Wilson Mar bio photo

Wilson Mar

Hello!

Email me Calendar Skype call

LinkedIn Twitter Gitter Instagram Youtube

Github Stackoverflow Pinterest

Pass Microsoft’s AZ-400 on DevSecOps for automated CI/CD pipelines in the Azure cloud and be a SRE

US (English)   Español (Spanish)   Français (French)   Deutsch (German)   Italiano   Português   Cyrillic Russian   中文 (简体) Chinese (Simplified)   日本語 Japanese   한국어 Korean

Overview

There are a lot of summary/high-level tutorials and videos. But this article skips the generalized sales hype and presents a “deep dive” with automation with logical and succinct hands-on steps so you get perficient quickly.

Your settings (Naming Conventions)

PROTIP: What makes my tutorial here unique are (CLI and PowerShell) automation scripts I created to do (quickly and repeatedly) what manual clicking through GUI portal. Running the scripts locally on your laptop requires some installation.

But whether you use GUI or CLI, before diving in, define custom values to be used by Azure, by replacing defaults below with your own:

export AZDEVOPS_ORG_NAME="contoso"
export AZDEVOPS_PROJ_NAME="ContosoWebApp"
export AZDEVOPS_REST_VER="6.0"
export AZDEVOPS_GITHUB_PAT="12928342342982342347abcdf2324234"
export AZDEVOPS_USER_EMAIL="johndoe@gmail.com"
   

The combination of {organization} / {project} is called a “route”.

Documentation below references the settings above.

If you don’t need the history nor to create an Azure account, begin with my QuickStart tour with commentary (below).

az-devops-services-1072x688


Rebranding History

“Azure DevOps” is a big deal for Microsoft, announced Sep 16, 2018.

VIDEO: Buck Hodges (@tfsbuck), Director of Engineering for Microsoft VSTS, Jun 27, 2018 VIDEO: Global DevOps Bootcamp 2018 Keynote how Microsoft evolved from on-premise TFS into VSTS as a service shipping in 3 week sprints, from the same code repository. Add SPS (Shared Platform Service) for account, identity, profile, licensing.

Forrester’s 2018 Continuous Delivery And Release Automation” market assesement ranked Microsoft among leaders (behind Electric Cloud, IBM, Xebia, and CA): azure-devops-gartner-2018-485x527-13777.jpg

NOTE: IBM’s product is called “Urban Code”. IBM also acquired Red Hat and its Ansible portfolio.

The acquisition of GitHub in 2020 has caused confusion about how to prepare for Microsoft’s future direction with Azure DevOps.

Microsoft didn’t use “DevSecOps” because it includes 3rd-party (from Marketplace) security testing tools rather than in-house tools.


Create Azure account

There are options:

Use your benefits

  1. Click Use your benefits.
  2. Click “Register” for 50 percent off the cost of a Microsoft Certification exam by completing your challenge within 30 days.
  3. Click “Register now”.
  4. Click “Get started” under “DevOps Engineer”.
  5. Click “Begin now”.
  6. Work through Microsoft’s 27 free tutorial challenge:

Azure account and project

Alternately, these steps are based on Start using Azure DevOps but with my additional commentary:

  1. Get signed up with Azure and Microsoft Learn accounts. Use of
    https://aka.ms/aft-iot to Create your Azure free is described at
    https://wilsonmar.github.io/azure-cloud-onramp

    Create your organization with a personal Microsoft account or a work or school accountdocs.microsoft.com


dev.azure.com was VisualStudio.com

Here’s some history:

Back in Sept 2018 there was a name upgrade from Visual Studio Online (VSO) http://www.visualstudio.com which included capabilities in Visual Studio Team Services (VSTS), which began as a performance testing server and on-premise Team Foundation Server (TFS), now called “Visual Studio Server” on-premises.

visualstudio com-1185x178-20653.jpg

“Visual Studio App Center” is for mobile iPhone/Android app development and integration (using Xamarin) so not in scope for this topic here. (@vsappcenter)


CLI/PowerShell Automation

If you prefer using ARM YAML, see: https://docs.microsoft.com/en-us/azure/devops/cli/azure-devops-cli-in-yaml?view=azure-devops

PROTIP: YAML runs fail if it’s not perfectly formatted (with no extra spaces, etc.).

Local client install for DevOps

Get prepared by installing CLI command programs for use in your Terminal sessions:

  1. To obtain the .NET Core command-line interface (CLI) tool on a Mac, download file dotnet-install.sh stored in https://github.com/dotnet/cli, then run it.

    chmod +x dotnet-install.sh
    ./dotnet-install.sh

    PROTIP: This is a very well-written bash script.

    The response:

    dotnet-install: Downloading link: https://dotnetcli.azureedge.net/dotnet/Sdk/2.1.701/dotnet-sdk-2.1.701-osx-x64.tar.gz
    dotnet-install: Extracting zip from https://dotnetcli.azureedge.net/dotnet/Sdk/2.1.701/dotnet-sdk-2.1.701-osx-x64.tar.gz
    dotnet-install: Adding to current process PATH: `/Users/wilsonmar/.dotnet`. Note: This change will be visible only when sourcing script.
    dotnet-install: Installation finished successfully.
    
  2. Verify:

    dotnet --version

    3.1.201

  3. For more verbose:

    dotnet --info
  4. Node and NPM:

    node

    npm install bower -g v9.11.1 npm install grunt-cli -g

  5. Verify your machine can get to the bottle resources from Homebrew:

    curl -O https://formulae.brew.sh
    curl -O https://homebrew.bintray.com
  6. To enable az CLI commands:

    brew install azure-cli

    Alternately, if you already have it installed and want to upgrade to the latest version:

    brew upgrade azure-cli
  7. Analytics:

    brew info azure-cli
    azure-cli: stable 2.15.1 (bottled), HEAD
    Microsoft Azure CLI 2.0
    https://docs.microsoft.com/cli/azure/overview
    /usr/local/Cellar/azure-cli/2.15.1 (16,636 files, 221.9MB) *
      Poured from bottle on 2020-12-04 at 15:31:19
    From: https://github.com/Homebrew/homebrew-core/blob/HEAD/Formula/azure-cli.rb
    License: MIT
    ==> Dependencies
    Required: openssl@1.1 ✔, python@3.8 ✔
    ==> Options
    --HEAD
      Install HEAD version
    ==> Caveats
    Bash completion has been installed to:
      /usr/local/etc/bash_completion.d
    ==> Analytics
    install: 38,000 (30 days), 103,343 (90 days), 318,336 (365 days)
    install-on-request: 37,613 (30 days), 102,290 (90 days), 313,119 (365 days)
    build-error: 0 (30 days)
  8. Analyze and act on caveats in response such as:

    ==> python
    Python has been installed as
      /usr/local/bin/python3
     
    Unversioned symlinks `python`, `python-config`, `pip` etc. pointing to
    `python3`, `python3-config`, `pip3` etc., respectively, have been installed into
      /usr/local/opt/python/libexec/bin
     
    If you need Homebrew's Python 2.7 run
      brew install python@2
     
    You can install Python packages with
      pip3 install 
    They will install into the site-package directory
      /usr/local/lib/python3.7/site-packages
     
    See: https://docs.brew.sh/Homebrew-and-Python
    ==> azure-cli
    Bash completion has been installed to:
      /usr/local/etc/bash_completion.d
    </pre>
    
    
  9. Confirm: (based on docs for macOS, Ubuntu, Windows 10, Azure Cloud Shell):

    az --version

    PROTIP: The CLI doesn’t assume a Python virtual environment, so it relies on finding the installed Python version.

