Episodes
-
On this episode of the ObjectSharp podcast, JR chats with Centrilogic's Cybersecurity Practice VP, Steven Cohen, about looking holistically at organizational cybersecurity practices - which becomes even more important when expanding into the Cloud. Plus: Steven shares how to keep up with the constantly evolving nature of cybersecurity.
-
On this episode of the ObjectSharp podcast, JR chats with Dave Judd and Rob Burger about data and the Cloud. Plus: Dave and Rob share their go-to approaches for sending data to and storing data in the Cloud.
-
Episodes manquant?
-
On this episode of the ObjectSharp Podcast, JR chats with Gui Martins, one of ObjectSharp’s consultants focused on Cloud, about GitOps – what it is, what it’s not, and how to get started. Plus: Gui shares a few things he learned about GitOps the hard way.
-
JR chats with ObjectSharp’s Cloud Practice Lead, Shane Castle, and Principal Cloud Architect Vineet Sharma, about the journey to the Cloud from a security perspective. Plus: Shane and Vineet share where to go to upskill on security in the cloud.
-
On this episode of the ObjectSharp Podcast, JR chats with ObjectSharp coaches Daniela Veljkovic and Diane Dale about what it takes to increase adoption of change within a team, department, or an entire organization. Plus: Daniela, Diane, and JR share their advice on how to personally work through change.
-
JR chats with ObjectSharp’s app dev lead Dave Judd about Microsoft’s latest open-source web framework, Blazor. Plus: Dave shares his thoughts on the developer experience for both .NET and React/Angular developers.
-
On this episode of the ObjectSharp Podcast, JR gets ObjectSharp’s resident Power Platform expert Mike Walker’s advice on how to decide whether to build a solution on the Power Platform or use .NET. Plus: Mike shares the lesson he learned as he was ramping up on the Power Platform and what helped him accelerate his learning of the platform.
-
On this episode of the podcast, JR chats with ObjectSharp's DevOps champion, Jeff Zado, about what's buzzing in the world of DevOps today. Plus: Jeff talks about why listening before solutioning is critical for an organization's success with DevOps.
-
On this episode of the podcast, JR chats with ObjectSharp Agile Coaches Diane Dale, Matt Wilks, and Ryan Goncalves about some tools and team traditions that they are seeing helping teams to work effectively remotely. Plus: Diane, Matt, and Ryan share some personal shifts that could make a difference when working on a remote team.
-
Jeff Zado chats with Mike Green, CEO of ObjectSharp, and Robert Offley, CEO of CentriLogic about CentriLogic's acquisition of ObjectSharp and what it means for ObjectSharp's customers.
-
This month we talk with ObjectSharp UX Practice Lead Al Sajoo about user experience and design-driven digital transformation. We talk with Al about the core principles of UX, where it fits into the Agile software development lifecycle, how good UX unlocks value and opportunities for businesses they may not have previously considered, and some of the tools and processes software and product teams should be considering today to improve their UX and design-led transformation.
Minutes
0:15 - Intro to the show1:00 - Nick and Jeff welcome ObjectSharp UX Practice Lead Al Sajoo to the show1:40 - Jeff provides a background on ObjectSharp and how UX fits into ObjectSharp’s end-to-end digital transformation services 3:30 - Al Sajoo introduces himself. He talks about his background as a developer, his movement into design, and his passion for helping humans succeed with software05:15 - Al and Nick dive a bit deeper on Al’s background as a developer and how his knowledge of engineering and the challenges engineers face helps inform his UX practice07:00 - Jeff and Al talk about UX generally and where it’s relevant throughout the software development lifecycle. Al talks about design discoveries: not about gathering requirements, but rather gathering expectations - understanding the expectations of the user. It’s not about designing and going away; there’s an “Agile” component to it. Good UX designs occur throughout the product / software development lifecycle, in sprints, keeping ahead of developers by 1-2 sprints. With design sprints, the biggest benefit of this design-first approach is that companies are less likely to burn engineering resources on features or products that end users don’t care about or don’t help them succeed.12:00 - Al talks about the problem solving element to UX: the solving of actual business problems, and the toolkit and processes he uses to solve those problems13:35 - Al talks about the importance of listening over opinions15:00 - Al talks about how newer tooling like Adobe XD assists with improving both his design and prototyping velocity as well as the velocity of the product / engineering teams he works with18:00 - Jeff talks about the business benefit of getting feedback from users up front on prototypes well before committing engineering resources to building things that may not add value19:00 - Al talks about how prototyping on his most recent project also helped surface challenges and opportunities that weren’t visible prior to prototyping21:00 - Al talks about design systems and the importance of not relying on just bootstrap and material: can provide a base framework, but not a silver bullet and need to be thinking about whether what’s in the framework actually solves the user’s problems22:30 - Al talks about the importance of accessibility in his work, and the importance of ensuring that applications and user interfaces are built for enabling everyone, particularly since the arrival of the Accessibility for Ontarians with Disabilities Act (AODA) in Ontario25:00 - Nick talks about the complexity for UI developers brought about by accessibility requirements, and how having a UX expert like Al on his team really helps address those issues ahead of time and ensures accessibility isn’t just an afterthought27:00 - Al discusses some of his recent projects and what’s exciting him lately, particularly redesigning complex internal enterprise business processes and mobile app design29:30 - Jeff asks Al about his top recommendations for people considering digital transformation or a new software / product project30:00 - Al talks about the importance of hiring actual UX designers to do UX, as a dedicated resource to work on design / experience issues34:00 - Al talks about the difference between “pixel perfect” designs vs “experience perfect” interactions, and how a good UX resource should be able to provide both37:00 - Al talks about the balancing act of designing products for multiple age demographics38:00 - If you’re looking for assistance with UX design, whether for a greenfield application or as part of an existing digital transformation, Nick tells you how to get in touch with ObjectSharp: online at https://objectsharp.com, on LinkedIn at https://www.linkedin.com/company/objectsharp-consulting/ and on Twitter at https://twitter.com/ObjectSharpLinks
ObjectSharpObjectSharp’s seminar on UX Design for Managers and Team Leads: How to Delight your UsersAl Sajoo (LinkedIn)Jeff Zado (LinkedIn)Adobe XDAccessibility for Ontarians with Disabilities Act (AODA) -
This month we’re talking about cloud native data strategy, the unique features of Azure Cosmos DB, and what's new and exciting with Microsoft's cloud native NoSQL database offering in 2020. We're joined by special guests Dave Judd, Application Development Practice Lead at ObjectSharp, and Mark Brown, Principal Program Manager at Microsoft for Cosmos DB.
