I have been working with Azure in various forms for the past 4 years. Initially working with Exchange Online and migrating customers to Office 365. This gave me exposure to Azure Active Directory and Office 365. These are examples of Identify as a Service and Software as a Service.
The term as a Service refers to products and services that are made available to consumers over the internet.
My first experience using Infrastructure as a Service on Azure, occurred when creating a Linux server to host a website, integrate with ADFS / SAML. It was a rushed job. I was impressed at how quickly I could spin up a Linux machine with little required knowledge of Linux, open the firewall to allow SSH, HTTPS and Azure saved the day.
The next project involved reproducing a customer’s on-premise infrastructure into Azure i.e. Domain Controller, Exchange Server and connecting it to Exchange Online. It took less than a day to get this setup, clicking through Azure Portal and provisioning the virtual machines, network and downloading the required files.
I was happy enough with this approach, but after chatting with a colleague he told me I was doing it all wrong and mentioned something about Azure Resource Manager (ARM) Templates.
Initially I found working with Visual Studio and ARM Templates daunting, fighting to get my squiggles lined up so I could deploy my Infrastructure as Code. The learning curve was steep coming from a pure Infrastructure background but I got there. Once configured correctly ARM Templates can be deployed many times, the code reused and its much quicker than navigating through the Azure portal.
The above graphic is an example of an ARM Template. It contains the Infrastructure as Code that is read by Azure’s API detailing the infrastructure and components I want and exactly how to configure them.
Natural progression has led me to working on Platform as a Service, starting with SaaS, building IaaS then to provisioning PaaS. PaaS is a major step forward, i.e. Microsoft patch, manage and bill for just the piece of the server needed. This leads to quicker deployment times, speeds innovation and reduced expenditure (compared to IaaS).
When a PaaS web application is deployed, it provides a System Centre Management interface that allows troubleshooting the web app without the need to log onto any server by adding SCM to the URL.
This gives an insight into what is happening behind the scenes in PaaS, the web application is being deployed to Internet Information Services, access to process explorer and the local drive is available.
Troubleshooting has changed, the ICMP stack is considered a security risk in Azure. Ping and nslookup commands have been replaced with tcpping and nameresolver.
A slight issue with working with PaaS is there is no on / off option, like you would have with IaaS. This can work out expensive as costs are incurred 24 / 7. Although it is not possible to turn off a PaaS environment it can be deleted. The end goal is to have confidence in the Infrastructure as Code, that allows for the entire environment to be deleted and recreated.
One option for automating the deployment to Azure is to use Visual Studio Team Services as a Continuous Integration Delivery Pipeline. It looks and feels like part of the Office 365 offering and was previously referred to as Visual Studio Online, in the same manner as Exchange Online, SharePoint Online.
VSTS provides GIT Repositories that trigger build jobs. The build jobs compile the code from GIT into formats that can be pushed by the release into Azure. The build steps include GULP, Node JS, NPM and Selenium tests out of the box. Visual Studio Market Place has additional features that can be selected and added as extensions.
For example, White Source Bolt is an extension that can be added via a build step. It automatically detects all open source components in your build and alerts on the vulnerable open source components, outdated libraries, and licenses compliance issues. It can be configured to break the build and can be setup in less than 10 mins.
VSTS also provides source control, test results, bug tracking and Kanban boards all contained within the same cloud application and is fully auditable. Works with AWS, Google, Jenkins, Docker and Chef. It is relatively straight forward to setup and enjoyable to work with.
Working in with Azure Automation, Infrastructure as Code, GIT, Continuous Integration Delivery Pipeline, Platform as a Service has involved a major shift compared to how I used to work as an Infrastructure Engineer, until something breaks, then those skills are vital.
The learning curve has been steep, enjoyable and rewarding. Embracing this change assisted me in earning several Microsoft Azure qualifications and getting to work on high profile Azure PaaS Solutions. I would encourage others interested in Azure and Automation to make the shift.