Build cloud-native applications that run anywhere | TS03
[Music] hey everyone my name is gabe and roy i'm the vice president of the azure developer experience team in microsoft's developer division today we're going to talk about building cloud-native applications that run anywhere the future will be defined by accelerating innovation much of this innovation will be digital and will take the form of new applications over the last year the technology industry has been called upon to support those on the front lines from healthcare and education to public sector manufacturing and retail developers around the world rose to the challenge going above and beyond to innovate and help re-imagine the world it's been inspiring to watch this year more than any other is evidence that our community the developer community is strategic to every business and central to the next generation of digital products in every industry now one story that comes to mind is the uk national health service the nhs on the front lines of the healthcare industry the nhs teamed up with kanos to create a brand new mobile experience a digital front door that provides access to healthcare services to 40 million people in england now i got a chance to meet with the talented engineers in london working on this ambitious project in a matter of months they delivered an enterprise-grade solution with the speed scalability and security required by a modern healthcare system all of it running on azure a few months later in the face of the covid pandemic the nhs had a new challenge they needed to allow uk citizens to get permission to self-isolate without having to visit a doctor thereby freeing up doctors to spend more time with serious coded patients using azure the nhs was able to take the service from idea to production in just two weeks now the challenges the nhs was able to overcome are the same challenges facing all modern developers agility reliability security even more so in the times we're living in developers need to build smarter and faster they need to move from idea to code to cloud seamlessly developers need new applications to be resilient in the face of failures and scale dynamically based on load developers need intelligent threat protection in real time with fine-grained security controls at every layer and developers need to solve all these problems at scale this requires a new approach to building applications the app of the future is cloud native designed to take full advantage of the latest innovation in public cloud intelligent and infused with ai to provide advanced insights quickly able to incorporate open source technology in libraries from across the globe cloud native technology is how developers can achieve the agility reliability and security demanded by the next generation of applications so what do we mean by cloud native in simple terms cloud native refers to packaging application code and dependencies in containers deploying microservices or event driven functions and exposing events and apis all manage with devops processes and tools technologies like containers kubernetes serverless functions api management and ci cd automation these can really help developers overcome the challenges they're faced with today like the nhs thousands of customers are building and running modern cloud native applications on azure today for example mercedes-benz is improving the in-vehicle experience for their customers by delivering applications dynamically over the air instead of requiring an in-person maintenance visit pwc is helping ensure their clients are compliant with regulations using an ai powered system that can mine and analyze documents in seconds instead of weeks bosch is helping save lives with a system that alerts nearby drivers when a car is going the wrong way on the highway within milliseconds all these customers are using cloud-native technology on azure today now no service is more central to cloud-native practices than aks azure's kubernetes service customers like the nhs can rely on aks because it's enterprise grade by design aks has built-in best practices like azure advisor notifications to help optimize your kubernetes deployments with real-time personalized recommendations aks features multi-layer security with fips compliant agent nodes secrets integration with azure key vault and just-in-time cluster access via azure active directory aks increases operational efficiency with support for automatic cluster upgrades and the ability to schedule service maintenance operations to off-peak hours every day more customers are seeing success with aks on azure this is particularly true for customers who value the deep control and rich ecosystem provided by kubernetes now as popular as kubernetes is on azure many developers are asking for solutions that offer better productivity a lot of developers don't want to deal with the complexity of kubernetes or writing ammo manifests these developers are gravitating towards azure suite of application services which are highly optimized for developer productivity and deeply integrated with github and vs code azure app service makes building and managing web applications and apis easy with a fully managed platform and features like auto scanning deployment slots and integrated web authentication azure functions makes event driven programming simple with state of the art auto scaling and triggers and bindings to integrate with other azure services azure logic apps produces automated workflows for integrating apps data services back-end systems with a library of more than 400 connectors azure event grid simplifies event-based applications with a single service for managing routing of events from any source to any destination and lastly azure api management provides a unified management experience and full observability across all internal and external apis developers love these services they are designed to be used together and they take full advantage of the cloud with availability resiliency scalability low latency all available out of the box developers are building the applications of the future on azure today by using this set of cloud native services today we are excited to announce the preview capabilities of azure application services to run on kubernetes and anywhere with azure arc you can now run your favorite azure application services anywhere including kubernetes on azure on premises on the edge and on other clouds such as aws or google any kubernetes cluster connected through azure arc is now a supported deployment target for azure's application services with these updates you can innovate faster using a suite of application services tailored to real-world app patterns loaded with unique features and optimized for developer productivity developers don't have to choose between the productivity of application services and the control of kubernetes you can now run azure application services on top of kubernetes lastly developers don't have to build and maintain custom solutions for their non-azure