Episode 339 - Durable Functions

by Sujit D'Mello July 25, 2020

Chris Gillum, an Engineering Manager in the Azure Serverless team, talks to us about the value of Durable Functions in serverless computing. He explains the underlying architecture of the Azure Serverless Architecture and how and why Durable Functions play a role in an application design. 

Media file: https://azpodcast.blob.core.windows.net/episodes/Episode339.mp3

Resources: https://docs.microsoft.com/en-us/azure/azure-functions/durable/


Other updates:

Azure Data Factory Managed Virtual Network
Announcing the general availability of Azure shared disks and new Azure Disk Storage enhancements
AMD-based memory-optimized Azure virtual machines now available in more regions

Introducing the Microsoft Azure Well-Architected Framework




Filed Under: Podcast

Episode 338 - ADLS Gen 1 to Gen 2

by Evan Basalik July 20, 2020

Principal PM in the Azure PG, Rukmani Gopalan joins us on the continuing discussion on ADLS. This time we focus on migration from Gen 1 to Gen 2. Rukmani gives us the background behind the two services and how and why you should migrate.

Media file: https://azpodcast.blob.core.windows.net/episodes/Episode338.mp3

Here are some resources that help you learn more about ADLS Gen1 to ADLS Gen2 migrations.

Plan your data lake migration from ADLS Gen1 to ADLS Gen2

ADLS Gen1 to ADLS Gen2 migrations – samples with step by step instructions


Other updates:

Revocation of non-compliant Certificate Authorities potentially impacting customer’s Azure service(s).
Published date: July 15, 2020
Certificate Authority (CA) Browser members recently published reports detailing multiple certificates issued by CA vendors that are used by Microsoft customers, as well as the greater technology community, that were out of compliance with industry standards for publicly trusted CAs. The reports regarding the non-compliant CAs can be found here: 
1. Bug 1649951
2. Bug 1650910
As per standard compliance requirements, CA vendors began revoking non-compliant CAs and issuing compliant CAs which require customers to re-issue their certificates. Microsoft is partnering closely with these vendors to minimize the potential impact to Azure Services, however self-issued certificates or certificates used in “Bring Your Own Certificate” (BYOC) scenarios are still at risk of being unexpectedly revoked. 

From <https://azure.microsoft.com/en-us/updates/certificateauthorityrevocation/>

Azure Partner Zone brings new resources and special events for Partners
Azure Monitor for SAP Solutions is now in preview
Azure Maps Power BI visual now in preview

Powerful Devs Conference


Filed Under: Podcast

Episode 337 - Azure Data Lake Storage - Multi-Protocol Access

by Cynthia Kreng July 10, 2020

The team is joined by Stephen Wu from ADLS to talk about how the ADLS Gen 2 team is working to simplify the Storage conversation for Azure customers by driving for feature parity with Blob Storage.


Media file: https://azpodcast.blob.core.windows.net/episodes/Episode337.mp3

Resources: https://azure.microsoft.com/en-us/updates/static-website-for-azure-data-lake-storage-now-in-public-preview/


Other updates:

Azure Monitor for Key Vault is now in preview
Published date: June 24, 2020
Get comprehensive monitoring of your key vaults along with a unified view of your Azure Key Vault performance, requests, failures, and latency by using Azure Monitor for Key Vault (in preview).
Built on the Azure Monitor Workbooks platform, Key Vault insights offers:
• At-scale perspective displaying a snapshot view of performance based on the requests, breakdown of failures, and an overview of the operations and latency.
• Drill-down analysis of a particular key vault to perform detailed analysis.
• The ability to customize—Change which metrics you want to see, modify or set thresholds that align with your limits, and save your own workbook.
• The ability to pin charts in the workbook to Azure dashboards.
• Integration with Azure Monitor Logs for additional data on your Azure Key Vault activity.

From <https://azure.microsoft.com/en-us/updates/kvi/>

  ->23 new services including Synapse, Peering, Databricks


Azure Storage 200 TB block blob size is now in preview
Published date: June 30, 2020
Azure Blob storage provides massively scalable object storage for workloads including application data, HPC, backup, and high-scale workloads. We’ve increased the maximum size of a single blob from 5 TB to 200 TB, now available in preview.
The increase in blob size better supports use cases from seismic data processing to genomics that require support for multiple object sizes.
To support the 200 TB blob size, we’re increasing the maximum allowable block size from 100 MB to 4,000 MB and maintaining support for up to 50,000 blocks in a single blob. The 200 TB blob size is available for preview in all Azure public regions with hot, cool, and premium tiers. There are no billing changes. 