    azure-cli                         2.24.2 *
     
    core                              2.24.2 *
    telemetry                          1.0.6
     
    Python location '/usr/local/Cellar/azure-cli/2.24.2/libexec/bin/python'
    Extensions directory '/Users/wilsonmar/.azure/cliextensions'
     
    Python (Darwin) 3.8.10 (default, May  4 2021, 03:04:19)
    [Clang 11.0.0 (clang-1100.0.33.17)]
     
    Legal docs and information: aka.ms/AzureCliLegal
     
    You have 2 updates available. Consider updating your CLI installation with 'az upgrade'
     
    Please let us know how we are doing: https://aka.ms/azureclihats
    and let us know if you're interested in trying out our newest features: https://aka.ms/CLIUXstudy
    

    Previously:

    Extensions:
    azure-cli-iot-ext                  0.8.7
    
  10. Upgrade az if requested.

    This command is in preview and under development. Reference and support levels: https://aka.ms/CLI_refstatus
    Your current Azure CLI version is 2.24.2. Latest version available is 2.25.0.
    Please check the release notes first: https://docs.microsoft.com/cli/azure/release-notes-azure-cli
    Do you want to continue? (Y/n): y
    

    docs.microsoft.com/en-us/cli/azure/get-started-with-azure-cli?view=azure-cli-latest to Get started with Azure CLI

    Azure DevOps CLI extension

    Based on: https://docs.microsoft.com/en-us/azure/devops/cli/?view=azure-devops

  11. Optionally: Add CLI extension:

    az extension add --name azure-devops

    NOTE: The extension was built from https://github.com/Azure/azure-devops-cli-extension

    PROTIP: Instead of the above command, run this next command and it prompts you to install if it’s not installed. A neat feature!

  12. Widen your Terminal to list az devops commands detailed at docs.microsoft.com/en-us/azure/devops/cli/quick-reference?view=azure-devops

    az devops -h
       
    
    az devops : Manage Azure DevOps organization level operations.
         Related Groups
         az pipelines: Manage Azure Pipelines
         az boards: Manage Azure Boards
         az repos: Manage Azure Repos
         az artifacts: Manage Azure Artifacts.
     
    Subgroups:
     admin            : Manage administration operations.
     extension        : Manage extensions.
     project          : Manage team projects.
     security         : Manage security related operations.
     service-endpoint : Manage service endpoints/service connections.
     team             : Manage teams.
     user             : Manage users.
     wiki             : Manage wikis.
     
    Commands:
     configure        : Configure the Azure DevOps CLI or view your configuration.
     feedback         : Displays information on how to provide feedback to the Azure DevOps CLI team.
     invoke           : This command will invoke request for any DevOps area and resource. Please use
                        only json output as the response of this command is not fixed. Helpful docs -
                        https://docs.microsoft.com/rest/api/azure/devops/.
     login            : Set the credential (PAT) to use for a particular organization.
     logout           : Clear the credential for all or a particular organization.
    
    NOTE: Reviews of this command
  13. Configure default configuration for your organization and project using your settings discussed in this document (above)

    az devops configure --defaults organization="https://dev.azure.com/$AZDEVOPS_ORG_NAME" \
    project="$AZDEVOPS_PROJ_NAME"
    

    NOTE: If you’re connecting to an on-prem Azure DevOps Server, the URL would instead be:

    organization=https://ServerName/CollectionName
  14. To confirm the installation:

    az extension show --name azure-devops
    {
      "extensionType": "whl",
      "metadata": {
     "author": "Microsoft",
     "author_email": "VSTS_Social@microsoft.com",
     "azext.minCliCoreVersion": "2.2.0",
     "classifiers": [
       "Development Status :: 4 - Beta",
       "Intended Audience :: Developers",
       "Intended Audience :: System Administrators",
       "Programming Language :: Python",
       "Programming Language :: Python :: 3",
       "Programming Language :: Python :: 3.4",
       "Programming Language :: Python :: 3.5",
       "Programming Language :: Python :: 3.6",
       "License :: OSI Approved :: MIT License"
     ],
     "description": "Microsoft DevOps CLI Extension for Windows, Mac and Linux\n=========================================================\n\n1.0.0\n---------------------\n\n* Initial preview release.\n\n",
     "filename": "/Users/wilsonmar/.azure/cliextensions/azure-devops/azure_devops-0.18.0.dist-info",
     "home_page": "https://github.com/Microsoft/azure-devops-cli-extension",
     "license": "MIT",
     "metadata_version": "2.0",
     "name": "azure-devops",
     "platforms": [
       "UNKNOWN"
     ],
     "requires_dist": [
       "distro (==1.3.0)",
       "python-dateutil (==2.7.3)",
       "msrest (<0.7.0,>=0.6.0)"
     ],
     "summary": "Tools for managing Azure DevOps.",
     "version": "0.18.0"
      },
      "name": "azure-devops",
      "path": "/Users/wilsonmar/.azure/cliextensions/azure-devops",
      "version": "0.18.0"
    }

    QUESTION: “Programming Language :: Python :: 3.6” is the latest supported?

  15. Set the memory variable “msrest (<0.7.0,>=0.6.0)”:

    export AZDEVOPS_REST_VER="6.0"

    devops login

  16. In GitHub obtain a PAT (Personal Access Token) for the service account used to run pipelines and save it in a private place:

    export AZDEVOPS_GITHUB_PAT="12928342342982342347abcdf2324234"
  17. Sign in using the Azure CLI az login command or an Azure DevOps Personal Access Token (PAT)

    az devops login --organization "http://dev.azure.com/$AZDEVOPS_ORG_NAME"
  18. When prompted. paste the PAT. See https://docs.microsoft.com/en-us/azure/devops/cli/log-in-via-pat?view=azure-devops&tabs=windows

    See https://docs.microsoft.com/en-us/azure/devops/organizations/accounts/use-personal-access-tokens-to-authenticate?view=azure-devops&tabs=preview-page#create-a-pat

    More CLI commands

    https://stackoverflow.com/questions/64502148/how-to-securely-login-in-az-cli-from-a-devops-pipeline

    STAR: VIDEO: references scaffoling script examples at https://github.com/Azure/azure-devops-cli-extension/tree/master/examples/Scaffolding

    STAR: Also see https://www.dotnetcurry.com/devops/1528/azure-devops-cli

    https://www.keithjenneke.com/getting-started-with-the-azure-devops-cli/

    Invoke REST API from CLI

    When the Azure DevOps CLI doesn’t cover a resource or action, can use the “catch-all” command to call the Azure DevOps REST API:

    GET https://vsrm.dev.azure.com/{organization}/{project}/_apis/release/releases?api-version=6.0
    
    az devops invoke --area release --resource releases \
       --route --api-version "6.0-preview" -o json
    
  19. To get a list of REST API releases:DOCS:

    curl GET "https://vsrm.dev.azure.com/$AZDEVOPS_ORG_NAME/$AZDEVOPS_PROJ_NAME/_apis/release/releases?api-version=$AZDEVOPS_REST_VER"

    https://vsrm.dev.azure/route/route/_apis/area/resource/api version

    Add users to project team

    Assuming members we want to add already exists within the Organization and the Project Group:

  20. We have a Security Group.

  21. Get Group Descriptor:

    $groupDescriptor = az devops security group list \
       --query "graphGroups[?contains(principalName,'Example1 Team')].[descriptor]" -o tsv
    
  22. Get Member Descriptor:

    $memberDescriptor = az devops user show \
       --user "$AZDEVOPS_USER_EMAIL" \
       --query user.descriptor -o tsv
    
  23. Add members to the group:

    az devops security group membership add \
       --group-id $groupDescriptor --member-id $memberDescriptor
    

    Show Build in browser

  24. To show details of a specific build (id 1) in the default browser:

    az pipelines build show --id 1 --open

    Git branches

  25. To make sure you have the correct branch selected:

    David Tesar (@dtzar, host of DevOps-Dimension on channel9.msdn) wrote the two branches which visually display the same front-end website content with a SQL Azure back-end (all PaaS):

    • Branch aspnet45 contains code for ASP.NET 4.5 used on older “bare metal” machines. Don’t use this.