Minutes
0:15 - Intro to the show1:13 - Dave Judd introduces himself to the show and his work as Application Development Practice Lead1:45 - Mark Brown introduces himself to the show and his work at Microsoft as Principal Program Manager for Cosmos DB3:07 - Jeff kicks off discussion on the background of what is Cosmos DB: what it is, why it’s important3:50 - Mark Brown describes Cosmos DB - a NoSQL data store built on and for Azure - and what sets it apart: it’s a NoSQL database with all of the benefits that come with that (schema agnostic, multi-model - supports a number of APIs); horizontally partitioned (scale out vs scale up); fully managed (provision an account in the portal or using a script or ARM template, set throughput, and you’re up and running). Main use cases are high availability and global distribution; Azure can replicate your data globally, allowing seamless failover to other regions if needed; Azure also provides an SLA on latency, with a guarantee of less than 10 ms. It’s the only data service in Azure with 5 9s of availability. A great solution for customers that need low latency and / or high resiliency.7:15 - Dave Judd talks about why Cosmos DB has become such a preference for the work he’s been doing at ObjectSharp for its clients, namely: ease of use, incredibly low latency and performance, and global replication allows for better performance for users everywhere - bringing the data closer to the end-user for faster round-tripping09:20 - Dave Judd talks about using the Cosmos DB Change Feed to allow streaming of data into other places for reporting and analytics09:50 - Mark Brown talks about customers using Cosmos DB as a cache10:00 - Jeff discusses the practical significance of Cosmos DB - how it solves real business problems and architectures and is simple to adopt, and not just tech for tech’s sake11:07 - Dave Judd comments on the barrier to entry being small, unless you’re not used to working with NoSQL, but notes that the multiple APIs available make the barriers to entry even smaller, depending on your background12:48 - Mark Brown talks about the Mongo DB support on Cosmos and efforts to make the Mongo experience on Cosmos DB even better13:25 - Nick asks Mark Brown to talk about what’s new and exciting for Cosmos DB in 2020, and announcements that were made at Microsoft Ignite 202014:00 - Mark Brown discusses “auto pilot” - Cosmos DB’s new autoscale capability - solves the problem of not knowing how much throughput to provision for their database (e.g. spikes in traffic hitting an app or site). Auto pilot is available in preview. Customers can set maximum level of throughput for their container, and Azure will auto scale up and down as required. Mark notes that this is important not just for traffic spikes but also testing.17:00 - Dave Judd talks about how ObjectSharp has written its own auto scale technology for its clients historically, and how this now will save time to be able to use Microsoft’s solution18:00 - Mark Brown talks about Azure Synapse - Microsoft’s next generation data warehouse solution. The vision is to use Cosmos with Synapse to get operational data and do analytics out of the Synapse portal. Any time you ingest or write data into Cosmos, they will automatically ETL that and you can write queries using Spark to assess your analytics in Synapse. Don’t need to create your own pipelines anymore.20:23 - Mark Brown talks about Notebooks support - which you can use to do analytics all within Cosmos20:57 - Mark Brown talks about bulk operations support in v 3.0 of the SDK. Before you used to have to use a different library, but now it’s built into the SDK.21:30 - Mark Brown talks about the Cosmos DB’s team work on private endpoints and their relevance for data protection and security of your data in the Azure Cloud, preventing data exfiltration by ensuring everything is on private IPs.23:00 - Jeff and Mark Brown talk about customer success stories involving Cosmos DB, real world examples. Mark notes that Cosmos is very effective in microservice architectures because of its change feed. You can subscribe to the change feed using Azure Functions and the Cosmos bindings. Makes it super easy to set up a pub/sub, asynchronous, event-driven architecture, which is important for use cases in IoT and retail.26:40 - Jeff talks about the relevance of Cosmos DB not just for big companies but also smaller companies that want to use modern cloud native architecture to succeed27:00 - Dave Judd talks about ObjectSharp’s use of Cosmos DB and its change feed for client projects.28:00 - Dave Judd talks about his work on a project for a global mining company, and how he’s using Cosmos DB to give the company real-time visibility into data coming from many disparate sources (e.g. IoT, etc.) so that it can better plan and make decisions. Cosmos DB plays an important role because of its global replication capabilities, which allow the data to be replicated and delivered quickly to end-users at multiple locations around the world, with low latency.Links
ObjectSharpObjectSharp’s seminar on building modern Serverless applicationsCosmos DBMark Brown (@markjbrown)Dave Judd (LinkedIn)Jeff Zado (LinkedIn)What’s the latest in Azure Cosmos DB (YouTube, from Microsoft Ignite) -
Happy holidays! This month, Jeff and Nick sit down with Dave Judd, ObjectSharp's App Dev Practice Lead, and Shane Castle, ObjectSharp's Cloud Practice Lead. They discuss the year that was in cloud-first application development in 2019 ,and look ahead to 2020 for predictions on where cloud-first software development will be going and what it means for businesses looking to grow and scale with software in the New Year.
