Azure Hybrid Cloud with Thomas Maurer

In this episode I catch up with Thomas Maurer to discuss Azure hybrid cloud scenarios and we answer a bunch of questions from a live audience.

Thomas Maurer is a Senior Cloud Advocate at Microsoft and is part of the Azure engineering team (Cloud + AI) and engage with the community and customers around the world. He's located in Switzerland, focusing on Microsoft technologies, especially cloud and datacenter solutions based on Microsoft Azure, Azure Stack and Windows Server.

• Thomas on Twitter
• Thomas' Blog
• Azure Arc for Servers
• Azure Stack

Full Transcript:

Mike Pfeiffer:
Hey everyone. Thanks for tuning in to CloudSkills FM. In this week’s episode, I’m sharing a live stream that we did just a couple of weeks ago where I interviewed Thomas Maurer from Microsoft and you’ve probably seen Thomas around. He shares lots of content. He’s a former Microsoft MVP and we had a great time answering questions on the live stream. There was lots of great content.

We talked a lot about hybrid computing, working with Azure and talking about Azure Arc, Azure Stack, a bunch of different stuff. So it’s kind of a mixed bag, lots of different content and I think that you guys will really enjoy this episode.

So with that, let’s go ahead and cut it over to the live stream interview with Thomas...

So Thomas, I know that you’re just constantly busy and stuff, so I appreciate you taking the time I’m putting you on the spot a little bit, but dude, you’re pumping out awesome content all the time. What’s new with you lately? What have you been working on?

Thomas Maurer:
Oh, thank you Mike. First of all, it’s a real pleasure to be here live with you. I remember our great talks we had at Microsoft Ignites so I’m super pumped to be here again.

Mike Pfeiffer:
Me too. It’s awesome.

Thomas Maurer:
So yeah, currently there are a couple of things we’re working on. Obviously we can imagine that we still are like this post-Ignite stuff. So technology-wise we are still doing a lot in the hybrid space with the new Azure Stack portfolio and Azure Arc. And we really keeps up right now is the Microsoft Ignite tour where we basically take some of the content we did at Microsoft Ignite in Orlando and basically go to 30 cities worldwide. Right. So last week I was in China as well as now in London. Next week I will be in Italy. So that keeps me up right now it’s Microsoft Ignite tour.

Mike Pfeiffer:
Busy guy, man. Busy guy. Awesome. So you’re always blogging about awesome stuff as well. I just shared one of your posts the other day, but you’ve been pumping out cool stuff like Azure Arc certification recommendations. What was the latest one? It was something on cloud shell, wasn’t it or something like that?

Thomas Maurer:
It could be. Yeah. Yeah. We shared something on cloud shell. I think that one was on mastering Azure cloud shell if you refer to that one. I think that was really about getting people an overview about cloud shell and what you actually can do with it. I mean, as you know, right, most of people probably just use a quickly to an SSH connection or something like that, but there’s much, much more you can do.

Mike Pfeiffer:
Yeah. So I finally got a view of the questions. This has happened to me before where we spin up a live stream and then the questions don’t show up. So I’m finally seeing everybody that’s out there, so appreciate you guys being here. Ryan Colley, thanks for showing up. Good to see you. Adeal, what’s up man? Good to see you. Antwan. Glad you’re here. Pete Goodwin. Good to see you, my friend. He’s like, “Hey, I need a pair of those headphones that Thomas has”. But yeah. So awesome. So, what do you think is the most important topic right now? Because you’re going on tour talking about lots of stuff about Azure. What are customers talking about, asking you about and what do you think will be good for the folks in the comments here on LinkedIn.

Thomas Maurer:
Yep. So there’s obviously a ton of things going on depending on which space you’re in, right. We launched a synapse and Azure Arc. And much, much more. But what I realize right now is not just talking about a specific technology. It’s really about, I realized that a lot of companies are now starting to move and a lot of people who actually worked before in that company, they did network administration, storage administration, virtualization, you name it, right? And they are super interested in what is the next step going to be for me? What am I actually going to do? And I see a lot of people thinking, okay, if I’m not a developer, the cloud is not really for me. Right. There’s nothing to do maybe or something like that. And then you start showing them governance and ultimation and all that. And then they realize, oops, there’s much, much more to do than I thought it would be. Right.

