Episode 342 - Azure Digital Twins

by Cynthia Kreng August 12, 2020

We had a chance to talk with Ines Khelifi, the Principal PM Manager for Azure Digital Twins on the different use cases she has seen, the latest preview, and how Azure Digital Twins can be utilized in the times of COVID-19.

Media File: https://azpodcast.blob.core.windows.net/episodes/Episode342.mp3

Resources:

Other Updates:

https://docs.microsoft.com/en-us/azure/storage/blobs/storage-lifecycle-management-concepts?tabs=azure-portal

 

Azure Advisor Quick Fix is now available

Published date: August 05, 2020

Azure Advisors new Quick Fix feature makes optimization at scale faster and easier by allowing users to remediate recommendations for multiple resources simultaneously and with only a few clicks. Users can now multi-select resources to take the recommended Advisor actions on all selected resources as a bulk operation instead of having to remediate each resource individually. Quick Fix also creates a consistent, streamlined, and more automated experience for Advisor recommendation remediation. At launch, Quick Fix is enabled for a subset of Advisor recommendations in the Azure portal, with more on the way.

https://azure.microsoft.com/en-us/updates/azure-advisor-quick-fix-is-now-available/

 

New Azure SQL Learning Tools help reduce the global technology skills gap

https://azure.microsoft.com/en-us/blog/new-azure-sql-learning-tools-help-reduce-the-global-technology-skills-gap/

 

The Azure Cloud Shell tools image is now open sourced

Published date: August 10, 2020

Azure Cloud Shell is a browser-based, authenticated shell experience to manage your cloud resources.  The Cloud Shell experience contains common command line tools to manage resources across both Azure and M365, and can now be found on GitHub. You can now file issues or pull requests directly to the tools image, and any changes that occur there will be reflected in the next release of Cloud Shell.  You can use this container image in other management scenarios, with many tools already installed and updated regularly, removing the concern about updating your cloud management tools. 

https://azure.microsoft.com/en-us/updates/cloudshell-github/

 

Encryption of backup data using customer managed keys is in public preview

Published date: August 12, 2020

When backing up your Azure Virtual Machines, you can now encrypt your data using keys owned and managed by you. Azure Backup lets you use your RSA keys stored in the Azure Key Vault for encrypting your backups. The encryption key used for encrypting backups may be different from the one used for the source. The data is protected using an AES 256 based data encryption key (DEK), which is, in turn, protected using your keys stored in the Key Vault. This gives you full control over the data and the keys.

This feature is in public preview for new vaults in all Azure regions.

https://azure.microsoft.com/en-us/updates/encryption-of-backup-data-using-customer-managed-keys-is-in-public-preview/

 

Keywords: ,

Filed Under: Podcast

Episode 341 - What are CSAs

by Cynthia Kreng August 5, 2020

Microsoft Senior Cloud Solutions Architect, Levi Romandine, shares his experiences working with Hi-tech customers in Silicon Valley. He explains the role of the CSA and talks about some of the challenges these customers encounter when moving to Azure.

Media file: https://azpodcast.blob.core.windows.net/episodes/Episode341.mp3

 

Other updates:

https://azure.microsoft.com/en-us/blog/creating-cloud-ready-environments-with-azure-landing-zones/

https://azure.microsoft.com/en-us/updates/azure-hdinsight-now-supports-virtual-network-service-endpoint-policies/

https://azure.microsoft.com/en-us/updates/nfs-30-support-for-azure-blob-storage-is-now-in-preview/

Keywords:

Filed Under: Podcast

Episode 340 - Messaging Services

by Sujit D'Mello July 28, 2020

Azure has a number of top-notch messaging services in Event Grid, Event Hubs, Service Bus, IoT Hub, Relay etc. It can be confusing at times as to which one is the right one for the job. Luckily for us we have the expert in the field, Principal Azure Architect Clemens Vasters, to help us sort through the various options. He gives is very clear guidance on which service should be used for various use-cases in this very insightful episode.

