Notes from Microsoft Connect(); 2017
I was able to watch parts of
Microsoft Connect(); 2017
this year. Since I took notes, it was worth sharing them broadly. It’s always fun to hear the announcements and see the demos at these conferences. There are a lot of good
tweets about #MSFTConnect
and on the Connect(); website Twitter wall.
Recordings are available on
Channel9
.
Source Code available for the Smart Hotels demo application
Connect(); 2017 – Day 1 Recap from Jeff Bramwell
Microsoft Cloud Show - Episode 226 | News and Announcements from Connect() 2017
DevOps and VSTS Videos from Connect(); 2017
- here is a list with short summaries
I wrote a summary for the
Omnitech’s blog
.
Table of Contents
VSTS Announcements
They’ve been busy on the DevOps blog at Microsoft today.
C# 7.2 released
Keynote - Journey to the intelligent cloud
Scott Guthrie in the red polo
Channel 9 Video Link
- 1 hour and 49 minutes long
- Introduction by Stephen Hawkins
- Announcements coming
- Any language, OS, or device
- “Never been a better time to be a developer” - he always says that :-)
- Best in class tools
VS Code
TypeScript
@ts-check
- check types in a JS file
Mobile Development
- Beautiful Native Apps, perform well
- Iterate quickly (build, test, distribute, learn)
- Backed by highly scalable cloud
Visual Studio and Xamarin
.Net Embedding
- compile .Net library, Embedinator NugetPackage generates a shared iOs/Android view or library
Same UI markup for iOS, Android, UWP
Visual Studio App Center - video
-
Multiple real device test cloud for automation
-
Appcenter.ms
-
Setup build in under 60 seconds
-
Distribute app
-
On Twitter
-
User info, data
-
Push notification
-
Signup to use for free
-
Containers, Docker, Microservices
-
Many teams are thinking about it
-
Azure Container Services (AKS)
Siemens is using it. Video
Inner-loop development process
Scott Hanslemann VS Container tooling support
Scott’s tweet
- Kubernetes based containers
- Connect to Azure cluster from VS
- Kubernetes Dashboard - localhost proxied to Azure
- Local “looks and smells like production”, use Azure and collaborate as a team
- Feels like on localhost, but I’m not
- Confidence before committing
Same experience with Service Fabric coming
DevOps
- New approaches, Continuous Improvement
- “everyone is looking to try and adopt”
- VSTS a complete solution
- Columbia Sportswear - video they use Cosmos DB
Donovan Brown
How the VSTS team uses VSTS to build VSTS
- 500 developers
- 50 feature teams
- Work Items
- KanBan board
- Pull Requests
- protect master
- Runs 64,000 unit tests
- PR’s are thefirst Gate
CI system more tests
Safe deployment with Release management
- rings, team first then moves out to more people
Application Insights for telemetry
Release Management new feature: Gates
- any alerts fire, it will alert and stop deployments
- Azure function or API call to check health
Windows has 25,000 engineers using VSTS
Data
- Sql Server 2017
- Ultimate flexibility
- Windows Server, Linux, Docker
- Fastest ever
- ML directly in memory database
- Auto-tuning, threat detection
- On premise or managed in Azure
- Thompson Reuters video
-
SQL operations studio download
- in preview and free
- Suggested performance improvements
- Azure auto tuning
- Existing to Azure SQL as a service
- Fully automated, wizard
- Even for Oracle
- Migration demo in Azure
- Minimal downtime
Adding MariaDB
Cosmos DB
Guaranteed low latency
Only pay for storage and throughput
Scalable to terabytes and millions/sec
SLAs
Cassandra API support
Artificial Intelligence
Azure Data Bricks
Apache Sparks Based
Demo from Databricks people
Parses unstructured data in Azure Data Lake
Live data stream to a Power BI dashboard
In preview now
Intelligent Edge + Intelligent Cloud
Free Azure trial
1 year free on Azure even after trial
VM
SQL Database
Cosmos DB
Keynote - Building the intelligent apps of the future
Seth Juarez
Channel 9 Recording
A.I. infused, new experiences, data driven
Abstractions
Cognitive Services - Anna Roth demo
-
Website demos
- REST Api calls
- You can export your model to your local application
Miguel de Icaza
Apple’s OML on iOs
use that from Xamarin
Heather - bots demo
- quick create through the website
- L.U.I.S. service
Peel away some of the hype
Example: build an app that recognizes hand written digits
- Identify
- Explore > Analyze > Convert
- Generate a Model
- Make a Prediction
Announcement: Visual Studio Tools for AI
Link
TensorBoard “like unit tests”
error function, the error should go down
Where to Run it?
