Amazon Web Services

Amazon Web Services Pt 2

Last time I started looking at Amazon Web Services and how it differed from Azure. I am going to continue looking at what it can do.

Virtual Machines

Lets look at what you can do with Virtual Machines. I selected to create a new Virtual Machine (or as AWS calls them an EC2 Instance)

First you choose a name for your VM and then the OS that runs on it. There are 5 main OSes to choose from Windows Server, Amazon Linux and a selection of the most common Linux flavours.

You can then download a certificate to secure your VM.

Like Azure, AWS takes a few moments to create your VM. While I wait I can see that AWS has configured a firewall so only my current IP can connect to it.

Once the VM is ready you can download an RDP file. However to get the login details you need to decrypt the password using the certificate you downloaded when you created the VM.

It is interesting to compare the difference in security between Azure and AWS. Azure allows the resetting of passwords of VMs directly from its console, however I suspect that in AWS if you loose your certificate (AWS states they don’t keep a copy of this) you would have to recreate your VM.

Like with the Websites the default name of the VM is much less user-friendly than what you get from Azure. However I suspect there are other options I haven’t spotted that may customise these.

Azure Portal vs AWS Console

I really like the Azure Portal. It feels like something that has been designed so you can easily access all the options for a specific Azure feature.

The AWS Console probably has all the same options as with Azure however I don’t think it looks half as good, and will take me a while looking through menus to find the equivalent options. Part of this is due to my unfamiliarity with AWS, so will get easier with time.

 

Amazon Web Services

Amazon Web Services

I am a big fan of Azure but I know zero about its biggest rival – Amazon Web Services or AWS.

So lets sign up for a free trial and see what it can do.Amazon Web Services

The AWS free trial is available from https://aws.amazon.com/free/ and lasts for 12 months. From memory I think the Azure free trial lasted only one month.

To start you need to login with your amazon account and create an AWS account. This requires your name and address and your payment info (you will only get billed if use services not covered by your free trial).

Interestingly AWS requires you to verify your identity via an automated phone call. (I don’t recall doing anything like this for Azure but please correct me if I am wrong.)

Once you are logged in you get a series of links displaying all the different services that are available. First impression is this is a simpler view to Azure’s portal with a similar amount of services. At the top right is an option to select which region you want to use, in Azure I use North Europe and West Europe, AWS has Ireland and Frankfurt.

Create a Web App

First thing to try is setting up a website. I selected create a web app and I get a page asking me for its basic details (very similar to Azure, however AWS asked what language your code is written in, Azure handles all of these) AWS websites appear to support a host of different options similar to Azure.

The actual creation of your website takes a few moments (like on Azure). However the default URL for websites is similar to http://test.vjbbimyv7w.eu-central-1.elasticbeanstalk.com/ which is not quite as nice as the Azure equivalent http://test.azurewebsites.net

Azure has a host of command lines available via powershell. AWS has a similar command line interface called AWS CLI, including the option to deploy from git to your website.

AWS Toolkit for Visual Studio is an extension that allows for the publishing of websites to AWS. (Just like you can publish to Azure)

As I learn more about AWS I will continue to blog about it. Amazon Web Services Pt 2

Trying Out Azure Active Directory

One of my plans is to create new MVC Webapps for my companies databases. Once I publish these I will need to secure them so only staff have access.

The traditional way to do this would be insert membership tables into my database. The user then has to remember another username and password and I have to secure the storage of these credentials. Lots of work for everyone.

archThere is a better way by using Azure Active Directory. You have probably heard of Active Directory, if you are a SysAdmin you probably use it all the time to manage your corporate users and computers. Azure Active Directory is an extension of this into the Cloud.

I have blogged in the past about using Azure but this is the first time I have tried connecting my internal domain to Azure. There is a Virtual Lab which helped me try out some of these ideas.

The first thing I did was to create a new Directory in Azure. I did this via the old portal (manage.windowsazure.com) it might be possible via the new portal but I don’t know how yet.

Click New, select App Services > Active Directory > Directory and select Custom Create. Select Create new directory, give it a name and a domain name and select a region from the drop down. Then add a Global Admin for this directory.

There is a tool called Azure Active Directory Connect. Download and Install this with express settings on one of your domain controllers. You need to specify a domain admin account to access your domain and the Azure Global Admin account you just created.

At this point I went to bed so I am not sure how long it tool to sync all the domain information but by morning it was all showing in the users list on Azure.

All my user accounts are showing with a @contoso.onmicrosoft.com, it is possible to use custom domains but I haven’t figured out that step yet. I made a change in my Active Directory and a while later that change was showing in Azure AD.

So now what? Open up Visual Studio and see if I can use Azure to Authenticate.

I selected to create a new MVC web project and clicked the change authenticate option. One of the options was Work and School Accounts, I then selected Cloud Single Organization and entered contoso.onmicrosoft.com. I then ran this app and it authenticated using Azure using my domain password. Really impressed at how easy that was.

The app then shows up on Azure in the old portal. In Applications you can see a list of which users have access to your app and configure few other app related settings.

