Managing Your Systems on Microsoft Azure with Chef

Video in TIB AV-Portal: Managing Your Systems on Microsoft Azure with Chef

Formal Metadata

Managing Your Systems on Microsoft Azure with Chef
Title of Series
CC Attribution - ShareAlike 3.0 Unported:
You are free to use, adapt and copy, distribute and transmit the work or content in adapted or unchanged form for any legal and non-commercial purpose as long as the work is attributed to the author in the manner specified by the author or licensor and the work or content is shared also in adapted form only under the conditions of this license.
Release Date

Content Metadata

Subject Area
In this session, we will explore the building blocks of Chef, assemble the pieces, and demonstrate how it all works on Microsoft Azure. There will be several practical demonstrations showcasing how to use Chef to configure your virtual machines (VMs) and your infrastructure in Azure, and to automate your enterprise compliance. The session will bridge infrastructure as code as well as immutable infrastructure via Chef Habitat. Habitat particularly shines in striking the right balance between manageability, portability, and consistency in managing a fleet of microservice applications. We will also explore how we make it easy to run Habitat applications in Azure Container Service – Kubernetes.
Area Presentation of a group INTEGRAL Personal digital assistant System programming Window Physical system
Point (geometry) Group action Server (computing) Personal identification number Service (economics) INTEGRAL State of matter Multiplication sign Disintegration Visual system Coma Berenices Client (computing) Product (business) Different (Kate Ryan album) Hybrid computer Software Series (mathematics) MiniDisc Computing platform Nintendo Co. Ltd. Execution unit Demo (music) Software developer Projective plane Moment (mathematics) Client (computing) Line (geometry) Cartesian coordinate system Operations support system Visualization (computer graphics) Personal digital assistant Blog Computing platform Point cloud Software testing Summierbarkeit Right angle Bus (computing) Quicksort Automation Clef Extension (kinesiology)
Point (geometry) Medical imaging Service (economics) View (database) Digitizing Point cloud Online help Figurate number Address space
Addition Server (computing) Key (cryptography) Variety (linguistics) Multiplication sign Execution unit Set (mathematics) Field (computer science) Disk read-and-write head Inclusion map Medical imaging Uniform boundedness principle Sign (mathematics) Different (Kate Ryan album) Universe (mathematics) Point cloud Quicksort
Root Integrated development environment Visualization (computer graphics) Code Telecommunication Software developer Instance (computer science) Window Power (physics)
Whiteboard Operating system Client (computing) Extension (kinesiology) System call Window
Medical imaging Software development kit Open source Link (knot theory) Computer file Variety (linguistics) Finite difference Source code Physical law Neuroinformatik Physical system
Axiom of choice Standard deviation Server (computing) Greatest element Service (economics) Structural load View (database) Virtual machine Electronic program guide Boom (sailing) Disk read-and-write head 2 (number) Mach's principle Goodness of fit Computer configuration Different (Kate Ryan album) Single-precision floating-point format Core dump Quilt Software testing Maize Extension (kinesiology) Lastteilung Default (computer science) Matching (graph theory) Key (cryptography) Firewall (computing) Moment (mathematics) Shared memory Core dump Cloud computing Integrated development environment Password Normed vector space Video game Whiteboard Pressure Window
Domain name Uniform resource locator Server (computing) Computer file Code Gradient Energy level Set (mathematics) Self-organization Extension (kinesiology) Sanitary sewer Mach's principle
Shift operator Matching (graph theory) Validity (statistics) Computer file Modal logic Poisson-Klammer Sound effect Set (mathematics) Open set Client (computing) Uniform resource locator Personal digital assistant Freeware Compilation album Sanitary sewer Extension (kinesiology)
Point (geometry) Server (computing) Interior (topology) Code Multiplication sign Limit (category theory) Parameter (computer programming) Mereology Power (physics) Uniform resource locator Medical imaging Mathematics Latent heat Formal verification Hard disk drive output Point cloud Area Shift operator Validity (statistics) Key (cryptography) Stress (mechanics) Sampling (statistics) Computer Code Computer network Variable (mathematics) Template (C++) Uniform resource locator Normed vector space Revision control Video game Configuration space Right angle Quicksort Simulation Computer worm Extension (kinesiology)
Point (geometry) Pay television Execution unit Shift operator Computer file .NET Framework Code Internet service provider Parameter (computer programming) Client (computing) Mereology Template (C++) Bookmark (World Wide Web) Template (C++) Local Group Inclusion map Cross-correlation String (computer science) Convex hull Text editor Window Electric current
Execution unit Service (economics) Asynchronous Transfer Mode Arm Lemma (mathematics) Programmable read-only memory Group action Template (C++) Power (physics) Term (mathematics) Series (mathematics) Plug-in (computing) Address space Point cloud
