again. Being an MCT again is a great honor and I am happy to be part of this community, even I am now working for Microsoft.

Microsoft Certified Trainers (MCTs) are the premier technical and instructional experts in Microsoft technologies. Join this exclusive group of worldwide Microsoft technical training professionals and reap the benefits of MCT training certification and membership. You will get exclusive benefits as an MCT including access to the complete library of official Microsoft training and certification products, substantial discounts on exams, books, and Microsoft products. In addition, you will be able to use Microsoft readiness resources to help you enhance your training career and engage with other MCT members in an online community forum. You will also receive invitations to exclusive Microsoft and local MCT community events.

Microsoft Certified Trainer MCT 2020-2021

Microsoft Certified Trainer MCT 2020-2021

If you want to know more about the Microsoft Certified Trainer (MCT) program, you can have a look at the following resources and pages:

If you want to know more about the latest Azure Certification and exams like AZ-103, AZ-30X or AZ-900, check out my blog posts.

You can find a general overview of the new Azure Certifications here. If you have any questions, please let me know in the comments.



How to Reduce the Costs of your Azure IaaS VMs

How to Reduce the Costs of your Azure IaaS VMs

Azure Infrastructure-as-a-service (IaaS) offers significant benefits over traditional virtualization. With benefits like the possibility to quickly spin up a couple of virtual machine in any Azure region around the world whenever you need it, is pretty powerful. There are a lot more benefits to Azure IaaS virtual machines. However, that’s not part of this blog. This blog post is focused on helping you saving money by reducing the costs when you are using Azure IaaS virtual machines (VM). Some of the tips here will help everyone out there, some of the tips

Pick the right Azure VM series and the right Azure VM size

Reduce cost by picking the right Azure VM size

Reduce cost by picking the right Azure VM size

First of all, obviously, you pay more for larger virtual machines. Something I realized by working with a lot of customers is that they take the on-premises VM size and use the equivalent size in Azure. Not realizing that the VM size they had was way to oversized. But since they had the static capacity on-prem, they didn’t’ care. Now when you pay for more capacity in the cloud, the story is different. So make sure you realize that the Azure VM sizes are not oversized. You can still change the size later to a larger virtual machine if needed. And if you are looking at tools like Azure Migrate to migrate your existing VMs to Azure IaaS, you will have some additional advantages. Azure Migrate asses your environment and helps you pick the right Azure VM size depending on performance data history. Azure Migrate works with Hyper-V and VMware virtual machines, if you want to know more about Azure Migrate, check out my blog post. If you are already running the virtual machine in Azure, Azure Advisor can be helpful to figure out that your virtual machine is underutilized. Picking the right size will help you to save money and reduce the cost of Azure IaaS VMs.

To make it easier to pick the right size, Azure offers you different type or also called VM series. You can find a broad set of different virtual machine types in Azure, which give you a choice depending on your use cases, scenarios, and application needs. From general-purpose VMs, compute, memory or storage optimized, VMs with GPUs, and HPC workloads. You can find some documentation on the different VM types and sizes here.

Run them when you need them, shut them off when you don’t

Another great benefit of Cloud Computing and next to the large scale are the Pay-per-use options. If you don’t need a virtual machine, you can shut it down, and you are only paying for the existing storage, but not for the computing power anymore. This helps you with workloads, which will need to scale up and down using virtual machines. Or simply with virtual machines in test/dev environments or labs, which don’t need to run 100 percent of the time.

Commit and use Azure Reserved VM instances

Azure Reservations Reserved Instances and reserved capacity

Azure Reservations Reserved Instances and reserved capacity

Now, I know that shutting down virtual machines is excellent in theory if you have the right workloads and applications running in these virtual machines. However, what about the virtual machines which need to run 24h 365 days a year. For that, Microsoft has something called Azure Reservations, and if you are thinking specifically about Azure IaaS VMs, it is called Azure Reserved VM Instances (RIs). Azure Reserved Virtual Machine Instances can help you save money by pre-paying for one-year or three-years of virtual machines. Pre-paying allows you to get a discount on the resources you use. Reservations can significantly reduce your Azure IaaS virtual machine, SQL database compute, Azure Cosmos DB, or other resource costs up to 72% on pay-as-you-go prices. If you want to know more about Azure Reservations, check out my blog post about how to save money on Azure using Azure Reservations.

Using Economical burstable VMs

B-series are economical virtual machines that provide a low-cost option for workloads that typically run at a low to moderate baseline CPU utilization, but sometimes need to burst to significantly higher CPU utilization when the demand rises. If you want to know more about B-series Azure VMs, check out the following Microsoft Docs.