Minutes
0:30 - Introduction to the show - looking at the year that was and the year ahead in tech and cloud-first software development01:54 - Dave Judd introduces himself 02:09 - Shane Castle introduces himself03:10 - Nick provides a quick description of ObjectSharp and the podcast04:10 - Nick and Jeff kick things off, talking about Microsoft Cosmos DB and asking Dave and Shane what their views are on Cosmos DB and how they have changed over the course of the year05:18 - Dave Judd talks about how 4-5 of the projects he worked on this year used Cosmos DB, which killed a lot of ORM code and helped his teams move faster. Dave notes that a lot of enterprise customers are familiar and used to SQL, but increasingly teams are starting to use a hybrid model - using Cosmos DB to do fast, real-time data replication in multiple regions but then using Azure Data Factory to move data into SQL for BI and reporting. Using the tech is great, and the new SDK is also awesome.07:20 - Dave Judd talks about pricing with Cosmos DB. Recent changes have made the technology much more affordable with shared pricing and scale. He notes that one of ObjectSharp’s clients that use Cosmos DB heavily have only a bill of $40 / month. Implemented correctly, it can be very cost-competitive. Dave Judd discusses a couple of strategies companies can use to reduce their Cosmos DB costs.10:10 - Shane Castle talks about cloud security and comments on Cosmos DB: when people understand they can go to an active-active architecture, they also understand they can remove costs associated with older disaster recovery (DR) strategies and remove downtime. Shane thinks Cosmos DB will become even more popular in 2020.11:10 - Shane Castle dives deeper on the issue of cybersecurity in the cloud, a big theme from 2019. He talks about the importance of encryption and access control, as well as the ongoing monitoring of those. Shane talks about Azure Security Center.11:55 - Dave talks about how security and privacy by design - privacy-first development - is now becoming standard practice not only for software developers like ObjectSharp but also its clients. Customers are increasingly demanding architectures that are well designed in terms of privacy and security from the outset, not simply as an afterthought.12:30 - Dave talks about a unique project ObjectSharp took on this year which involved encryption of data on-prem before the data was stored in the cloud and then re-encrypted, with a unique key management solution.13:30 - Jeff asks Dave and Shane to talk about containerization with Docker and Kubernetes - what’s the story for 2019?14:00 - Shane talks about the rise of Kubernetes (k8s) and the decline of Docker the company but the rise of Docker the format14:40 - Shane and Nick talk about the work of ObjectSharp Consultant Gui Martins, whose work for Finastra led to ObjectSharp winning a Microsoft Impact Award for Application Innovation in FinTech17:40 - Jeff notes that a number of companies are choosing not to lift and shift but rather to move quickly to PaaS services and asks Dave and Shane to comment18:20 - Shane notes that once the guardrails of security are in place, kubernetes gives you a much greater advantage - there’s no waste, no idle infrastructure. Simply lifting and shifting doesn’t make your app a “cloud” app. You can leave what you have, and build your new stuff in the cloud, and gain the cost advantages of cloud services that are based on a consumption model. If your new feature is not popular, you won’t pay for it. 21:00 - Dave talks about a PoC ObjectSharp did for a government agency that first involved a lift and shift. It didn’t fundamentally alter the nature - and slow performance - of the application. But when the team started taking advantage of cloud-native technologies and tooling - and scaling out horizontally - they could measure the cost in nickels vs. hundreds of thousands of dollars in capital expenditures. Part of this was due to the fact that the cloud-based solution also reduced compute time from several hours to mere minutes. So not only was it totally faster than the existing application, it ended up being insanely cheaper too.23:50 - Shane talks about Microsoft API Management - a very popular topic and technology in 2019 - digitizing the business, leveraging the data that businesses have for stakeholders internally and externally 25:40 - Dave talks about the importance of security and throttling control, and how Azure API Management helps make that a much simpler process26:40 - Nick derails the entire episode into a diversion about KFC’s recipe as a GET endpoint28:05 - The team moves from looking at 2019 to trends in 2020 - big themes and predictions28:55 - Shane talks about Azure Arc: a single tool / cloud management system from which you can deploy resources to multiple environments / cloud providers (AWS, Google, IBM, and even on-prem) - you can use ARM templates to provision to all of those environments. Amazon SSO now integrates with Azure AD, so you can domain join resources into Azure. 30:30 - Nick asks what kinds of businesses should be thinking about Azure Arc.32:30 - Jeff talks about the issues customers still have with managing multiple clouds33:50 - Shane talks about Blazor and .NET 5.34:24 - Dave talks about the evolution of .NET Core to .NET 5.36:00 - Dave talks about Blazor and explains what it is: effectively .NET running in the browser, compiled and running in Web Assembly (WASM). This means C# developers can ship their code to the browser and run it there. And Blazor has brought back a better component model to .NET that has been missing for a long time. 37:40 - Dave notes that they will not be porting Web Forms to .NET Core: teams will have to replace their Web Forms applications with Blazor applications. Dave thinks this will be big in 2020.38:00 - Jeff asks the team to comment on the business value of Blazor. When is it an advantage from a business perspective?38:20 - Dave answers Jeff’s question with a real world example of