Category Archives: cloud computing

Microsoft Build and the repositioning of Windows

Microsoft Build is under way in Seattle, with around 6000 attendees here to learn about the company’s latest developer technology. But what is the heart of Microsoft’s platform today? The answer used to be Windows – and this conference was originally the Build Windows event, distinct from the earlier Professional Developer Conference which was run by the Developer Division and had a wider scope.

image
Microsoft’s Satya Nadella introduces Build 2019 

  Today though it is not so clear. The draft Build 2019 press release hardly mentions Windows. Here is the summary of topics: 

In his opening keynote, Microsoft CEO Satya Nadella outlined the company vision and developer opportunity across Microsoft Azure, Microsoft Dynamics 365 and Power Platform, Microsoft 365, and Microsoft Gaming”

Windows is there of course. Azure uses Hyper-V, the Windows Server hypervisor. A Microsoft 365 license is a bundle of Office 365, InTune device management, and Windows Enterprise. Microsoft Gaming includes PC gaming, and Xbox gets its name from the Windows DirectX hardware accelerated graphics API. But no, this is no longer a conference about developing for Windows, and Microsoft seems happy for its operating system to be less visible. PCs remain the devices on which many of us get most of our work done, but it is not a growth market, and cannot really become one unless by some miracle Microsoft returned to mobile or wearables. That would be hard, especially since the Universal Windows Platform, originally conceived as an app platform for touch and mobile as well as desktop, has drifted away from that concept and become something of uncertain relevance unless you are targeting HoloLens or some other niche.

That said, Windows is still evolving and Build remains the best event to keep track of what is new. In the advance news on which this post is based, several key features were announced.

Windows Subsystem for Linux 2 (WSL) now supports Linux Docker containers as well as faster file I/O. This also integrates nicely with new Visual Studio Code Remote Development Extensions which let you edit and debug code in WSL, in Docker containers, or on any remove machine over SSH.

Windows Terminal is a new application for command lines including PowerShell, Cmd and WSL. It includes rich fonts (with hardware accelerated rendering), multiple tabs, and “theming and customization”.

React Native for Windows is an open source project on GitHub that will let you develop high performance Windows applications.

MSIX Core is the next step in Windows setup technology and lets you install MSIX packages on Windows 7 as well as Windows 10.

.NET 5 has been announced and seems to embrace both Windows Desktop and cross-platform – I will be unpacking the details of how this works shortly. .NET 5 will release in 2020.

Microsoft Edge (on Chromium) has new features announced included an IE mode tab (for running Internet Explorer applications/sites), three levels of privacy (Unrestricted, Balanced and Strict) which claim to control third-party tracking, and Collections which is a feature for collecting and sharing web information and integrates with Office.

Of course there is much more news on what Microsoft now sees as its top priority topics: Azure, AI, Microsoft Search, PowerApps, PowerBI, Cognitive Services, Bot Framework, Mixed reality, IoT and Edge computing, Cosmos DB, Azure Kubernetes Service, GitHub and more.

Windows? Still the best way to run Office, and excellent for developing applications. But this is Microsoft Build, not Build Windows.

image
Seattle, Washington the evening before Microsoft Build

Microsoft Office and privacy: happy to send what you type to the cloud for analysis?

I attempted to open a document from on-premises SharePoint recently and was greeted with an error asking me to check my privacy settings.

image

“The service required to use this feature is turned off” I was informed. Hmm, what service is that then? The solution turned out to be in the new Office privacy settings, just as the dialog suggested.

If you disable what Microsoft calls “Connected experiences” it appears to block access to SharePoint. Probably not what the user intended.

image 

This setting is not great for clarity. Privacy-conscious users like myself may disable it because it represents your agreement to “experiences that analyze your content”. Since this means uploading your content to the cloud for analysis it sounds as if it might weaken both privacy and security. If you look at all the options though, it may be possible to agree to access online file storage without agreeing to content analysis:

image

It looks as if by unchecking “Let Office analyze your content” you might be able to stop Office uploading your stuff.

Is there anything to worry about? We need to know more about what happens to our data. There is a Learn More link that takes us here. This lists lots of features but does not tell us what we want to know. Maybe here? This tell us that:

Three types of information make up required service data.