Media file: https://azpodcast.blob.core.windows.net/episodes/Episode340.mp3

 

Other updates:

Migrate to the cloud with confidence
https://azure.microsoft.com/en-us/blog/migrate-to-the-cloud-with-confidence/
MS Inspire!
https://myinspire.microsoft.com/

 

Keywords:

Filed Under: Podcast

Episode 339 - Durable Functions

by Sujit D'Mello July 25, 2020

Chris Gillum, an Engineering Manager in the Azure Serverless team, talks to us about the value of Durable Functions in serverless computing. He explains the underlying architecture of the Azure Serverless Architecture and how and why Durable Functions play a role in an application design. 

Media file: https://azpodcast.blob.core.windows.net/episodes/Episode339.mp3

Resources: https://docs.microsoft.com/en-us/azure/azure-functions/durable/

 

Other updates:

Azure Data Factory Managed Virtual Network
https://azure.microsoft.com/en-us/blog/azure-data-factory-managed-virtual-network/
Announcing the general availability of Azure shared disks and new Azure Disk Storage enhancements
https://azure.microsoft.com/en-us/blog/announcing-the-general-availability-of-azure-shared-disks-and-new-azure-disk-storage-enhancements/
AMD-based memory-optimized Azure virtual machines now available in more regions
https://azure.microsoft.com/en-us/blog/amd-based-memory-optimized-azure-virtual-machines-now-available-in-more-regions/

Introducing the Microsoft Azure Well-Architected Framework
https://azure.microsoft.com/en-us/blog/introducing-the-microsoft-azure-wellarchitected-framework/

 

 

Keywords:

Filed Under: Podcast

Episode 338 - ADLS Gen 1 to Gen 2

by Evan Basalik July 20, 2020

Principal PM in the Azure PG, Rukmani Gopalan joins us on the continuing discussion on ADLS. This time we focus on migration from Gen 1 to Gen 2. Rukmani gives us the background behind the two services and how and why you should migrate.

Media file: https://azpodcast.blob.core.windows.net/episodes/Episode338.mp3

Here are some resources that help you learn more about ADLS Gen1 to ADLS Gen2 migrations.

Plan your data lake migration from ADLS Gen1 to ADLS Gen2

ADLS Gen1 to ADLS Gen2 migrations – samples with step by step instructions

 

Other updates:

Revocation of non-compliant Certificate Authorities potentially impacting customer’s Azure service(s).
Published date: July 15, 2020
Certificate Authority (CA) Browser members recently published reports detailing multiple certificates issued by CA vendors that are used by Microsoft customers, as well as the greater technology community, that were out of compliance with industry standards for publicly trusted CAs. The reports regarding the non-compliant CAs can be found here: 
1. Bug 1649951
2. Bug 1650910
As per standard compliance requirements, CA vendors began revoking non-compliant CAs and issuing compliant CAs which require customers to re-issue their certificates. Microsoft is partnering closely with these vendors to minimize the potential impact to Azure Services, however self-issued certificates or certificates used in “Bring Your Own Certificate” (BYOC) scenarios are still at risk of being unexpectedly revoked. 

From <https://azure.microsoft.com/en-us/updates/certificateauthorityrevocation/>


Azure Partner Zone brings new resources and special events for Partners
https://azure.microsoft.com/en-us/blog/azure-partner-zone-brings-new-resources-and-special-events-for-partners/
Azure Monitor for SAP Solutions is now in preview
https://azure.microsoft.com/en-us/blog/azure-monitor-for-sap-solutions-is-now-in-preview/
Azure Maps Power BI visual now in preview
https://azure.microsoft.com/en-us/blog/azure-maps-power-bi-visual-now-in-preview/

Powerful Devs Conference
https://powerfuldevsconf.splashthat.com/

Keywords:

Filed Under: Podcast

Episode 337 - Azure Data Lake Storage - Multi-Protocol Access

by Cynthia Kreng July 10, 2020

The team is joined by Stephen Wu from ADLS to talk about how the ADLS Gen 2 team is working to simplify the Storage conversation for Azure customers by driving for feature parity with Blob Storage.