Mike Pfeiffer:
Governance stuff man gets people. Right?

Thomas Maurer:
Yep. Yep.

Mike Pfeiffer:
Tough to get that right. And it’s kind of like people start with that and then kind of mess it up sometimes because they’re not thinking about it. Sorry to cut you off there, but I wanted to jump in because that one is massive.

Thomas Maurer:
Yeah. No. No. No. Absolutely fine. I completely agree. I couldn’t agree more. There’s also one of the sessions we are doing at the Ignite tour, one is about governance, there are more, but one specific one is about governance and we have so many questions and so many people who want to know more about it because a lot of people don’t even realize it. As you said, they probably start and they don’t even think about this stuff, right. And then they end up if that cloud sprawl and they have servers or just resources everywhere and the cost explodes as well as they have security concerns and so on. And then you need to go and clean that up. So I’d highly recommend that customers have to look at this first and then then basically start to leverage to cloud as well.

Mike Pfeiffer:
And a lot of times they get in there and nothing’s tagged. There’s no naming convention thought about. So a lot of the stuff you guys have in the cloud adoption framework, if you follow that from the beginning will help you with that. But most people just like to dive in right to the deep end of the pool. But you’ve got to kind of pull back on that a little bit and do it right.

Thomas Maurer:
Yeah. Which I think is understandable, right? I mean you see probably a lot, but like if I got started, my first day, I was well not thinking at all about all those things, right? They’re like, “Oh, I’m happy to do that networking works.” “I’m happy that all my my resources are there”. And then I was also figuring out, okay, which resources do I actually use? Right. And then you’re in that state, so I really enjoy how we actually get a little bit more mature tools to do that. Especially for example, I like our cost management involved in the last couple of iterations. So you do a lot I guess with policies and stuff like that?

Mike Pfeiffer:
Yeah. So we’ve been getting more into it lately and especially doing lots with arm templates lately. I know that everybody, well not everybody, but there’s a lot of people that have been complaining about the expressiveness of the JSON arm templates and I was talking about this with somebody this morning that when you start building custom policies and Azure policy and you’re going to do blueprints and you’re going to do arm templates, right now JSON’s part of the process, right? So you start small and kind of navigate it that way. It’s easier to start to absorb the material. But yeah man. And the other thing is you’re getting some serious love from the community right now about those surface headphones.

Mike Pfeiffer:
But yeah, that’s something that we’ve been working on a little bit. I’ve got some plans hopefully in our community to start building some content around just resources people can use, much like you guys put out in the reference architecture center. And things where I said, Hey, here’s some guidance, but here’s an arm template and some automation that goes with it. So I think continuing to piggyback on what you guys are doing to give customers assets that are usable to get them going is important. That’s an easy community work. Well, not easy, but it’s a community effort that anybody could get into. And you know that as a former MVP, before you worked at Microsoft, you were a big MVP, constantly pumping out content. Right? So the big opportunity for anybody to share what they’re learning in this cloud journey, right?

Thomas Maurer:
Oh absolutely. I think that what you just said is pure gold. Especially when you can take learnings from real companies and real world scenarios and you can basically put them together and share that back with the community. This will not just help another customer or another person. But it would also help yourself, right? First of all, you get recognition for it, not just from Microsoft but also in the community. And I think people don’t forget who creates that stuff. And I think that’s where there are a lot of people who learn that they are great experts out there, but a lot of them don’t share the knowledge really. So they don’t get really the benefit of all of that.

Thomas Maurer:
And it’s funny you bring that up because we had huge discussions before I turned Microsoft in other companies where if we share all that knowledge then people could just copy us. Right? But I always tell people, look, at the point you share that knowledge and to give it out to the community and someone else picks it up. You’re already on the next level, right? You’re already going for the next thing. So there’s no way this harms usually.