From <https://azure.microsoft.com/en-us/updates/azure-storage-200-tb-block-blob-size-is-now-in-preview/>


Azure AI: Build mission-critical AI apps with new Cognitive Services capabilities

Reimagining virtual collaboration for the future of work and learning

Easily add voice commands to your apps with Custom Commands
Form recognizer GA

Azure LB insights using azure monitor for networks

Azure firewall manager GA



Filed Under: Podcast

Episode 336 - Microsoft Q&A

by Evan Basalik June 28, 2020

Ryan Hill, a Software Engineer in the Azure CXP group, shares details of the new Microsoft Q&A website which serves as a one-stop for getting questions answered around Azure and other Microsoft technologies.

Media file: https://azpodcast.blob.core.windows.net/episodes/Episode336.mp3


Supported services in QnA: https://docs.microsoft.com/en-us/answers/products/#supported-products

How to write quality question: https://docs.microsoft.com/en-us/answers/articles/24951/how-to-write-a-quality-question.html

Job postings: https://careers.microsoft.com/us/en/search-results?keywords=%23MicrosoftATL


Other updates:

Azure Storage account failover is now generally available
Published date: June 17, 2020
Customer-initiated Storage account failover is now generally available, allowing you to determine when to initiate a failover instead of waiting for Microsoft to do so. When you perform a failover, the secondary replica of the Storage account becomes the new primary, and the DNS records for all Storage service endpoints—blob, file, queue, and table—are updated to point to this new primary. Once the failover is complete, clients will automatically begin reading from the Storage account and writing data to it in the new primary region, with no code changes.
Customer initiated failover is available for GRS, RA-GRS, GZRS, and RA-GZRS accounts. To learn more, read the documentation.

From <https://azure.microsoft.com/en-us/updates/azure-storage-account-failover-ga/>

Azure Container Registry: Securing container workflows
Simplifying declarative deployments in Azure



Filed Under: Podcast

Episode 335 - Azure Data Explorer

by Sujit D'Mello June 18, 2020

LaBrina Loving, a Cloud Architect and Software Engineer in the Commercial Software Engineering division at Microsoft, shares her recent passion with the Data Explorer service. Using a couple of real-world use-cases, she explains the rational behind the service and how developers can utilize it for a wide variety of data processing needs.

Media file: https://azpodcast.blob.core.windows.net/episodes/Episode335.mp3


Azure Data Explorer Overview - https://docs.microsoft.com/en-us/azure/data-explorer/data-explorer-overview

Azure Data Explorer Ingestion - https://docs.microsoft.com/en-us/azure/data-explorer/ingest-data-overview
Getting started with KQL Queries - https://docs.microsoft.com/en-us/azure/data-explorer/write-queries

SQL to KQL Cheatsheet - https://docs.microsoft.com/en-us/azure/data-explorer/kusto/query/sqlcheatsheet


Other updates:

Azure Quota REST APIs to manage service limits (quota) are now available in preview


Introducing live video analytics from Azure Media Services—now in preview
Town of Cary innovates flood prediction with IoT
Advancing Microsoft Teams on Azure—operating at pandemic scale

Azure responds to COVID-19




Filed Under: Podcast

Episode 334 - Windows Containers in AKS

by Kendall Roden June 12, 2020

Mikkel Hegnhoj, a Principal PM in the AKS team, shares the details about running Windows Containers in AKS, which is now GA. He gives us guidance on how to design an AKS cluster than run Windows workloads and advice on how to go about migrating our applications to this platform.

Media file: https://azpodcast.blob.core.windows.net/episodes/Episode334.mp3




Other updates:

Azure Cosmos DB Java SDK 4.0 for Core (SQL) API release now in general availability
Published date: June 10, 2020
Azure Cosmos DB Java SDK for Core (SQL) API enables interaction with Azure Cosmos DB from Java applications. This latest SDK version 4.0 allows sending requests to Azure Cosmos DB via the recommended Core (SQL) API. The release of Azure Cosmos DB Java SDK 4.0 for Core (SQL) API includes improvements to performance, bundles Sync and Async APIs, and incorporates Paged Flux APIs. It also has built-in support for autoscale containers and analytical containers, and supports DISTINCT queries.