some advanced work that ObjectSharp is doing now for one of its clients that needs complex calculations done extremely fast and in an environment where network speeds are slow and unstable. Writing the advanced computation and algorithms in Blazor and shipping that to the browser avoids the front-end React application having to make round trip network calls to the server, making the application lightning fast. Further, by moving compute to the browser, it saves cloud compute costs as well.40:00 - Shane talks about Angular and React, but now with Web Assembly, C# developers can do more work in the browser. Shane thinks this will change the stacks that teams are using and have a big impact on JavaScript.43:00 - Dave talks about the importance / relevance of Blazor for teams that haven’t even moved to JavaScript are still on web forms44:00 - Nick talks about Figma and their use of WASM and their own Web GL based rendering engine to create highly performant experiences for UX designers in the browser45:50 - Dave and Shane suggest that in 2020 we’ll start seeing new UI frameworks emerge that transcend the DOM47:00 - OutroLinks
IMPACT: ObjectSharp Wins 2019 Microsoft IMPACT Award for Application Innovation in FinTechThe first ObjectSharp podcast on Cosmos DBObjectSharp's Podcast with Gui Martins on Docker and KubernetesDevSecOps and Security-Driven Development with Azure Security CenterEverything you wanted to know about Azure API Management in 20 minutesAzure ArcBlazor: Build Client Web Apps with C# -
This month we’re talking with Shane Castle, ObjectSharp's Cloud Practice Lead, all about Azure API Management, a scalable, multi-cloud API management platform for securing, publishing, and analyzing APIs. Listen and learn how companies are transforming their businesses by leveraging API Management to publish APIs to external, partner, and employee developers securely and at scale.
Minutes
1:10 - Intro to the show - this episode on Azure API Management1:55 - Shane introduces himself to listeners2:50 - Nick provides a background on ObjectSharp and 4:00 - Jeff and Shane talk about what API Management is and why people should care4:21 - API Management is all about exposing core business functions as a set of APIs to allow for automation of processes, either externally or internally within your business / organization5:00 - Shane compares API Management with previous point-to-point integrations that historically were more brittle than what’s possible with API Management today5:46 - Jeff asks Shane about how API Management is used to manage service levels6:25 - Shane talks about ObjectSharp’s experience in FinTech - the kinds of APIs that financial services companies want to build - and how they can be managed, monitored and versioned with Azure API Management7:40 - Jeff and Shane talk about whether this is just for new development or also for exposing APIs for legacy systems, with examples 9:40 - Nick asks Shane to delve deeper into the functionality that is made available via API Management, starting with monitoring 9:55 - Shane talks about Azure Monitor, Application Insights, etc. and the monitoring story that is available with API Management - including the ability to throttle API “products” with performance levels - if there’s an error, you can quickly diagnose it11:25 - Nick and Shane talk about how companies might use API Management to “productize” certain aspects of their business, and control the performance via throttling, etc.12:39 - Shane make analogy to brick and mortar economy - need to make sure the API is up and giving a good user experience - provides examples of online booking, exposing list of services to partner companies, etc. - makes it an exciting time to accelerate business with API Management14:00 - Nick and Shane talk about the developer story in addition to the business story of API Management - API Management exposes Open API / Swagger 2 definition - exposes pages with complete documentation on how to use and consume your API, and also provides a mock API framework for developers for testing, etc.17:00 - Nick asks Shane to talk about the kind of work he’s doing these days in the real world with companies in this space with API Management 17:25 - Shane talks about how he works with clients first on the overall business strategy of API development: who’s the audience, who are the consumers; on security and governance, because it’s critically important that be done right from the outset; and then the actual dev work in terms of application development and devops19:25 - Shane talks about common patterns: (1) synchronous APIs - for transactions that have to happen immediately; (2) asynchronous transactions; and (3) batch API processes, where we’re moving large amounts of data through these APIs. ObjectSharp helps map business to these patterns and then implementing technically the APIs themselves.20:43 - Reality check - Jeff talks to Shane about hurdles that might occur in practice when getting started with API Management. Shane talks about both business and technical challenges, including change management required to be ready for a potential large transaction level made possible with APIs, and technically being able to monitor and respond to APIs once they are live.22:50 - Shane talks about the cloud adoption strategy which goes hand in hand with an API strategy - you need to think cohesively about these so that there’s no infrastructure waste or idle infrastructure - API management is an important part of your digital transformation strategy that shouldn’t be thought of in isolation -
In this episode, we chat with Kristie LaPlante, Senior Cloud Consultant with ObjectSharp, and Shane Castle, ObjectSharp's Cloud Practice Lead, all about Azure Data Factory and how teams can leverage its power to transform and relocate data at scale, and what benefits this provides teams whether they are working on big data warehouses or data lakes, or simply looking to move formerly on-prem data into the cloud in a fast and efficient way.
