Mary Jo FoleyModeratorNovember 8, 2019 at 11:38 am #624652
Our next MJFChat, scheduled for Monday November 11, is between me and Tim Warner, Pluralsight author and Microsoft MVP for Cloud and Datacenter Management. The topic of our conversation: On-premises to the Azure cloud: How to evolve your mindset.
What questions do you have for Tim about on-premises vs. cloud; on-premises plus cloud; and/or on-premises to the cloud? No question is too big or too trivial. I’ll be chatting with him on November 11, and will ask some of your best questions directly to him. Just add your questions below and maybe you’ll be mentioned during our next audio chat.
Brad SamsKeymasterNovember 19, 2019 at 8:06 am #624882
You can find an audio replay, here.
Mary Jo Foley: 00:00 Hi, you’re listening to the Petri.com’s MJFChat show, I am Mary Jo Foley, AKA your Petri.com community magnet and I’m here to interview tech industry experts about various topics that you, our readers and listeners want to know about. Today’s MJFChat is going to be all about evolving your mindset about the cloud. And my special guest is Tim Warner who is a Pluralsight author and Microsoft MVP for cloud and data center management. Welcome Tim and thank you so much for doing this chat with me.
Tim Warner: 00:40 You’re welcome Mary Jo. Thanks for having me. It’s really an honor. I’ve been a fan of yours for many, many years.
Mary Jo Foley: 00:46 Oh, thank you so much. So when you and I were talking back and forth about ideas for this chat, you observe that many customers think they should design their Azure migrations to mirror their on premises environments. But there is a huge fallacy. The idea that designing for the cloud requires some huge paradigm shift based on designing for on prem. So I know you have a lot of thoughts on this and a lot of practical guidance. So I’m excited. I’m actually excited to hear what you have to say about this. Sounds really cool. In addition, both Tim and I just got back from Microsoft ignite 2019 with 30,000 of our closest friends. So we have a lot to talk about from there too. Right? For sure. So I, I want to start out by talking about your central thesis. Why doesn’t designing for the cloud require a significant paradigm shift compared to designing from on prem and your view?
Tim Warner: 01:45 I’ve been in the industry a little over 20 years and I’ve been a Microsoft specialist for just about that time. And I found, especially over the last handful of years where I’ve specialized even further in the Microsoft Azure cloud, that the people in the businesses that I work with who are considering a move to the cloud have a default posture of, well, we’ve always done our infrastructure this way on premises. We’ve been virtualized for a number of years. So just defacto, that must mean that we need to migrate these VMs in place, the so-called lift and shift scenario and to Azure and they tend to be surprised when I show them some of the platform as a service options available in Azure and they’re thinking, Whoa, you can do that. I had no idea. So the, the main thesis I always like to drive home is that the cloud does require a very different thought pattern or paradigm to use a $5 term. And the biggest point is that you can look at your Azure deployment as a Greenfield of opportunity. You definitely don’t, don’t feel constrained that you have to replicate your on premises infrastructure .
Mary Jo Foley: 02:58 yeah. It’s kind of a combination of both of those things, right? It’s there are some things that are lessons you can take from what you’re doing on prem and bring them to the cloud, but not everything. Right?
Tim Warner: 03:08 Yeah. You, you in many ways you get an opportunity to do over, I mean you might have your, your TCP IP internet work laid out a certain way and it’s painful in certain in certain ways. Perhaps because whoever did it, not you, you’re your predecessor, of course, another colleague, but what they did made some mistakes that you’re kind of stuck with and it’s freeing to be able to design from a Greenfield point of view in Azure. But then again, we don’t want to overcompensate. There’s the question of, I personally in my architects philosophy, keep the infrastructure in the cloud as simple as possible. The more complexity you add, that’s not absolutely necessary is going to exponentially increase your troubleshooting load. So just because you can deploy resources with a couple of mouse clicks doesn’t mean you necessarily should. It’s really crucial to have a clear picture of what your goals are.
Mary Jo Foley: 04:05 That’s, that’s really good advice. I know I just saw you tweet this morning some architectural diagram about the cloud and I was like, wow, what is that?
Tim Warner: 04:14 Yeah, I know. I tweeted out a Vizio drawing I put together. Whereas in my work as a Pluralsight author, I want to try to pack as much content in as condensed an area as possible. So I did a little crowdsourcing. I’m looking forward to hearing what folks have to say as far as things I might’ve missed. I tried to make the architecture as flexible as possible while at the same time as simple as possible.