 

Media file: https://azpodcast.blob.core.windows.net/episodes/Episode337.mp3

Resources: https://azure.microsoft.com/en-us/updates/static-website-for-azure-data-lake-storage-now-in-public-preview/

 

Other updates:

Azure Monitor for Key Vault is now in preview
Published date: June 24, 2020
Get comprehensive monitoring of your key vaults along with a unified view of your Azure Key Vault performance, requests, failures, and latency by using Azure Monitor for Key Vault (in preview).
Built on the Azure Monitor Workbooks platform, Key Vault insights offers:
• At-scale perspective displaying a snapshot view of performance based on the requests, breakdown of failures, and an overview of the operations and latency.
• Drill-down analysis of a particular key vault to perform detailed analysis.
• The ability to customize—Change which metrics you want to see, modify or set thresholds that align with your limits, and save your own workbook.
• The ability to pin charts in the workbook to Azure dashboards.
• Integration with Azure Monitor Logs for additional data on your Azure Key Vault activity.

From <https://azure.microsoft.com/en-us/updates/kvi/>


https://azure.microsoft.com/en-us/updates/azure-cli-june-2020-update/
  ->23 new services including Synapse, Peering, Databricks

 

Azure Storage 200 TB block blob size is now in preview
Published date: June 30, 2020
Azure Blob storage provides massively scalable object storage for workloads including application data, HPC, backup, and high-scale workloads. We’ve increased the maximum size of a single blob from 5 TB to 200 TB, now available in preview.
The increase in blob size better supports use cases from seismic data processing to genomics that require support for multiple object sizes.
To support the 200 TB blob size, we’re increasing the maximum allowable block size from 100 MB to 4,000 MB and maintaining support for up to 50,000 blocks in a single blob. The 200 TB blob size is available for preview in all Azure public regions with hot, cool, and premium tiers. There are no billing changes. 

From <https://azure.microsoft.com/en-us/updates/azure-storage-200-tb-block-blob-size-is-now-in-preview/>

 

Azure AI: Build mission-critical AI apps with new Cognitive Services capabilities
https://azure.microsoft.com/en-us/blog/azure-ai-build-missioncritical-ai-apps-with-new-cognitive-services-capabilities/

Reimagining virtual collaboration for the future of work and learning
https://www.microsoft.com/en-us/microsoft-365/blog/2020/07/08/reimagining-virtual-collaboration-future-work-learning

Easily add voice commands to your apps with Custom Commands
https://techcommunity.microsoft.com/t5/azure-ai/easily-add-voice-commands-to-your-apps-with-custom-commands/ba-p/1503443
Form recognizer GA
https://azure.microsoft.com/en-us/services/cognitive-services/form-recognizer/

Azure LB insights using azure monitor for networks
https://azure.microsoft.com/en-us/updates/introducing-azure-load-balancer-insights-using-azure-monitor-for-networks/

Azure firewall manager GA
https://azure.microsoft.com/en-us/updates/azure-firewall-manager-is-now-generally-available/

 

Keywords:

Filed Under: Podcast

Episode 336 - Microsoft Q&A

by Evan Basalik June 28, 2020

Ryan Hill, a Software Engineer in the Azure CXP group, shares details of the new Microsoft Q&A website which serves as a one-stop for getting questions answered around Azure and other Microsoft technologies.

Media file: https://azpodcast.blob.core.windows.net/episodes/Episode336.mp3

Resources:

Supported services in QnA: https://docs.microsoft.com/en-us/answers/products/#supported-products

How to write quality question: https://docs.microsoft.com/en-us/answers/articles/24951/how-to-write-a-quality-question.html

Job postings: https://careers.microsoft.com/us/en/search-results?keywords=%23MicrosoftATL

 

Other updates:

Azure Storage account failover is now generally available
Published date: June 17, 2020
Customer-initiated Storage account failover is now generally available, allowing you to determine when to initiate a failover instead of waiting for Microsoft to do so. When you perform a failover, the secondary replica of the Storage account becomes the new primary, and the DNS records for all Storage service endpoints—blob, file, queue, and table—are updated to point to this new primary. Once the failover is complete, clients will automatically begin reading from the Storage account and writing data to it in the new primary region, with no code changes.
Customer initiated failover is available for GRS, RA-GRS, GZRS, and RA-GZRS accounts. To learn more, read the documentation.