Asynchronous Transfer Mode Group action Observational study Server (computing) Computer-generated imagery Model theory Execution unit Client (computing) Opcode Medical imaging Personal digital assistant Password Extension (kinesiology)
Point (geometry) Rule of inference Source code Dialect Computer virus Multiplication sign Programmable read-only memory State of matter Maxima and minima Software testing Group action Point cloud
Windows Registry Slide rule Standard deviation Service (economics) Open source Software Software Sound effect Energy level Row (database) Cartesian coordinate system Writing
Standard deviation Email Group action State of matter Demo (music) File format Complete metric space Function (mathematics) Mereology Arm Roundness (object) Different (Kate Ryan album) Query language Point cloud Scripting language Source code Service (economics) Common Language Infrastructure File format Open source Internet service provider Parameter (computer programming) Internet service provider Right angle Modul <Datentyp> Freeware Service (economics) Table (information) Divisor Open source Authentication Password Template (C++) Mixture model Hybrid computer Integrated development environment Divisor Data structure Module (mathematics) Default (computer science) Principal ideal Login Stack (abstract data type) Line (geometry) Component-based software engineering Word Query language Function (mathematics) Network topology Point cloud Key (cryptography) Table (information) Routing
Service (economics) Demo (music)
Email Service (economics) Raster graphics Fiber bundle Demo (music) Revision control Computer program Login Hill differential equation Integrated development environment Library (computing) Thread (computing)
Asynchronous Transfer Mode Topology Digital filter Service (economics) View (database) File format Model theory Code Coma Berenices Parameter (computer programming) Ordinary differential equation Thread (computing) Connected space Supersymmetry Fiber bundle Revision control Process (computing) Object (grammar) Volumenvisualisierung
Modal logic Standard deviation Digital filter Service (economics) Building Torus View (database) Code Multiplication sign Parameter (computer programming) Coma Berenices Login Bit Limit (category theory) Mereology Raster graphics Boiling point Volumenvisualisierung output
Scripting language Email Group action View (database) Authentication Gene cluster Coma Berenices Login Streaming media Public-key cryptography Windows Registry Local Group Information
Polar coordinate system Windows Registry Reading (process) Email Group action Building Game controller Service (economics) Multiplication sign Combinational logic Gene cluster Data analysis Parameter (computer programming) Login Local Group Coefficient of determination Mathematics Ranking Information Gamma function Analytic continuation Summierbarkeit Maß <Mathematik> Form (programming) Default (computer science) Scripting language Execution unit Key (cryptography) Sine Model theory Data storage device Coma Berenices Login Open set Windows Registry Type theory Sample (statistics) Ring (mathematics) Personal digital assistant Password Duality (mathematics) Hill differential equation
Windows Registry Context awareness Installation art Gene cluster Planning Correlation and dependence Core dump Binary code Usability Login Electronic mailing list Mereology Local Group Medical imaging Root Fiber bundle Query language Convex hull Right angle Summierbarkeit Local ring Volume
Building Installation art Run time (program lifecycle phase) Parameter (computer programming) Medical imaging Mechanism design Fiber bundle Core dump Information Vulnerability (computing) Scripting language Point (geometry) Moment (mathematics) Stress (mechanics) Sound effect Variable (mathematics) Open set Connected space Root Sample (statistics) Fluid statics Configuration space Volume Point (geometry) Polygon mesh Server (computing) Service (economics) Computer file Real number Computer-generated imagery Rule of inference Product (business) Sic String (computer science) Utility software Quantum Traffic reporting Default (computer science) Installation art Default (computer science) Server (computing) Cellular automaton Content (media) Planning Core dump Color management Word Integrated development environment Software String (computer science) Musical ensemble
Trigonometry Email Service (economics) Execution unit Group action Mapping Point (geometry) Computer-generated imagery Login Instance (computer science) Product (business) Local Group Type theory String (computer science) Royal Navy Query language Repository (publishing) Ranking Iteration Hacker (term) Volume Surjective function Data type
Email Service (economics) Execution unit Line (geometry) Point (geometry) Computer-generated imagery Gene cluster Login Windows Registry Medical imaging Repository (publishing) Lastteilung Website Chi-squared distribution
Email Computer icon Service (economics) Execution unit Computer-generated imagery Public-key cryptography IP address Run-time system Neuroinformatik Medical imaging Renormalization group Sic Software Repository (publishing) Physical law Software testing Right angle Gamma function Data type
