They were joined by Nathen Harvey, VP of Community Development at Chef Software, and David Bock, DevOps Services Lead at Excella Consulting. Each offered a unique and practical perspective on the concept of DevOps and how it’s working for federal government IT.
Previously in another blog post, I laid out a quick summary of Continuous Integration (CI) and Continuous Delivery (CD) in Visual Studio Team Services (VSTS). Today we’re going to expand a bit on those DevOps processes to better suit your (or your clients’!) needs.
With CI and CD, a build agent is required—that is, a place where your code is sent to be compiled and then subsequently deployed. By default, VSTS gives you the option to use a hosted agent. This is an entirely a cloud solution; you can just choose one of the hosted agents to build and deploy your code and you’re all set. But there are a couple of drawbacks with this…
Recently we collaborated with Microsoft and Prospect Silicon Valley (ProspectSV) on a project to assess the viability and value of several Azure services. Specifically, we were asked to demonstrate how the cloud-based platform could be used to retrieve, store, visualize and predict trends based on data from multiple sources. In order to demonstrate these capabilities, we built an ASP.NET MVC application leveraging the following Azure components:
- Azure App Services
- Azure Machine Learning
- Azure Power BI Embedded
- Azure Storage
Figure 1: ProspectSV Application Architecture depicts how the system uses these four Azure components. This diagram also describes which external data sources are used and where that data is stored.
Containers are, for good reason, getting a lot of attention. For the cost of having to manage some complexity, they provide a unique level of flexibility, ability to scale, run software across cloud and on-premises environment…the list of benefits can go on and on. And usually when you hear about containers in the technical press, they’re included in an overarching story about an organization that moved to some highly scalable, microservices-based architecture to meet their ridiculous capacity demands (Netflix, Google, etc.).
At the most basic level, however, containers are about being able to streamline the process of installing and running software. In fact, the fundamental concepts behind containers map almost one-to-one with what’s been traditionally required to install a piece of software on your laptop: Read More…
Azure Role-Based Access Control (RBAC) offers the powerful ability to accord permissions based on the principle of “least privilege.” In this short video, we extend the idea of Azure RBAC to implement a JIT (just in time) permission control. We think a JIT model can be useful for the following reasons:
1) Ability to balance the desire for “least privilege” with the cost of managing an exploding number of fine-grained permission rules (hundreds of permission types, combined with hundreds of resources).
2) Allow coarse-grained access (typically DevOps teams need access to multiple services) that is “context aware” (permission is granted during the context of a task).
Of course JIT can only be successful if its accompanied with smart automation (so users have instant access to permissions that they need and when they need them).
Interested? Watch this 15-minute video that goes over the concepts and a short demonstration of JIT with Azure RBAC.
Deploying Azure ARM Templates with PowerShell
After you’ve created your template, you can use PowerShell to kick off the deployment process. PowerShell is a great tool with a ton of features to help automate Azure processes. In order to deploy Azure ARM Templates with PowerShell, you will need to install the Azure PowerShell cmdlets. You can do this by simply running the command Install-Module AzureRM inside a PowerShell session.
Check out this link for more information on installing Azure PowerShell cmdlets. PowerShell works best on a Windows platform, although there is a version now out for Mac that you can check out here. You can also use Azure CLI to do the same thing. PowerShell and Azure CLI are quick and easy ways to create resources without using the Portal. I still stick with PowerShell, even though I primarily use a Mac computer for development work. (I’ll talk more about this in the next section.) Read More…
In this video blog, I’ll walk you through building a continuous integration and continuous delivery (CI/CD) pipeline using the latest tools from Microsoft, including Visual Studio Team Services (VSTS) and Azure. The pipeline is built to support a .NET core application, and the walkthrough includes the following steps:
- Configuring Continuous Integration (CI) with VSTS Build services
- Adding unit testing and validation to the CI process
- Adding Continuous Deployment (CD) with VSTS Release Management & Azure PaaS
- Adding automated performance testing to the pipeline
- Promotion of the deployment to production once validated
- Sending feedback on completion of the process to Slack
In a previous blog post, we discussed a quick overview of Continuous Integration and Deployment of .NET applications using Visual Studio Team Services (VSTS). This involved building and deploying regular old .NET applications with VSTS—something that we would definitely expect a Microsoft service to handle. However, there is some lesser-known support that VSTS has for other frameworks, including Java. The Microsoft VSTS website even has a portal page proclaiming their Java support: “Love Java? So do we!”
VSTS support for Java build frameworks such as Maven and Ant came in handy for AIS recently, as we were tasked with developing some new features for an older Java desktop application for a federal client. And I will have to say that all of the VSTS tools for Java applications worked flawlessly. We were able to easily add the Java project source code to a Team Foundation Version Control (TFVC) repository hosted online in VSTS. Oracle even has an extension for integrating with a TFVC workspace—allowing us to check in changes right from the JDeveloper IDE. Read More…
If you need managed services to maintain peak IT network operations, consider us here at Applied Information Sciences. We’ll manage all your IT services for a predictable cost so you can focus on more strategic investments. AIS’ Managed Services Practice provides ongoing responsibility for monitoring, patching and problem resolution for specific IT systems on your company’s behalf.
- Backup and Restore
- Incident Response
AIS’ Managed Service Practice has up to 24×7 coverage for initial responses to incidents through a combination of dedicated, part- and full-time staff, both onshore and offshore. AIS prides itself in being on the leading edge of managed services support. Our collaborative, disciplined approach is committed to quality, value, time and budget. Read More…
Visual Studio Team Services (VSTS) – formerly known as Visual Studio Online – is a SaaS offering of Visual Studio on Microsoft’s Azure platform. At its heart, the service is the cloud implementation of Team Foundation Services. Two of the service’s features, Continuous Integration and Release Management, were leveraged by AIS for a large federal client as part of a broader push for more streamlined DevOps practices.
Continuous Integration (CI) is a development practice where developers can integrate their changes into a shared code repository, which in turn triggers an automated build. This allows the development team to be quickly notified of any problems or errors caused by the checked-in change. VSTS’s Release Management Service allows developers to automate their deployment pipelines across any environment and platform – more than just .NET applications. For our federal client, the goal was to automate the entire continuous integration and release process for an ASP.NET Web API hosted in an Azure Web App. Since the client already had a subscription to VSTS, it was very straightforward for us to implement the entire solution within that one service. Read More…