From <https://azure.microsoft.com/en-us/updates/azure-storage-account-failover-ga/>

Azure Container Registry: Securing container workflows
https://azure.microsoft.com/en-us/blog/azure-container-registry-securing-container-workflows/
Simplifying declarative deployments in Azure
https://azure.microsoft.com/en-us/blog/simplifying-declarative-deployments-in-azure/

 

Keywords:

Filed Under: Podcast

Episode 335 - Azure Data Explorer

by Sujit D'Mello June 18, 2020

LaBrina Loving, a Cloud Architect and Software Engineer in the Commercial Software Engineering division at Microsoft, shares her recent passion with the Data Explorer service. Using a couple of real-world use-cases, she explains the rational behind the service and how developers can utilize it for a wide variety of data processing needs.

Media file: https://azpodcast.blob.core.windows.net/episodes/Episode335.mp3

Resources:

Azure Data Explorer Overview - https://docs.microsoft.com/en-us/azure/data-explorer/data-explorer-overview

Azure Data Explorer Ingestion - https://docs.microsoft.com/en-us/azure/data-explorer/ingest-data-overview
Getting started with KQL Queries - https://docs.microsoft.com/en-us/azure/data-explorer/write-queries

SQL to KQL Cheatsheet - https://docs.microsoft.com/en-us/azure/data-explorer/kusto/query/sqlcheatsheet

 

Other updates:

Azure Quota REST APIs to manage service limits (quota) are now available in preview

https://azure.microsoft.com/en-us/updates/azure-quota-rest-api-to-manage-service-limits-quota-are-now-available-in-preview/

Introducing live video analytics from Azure Media Services—now in preview
https://azure.microsoft.com/en-us/blog/introducing-live-video-analytics-on-iot-edge-now-in-preview/
Town of Cary innovates flood prediction with IoT
https://azure.microsoft.com/en-us/blog/town-of-cary-innovates-flood-prediction-with-iot/
Advancing Microsoft Teams on Azure—operating at pandemic scale
https://azure.microsoft.com/en-us/blog/advancing-microsoft-teams-on-azure-operating-at-pandemic-scale/

Azure responds to COVID-19
https://azure.microsoft.com/en-us/blog/azure-responds-to-covid19/

 

 

Keywords:

Filed Under: Podcast

Episode 334 - Windows Containers in AKS

by Kendall Roden June 12, 2020

Mikkel Hegnhoj, a Principal PM in the AKS team, shares the details about running Windows Containers in AKS, which is now GA. He gives us guidance on how to design an AKS cluster than run Windows workloads and advice on how to go about migrating our applications to this platform.

Media file: https://azpodcast.blob.core.windows.net/episodes/Episode334.mp3

Resources:

https://docs.microsoft.com/en-us/azure/aks/windows-container-cli

 

Other updates:

Azure Cosmos DB Java SDK 4.0 for Core (SQL) API release now in general availability
Published date: June 10, 2020
Azure Cosmos DB Java SDK for Core (SQL) API enables interaction with Azure Cosmos DB from Java applications. This latest SDK version 4.0 allows sending requests to Azure Cosmos DB via the recommended Core (SQL) API. The release of Azure Cosmos DB Java SDK 4.0 for Core (SQL) API includes improvements to performance, bundles Sync and Async APIs, and incorporates Paged Flux APIs. It also has built-in support for autoscale containers and analytical containers, and supports DISTINCT queries.