environments they can now build hybrid and multi-cloud applications using the portable application services powered by azure arc to show you how this works let me hand it over to jeff holland director of products in the azure developer experience team thanks so much gabe all right so let's take a look at how i can build an app that can run everywhere while still using the best of what azure development has to offer today we want to build a cloud native application to manage a smart building solution it's going to require a few components i'm going to need a dashboard to see things like insights from the devices predictive maintenance using machine learning but i'll also need some components of my apps running alongside those iot devices so let's set out building that now and before we even start one of the largest challenges for teams can often be how do i get started we know we want to leverage serverless and cloud native patterns but it can often take teams days or weeks to fully understand the options and best practices and how these serverless solutions fit together so one of the best places to get started with is through our github samples in fact today we've released some brand new cloud native app templates these are better than just any sample because they include everything you need to get started so you can see here i'm showing two of the app templates that we've just released today this is a node web api that connects to a postgres database and a netweb api that connects with azure sql i'm going to show you what makes these samples so special by using this other one which is a react site running node to process the serverless function this is perfect with what we need for our dashboard so let's use this as our starting point i'll select to use this template and i'll go ahead and give this a name and when i clone this template into my github account it's going to create a copy of it for me to get started now one of the great things about these app templates is that it has everything i need to get started i can jump straight into code by creating a brand new code space rather than me now spending the next 30 minutes installing tools and configuring my machine instead everything i need is ready to go right here in this code space let's go ahead and take a look around i can see here all right here's that react web app we can use that as the base for our react site and i can even see the code here for the placeholder serverless function and understand how it fits together with the web app now before i make any changes let's just go ahead and debug this application codespaces is now building and creating for me a cloud-powered debug environment so here now in my browser is that react site i see the data processing i see it rendered and before i even go ahead and press this button to place an order let's come back here to our project and set a breakpoint in that azure function so after we set that breakpoint i can come back here click the button i can see the red dot our code spaces hit that breakpoint i can step through debug everything that i need is right here all ready for me to go so let's go ahead now and take the starting point and replace it with the code we need for our smart building dashboard so i'm going to skip ahead a little bit i've gone ahead and replaced the react code and made a bunch of changes for our own site and now i need this deployed in my subscription but because i'm using this app template it's actually really easy because it comes baked in with github actions so in order to get this running all i need to do is commit this back into my github account so let's go ahead and add a commit here we'll push those changes to my github account and behind the scenes what's kicked off are a number of github actions you can see here these actions have kicked off to build and deploy this site with those serverless functions everything that i need for full-fledged ci cd is ready to go so now here on my subscription i can see that web app i see those functions let's go ahead and click into the dashboard now we can even browse to it and go ahead and see what this looks like now fully managed and hosted for me in a serverless environment so here's this dashboard now running hosted for the cloud for everyone to see i could come back here and because i'm using app services i've got a bunch of great features too i can set custom domains i can manage security and networking and versioning and slots i'm getting all of this benefit by choosing this purpose-built service to host my web application okay so while we've gotten the basics of my up running there's one more piece here we want to get working and that's here on the dashboard you'll notice we want to pull in data from hvac systems but these hvac systems are running on premises behind a firewall so we need to be able to run one of our apps on premises next to the hvac system now usually when i run a run outside of azure this is where things get a bit more complicated with serverless if i wanted to take something even like the dashboard that we started with there's going to be a number of changes that i'm going to have to make so i can deploy it to run next to the hvac system so let's go ahead and jump back to the project to show what we would need to do and the first thing is i'm going to have to figure out how to containerize the code that we wrote so i'm going to need to learn and craft something like this docker file likely i'm going to be using something like kubernetes to run everywhere which now means i also have to learn and write something like this deployment manifest all of these concepts all of this yaml this is all additional overhead that i didn't have to deal with before when i was just publishing to these azure platform services so how can we bring the benefits that we had before while still being able to deploy flexibly on the edge and i can do exactly this with azure arc with the new azure arc capabilities i can deploy our application services anywhere the same way i deployed to azure just by changing the region so let me go ahead and show you that now here i've switched over to another project this is a serverless workflow a logic app and you can see here what it's doing first i'm calling that hvac system to get the apis i'm going to process it with some functions and update a sql database i love using tools like logic apps because it comes with another set of great features in this case here's over 400 connectors that i get out of the box each one of these icons is code that i don't have to write to integrate and process my data now after i've built this workflow how do i get this running on premises well i'm using azure arc so let's just go ahead and change the region here on my project i've got this environments file now previously we've been deploying to east u.s so let's go ahead and create a new environment we'll call it our edge environment i'm going to set the location to jeff us and you may be asking yourself what's jeff us i've never heard of