  • Customer content, which is content you create using Office, such as text typed in a Word document, and is used in conjunction with the connected experience.

It is still not clear though what happens to our data, other than that it is “sent to Microsoft”. Even the massive Microsoft Privacy Statement is no more illuminating on this point. In fact, it is arguably rather alarming since it contains this statement:

Microsoft uses the data we collect to provide you with rich, interactive experiences. In particular, we use data to:

  • Provide our products, which includes updating, securing, and troubleshooting, as well as providing support. It also includes sharing data, when it is required to provide the service or carry out the transactions you request.
  • Improve and develop our products.
  • Personalize our products and make recommendations.
  • Advertise and market to you, which includes sending promotional communications, targeting advertising, and presenting you with relevant offers.

We also use the data to operate our business, which includes analyzing our performance, meeting our legal obligations, developing our workforce, and doing research.

In carrying out these purposes, we combine data we collect from different contexts (for example, from your use of two Microsoft products) or obtain from third parties to give you a more seamless, consistent, and personalized experience, to make informed business decisions, and for other legitimate purposes.

This suggests that Microsoft will profile me and send me advertising based on the data it collects. What I need to know is not only the fact that this happens, but also the mechanism, in order to make an informed judgement about whether it is sensible to enable these options. Of course it is also possible that the Office content analysis service does not do this. I am guessing.

What can go wrong? These risks are hard to quantify. If you are typing something confidential, it makes sense not to share it more than is necessary, as further sharing can only increase the risk. There are some interesting scenarios too, such as what happens if Microsoft receives a legal demand to have sight of the content of your documents. Microsoft may not want to give access to your content, but in some circumstances it might not have the choice. Then again, I doubt it retains content sent for the purpose of personalisation, beyond whatever factors the service determines are significant. However this is not stated here.

Is this any different from storing documents on a cloud service such as SharePoint / OneDrive online? It is a bit different since in the Office case you are permitting Microsoft to analyze as well as to store your content.

All of this is up for debate. I accept that the risks are probably small as well as the fact that the wider world has little or no interest in most of the content I type but do not choose to publish.

Nevertheless, there are a few things which seem to me reasonable requests.

– A clear statement concerning what happens to my content if I choose to let it be analyzed by Microsoft’s cloud service, to enable better informed decisions about whether or not to enable this feature. Dumping the user into an all-encompassing privacy policy is not good enough.

– Improved settings (and possibly some fixed bugs) so that privacy-conscious users do not inadvertently disable access to on-premises SharePoint, as in my example, or other unexpected outcomes.

– A simple way to exclude a specific document from the service, conceptually similar to “in-private” mode in a web browser though with more chance of actually protecting your privacy (in-private mode is not really very private).

In general, I do not think the solution to a customer’s reasonable concerns about privacy and security of personal information is to obscure how this data is handled.

A post that can save you money: scheduling Azure Virtual Machines for start/stop

I have written recently about Windows Virtual Desktop, the ability to set up a virtual desktop environment on Azure at a relatively low cost, provided your users have Microsoft 365 accounts. My test setup is minimal but I have been watching the cost which is currently working out at £5.39 per day. This excludes the cost of Microsoft 365; it is purely for the infrastructure including VPN gateway, storage and VM. Bandwidth is a variable cost but almost negligible on my usage. Of that cost, the VM is around 75%. So if I could shut down the VM when not in use the savings are substantial.

It turns out this is pretty easy on Azure though it requires some plumbing. VMs do have a built-in option to shutdown on a schedule, but not to start up. To get start/stop, you need an Automation Account.

image

With the automation account created, select it, hit Start/Stop VM, then click “Learn more about and enable the solution”.  You get this dialog.

image

Here we learn that to save money, we have to spend it, on three new services: Automation, Log Analytics, and Monitor. It is not too bad though as there is a free tier for these services that may be all I need. Hit Create.

image

In this window you have to configure three sections. Nothing challenging, but note that in Configuration you set the Target Resource Group Names. No pick list here, you have to type in the names. Or use a wildcard, which is unlikely to be a good idea since by default it will start and stop ALL your VMs. The schedule is not very smart, just a daily on and off, but see below. Once done, click Create to add the solution.