From <https://azure.microsoft.com/en-us/updates/azure-cosmos-db-java-sdk-40-for-core-sql-api-release-now-in-general-availability/>


Azure Policy support for Azure Cosmos DB is now available
Published date: June 10, 2020
Azure Cosmos DB resource governance can now be implemented with Azure Policy. Use this capability to create Azure Policy assignments based on built-in or custom policy definitions to enforce rules and effects on Azure Cosmos DB resources.
Example policy assignments include—requiring features such as Advanced Threat Protection to be enabled on Azure Cosmos DB accounts; auditing Azure Cosmos DB resources for compliance with organizational standards on throughput or other properties; or securing data by enforcing network access safeguards such as IP filter rules, virtual network endpoints, or limiting the amount of throughput (RU/s) that can be provisioned.

From <https://azure.microsoft.com/en-us/updates/azure-policy-support-for-azure-cosmos-db-is-now-available/>

Azure Kubernetes Service—Integrated application gateway feature now available
Published date: June 10, 2020
The Application Gateway ingress controller (AGIC) is now available in  preview as an add-on in Azure Kubernetes Service (AKS). Use it to easily create or attach an existing Application Gateway instance to your AKS clusters.  Use the standard Kubernetes ingress API to define your routing rules, then implement those rules using the managed Application Gateway service. Application Gateway is a scalable, reliable, and secure L7 load balancer. By using Application Gateway as the entry point to the AKS applications you won’t have to self-manage a networking tool like Nginx.

From <https://azure.microsoft.com/en-us/updates/azure-kubernetes-service-integrated-application-gateway-feature-now-available/>


Azure Kubernetes Service upgrade improvements are now in preview
Published date: June 10, 2020
Upgrading is a common operation required for all Kubernetes workloads. Two new Azure Kubernetes Service (AKS) upgrade capabilities that will improve the granularity and efficiency of regular Kubernetes upgrade operations are now in preview.
• Node image upgrade enables you to update node-level components such as the container runtime or OS updates without going through a full Kubernetes upgrade. Use this capability to initiate a targeted upgrade to agent nodes for a given node pool to pull the latest available node updates and patches without requiring a full cluster upgrade.
• Max surge enables faster upgrades by taking advantage of multiple new buffer nodes to concurrently replace older nodes. Instead of replacing a single node at a time, you can now customize your own max surge value per node pool to define how many concurrent replacements occur.

From <https://azure.microsoft.com/en-us/updates/azure-kubernetes-service-upgrade-improvements-are-now-in-preview/>

Plan ahead! Starting June 15, 2020, the Windows Virtual Desktop service will reject connections from unsupported clients and unsupported versions of supported clients.
Make sure your users are using the following versions or newer of each client.
 · Windows Desktop Client (MSRDC): 1.2.247
 · Android: 10.0.6
 · macOS:
 · iOS: 10.1.0
Unsupported clients that will be blocked starting June 15th:
 · Remote Desktop Connection (MSTSC)
 · RemoteApp and Desktop Connections (RADC)


ION – Booting up the network

Azure Spring Cloud updates



Keywords: ,

Filed Under: Podcast

Episode 333 - TLS 1.0 Deprecation

by Evan Basalik June 8, 2020

Candace Jackson, a Senior PM in the Azure Security team, give us an update on the effort to remove the use of TLS 1.0 from applications in Azure.


Media file:




Connection logging - This help identify what cipher suites and protocols are negotiated during a successful handshake



Apache -

 Some resource specific documenation that shows how to configure protocol and cipher suite usage
Blog: https://blogs.msdn.microsoft.com/appserviceteam/2018/04/17/app-service-and-functions-hosted-apps-can-now-update-tls-versions/


Other updates:

Live Video Analytics now in public preview
Updated: June 01, 2020
Live Video Analytics (LVA) on IoT Edge is now in public preview. It is a platform to capture, record, and analyze live video and publish the results (video and/or video analytics), for you to build intelligent video applications. You can use LVA for a number of use cases across industries such as retail, healthcare, and transportation. You can bring any custom AI by plugging in video analysis edge modules, whether they are Cognitive Services containers, custom edge modules built with open source machine learning models, or custom models trained with a customer’s own data. You can also combine video analysis with other business data to make smarter business decisions.
LVA integrates with a number of Azure services (in the cloud and/or the edge), such as Stream Analytics on IoT Edge, Cognitive Services on IoT Edge, Media Services, Event Hub, and Cognitive Services.

