Azure Springs Forward at Microsoft Ignite 2021
2021's spring Microsoft Ignite brought a ton of announcements from across Microsoft's broad product portfolio. WWT's Azure experts review highlights and hidden gems from the conference.
WWT's Microsoft Cloud experts were soaking it all in (virtually) at Microsoft's Spring 2021 Ignite conference. We even had the privilege of presenting along side our MSFT peers on an incredible healthcare edge solution.
The list of announcements last week is long (just look at the Ignite 2021 Book of News!), but our experts have sifted through to highlight a few of the most exciting announcements, as well as a few hidden gems.
To keep up to date with MSFT announcements and how WWT can help you on your cloud journey, make sure you've joined our ecosystem.
Mike Hellrich: Cloud Platform Architect, Azure Apps and Infrastructure
Flex your ARMs with Bicep
As organizations increase the size of their deployments and automation suites via DevOps pipelines, having the skill to author Azure Resource Manager (ARM) templates has been an increasing necessity for their platform teams. However, the verbosity of ARM can make this task difficult and time consuming to create, maintain and understand. To close this gap and make deployments easier and faster to develop, many other languages (Terraform), projects (Farmer) and products (Cloudmaker) have been created. However, developers were sometimes reliant on these third-party products or other providers to be updated when Azure releases new functionality.
For the last year, Microsoft has developing a first party solution to ease the writing of declarative resource templates, called Project Bicep. Bicep is more succinct for architects and developers to read and write, all while keeping backwards compatibility with ARM templates.
To enable organizations that have historically used ARM templates in their deployment pipelines, Bicep is not a standalone language, but rather a higher level language to ARM that allows only an additional Bicep build step to be necessary. For organizations that do not currently rely on ARM, Bicep can be directly deployed via the latest version of the Azure CLI.
At Ignite, it was announced that as of version 0.3.1, Bicep has moved past experimental status and is now fully supported, opening the door for production use of the technology to increase the speed of development of Azure projects.
Saad Quddusi: Cloud Platform Architect, Azure Apps and Infrastructure
K8s anywhere, managed by Azure Arc enabled Kubernetes
The announcement of Azure Arc enabled Kubernetes status transitioning from preview to general availability was very exciting. Many of our customers today are already using Azure Arc to manage their environment across data centers and multiple cloud environments. This particular announcement around Kubernetes containers will open more use cases for customers who have been looking to host their Kubernetes clusters in production environment under Azure Arc.
In addition, Azure Monitor for Containers and Azure Policy for Kubernetes supports clusters running outside of Azure (currently in preview), which allows users to have a single pane of glass to govern, deploy and monitor their Kubernetes environment.
One of our customers in healthcare industry was looking for a solution that gives them a way to govern and configure their existing Kubernetes clusters located in Azure, on-premise data centers and other public cloud platforms. This customer was particularly interested in viewing and tagging Kubernetes instances running on and outside of Azure. They also wanted a way to monitor their clusters and apply policies to them, all in a single consolidated view. Azure Arc enabled Kubernetes turned out to be an ideal solution for their use case.
WWT will be incorporating this announcement into our Microsoft Cloud offerings portfolio.
Aaron Venson: Cloud Engineer, Azure Apps and Infrastructure
Azure AD goes Passwordless
We were excited about the Microsoft Ignite sessions highlighting one of the latest Azure Active Directory authentication methods, Azure AD Passwordless authentication.
Microsoft has continued its commitment to providing Azure customers a rich set of features within the Azure Identity services toolkit. Azure AD Passwordless authentication method relieves IT operations of the overhead related to managing end-user passwords, improves an organizations security posture and simplifies the end-user sign-in experience. Azure AD Passwordless integrates with open authentication standards such as USB/NFC key, USB biometric Key, FIDO (Fast Identity Online) keys and Microsoft Authenticator.
Microsoft has simplified adoption of this Azure AD authentication method for Azure customers already leveraging Azure AD multi-factor authentication (MFA) and self-service Password Reset (SSPR).
This new Azure AD authentication method capability will be welcomed by Microsoft customers like the federal government. The law enforcement agencies would be a likely use case of this authentication feature paired with a hardware security key such as the Yubico FIDO2 biometric security key. This capability would provide an alternate modern passwordless solution compliant with the NIST SP 800-63-3 (Digital Identity Guidelines) requirements.
Stay tuned as we add this capability to our ATC Azure Sandbox.
Mohammad Ossaimee: Sr. Cloud Engineer, Azure Apps and Infrastructure
Azure Migrate on Steroids
It wasn't long ago that Microsoft brought Azure native migration tooling to the masses with Azure Migrate. Azure Migrate made it easy to size and migrate your IaaS workloads, right from the Azure Portal. At Ignite 2021, MSFT proved that they aren't stopping there.