Mike Pfeiffer:
I couldn’t echo that anymore. Underline that. So true. And what you guys are doing with your open source commitment speaks to that. From the organization perspective, you guys are really giving a lot and it’s showing up. You could just see it in the community. If people are responding to that, there’s been massive amount of open source effort from your teams. In fact, I’ve mentioned this in a couple of episodes, but I was talking to somebody about two months ago and he was blown away by the interaction that he was able to achieve through GitHub issues with folks on your engineering teams

Thomas Maurer:
Yeah. And again you read my mind on certain things because it’s so funny, we had a team call I think yesterday, I’m sorry. I’m really bad with the time zones right now. But our team came together, we are now in Donovan Brown’s organization and so we had this call and I just watched a recording this morning and that came up and we came up with that skid up thing, the scenario where a customer can go out to get up and open an issue and then have direct conversation with the engineer actually works on that. This is something really important for us, right? This really speeds up the whole process. And also for customer it’s like, “Hey, they are actually listening”. It makes it more visible. Right. In terms of the old way, which is absolutely okay, when you share feedback with us or share feedback on user voice and all that, we are listening to all of that, but however it can take a while until you see the results of sharing that feedback. When you’re on Getup and sharing that, you basically have very fast responses. Right.

Mike Pfeiffer:
Right. Yeah. It’s amazing. And there’s been a couple of times where I’ve just filed issues for documentation and stuff and sometimes it’s quicker than others. But the biggest point that you mentioned is Microsoft’s listening to customers at a deeper level than before. I mean it’s not like they never used to, but it’s deeper than it used to be. In the comments on the live stream, I appreciate everybody being here. Raja, what’s up? Jeff Brown’s in the house. Good to see you, Stephen. Thanks for showing up. But there was a question. I want to get back to it. I got to scroll up a little bit. Somebody was, Oh yeah, it was BJ, what’s up BJ, can you talk a bit more about blueprints? So we might be jumping ahead of ourselves, assuming everybody knows what that is. What is it, Thomas?

Thomas Maurer:
So imagine that we have, well first of all we probably need to outline a little bit. So in the Azure world we have a layout of subscriptions where we actually can deploy things and you have basically that boundary which closes things off. And so you build a structure in your company or your organization where we have probably different subscriptions for teams or departments or different environments like development and production and so on. Depending on how you design that. And you want to make sure that, for example, if you want to give that to someone, like let’s say, okay, this department, they can create their own subscription, but you want to keep them basically under control, you want to make sure that every subscription they create looks exactly the same.

Thomas Maurer:
So for example, you can already deploy resources using arm templates, you mentioned before Azure resource provided templates to deploy resources. You can use Azure policy to do certain settings and I think that’s one of the most powerful parts is where you can then with policies you can for example, restrict which locations you could use to deploy resources like which Azure regions or you could limit the sizes of virtual machines, which can be very handy, especially when we launched the MB two series, which are basically over 400 course up to 12 terabytes of memory and train your credit cards in three.

Mike Pfeiffer:
Everybody’s got to spin up one of those machines and RDP into it and get a screencap of the task manager showing all the CPU cores of the memory.

Thomas Maurer:
Exactly. Yeah. It’s going to be an expensive time to basically do that. But so you want to limit that so they have policies as well so you can put it all and then also obviously R back, role based access control where you can say, okay, we want to have already certain groups with certain permissions and limit that for different users. So with a blueprint you can put that all together and then assign it and then say, okay, create a new subscription, it’s going to look exactly like this, like I want it to be. That’s at least what we think it’s for, but I’m sure they’re are customers using it for different scenarios as well.

Mike Pfeiffer:
Yeah. So is it still in preview?

Thomas Maurer:
I think so. If it hasn’t changed, I’m really bad to be honest when it comes to roadmap stuff. I always check the websites, but last time I looked it’s still in preview. We are definitely also adding, I saw some new features, which I’m also not 100% sure where it is exactly right now, but to add custom script so it can also, instead of just having an arm template, you can also run custom scripts and I think this is something we want to add in the future or is already there now. It’s kind of depends again between private, previews and [inaudible 00:15:04] right?

