Category Archives: IT Pro

Veeam Live 2020

Posted on by
Reply

Attend Veeam Live 2020

I am attending Veeam Live 2020 from the comfort of my home this year. I can stay safe and still learn, connect, and investigate new technologies and options.

This works for me 🙂

Allow me to invite you Veeam Live 2020. This year the content focus area is on “Cloud Data Best Practices”. The online event takes place on October the 20th 2020 for a full day.
Veeam is gathering its global talent pool to present at this event. That talent is both internal to Veeam as well as external. Some of my fellow Veeam Vanguards are presenting and sharing their expertise.

With names like Anton Gostev, Danny Allen, Rick Vanover, Michael Cade, Anthony Spiteri, Dave Kawula, Andrew Zhelezko, Dmitry Kniazez, David Hill, Karinne Bessette, Kirsten Stoner, Dave Russel Melissa Palmer, Sander Berkouwer, Drew J. Como and so many others, the experience and expertise to share are second to none. Many industry and customer experts are also joining in to share their insights.

As Veeam states

At Veeam Live, you’ll gain data management guidance you can activate today. You’ll learn how to up your data protection game across your enterprise, connect with like-minded professionals, set the strategy right for your organization, and be part of the future of Cloud Data Management™.”

Veeam Live 2020 October 2020 – Join for free

So no matter what level you are at or what part you play in managing and safeguarding the data of your organization there are things to explore and learn.

Topics

Topics to be discussed are Multi-Cloud Data Management, AWS- and Azure-Native Backup, Office 365 Backup, Ransomware Best Practices, Kubernetes Backup and App Mobility. Check out the full agenda to find the topics and sessions that are of most interest to you.

On all those subjects Veeam is actively developing and releasing new capabilities. Just think about their recent acquisition of Kasten. They are also sharing information about Veeam Backup & Replication V11 which is currently in Beta.

Get your questions answerd

Do you want to find out how you can make your solutions more efficient? Need to figure out the biggest threats and opportunities there are in today’s technical, business, and security landscape? Want to learn what new technologies you need to keep an eye on and learn about? Is the evergrowing ransomware threat keeping you awake at night?

 Free for all

The event is free for all. You can register here.

Join Veeam Live 2020 for free

Join us from the comfort of your own (home) office or couch. It all works. Just bring an open mind, a willingness to listen and learn. The interesting thing about Veeam is that they sell solutions that cater to real, existing, and emerging needs of their (potential) customers. They keep it real and have a tradition of explaining why they develop and bring their solutions and offerings to the market. It makes for educational and insightful sessions and events.

So now you know the secret of how I stay on top of things in the data protection and management world. I listen. Not the sound of crickets (that’s for vacations) but to people that are smart, experienced, and have a proven track record of delivering value in a very competitive and ever-changing landscape. So, now you also know how to stay up to speed, all that is left to do is register today. You are very welcome.

Project Bicep, an ARM Domain-Specific Language

Posted on by
1

Project Bicep

Project Bicep? Biceps? Do you mean like bicep curls? Muscles? What does this have to do with ARM or ARM templates? Well, to master ARM templates, we can use a little extra power. So, It’s a joke so bad it’s good as Microsoft’s Alex Frankel put it.

Impressive power but not the kind of biceps we are talking about (image by Eduardo Romero on Pexels.com)

Over the years, I have noticed a couple of challenges when it comes to Infrastructure as Code (IaC). It is not an easy thing to achieve in practice. Not only in the cloud but anywhere. It is a significant hurdle in achieving IaC. Maybe you have the same experiences.

Azure Infrastructure as Code

In Azure, one of the biggest challenges has been the learning curve when it comes to writing the JSON. JSON, the “human-readable” data interchange format that brings ARM and ARM templates to live. It isn’t something you pick up super quickly and turns out to be harder and harder to use when things become more complex and diverse.

Other challenges are related to managing the templates, getting pipelines set up reliably and consistently for all resources in Azure tenants, subscriptions, resource groups, etc. It is not something that I would call inviting and easy to do.

Then there are the real-world realities we need to handle. There is a ton of “stuff” out there where deployment, configuration, orchestration, and change happens in different ways. How does one onboard all that in an IaC process without too much risk of breaking things? Unfortunately, this is tedious and fragile.

We like Infrastructure as Code

For many people, the above is a bit discouraging. Don’t get me wrong. People see, understand, and like the idea of Infrastructure as Code. They just have a hard time getting there. There are all sorts of tools for various environments and needs. We have all at least heard and probably looked at Chef, Ansible, Puppet, or Terraform. There are many others still, but I just listed the ones that have been getting some serious attention over the last four years. Choosing one is losing the benefits of another. Using them all is an operational, skills, and management challenge. They all have their strengths and weaknesses. The main differences are whether they take a procedural, declarative, or an orchestral approach to getting the job done.