Minutes0:00 - Introduction to today's show with Kristie LaPlante and Shane Castle2:15 - Kristie LaPlante, Senior Consultant ObjectSharp's resident Data Factory expert, introduces herself3:09 - Shane Castle, Cloud Practice Lead at ObjectSharp, introduces himself4:09 - Kristie explains what Azure Data Factory is, what it does, what it can be used for5:40 - Kristie and Jeff talk about how Azure Data Factory interfaces with traditional on-premise solutions6:17 - Kristie talks about SSIS (SQL Integration Services), and how investments in SSIS can be leveraged with newer solutions and technologies available in Azure Data Factory8:15 - Kristie and Jeff discuss why Azure Data Factory is becoming so popular today, even for companies who aren't doing big data10:30 - Shane talks about the importance of Azure Data Factory being PaaS; don't have to focus on the management of things like SSIS as you did historically, and the pricing is based on active data flows, allowing you to better manage cost by only paying for when things are being done12:14 - Kristie and Shane discuss the monitoring capabilities and built-in logging in Azure Data Factory13:40 - Shane talks about pipeline runs, and the set of telemetry that comes with Azure Data Factory in Azure Monitor, and the in-built dashboards that make it very easy to see what's going in with your data15:40 - Kristie discusses examples of how she and the teams she works with are using Azure Data Factory in the real world, such as transformations into and out of big data lakes, and moving data from Oracle on-prem to Azure SQL storage20:25 - Reality check: Kristie talks about the challenges she's seen with teams who are starting their journey with Azure Data Factory, including their use of Azure Data Bricks23:20 - Shane talks about his practical tips for teams using Azure Data Factory, including when to use it as the right tool for the problem you are trying to solve vs other tools, matching the right Azure services to the requirements of your project24:50 - Conclusion and outro -
In this episode, we chat with Shane Castle, ObjectSharp's Cloud Practice Lead, and Ahmad Harb, Senior Cloud Consultant with ObjectSharp, about the changing role of security with cloud-native and serverless architectures. Shane and Ahmad help us unpack the "buzzword" of DevSecOps, think about the role of security in modern software development, introduce us to tooling in Azure Security Center, and give us practical advice and guidance on how to get started with security driven development right now.
Minutes00:30 - Introduction to today’s show on Azure DevOps with guests Dave Lloyd and Martin Woodward3:15- Shane Castle, ObjectSharp Cloud Practice Lead - and Ahmad Harb, Senior Cloud Consultant - introduce themselves.4:40 - Jeff asks Ahmad to discuss what “DevSecOps” is and why it's such a popular buzzword these days5:00 - Ahmad Harb talks about how DevSecOps up-fronts security to the considerations around building applications so it’s less of an afterthought in the software development lifecycle6:16 - Jeff asks Ahmad why the notion of “DevSecOps” is such a strong focus today vs 5 years ago6:40- Ahmad talks about the importance of privacy post-GDPR, and the importance of security for privacy - can’t have privacy without security. Data breaches are increasingly an issue. You have to bake security into your process at the start.7:45 - Nick asks Shane to talk about what DevSecOps means in terms of the when and how security gets done, within the narrative of increasing devops and declining traditional infrastructure IT.8:30 - Shane talks about how the cloud re-wrote traditional means of software architecture. Cloud architecture is radically different - for example, with service mesh. Dev teams and ops teams are collaborating more, but security was traditionally an afterthought. The requirements of cloud software architecture today require security being part of the conversation much earlier in the conversation.11:11 - Shane talks about software development as a continuous loop, not something that has a beginning and end. And DevSecOps as the next evolution of “continuous security”.11:40 - Nick asks Ahmad and Shane to talk about the practical real world experience and what benefits teams are having with a more DevSecOps approach to application architecture, development and deployment.12:20 - Ahmad talks about how the cloud gives companies a great advantage in terms of improving velocity, but also enabling tools like password managers, key vault, etc. The tools that are being enabled by cloud providers is making it possible to build devsecops into your process.13:40 - Shane talks about the importance of encryption and also new tools for governance of applications and management of policies, a more proactive approach to security.14:30 - Jeff asks Shane and Ahmad to talk more about the tools they are using, and Azure Security Center specifically.16:00 - Shane talks about Azure Security Center. He talks also about Azure Policies and Azure Compliance Manager.18:00 - Ahmad talks about Azure Security Center, with some real world examples of how he’s using it to improve application security with clients.20:50 - Jeff asks Ahmad about “the score” in Azure Security Center.21:30 - Jeff and Shane talk about how new these tools are, and how fast new tooling is emerging. Shane advises companies to know their score as a starting point, so they can get a baseline, and then work on remediation items from there. Shane talks about the daily scanning done by Microsoft’s teams for Azure, and tools for ongoing security monitoring across clouds, not just Azure.24:00 - Nick talks about the difference between cloud security vs application security, and how the score / Azure Security Center allows for cross-team collaboration on managing risk.25:00 - Shane talks about continuously running PCI, SOC 1, SOC II controls and reports - how those tools make audit and collaboration around security much easier.27:00 - Nick asks Shane and Ahmad to talk about what companies should do as first steps to get started with a more devsecops approach to building and deploying software with Azure Security Center.31:30 - Shane talks about the importance of dev teams inviting someone from security to be present during architectural discussions, facilitating security driven development. -
This month we’re talking with special guests Diane Dale and Shane Castle about the people and process side of cloud-first digital transformation - how cloud-first development is reshaping software development teams and how to make your teams highly performant.