Mike Pfeiffer:
Yeah. So I’d love deployment automation and infrastructure as code and I can’t wait to see just the maturity of all of that stuff over time because you know, it’s just going to keep getting better and better. To me, policy as it matures, is just going to become essentially group policy for Azure in a lot of ways, right? The whole concept of taking a policy and pinning it to a resource group is very similar obviously to taking a group policy and setting it on an OU and it’s kind of the road that we’re on right? Getting to that, it’s cool. Kareem was in the chats. Did you want to follow up on that one?

Thomas Maurer:
Yeah. So I want to ask you, you obviously are going to implement stuff like this. Do you see people often also use like the guest configuration policies?

Mike Pfeiffer:
Not yet. But I was talking to Michael about that. We livestreamed with Michael a couple months ago now and he was the one that got guests configuration really on my radar.

Thomas Maurer:
Yeah.

Mike Pfeiffer:
So I haven’t cracked that open yet. It sounds like that’s still unfolding, but-

Mike Pfeiffer:
[inaudible 00:16:01] it sounds like that’s still unfolding, but I think it’s awesome. Because I think a lot of people start to get confused about policy. Where does it impact. The Azure platform as well, but to your point guest policies there that do the settings on the inside of the BM, right? Isn’t that what it’s all about?

Thomas Maurer:
Yes, absolutely. So you can basically go out and through configurations of your servers. Now we do a lot of all the things, but we can also set specific things. So again, when you said group policies, think about it as group policies for your servers on steroids. That’s what it could be. I mean, we are still very early on in that space, but that’s what we are actually looking at. And it’s not just for Windows servers, it’s obviously also going to work on Linux servers. For me, that was really when I had this eye opening when they announced Azure Arc for servers. When we saw that we can now not just use these guest configuration policies for virtual machines running in Azure, but also if they run somewhere else, if they run on prem or at the other Cloud provider, you can use exactly the same tools and basically manage them all from Azure. That’s when people are looking at it. This is one of the game changer Azure Arc really provides, right?

Mike Pfeiffer:
Yeah. It’s going to be fun to watch Azure Arc unfold as well. And there’s a lot of people asking in the chat… I keep saying chat, it’s the comments in LinkedIn. But one of the things that also came up, people asking about new services. Azure Lighthouse, somebody asks, “Can you talk about that?” It’s probably not a well known service because it’s so new, right?

Thomas Maurer:
Yeah. Azure Lighthouse… And again, as I had worked in the past for a managed service provider, and I saw that these capabilities are coming, this was also like, okay, we need this. So Azure Lighthouse, we have a lot of managed service providers or service providers which manage, for example, multiple customer environments, multiple tenants and a lot more environments, right? And for them it was very hard to basically go from this environment then to the next one to the next one. And Azure Lighthouse basically gives you a tool or a framework where we can manage multiple customers’ environments. And this comes especially handy for managed service providers, but also you can imagine if you’re a large corporation which probably migrates different mergers with other companies. This can also be helpful there to manage your different Azure environments.

Mike Pfeiffer:
Cool.

Thomas Maurer:
We could go way deeper than this, and we talk for hours just in Lighthouse. But essentially it really gives you a tool or a framework where you can manage multiple Azure customer environments, right?

Mike Pfeiffer:
Yeah. Very cool. I understand that you’re on your way to Seattle. You’re traveling like crazy as usual. What are you going to be talking to people about on this next big tour that you’re doing?

Thomas Maurer:
Yeah. My sessions are mostly… Usually we have these learning paths. So we have two learning paths, which our specific small team with Rick Kloss and the other part of the team does. This is about… One is called Modern Cloud Operations and the other one is called Modernize Server Infrastructure. Well, all of the sessions are really focused on operations people or Cloud operations people. So we have two sessions in the Modernizing Cloud Operations. One of them is about Azure. IS virtual machine operations, so we’re going to show us some cold tricks and troubleshooting tricks with that and how you actually can manage your Azure BMs.

Thomas Maurer:
And at one point it gets that interesting that I would say if you use all those tools, those management tools like update management, change tracking and all that stuff, at one point you have automated your infrastructure service platform so much that it actually almost becomes a past service. One session is really about that. And the other one is about governance. So this is one really focused on about why do I set this up? What are the problem? What other challenges customers are having? And then explaining tagging policies, blueprints, and all of that.