All done, but what about weekends, for example. This is easily fixed if you create your own schedules. Just go into your automation account and click Schedules under Shared Resources. The wizard-created schedules are listed, and you can modify them or create new ones. It looks as if you might need 5 schedules, one per weekday, recur every week, to make your VMs not run at weekends. There is no Monday-Friday option.

More documentation here. Note that automation can also run PowerShell scripts which will be even more flexible.

Scheduling cloud resources to shut down when not in use must be one of the most effective ways to reduce IT spend.

Update: here is the outcome of my efforts:

image

The Management resource group has the runbook that performs the start/stop action. The cost of this is small. Overall cost has gone down by about £2.00 or about 40% in my case. I appreciate this is a very small test deployment, but it would support maybe 4 or 5 users without any problem and my experience shows that you can indeed make a large saving by scheduling VMs to stop when not in use.

Microsoft is making lots of money. Anything else notable in its first quarter financials?

Microsoft has released its statements for the first quarter in its financial year, ending 30th September. Here is the segment breakdown. Everything has moved in the right direction.

Quarter ending September 30th 2018 vs quarter ending September 30th 2017, $millions

Segment Revenue Change Operating income Change
Productivity and Business Processes 9771 +1533 3881 +875
Intelligent Cloud 8567 +1645 2931 +794
More Personal Computing 10746 +1368 3143 +578

The segments break down as:

Productivity and Business Processes: Office, Office 365, Dynamics 365 and on-premises Dynamics, LinkedIn

Intelligent Cloud: Server products, Azure cloud services

More Personal Computing: Consumer including Windows, Xbox; Bing search; Surface hardware

Any points of interest? In his earnings call statement, CEO Satya Nadella talked Teams, the Office 365 conferencing and collaboration solution:

“Teams is now the hub for teamwork for 329,000 organizations, including 87 of the Fortune 100. And, we are adding automated translation
support for meetings, shift scheduling for firstline workers, and new industry-specific offerings including healthcare and small business.”

He also mentioned Power Apps and Flow, interesting to me because they are the most successful so far of the company’s efforts to come up with a low-code development platform:

“Power BI, Power Apps and Flow are driving momentum with customers and have made us a leader in no-code app building and business analytics in the cloud.”

He also mentioned the pending GitHub acquisition, which he says is “an opportunity to bring our tools and services to new audiences while enabling GitHub to grow and retain its developer-first ethos.”

Note that despite the cloud growth, Windows remains the biggest single segment in terms of revenue.

Determining how much of Microsoft’s business is “cloud” is tricky. The figures in the productivity segment lump together Office 365 and on-premises products, while Office 365 itself is in part a subscription to desktop Office, so not pure cloud. Equally, the “intelligent cloud” segment includes on-premises server licenses. No doubt this fuzzing of what is and is not cloud in the figures is deliberate.

Microsoft Azure Stack: a matter of compliance

At the Ignite conference last week in Orlando, Microsoft’s hardware partners were showing off their latest Azure Stack boxes.

In conversation, one mentioned to me that Azure Stack was selling better in Europe than in the USA. Why? Because stricter compliance regulations (perhaps alongside the fact that the major cloud platforms are all based in North America) makes Azure Stack more attractive in Europe.

image
Lenovo’s Azure Stack

Azure Stack is not just “Azure for your datacentre”. It is a distinctive way to purchase IT infrastructure, where you buy the hardware but pay for the software with a usage-based model.

Azure / Azure Stack VMs are resilient so you cannot compare the value directly with simply running up a VM on your own server. Azure Stack is a premium option. The benefits are real. Microsoft mostly looks after the software, you can use the excellent Azure management tools, and you get deep integration with Azure in the cloud. Further, you can diminish the cost by scaling back at times of low demand; especially easy if you use abstracted services such as App Service, rather than raw VMs.

How big is the premium? I would be interested to hear from anyone who has done a detailed comparison, but my guess is that running your own servers with Windows Server Datacenter licenses (allowing unlimited VMs once all the cores are licensed) is substantially less expensive.