Curve Service (economics) Standard deviation Dialect Manufacturing execution system Consistency Authentication Model theory Serializability Login Bit Database Windows Registry Connected space Local Group String (computer science) Right angle Information Communications protocol
Building Code Demo (music) 1 (number) Set (mathematics) Instance (computer science) Public key certificate Query language Information security Scripting language Service (economics) Common Language Infrastructure Public key certificate Shared memory Stress (mechanics) Menu (computing) Statistics Data management Root Right angle Hacker (term) Simulation Point (geometry) Service (economics) Virtual machine .NET Framework Directory service Login Host Identity Protocol Local Group Performance appraisal Communications protocol Window Authentication Rule of inference Scale (map) Information management Key (cryptography) Principal ideal Java applet Computer network Volume (thermodynamics) Color management Cartesian coordinate system Integrated development environment String (computer science) Mixed reality Revision control Point cloud Object (grammar) Fingerprint Library (computing)
so this is managing your systems are Microsoft Azure which Shaq 2 will be a two-part presentation summer started about the 1st half of this go through some that 100 hundred just talking about some of the common integrations will show some use cases the common areas which how little leverage within the existing actually infrastructures well tools but windows and it's very fun to show also that Bashir this stuff actually works with each ship the and all the certain off here but it's called a
Carlo about whereever University of Houston allows me to be a professor the kong per professor the once you can also call me a senior stop revolving engineer and that's my full title so work for Microsoft a lot of stuff we do and working a developer experience teams do we test our emerging technologies go around the world talking about it build stuff pointing the wrong sometimes stand up to the product group and sometimes get stories told but the things we work on so hopefully will have a good time to demand the city and you break it is there anything sums of initial and don't really tweaking at PGD Carlo and I do a blog work a lot of weird stuff that we work on all of my projects usually French like 1 player Nintendo on your Xbox had the PGA Takala . com it might get about and between by actually 0 0 L B a C and check that so or bringing the cloud 2 ships
services fish from Microsoft integrations are actually and pretty straightforward we have some built-in features into the Azure portal that you can leverage some command-line tool which allows you to interact with common shes clients as the case and that sort of thing and so you might be familiar we have tools that work on PowerShell that's where they were also now the integration in other products we want time for this today but Visual Studio Team services will be 1 of those that you would think moments state that Microsoft actually use shaft internally for a variety of different projects the biggest 1 that probably everyone in this room would be aware of is the anna annexin we actually do all of innocent points internally using shatters like hundreds if not thousands of servers so where circus arbitrary but the thing that you guys are probably hear a lot about the check-off 2017 which is the Sharpe on any platform as you guys probably where at this point like you're all in 1 shop Rochette's server habitat application automation in inspect for compliance automation so with that we're going to shift off of fly through walk into a series of demos demonstrate kind it started with some of these features on the Microsoft platform so 1st place we had the of course is actually and this is 1 of those things that like if you never read the book will be like how I get my services which are probably 1 of the upper right where he is the line I kind support over here and hop
into that In the 1st serious C
1 2 log and the dash for as a show you all of the available features that we at the point of view of a
cloud by the digitalization AWS is really very very similar to start you expect to see the help of you know the address services and all that good stuff you might notice that some million naming conventions here my 1st node 2nd 3rd and 4th ed that by 5 nodes the figure this out so went down the go ahead get started with where you can start with using the shaft on the marketplace image that we have just recently released about 2 weeks ago say and this is a pretty
cool image and not just because the field familiar tall set but it's also about cloud compliance if you're looking to do things like and pub step and that sort of thing you can watch this image there so the 1st place of many judges that this plus sign on the letters that take me to the marketplace universe without a variety of offerings from just off working and so in addition to the shop on image village in most detail today most of the existing stuff all focuses on bring your own license were asked her paraded license he's the cool thing about the chef on the image it is on a 30 day trial so you can test all the features of chapter in this marketplace image without going through that we're cost pricing like that the the deployment of waste too much time here is simply click it creates an effort go and allow you to us that you're actually being in your D N as the less receptors given public key particularly fast and you gonna get something like this so although my Martha
