 Good morning, folks, and welcome back to another edition of AZ Update. Today, we have a special guest, the April Edwards. How are you? How are you? I'm good. So, what's new in your life? What's new? Well, in the past few weeks, I've become a Cloud Developer Advocate, moving over for Engineering. A Cloud Developer Advocate, or just a Cloud Advocate? Focusing on developer technologies and the DevOps community and lots of other cool stuff in the Cloud. As kind of taking that role, I'm leading up the DevOps Lab on Channel 9. Okay. We have our first episode go live this week, with a ton more coming down the pipeline. Definitely want to encourage people to tune in, take a look, and we're looking for a lot of community submissions as well and feedback on this to make it better. So, you can follow the YouTube channel. I'm also leading up the devblogs.microsoft.com website, so you can see a lot of cool content coming out on blogs. Yeah. So, it's really cool. So, I'm really excited to join the role, move over from Engineering. It used to be a little different and work a lot more with the community. That's wonderful. So, when you say DevOps for developers, so you basically DevOps supporting developer and team? Yeah. Developers, operational teams, whole teams, I think the DevOps practice, if you will, spans across all teams, right? And not just developers, but we see developers embrace it a lot. So, I'm going to work on the DevOps side. So, that could be the DevOps technologies, the processes, the tooling, the technologies, all that good stuff. So, quite a bit in that. And then there's some other areas of focus as well. So, within the developer community, and I've worked with the operational community. So, you and I are working together on some operational stuff. We're going to reach out to everyone. That's right. We're going to be working very closely in the near future on several things that stay tuned and you'll find out. Absolutely. Oh, and the big announcement that Ignite has been made. So, Ignite November 2nd to 4th. So, I'm not quite sure how much involvement we'll have in there, but for all of you looking forward to Ignite like we do every year, stay tuned. Information will be trickling out now that the dates have been released. Oh, it's been a long week. It has. It's only been a four-day week here in the UK. We had a back holiday. Right. You're in the UK. I am in the UK. We have a lot of UK folks or other side of the pond folks in our chats often. But today we have Paul Jensen. We have Sharon Bennett. Hi, Sharon from Toronto. We have Andrew McCallum. We've got probably Jay Shock or Steve the Auto Guy will be joining shortly because he told me he would be better. So, if you have any questions, as usual, put them in the chat and we'll try to get to them as soon as possible. I'm a little disorganized this morning. And also you'll see my head turn a lot more because I ran out of contact. So, I have to wear my glasses and they only focus. A lot more distinguished today here. A lot more distinguished. Do I look smarter? No. No? Okay. That's okay. That's okay. First news of the week. We are looking at Windows 11 release date available on October 5th. I've personally been working on Windows 11 since internal betas. So, I've run it both on my spare machine and on my daily driver. And so far, I am extremely happy with the results. I've been able to customize it to my needs. What about you, April? Have you started playing with it? I have. I'm running it right now actually on this machine, which is my primary machine. I have it on a couple other machines as well. I actually had a lot of blue screen issues on my Windows book and I was like, well, what could go wrong? You know, installing Windows 11 and it was pretty seamless and not gone wood. Nothing has broken since then. So, it's actually resolved a lot of issues for me from Windows 10. Yeah. You and I are on the internal ring. So, we get like early betas and we are, they call them previews now. They're all previews. And Andrew McCallum brought up a really good point. Windows 11 is coming too quickly and we have a lot of customers. I know in the UK, a lot of private sector customers are still on XP. That's not unheard of in a lot of organizations still. And it is coming fast, but I think, you know, change is good sometimes. It's scary, but it's good. But Windows 11 thus far not gone wood has been absolutely stellar. Some really cool features built into it. And I do a lot of work on my surface book without a keyboard. So, I detach it, take it around and do stuff with it. I draw on it and that capability is even better than in Windows 10. So, I've been really impressed with it. Yeah. In term of, yeah, Paul chances like XP. Really? Ouch. Yes. Yeah. If you're still running XP, we need to have a chat. So, reach out to us. We will help. Reach out to us on our Discord server and we can have a little discussion as to how we can help you move on because if you're running XP, which is one of the things that Windows 11 is actually claiming is that it's going to be the most secure OS that we've ever put out. Considering that it requires a TPM chip and well, it requires TPM, not necessarily a full chip. A lot of the manufacturers for motherboards have now got the FTPM, which is a firmware TPM, where it reserves a piece of the CPU and actually stores the keys there. So, if you don't have an actual chip, it still may work. Most of my machines home, not my work machine here, but my personal machines. I've got the firmware TPM. The problem is that it's never turned on by default, so