While orchestration is very popular, it does feel a bit like a failure, but that is “emotion”. Why? Well, because in the end, we cannot manage change very well and end up throwing everything away and replacing it with a new deployment that has the changes in there. Everything is a cow now that gets slaughtered and replaced when it doesn’t function as expected or needs to change. That works well for lightweight and fast implementations. It is somewhat painful when using this in more massive deployments. But still, when looking at the results and preventing configuration drift, it gets the job done.

But even the best tools have issues that can be best described as “death by a thousand cuts.” The concept is simple, but that doesn’t make it easy to do!

Microsoft has heard this feedback

We like Infrastructure as Code. We do find it too hard to do well, especially if that is not the bulk of your work, and you are not a guru at it like Stanislav Zhelyazkov.

When Microsoft asked on Twitter, “What do you think is a knowledge gap for traditional #ITPros when it comes to transitioning to the cloud” I replied, “The biggest skills hurdle is related to IaC. ARM is tedious and hard to learn for many, yet a cornerstone … Fix that, and we can move 10 faster in any cloud journey.”.

Project Bicep
My honest reply to Microsoft’s Anna Chu

The above is not new feedback, far from. But recently (Build 2020) they talked publically about what they are doing about it if I recall correctly. Yes, Microsoft is addressing this challenge. Just last week I saw Project Bicep go public on Github!

So what is project Bicep?

Bicep is a project Microsoft announced at Build 2020 (May). It delivers what Microsoft calls Transparent Abstraction over Azure ARM and ARM templates.  ARM ==> Bicep get the joke? Ok, never mind, it is terrible to search for, however. You get a lot of irrelevant hits.

It has a couple of goals as you can learn from the video.

  • Human friendly, so readability and comprehensibility are essential. You have to be able to understand what you read and write without much effort.
  • What you write will create or compile JSON for you. Microsoft now seems to like “Transpiles” for this. Where earlier the sort of made the analogy of JSON being some sort of the Intermediate Language (IL) of IaC.
  • If you think of JSON of an IL (as MSFT suggests), it is easy to see that, just like with .NET, you might see different languages use to achieve the same goal. But for now, that is not the goal. The goal is to get a working, functional declarative language that is suitable for all kinds of users. We’ll see where this ends up.
  • It focuses on modularity, so no, it will not create giant ARM templates, but modular ones. That means there is multi-file support.
  • It should evolve at the speed of Azure, so no waiting for six months to get new functionality implemented. Microsoft calls this “transparent abstraction.”
  • They plan a migration/conversion/export tool for existing ARM JSON!

Read up on project Bicep over here https://github.com/Azure/bicep. It clarifies the current state of what Bicep is and is not. I hope this moves fast and delivers better tooling to make Infrastructure as Code a better, more accessible, and more achievable goal for all of us.

WARNING

Bicep is at a super early stage of its existence. This is the earliest Alpha you can imagine. It is going to break, barf, and probably puke on your Azure stuff once in a while. So please, DO NOT USE THIS IN PRODUCTION. Right now it is only to get a feel for it, tinker around and get some feedback. This is you only and final warning.

In all honesty, it is very raw and as a (non-Linux) hardcore dev, this is not love at first sight for me, as I had hoped to use PowerShell for this. I hope it will mature and I will grow to love it and like using it much more than ARM. Anyway, dive into the bicep tutorial to see what you think.

Veeam Community Editions and the EULA

Posted on by
Reply

Veeam Community Editions and the EULA

Boring as it might be, reading your End User License Agreements can be useful. That is no different for the Veeam Community Editions and the Veeam EULA. The EULA came up recently when discussing Veeam services an IT Service business can offer to its clients.

For example, take a look at the Veeam Backup & Replication Community Edition. See the Hitchhikers Guide to Veeam Backup & Replication Community Edition for more information. It is a great resource and was written by Kirsten Stoner.

Veeam Community Editions and the EULA
The Veeam Backup & Replication Community Edition

It includes support for up to 10 Instance licenses and allows you to protect any combination of physical machines, virtual machines, and cloud workloads for free. You get the standard edition backup functionality. Veeam also offers community editions of Veeam ONE™ and Veeam Backup for Microsoft Office 365. Cool!

The value for you

This is an awesome offering. It helps people with small environments and small budgets out big time. They get top-notch data protection for free, Not just that, they get all the goodness of the well known Veeam data portability, ease of recovery, reliability, and support. Then there are the forums, where you’ll find many helpful and skilled eyes. It is a very active community.

The value for Veeam

First of all, Veeam is smart. They put their products into as many hands as possible. When that happens people get to use, learn, know, and love the products. That leads to sales when 10 instances just don’t cut it anymore. It also leads to a lot of feedback and insights. A lot of the people using it are early adopters and IT professionals. This means that they use the products and if they find issues Veeam gets telemetry and early insights to potential bugs. This helps them deal with then proactively before the big enterprises upgrade as that usually takes a bit longer.

Secondly, Veeam is community-minded. And that is not just lip service, they act on it. I know this first hand and you will to when you experience it. The community editions of their products are just one example of that.