You can see therefore that there is a good fit for organizations that want to be all-in on the cloud, but need to run some servers on-premises for compliance reasons.

Google announces Cloud Build: CI/CD for the Google Cloud Platform

Google Cloud Next is under way in San Francisco, and yesterday saw the announcement of Cloud Build, Continuous Integration and Continuous Deployment for the Google Cloud Platform.

image

Cloud Build runs a series of automated build steps and then optionally pushes built images to Googles container registry. It is a natural fit with Kubernetes but can be used with both containerised and direct deployments.

You can create your own build steps or use a prebuilt one. The prebuilt steps are:

  • bazel: runs the bazel tool
  • curl: runs the curl tool
  • docker: runs the docker tool
  • dotnet: run the dotnet tool
  • gcloud: runs the gcloud tool
  • git: runs the git tool
  • go: runs the go tool
  • gradle: runs the gradle tool
  • gsutil: runs the gsutil tool
  • kubectl: runs the kubectl tool
  • mvn: runs the maven tool
  • npm: runs the npm tool
  • wget: runs the wget tool
  • yarn: runs the yarn tool

Note that dotnet is in there so you can use this immediately with .NET Core.

There is also an option to  build locally. For example, you could build locally and only after a successful local build, invoke Cloud Build.

Cloud Build integrates with GitHub:

With this new integration, you can easily set up CI through Cloud Build and automate builds and tests as part of your GitHub workflow.

I doubt Google celebrated when Microsoft acquired GitHub but it is good to see GitHub continuing to support diverse platforms.

Overall this is an important feature as Google races to extend its cloud platform to match what is on offer from its key competitors, AWS and Microsoft Azure.

AWS embraces hybrid cloud? Meet Snowball Edge

Amazon has announced Snowball Edge, an on-premises appliance that supports Amazon EC2 (Elastic Compute Cloud), AWS Lambda (“serverless” computing) and S3 (Simple Storage Service), all running locally.

image

Sounds like Microsoft’s Azure Stack? A bit, but the AWS appliance is tiny by comparison and therefore more limited in scope. Nevertheless, it is a big turnaround for the company, which has previously insisted that everything belongs in the cloud. One of the Snowball Edge case studies is the same general area as one used by Microsoft for Azure Stack: ships.

The specifications are shy about revealing what is inside, but there is 100TB storage (82TB usable), 10GB, 20GB and 40GB network connections (GBase-T, SFP+ and QSFP+), size is 259x671x386mm (pretty small), and power consumption 400 watts.

Jeff Barr’s official blog post adds that there is an “Intel Xeon D processor running at 1.8 GHz, and supports any combination of instances that consume up to 24 vCPUs and 32 GiB of memory.”

You can cluster Snowball Edge appliances though so substantial systems are possible.

Operating systems currently supported are Ubuntu Server and CentOS7.

Amazon’s approach is to extend its cloud to the edge rather than vice versa. You prepare your AMIs (Amazon Machine Instances) in the cloud before the appliance is shipped. The very fast networking support shows that the intent is to maintain the best possible connectivity, even though the nature of the requirement is that internet connectivity in some scenarios will be poor.

A point to note is that whereas the documentation emphasises use cases where there are technical advantages to on-premises (or edge) computing, Barr quotes instead a customer who wanted easier management. A side effect of the cloud computing revolution is that provisioning and managing cloud infrastructure is easier than with systems (like Microsoft’s System Center) designed for on-premises infrastructure. Otherwise they would not be viable. Having tasted what is possible in the cloud, customers want the same for on-premises.

Microsoft announces free version of Teams, ahead of Inspire partner conference

Microsoft’s partner conference, Inspire, kicks off in Las Vegas next week; and as part of the event the company has announced big news concerning Teams: a free version.

image

What is Teams? It is a collaboration tool for Office 365, or at least it was, since the new free version can be used with any email address and without Office 365. Here is what you get:

  • Chat
  • Audio and video calling
  • 10GB online storage, plus 2GB for each additional team member (SharePoint/OneDrive)
  • Word, Excel and PowerPoint online
  • Ability to install unlimited additional applications

Teams is a strategic product for Microsoft – see here for the reason. A free version is way for the company to promote Office 365, and you will see an upgrade link in the user interface.