Stewart's I'm already shot on a server so let's imagine that we just deployed this lecture on a marketplace and it was the 1st thing you do when you get a shot server right up listen cookbooks right some standard so the nice thing is that with the ship became there or offerings on a variety different OS is 1 of those includes windows and give you a quick demonstration we don't hang out here too long but PowerShell I hopping here as long as I've got my keys my credentials which are given 1 time when you deploy uh Shuster is everyone room familiar with that do make it very very clear you get 1 shot 1 kill if you do not get these keys and pull down correctly you cannot indicate that server the thing about cloud and deploying destroy the units of the let's let's assume that the sky is banned I think all of our familiar tool knife and upper my cookbook right into that on the this work is it sort
of my opinion but if you want to do
like development and maybe you're not really familiar with power shown wanna go back to the popular Linux command line this Visual Studio code which is aircraft runs on Macintosh Linux and it's built on top of electrons it also allows on windows if you got the bachelor windows toinstall you can see that you're integrated environment here to back so if only to do the same thing and I could happen to anyone that instances over here and we can again a political the battle of so that's really nice that you're using
is that your operating system you can actually go with your familiar features that their use Linux command essentially all windows so I could do looking through this and the know thing going to my editor with minor I or B while vary by my client all that stuff so that it probably will be the next thing we might wanna do once we got a cookbook a person know that they're exactly so where would get another feature here that's opportunity at a portal itself this is pretty cool we
call this the Agirre that which edges schadt extension what's nice about
this it is open source that is the problem that you can fix anyone 1 fixed up file issues all that good stuff if you want had that link you just had over to organize shortly a while it's hard to read with law can make making a slasher at he actually that might be interested in taking a peek at source code bullshit
what this looks like a practice of it supports a variety of different operating system image is similarly to how we deployed our image earlier I can head back over here it's like like this can see all this is the stuff you're going computer
and you can deploy this on to the board Odevene based servers and it also works on Windows Server as well and she what this looks like a quick demonstration about to the point that select 16 world yes good creates going some boring
stuff for a quick for a moment here with my which we call this my were ready it's only because of pressure and then and then a cool little trick and obviously you need a better performance in Azure with access to the is your default choice in the portal but I had a select old-fashioned HTD spinning this and nice thing about is if you're using test environments there is uh those services are a lot less expensive to get those out on a budget and I go ahead we can set up a user name with the password and have my key in yeah make sure this match was good to put that tells us subscription-only suggesting that Omega and thing then I'm not can can deal with this bill are I had that tells a good guide and in Iraq and so go ahead and set that up and so are seconds here this is what is this common things on cloud platform of share cool trick is drawn out again because they selected the HCD it does kind of give you some good machine is my fault but you have you will be on cheat sheet you can head head on selected view all you get all the way down like a single core and anyone at gigs of RAM machine run after 20 bucks a month maybe less so we hear all at the bottom pressure the bottom for the convict was set down here my life OK here we go but single created by treating 60 things so select that was where the magic happens or talk about the shaft Agirre extension but here you'll notice boom got extensions setting here only we go and expand on that if of a click Add extension a bunch of options for various different things and here we get the Linux shut extensions and this
is interesting because like this settings seem obvious but you always wanna kind double check with that nite for b file so the 1st thing is that after war is you Shasta over here your own you might be convinced later as my top level
domain it's always resolved with
the organization's extension at least were shot me deployments so they go ahead and do and I can get into my VS code of grad from my unifil be configure the Shasta server URL blue
and pop it in here and this is going to be my 7th node and then the 1 less this is using just a normal syntax that you would have them when uploader steady run free cookbook which might be familiar with so they go ahead and use that and another showed you guys is just FYI a cookbook we uploaded that is basic run Apache 2 price would do like a quick hello world something to that effect yes the net right but over the last