you have to go into BIOS and turn it on and then it works beautifully. I'm actually very happy. What do you think about the speed of the release? Why do you agree with Paul that it's going too fast? Even though it's going too fast, it's customer adoption. I think one thing that we look at is there's a lot of push towards a consumption model. So if a lot of customers are using like a BDI or some kind of host adoption, that's easy to push. But when you have your users, especially in a remote world, on laptops, they're not on the domain. A lot of customers struggle to push these updates out. And it's interesting to watch. Again, I'll say customers in the UK because I'm physically located here. I work with them a lot. They struggle to get these updates out. And it's a shame. And Andrew, sorry, Sharon just brought it up. A lot of device vendors are still using XP. That's the big issue. Is it scary? No, but it means having to continuously change. And when you're in an organization where, if they're not using a consumption model, it's tough. With everyone being remote, it's tough. But I think it, you know, it's kind of like, you know, someone brought Windows 8. When Windows 8 came out, it scared me. It did. And I used it. And I didn't love it. And I went back to Windows 7. And then I immediately went to the next version. I just kind of like bypassed Windows 8. And we don't want to make that mistake at Microsoft. I think with Windows 11, they've put out a really, really solid release. I think Windows 10 is how many years old now? A few years old. Yeah, I think it's, it's hard when you have legacy organizations out there, especially the application vendor. So a lot of what I've done in my engineering role previously was taking those applications that were, that required things like XP or Windows Server 2008. And we had to modernize that. That's a lot of my background. And it's hard because so many customers do lag behind. A lot of customers are like, oh, we're so far behind, you know, we're on, we're using this OS. And actually a majority of the world's probably not up to speed on like things like, you know, Server 2022, not even close or 2016 or 2012. Still see a lot of customers on Server 2008. Yeah. Well, the big issue for me on that one is not getting any security updates. So anything that's zero day, you're, you're completely vulnerable. I really, I was around where when, in times of Windows that's been the long time I'm going to age myself here severely. Yeah, I'm going to age myself. I've been around since the days where we didn't have a life cycle policy where every different products had their own life. So this product was supported for three years and this product was supported until we decided to put up a new one. And this product, we didn't have any consistency and that's one thing that I really liked is when Microsoft, which is like in the early 2000s, basically said, listen, we have our life cycle policy. It's five years of mainstream support, follows with five years of extended support. Mainstream is feature bug and security patches, extended support is security patches. So you know that when you get a piece of software from the date and it's published, you get 10 years of support. So people are not ready to go to Windows 11. That's understandable. Windows 10 is going to be supported for another three years, three, four years. So there's time. You don't have to jump right away, but knowing that your support is going to end at this very specific date allows you to plan, is we've already got some of the documentation on how to plan for the updates or the upgrade of your environment. And it's also working with the vendors out there to get their hardware and their applications up to speed. And I think, and you know, it's in the chat, you know, a lot of these devices have to run offline, especially in the healthcare industry, but then they're exposed. They're massively exposed. And this is sending healthcare data, right? This is transacting healthcare data. We talk about HIPAA. We talk about compliance. You know, I do a lot of work with security when it comes to developers as well. Like how do we secure our code? How do we do these things? So then it's then going to the application vendors and saying you've got to keep up with it. It's interesting. But I think Windows 11 is solid. I really like it. Well, it has a very solid core with Windows 10. So it started out with the Windows 10 core and just kind of like improved on it. So application compatibility should be really good. It will be really good. I haven't run in a single application that I've had to tweak to have it run the way I like it. I had one. I had one, but it wasn't Windows 11 fold. I use a calendar sync from my work outlook to my personal calendar. And the sync actually broke, but it was due to an update they pushed. So I had, it was around the same time. So they pushed an update to their software and actually the update broke, not necessarily Windows 11. So I had to do a complete uninstall, re-install took two seconds. The other thing I use is I use chocolatey. So for those of you that are using on any, either you can do it on a server, you can do it on your workstation. I use chocolatey install all my apps and then I just run an update through chocolatey and it's seamless. So I've pretty much automated my laptop build. So if my laptop goes put, I can run my automated build, my build with chocolatey and everything's back on it, but I run all the updates using that. It's pretty seamless. And I know where, you know, people are talking about