Minutes
01:00 - Introduction to today’s show on building successful Cloud-First Teams with Diane Dale and Shane Castle02:58 - Jeff Zado talks to Diane Dale and Shane Castle about cloud-first digital transformation - what the cloud means for software development and IT teams, the changing of roles, infrastructure as code, the importance of understanding the cloud platform as client-server assumptions are continuously in flux05:10 - Shane Castle talks about the idea of “infrastructure as code” and what that means for successful teams today, and why you really need good process to both manage code and the full lifecycle of that code - “infrastructure development” and managing the provisioning of the infrastructure.07:30 - Diane Dale and Shane Castle talk about common assumptions and misconceptions that development and IT teams may have when designing and implementing a cloud-first digital transformation strategy, such as viewing moving to the cloud as an “end-state” rather than viewing it as an ongoing state that needs to be continuously monitored and managed; the need to manage security, audit, etc. efficiently as the pace of product development and infrastructure provisioning increases with cloud-first automation.11:00 - Shane Castle talks specifically about security and compliance in the cloud, and how Microsoft Azure and other cloud platforms are now making it possible to automate a lot of important work that used to be done manually; how that changes processes and allows you to move resources to focusing more on the business and getting features out the door.13:00 - Diane Dale talks about team culture and how process can’t simply be “installed’ - the business needs to look at what it needs, what its current maturity level is, and designing a roadmap for not only technology but also people and processes that can allow teams to practically get where they need to be.15:00 - Diane Dale discusses Patrick Lencioni’s 5 Dysfunctions of a Team and what it means for a successful cloud-first digital transformation strategy.21:38 - Shane Castle talks about the changing role of governance, security, and risk management - and how new automated tools require thinking about proactive compliance, and how that might involve different team members than historically, which requires truly cross-functional teams.23:00 - Shane Castle talks about some of the tools and technologies that cloud-first IT or development teams are using to be successful in the cloud era, and the importance of getting visibility into what’s happening in the cloud in real time, such as: dashboarding and getting the right dashboards to the right people with tools like Grafana, Azure Cost Management - which allows you to monitor consumption against budgets, Azure Security Center. Shane talks about the importance of getting the right information to the right people at the right time, which isn’t an out of the box solution and requires strong strategy to implement well.26:25 - Diane Dale talks about how enabling better oversight of what’s happening in the cloud also empowers teams to take greater ownership of their contributions.30:00 - Jeff Zado asks what makes organizations and teams more performant than others when moving to a cloud-first strategy.31:00 - Shane Castle talks about the importance of mentoring and embedded expertise, having people on your team who have the experience with previous cloud-first digitals transformation to help guide and lead and support your organization’s change.34:00 - Wrap-up and conclusion. -
This month we're talking all about Microsoft Azure DevOps and tooling for Agile with two very special guests: Dave Lloyd (Microsoft MVP and a co-founder of ObjectSharp) and Martin Woodward (Principal GPM for Azure DevOps. Vice-President of the .NET Foundation and original creator of the Microsoft org on GitHub).