Announcement: Azure IoT Edge Tool
Download to local machine
New Data type System.Numeric.Tensor<T>
Announcement:
AI School
Azure DevOps Simplified
Channel9 Video Link
Brian Harry - VSTS PM
What is DevOps? People, Process, and tools
“everything you do”
use the tools you are comfortable with
Deploying to Azure
“striving to make Azure the best experience to deploy to”
Abel Wang
demos Azure DevOps Project
Even Mac Support
Announcements:
- YAML for config as code. Executed in the build.
- Release Gates
-
Blog article
- Gradual rollout to environments
- VSTS rolls out, then waits 24 hours, then releases to the next gate
- designate release blocking bugs which would stop a release
- Abel Wang demo
- ARM template, Kubernetes, Web, api and mobile all in one release!
- query for blocking bogs, then a post deployment gate
- represent build pipeline as a YAML file, save it in source, version everything together
- “Extremely flexible”
- “happy dance”, “this is what we’ve been waiting for”
- VSTS CLI
- “we now have the ability to do things we couldn’t do before” -> minute 29
- Separate short video [Deploy quicker and safer with new greenlighting capabilities in VSTS](Deploy quicker and safer with new greenlighting capabilities in VSTS)
- Enterprise Git - Abel at minute 31
- Pull Request process now with forks, not just branches
- Pre-merge policies in VSTS
- GVFS - for large Git repos
- Windows - 300 GB
- Github is interested in partnering with VSTS
- WIKI with Markdown in a Git Repo
- TFS 2018 released today for on premise
A day in the life of a modern .Net Developer
Scott Hunter and Aditi Dugar
Containers in Azure
Demo: Traditional WinForms app
- WinForms already modernized, can install in Windows Store
- and futher modernize
- Next step, WCF service and move from WCF to Web API backend into a container
- docker file, docker-compose (a yml file to configure how the containers work together)
- Asp.Net image and SQL Server image
Move to .Net Core
- Not everyone needs to move, .Net Framework will still be there for Windows specific
- .Net Standard
- Windows Compatability Pack for .Net Core which brings back Windows only API
New application with authentication demo
- Apply EF migration from the error page!
- easy to add new properties to ApplicationUser : IdentityUser class (saved in the db, command line:
dotnet ef migration add photo
)
- gives you generated ViewModels
- code is in Github
- call old dll with Microsoft.Windows.Compatability Nuget package
.Net Application Architecture guidance
Steeltoe to .Net Foundation
Asp.Net Core is really fast (TechEmpower benchmarks)
Azure Diagnostics and Live Analytics
Production snap points (debug live in the cloud)
templates for Angular and React
Authenticator app support in templates
CI/CD support for containers and App Service
Application.Insights.SnapshotCollector Nuget
Docs
Customer Sucess stories
2,000% speed increase
Application modernization with Microsoft Azure
Corey Sanders
Channel 9 Video Recording
Note: He talked really fast, so I watched it at .75 speed.
Why should I modernize?