Azure Spot Virtual Machines for batch processing jobs with significant cost savings

With Azure Spot Virtual Machines (Spot VMs), you’ll be able to access unused Azure compute capacity at deep discounts, up to 90 percent compared to pay-as-you-go prices. Spot VMs are ideal for workloads that can be interrupted, providing scalability while reducing costs. Using Spot VMs allows you to take advantage of our unused capacity at a significant cost saving. At any point in time when Azure needs the capacity back, the Azure infrastructure will evict Spot VMs. Therefore, Spot VMs are great for workloads that can handle interruptions like batch processing jobs, dev/test environments, large compute workloads, and more. You get unique Azure pricing and benefits when running Windows Server workloads on Spot VMs. Spot VMs are currently in preview and you can find more about them on Microsoft Docs.

Leverage the Azure Hybrid Benefit

If you already have existing Windows Server and SQL Server on-premises licenses with Software Assurance, you can use them for Azure virtual machines (VMs). This will allow you to save the Pay-as-you-go cost for Windows Server and SQL Server licenses. The Azure Hybrid Benefit applies not only to Azure VMs but also on Azure SQL Database PaaS services and the Azure Dedicated Host. If you want to know more about how to take advantage of the Azure Hybrid Benefit, check out the Microsoft Azure Docs page.

Cost Management to Analyse your Spendings

Azure Cost Management

Azure Cost Management

With Azure Cost Management, you can monitor your cloud spending by tracking resource usage and manage costs across all your clouds with a single unified view. It also helps to analyze and optimize your cloud spendings and cloud efficiency. It gives you a transparent view across your organization and helps you to identify resources to optimize. Sonia Cuff wrote a great blog on Step-by-Step: Finding and Analyzing Microsoft Azure Cloud Usage Costs.

Reduce the Costs of your Azure IaaS VMs using Azure Advisor

Azure Advisor Recommendations

Azure Advisor Recommendations

Azure Advisor is a personalized cloud consultant that helps you follow best practices to optimize your Azure deployments. It analyzes your resource configuration and usage data to recommend solutions that can help you improve the performance, high availability, security, but also the cost-effectiveness of your Azure resources. It will recommend you to right-size or shutdown underutilized virtual machines, buy virtual machines reserved instances to save money over pay-as-you.go costs and much more. If you want to know more about Azure Advisor, you can check out the Microsoft Docs.

Select the right Azure region

Today, Microsoft Azure offers up more than 54 Azure regions worldwide, more than any other cloud provider. This has not only a massive benefit of having the capability of deploying Azure resources and virtual machines where ever you need them. But it can also help you to reduce costs. Not all Azure services are available in all Azure regions, and not all Azure services cost the same in every region. Azure resource prices can depend on operational costs and other factors in the specific region. Usually, you want to deploy your virtual machines as close as possible where you need them, and you place them in the specific Azure regions. However, if there is no need to deploy them within a particular region, you can run your VMs in the cheapest available regions to reduce the cost for your Azure virtual machines.

You can find a list of services and products available by region here.

Move services to PaaS and SaaS

Azure Migrate and modernize with cloud migration strategies

Azure Migrate and modernize with cloud migration strategies

This is obvious to many of you, but by analyzing your workloads running inside your virtual machines, you will find specific workloads that can be modernized to run on Azure Platform-as-a-service (PaaS) services or even migrate into a Software-as-a-service solution. For example, if you think about Exchange or SharePoint, instead of migrating these applications into Azure virtual machines, you can reduce costs by migrating to Office 365. Don’t understand me wrong. I know that modernizing applications can be a lot of work and can cost a lot of time and money. The Azure Migration Center gives you an excellent overview of your cloud migration journey, including assess, migrate, optimize, secure, and manage.

The Azure Migration Center also helps you with your cloud migration strategies. And it enables you to define your journey to the cloud. Migration and Modernization by rehosting, refactor or rearchitect, using cloud-native by rebuild or create new, or using SaaS and replace the existing application.

Receive free extended security updates for Windows Server and SQL Server 2008 and 2008 R2

A year ago, Microsoft announced new options for SQL Server 2008 and Windows Server 2008 end of support. Support for SQL Server 2008 and SQL Server 2008 R2 already ended on July 9, 2019, Windows Server 2008, and Windows Server 2008 R2 followed on January 14, 2020. Customers who are still running Windows Server and SQL Server 2008 and 2008 R2 do have different options. First, migrate to a newer version like Windows Server 2019, or buy extended security support, or migrate your Windows Server and SQL Server workloads to Azure, to get free extended security updates for thee years. This offer not only works for virtual machines running on Azure but also running on Azure Stack Hub.

Conclusion

Many different ways allow you to save money and reduce the costs of your Azure IaaS VMs. If you combine, for example, Azure Reserved VM Instances, the Azure Hybrid Benefit, and the free extended security support for Windows Server and SQL Server, you will gain massive price reductions. Even if you are only following one of these tips, you might save a lot of money.