couple days it helps and so go ahead and so what is the syntax you recipe open bracket shift comp In the set that 1 that Apache 2 recipes and then the validation client name again I know this because the way it's set up but you can always double-check that you're in your knife or be file and that's that's called a necessity guassian validator case in my matching might work there with in this key and and for my
validation he this again comes with that 1 time download when if everything up a lot of stress that's is 1 time you get those keys right so really go ahead and select that inner city validator
yes a against everything else and just leave I like to do a special point configure mature SSL verification off this is pretty much everything we need to make that call and and executed runless based on an existing Shuster never have to use the marketplace image that use any existing chat server that is that are out to communicate to so go ahead and click OK and this is the on part here and I really like this piece we're gonna go and get everything right this step we're going to click the play button right this is the this running final-round validation this is an Azure of specific feature here to see over here on the right right next to my OK but Mr. download templated and parameters so the go ahead and click on here you'll see this his me this G so on the payload here that essentially describes this the point we refer to this as an area so what's really cool about this you can add these to a custom sort of open any time that you need to call on them use them which is nice this command line tool that let you go you know being on on a URL you can also going here is that parameter so maybe you want deploy something which you wanna changes specific feature here and then if we were to scroll through this we down here near the bottom 0 yeah there we get is that validation here plaintext this suggests that the missing my point in all these parameters that we set up for vesicles that allows you to sort of lifting shifts of using infrastructure the code and ability to define what perhaps to the point it looks like you you can also change key variables the parameters within them if it's back under to support things like the aligned life give you sample code for that but also still like to point out that the power
shall pro going jump in with a powerful example even gotten apoptosis chronically correct . net client if you're crazy you write lakes and a speed that net correlating bachelor windows and just like you know your whole mind could you like well it can believe you can do that now what happened like this on the last 2 years in Ruby uh again which most probably familiar with this this is a shift from this thing happens so once you got all that set up you can download it take a peek at it's usually well deal downloading if you will not by
the template and your favorite template editor you can go ahead and take a peek and from there but all I have to do really to deploy this no doubt at this point is the clicker
OK button in there we go right where had
that thing so now there's a arm templates now this is probably 1 my favorite I love that she up the entire ecosystem 1st everything and using terms that have to deal with kitchens cooking utensils right so we get supermarket we get 9 after like very very interesting again
Naivasha is a plugin on top of my that can allow you to if you want to avoid all the things I just showed you the have portal you can go ahead and use its extension and do all of that deployment invoking are templates that we just show from the command line so the lot power to the scripting that you wanna build out here down all that stuff and all you have to do to use it it is executed in a particular series of commands civic that isn't a
and ah yes it looks something like this and this and this is a very very long 1 so essentially when doing here I'm telling as coriander when it creates a resource group naming the in telling it where I want that he him to go representing at her image in this case I'm using the bond to stir up or point out for that you out yes and outstanding password and study of the size and we're doing a unit based here just model by the client contiguous big extent over so if you are curious and all this stuff ends up in art opcode client or be leaves where the configured that getting written to you don't wanna see that's son at the end of the day when it goes up and that everything is all good
after a deployment here we should have an
active node so the most exciting them but are and the other ago we've got lot of cookbooks 3 times in the past 12 hours is the total nodes we should see several notable appearing on him
still provisioning at this point but that's really all got the credit the 100 200 or take a quick question the most what out and couldn't have David Justice got here is going talk about some of the exciting features of involving an Asher ends check tools theUS and I and I'm not familiar with that test slabs did you have all of the as the only hard during the conference on these matters here but
those so both of those open-source tools if you did what effect is I a K that and ask splash at yes and then as a kid that MS whack nite easy if you want check this out of to income the I the level of the i'm David Justice standard I build corrode for Asia and get paid to write open-source software by Microsoft that's a really weird thing to say I'm so happy about of wants to know what's really get this set up so I have a few slides here but we understand too much time and some of its the so OK so