it. It is hard to manage the OS updates, especially devices that are offline, but we have there, you know, I used to run the managed service provider space. There's such great software packages that push updates and, you know, policies, et cetera. There's ways to do it and it's tough because people hate updating the machine. My machine updates at about once a week, usually on a Friday morning because we're on that beta ring, but I've had a lot of consistency and I think security is the big thing. Your device security is huge. So when we're talking about, you know, securing our code, securing our applications, device security is crucial. And the problem is security threats are bigger than are harder to, you know, our attack surfaces are huge. We have to minimize that and that does mean pushing updates because the speed of technology is changing. Yeah. That was a good segue because you've mentioned about automation, which leads us to our second news item of the week and that one you're covering. I am. So if anyone's ever kind of read my blog or seen what I've done on the DevOps lab, I talk a lot about infrastructure as code. I have an ops background, moved into development, so I know all the pain points that people struggle with and I moved away from doing things in a very manual way and I try to automate everything I do. And I just had an episode come out this week on the DevOps lab for Nuke's Gen. Now Nuke's Gen will work with Bicep, but the current website, if you go to it now, will generate an armed, excuse me, a Terraform template for you. So I do a lot of work with Terraform. I'm a Hashicorp ambassador because I do so much work with it. I contribute to the Terraform providers and it's a great tool because it's easy to learn and people love it. And so Nuke's Gen's come out. It's a homegrown project within Microsoft and you go in, you literally click the button. It goes down, you fill out a form and it spits out a Terraform, a working Terraform template for you and this platform's growing. So it gives you a great starting point because a lot of times when we're talking about, I want to automate something, what do I automate? And then you have to learn syntax and if you're coming from an ops background and non-developer side as such, it can be really daunting. So Nuke's Gen is great. They're building in security features into it. So you have security from day one. You can secure your secrets in Key Vault. You can attach a database to whatever you're deploying and you can deploy some simple stuff. So it is new to market if you will. So it generates simple templates but it gives you a baseline for how to write a template and the right way to do it and some best practices wrapped around it. So there's going to be a lot more coming from Nuke's Gen. We recorded four episodes. So we started talking off about talking and speaking about what is Nuke's Gen, what it does, and then we went into some best practices. So naming conventions, security, and why they're important and then to help guide everyone on their journey with infrastructure as code. And that's great. One thing, I've done a lot of ARM templates and now more biceps lately. And often when I was starting out, I would basically go to a quick start template. Take one that was as close as possible to what I needed to do, download it and then basically pillage and plunder source code from different location and try to paste it together. That's how I learned. But I find interesting that Nuke's Gen, I just looked at it last night. You basically introduced me to it and I find that it's going to be really cool, especially once we figure out how to get the bicep files out of it. Right now, online just does the Terraform, but still Terraform is still very popular. Where you say, I want this, this, this and done and I want to add a key vault and I want to do this. And then it generates the skeleton for you and then you can go in and tweak it. Yeah, absolutely. And as the other videos come out on Channel 9 the next couple weeks, people can see how to modify things and add parameters. Don't do some great things in the product to get you started, things that, we talk about best practices as developers and I know people hate the phrase developers when we work in ops, but we are developers. We're telling, we're writing code for something. Whether it's a PowerShell script or Bash script, whatever. That's a touchy subject here. It is, but we're trying to automate something. Let's stay away from labels. We are all IT professionals and let's leave it at that. If you're trying to automate something and whatever role we're in, we want to think about best practices and sometimes when we start with a new project we forget about the best practices and we expose ourselves a little bit. I actually wrote a blog about some developer best practices and just because I wrote a tutorial on the Microsoft Doc site and I realized I exposed my YAML file. I exposed my pipeline effectively and I could take that. The problem I could do a lot of damage because my secrets were hidden, but if I hadn't covered up my secrets and my passwords, they would have had access to my backend infrastructure. You're just trying to do a quick start and you forget those little things but if we can start day one with those great practices built in and NubzGen has absolutely thought about that, that helps us be better tech professionals. We can do things right the first time. We don't expose ourselves. We're not just good to be but it's really a lot of opportunities because we all have 1980s. It's great