This is a long way off being useful in my actual app, but it shows that the basics of what I am trying to do does work. Anyone done anything similar with Azure AD? How did you get on?

Backing up SQL databases to Azure

I recently read a blog post by Pinal Dave about how you can backup straight to Azure Storage. The procedure he described is only available for SQL Server 2014 or later.

I won’t go into detail of this method as Pinal describes it better than I can, but the basic of it requires setting up credentials and then running a backup command that includes the URL of the storage container on Azure.

Unfortunately I am running SQL Server 2005 so this process will not work for me but it did start me thinking of what ways there might be for me to use.

The next thing I tried was Microsoft SQL Server Backup to Microsoft Azure Tool. Unfortunately I did not get this tool to work correctly on my setup. However it sounds like a flexible tool that allows compression and encryption of your backup files. This tool redirects your backup files to your Azure Storage so even if I had got it to work correctly it would not have been an ideal solution as I want local copies of my backup files as well.

After this I started to look at powershell again. Following on from my recent success with powershell I know how to connect to my Azure account so all I needed to script was copying a file from my server to Azure.

Get-ChildItem *.bak -File -Recurse | Set-AzureStorageBlobContent -Container $DestContainer -Force

This command gets all the backup files in a directory (the recurse switch looks in sub directories as well) and then pipes them to the Set-AzureStorageBlobContent command. This command uploads them to the storage container defined in $DestContainer. I have added the Force switch so that it will replace any files on Azure which have the same name.

I have only been using this script for the last few days but so far it has been working well. Now if I completely loose all data from the office I can restore from any other location using the data saved on Azure. A great improvement to my disaster recovery policy.

Copying settings to an Azure Website

The Software as a Service (SaaS) website that I work on has been sold to lots of clients now. Which is great news.

2275.app-1However the more Azure websites we have, the more websites we have to administer, especially if like us you take advantage of Traffic Manager which requires multiple website in different regions. Azure has some great options for making this administration easier. One job is adding all the settings onto the Azure portal, so far I have been manually adding these, but a quicker way is to use powershell.

PowerShell

PowerShell is everywhere these days. You can use it to control Servers, Active Directory and Exchange. So it is no surprise that you can use it to control Azure.

Open a powershell window and run the following command.

Get-AzurePublishSettingsFile

This command opens an IE window which you can login to Azure and download a file which contains settings that Azure can use. Save the *.publishsettings file and run the following command.

Import-AzurePublishSettingsFile “C:\MyPublishSettings\mysubscriptions.publishsettings”

This imports your Azure settings so that PowerShell can do clever things.

Select-AzureSubscription -Default “mysubscription”

This selects which of your Azure subscriptions to use. Now run the following to import settings into PowerShell.

$s = @{“DebugEmailAccount”=”[email protected]”;”SiteWarningBannerText”=””}

And finally run the following to import this settings into the Azure website you specified.

Set-AzureWebsite azure-websitename -AppSettings $s

Sounds easy doesn’t it. Well it is. The hardest part is getting the settings in the correct format to be imported but this is only string manipulation.

For my project I already have a build script which populates a settings.config file with all these settings, so I have just duplicated this to create a settings.config.importtoAzure file. Next time I have a website to create, I can create it on Azure and run the above script, pasting in the settings file that my build has already produced for me.

This only scratches the surface of what you can do with Azure and PowerShell, hopefully I will do far more in the future.

Visual Studio

I recently replaced my installation of Visual Studio 2013 with Visual Studio 2015 RC.

I like the new version, I am not a Visual Studio expert so it will probably take me a while to find all the good stuff but here are some initial thoughts.

Being as my MSDN subscription is still valid I have installed the professional version to take advantage of its extra features like CodeLens.

One of the first things I spotted was that the integration with Azure has been improved. In the last version it was difficult to sign in to Azure with the correct credentials, especially if you have more than one Azure account. Now you can add multiple Accounts and Subscriptions.

i1CodeLens is a feature that has been around in Visual Studio since 2013, but in 2015 it is available in Professional meaning more people have access to it.

CodeLens gives coders useful information at a glance. Above each class/method is listed how many references there are. If you click on the number of references you can see where that class or method is referenced in the rest of your code. Useful to be able to see which methods or classes are not being used.

Next CodeLens shows who (according to git) last changed the class or method and how many days ago that was. Clicking on it shows a cool graph of when changes have happened and who did them.

Next you can see the number of changes that have been made, basically a source control history, but without having to load up your git client.

For code that doesn’t contain classes or methods such as T_SQL you can see at the bottom of your code window the last two CodeLens information to help you track down what changes have happened recently.

The last new feature that I have noticed is the Light Bulbs that keep showing up all over my code. I think the Light Bulbs might be called Quick Actions, but whatever they are called they are suggestions on how to improve your code. So far they have suggested to be to get rid of using references that are not used, simplify a fully qualified name, drop unneeded this keywords. I am sure more will popup as I do more coding.

These improvements to Visual Studio I like, and I am sure there are many more that I haven’t noticed. I expect support for the vNext .net framework is also in there somewhere which hopefully I can play around with soon.