Thomas Maurer:
And then we have the server learning path, the one [inaudible 00:20:43] server infrastructure learning path. That one has a session about how you get rid of your 2008 and 2008 or two Windows servers which are now out of support. Then we have one section which I created is the hybrid management one where we talk about how you can actually leverage Azure hybrid services like for example, site recovery or update management. And obviously Azure Arc for your on prem or systems or servers. And the last one really is about Azure migration. So how do you use Azure Migrate to migrate your servers to Azure?

Mike Pfeiffer:
Azure Migrate’s a really insanely good service, so mature for just having a cloud native migration service. Because some of the other Cloud native migration services, the ones that come with, I think aren’t as deep. It’s really good. I got some really good comments in here in LinkedIn that I want to hit on. Ryan Colt said, “What Fin Ops case studies or scenarios can you give examples on? So where resource tags and cost management has been used to control spend.” In your work in the governance world and helping people track and manage costs and tagging and stuff, what do you think that we could point Ryan to in terms of maybe a case study or an architecture that you guys have built? Anything like that out there?

Thomas Maurer:
Definitely as you mentioned before, the Cloud adoption framework. It’s definitely a good place to start to read about this because that covers actually a lot, if not everything, about it. It’s pretty broad and explains a lot of different scenarios. So that’s definitely something where I would point you to. And if you go there he’ll find a lot about these topics.

Thomas Maurer:
Something else is also, which was pretty handy is when you do dive into Microsoft Learn, which I don’t know how many actually learning paths we currently published on these topics. I’m sure we have some on for example cost management and things like that. So Microsoft Learn is a free platform. For those don’t know out there, it’s a free peer learning platform from Microsoft where we publish learning paths and modules. You don’t even need an Azure account to use them.

Thomas Maurer:
The great thing about it is usually you have some text explaining something, you have probably some assessment with questions, you have some videos. So the usual stuff, right? But you also get a sent box environment. So you get a free send box for an hour where you can actually try out the commands and build stuff in Azure for free basically. And then after an hour we just decommission it again so you don’t need any credit card or anything to create an account. And then there are some great courses on Pluralsight. I like that one. Then there’s great people, for example Mike who also I think you have some great video content out there that… Sorry?

Mike Pfeiffer:
I’m slightly biased. You should go watch all of my Pluralsight courses.

Thomas Maurer:
No, but seriously. I mean to be honest, I watched them too. It’s not that we everything about every platform. We also need to learn at some point in time and so I go out and we also watch what our MVPs are doing, and what great content they create.

Mike Pfeiffer:
Yeah. I was talking to another fellow MVP this morning and we had that conversation of… It kind of looks like when you’re doing stuff that you do, Thomas, even when you’re in a VP, but now still, or stuff that I’m doing to build content. It looks like we got all the answers to it at the top of our head. We’re all learning stuff, too, right?

Mike Pfeiffer:
I would love to hit on some of these comments that are coming in. So Peter had a great one. He said, “Hey Thomas, what use case for Azure are you seeing today or coming in the near future that has you the most excited because it’s something you didn’t think was coming? Or it could be because it was something you didn’t think was coming for Azure within the last year or two.”

Thomas Maurer:
It’s hard to say. Especially when you… All the services basically, which are announced… I mean there was some wishes I have for services in the future, but then they announced something which was like, okay, I didn’t expect that, but that’s great. It’s definitely hard. What I would highlight really… One I already talked about, Azure Arc, and getting that hybrid management experience and much, much more. You also have data services which you then can deploy on basically any infrastructure so you cannot go out and deploy Azure SQL on prem or at the other Cloud provider and get basically the same benefits, and also manage them directly from Azure. Obviously we covered that, and that was for me, the more I think about it, it’s going to be a really big thing.

Thomas Maurer:
The other thing is, which I’m not, to be honest, not too involved in that, but it’s for example Synapse. Azure Synapse is going to be in the data world. That’s going to be super interesting if you have these massive amount of datas where you need to go through. And then everything, where we say basically we use the AI parts which are coming out. Or even the small AI parts, it’s not even… We highly advertised them sometimes, but I mean in some cases we just have been there as well. There’s now AI and machine learning built in almost everything, at least a little bit, right? And so that I’m super excited, those small improvements. It’s a very good question, to be honest. It’s hard to answer.