    • Branch master contains code for ASP.NET Core used within Containers. Use this.


GUI QuickStart: dev.azure.com was aex.dev.azure.com

  1. In a browser, use a profile for each one of your emails (corporate employee, gmail, hotmail, outlook, etc.)

    PROTIP: I use different browser programs so I can quickly press command+Tab (on a Mac) to switch between documentation (on Brave browser), apps (on Chrome), and Azure DevOps (on Microsoft Edge):

  2. PROTIP: Click on your browser’s avatar picture to select the browser profile housing the browser cookies and history associated with the email address you are using (one email for corporate/client work, one for your personal gmail, one for hotmail/outlook, etc.).

  3. In the Microsoft Edge browser, go to the “Azure Dev Essentials” site hosting Azure DevOps at:

    https://aex.dev.azure.com/me?mkt=en-US

  4. If you’re using a browser profile, you would be logged in automatically based on prior session’s history. Otherwise, sign in using the same account you use for Azure billing.

  5. Select “Default Directory” if you don’t have alternative tenants.

    Account Profile GUI

  6. Click on the “User Settings” icon at the top menu to the left of your account avatar:

    az-devops-acct-menu-2021-06-24

    TODO: Change profile items.

    Create Organization

    DOC: Quick Start: Create an Azure DevOps organization

  7. Click the blue “Create new organization” under title “Get started with Azure DevOps”.

    PROTIP: Several organizations can be created under an account.

  8. Click “Continue” in the pop-up “Get started with Azure DevOps” with Terms and Conditions checked.
  9. Optionally, change the Azure DevOps organization name Azure generates based on your username, such as:

    https://dev.azure.com/wilsonmar0412

    Many admins change the user name to a team name if several others will be using it.

  10. “We’ll host your projects in” provides a limited number of locations/regions:

    • West Europe
    • East Asia
    • Central US (the only one in the US)
    • Brazil South
    • Canada Central
    • Australia East
    • UK South
    • South India

    PROTIP: Create your other resources in the region selected to avoid cross-region network charges.

  11. Enter the CAPTCHA (two lines of the graphic are enter as one line).
  12. Click the blue “Continue” for a “Create a project to get started” dialog.

    You’ll get an email about the new organization.

    Organization-level Settings

  13. Click on “Organization Settings” at the lower-left corner for the Organization’s menu.

    azure-devops-dashboard-ll-184x208-4860.jpg

    In the Overview page is where the default Region is specified for all projects.

  14. To switch organizations or configure an organization, click the “Azure DevOps” icon at the upper-left corner:

    Notice that work requests and pull requests are under an organization rather its projects.

    azure-devops-org-menu-241x770-16780.jpg

  15. Click on the organization name.

  16. Configure profile, Security, Usage, Notification settings, Theme, etc.

    Find what permissions you or a team member have, including project-level, collection-level, and object-level…docs.microsoft.com in Quick Start: View permissions for yourself or others - Azure DevOps & TFS

  17. Privacy URL. ???
  18. Time zone: leave as default “UTC”, which doesn’t have Daylight Savings Time (Summer Time).

  19. Navigate to Organization settings -> Billing -> Setup billing -> Select an Azure subscription. Select the Azure Pass subscription which results in the green “Subscription is valid”. Click “Save”.

    CAUTION: That green “valid” line doesn’t appear if you now click “Change billing”. You’ll need to remove billing to see it again.

  20. Set the “MS Hosted CI/CD” field “Paid parallel jobs” to 1 (from the default 0). Scroll down to the bottom and click “Save” (leaving all other defaults, such as 5 Basic users, etc.).

  21. While waiting for new settings to be reflected in the back end (at least 3 hours before using CI/CD capabilities), you will see this message at ???

    This agent is not running because you have reached the maximum number of requests…

    Create project using CLI

  22. Create project using the basic process template:

    az devops project create --name "$AZDEVOPS_PROJ_NAME" \
       --process basic \
       --description "Az Devops CLI Example1" 
    

    Defaults: -s or –source-control (git)
    –visibility (private)

    Project Generator

  23. To create a new pre-defined project with pre-populated sample content (which include source code, work items, iterations, service endpoints, build and release definitions) based on a template you choose, open a new browser tab to:

    https://azuredevopsdemogenerator.azurewebsites.net

    NOTE: The site was built using github.com/microsoft/AzureDevOpsDemoGenerator

  24. Click the blue “Sign In” for the same email you used in the steps above.
  25. Click “Accept” after memorizing the default permission granted ;)
  26. For New Project Name: include in the project name the template name to be selected below:

    TailwindTraders

    For production project, specify your product, according to your Naming Conventions.

  27. Select Organization: the one created above.
  28. Leave unchecked “I want to fork this repository”.

    Create project using a Template

    NOTE: This is based on from code at https://github.com/CanarysAutomationsInternal/AppCenterDemoGenerator

  29. For “Selected template”: click “Select Template” then “TailwindTraders” because steps below require it.

    NOTE: Don’t choose the others:

    BTW you can build your own template.

  30. Right-click on ARM Outputs for a new browser tab to ARM Outputs extension page for Visual Studio (licensed product not available on MacOS). Click the green “Get it free”. Optionally: DOCS for use with Visual Studio.

  31. Return to the Azure DevOps Demo browser page.

  32. Check the box about “third party” and click the blue “Create Project”

    • Project gend created
    • Required extensions are installed
    • 1 team(s) created
    • Board-Column, Swimlanes, Styles updated
    • Created Wiki
    • Build definition created

  33. When “Congratulations” appears, click the blue “Navigate to project”.

    Notice another tab is created with counts of work items created and completed in Azure Boards:

    az-devops-template-stats

    Run a test build

  34. To run a test build.

Parts Unlimited demo apps

  • http://microsoft.github.io/PartsUnlimited (http://aka.ms/pumrplabs) describes the app.
  • Front end service runs Apache Tomcat and talks to order service
  • Order and Integration service runs Java and calls MongoDB
  • Integration service integrates with Parts Unlimited Website
  • Includes a Dockerfile and sample publishing profile to publish to a Docker container
  • Includes ARM JSON templates and PowerShell automation scripts to easily build and provision your environment

https://github.com/Microsoft/PartsUnlimitedMRP

(PUMRP) is a fictional outsourced Manufacturing Resource Planning (MRP) app built entirely using open source software: Linux, Java, Apache, and MongoDB which creates a web front end, an order service, and an integration service.

  1. When successful, you’ll get an email.

    Create Project

  2. Learn how to structure a project, manage users, and more to support your software development teams:

    Quick Start: Get started as a project admin or organization owner in Azure DevOps

    Sign up for Azure DevOps and invite teammates - Azure DevOps Quickstart guide to signing up and inviting others to join a project in Azure DevOpsdocs.microsoft.com

  3. Type a project name, such as “PU”. Naming convention: The format of the URL is:

    https://dev.azure.com/YourOrganization/project
    

    NOTE: You can use the slash character.