There are also new features coming to Teams. One seems minor, but will be popular. It deals with the problem of video conferencing from home, and not being sure what may happen behind you. You may remember this:

image

So now Teams video conferencing will let you blur the background. Here is Raanah Amjadi, Marketing Manager, Microsoft Teams, demonstrating the feature:

image

In addition, Teams is getting a new Live Events feature. This is where you broadcast a presentation or meeting to others in your company. Automatic speech-to-text will do close captions (so you can watch with the sound done, if you trust it enough), and this then enables text search of the event with index points into the video. Bing Translate is also included in Teams so you can have multi-lingual conversations.

image

Microsoft Workplace Analytics is getting enhancements including “My Analytics” which will give you AI-powered “nudges” in Outlook online. I am not sure I trust this to be much real-world use; but the example shown was intriguing: alert you if you try to schedule a meeting with someone out of their working hours.

Whiteboard, a collaboration canvas, is now generally available for Windows 10 and mobile.

image

Free Teams is available immediately here.

Ubuntu goes minimal (but still much bigger than Alpine Linux), cosies up to Google Cloud Platform

Ubuntu has announced “Minimal Ubuntu”, a cut-down server image designed for containerised deployments. The Docker image for Minimal Ubuntu 18.04 is 29MB:

Editors, documentation, locales and other user-oriented features of Ubuntu Server have been removed. What remains are only the vital components of the boot sequence.  Images still contain ssh, apt and snapd so you can connect and install any package you’re missing. The unminimize tool lets you ‘rehydrate’ your image into a familiar Ubuntu server package set, suitable for command line interaction.

says Canonical.

29MB is pretty small; but not as small as Alpine Linux images, commonly used by Docker, which are nearer 5MB. Of course these image sizes soon increase when you add the applications you need.

I pulled Ubuntu 18.04 from Docker Hub and the image size is 31.26MB so this hardly seems a breakthrough.

Canonical quotes Paul Nash, Group Product Manager for Google Cloud Platform, in its press release. The image is being made available initially for Amazon EC2, Google Compute Engine, LXD, and KVM/OpenStack. The kernel has been optimized for each deployment, so the downloadable image is optimized for KVM and slightly different than the AWS or GCP versions.

Pusher: a nice solution for sending messages and notifications to web and mobile apps

Pusher is a London company which runs cloud services for publish/subscribe in web and mobile applications. The idea is to deliver real-time updates, a concept that has many use cases. Examples include price updates in finance apps, status updates to track a delivery, news updates, or anything where users want to monitor progress or keep in touch with fast-moving developments.

The service passed my “get up and running quickly” test. I created a free account (limited to 100 connections and 200k messages per day) and a new channel:

image 

I’m guessing it runs on AWS, looking at the datacentre locations:

image

I chose a JavaScript client and ASP.NET MVC for the back end. On my PC I pasted the JavaScript into a web page running locally on Apache (in Windows Subsystem for Linux). I also created a new ASP.NET MVC project and added the sample code with some trivial modifications. I was able to send a message to the web page; it triggers an annoying alert but of course you could easily amend this to update the UI in more user-friendly ways.

image

Of course you could roll your own solution for this but what you get with Pusher is all the plumbing pre-done for many different clients and automatic scalability.

Pusher also has a service called Beams (formerly Push Notifications) which lets you send notifications to Android and IOS apps.

Pusher or roll your own? As with many cloud services, you are putting a high level of trust in Pusher (security and reliability) if you use the service, and you will need a paid subscription:

image

You are saving considerable development time though, and as Google and Apple update their SDKs or change the rules, Pusher will presumably adapt accordingly.

Can Azure easily do this, I wondered? I headed over to Azure Notification Hubs. I noticed that the amount of admin you have to do to support each device is greater. Second, Microsoft promised to support “push to web” in March 2016:

image

… but has not done so nor even bothered to update those asking:

image

It is odd that Microsoft, with all its drive behind Azure, is still in the habit of leaving customers in the dark in certain areas.