- Agility
- Hard to make small changes (bring down server)
- Time to Market
- Get new things to the customers
- Getting feedback
- Total Cost of ownership
- IT Simplification
The Cloud Maturity Model flow
- Lift and shift
- Migration tools
- no code changes
- smaller cloud value
- Cloud Optimized
- Containers
- a great step forward
- no new code
- increased density
- portability, agility, tooling
- high availability with Orchestrators
- works with Service Fabric
-
Azure Container Instances
- per second billing
- Dev/Test
- no infrastructure
- fast start and stop, scale
- compared to Kubernetes and Service Fabric orchestrators ACI has no control
- Service Fabric (SF) demo at ~21 minutes
- higher in stack then Kubernetes
- add micro-services in a native way
- Using Visual Studio
- PowerShell to create SF cluster
- Menu Add > Docker Support for SF
- Configure and control in VS
- Publish from VS
- SF explorer
- OS Container Services: DC/OS, Pivotal, Docker Enterprise, OpenShift (RedHat)
- Modernizing: take advantage of cloud native solutions ~28 minutes
- Serverless, logic apps, Cosmo DB, Managed DB (SQL, MySQL)
- big step forward, code changes necessary
- Event Grid -> events fired when something changes in your subscription in Azure
- Cognitive Services
- Demo
- Breakpoints in VS work for Azure Function
- WebApi into SF as a container
- Calls into Cosmos DB
- Web project - a change to allow it to call into the Web Api
It’s a journey. Think of how you can make steps toward modernization to improve your application and business.
Migrate to Azure
Source Code available
Go at your own/app pace and move towards modernization.
James Sturtevant - Senior Software Engineer
Channel 9 recording
Overview
- Move a WebForms application to the Service Fabric (SF) Platform.
- Monitoring that application.
- Azure global scale to introduce fault tolerance
- add new features to the app
Steps to Containerize a traditional application
- Create the Docker container
- push to Azure Container Registry
- create a Service Fabric Application (from the Demo)
- configure in ServiceManifest.xml, ApplicationManifest.xml (Policies) and Cloud.xml
- Template in VSTS available, but he published from VS (script and use VSTS instead to deploy)
- Scale it up easily, fault tolerance
- push to SF
- Migrate SQL to Azure SQL (with migration service)
DEMO: 7:30
- Move cached state to a Redis Cache
- Could be conflicts with multiple instances using the same DB instance
Monitoring
- Doesn’t care about the type of monitoring you do
- OMS - great at infrastructure and platform
- App Insights is a good option
- each container
- performance counters
Global Scale
- Availability Zone (AZ)
- physically separated within an Azure region
- independent power and cooling
- simple to setup
- 3 zones in each region
- intra-Az < 1ms, inter-AZ < 2ms
- Have a traffic manager
- SF Cluster can be set it up cross regional as well
- minimum 9 VMs, 3 or more regions
Microservices Architecture
Decompose it.
Start with a new feature, something that needs to scale, needs low latency, already modular
Keep in mind: latency, failures (retries), shared state
Stateful middle tier architecture overview
- use
ReliableDictionary<T>
- example CartController.cs
- always put in a transaction
- Data is replicated reliably across many nodes
- extracted out and put into a separate database - data merge is needed with a LINQ Join
- he was able to add in Async/Await and C# 7.1
Source Code on Github
Comprehensive reference
Microsoft docs
My TakeAways
I wasn’t expecting SF from the title, but it is exciting to see how he was able to move an old WinForms app and more it to Service Fabric. Containers in SF is a great technology to have. I will introduce these ideas of modernizing applications to the teams I’m working with.
Azure: building applications using Azure Service Fabric and ASP.NET Core
Channel 9 Video Recording
Vaclav Turecek
Sample code
File new Service Fabric (SF) > Web Api
- Creates a Web Api project with some SF files and config (Package)
- it’s a console application
- bootstraps and registers it with SF runtime
- He gave a in-depth explanation of startup with the SF hooks
State
- Use
<code>IReliableStateManager</code>
to have a stateful features in a controller.
- all operations with reliable needs to be Async
- fast if dictionary is already created (grabs it from cache)
- always replicated across services and machines, and local disk
- Recommendation: don’t cache it yourself, unless profiling shows a bottleneck
- replicated transactional log
Visual Studio publish creates a SF package with a service manifest. It includes a PowerShell script to deploy to Azure.
Visual Studio gives you profiles and parameters for environments.