  4. Leave Visibility as the default “Private” until it’s ready for Public viewing.
  5. Click “Advanced” to reveal more choices.
  6. Leave Version control default of “Git”.
  7. Leave Work item process default of “Agile” for Azure Board terminology:

    • Agile
    • Basic (the default)
    • CMMI
    • Scrum

  8. PROTIP: Bookmark the URL on the page for use in the future, such as:
    https://dev.azure.com/wilsonmar0014/PU

    To view this sample project populated, click it for a full-screen:
    azure-devops-dashboard-abel-1920x552-76907.jpg

    Project GUI menu

    Notice the hierarchy at the top breadcrumb:

    wilsonmar0964 / whatever1 / Overview / Summary

    Expanded as the default are Overview menu items for the selected project (Summary, Dashboards, Wiki).

    az-devops-proj-menu-2021-06024

  9. Clicking on a project menu category (such a “Repos”) contracts the previously selected menu items. So …

  10. Click “«” at the lower-left corner to reveal the “Project settings” menu.

    PROTIP: I leave the left menu minimized because mousing over the icon reveals its sub-menu .

    Work Items

  11. Notice that “My work items” and “My pull requests” are at the Organization level.

    Import repo from GitHub

  12. Check whether a Git Repo exists:

    az repos list --query "[].name" -o tsv
  13. In the GUI, be in your project.

  14. Click on Repos. Several options are shown.
  15. Click “Import”.
  16. Paste the URL to where the repository is located. For this tutorial you have two choices which VIDEO: Microsoft has created several sample apps (with source code) implements the eCommerce website described as “Project Unicorn” in chapters 31-35 of The Phoenix Project by Gene Kim, Kevin Behr, and George Spafford, © 2013.

  17. Click on the project name.

    Notice that the project menu remains minimized.

    Project Settings

    Remember that the cog icon is associated with “Project settings”.


Workflows (Reference Architectures)

The work above kickstarts the first two steps in this sequence of work (from CI/CD for Azure VMs) described in this flowchart: Click on diagram for full-screen pop-up
azure-devops-ref-arch-cicd-avm-1176x746.png

  1. Engineer uses Visual Studio to Git Commit changes into Azure Repos.
  2. Commit application code and Azure Resource Manager template into Azure Repos.

    PartsUnlimited Manual Deployment to Azure App Services with Visual Studio and ARM Templates (PartsUnlimited) provides a hands-on, step-by-step instructions:

    1. Setup Local Visual Studio 2017 environment
    2. Create Azure App Service Infrastructure from Visual Studio uing ARM Templates
    3. Publish the website to Azure App Service Production URL
    4. Publish the website to Azure App Service dev and staging sites
    5. Swap dev and staging site content

  3. Continuous integration triggers application build and unit tests in Azure DevOps Pipelines.
  4. Continuous Deployment trigger orchestrates deployment of application artifacts with environment-specific parameters.
  5. Deployment to QA environment using Azure DevTest Labs
  6. Deployment to Staging environment using Azure Virtual Machines.
  7. Deployment to production environment using Azure Virtual Machines.
  8. Azure Application Insights collects and analyzes health, performance, and usage data.
  9. Engineer reviews health, performance, and usage information.
  10. Update backlog item as complete in Azure DevOps Boards.

Other “Reference Architectures” with workflows:

PROTIP: Notice that all of them have Visual Studio thick client (at the lower-left corner) as the interface for engineers rather than Visual Studio Code (VSCode).

You must install Visual Studio thick client

VIDEO: Tutorial: PartsUnlimited Setup with Visual Studio 2017 is obsolete because it uses VSTS. QUESTION: Difference with Visual Studio 2109 for Mac?

Enable “ASP. NET and web development” and “Azure development” during installation or Tools > Get Tools and Features, Modify.

Azure Service Endpoints

Extensions to Azure DevOps Services

  1. Find and install free extensions for Azure DevOps Services on https://marketplace.visualstudio.com/azuredevops based on Quick Start: Install free extensions for Azure DevOps Services

  2. If you click “Visual Studio”, the browser issues a URL such as:

    vsweb://vs/?Product=Visual_Studio&EncFormat=UTF8&tfslink=dnN0Z…

    This should open the Visual Studio for Mac app installed on your machine.

    This is perhaps the most disheartening as the product currently does a clumsy job working with Git and GitHub.

    1. Install Visual Studio 2017 or 2019 within a Windows machine.
    2. In Tools, Get Tools and Features, select “ASP.NET and web development” and “Azure development”. These two should be check in “Workloads”
    3. Install PowerShell. The scripts folder contains .ps1 PowerShell scripts
    4. Download and install Node v6.12.3 (which has build tools taken out in v8).
    5. Install Bower and Grunt (ignore deprecated warning).
      • ASP.NET 5 support for Linux and Mono
      • Updated to .NET Core 2.0 in Jan 2018
      • Modern HTML5 responsive layout using bootstrap for mobile, tablet, and PC
      • Includes a Dockerfile and sample publishing profile to publish to a Docker container
      • Supports multiple authentication options including Azure Active Directory, Google, and Facebook
      • Azure Machine Learning product recommendations based on Order History
      • Designed for Azure Websites, including Testing in Production, Staging slots and environment variables for feature flags (to turn off recommendations)
      • Includes Grunt tasks for publishing assets to Azure Storage for CDN ingestion for faster performance
      • Entity Framework code-first using SQL Azure or an in-memory database (Mono)
      • Basic administration pages to add or edit product information
      • Includes Azure RM JSON templates and PowerShell automation scripts to easily build and provision your environment


AZ-400 certification

azure-devopsexpert-230x258-7173.jpg You need to have passed EITHER exam AZ-104 “Administrator Associate” OR AZ-203/204 “Developer Associate” before paying $165 to pass exam AZ-400 “Implementing Azure DevOps Solutions” to make you a “Microsoft Certified: Azure DevOps Engineer Expert”.

NOTE: Exam AZ-400 replaces exam “Implementing Microsoft Azure DevOps Solutions” 70-538. Although there are still free online courses from Microsoft at at EDx.org, the 9 video courses (of 8-16 hours each) Microsoft Professional Program for DevOps is now gone. The course catalog said it covers 6 technologies:

  1. VSTS (Visual Studio Team System)
  2. “Visual Studio” 2017/2019
  3. Azure Container Service (ACS) is like Docker and rkct (from Red Hat, pronounced like “rocket”).
  4. Application Insights
  5. Selenium (for functional testing)
  6. Operations Management Suite (OMS)

Threshold for passing:
A minimum score of 70 percent on the overall exam.
A minimum score of 35 percent on each exam domain.