Mary Jo Foley: 04:41 Hmm. Hmm. Wow. If that was simple, I’m worried.
Tim Warner: 04:44 it’s all relative isn’t it? I hear ya.
Mary Jo Foley: 04:49 That’s true. So you know, there’s a challenge that not just IT Pros have, but we as reporters who cover the cloud have as well. And that is, there’s always constant change when it comes to the cloud, right? There’s always change in features and naming. Like, like last week at Ignite, so many products change names. I was trying to keep up, but there was this huge list and every day I was learning more new names. But there’s also changes in licensing and pricing and this is not just true of Azure, but I think all of the big clouds. So what do you tell IT pros? How do you, how do they kind of learn to love or at least to accept this constant change?
Tim Warner: 05:30 Yeah, I think except as the key term, something that I hammer home with my students consulting clients, anybody else who will listen is that in order to be successful with any public cloud, like you said, it is a question of reaching a steady state of acceptance that it’s the environment is a shifting sand where you’re liable to see something new or different just about every time you log into the Azure for instance. And so but, but I also, I like to give comfort in that once you’ve attained your initial learning curve and you have the general lay of the land with for instance, Azure fundamentals, then you should be in an easier position. As you see these ebbs and flows and changes because you have a ground level familiarity and comfort with the environment, it’s a bit easier to adapt. Secondarily, I would recommend staying very close to, for instance, the Azure updates Page at azure.com so that you’re kept abreast of products as they move through private preview , public preview, and general availability. I’m still fan Mary Jo of RSS. I don’t know about you.
Mary Jo Foley: 06:43 Me too. Huge.
Tim Warner: 06:43 And that seems to be a forgotten technology. Yeah. And I strongly suggest developing an RSS feed series of these different sources, product team blogs. Because you know, there’s really no choice. You have to have an always learning orientation when you’re working in the public cloud.
Mary Jo Foley: 07:02 It’s really true. Yeah. I use NewsBlur as my RSS reader and I would be so lost without having RSS feeds. I just, I don’t even know how people do it without it.
Tim Warner: 07:12 I know, I know. Maybe they just scan Twitter. I don’t know.
Mary Jo Foley: 07:17 I know, I know. Yeah, I didn’t, I didn’t know if you had any specific tips and tricks around this. So we talked about RSS feeds a little bit, but I mean, how else can you keep up with daily changes that are going on and also how much do you need to actually keep up with it? Because I’ll tell you why I’m asking that question is if you’ve subscribed to the Azure blog every day, there’s at least like eight, 10 new Azure announcements. And I at first tried to keep up with all of them and finally I just said, you know what, that’s going to drive me insane if I do that and I need to kind of pick and choose. So I do. Usually I do a quick scan in the morning and see what’s new and if there’s anything I really think I need to write about, but I, I just have kind of given up, of the idea that I’ll always be up to date.
Tim Warner: 08:03 Yeah, that’s a, that’s a very good point. Thanks for reminding me about that. Yeah, certainly principally you want to keep an eye on the products that you’re actually using in Azure for instance, and within the Azure portal there’s a couple tools that are helpful in that regard. There’s a tool called resource health and service health where you could get a really just a filtered view of what’s happening on Microsoft side that could affect your particular services deployed in your particular regions. So I find those helpful. But then I guess I’ll edit what I recommended a few minutes ago. Looking at Azure updates and looking at product blags is fine, but first of course you need to run through the filter of what you’re using. And is there something that could change that in the Microsoft side that could affect your deployments positively or neutrally?
Mary Jo Foley: 08:57 Hmm, that’s, that’s good. Right? Same, same idea. You have to have filters, right? You just can’t try to understand everything and keep up with everything. I don’t think. I also subscribe, I don’t know if you’ve ever seen this. There’s a weekly newsletter called the Azure weekly newsletter from Endjin and ai subscribe to that too. And they do a nice job of sending out a once weekly newsletter that gives you all the announcements in one place and you can kind of pick and choose from that too.
Tim Warner: 09:24 You’re right. I also subscribe to Endjin’s Azure weekly, and I think to myself, wow, they’re investing quite a bit of time curating. It’s a comprehensive list of announcements that they put together. So I agree with you. That’s a great one to have. And there’s another weekly digest by an Azure MVP named Chris Pietschmann and I think he calls his digest Azure weekly as well.
Mary Jo Foley: 09:48 Yes, I’ve seen his too. It’s also excellent.