From <https://azure.microsoft.com/en-us/updates/azure-cosmos-db-java-sdk-40-for-core-sql-api-release-now-in-general-availability/>

 

Azure Policy support for Azure Cosmos DB is now available
Published date: June 10, 2020
Azure Cosmos DB resource governance can now be implemented with Azure Policy. Use this capability to create Azure Policy assignments based on built-in or custom policy definitions to enforce rules and effects on Azure Cosmos DB resources.
Example policy assignments include—requiring features such as Advanced Threat Protection to be enabled on Azure Cosmos DB accounts; auditing Azure Cosmos DB resources for compliance with organizational standards on throughput or other properties; or securing data by enforcing network access safeguards such as IP filter rules, virtual network endpoints, or limiting the amount of throughput (RU/s) that can be provisioned.

From <https://azure.microsoft.com/en-us/updates/azure-policy-support-for-azure-cosmos-db-is-now-available/>


Azure Kubernetes Service—Integrated application gateway feature now available
Published date: June 10, 2020
The Application Gateway ingress controller (AGIC) is now available in  preview as an add-on in Azure Kubernetes Service (AKS). Use it to easily create or attach an existing Application Gateway instance to your AKS clusters.  Use the standard Kubernetes ingress API to define your routing rules, then implement those rules using the managed Application Gateway service. Application Gateway is a scalable, reliable, and secure L7 load balancer. By using Application Gateway as the entry point to the AKS applications you won’t have to self-manage a networking tool like Nginx.

From <https://azure.microsoft.com/en-us/updates/azure-kubernetes-service-integrated-application-gateway-feature-now-available/>

 

Azure Kubernetes Service upgrade improvements are now in preview
Published date: June 10, 2020
Upgrading is a common operation required for all Kubernetes workloads. Two new Azure Kubernetes Service (AKS) upgrade capabilities that will improve the granularity and efficiency of regular Kubernetes upgrade operations are now in preview.
• Node image upgrade enables you to update node-level components such as the container runtime or OS updates without going through a full Kubernetes upgrade. Use this capability to initiate a targeted upgrade to agent nodes for a given node pool to pull the latest available node updates and patches without requiring a full cluster upgrade.
• Max surge enables faster upgrades by taking advantage of multiple new buffer nodes to concurrently replace older nodes. Instead of replacing a single node at a time, you can now customize your own max surge value per node pool to define how many concurrent replacements occur.

From <https://azure.microsoft.com/en-us/updates/azure-kubernetes-service-upgrade-improvements-are-now-in-preview/>


Plan ahead! Starting June 15, 2020, the Windows Virtual Desktop service will reject connections from unsupported clients and unsupported versions of supported clients.
 
Make sure your users are using the following versions or newer of each client.
 · Windows Desktop Client (MSRDC): 1.2.247
 · Android: 10.0.6
 · macOS: 10.3.9.1767
 · iOS: 10.1.0
 
Unsupported clients that will be blocked starting June 15th:
 · Remote Desktop Connection (MSTSC)
 · RemoteApp and Desktop Connections (RADC)

 

ION – Booting up the network
https://techcommunity.microsoft.com/t5/identity-standards-blog/ion-booting-up-the-network/ba-p/1441552

Azure Spring Cloud updates

https://azure.microsoft.com/en-us/updates/azure-spring-cloud-updates/

 

Keywords: ,

Filed Under: Podcast

Episode 333 - TLS 1.0 Deprecation

by Evan Basalik June 8, 2020

Candace Jackson, a Senior PM in the Azure Security team, give us an update on the effort to remove the use of TLS 1.0 from applications in Azure.

 

Media file:

 https://azpodcast.blob.core.windows.net/episodes/Episode333.mp3

Resources:

links:
https://www.microsoft.com/en-us/download/details.aspx?id=55266
https://docs.microsoft.com/en-us/dotnet/framework/network-programming/tls


Connection logging - This help identify what cipher suites and protocols are negotiated during a successful handshake

IIS
https://cloudblogs.microsoft.com/microsoftsecure/2017/09/07/new-iis-functionality-to-help-identify-weak-tls-usage/

Nginx
http://nginx.org/en/docs/http/ngx_http_ssl_module.html#variables
https://serverfault.com/questions/620123/how-can-i-let-nginx-log-the-used-ssl-tls-protocol-and-ciphersuite