Microsoft’s AZ-400 tutorials

Microsoft’s free textual tutorials and labs uses the same structure as the exam:

Instrumentation (Logging) Strategy

VIDEO:

https://app.pluralsight.com/library/courses/microsoft-devops-solutions-designing-implementing-logging Logging

https://app.pluralsight.com/library/courses/microsoft-devops-solutions-designing-implementing-telemetry Design and implement Telemetry metrics (Application insights) alert rules, user behavior insights

SRE Strategy

https://app.pluralsight.com/library/courses/microsoft-devops-solutions-developing-actionable-alerting-strategy Develop an actionable alerting strategy

https://app.pluralsight.com/library/courses/microsoft-devops-solutions-designing-failure-prediction-strategy Design a Failure Prediction strategy

https://app.pluralsight.com/library/courses/microsoft-devops-solutions-designing-implementing-health-checks Implement Health checks

Security Plan

https://app.pluralsight.com/library/courses/microsoft-devops-solutions-designing-authentication-authorization-strategy

https://app.pluralsight.com/library/courses/microsoft-devops-solutions-designing-sensitive-information-strategy

https://app.pluralsight.com/library/courses/microsoft-devops-solutions-developing-security-compliance

https://app.pluralsight.com/library/courses/microsoft-devops-solutions-designing-governance-enforcement-mechanisms

Source Controls

https://app.pluralsight.com/library/courses/microsoft-devops-solutions-developing-modern-source-control-strategy

https://app.pluralsight.com/library/courses/microsoft-devops-solutions-integrating-source-control-tools

Facilitating Communication and Collaboration

https://app.pluralsight.com/library/courses/microsoft-devops-solutions-communicating-collaborating-stakeholders

https://app.pluralsight.com/library/courses/microsoft-devops-solutions-generating-devops-process-documentation

https://app.pluralsight.com/library/courses/microsoft-devops-solutions-automating-communication

Define and Implement Continuous Integration

https://app.pluralsight.com/library/courses/microsoft-devops-solutions-designing-build-automation

https://app.pluralsight.com/library/courses/microsoft-dev-ops-solutions-designing-package-management-strategy

https://app.pluralsight.com/library/courses/microsoft-devops-solutions-designing-application-infrastructure-management-strategy

https://app.pluralsight.com/library/courses/microsoft-devops-solutions-implementing-maintaining-standardizing-build-strategies

Define and implement a continuous delivery and release management strategy

https://app.pluralsight.com/library/courses/microsoft-devops-solutions-developing-deployment-scripts-templates

https://app.pluralsight.com/library/courses/microsoft-devops-solutions-implementing-orchestration-automation-solutions

https://app.pluralsight.com/library/courses/microsoft-devops-solutions-planning-deployment-environment-strategies


Products and Services

Azure DevOps makes use of the following products (services and client executables):

NOTE: Microsoft exited the software testing market in 2019 by retiring their products.

  • Azure IAM access manager

  • AEX.dev.azure.com replaces Visual Studio at https://app.vssps.visualstudio.com/

  • Azure Resource Manager (ARM) carries out specifications entered in the Azure Dashboard. It deploys, updates, or deletes cloud resources in a single, coordinated operation. Resources can include virtual machines, storage accounts, virtual networks, services, or any component that you are managing. NOTE: VIDEO: ARM vs. Classic Azure Service Management

  • Azure Key Vault provides an HSM (vs. Hashicorp Vault, which enforces automatic revocation of leases with key usage audit and key rolling). KMS is focused on securely storing encryption keys and supporting cryptographic operations (encrypt and decrypt) using those keys. It supports access controls and auditing as well.

  • Azure Service Fabric

  • Azure Container Service (AKS) - uses Docker to make dynamic scaling easy on Kubernetes, Docker Swarm, or Mesos DC/OS. AKS handles auto upgrades, patching, and self-healing of Kubernetes clusters.

    https://docs.microsoft.com/en-us/azure/aks/intro-kubernetes Introduction to Azure Container Service (AKS)

    https://docs.microsoft.com/en-us/azure/aks/kubernetes-walkthrough Deploy an Azure Container Service (AKS) cluster

    https://azure.microsoft.com/en-us/resources/videos/episode-198-azure-container-service-with-ross-gardler/ Cloud Cover Episode 198: Azure Container Service with Ross Gardler

  • Azure Container Registry (ACR) stores images for different types of container deployments (Swarm, DC/OS and Kubernetes, etc.) as well as Azure services such as App Service, Batch, and Service Fabric.

    Unlike Docker Hub, ACR provides more control over who can see and use images, which ACR can sign cryptographically (to detect corruption) and encrypt at rest. The Premium SKU of Container Registry includes 500 GiB of storage that is geo-replicated.

    ACR Tasks dynamically discovers base image dependencies when it builds a container image, so when changes are detected, automatically rebuilds application images.

  • Log Analytics (generally available)

    azure-log-analytics-711x306-35708.jpg

  • azure-app-insights-icon-51x50.pngApplication Insights - the APM service works with Azure Service Profiler for ASP.NET code. Its API and SDKs (in .NET, Java, node.js) and TelemetryClient obtain metrics about requests, pages views, dependency calls, trace (log) messages, exceptions, and more. (Add Retrace to collect first chance exceptions)

    Monitor Web Apps using Azure Application Insights Nov 18, 2016

  • Other Azure DevOps tool integrations

Summary: DevOps tools overview for Azure DevOps

Azure DevOps Product components

Each widget on the Dashboard can be added or deleted using an API.

https://status.dev.azure.com/_history lists events and status in each geographical area (region) by product:

1). Azure Boards (like Jira) to plan, track, and discuss Work Items across teams using Kanban boards (to deliver value to users faster)

2). Azure Repos (like GitHub and AWS Code Commit, etc.) to use Git for source version, collaborate using pull requests, and file management

3). Azure Pipelines (like Jenkins, AWS CodeDeploy, etc.) for CI/CD automation

4). Azure Test Plans to manage manual and exploratory testing

5). Azure Artifacts (like Artifactory, Nexxus, etc.) for binary package consumption package management

azure-devopssuite-52x52.pngAzure DevOps Services (https://azure.com/devops) adds to the above this product offering:

6). Azure DevTest Labs (like Sauce Labs) provides self-service creation of pre-provisioned sandbox environments from private custom images in VHD.

QUESTION: Do “Other services” include extensions installed from https://marketplace.visualstudio.com/items, such as Code Search, Analytics, etc.

Each product above has its own pricing.

The Features Timeline (product roadmap) has additional “Areas”:

  • Administration
  • Notifications
Sign into aka.ms/AzureDevOpsForum = Developer Community Problems and Features (Active Newest Votes)

NOTE: Azure DevOps works with more languages than just C# (Java, etc.).

AZ-400 Certification Class Labs

PROTIP: I attended Microsoft’s 5-day live AZ-4100T00 class by Robert Tichelman & Vishal Nigam, but I highly recommend everyone to walk through their lab instructions in Github by Michael Kenntenich. The class Modules and labs aka.ms/az400labs

Module 1. Planning for DevOps

Module 2. Getting Started with Source Control [Azure Repos]

Module 3. Managing Technical Debt

Module 4. Working with Git for Enterprise DevOps

Module 5. Configuring Azure Pipelines

Module 6. Implementing Continuous Integration using Azure Pipelines

Module 7. Managing Application Configuration and Secrets

Module 8. Implementing Continuous Integration with GitHub Actions

Module 9. Designing and Implementing a Dependency Management Strategy

Module 10. Designing a Release Strategy

Module 11. Implementing Continuous Deployment using Azure Pipelines

Module 12. Implementing an Appropriate Deployment Pattern

Module 13. Managing Infrastructure and Configuration using Azure Tools

Module 14. Third Party Infrastructure as Code Tools Available with Azure

Module 15. Managing Containers using Docker

Module 16. Creating and Managing Kubernetes Service Infrastructure

Module 17. Implementing Feedback for Development Teams

Module 18. Implementing System Feedback Mechanisms

Module 19. Implementing Security in DevOps Projects

Module 20. Validating Code Bases for Compliance


API to DevOps

Azure DevOps Services REST API Reference v5 was defined in 2016 with libraries:

  • .NET conceptual documentation and .NET reference documentation by extending TFS via C#
  • Node.js
  • Python
  • Swagger 2.0 specification
  • Web Extensions SDK

QUESTION: Were there SOAPUI or Postman files built for this API?


Resources associated with a particular product from Microsoft Learn are provided below.