From <https://azure.microsoft.com/en-us/updates/live-video-analytics-now-in-public-preview/>


CNI security vulnerability in older AKS clusters and mitigation steps
Updated: June 01, 2020
A security vulnerability has been identified in the container networking implementation (CNI) in CNI plugin versions v0.8.6 and older that may affect older AKS clusters.
An AKS cluster configured to use an affected container networking implementation is susceptible to man-in-the-middle (MitM) attacks. By sending “rogue” router advertisements, a malicious container can reconfigure the host to redirect part or all of the IPv6 traffic of the host to the attacker-controlled container. Even if there was no IPv6 traffic before, if the DNS returns A (IPv4) and AAAA (IPv6) records, many HTTP libraries will try to connect via IPv6 first then fallback to IPv4, giving an opportunity to the attacker to respond.
This vulnerability has been given an initial severity of Medium with a score of 6.0.
Vulnerability analysis and verification
All AKS clusters created or upgraded with a Node Image Version later or equal than “2019.04.24” are not vulnerable, as they set net.ipv6.conf.all.accept_ra to 0 and enforce TLS with proper certificate validation.
Clusters created or last upgraded before that date are susceptible to this vulnerability.
You can verify if your current Node Image is vulnerable by running: https://aka.ms/aks/MitM-check-20200601  on a machine that has CLI access to the cluster’s nodes.
Windows nodes are not affected by this vulnerability.

From <https://azure.microsoft.com/en-us/updates/cni-security-vulnerability-in-older-aks-clusters-and-mitigation-steps/>

From //build 2020 - Azure SQL Edge (preview)

Deploy to Azure using GitHub Actions from your favorite tools



Filed Under: Podcast

Episode 332 - Azure Edge Zones

by Evan Basalik June 2, 2020

Ganesh Srinivasan, a Principal PM Manager in the Azure Networking team, talks to the crew about the possibilities and scenarios when placing compute as close to the edge as possible.


Media file: https://azpodcast.blob.core.windows.net/episodes/Episode332.mp3


Resources: https://docs.microsoft.com/en-us/azure/networking/edge-zones-overview


Other updates:

Service Bus Explorer on the Azure portal is now available in preview
Updated: May 26, 2020
The Service Bus Explorer tool on the Azure portal is now available in preview.
Azure Service Bus, like most other PaaS offerings, has two sets of operations that can be performed against it:
• Management operations like CRUD (create, read, update, and delete) on Service Bus namespaces, queues, topics, subscriptions, and filters.
• Data operations like send, receive, and peek on queues, topics, and subscriptions.
While management operations have always been available via the portal, our customers have used tools such as the community managed Service Bus Explorer OSS tool for the data operations. In a quest to reduce dependence on different tools needed to provision, manage, and test the Service Bus namespace, we've built support for the data operations functionality right into the portal.
To access this tool, select the namespace and the specific queue or topic within that namespace you'd like to send and receive messages from. Once there, select Service Bus Explorer (preview) from the left menu navigation pane.

From <https://azure.microsoft.com/en-us/updates/sesrvice-bus-explorer/>

Azure Backup now provides protection against accidental deletion of Azure file shares
Updated: May 27, 2020
To provide protection against cyberattacks or accidental deletion, Azure Backup has added one more level of security to the Azure file shares snapshot management solution by providing protection against the accidental or malicious deletion of backed-up file shares. Now, even if a malicious actor deletes the file share, the file share’s contents and recovery points (snapshots) are retained for a configurable retention period, allowing the successful and complete recovery of source contents and snapshots with no data loss.
When you configure protection for a file share, Azure Backup enables the soft delete feature on a storage account level with a retention period of 14 days. You can also reset the retention period setting as per your requirement. This setting determines the time window you’ll have to recover your file share contents and snapshots after any accidental delete operation. The recovery points are preserved during this duration and once you undelete the file share, backups start running successfully with no additional configuration needed.

From <https://azure.microsoft.com/en-us/updates/azure-backup-now-provides-protection-against-accidental-deletion-of-azure-file-shares/>

Streamlining your image building process with Azure Image Builder

From <https://azure.microsoft.com/en-us/blog/streamlining-your-image-building-process-with-azure-image-builder/>

Azure Maps Creator now available in preview

Microsoft and Docker collaborate on new ways to deploy containers on Azure



Filed Under: Podcast

Episode 331 - Functions and Serverless

by Sujit D'Mello May 21, 2020

Allison Farris, a Cloud Solutions Architect at Microsoft's UK subsidiary, shares her passion and experience with Azure Functions. She gives us insights into how customers are leveraging Serverless technologies and provides guidance on how and when to use these technologies.