that region before which makes sense because this is a custom location only available in my subscription in fact this is jeff us this laptop has kubernetes running on it and i've registered it with azure arc with the custom location jeff us so by running azure arc i can now run the entire application platform right on this device next to those hvac systems so let's go ahead and do that now i'm going to come back in here and publish the changes we made on the regions i'm going to use the same flow i did before create a brand new commit in my code base push that up to my github account it's kicking off those same github actions it's using the same as your apis it's deploying that workflow and that function code here now in my subscription there's that function there's that workflow but in this case it's not running in east u.s it's running on my laptop in jeff us using azure arc so coming back here to our dashboard i can go ahead and update this hvac system there we go the data has now come to life i've been able to get my solution working across cloud and edge seamlessly i have full flexibility to bring all of these services and run them anywhere on any cloud any environment any cluster using azure arc when you need to build a web app or a function or a workflow whatever your destination you can use the same set of world-class tools and experiences to accelerate your teams thanks so much back to you gabe amazing stuff right when combined with arc enabled data services like azure postgres and azure sql applications and their data can now run anywhere using fully managed cloud services and industry first we have more innovation to share in the application services space static web apps was just made generally available static web apps is like jam stack meets azure functions meets a github native ux logic apps has been updated with improved performance for stateless workflows new portability features and easier devops you can now manage protect observe and expose web socket apis in api management using our new preview capabilities and app service has added free tls certificates and out of the box monitoring for node and java developers as you saw from jeff's demo developers can now build applications anywhere by writing to the same azure apis enjoying all the unique features we offer regardless of which environment their apps are targeting and what's enabling this multi-cloud multi-edge vision is azure arc with azure arc we bring cloud operations anywhere azure art can manage applications running on kubernetes at scale through advanced devops techniques like git ops azure arc provides a single pane of glass with central visibility through azure portal and governance and compliance of your applications and kubernetes clusters through azure policy and lastly as your arc works with any cncf conformant kubernetes cluster making it possible to use azure application services data services and more anywhere now if you're thinking yourself i'm a developer azure art doesn't sound like something i can benefit from check this out let me hand it off to beck lyons product manager on the azure developer experience team awesome thanks gabe so i'm going to be picking up where jeff left off moments ago for contoso smart building solution and highlight some of the operational benefits of azure azure arc and githubs so in contoso's case to power the intelligence streaming into their dashboards they have a set of background microservices which they need to run on their on-premises kubernetes clusters at each of their building sites across the u.s now these containers are needed to capture and analyze data coming from their devices today we need to deploy manage monitor and configure these container services at every single one of contoso's kubernetes clusters running at each of their smart building sites so let's dive in to see how we can efficiently operationalize these containers across contoso's fleet so to start off with before we roll out to all our sites we need a developer environment ready for us to test out these new machine learning data processes and this is where the azure community service comes in getting started with a new fully provisioned and managed kubernetes cluster is simple with aks and i can create one in just a few seconds now i'm using the portal today but you can also use the cli or other tools if you're more comfortable all i need to do is choose my location my starting node pool size and count configure any specific auth or networking needs i need for this cluster and finally i can go ahead and configure any core container services i need such as a registry monitoring and policy right here out of the box and then i hit click and create and i'm ready to go so here's the developer aks cluster that i've created earlier which is already running my open source machine learning process which i need to run intelligence at the edge in all my smart buildings now here in the azure portal i can not only manage all the underlying azure resources themselves and configure scale networking and monitoring but i can also directly interact with and edit my core kubernetes resources in fact i can drill in here and already see my machine learning container is already up and running on this cluster ready to go so i have an environment configured in this case using aks that mirrors what i need spun out throughout the country this is a live view of all of my site locations across the country and as you can see these aren't active at the moment as i actually need to go about replicating this configuration across these locations but how do i go about doing this efficiently it would take me days to connect into each cluster one by one to deploy the sample and i'd have to repeat this pain across any updates or any monitoring configuration that i would need now this is where azure arc and git ops comes in with azure and azure arc i can manage my clusters both in and outside of azure with the same set of tools with git ops integration i can use a git repository as a single source of truth for each of these clusters this means as long as i capture the configuration in github it can be replicated seamlessly across all of my sites that you see here so we're going to use this feature to replicate the configuration of our aks cluster across each of these on-premises clusters that you see on this map so this is the repository that i'll be using it's already got my open source machine loading service defined in my yaml file here and it's also got any other helm charts that i need to configure the underlying cluster as soon as i have all of my configuration details defined in my git ops repository i can now apply this configuration to all of my clusters across the country so here's my resource group where i have all of my arc enabled kubernetes clusters now as you can see i've got my dev cluster here that i showcased before but all these other clusters are running outside of azure so i'm going to use seattle as an example cluster which isn't running on azure and which