• 8 min read

Azure.Source – Volume 59

Introducing Azure DevOps Server 2019 RC1, Azure IoT Edge security with enclaves now in public preview, What you need to know when writing hybrid applications, and more.

Now in preview

Simplifying confidential computing: Azure IoT Edge security with enclaves – Public preview

Azure IoT Edge is a fully managed service that delivers cloud intelligence locally by deploying Azure AI, Azure services, and custom logic directly on edge devices, such as gateway class devices. This post announces the cross-platform availability of the Open Enclave SDK for devices at the intelligent edge, as well as the preview of integration of Open Enclave and the Azure IoT Edge security manager. Now you can develop applications that execute in enclaves, also known as trusted applications (TA), in a way that simplifies TA development for all audiences from hardcore hardware security experts to edge and cloud software applications developers. Azure IoT Edge enables application developers to write TAs that root trust in any secure silicon TEE built on such enclaving technologies like ARM TrustZone®, Intel SGX, and embedded Secure Elements using Windows or Linux operating systems. In addition, Scalys TrustBox (expected to ship in volume in February 2019) will enable developers to prototype with production boards, providing a high-grade secure router and IoT gateway based around NXP Layerscape LS1012A networking processor that integrates hardware root of trust, cryptographic accelerators and network acceleration.

Architecture of cloud-edge consistent confidential computing framework showing where the Open Enclave API and abstraction fits in intelligent edge scenarios based on Azure IoT Edge. Open Enclave API offers the interface between TEE and a non-TEE environment commonly known as the Rich Execution Environment (REE). Underneath the Open Enclave API, adopters have the option of choosing Open Enclave SDK or an equivalent implementation from a third party offering.

News and updates

Introducing Azure DevOps Server 2019 RC1

The first release candidate (RC) of Azure DevOps Server 2019 is now available for download. Azure DevOps Server 2019 delivers the codebase of Microsoft Azure DevOps while being optimized for customers who prefer to self-host. This may be the case for some customers because they require Azure DevOps run on-premises, they require a guaranteed isolated instance of Azure DevOps, or because they want to run in regions where a hosted version of Azure DevOps is not available. Azure DevOps Server includes support for Azure SQL in addition to existing SQL Server support. With Azure DevOps Server 2019 the new release management interface is also available, making it easier than ever to see how your deployment is going. A direct upgrade to Azure DevOps Server is supported from any version of TFS, which includes Team Foundation Server 2012 and newer. Azure DevOps Server 2019 RC1 includes a go-live license making it suitable for production use today.

Screenshot of the improved Azure Pipelines interface while tracking a release to production using progressive exposure

Meet the Microsoft Azure IoT on Serverless Hackathon winners

Check out the winners of the Azure IoT on Serverless Hackathon where developers from all over the world went above and beyond and presented very helpful solutions that ranged from improving safety and security, to helping with global problems such as pollution or recycling. In first place, Clean Water AI is an IoT device that classifies and detects dangerous bacteria and harmful particles in the water, aiming to help solve the problem of people affected by contaminated water. In second place, the bSmart Diabetes Management System integrates data from both an insulin pump and a continuous glucose monitor (CGM) to predict the blood glucose level expected within the next two hours. In third place, Recycle.io uses sensors, a camera, machine learning, and cloud technologies to detect and process real time non-recyclable and non-organic waste violations to provide analytics to authorities. The popular vote from public voting chose Preventing Distracted Driving, which is a solution designed to prevent people from using specific applications such as messaging applications or social networks while driving.

Extension Host is coming to Azure Stack with the next update 1811

Announced in August, the Extension Host solution that enables you to only open one port (443) so that all requests are funneled through one port, reducing the ports that need to be opened on the firewall, and allowing customers to communicate with these end points via proxy servers. The Extension Host will be enabled in the next Azure Stack update, 1811. As noted previously, this capability requires two wildcard SSL certificates, one for the Admin portal and one for the Tenant portal.

Additional updates

Technical content

Real-time event processing with Azure Database for PostgreSQL and Event Grid integration

Most modern applications are built using events whether it is reacting to changes coming from IoT devices, responding to a new listing in a marketplace solution, or initiating business processes from customer requests. PostgreSQL is a popular open source database with rich extensibility to meet the event-based notification and distributed design needs of the modern application. Learn how PostgreSQL’s Notify functionality can send a notification event as change feed to the listener channel specified in the database. With serverless platforms in Azure such as, Azure Event Grid a fully managed serverless event routing service, Azure Functions a serverless compute engine, and Azure Logic Apps a serverless workflow orchestration engine, it is easy to perform event-based processing and workflows responding to the events in real-time.

Marketplace E-Commerce Solution flow chart

Connect devices from other IoT clouds to Azure IoT Central

This post discusses how to use the new Azure IoT Central device bridge, an open source solution in GitHub for connecting other IoT clouds to IoT Central. Whether you are using asset tracking devices hooked up to Sigfox’s Low Power Wide Area Network, or using air quality monitoring devices on the Particle Device Cloud, or using soil moisture monitoring devices on TTN, you can now directly leverage the power of IoT Central using the IoT Central device bridge. The device bridge connects other IoT clouds such as from Sigfox, Particle and The Things Network with IoT Central by forwarding the data your devices send to the other clouds through to your IoT Central app. In your IoT Central app, you can build rules and run analytics on that data, create workflows in Microsoft Flow and Azure Logic apps, export that data, and much more. This solution will provision several Azure resources into your Azure subscription that work together to transform and forward device messages through a webhook integration in Azure Functions.