howidden teams have collaborated on the project. We talk about what operation that consumers are asking for. People can say I really want to be able to do this with NubzGen and they are open to taking feedback helps our audience learn the new ways they can deploy their environment or deploy new services in Azure. If that is going to be a part that you can learn from, I'm all for it. Absolutely. Now it's a great learning path. Great learning path. Speaking of new features, private links, have you worked with private links, April? I have a lot. It's a massive requirement, especially when you're talking about network routing and resources in Azure and even serverless. It's a massive, massive discussion point. It's a way for your VMs or your IaaS resources to access your PaaS resources without going across the Internet. We're exposing them internally in your VNet, and it's very secure and very fast, but you don't actually expose so you could have a Azure SQL database or Postgres or whatever, and only expose it to the inside of your virtual network through a private link. But now, private link, there's been a couple of previews features that are coming this week that I find, that were announced this week, that I find really, really important. The first one is UDR support, which is basically user-defined routes. Of course, when you have on-prem with either a site-to-site VPN or an express route connected to a subnet or a series of subnet that may be peered network, you're going to have to at some point have to manage out the data or not the data, but the communication is routed between all of that. But now, private links will actually support user-defined routes so that you can get to the service that you need without having to put the service that's connecting to it directly on the subnet that has the private link. That's the first one which I find is really cool and opens up tons of possibility and the second one is the network security support group, which network security group support. Sorry, my dyslexia kicked in there for a second. That connected with the UDR allows you to simplify or organize the connectivity, the way you want it to do, but also to secure it. So you say, I only want connection over this port or I only want connection from this subnet or this subnet or be my entire VNet but nowhere else. So those two connected together with the private link, I think is a very massive move. Yes. It is. I was just on a customer project, not that long ago where we had to connect to a storage account and again, storage is holding data that is crucial to the customer, can expose it, and we were running a service. One points for a while, but this is a little different. Yes. There was limited features and there were a lot of gotchas to it. So adding in UDR support and NSG support means, if you have an app or something that needs to connect over a certain port, boom, you're in and that makes it really seamless. Because again, if you're connecting app to something, and it's going to be a very good game changer. Well, they look like small changes to a lot of people, they make a massive difference in accessing resources, what you can do in your subscriptions. I spent hours and work around trying to get the routing set up, the security protocol set up for customers, and these are awesome. These are really cool. So private link is definitely in high demand and the fact that we're just adding in more support for it is awesome. Yeah. I've already added the feature to my demo subscription. So I'm planning on taking it through the paces and maybe writing about it a little bit more in detail on the IT OpsOx blog. I have a lot of infrastructures code that's now out of date. Well, let's say it's out of date, it still works, but there's a better way to do it and I can simplify a lot of the code I've written. So actually this will be a fun little product to translate some of the code I have. Yeah. Well, that's the thing too with the infrastructure as code. And that's the nice thing about infrastructure as code is you write it to deploys and then while it's actually running, you can, it's a piece of code. So you can version it and so you can say, oh, well this part has changed and there's a new service just for like in Bicep last week, it was working on that where I had an embedded script. So a deployment script running within the Bicep file. Well, now I've learned a couple of weeks ago that there's now a command to read the file from your repo directly instead of having to put it in your script file. So you don't have to worry about carriage returns, about end of line characters or anything like that. You just write your file. If it's a bash script or PowerShell script, it doesn't matter. You write it in your favorite editor, you save it and then you tell your Bicep file, just go read that file and execute it here. Now you can change that, so that's cool. The next one, which is a reaction to an announcement from a partner. Is one of you want to take us through this? Yeah, so this week, a massive announcement came out from Docker. A lot of people in the community use Docker desktop to basically containerize or run a Dev container if you're using something like VS Code. And we use it a lot in why we're containerizing our code, right? We want to be able to have similar like for like developer environments. So we use Dev containers in VS Code and Visual Studio. And with that Docker has said, well, our Docker desktop application is now going to be a paid for service and they've done it in tiers. And effectively what they've done, and this has had some interesting reactions from the community because they're an open source product, right? They tiered what access you can get. They've added in a lot of features. Well, if you want this feature and you're an enterprise customer and you must pay effectively. But if the news, if you're a single user, you're working on open source projects or you're working in the community, it's free. So I think I believe January as December 31st or January, they're going to this paid for model. So we have some time. I have, actually there's a colleague of ours in Microsoft who's written a blog about how to bypass Docker desktop and use Visual Studio Code Dev containers and WSL too, my colleague Ben. It's a great article. So it's a way to bypass running Docker desktop because also running Docker desktop can be heavy on a lot of people's machines. When I've worked with customers, whether we're doing like one of the open hacks or working on customer projects, Docker desktop can eat a lot of resources. So have a look at this blog. It's a great way to get started and it just takes off that overhead as well. And now with the new licensing announcement and the cost, this could be cost prohibitive for a lot of customers out there. It's an interesting one because they are an open source company but everyone's got to make money and they are offering more features in their enterprise products. So it'll be interesting to see how it transpires. The community reaction's been very mixed. A lot of people are really frustrated. People are looking at other open source alternatives, whether it's Rancher desktop or like this article running a Dev container without Docker desktop. So it's gonna be interesting to see what happens because we use a lot here at Microsoft. I use it almost every day and we use it with customers when we're doing projects. So when we run Dev containers in Visual Studio Code, we have things like GitHub Codespaces. So we might see a lot of people embrace Codespaces more. I don't know. But I think it's gonna be interesting to see what happens, what happens in the trends because it's definitely for the community this past week for a lot of people. Well, containers are not a new thing and they've been built into Linux for decades. Docker just made it easier with their set of tools. However, as you mentioned, that article to deploy basically containers on the Windows Linux subsystem, you're just using the native capabilities of Linux right there and you're exposing it. I've used Docker desktop on my primary machine every day mostly because my terminal in VS Code is actually running in a container. And the reason is I rebuild my machine often enough and I have a couple of containers that I'm running PowerShell Core in and Azure CLI and other Azure Shell, sorry, the Azure Shell. So I'm running the Azure Shell container locally, but I don't have to worry about constantly updating. You know, when you go into a terminal and you go, oh, there's a new version of PowerShell Core, please click here to download. I don't have to do that. Every time my machine starts, I've got an automated process that goes and does a pull. So if my container has changed, it pulls in the latest one, it runs, and all my stuff that's needed and it's always there. And if I have to blow away my machine and restart it, it doesn't matter because now I just get the container back. So I've been using it a lot. So I might change from desktop, Docker desktop to this dev containers in WSL2. It'll be interesting. I want to try, because now on Windows 11, previous was on Windows 10 running it, now on Windows 11, so I'm gonna have to see how it works. Because WSL2 had, you know, I use it quite a bit in the development environment, especially when you're in an environment where, again, running infrastructure is code or whatever and you want the same environment, you're running your testing tools. So let me just see how it runs on Windows 11. But thus far, knock on wood again, nothing's broken. So, here's my words. We are coming towards the end. We've got less than about a minute left to go. I wanted to jump into the learn module of the week. This week, because we've talked about private links, I figured that the module of the week should be an introduction to Azure Private Links. For some of you who may not have had the pleasure of running, using those versus service endpoints or connecting to your pass service across the internet. So basically, you're coming out of the data center, hitting the internet and coming back into the data center. This is a godsend for anybody who wants to run a secure infrastructure. So please check it out. Introduction to Azure Private Links. And that's about it for this week. All right, it's a lot of updates. It was a lot of updates. I love the discussion. We're gonna keep doing this every Friday, folks. So make sure to connect and let us know what you think. One thing, today, in terms of our community, typically we've got community streams. So either testing and production, patch and switch and so on. But in support of content creators that have been the victim of hate raids, which I don't understand why people would do that, but it's happening, we're taking a few days off of streaming on Twitch just to support them. Absolutely. Yeah, there's no place in this world for hate. I'm on a stay in age. Yep, so thank you very much, April. Thank you for having me. Glad to have you and I'm sure we'll be seeing your lovely face more and more on this channel. Hopefully. Thank you, Pierre. Thank you, everyone. See you, folks. Bye.