Tim Warner: 09:51 Yeah, it is. And there’s a third person, another Asher MVP named Mike Pfeiffer, who has a weekly bulletin, I think his is called Cloud Skills. And his is even more curated. So geez, between those three you’ve got nice coverage. It seems to me.
Mary Jo Foley: 10:09 it’s true. Really true. Let’s talk about ignite a bit because this is another way I feel like people can try to keep up with all the changes by going to these conferences or if you can’t go at least watch the sessions that are recorded later, because they’re publicly available. You know, I get, I get this thing, and I think you do too, as an MVP, we get this thing before these kinds of shows called the book of news, right? And then Microsoft gives us this under NDA a couple days before either Build or Ignites start. And this year the book of news was about a hundred pages of announcements and many, many of them were Azure announcements. So you know, everybody’s like, Oh yeah, you have the book of news. So of course you know what happened. But I feel like still even with that, you need filters because there were so many things. But I think we both would agree. One of the biggest announcements at ignite around Azure was Azure Ark. I wonder if you could kind of put that in context for people because I tried to explain it as a lay person covering the industry, but I think you, well I’m positive you could do a much better job.
Tim Warner: 11:18 Well try. Okay. So so putting this in context with that notion of the paradigm shift from on premises into the cloud. Um, right. So, you know, fundamentally I come back to the nest, the nest published a white paper that gives the essential characteristics of cloud computing and they talk about on demand, self service and resource cooling and elasticity.
And in my experience, that’s what I think just about all businesses are looking for when they consider the cloud. How can we get some of this hyperscale, this easier management, this power and make it available to us with our infrastructure. And it’s the very few businesses indeed that can afford to do that in a private cloud. Now we have Azure stack, which is still expensive, but that could serve that need. And then there’s few businesses that can go cloud only and have all their infrastructure directly in the cloud.
Tim Warner: 12:16 So hybrid is almost always the way that a business is gonna make their foray into the cloud. So Azure arc seems to fit into that pocket quite nicely where you can take the Azure deployment tools and the Azure resource manager API and models and extend that kind of instead of from on premises into the cloud. I’m thinking of the opposite, the cloud on premises and one of my to do items this week as a matter of fact, is to work through the tutorials at the Azure docs where you can onboard your on premises virtual machines and manage them seamlessly. And Azure right alongside your Azure native cloud VMs. So there is one huge value proposition, the ability to extend Azure services from the cloud in benefit, you know, get some of those amazing cloud characteristics in your existing on premises environment. Pretty powerful.
Mary Jo Foley: 13:18 It is. I think it was kind of hard to stand understand because it also was presented in the midst of a lot of rebranding, like Azure stack becomes Azure Stack Hub and then they brought in Azure stack edge. And I think when, when they combine those two things together, it made it look a lot more complex than it really is. Yeah, I called it, I called it Microsoft’s hybrid two dot O play because I feel like Microsoft was already there, as you said, with Azure stack. But now they’re taking that a step further and trying to incorporate it so you can see all your resources wherever they are, even if they’re not in Azure or Azure Stack.
Tim Warner: 13:55 Right, exactly. And I had that question right away about the relationship between Azure Arc and Azure Stack and I actually was able to find a unicorn at the conference. I found someone who makes his living deploying and working with Azure stack. So he was the perfect person to ask the question to. Yeah, I said isn’t Azure Arc robbing some of Azure Stacks business. And he said in his opinion, no, because number one Azure stack is a way to just bring Azure itself in a, say a disconnected scenario in a mineshaft or on a freighter ship in the middle of the ocean so that you didn’t see them as competing.
Mary Jo Foley: 14:37 Huh. Interesting. Okay. Yeah, I kind of had that same thought too. I was like, okay, where does Azure Stack fit in now to all this? So that’s, that’s an interesting point. Now I know there’s another product that is near and dear to your heart. So much so they did a session about it called Azure Bastion. Right. And so I wrote about this when it was going into preview back earlier this year. And I used Mark Russinovich, who’s the chief technology officer of Azures description and I said, this is a service for secure access to your off internet VMs. That’s how he described Bastion. So I know, I know that you gave a whole session on this at ignite and I would like to hear how you think. Well, number one, what you think of the service. Number two, how you think this fits in with your initial thesis, which is how on prem and cloud management and peoples’ minds should or should not be different.