Azure Boards

Websites: Product | Docs | Get started

VIDEO: Using Azure Boards with GitHub

Quickstart guide to plan and track work - Azure Boards Plan and track work in your new team project on Azure Boardsdocs.microsoft.com

Start using Azure Boards (Agile process)

  1. Add & update work items, approve releases, view work tracking progress with Stakeholder accessdocs.microsoft.com

    Get started with Stakeholder access - Azure DevOps & TFS

Azure Repos

Websites: Product |

Quick Start: Code with Git in Azure DevOps - Azure DevOps Services & TFS - Learn how to share code in a Git repo and new projectdocs.microsoft.com

azure-devops-repos-home-1920x568-61555.jpg

GitHub Actions

More than just hooks.

VIDEO: Using GitHub Actions to Deploy to Azure Mar 28, 2019

See https://github.com/azure/github-actions

Azure Artifacts

Websites: Product |

To host private Nuget (Windows), npm (NodeJs), Maven (Java), Python packages with builds.

Package management such as Artifactory.

  1. View documentation

  2. Get from the Marketplace

  3. Quickly access artifacts by favoriting them in Azure DevOps Services & Team Foundation

    DOCS: Set personal or team favorites

Azure Test Plans

Websites: Product |

Azure Pipelines

Websites: Product | User Guide

Azure DevOps Repos and Pipelines are free starting prices for up to 5 people running 10 parallel jobs in 1 hosted job up to 1,800 minutes per month. I azure-devops-pipelines-screen-1018x396-114045.png

“WhiteSource Bolt” is a security analysis tool (like Black Duck license rating, SonarQube, Open Web Application Security Project)

https://github.com/rfennell/AzurePipelines

VIDEO: azure-pipelines.yml files

CLI can be called from within an Azure Pipeline:*

- task: AzureCLI@2
  displayName: Publish Function
  inputs:
    azureSubscription: Name of the Azure Resource Manager service connection
    scriptType: ps
    scriptLocation: inlineScript
    inlineScript: |
      func azure publish function-name
   

References:

  • Azure Pipelines overview showing PartsUnlimited “Piplines work with many languages” by Mickey Gousset

  • https://pleasereleaseme.net/deploy-a-dockerized-application-to-azure-kubernetes-service-using-azure-yaml-pipelines-4-running-a-dockerized-application-locally/

Azure DevTest Labs

Websites: Product

  • Quickly provision development and test environments
  • Minimize waste with quotas and policies
  • Set automated shutdowns to minimize costs
  • Build Windows and Linux environments


Resource Groups

Factors to consider when defining resource groups (containers):

  • All the resources in a group should share the same lifecycle. You will deploy, update, and delete them together. If one resource, such as a database server, needs to exist on a different deployment cycle, it should be in another resource group.
  • Each resource can only exist in one resource group at a time.
  • You can add or remove a resource to a resource group at any time.
  • You can move a resource from one resource group to another group.
  • A resource group can contain resources that reside in different regions.
  • A resource group can be used to scope access control for administrative actions.
  • A resource can be linked to a resource in another resource group when the two resources must interact with each other, but they do not share the same lifecycle (for example, multiple apps connecting to a database).

Up to 15 tags per ARM resource to logically organize resources for cost accounting. Tag names are limited to 512 characters. Tag values are limited to 256 characters.

https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-group-authoring-templates Understand the structure and syntax of Azure Resource Manager templates

See https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-group-using-tags

https://azure.microsoft.com/en-us/documentation/articles/resource-group-overview/#access-control

https://www.youtube.com/watch?v=h0UDIcRnPog

QUESTION: How are ARM Templates version controlled?


RBAC (Role-based Access Control)

Access to specific actions are limited to each user based on his/her assigned role.

https://azure.microsoft.com/en-us/documentation/articles/resource-group-overview/#access-control

In addition to built-in roles such as “Reader”, add custom roles using templates such as:

{
		"$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
		"contentVersion": "",
		"parameters": {  },
		"variables": {  },
		"resources": [  ],
		"outputs": {  }
	}
  • $schema: The location of the JSON schema file that describes the version of the template language.
  • contentVersion: The version of the template (such as 1.0.0.0).
  • parameters: The optional values that are provided when deployment is executed to customize resource deployment.
  • variables: The values that are used as JSON fragments in the template to simplify template language expressions.
  • resources: A manageable item that is available through Azure. Some common resources are a virtual machine, storage account, web app, database, and virtual network, but there are many more.
  • outputs: The values that are returned after deployment

Azure Templates

Deploy predefined templates from the Azure Marketplace, the https://github.com/Azure/azure-quickstart-templates QuickStart Templates repo, or as a local private in PowerShell commands such as:

New-AzureRmResourceGroupDeployment -Name ExampleDeployment -ResourceGroupName ExampleResourceGroup TemplateFile PathToTemplate

Alternately, include parameters inline string:

New-AzureRmResourceGroupDeployment -Name ExampleDeployment -ResourceGroupName ExampleResourceGroup -myParameterName "parameterValue"

https://docs.microsoft.com/en-us/azure/active-directory/role-based-access-control-configure

Ansible

Create a basic virtual machine in Azure with Ansible

Install and configure Ansible to manage virtual machines in Azure

Below is an sample playbook that creates an Azure VM and configures SSH credentials.

- name: Create Azure VM
  hosts: localhost
  connection: local
  tasks:
  - name: Create VM
    azure_rm_virtualmachine:
      resource_group: myResourceGroup
      name: myVM
      vm_size: Standard_GS5-8
      admin_username: azureuser
      ssh_password_enabled: false
      ssh_public_keys: 
        - path: /home/azureuser/.ssh/authorized_keys
          key_data: "ssh-rsa CCDDV2aZ...WXhad10h"
      image:
        offer: UbuntuServer
        publisher: Canonical
        sku: '16.04-LTS'
        version: latest

Terraform

Install and configure Terraform to provision VMs and other infrastructure into Azure

Create a complete Linux virtual machine infrastructure in Azure with Terraform

GitHub repositories

https://github.com/Microsoft/azure-devops-dotnet-samples contains C# samples that show how to integrate with Azure DevOps Services and Azure using our public client libraries, service hooks, and more.

https://github.com/Microsoft/DevOps-Architecture has been archived in 2019. It was a (hands-on) guide on building a robust professional devops environment for ASP.NET Core using Azure DevOps by Jeff Palermo (podcast) identifies these for a “professional-grade DevOps environment”:

  • Private build
  • Continuous integration build
  • Static code analysis
  • Release candidate versioning and packaging
  • Environment provisioning and configuration
  • Minimum of a three-tier deployment pipeline
  • Production diagnostics managed by development team
  • Insanely short cycle time through the previous steps

Quick-reference posters on Azure DevOps Architecting, Getting Started, Habits, Practices, Technology from 2019.

https://github.com/mpeder/azdevopssecurity Azure DevOps: Recommended Practices for Secure Pipelines

https://github.com/Microsoft/devops-project-samples https://github.com/Azure/azure-cli https://github.com/Microsoft/azure-devops-auth-samples https://github.com/Azure/azure-devops-cli-extension https://github.com/Azure/azure-devops-utils

https://github.com/Microsoft/azure-devops-node-api https://github.com/Microsoft/azure-devops-python-api https://github.com/benmatselby/go-azuredevops https://github.com/Dinomite-Studios/unity-azure-pipelines-tasks

https://github.com/Azure/azure-api-management-devops-resource-kit

From London http://www.dwyl.io/ https://github.com/dwyl/learn-devops https://github.com/dwyl/learn-microsoft-azure

PowerShell Cmdlets for Azure DevOps and Team Foundation Server

https://github.com/Azure/DevOps-For-AI-Apps

Microsoft Rock Stars

Sam Guckenheimer, Product Owner, Visual Studio Cloud Services at Jeffery Palermo’s VIDEO: AzureDevopsPodcast.clear-measure.com State of Devops report

DevOps Cloud Developer Advocates

League of Extraordinary DevOps Advocates: @LoECDA

was abandoned.