what what I'm ashamed today is I want to build out and the container service infrastructure by using a career that he's in an should contain a service that wouldn't build out the registry for our images and we're going to then deploy our habitat labels application to ashes conjectures so that is the last 1 and I hope will always
have but barred so ACS so as you can finish this is really up so I I'm really excited about it because it is a mixture of the most liberal workers which we get to that that you can use DCO as and you can use communities and both of these are provided us but the ability to deploy containers go 1 orchestration on action the we these with our on resource providers so basically it comes as a template you can customize this template if you want and but really you can be pretty much hands off on you'll you'll see what that looks like as we move into it now now it's kind of interesting that we have 2 different routs in ACS we had communities Cammazes and that's that's you did the freedom to be able to say OK um but we also have a right adductor swarms well but he gives you the freedom to be able to build your application from and what you wanna bring to the cloud but not necessarily and locked into any 1 orchestrated so you end up saying OK I know I wanna use communities I'm you state in the cloud on action on or you can say on the news to show us but either 1 gives you a you were but it's it's not sticky so I wanna make sure that what we what we want here it is open source not sticky and you're able to come and go as you please that but so part that is being able to contribute to directly so you can go out and get home and work on it and the continuing to itself but it's it's completely open to you but you can add to it as you like so when the other things I work on his addressee line where users today to build out of Argentina infrastructure but here about the we just actually introduced a new edges COI edges like to point out is based in Python and is a much more friendly scriptable command line that has anybody in here tried edges still like that I better worse last have a onstage Jewish muons and somebody who had a fight so it's this by the modules please feel free to contribute if you like you did your own modules of you want to just get installed a it's it's pretty straight forward and also I didn't answer that are not so now you log in with their 2 factor off what users service principle to log in and they will be really leisure probably has gone through those steps but not always the most common but we try to make it better than us you have to but cool so there's output for we table geoscientist me but these are 1 of the few reconciliations you I was that output formats were just not only and inconsistent your hard for against so we made sure that we nail those down and in this round so Jesse or just as you would any other use the output likewise by default just so also and James Bath querying so you get them more powerful querying of the ability to and then rip into those trees on structures that you get that from services so let's especially undercarriages that's words more food so we haven't had in under continuous services dropped as shown
yeah it the cattle which says
something the the the
hurricane receiver over which is small 4 in the background the the OK the the if
and good that's still
the then how can we so current so and let's so that signal
OK so the reduced-rank it utterances required to handle see exactly where it is reasonable in this region the so
what we have here it was a to do direct stewardess pretty standard room and the prominent Railsback & wouldn't put together set up here and we're going to play out using habitat and you have been
as you see it's calling back to model here to go factions objects we show that we among the running local host right now and we're going to use a because mostly and added is and lower scalable will get into a little later but basically use the same model where format and just what the connection strengths and how the service of my so I make
it up or provisioning and all you know the
provision trip after what's
wrong yeah and at the same time I'm going to start a habitat build in the
wilderness of the code of habitat is fantastic in allows us to abstract our world to point out to the and the container of whatever it is that we want to play out you but it does take a bit to build hold of her but fertility containers for parts
to so but see soap opera
PrimeScript went through that built out a research group habitat allocates but it is using a I the asymmetric key that Padilla and dropped through this use and create cousins be the but they built the true cluster and in that research group had built a continuous stream it warned in the doctor for that contain rich at a creaking take action that credentials to manage the cluster it's richer than a secret keys so that the cluster can reach out to the you can can restrict and it's now ready to use the produced clusters so here's a recruiters cluster running and we just for clustering fold from the good control but In the script if you do not have to control it actually pull