Understanding health criteria in Azure Monitor for VMs

Azure Monitor for VMs evaluates a various canned set of conditions called health criteria on your VMs in near real-time and triggers an alert if any health criterion goes to a critical or warning state. You can manage the health alerts just like you manage any other alert in Azure Monitor in the Alerts pivot in the portal. While you can use Azure portal for most of the tasks related to health monitoring for VMs, there are certain properties and configurations that are only accessible through the APIs. In addition, you may want to use APIs to automate some of the tasks, which this post explores.

What you need to know when writing hybrid applications

Consistency is a fundamental pillar of Azure, no matter which region you are deploying your application to, the way you write your scripts and templates is the same. Consistency is great because it allows you to reuse knowledge and artifacts. This post will provide you with key things you should be aware of when writing your applications to target the different Azure clouds. This post includes links to a number of valuable resources for creating hybrid applications.

How to develop secure applications using Azure Cosmos DB

This post discusses how to develop secure applications using Azure Cosmos DB, which already includes several layers of security, including physical security, IP firewalls, virtual networks, and access control with keys. The post then explores a sample architecture for building a secure application. While Azure Cosmos DB will keep all your data encrypted at rest and on the wire, with virtual networks, IP Filtering, and Azure Key Vault you can built a very secure application with Azure Cosmos DB.

A flow chart for the various layers of security provided by Azure Cosmos DB

Azure shows

Qualcomm LTE for IoT SDK integrates Azure IoT | Internet of Things Show

The Qualcomm LTE for IoT SDK allows IoT device OEMs, cloud solution providers and app developers to utilize the capabilities of the MDM9206 chip for cloud support and IoT applications through easy to use APIs, and now pre-integrates full support for Azure IoT Hub. This means that in addition to allowing a simple and straight forward network connectivity for IoT devices based on their chip, Qualcomm makes it as simple to connect these devices to Azure IoT. Nagaraju Naik and Murali Bharadwaj join Olivier on the IoT Show to demo the recently announced integration.

How the Azure ML Data Prep SDK Will Make Your Life Better | AI Show

As discussed in Episode 4 data preparation can be a very time consuming and error prone part of the advanced analytics process. In this show, we look at the recently released AML data prep SDK that uses AI and ML to make the data prep process easier and faster.

How to perform data ingestion with Azure Event Hubs | Azure Makers Series

With Event Hubs, you receive data from a variety of sources, storing events reliably and durably, and allow multiple systems to quickly (and concurrently!) process your information. Azure manages your infrastructure and simplifies ingestion, so you focus on analyzing your data streams.

Thumbnail of How to perform data ingestion with Azure Event Hubs | Azure Makers Series

How to quickly roll back versions of Azure Logic Apps | Azure Tips and Tricks

Learn how you could quickly roll back to a previous version of an Azure Logic App. When working with Logic Apps inside of the Azure portal, you may need to go back to a previous version. This video shows you how to do just that.

Thumbnail from How to quickly roll back versions of Azure Logic Apps | Azure Tips and Tricks

Eric Hexter on DevOps Diagnostics – Episode 011 | Azure DevOps Podcast

Jeffrey Palermo is joined by Eric Hexter, the Chief Technology Officer of Quarterspot LASO — a fintech company that produces lending platforms using machine learning. Eric and Jeffrey talk all about DevOps Diagnostics today, running through the various categories within it, such as: system metrics, log files, air conditions, heartbeats, and data integrity checks. Eric also gives his recommendations to those new and experienced with the system — tools, resources, and services.

Events

Microsoft Connect(); 2018

Save the date to tune in online next week on December 4, 2018 for Microsoft Connect – a full day of dev-focused delight—including updates on Azure and Visual Studio, keynotes, demos, and real-time coding with experts. Whether you’re just getting started or you’ve been around the blockchain, you’ll find your people here. And it all happens online. Get comfortable, and get inspired.

Illustration promoting Microsoft Connect(); 2018 on December 4

Customers and partners

Visualize your Cosmos DB Gremlin API graph data with Linkurious enterprise

The popular graph visualization platform Linkurious Enterprise is now available for Azure Cosmos DB Gremlin API databases. On this platform you can create reports and visualizations from graph data while still leveraging full create, read, update, and delete functionality. In addition to that, the product highlights enterprise-ready features including secured access with Azure Active Directory integration. The platform only requires Gremlin server credentials to connect, and you can use Azure Search to enable full-text search.

Azure Marketplace new offers – Volume 25

The Azure Marketplace is the premier destination for all your software needs – certified and optimized to run on Azure. Find, try, purchase, and provision applications and services from hundreds of leading software providers. You can also connect with Gold and Silver Microsoft Cloud Competency partners to help your adoption of Azure. In the second half of October we published 49 new offers to the Azure Marketplace.


Azure This Week – 23 November 2018 | A Cloud Guru

This time on Azure This Week, Lars talks about the public preview of multiplayer servers with PlayFab, the preview of Azure Cognitive Services containers and he explains how you can build your own enterprise grade virtual assistant.

Thumbnail from Azure This Week - 23 November 2018 | A Cloud Guru