Donovan Brown (@DonovanBrown, http://donovanbrown.com: slide-decks.

Abel Wang (@AbelSquidHead, abelsquidhead.com) on development

Jessica Deen (@jldeen, jessicadeen.com) on Kubernetes, open-source, Linux

Steve Marascky (https://twitter.com/StevenMurawski, https://stevenmurawski.com) on DSC, SRE

Damien Brady (@) on Octopus Deploy

Others in Microsoft

YOUTUBE: Continuous Integration, Continuous Deployment (CI-CD) with Azure DevOps Nov 1, 2018 by Frank Boucher in Montreal

Microsoft Developer Advocate and AI enthusiast Aaron (Ari) Bornstein (@pythiccoder, on Medium)

https://docs.microsoft.com/en-us/learn

https://docs.microsoft.com/en-us/azure/devops/learn/

AZ-400 Practice exams

Case Studies:

Other video tutorials on AZ-400:

Videos

Azure DevOps YouTube channel lists ppt’s with videos on the DevOps Events and Talks webpage :

DevOps For ASP.NET Developers series on Channel9 by by Donovan Brown, Cecil Phillip, Rich Lander, Jeremy Likness, AbelSquidHead

  • Pt.1 - What is DevOps? Apr 15, 2019 by Donovan Brown, Rich Lander, Jeremy Likness. AbelSquidHead convinces (hilariously) skeptical developer Cecil Phillip about putting the SmartHotel360 app into DevOps.

  • Pt.2 - Source Control Apr 15, 2019 by Donovan Brown, Cecil Phillip, Rich Lander, Jeremy Likness, AbelSquidHead. You have the option of a centralized version control with TFVC or distributed version control with Git.

  • Pt. 3 - Work Item Tracking Apr 16, 2019 Being able to visualize the work ahead is an integral part to the success of any software project. With Azure Boards, you can quickly and easily start tracking tasks, features, and bugs associated with runfaster2000.

DevOps courses in Microsoft Virtual Academy (until April 30, 2019) http://aka.ms/DevOpsLearn

  1. Meet the Engineers: Building Line-of-Business Apps at Microsoft with CI/CD 29 June 2018 [57:17]

  2. Track updates made to a work item or pull request by following it when using Azure Boards or Team Foundation Serverdocs.microsoft.com

    Follow work or pull requests - Azure Boards and TFS

  3. Add custom security groups, change permissions for groups or individuals tutorialdocs.microsoft.com

    Change individual or group permissions - Azure DevOps & TFS

  4. Set permissions to grant or restrict access to select build, version control, or work tracking functionsdocs.microsoft.com

    Grant or restrict access to select features - Azure DevOps & TFS

  5. Connect a client to the cloud service Azure DevOps Services or on-premises Team Foundation Server (TFS)docs.microsoft.com

    Connect to a project from a web browser or supported client in Azure DevOps - Azure DevOps & TFS

See http://stories.visualstudio.com/devops


Previous Course (Abandonded)

Alas, EdX has removed their DEVOPS200.5x set of classes by Faculty: Eamonn Kelly, Samantha Lindsey Ahmed, Steve Borg (@stevenborg, steven.borg@nwcadence.com), Sachi Williamson

  1. Introduction to DevOps Practices

    DEVOPS200.1x by Steven Borg

    Learning objectives: Define DevOps and describe its value, history, and building blocks. Define a sustainable DevOps process. Identify appropriate compliance, security, and secrets management strategies. Identify ways to motivate key stakeholders along the DevOps journey.

    1. Team autonomy and enterprise alignment
    2. Rigorous management of technical debt
    3. Focus on flow of customer value
    4. Hypothesis-driven development
    5. Evidence gathered in production
    6. Live-site culture
    7. Manage infrastructure as a flexible resource

    principles and practices: State of DevOps report from Puppet video.

    • https://www.devopsassessment.net/ - Microsoft’s DevOps Self-Assessment
    • How to deploy to IaaS and PaaS environments in Microsoft Azure using ARM templates, Desired State Configuration (DSC) and other deployment tools.
    • Build and deploy applications automatically to Dev, Test, and Production environments.
    • Continuous learning from production to improve and scale business results.
    • Unit tests, Integration tests, load tests, UI tests and test driven-development
    • Data retention strategies, exposure control strategies, and hypothesis-driven development.
    • VIDEO: “snowflake” servers that sticks around (also called “pets”) differs from other servers.

  2. Infrastructure as Code

    DEVOPS200.2x

    • Azure Automation
    • ARM templates
    • Desired State Configuration (DSC) [Powershell]
    • DevTest labs
    • Chef deployments in Azure
    • Puppet deployments in Azure

  3. Continuous Integration and Continuous Deployment

DEVOPS200.3x

  • Configure Git and TFVC version control options for Continuous Integration
  • How to manage Technical Debt and the sources and impact of it.
  • How to create a continuous integration build using VSTS
  • Package Management Integration options such as NuGet, SemVer, GitVersion and others.
  • Agents and Pipelines, including how to release pipelines
  • Continuous Delivery and Release Management strategies
  • Integrating automated testing into your release pipelines using Selenium, Coded UI Testing, Microsoft Test Manager
  • Understand the various availability and performance testing options
  • Automated provisioning and de-provisioning of infrastructure and databases D
  • Deployment groups, feature flags and recovery automation
  • Database deployment in release pipelines
  • Continuous deployment with Jenkins and VSTS

  1. Configuration Management for Containerized Delivery

    DEVOPS200.4x

    • Create container images
    • Manage multiple containers using tools like Docker
    • How to set up a production cluster to host your containers
    • Deploy containerized applications to different orchestrators that are available in Azure Container Service (ACS) i.e. DC/OS, Docker swarm and Kubernetes
    • How to scale up the clusters, manage data and set up monitoring to proactively keep track of the clusters health and its deployed applications
    • Create, monitor and manage a Service Fabric cluster.
    • Manage and maintain Azure hosted clusters and containers in a better way.
    • Deploy containerized applications to one of the available cluster container solutions, using continuous delivery pipelines.
    • Manage these clusters in production scenarios.