down for you was that look at what that script actually does so the to set up our this variables than tractable ordered log in OK just pass but next and within agüero and build a research group a research group in Agirre is a logical of grouping of resources so that new resources being a container service in storage container are perhaps a collection via it's out there we go through and generator ssh keys and and build other cousins DVD so this chemical that we go and say a easy creating cosmo and I want you to use the model where form happens customs duty and then and easy created and here were creating a the PCs that you're conclusions and were specifying how to use the combinations workers type so this is just like we have this container service that we can provision timely agents we want to let that how masters we want but whether what type of orchestrated we want to use we have almost absolute freedom here but that that to me is is a really powerful if you want find out large-scale data analytics on armies auspices I wanna run a bunch of changes in my clusters by using tremendous that this gives you that ability to do that rather seamlessly but in then eventually we're going to go and build a continuous ring iAnd will come down and use a container registry dual Bashar nonsense and log in with user name and password all this again done with the edges you I and finally getting our communities container credentials I treasure to lie in and building out or installing ICU control in case we don't have so what we try to make it is the simplest possible you can get all the tools that you need to see a lot to make sure that they work together and build up these clusters eventually arguments support where we have created a dog registry in from the password and username and within the instrumentation that with courage cost OK cool so what see
I well had planned has built so what
about the health plan in the common euro and exported to right
so to go in and take that part that I just build in WordNet export the heart to doctors to a doctor image and we use that Dr. image to then pushed up to continue registry so we can use that continue registry to then feed into our communities clusters and this is very expensive the fact that here but the it's it's kind of a lot of moving parts but as you can see where we're speeding up or or a doctor region right now and we're creating that contain which and what we had done with that we can actually use it out of hand studio and we can say OK doctor images we can say we just built our rails to do from its tagged with latest so what just happened
there alright so here's our have planned or have plans were always stuck and kicks off but so perhaps tried all the things that we need to create this this this immutable piece of infrastructure that we're going to deploy so we're use Ruby and we're going to have a CA search Bundler weak on utilities opens a cell and then we need to start to build up but perhaps a just so the GCC words mechanism but and then we're going to expose our reports because so this one's research report 3 thousand by the Russell build script goes through and builds up as a gem install and then ends up creating an been stubs replacing the the core you tells us the user B in the in the in the midst of about 2 . 2 1 and core tools within capital but another nice thing about content is we we get configurations are in configurations I that can be baked into those images and then replaced with the values that we specified in the configuration so that when moving from 1 environment to another there are a little pieces that I want change out in 1 of those were probably connection strength that so in here we're actually replacing the connection string for Mondeo duty to be our our clock connection strength and also will show you that in a moment In the final pieces and party in it in the wrong so in this network linking in an hour configurations and as you can see where linking them into from the connecting into where the service actually lives in habitat package and had provides what variables so we you to map from the individual file paths within the and that have that environment into us whatever has you need at runtime the that's a very good question can achieve there and how I I will match the effect of that that's actually a really the opportunity stress leaders are of another day if the OJ eyes so blue bands and then eventually we get the point where the were taking off the real server I'm probably not the nicest way that you are and rules and production but I will just 2 parameters so as you asked here's our rock star uh secrets and Kirkuk there are default on all right now but we would you you should do it but we want you to see this because we have the 20 so the and we have our container and
we're going to go and give it a
quick alone won't see here so actually it was just a of
so intended the it
so tight that container in around
the room we're going to give it a push out right how we could run this on a local instance
darker and just say run and the map port 3 thousand 3 thousand and will run and it be run just like it was in production you that would enhanced studio that you can have type iteration take groups there and it's it's actually quite pleasure about I so while that's implying let's take a look at the infrastructure spilled