Minutes
00:30 - Introduction to today’s show on Azure DevOps with guests Dave Lloyd and Martin Woodward4:00 - Martin Woodard introduces himself. Martin talks about his history with TFS and TeamPrize, his 10 year history with Microsoft on the Azure DevOps Team, his work to create cross-platform development and bringing Git into TFS and Microsoft, and doing a lot of open source with the .NET Foundation, and his work with the GitHub team.6:50 - Jeff asks Martin to talk about “Brian the Build Bunny”, and Martin talks about how he connected his robotic IoT bunny to his CI / CD system8:30 - Dave Lloyd introduces himself, talks about his 35 year career in software, his role as a founder of ObjectSharp, his role as a Microsoft MVP9:23 - Jeff asks Martin to give a primer on Azure DevOps9:50 - Martin talks about Azure DevOps: what it is, what value it provides organizations. Martin discusses the software lifecycle and how various elements of Azure DevOps fits in to each segment of the lifecycle: Azure Repos, Azure Boards, Azure Pipelines, Azure Artifacts and Azure Test Plans12:18 - Jeff asks Martin and Dave to talk about Azure DevOps - whether it’s Microsoft only - how it fits in to what customers are doing13:00 - Dave Lloyd talks about misconceptions of Azure DevOps being “only for .NET” - it’s not. You can have IIS, Ubuntu, windows apps, linux apps. Whatever you want to build, you can use Azure DevOps for tooling - any language, any platform, any cloud.15:00 - Martin talks about the “any language, any platform” issue - he notes that they split VSTS into several discrete services like Azure Pipelines, Azure Repos, etc. Azure Pipelines is used by the Python team and the J-Unit open source teams.16:16 - Nick and Martin talk about how Azure DevOps is used to build Azure DevOps, Azure, Microsoft Windows - the Azure DevOps “inception”. Microsoft uses their own tools.17:00 - Martin talks about the advantage that comes with using the engineering tools that Microsoft uses itself - Microsoft is investing in these products because they are used internally - it’s an investment in their own engineering teams, that they also let customers use too.18:00 - Martin talks about how you can release to on-prem, AWS or Azure. The AWS extensions are built by the Amazon team themselves, similarly with the Google Cloud extensions and the Google Cloud team.19:00 - Martin talks about how with Azure DevOps you can turn certain services off. So you can use GitHub for your repos and turn that off in Azure DevOps. Similarly with subversion, etc. It’s not an all or nothing suite.19:47 - Dave Lloyd talks about how his customers are using Azure DevOps in the real world - a lot of customers use the whole suite, but some are using for select tooling.21:27 - Martin talks about Azure Cloud Shell21:50 - Nick provides a recap of the 5 components in Azure DevOps: boards, pipelines, testing, artifacts, repos. He talks about why Azure DevOps is so interesting as a tooling product coming from outside of a Microsoft Visual Studio background.23:30 - Martin talks about plugging and playing with Azure DevOps - for example, using Jenkins.23:58 - Martin’s “exclusive”- did you know the Jenkins CI product is built in Azure?!24:30 - Nick and Martin talk about the name change to Azure DevOps from Visual Studio Team Services - it’s meant to reflect the fact that Visual Studio was a distinctly Microsoft IDE but VSTS is really a set of tooling services that are beyond simply .NET or Visual Studio.26:30 - Dave Lloyd talks about GitHub and Microsoft’s acquisition of GitHub and asks Martin to talk about the integration of Azure DevOps pipelines in GitHub27:00 -Martin talks about being an open source developer on GitHub and how Microsoft is now providing free access to Azure DevOps Pipelines - you can get unlimited build minutes and 10 parallel build jobs for free. But it’s not just pipelines! The whole value of Azure DevOps is to make sure you get end-to-end traceability with your team, so Microsoft has also added Azure Boards integration with GitHub as well.29:30 - Martin talks about how GitHub issues is good for open source and how people report issues to you - good for communication with stakeholders, but it’s not a great planning tool - so some teams are using Azure Boards now to manage the planning of the doing of work while still using GitHub issues to maintain transparency and communication with stakeholders of open source repos.30:20 -Jeff and Dave Lloyd talk about what companies are doing with Azure DevOps in practice. A lot of companies still are doing right click deploy - Dave provides a PSA: friends don’t let friends do right-click deploy. Most companies when they see how easy it is to set up a CI / CD pipeline in Azure DevOps are amazed. But while it’s easy to get set up there’s so many additional features that can be added. Dave talks about adding a custom approval state for customers, etc.32:40 -Dave Lloyd talks about how some companies are still not doing Agile. He notes that so many people thought Azure DevOps was just source control, but they don’t realize there’s so much Agile and CI / CD tooling functionality in Azure DevOps. He gives an example of how builds kick off releases and mark work items as completed automatically, tagging with build numbers, etc. It’s complete integration from end-to-end, which you don’t get if you’re piecing a number of different products together.35:30 -Nick stumbles upon his own confusion with some companies still not doing Agile. He asks Dave Lloyd to talk about why some companies might not be adopting either Agile generally or Azure DevOps specifically.36:30 -Dave LLoyd distinguishes between Agile and Azure DevOps. Smaller, and tech-leading companies are Agile but there’s a lot of large enterprises that still aren’t. But that doesn’t stop people from wanting to use Azure DevOps. When they learn about it, they love it. Dave Lloyd talks about the importance of how he writes reports and uses reporting to help technical stakeholders communicate value to business stakeholders up the chain. It’s a tool for the new world - Agile - but with reporting can still be used to help teams still dealing with waterfall culture.40:18 -Dave Lloyd talks about how teams could be moving quicker if they switched to a tool like Azure DevOps. It’s a big product but it also takes care of so much for you that you spend less time bandaging together a number of different products - it takes care of tooling, and can then get out of your way, so you can focus on shipping.41:00 -Jeff and Dave Lloyd talk about migrating from on-prem TFS to Azure DevOps - it helps if you have people who have done it before but it’s not insurmountable and it’s getting easier as Microsoft improves the experience of Azure DevOps.43:30 -Martin talks about the cadence at which the Azure DevOps ships changes and updates to its product.45:00 -Martin talks about how DevOps is a journey, not a destination. He explains how the Azure DevOps team is mindful of UI patterns and how it approaches disruptive UI changes to such an important tool for many organizations.Links
Dave Lloyd on Twitter (@dlloyd)Martin Woodward on Twitter (@martinwoodward)Azure DevOpsBrian the Build Bunny!ObjectSharp -
In this episode we’re talking with ObjectSharp Principal Consultant Dave Judd all about Serverless architecture and how you can start building applications with Azure Functions and without the pain of managing infrastructure. If you've been curious about Serverless and how it fits in with discussions around microservices, this is a great episode to check out. Listen and enjoy!