Apache -
http://httpd.apache.org/docs/2.2/mod/mod_ssl.html#envvars
http://httpd.apache.org/docs/2.2/mod/mod_ssl.html#logformats

 Some resource specific documenation that shows how to configure protocol and cipher suite usage
https://docs.microsoft.com/en-us/azure/app-service/environment/app-service-app-service-environment-custom-settings#disable-tls-10-and-tls-11
Blog: https://blogs.msdn.microsoft.com/appserviceteam/2018/04/17/app-service-and-functions-hosted-apps-can-now-update-tls-versions/
https://docs.microsoft.com/en-us/azure/app-service/app-service-web-tutorial-custom-ssl#enforce-tls-1112
https://docs.microsoft.com/en-us/azure/cloud-services/applications-dont-support-tls-1-2

 

Other updates:

Live Video Analytics now in public preview
Updated: June 01, 2020
Live Video Analytics (LVA) on IoT Edge is now in public preview. It is a platform to capture, record, and analyze live video and publish the results (video and/or video analytics), for you to build intelligent video applications. You can use LVA for a number of use cases across industries such as retail, healthcare, and transportation. You can bring any custom AI by plugging in video analysis edge modules, whether they are Cognitive Services containers, custom edge modules built with open source machine learning models, or custom models trained with a customer’s own data. You can also combine video analysis with other business data to make smarter business decisions.
LVA integrates with a number of Azure services (in the cloud and/or the edge), such as Stream Analytics on IoT Edge, Cognitive Services on IoT Edge, Media Services, Event Hub, and Cognitive Services.

From <https://azure.microsoft.com/en-us/updates/live-video-analytics-now-in-public-preview/>

 

 
 
 NOW AVAILABLE
CNI security vulnerability in older AKS clusters and mitigation steps
Updated: June 01, 2020
A security vulnerability has been identified in the container networking implementation (CNI) in CNI plugin versions v0.8.6 and older that may affect older AKS clusters.
Details
An AKS cluster configured to use an affected container networking implementation is susceptible to man-in-the-middle (MitM) attacks. By sending “rogue” router advertisements, a malicious container can reconfigure the host to redirect part or all of the IPv6 traffic of the host to the attacker-controlled container. Even if there was no IPv6 traffic before, if the DNS returns A (IPv4) and AAAA (IPv6) records, many HTTP libraries will try to connect via IPv6 first then fallback to IPv4, giving an opportunity to the attacker to respond.
This vulnerability has been given an initial severity of Medium with a score of 6.0.
Vulnerability analysis and verification
All AKS clusters created or upgraded with a Node Image Version later or equal than “2019.04.24” are not vulnerable, as they set net.ipv6.conf.all.accept_ra to 0 and enforce TLS with proper certificate validation.
Clusters created or last upgraded before that date are susceptible to this vulnerability.
You can verify if your current Node Image is vulnerable by running: https://aka.ms/aks/MitM-check-20200601  on a machine that has CLI access to the cluster’s nodes.
Windows nodes are not affected by this vulnerability.

From <https://azure.microsoft.com/en-us/updates/cni-security-vulnerability-in-older-aks-clusters-and-mitigation-steps/>

From //build 2020 - Azure SQL Edge (preview)
https://azure.microsoft.com/en-us/services/sql-edge/


Deploy to Azure using GitHub Actions from your favorite tools
https://azure.microsoft.com/en-us/blog/deploy-to-azure-using-github-actions-from-your-favorite-tools/

 

Keywords:

Filed Under: Podcast

Announcements

Now on Spotify! Simply search for Azure Podcast and you will find it (may need to scroll down a bit). Recently we started uploading the video recordings to YouTube as well.

Podcast Clients

You can find us on iTunes, Spotify, XBOX Music and in most Podcast clients on Android. Or simply use the RSS feed link above and plug it into your Podcast client.



Flyer

Love this podcast? Use this flyer to socialize it with your community.

Calendar

<<  December 2021  >>
MoTuWeThFrSaSu
293012345
6789101112
13141516171819
20212223242526
272829303112
3456789

View posts in large calendar

Tag cloud