Tim Warner: 15:33 Yeah, very much so. I would define Azure Bastion in an elevator pitch context as a managed jump box and a jump box being defined as a VM, probably a shared VM among several IT professionals where they can come in and one protected host instead of having worst case scenario, public IP addresses on your virtual machines. Talk about paradigm shift. Rule one never, unless it’s absolutely necessary, put a public IP on a VM running in Azure. It’s just asking for trouble right away. So we’ve got this drop in managed appliance that you, at this point you really don’t have any direct interaction with. It’s almost completely managed. The Bastion host will have a public IP address, but it’s very much screened. It’s just listening for traffic on the SSL port TCP 443 the idea is that your virtual machines don’t need any public IP, so you don’t need to horse around with a load balancer for instance to try to manage those virtual machines.
Tim Warner: 16:40 The idea is as of today through the Azure portal, you just browse to your virtual machine, go to connect and there’s a separate tab there called Bastion. And if you haven’t deployed one you’ll be prompted to do so. And then you create a remote desktop session or a secure shell session directly in the browser. And that’s where we are right now. But I know it’s a near term milestone for their engineering team to support client apps. So cause that’s what we would expect. It seems to me is working IT professional. We don’t want to be tied to the Azure portal.
Mary Jo Foley: 17:14 Right, right.
Tim Warner: 17:16 That’s the, the the basic how to about Azure Bastion. A managed jump box.
Mary Jo Foley: 17:21 Okay, nice.
Tim Warner: 17:23 And that can solve a lot of problems speaking of paradigm shift because generally in my experience, again a business is afraid of missing something and their deployment and other words inadvertently exposing a virtual machine that they’ve got running in Azure to to bad actors.
Tim Warner: 17:40 Maybe they’ve, they don’t know how to do a jump box or they they put a public IP on the VM. Like I mentioned before, that seems to be a trend seen with Azure as a whole. This, this trend toward rolling up separate products under a single name, front door would be an example or just selling these individual specific appliances like Azure Firewall or Bastion host that are meant to abstract a lot of that network and complexity that drives just about everybody up the while. I guess that’s the number one support issue that Microsoft gets, so Microsoft is trying to help I think in that regard.
Mary Jo Foley: 18:21 That’s funny you brought that up because I had that same question is whether those kind of composite products that roll up a bunch of things into a single entity are actually performing as advertised or I think if I, if I were an IT pro, I might be worried about it over simplifying and over abstracting what I need to do and at to a level that I shouldn’t be trusting. How do you feel about that?
Tim Warner: 18:46 It’s a valid point. I mean, number one, there’s a business that’s exerted the blood, sweat and tears to put up a geo distributed web application where they’ve individually deployed and configured. For instance, the Azure Content Delivery Network, Traffic Manager, Load Balancer, all of that kind of stuff where they know exactly what it is and how it works. And then they compare that wondering what am I missing or am I missing nothing? Did I Dodge a bullet by instead not doing, say front door where you just stepped through a wizard. And behind the scenes, Azure is putting out a CDN and a traffic manager profile, but it’s abstracted away most of the dials and switches. So my general guidance is if you’ve already got the, the knowledge capital or whatever the tech term is, where you’ve deployed the environment though those assets separately and it’s working fine.
Tim Warner: 19:43 I guess there the question would just be a financial thing. Maybe on one hand could you save money and could you simplify administration by maybe going to something like Front Door or are you losing too much administrative flexibility to your point by allowing the composite product to abstract all of the dials and switches away. That’s just, I think it’s largely unknown. I haven’t read or heard much analysis on that question yet unfortunately.
Mary Jo Foley: 20:13 Yeah, I was thinking it’s probably a matter of personal preference to some degree.
Mary Jo Foley: 20:18 Yeah, definitely. If a business doesn’t have the knowledge to handle all those moving parts and they need almost a turnkey geo distributed app, Front Door is fantastic. Okay, cool. I have a personal question for you because you’ve given a lot of good advice for IT pros and some of it is applicable to me as somebody who covers the industry.One thing I have trouble keeping up with, and I’m curious how you do this is how do you keep up with which Azure product compares to which AWS product and which Google cloud product? Because I’m thinking in the case of like Google Anthos, those right and AWS Outpost. A lot of people said those things were very similar to Azure Ark. But then when you kind of drill down into the documentation, I’m like, but are they, so how do, how do you like compare and contrast? Like if somebody gives you got a question like, Oh, so what does Google have in this space? How do you, how do you keep up with that? Because I cannot keep up with it.