    Videos:

  2. DevOps Testing

DEVOPS200.5x

Test Driven Development Studio: https://aka.ms/edx-devops200.5x-tdds Complete DevOps Solution: https://aka.ms/edx-devops200.5x-cdos

  • Understand various testing types and usage scenarios
  • Test-Driven development and it’s benefits
  • How to create and implement Unit tests and the elements of a good test
  • How to create basic API tests (or Integration tests)
  • Performance testing and how to create a performance test using Visual Studio and Visual Studio team services (VSTS)
  • How to analyze performance test results using Application Insights
  • Exploratory testing in the context of visual Studio and Microsoft Test Manager

  1. DevOps for Databases

    DEVOPS200.6x

    • Define DevOps
    • Identify the challenges of using databases that are separate from other software languages and platforms
    • Include your database code alongside other application code in a version control system (VCS)
    • Set up a Continuous Integration (CI) platform for your database code
    • Write and include automated unit tests for your database code
    • Develop an automated release process that deploys database changes to both on premise and cloud databases
    • Implement branching and merging for your database code
    • Instrument and monitor the database after deployment

  2. Application Monitoring and Feedback Loops

    DEVOPS200.7x by Tiago Pascoal

    • Understand general application monitoring and feedback loop practices and principles.
    • The different kinds of feedback and how they are used in different stages of the value stream, and their benefits.
    • How to set up up monitoring with Azure Application Insights
    • Monitor web application availability
    • Search and analyze monitoring data in Application Insights
    • How to use and query Application Insights data and Application Maps
    • How to set up, configure, query and analyze data collection on Operations Management Suite (OMS) Log Analytics
    • How to set up alerts in OMS and integrate Application Insights
    • Configure and monitor a web application with New Relic
    • Configure and use Loggly

Choose either 8 or 9:

  1. DevOps for Mobile Apps

    DEVOPS200.8x

  2. Architecting Distributed Cloud Applications

DEVOPS200.9x

  • Distributed cloud application fundamentals, including Why Cloud Apps?, embracing failure, orchestrators, when to split a monolith into microservices, 12-factor services, and when and how to use Containers.
  • Networking communication, including service scalability and availability, how to define/manage/version service endpoint APIs, and how to perform fault-tolerant network communication.
  • Messaging communication, including the benefits of messaging with queues and fault-tolerant message processing.
  • Versioning, Upgrading, and Configuration, including various was to version your service’s code, how to shut down a service instance gracefully, and how to configure and share secrets with a running service.
  • Data storage services, including storage service considerations, object/file storage services, relational and nonrelational databases, partitioning, replicas, eventual consistency patterns (CQRS, Event sourcing, Saga), concurrency patterns, and data schema versioning.
  • Disaster recovery, including backup/restore, recovery point and time objectives, as well as Active/Passive and Active/Active architectures.

  1. Microsoft Professional Capstone : DevOps

DEVOPS200.10x

  • Automating Infrastructure using Azure Resource Manager (ARM) Templates
  • Implementing Continuous Integration solutions
  • Implementing continuous delivery and continuous deployment solutions with Visual Studio Team Services (VSTS)
  • Implementing Testing solutions such as Unit Tests and Testing in Production
  • Implementing Application Monitoring solutions using Application Insights

50% of the grade is to pass (by 70%) in five chances two Validated labs within 120 minutes each:

Microsoft Professional Program (MPP) in DevOps provides only two attempts to complete labs using PartsUnlimited sample reposistories.

1: Continuous Integration with Azure DevOps

  • At https://visualstudio.microsoft.com/ Create a Azure DevOps account, a new Azure DevOps team project, and a personal access token
  • Setting up repo in Azure DevOps
  • Setting up continuous integration in Azure DevOps

2: Continuous Deployment

  • Modify the CI build to include ARM Templates to be used for deployment to Azure
  • Create an Service Principle Name service Endpoint to allow you deploy to your subscription in Azure
  • Create release Definition > Deploy Infrastructure
  • Create release Definition > Publish PU App to Deployed Azure App Service Infrastructure
  • Create release Definition > Clone Dev Environment to Staging and Production
  • Verify release Definition Deployment

Social Media around Azure DevOps

Issues with MicrosoftDocs are reported as issues within
https://github.com/MicrosoftDocs/feedback/issues.

Sign into aka.ms/AzureDevOpsForum = Developer Community Problems and Features (Active Newest Votes)

Twitter: @AzureDevOps

aka.ms/DevOpsBlog

Podcasts:

DevOps Interviews

The DevOps Lab

LinkedIn?

Azure’s Partners

In addition to Marketplace developers:

https://projectum.com/technologies/microsoft-azure-devops/

https://www.telerik.com/blogs/microsoft-azure-devops-what-you-need-to-know

https://www.preemptive.com/blog/article/1055-automating-and-scaling-app-protection-with-azure-devops/90-dotfuscator

https://www.mobilize.net/blog/vbuc-azure-devops

Independents

YOUTUBE: Intro to Azure DevOps - Source Control, CI/CD, Automation, and more Dec 17, 2018 by IAmTimCorey

https://medium.com/devops-cloud-it-career/microsoft-azure-devops-start-here-10c46efa4a76

References

Test Driven Development in Visual Studio - An environment for practicing Kent Beck style TDD [F.I.R.S.T. Unit Tests, fast builds, No Mocks, Hexagonal architecture] Open source alternative to nCrunch

The Salt platform at https://github.com/saltstack/salt comes with different components such as Salt Masters, Salt Minions, Top Files, and Salt Cloud. Its axis: Remote execution Configuration automation Cloud control Event-driven orchestration See https://www.microsoft.com/developerblog/2017/05/09/provision-configure-infrastructure-azure-using-saltstack/

https://devops.com/devops-help-hinder-compliance/

https://www.youtube.com/watch?v=Bo_84yKsxuc

Configuring and Operating Microsoft Azure Stack (INF240x) 25-30 hour enrollment closed on 6/25/19.

https://testingindevops.org/

Coursera guided project: Executing Selenium Test Automation With Azure DevOps

References:

https://www.youtube.com/watch?v=VNHmX8_McqI Watch Me Code - Debugging a Broken DevOps Pipeline

More on DevOps

This is one of a series on DevOps:

  1. DevOps_2.0
  2. ci-cd (Continuous Integration and Continuous Delivery)
  3. User Stories for DevOps
  4. Enterprise Software)

  5. Git and GitHub vs File Archival
  6. Git Commands and Statuses
  7. Git Commit, Tag, Push
  8. Git Utilities
  9. Data Security GitHub
  10. GitHub API
  11. TFS vs. GitHub

  12. Choices for DevOps Technologies
  13. Pulumi Infrastructure as Code (IaC)
  14. Java DevOps Workflow
  15. Okta for SSO & MFA

  16. AWS DevOps (CodeCommit, CodePipeline, CodeDeploy)
  17. AWS server deployment options
  18. AWS Load Balancers

  19. Cloud services comparisons (across vendors)
  20. Cloud regions (across vendors)
  21. AWS Virtual Private Cloud

  22. Azure Cloud Onramp (Subscriptions, Portal GUI, CLI)
  23. Azure Certifications
  24. Azure Cloud

  25. Azure Cloud Powershell
  26. Bash Windows using Microsoft’s WSL (Windows Subsystem for Linux)
  27. Azure KSQL (Kusto Query Language) for Azure Monitor, etc.

  28. Azure Networking
  29. Azure Storage
  30. Azure Compute
  31. Azure Monitoring

  32. Digital Ocean
  33. Cloud Foundry

  34. Packer automation to build Vagrant images
  35. Terraform multi-cloud provisioning automation
  36. Hashicorp Vault and Consul to generate and hold secrets

  37. Powershell Ecosystem
  38. Powershell on MacOS
  39. Powershell Desired System Configuration

  40. Jenkins Server Setup
  41. Jenkins Plug-ins
  42. Jenkins Freestyle jobs
  43. Jenkins2 Pipeline jobs using Groovy code in Jenkinsfile

  44. Docker (Glossary, Ecosystem, Certification)
  45. Make Makefile for Docker
  46. Docker Setup and run Bash shell script
  47. Bash coding
  48. Docker Setup
  49. Dockerize apps
  50. Docker Registry

  51. Maven on MacOSX

  52. Ansible

  53. MySQL Setup

  54. SonarQube & SonarSource static code scan

  55. API Management Microsoft
  56. API Management Amazon

  57. Scenarios for load
  58. Chaos Engineering

More about Azure

This is one of a series about Azure cloud: