How time flies – It’s already November, with the final Microsoft Ignite event for the year wrapping up on the 4th. As per usual, the Arinco crew is back to walk you through the new announcements. Hopefully saving you some time and reading of the big book of news! (Just kidding, have a read – It’s great).
Scott – Azure Container Apps
Azure Container Apps is a platform for running container-based applications as a PaaS service. But don’t we have “Azure Container instances or Kubernetes” for that? Well, this service takes this further and provides a platform for running multi-container applications on a serverless platform. It’s designed to be a production ready serverless orchestrator, that you can drop applications into and run.
The features of Azure Container Apps include: –
- Run any workload that can run in a container (Linux containers only today)
- Isolate container apps to a specific environment
- Built-in Ingress service with HTTPS using envoy
- Autoscaling using the built-in KEDA service
- Integrated traffic routing for blue/green deployments
- Scale to zero
- Service discovery
- Secure secret storage
- DAPR fully integrated, providing ability to build event driven, resilient applications
- Fully managed platform with all updates and maintenance handled for you
At the core, Azure Container Apps has the concept of an Environment, an isolation boundary for your container apps. Containers within an environment are allowed to communicate with each other. If applications need to be isolated, they can be deployed to a separate environment.
Another core feature is the concept of revisions, enabling you to run old and new versions of a container application simultaneously and use traffic management functionality to direct traffic to the old or new version, perfect for blue/green deployments.
In terms of costs, Container apps are billed on a consumption basis and there is no basic fee, you pay for what you use.
The biggest drawcard to Azure Container apps I think will be the serverless container orchestration and usage-based pricing. There is no need to manage a Kubernetes cluster or become an expert in the more low-level services. Usage based pricing enables you to run your app without needing a minimum amount of hardware running all the time.
There is obviously some flexibility and control you are giving up when using this service, as you’re buying into the way Microsoft have built the service, therefore it may not support integration to all Azure services. If you have a large investment in Kubernetes, then there is unlikely a need to move to Azure Container Apps. Hopefully Microsoft provide guidance on what limitations there are and when to use Azure Container Apps Vs Kubernetes Vs Web Apps for containers.
Azure Container Apps is currently in preview and can be provisioned from the Canada Central and North Europe regions.
I’m really looking forward to seeing where Microsoft take Azure Container Apps in the future.
James – Azure Chaos Studio
Of all the events in 2021, this Microsoft Ignite has been the best (In my opinion) – I’ve struggled to pick one thing I’m excited about! That being said, I’ve recently spent a lot of time working with customers on disaster recovery and platform resilience, so I’m really excited to see Azure Chaos Studio released into public preview.
The concept of Chaos Engineering itself isn’t new – Netflix coined the term in 2011, so we’re coming up on almost a decade of some teams implementing automatic failure to systems. That being said, Chaos Engineering itself can be a difficult process to implement, requiring a mature DevSecOps ecosystem. This release stands out so much to me because it makes this capability available to the common cloud consumer in a really accessible manner.
Chaos Studio works through the definition of structured experiments. These are made up multiple steps and actions, with appropriate security controls in place to prevent execution of tests on the wrong resources. I’ve already started to dive into the weeds with this one, stay tuned for a deep dive blog!
Mark – Enhanced Mobile capability for Power Apps
Microsoft has made a key update to their Power Apps platform with the introduction of the “native mobile apps” preview.
This is a game changer in terms of end user experience, and it means that the platform is becoming a true Mobile Application Development environment.
Some of the new capabilities include,
- End-to-end branding from home screen icon to app UX
- Distribute your app natively without relying on the Power Apps “Player” app
- Enterprise governance with Intune
My favourite feature is the ability to combine multiple canvas apps into one central “Hub app” with no extra effort. In the past, the idea of a “Hub app” was a bespoke app you needed to develop and manage yourself. Either built as a separate canvas app (or sometimes a cross platform hybrid app), this solution needed to rely on a combination of native device shortcuts & URI launch schemas. Being able to group and present your applications that “work together” in a seamless way is essential to user acceptance and app stickiness.
Dan – Microsoft demonstrates commitment to Azure AD resiliency
If the most October 4th Facebook outage has shown us anything, it’s the critical nature of our authentication services. Microsoft made a commitment to 99.99% uptime from April this year, with this Microsoft Ignite including some really great detail on how this is being achieved.
In addition to implementation of a cell based architecture to minimise the blast radius of any Azure AD issues, Microsoft has also implemented a backup authentication service, separate from the standard Azure AD infrastructure. Microsoft Says:
“We’ve also invested in a backup authentication service, a secondary system that keeps sessions alive even if the primary authentication system is down. While this system also runs within the Microsoft cloud, it’s completely separate from the primary Azure AD service. Behaving much like a generator during a power outage, it takes over active sessions to give users an identical experience when accessing apps. It also maintains security settings and access compliance, for example, applying Conditional Access policies or modifying access based on role changes. The backup service is active today for Exchange and SharePoint workloads, as well as for all native desktop and mobile apps. By the end of this year, it’ll work with all web apps as well.”
Hopefully the increased stability here will prevent any major issues in customer environments, preventing many people from WhatsApp-ing their favourite support specialists (Hi Jeff!!).
Craig – Microsoft AutoManage gets even better
Anyone who knows me, knows that I’m not particularly an advocate of Infrastructure as a Service. Moving to the cloud has so many benefits and truly adopting PaaS/FaaS/SaaS is really the fastest way to unlock them all. That being said, if you have to manage IaaS, anything which removes administrator burden is a huge positive.
Azure AutoManage was announced last September with little fanfare and only basic support for Windows Server patching. With patching now a GA service, it was past time that AutoManage got some new capabilities.
For this Microsoft Ignite, public previews have been announced for:
- Custom Profiles – Define your own baseline to be applied to Azure Services
- Hybrid Virtual Machines – Azure Arc enabled for AutoManage
- Hot Patch – Update servers without a reboot
- Extended Network for Azure – Simplify Migration with stretched subnets from on-premises to cloud.
This ignite was massive, hard for us to wrap into a single succinct article. Some honourable mentions in this space go to:
- Virtual Network Manager – A Standard set of tools to look after Virtual Network structure, enabling platform teams to
- Teams Mesh – The metaverse buzz is growing by the day, with this teams feature even receiving a shoutout from Satya.
- Microsoft Viva – With the Viva service now GA, expect to see a wealth of growth in this space over the next year, really focusing in on the employee experience.