Mike Pfeiffer:
It’s like pick your favorite movie, right? There’s so many, it’s hard to just sit there and pick one. All right, let’s move on to the next one. Louisa said, “Hi, sweet boys. Send me a smile.” That was a while back, but hopefully she caught a couple of smiles along the way. Richard says, “Could guess configuration…” And going back to policy, “Can guess configuration over time replace something like DSC, or any other configuration management tool for that matter?”

Mike Pfeiffer:
I don’t know all the details, but I understand that potentially the PowerShell team is working on PowerShell core support for DSE and a big update for that. But what do you think? Do you see guests config becoming the ultimate trump card for config management or is it complimenting these other services?

Thomas Maurer:
It’s still hard to say, definitely a hard to say. But to be honest, I would like to be at the ultimate service. However, if that’s going to turn out that way, I really don’t know. In fact, you mentioned again when we talked about deploying things with arm templates, right? If you could also bring that with policies, if you can do all the guest congregation as well in the same way, that’s going to be really, really powerful at one point and you don’t need to have multiple tools and everything. The Azure resource manager platform does basically all those things for you.

Thomas Maurer:
I guess this could be a very interesting part to see what’s going on in the future. However, what do we exactly target? I don’t know where we actually completely going, what the messaging would be. There were so many good tools out there. Also for party tools, which can really do a lot today. So by just saying, okay, we’re going to remove all of these and we’re just going to use that, it’s going to be hard, right?

Thomas Maurer:
But again, especially those people who really think in a Cloud native way where they go and say, okay look, we are going to take Azure and we’re going to take everything from Azure as much as we can. And then if Azure doesn’t offer something, then we will maybe use something else. So for those people, especially for those Cloud native people, I think Azure policy and guest configuration policy can become very, very interesting.

Mike Pfeiffer:
Yeah. [Walid 00:00:29:05], they’d had a really good comment as well, kind of goes back to what you were talking about a little bit in terms of data. Now that customers are getting more mature or gets further along in their Cloud journey you’re seeing people migrate data in larger batches, right? Way more than they were in before. Because before they were just evaluating. So Walid was saying, “I would like to know from a newcomer’s perspective what concerns for data governance and confidentiality should we be thinking about? What strategies can we consider when moving to the Cloud to protect that?”

Thomas Maurer:
Oh, that’s a very, very good question. I mean that’s what we see a lot of insurance companies or even banks are doing, right? They exactly are dealing with this. And I’m sure there are other industries as well, other companies as well. We offer a couple of different things where you can basically encrypt data in a certain way, right? And we even have things like confidential computing in the pipeline, which is basically not just gives you encryption at rest but also encryption while your service is running.

Thomas Maurer:
For example, think about if you’re familiar with hyper V. We have this feature called shielded virtual machines, which basically encrypts the virtual machine and the memory of the virtual machine. So not even an admin can access the content of that virtual machine. In that case we just do the same thing for databases and stuff like that. Another strategy is also to just send data without any information in terms of names or whatever. So for example, hide your customer names or we link that with a unique identifier. You send the data up, you run your machine learning or whatever, you get it back. And for us it’s just numbers, right? And then you get it back, and then you match it again with your patient name or whatever on prem in your environment. So you basically don’t give us anything.

Thomas Maurer:
I also would recommend that people go out and go to the trust center. If you haven’t heard about the trust center from Microsoft, this is where we basically explain all the privacy stuff and also how we basically manage our environments. I think you can also get the audit information from our Cloud services. You can go in and basically see, okay look, we had these different audits and that were the results. If you’re an Azure or a Microsoft customer, we give you these to download so you can actually see what we actually do and you can see the results of those audits. So really the trust center is definitely a place to go to also get more information, how we basically deal with that.

Mike Pfeiffer:
Nice. All right. So everybody out there that’s listening, feel free to add more questions into the comments. I’ve got one for you, Thomas. Peter touched on this just a little bit, but I’m wondering what you’re excited about. When you’re building stuff and you’re blogging a lot, what’s your next big project where you’re going to go create some content? And what do you got on?