so here it is all of the Union's network load balancer communities all of our infrastructure is built by just a handful of France and we have a school communities clusters cool push
that out now we're going general and run communities for
image it OK so
we just created an image let's see how it is
now creating the computer the and the this is pulling down the container image into for that is that is running and now
we go in and we're going to expose this publicly the the right
so what happens now is
communities is going to talk to the Azure network that our our Software-Defined Network and it's asking for a public key that public IP address will
return and the provision and and what we do is we watch
so you can see is having right now but this can often take a few minutes so while this going on what's up little bit about you
know the cosmos database so because most of
the the the the so costly is really cool but it it is a globally skilled in so is anybody in here 1 a model cluster anybody even it is upon experience do you recommend happens if you don't wanna do that but you can just as easily spin up a diet mediated policy the cluster using them on a wire format he offers a throughput latency availability and consistency guarantees for the minor percentile of reads are guaranteed to be from the nite at 10 ms rights are affecting you can't enforce consistency similar to standard can set up whether or not you want uh serializable of rights within a given session you want serializability within an entire region where 1 eventual consistency so you can turn the dials however you want but it also allows use some really really cool stuff like replicating your data across the entire world but just killing a few of these watching them stack up as bright regions and regions which will automatically failover if right region goes down so your connection string is still good it's a replica set that will end up getting poured onto the proper region the if you don't have to did you were able to map around the stock of let us do it for you will handle the the could be so it makes a lot easier but so cool them this curve those
concerned when charged as much as a whole perhaps that learned so that's all the infrastructure and I this is the it's still pending so let let's see well this is still pending is there are there any questions so far yes the the the and so all of year the and yes absolutely that's a great point so the way I like to do that is I like to use our elected creosoted getting he molds and then I will take the public side that certificate bring it down and I'll create what's called a service principle with the public that certificate and from that I will use of this certificate Indian creation so I will try to use is called a we the certificate is also synonymous with the secrets so you can provision that secret onto the via machine building or a B and skills that if you're going to ask you what does address the public and private side of that certificate and that the on something you can put those 2 together and actually auto authenticate a the edges your last session so from that you could then access any other secrets or used management libraries from that answer basically a provisioning identity and at the end but there is by code that that it you'd like to see it uh multiple share with you afterwards are actually just wrote a post about half the so their old things more than others this should work thank you for the use of it and so that had to you point um here of
show that and and so on but we did it with the same application what I wanna do is make sure that when I was reaching out to the the keys with application is only after was provision on the machine and that machine could reach out with its identity so if you look at the this recorded net this clarinet actually goes through and I we blow this up and the cloud and it goes through and ends up at academy about 2 hands together the public and private and then ends up and tossed into the for users of older and logs in with the service principle using an attendant and to the username and certificate but that mixed with i watched this provision script the that creating the right key Baltzer together creating the service stressful and then eventually our creating medium skill set using this medium secret try and get it OK sperm and that also you end up with a distributed never touching develop machine only saying the production environment up and then you can walk down the service principle to be exactly what services you want to access is very similar to you I am also so in my in my mind right now that is the best that we're always advancing that and wanna begin focuses is on security and making that story better the precisely and that actually happens I the so we use or that the key vault right here so key set policy for the volume and then I get the object ID for the service principle and I say OK service principle you only have access to request that secrets from this are people you can't make certificates you can't write new ones you can just have access to this small set of secrets but yet you can also do that with are bad walls work saying you you have only access to these services evidence you want any other urgent questions over the top of the well have anybody have any questions please reach out did just and where the defined and get out the habits are code or business sure