Media file: https://azpodcast.blob.core.windows.net/episodes/Episode331.mp3



Other updates:


Azure Private Link is now available for multiple new Azure services
Updated: May 14, 2020
Azure Private Link is now generally available for these services:
• Azure Cognitive Search
• Azure Event Hubs
• Azure Service Bus
• Azure Backup
• Azure Container Registry
• Azure Event Grid topics
• Azure Event Grid domains
Private Link is also available in preview for these services:
• Azure SignalR Service
• Azure IoT Hub
Check regional availability of supported services.

From <https://azure.microsoft.com/en-us/updates/azure-private-link-is-now-available-for-multiple-new-azure-services/>


Azure Stack Hub now supports cross-platform compatibility on PowerShell
Updated: May 19, 2020
Azure Stack Hub now supports cross-platform compatibility on PowerShell and ensures hybrid consistency with Azure. Azure Stack Hub will utilize Az modules with new resource providers from Azure IoT Hub, Azure Stack Edge, and EventHub. This enables full cross-compatibility with Azure and Azure Stack Hub using PowerShell and PowerShell Core. Install PowerShell and connect to Azure Stack Hub on MacOs. This is available through the Az PowerShell installe

From <https://azure.microsoft.com/en-us/updates/azure-stack-hub-now-supports-crossplatform-compatibility-on-powershell/>

Azure Storage—Routing preferences now available for preview
Updated: May 19, 2020
Routing preferences for Azure Storage is now available for preview in France South, North Central US, and the West Central US regions.
Configure a routing preference to direct network traffic for the default public endpoint of your Storage account using the Microsoft global network or using the public internet. Optimize for premium network performance by using the Microsoft global network, which delivers low-latency path selection with high reliability and routes traffic through the point-of-presence closest to the client. Alternatively, route traffic through the point-of-presence closest to your storage account to lower network costs and minimize traversal over the Microsoft global network.
Routing configuration options for your Storage account also enable you to publish additional route-specific endpoints. Use these new public endpoints to override the routing preference specified for the default public endpoint by explicit routing traffic over a desired path.

From <https://azure.microsoft.com/en-us/updates/routing-preferences-azure-storage-preview/>

Code, collaborate, and ship your apps from anywhere

Announcing Project Bonsai and Project Moab
From <https://azure.microsoft.com/en-us/updates/announcing-project-bonsai-and-project-moab/>


Bookstore from build: https://www.digitalguru.com/shop 

Book of news: https://news.microsoft.com/build-2020-book-of-news/ 


Filed Under: Podcast

Episode 330 - Availability Sets and Zones

by Evan Basalik May 15, 2020

Evan and the team discuss a real-world situation with a customer using Availability Sets and limitations of such deployments in Azure.


Media file: https://azpodcast.blob.core.windows.net/episodes/Episode330.mp3

Transcript: https://www.videoindexer.ai/accounts/e0eee289-7730-4999-978b-eb7f63be8cb5/videos/49874e8387/?location=eastus2


Other updates:

Azure File Sync is removing support for TLS 1.0 and 1.1 in August 2020
Updated: May 11, 2020
Azure File Sync service will remove support for transport layer security (TLS) 1.0 and 1.1 in August 2020. All supported Azure File Sync agent versions already use TLS 1.2 by default. If you're not using TLS 1.2, this would most likely be because TLS 1.2 is disabled on your server or (more likely) a proxy is being used.
To see the TLS settings on your server, view the registry settings. If you're using a proxy, please consult its documentation and ensure it's configured to use TLS 1.2. Azure File Sync service regions added after May 1, 2020, will only support TLS 1.2 and we'll remove TLS 1.0 and 1.1 support from existing regions in August 2020.

From <https://azure.microsoft.com/en-us/updates/afstlssupport/>


https://docs.microsoft.com/en-us/azure/frontdoor/front-door-rules-engine-actions (Preview)

New York Blockchain Week - Virtual Hackathon

PegaSys Ethereum Suite Now Available on Microsoft’s Azure Marketplace

Minecraft Earth and Azure Cosmos DB part 1: Extending Minecraft into our real world

Migrate to Azure: Save now, be future ready

Monitor your Azure workload compliance with Azure Security Benchmark


Filed Under: Podcast


Now on Spotify! Simply search for Azure Podcast and you will find it. Also available on YouTube and Amazon Music as well!

Podcast Clients

You can find us on iTunes, Spotify, XBOX Music and in most Podcast clients on Android. Or simply use the RSS feed link above and plug it into your Podcast client.


Love this podcast? Use this flyer to socialize it with your community.


<<  July 2022  >>

View posts in large calendar

Tag cloud