is currently empty to demonstrate how easy it is to apply get ops at the cluster level so when i drill into this resource i can connect the underlying kubernetes cluster with my get ops repo using the built-in get ops experience all i need to do in this case is add a new configuration paste in all of my details here including that repository url and we'll be good to go so i've jumped ahead pasted in my details and i'm going to hit add so this is out of the configuration and now that underlying kubernetes resource is going to be pulling its configuration from that git ops repository so it's as simple as that to configure git ops with a cluster but what about my other sites now i don't want to just set the configuration source for each of these arc managed clusters manually as i want to make sure that every time i create a new cluster they're managed in the same way so in this case i'm going to enforce an azure policy to make sure that every single cluster that i own and every single cluster that i have at my site uses my githubs for its configuration now for any developers in the audience i know you may be thinking azure policy but i'm a developer well in this case we're going to be using azure policy to help us deploy our applications in a consistent fashion what this means is that anyone whether you're an operator or a developer can build and deploy applications at this huge scale and apply consistency and compliance with ease thanks to azure arc and azure policy so let's jump into azure policy and define a policy for this subscription where all of my art clusters are managed so i've set the scope for where my arc enabled kubernetes classes lie and you can see that there are many pre-configured policies that i can apply everything from restricting which outbound ports that can be accessed ensuring they are leveraging aad authentication or in this case making sure that my kubernetes clusters are pulling all of their config from my specific git ops repository so as you can see it's not just operations policies you can apply here developers can use these git ops policies for at scale deployment and there are plenty more policies that developers will want to get their hands on like configuring cores container registries and providing a helping hand to keep dev environments consistent so i'm going to choose the first one there and what this is going to do is it's going to give me an error every time it detects a cluster which isn't using my get ups repository for its configuration if we hit next we can fill in all of the different parameter details to get this up and running so i've got to paste that in there and hit next now this remediation task will automatically configure that git ops policy for me if it recognizes that a cluster is going unmanaged so all i have to do click that box choose any compliance message that i need and then hit review and create so here's my new azure policy and it's a prime example of how we can use policy for application deployment now flicking back to our operations map here in the contoso site under the hood our azure policy is enforcing that every single kubernetes cluster that i manage via azure arc is pulling that configuration down from my github repository and you can actually visualize in this dashboard how the policy is being applied and each of these sites are now lighting up with those open source machine learning services now running alongside their smart building resources picking up any data from their devices and sending them up to the dashboard to be collected and analyzed what this means is that i can now manage these classes at scale and have confidence in consistency and compliance and azure arc doesn't just help me with configuration i can also have a centralized location to monitor these clusters and this is where azure monitor for containers comes in here in azure monitor i can get a single view of all the classes that i'm managing whether they're running on azure or out of asha i can access health or even drill down to specific sites to see why there are warnings or areas and remediate accordingly i can also leverage azure monitor workbooks to create rich and detailed dashboards for me to get a single pane of glass view across all of my building sites so let's say in this case here i found an issue with one of my containers and that's why it's giving me intermittent warnings across my clusters since we have all our configuration in our getups repository all i'd need to do is make a fix here push it up to my repository of course with the right pipelines testing and rigor applied and know that once this fix is in my repo it'll automatically replicate those changes to all of my different sites across the country thanks to azure arc git ops and azure policy so as you can see everything that i need to deploy manage and monitor my cloud native apps is provided for me by azure and azure arc back to you gabe in beck's demo you can see how azure makes it easy to manage containers at scale with github and azure arc this get offs experience is part of the recently announced azure arc enabled kubernetes i'm also excited to announce the public preview of the open service mesh add-on for azure arc which helps developers build and distribute applications with increased security observability and extensibility now available in aks as well as kubernetes clusters running on premises on the edge and in multi-cloud environments for customers who want a managed kubernetes control plane that can run anywhere today we're announcing the general availability of aks on azure stack hci with this new solution customers can easily deploy kubernetes cluster that is consistent with azure kubernetes service fully supported by microsoft and 100 compliant with the open source ecosystem there are so many cool sessions at this year's build event but there's six you really can't miss the one and only brennan burns will be talking about building consistent hybrid and multi-cloud applications using azure arc george from the aks team has a session on modernizing applications with containers on azure maxine will be doing a deep dive on using azure for serverless and event driven apps derek from the logic gaps team will be talking about the future of integration technology stefan will be doing a deep dive on how to host linux web apps on app service and stormy peters from the open source programs office has a session on how to run open source applications your way this is some fantastic content you should tune into all these sessions if you want to get your hands dirty right away with azure application services start with the scenario based accelerators mentioned in jeff's demo to wrap it up i want to thank everyone for the amazing work you've all put in over this past year it has not been easy but developers continue to rise to the next challenge you continue to innovate and you continue to help reimagine the world i can't wait to see what you come up with next thanks for watching and have a great build you
2021-06-04 23:07