As mentioned, you get support. Within reason, just like with paid support the Veeam support engineers will not do implementations for you. So just doing “click, click next” like a baffling buffoon won’t get you far. Support is not meant to replace your own skills or provide free IT designs and implementations. That work is for you. The support with the community editions is about finding and fixing issues with the product. That’s very valuable for Veeam as early adopters who run into issues help surface those in time to address for the slower moving customers.

Do It Yourself

The Veeam Community Editions EULA boils down to the fact that it is a Do It Yourself (DIY) arrangement.

As a hobbyist, student, enthusiast, employee who wants to learn more about Veeam products or leverage them to protect a company or non-profit workloads you can do that up to the 10 free licenses. It is perfectly legal to do so. But as it is DIY, you cannot hire someone to do this for you. Likewise as an IT consultant. contractor or freelancer, solo or with a company, you cannot offer paid services around Community Edition. For that, they have different licensing options. You can read up on this in the EULA.

Conclusion

The rules around Veeam Backup & Replication Community Edition are simple. As an end-user (hobbyist, employee, business) you get most of the famous Veeam capabilities and benefits for free up to 10 instances. Yes, you can use this in production and you get free basic support from Veeam. Then there are the forums, which offer a wealth of insights and where many helpful eyes can assist you. For this to be legal you have to implement and maintain the community editions yourself. You cannot hire people to do it for you. As an IT service company, no matter what the size or nature, you cannot offer commercial services and build a business model around the Veeam Community Editions. That’s what the commercial versions and partnerships are for. As far as EULA’s go, that is crystal clear.

Custom Route Tables in Azure Virtual WAN are live!

Posted on by
2

Introduction

Last week, around August 26-27th 2020 Custom Route Tables in Azure Virtual WAN lit up in my Azure Tenants. Awesome news. Normally this should have happened the week of the 3d of August 2020. However, some delay happened. Now it is here is has come in silence. Which I find odd. This is a major capability that offers so much of what we need to make Azure Virtual WAN shine. But it is here, ready to shine at Microsoft Ignite

Custom Route Tables in Azure Virtual WAN
Watch my video on custom route tables in Azure virtual WAN

Custom Route Tables in Azure Virtual WAN

What do we have now? You can read up on Azure Virtual WAN route tables over here. I have made a video about all this which you can find on my blog and on my Vimeo channel. Please take a look for some walkthroughs and links to some other blog posts by me on Azure Virtual WAN.

LabELs

First of all, let’s discuss the labels. Labels logically group route tables. These are very helpful when propagating routes from connections to multiple route tables. The Default Route Table has a built-in label called ‘Default’. When you propagate connection routes to the ‘Default’ label, it automatically applies to all the Default Route Tables across every hub in the Virtual WAN.

Custom Route Tables in Azure Virtual WAN
Creating a label

Associations

Now, we can discuss associations. Each connection is associated with one route table. This means that the connection can send to the destination indicated as routes in the route table it is associated with. The routing configuration of the connection will show the associated route table. This is very important for connected VNETs. Multiple connections can be associated with the same route table. Note that all VPN, ExpressRoute, and User VPN connections are associated with the same (default) route table.

Custom Route Tables in Azure Virtual WAN
Association

By default, all connections are associated with the Default route table in a virtual hub. Each virtual hub has its own Default route table. You can add one or more static routes to the default Route table. Static routes take precedence over dynamically learned routes for the same prefixes.

Propagations

Last but not least, connections dynamically propagate routes to one or more route table. VPN, ExpressRoute, and User VPN connections propagate routes to the same set of route tables. With connections like a Site-2-Site VPN, Express Route, or Point-2-Site VPN, routes are propagated from the virtual hub to the on-premises router using BGP.

Custom Route Tables in Azure Virtual WAN
Propagations for Branches
Custom Route Tables in Azure Virtual WAN
Propagation for a connected VNET

A “None” route table is also available for each virtual hub. Propagating to the None route table implies that no routes are propagated from the connection.

Some need to ask

Finally, some customers need to reach out to support in order to get Azure Virtual WAN Custom route tables to light up.

Contact Microsoft support if and when needed to enable custom route tables for you.

As a result, I suggest you do so to start kicking the tires and then dive in deeper. This is a cornerstone technology for Azure networking going forward.

Automation

I have not found any documentation or guidance in regards to automation with PowerShell, Azure CLI, or ARM templates yet. I expect this to be forthcoming as this is much needed. As a result, I hope we’ll see this by Microsft Ignite 2020.

Conclusion

Azure Virtual WAN with the secured Virtual Hub and custom route tables offers the capabilities we have been waiting for. With these capabilities in place. Azure Virtual WAN is the future of Azure virtual networking. Therefore, I fully expect to hear a lot more about it during Microsoft Ignite in September. I personally will focus on this part of networking in the coming months. It is a stock part of any Azure initiative and project in the near future.