Azure Migrate is getting smarter, bringing agentless dependency mapping to build seamless move groups and assessment tooling for migrations to Azure VMware Solutions and Azure SQL. Private endpoint and ExpressRoute support open Azure Migrate use cases in heavily controlled and regulated environments. Growing well beyond it's IaaS migration roots, Azure Migrate is bringing a wealth of new migration capabilities across many of the most used Azure PaaS solutions:
- Integration with partner solutions (i.e. Zerto).
- Migration of web apps to Azure App Service.
- Migration of ASP>NET and Java Web Apps to AKS (preview).
- Inline migration to Azure SQL in Azure Data Studio (preview).
- Oracle database migration to Azure database for PostgresSQL.
- MySQL database migration to Azure database for MySQL.
WWT brings a breadth of Azure Migration capabilities to our customers, with Azure Migrate as a powerful tool in our belt. We're excited to use Azure Migrate to bring efficiencies to our customers and their migration efforts.
Adam Heigel: Practice Lead, Azure Apps and Infrastructure
Increasing Azure Resiliency with AIOps
Microsoft's continued investment and advanced usage of AIOps methodologies has produced a 26 percent decrease in VM interruptions in less than a year's time. These improvements under project "Narya" focus on faster detecting and handling of issues in their underlying infrastructure that has "learned" to ignore minor, early-on indicators and focus their energy on the problems with customer impact that is both highly-probable and imminent.
Additionally, Microsoft's announced usage of AIOps to reduce human-limited communication delays during customer-impacts was comforting. They're leveraging the Digital Twin IoT platform to assist their own data center operations teams to perform simulations that both assist in root cause analysis and practice sensitive changes beforehand.
These advancements continue to confirm Microsoft's position on the leading edge of the industry and commitment to ensuring value delivery to customers.
Darren Roback: Cloud Solutions Architect
Facilitating Data Governance with Azure Purview
Many of the customers we work with struggle with data sprawl across the environment, since there is often no central register of data sources and it is unclear what systems are leveraging these data sets. While technically announced prior to Microsoft Ignite (in preview as of December 2020), the overarching goal with Azure Purview is to provide a unified data governance platform that automates the discovery, cataloging, mapping and governance of data throughout an enterprise environment — and across Microsoft Azure, third-party clouds and on-premises data center environments.
Azure Purview is comprised of several different services that each address a piece of the overarching data governance problem. Azure Purview Data Map is a cloud-native PaaS service that provides for the discovery and mapping of data across the enterprise and facilitates effective data governance through its classification system. This service powers the Purview Data Catalog and Purview Data Insights. The Purview Data Catalog in turn provides users the ability to locate relevant data using a familiar search experience and facilitates tracing of data lineage throughout the enterprise environment, while Purview Data Insights enables security officers within the enterprise an overview of data assets and the sensitivity of those assets. All of this is managed through Purview Studio within Microsoft Azure.
Azure Purview can be configured to address all data sources across the enterprise environment, regardless of the cloud or on-premises platform that data source exists within. This is a powerful service that Microsoft has committed to iteratively develop, but already goes a long way to providing a centralized view into an organization's data assets.
Bringing AI to the Edge with Azure Percept
We've heard for a few years Microsoft tout their vision of the “Intelligent Edge,” and with the launch of Azure Percept, this vision is really starting to take shape. Azure Percept is designed to solve three main challenges that have traditionally plagued edge AI development:
- Curating appropriate hardware to power Edge AI solutions.
- Ensuring the security and integrity of these solutions while also protecting the data and AI models being used.
- Facilitating end-to-end AI solution creation and maintenance to better ensure performance and stability of the solution.
Azure Percept as a solution is part hardware/part software, with the hardware components being specifically designed with dedicated silicon to run AI workloads, as well as embedded device identities to better secure and onboard these devices to the Azure cloud. These devices will run an optimized version of Linux and are expected to be manufactured by several hardware manufacturers, with Asus being the first to release a hardware device (Azure Percept DK by Asus). Initially these hardware devices will support vision and speech use cases, with more expected to launch in the future.
On the software side, Microsoft has launched Azure Percept Studio to simplify and streamline the development of AI models and management of the overall Edge AI lifecycle. The Azure Percept Studio has also been curated with a library of pre-built vision models including general object detection, people detection and vehicle detection, as well as voice templates for hospitality, healthcare and automotive voice control use cases. Organizations can also leverage Azure Percept Studio to create custom AI models from scratch or import existing AI models into the environment. Once a pilot has been performed and use case proven, Azure Percept Studio can be used to scale provisioning of the Edge AI solution and facilitate over-the-air OS and firmware updates on devices running the models.
We built an Azure Stack Edge Lab a couple of years ago to highlight AI/ML use cases at the Edge, and it's easy to see how Azure Percept is only going to continue to grow the possibilities for Edge AI.