Minutes
0:30 - Jeff Zado introduces the show and the topic of Serverless (PaaS) vs Microservices2:30 - Dave Judd introduces himself2:55 - Dave discusses what is meant by “serverless”3:30 - Dave discusses serverless vs. microservices / Kubernetes and when you might choose one architecture over another6:30 - Dave discusses what’s motivating a transition to serverless, including multiple language support and consumption based pricing7:00 - Dave discusses how the three major cloud vendors (Microsoft Azure, Google Cloud, AWS) are following similar patterns8:00 - Dave talks about auto-scaling on serverless platforms and global high availability that comes with PaaS10:00 - Dave compares Serverless Functions to Microservices13:20 - Dave talks about how serverless allows you to model your systems to how things actually behave in the real-world, with event-driven / reactive-based architecture14:00 - Dave discusses serverless in Azure, specifically Functions, Event Grid (and the Cloud Event Schema), and Cosmos DB16:30 - Dave talks about managing state in a serverless world18:00 - Dave, Jeff and Nick talk about fanning out thousands of functions to do massive processing in parallel, scaling just the pieces that are needed at a given time as opposed to scaling an entire application with a serverless orchestrator, granular tweaking of performance and cost20:45 - Jeff and Dave talk about performance improvements in serverless runtimes and relative speeds in spinning up functions22:00 - Dave talks about vendor lock-in and whether its potentially illusory in some cases23:00 - Nick and Dave talk about how serverless also enables cross-language collaboration on developer teams and the benefits for engineering managers24:30 - Dave compares serverless offerings on Azure to AWS and Google Cloud25:30 - Dave talks about how serverless can be used not only for new greenfield applications but also to augment older legacy or brownfield monolithic application27:30 - Dave discusses some examples of implementing serverless in the real world, specifically in the fintech sector30:32 - Jeff talks about how the example of the implementation for the fintech company enabled innovation with even better profitability and more calculated costs32:50 - Nick asks Dave to provide a reality check and Dave discusses some issues to consider when moving to a serverless architecture - because everything’s a function, there’s more to manage and consider re deployment of functions that work as a group, versioning and security35:28 - Dave also talks about observability, logging, metrics and analytics and how important that is in a serverless architecture to ensure application resiliency and debug issues that might arise -
This month we’re talking with Shane Castle and Gui Martins about Kubernetes: how it’s enabling the effective orchestration and management of cloud-first microservices and architectures like service mesh, and what that means for your business.
Minutes
0:30 - Introduction to the show0:53 - Gui Martins and Shane Castle introduce themselves1:50 - Jeff gives an overview of the podcast2:15 - Jeff introduces the topic of Microservices and Kubernetes3:00 - Shane discusses what Microservices are and why they came to be influential vs monolith approaches to applications4:14 - Shane discusses why Microservices became so popular, discussing the example of Netflix vs Blockbuster6:20 - Gui discusses the technical problems solved by Microservices with a funny analogy of pets vs. cattle - you don’t have to change everything to deliver a new service; your changes can be much smaller, which allows you to go to market faster9:30 - Gui answers a question from Jeff re the end of maintenance windows and discusses how Microservices allow for greater application resiliency because there can be multiple instances of services running simultaneously and scaled up or down on demand11:15 - Nick asks Gui and Shane to discuss the core technologies that are relevant to developing and orchestrating Microservices today given the fast pace of developments in this area12:00 - Shane discusses container technology and how it changed the game from virtual machines13:45 - Shane discusses the role that Kubernetes plays in managing Docker and other containers - it’s the operating system for multiple machines14:33 - Gui talks about the problems that Kubernetes specifically aims to solve - the publication and communication of many Microservices across regions, etc.16:15 - Gui talks about the additional layer of complexity that comes with managing Microservices with Kubernetes17:30 - Gui talks about the open source nature of Kubernetes and how all of the main cloud players are now supporting it18:22 - Shane talks about the end of the “orchestration wars” and how Kubernetes has now emerged as the clear winner20:00 - Shane and Gui discuss some of the ways companies are applying Kubernetes in the real world today21:20 - Gui talks about service mesh and general practices about moving from monolithic / SOA architectures to a service mesh architecture22:30 - Shane talks about how migration to Microservices works for most companies, specifically by Docker-izing a core application and moving it into a Kubernetes cluster23:55 - Shane talks about service mesh and mentions the comparison to Serverless architecture24:30 - Shane discusses the difference between Serverless (PaaS) and Kubernetes and why you might choose one vs the other26:00 - Shane discusses how Azure Functions are available on Kubernetes now27:00 - Shane and Nick talk about what the fact that Azure Functions are available on Kubernetes means for issues of vendor lock-in28:00 - Reality check - Nick asks the panel to discuss common pain points and stumbling blocks, etc. in working with Kubernetes and what are some strategies being used to overcome them in the real world29:00 - Gui talks about the ease of deploying through Kubernetes and how without careful management and governance of Microservices that can lead to issues with security, cost overruns, etc.32:00 - Shane talks about the issue of observability and the need for good instrumentation, metrics, analytics and dashboards32:30 - Nick and Jeff wrap up the show - Montre plus