Backend communication setup - minute 29
- Goes through a naming service (diagram)
- (I need to watch this again and give it more focus)
- You need a load balancer and a gateway (Gateway pattern)
- Azure Load Balancer > SF
- API Management, Event Hub, IOT > SF
- Option 1: Direct cilent to service
- raw
ServicePartitionResolver
API for DIY service address resolution (difficult)
- Service Remoting
- DNS Service (simple)
- Option 2: Request forwarding
- Reverse Proxying (used in demo), needed because it is stateful
IAsyncEnumerable
- No Linq Support
Spread the volume out to multiple machines - minute 40
- with partitioning and using multiple service instances to manage your data
- Front end coupled to the Back end. it has to know how it is partitioned.
- as you grow, there is no limit with services
- partitions can’t be re-partitioned
- Create on the fly with
this.fabricClient.ServiceManager.CreateServiceAsync
- example: create a service for each “poll” in the sample app
- start with default services in the ApplicationManifest.xml for VS debugging
- can be deleted, create with a script instead with
New-ServiceFabricService
- Limits: hardware, small amount of overhead (over 100,000s)
- Hint: Use
ExclusiveProcess
mode
My Takeways
This was an deep dive into using Service Fabric with Asp.Net WebApi. SF is very robust and you can even create services on the fly to scale easily.
Stateful is a good option, but I don’t yet understand why you would choose that over storing information in a database.
I’m going to have to learn more, but SF looks like a great way to host API. How do you choose between SF, Azure App Service and API Management?
Securing your web applications with ASP.NET Core 2.0
Channel 9 Video Recording
Nate Barbettini - dev at OKTA
His free eBook about Asp.Net Core
Authorization and Authentication has been updated in Asp.Net Core. It’s generic, un-opinionated and modular.
Authentication Demo
- This is a good basic walk through of adding Auth without using the Authentication template.
- He used the base template (file > new project) from Visual Studio
services.AddAuthentication(...).AddCookie()
app.UseAuthentication();
new ClaimsIdentity...
HttpContext.SignInAsync(
- He showed the cookies in the response and request for login to demistify how that cookie authentication is working.
Authorization
Do they have permission to do what they want to do?
Demo at 17 minutes
-
[Authorize]
-
services > .AddCookie(options =>
-
Create an authorization policy for re-use
[Authorize(Policy = "MustBeAdmin")]
- Create policy in startup.cs >
services.AddAuthorization(options => { options.AddPolicy("MustBeAdmin", p => p....) }
- forbidden message, until
new Claim(ClaimTypes.Role, "Admin");
Asp.Net Core Identity, template gives you the functionality he showed early, but a lot more
Hardening Asp.Net Core - 27 minutes and 30 seconds
- Anti-forgery (CSRF)
- make sure form posts are originating from your site
- token is built in automatically
- you have to validate that token with
[ValidateAntiForgeryToken]
on controller action.
- apply it in Startup in the
services.AddMvc(options =>)
to all actions
options.Filters.Add(new AutoValidateAntiforgeryTokenAttribute());
- HTTPS
[RequireHttps]
on controllers
- apply as a filter
options.Filters.Add(new RequireHttpsAttribute())'
- Security Headers
- Modern browsers have optional security header options
-
Check at
- NGrok or localtunnel.me to open up a tunnel to your local host (or deploy to Azure…)
app.UseForwardedHeaders(new ForwardedHeadersOptions { ForwardedHeaders = ForwardedHeaders.XForwardedHeaders.XForwardedFor | ForwardedHeaders.XForwardedProto });
- NWebsec.AspNetCore.MiddleWare NuGet package
app.UseHstst(options => options.MaxAge(days: 365).IncludeSubdomains());
- close the trust on first use (T.O.F.U) loop
- opt-in to the pre-load list
app.UseXXssProtection(options => options.EnabledWithBlockMode());
app.UseXContentTypeOptions();
- Remove the server header
- Program.cs
- add
UseKestrel(options => { options.AddServerHeader = false;})
Takeaways
I haven’t worked with the Asp.Net identity system for awhile. It’s great to see how well Asp.Net Core has integrated Auth and made it easy to work with through middle ware. This talk is well worth watching before diving into a new Asp.Net Core app. I’m going to recommend this to my co-workers. Understanding these basics is important.
The security hints are another thing I’ll recommend putting into core sites in the future.
More videos in my queue
Breakout shorter video highlights
Sessions to watch