Tim Warner: 21:19 Yeah. Well I have a good answer for Azure versus Amazon web services, but unfortunately it’s a tougher lift for Google cloud platform. And why do I say that? Because for whatever reason, I mean, as you know, Microsoft since Satya took over, has been so much more open and playing well with others and all of this, there’s in the Azure documentation library at least two very solid articles that are designed specifically for that question. In fact, one of them is called something like Amazon AWS service comparison. And the ducks team at Microsoft literally did a product by product table.
Mary Jo Foley: 22:03 I saw that! So that was great.
Tim Warner: 22:05 That was fantastic. Yep. So in that case it’s just control F type the product and there you go. There’s the answer. And then like I said, there’s a bunch of other stuff that’s Microsoft specifically curated for AWS professionals to help them in their learning curve. In terms of why I did see two or a elastic Beanstalk and all this over here, how does that relate to Azure? And they’ve answered that. However, there’s a complete absence of GCP and maybe there’s some political intrigue in the back of things that you may know more about than I do. But it’s kind of a void with GCP and Azure.
Mary Jo Foley: 22:42 It is. It is. And a lot of times I feel like it’s not something you can even do an apples to apples comparison with. Right. Like Anthos to me is kind of like AKS for Azure, but it’s also sort of like Arc and there’s a lot of pieces to it. So it is sometimes almost impossible to even just do a side by side comparison.
Tim Warner: 23:02 Yeah, that’s well said. Whereas Amazon and Azure so similar since Azure resource manager and almost is apples to apples. GCP I guess reminds me a little bit of Apple in terms of just doing their own thing and marching to the beat of their own drummers.
Mary Jo Foley: 23:19 It’s true. It’s true. They, they, they do, they kinda came at the cloud from a different perspective and I feel like very different from AWS and Microsoft, which is just kind of interesting. Yep. All right. So, Tim, we are almost out of time. Anything else you want to suggest? We talked a lot on this show about resources, which I think is awesome because people ask me that all the time. But any, any other things like podcasts that we didn’t mention or even coursework? I know you do so much with Pluralsight. You can tote your own course if you want. Just things you would suggest for people who feel like I need to understand Azure a little better before I make the jump.
Tim Warner: 23:59 Oh yeah. Yeah. I mean, of course I’m biased a bit because I am a teacher and so I come from an education perspective. But I mean, it’s crucial that you understand what you’re getting into. Especially if you’re, you know, an elder States person and you’ve done on premises data center work with a screwdriver in your hand for many years. I don’t want no stinking cloud. And then you realize that, you know, your boss says, well, you need to start looking at it. I would say number one, the Azure Docs are fantastic source of truth being open source.
They’re, they’re very current and you can even edit them and submit changes yourself and associated with that, there’s two sites. One would be the Microsoft learn website. It’s microsoft.com forward slash learn. And the big feature there that I want listeners to understand is Microsoft has a sandbox environment to where you can work through these learning labs and actually gain real hands on experience using Microsoft subscriptions. And then from a, from another educational aspect from MS Learn, you can get to the Microsoft Pluralsight partnership courses and that’s what I contribute to as part of my full time job. There’s a bunch of free Azure courses that are mapped to the different job roles, architect, administrator, developer, etc. And I would say among those resources, you should be in a good position to attain your initial learning curve, get comfortable and get productive and Azure.
Mary Jo Foley: 25:31 Nice, thanks. That’s, that’s fantastic. I didn’t realize you, you folks did a lot of free courses as well and I didn’t know that.
Tim Warner: 25:37 Yeah, Pluralsight and Microsoft have been BFFs now for a couple of years and so we’re doing quite a bit of content that they make available through their website and those courses of which I don’t know how many hours. Of course it is, it’s free. You don’t, there’s no subscription associated with it.
Mary Jo Foley: 25:55 All right, well Tim, we are now officially at a time, but thank you so much. This was fantastic. I can tell you’re a teacher because you made it really clear and very methodical in a good way, so thanks for doing that.
Tim Warner: 26:07 That;s my goal. You’re welcome. And thank you Mary Jo.
Mary Jo Foley: 26:10 So, for everyone else who’s listening, all you, MJFChat readers and listeners, we’re getting ready for our next chat right now. I’ll be posting that information on Petri and that will be your signal to send in any questions you might want to ask before we do the chat. All you have to do is go to the MJFchat area and the forums on petri.com and submit your questions right there. And in the meantime, if you or someone you know might make a good guest for an MJF chat, please do not hesitate to drop me a note. All my contact info is available on Petri.com. Thanks again!
- This reply was modified 1 hour, 56 minutes ago by Brad Sams.
You must be logged in to reply to this topic.