Thomas Maurer:
That’s a good thing. I don’t want to highlight-

Thomas Maurer:
That’s a good thing. I don’t want to give away too much already because I’m working on that. I’m really looking at, there’s two ways or things I’m looking at. One way is really like the new stuff which comes out. When we announce something new, I want to be one of the first persons to try it out and then basically share my opinion but my results and my experience with it and help people get from basically zero to like, okay, I can deploy it, and in a very fast way. Because sometimes we have this in between things where we have the announcement blocks, where we basically say, “Hey look, this is what it is for,” and explain it very on a high level. Then we have the documentation which is a lot of text and a lot of material. I just want to be somewhere in between, to basically read something, to explain, “Hey, look, you can do it step by step really, really quickly to get it running.”

Thomas Maurer:
Another thing is where I look at, like for content is when I speak to customers or read comments or when someone reaches out to me and has a question. So for example, in this life video for example, the questions you gave me, those are already gold in a way that I then see. Okay what are people actually looking for or what are good topics to talk about? So I definitely will go out and I will definitely do something on guest configuration policy to have a look at that, especially maybe together with Azure Arc.

Thomas Maurer:
But this is what I learn, especially when I go to events. One part, obviously we present, we deliver our content, but we are also super happy to speak to our customers and our communities, especially also try to sync with the MEPs and other parts as well in every city I am because they have so much great value of their experience and we can then take that knowledge and not just, I mean creating content is one thing, but then also bring that back to the different feature teams in the Azure engineering group, where we can tell them, “Look, we have a customer. He actually had a great idea. He wants to use the service for this, but it’s not really designed for it. If we just changed that a little bit, it has some potential,” and so we can go out and tell them, “Look, how are people in the real world using our services?”

Thomas Maurer:
Those are kind of like the ways I’m going with content. So [inaudible 00:34:27] again where we knew stuff but also helping people. I think that’s also the content that most people are looking for, obviously. I think that’s where it’s going. I obviously stay in the operation space. I really think about the [IT Pro 00:00:34:44] itself, but it maybe transforms a little bit, as you see if you watch Mike’s channel as well. There’s so many different things we are doing. I don’t think you can have a clear line anymore between different shop rules. It’s changing so much and everyone needs to do a little bit or understand a lot of different technologies.

Mike Pfeiffer:
I agree 100% with that. I think it’s a blurry line these days because even if you are ops focused for a long time, you are getting sucked into these developer patterns and practices. Now that you can virtualize every single thing, now you can represent everything as code. Kareem had a really good comment and question. It was basically, is the Azure CLI or PowerShell or Azure CLI, are those things going to replace ARM templates or are those things are replacement for ARM templates, or they compliment that? How should people be looking at those things?

Thomas Maurer:
I would definitely say they’re complementary. Those are different ones to deploy. We want to give customers different options to deploy their services. Obviously there are certain ways which are, like if you’re more mature, you’ll probably prefer it. If you also look at, for example, Azure DevOps, where you can deploy things in an automated fashion, in a continuous CI/DC pipeline and so on.

Thomas Maurer:
But also if ARM templates, which just basically infrastructure’s code, this is not going to be say, okay look, we’re only doing this and we don’t care about the CLI. The CLI and to PowerShell module and the portal and all of that, those are all different tools which you can use and they all have the reason to be there. There’s not just one way of doing it. I don’t think there is. We have customers that just prefer to write everything down in CLI and we have customers, we see them writing those awesome PowerShell scripts. Then we see customers combining all of that and again, with the CLI, you can basically deploy ARM templates. You can also deploy through the portal or through PowerShell. It really depends on what your needs are and what you want to achieve.

Mike Pfeiffer:
I think that that is an important message that you just shared there and the constant theme coming up from this discussion so far is that you guys are listening to your customers very intently. Then the other thing is every tool has a purpose. This is a big one because I had a customer a couple of months ago now, but I went onsite to work with this customer and they had inside the company, another team who’s working with a different consultant to do a different project. But that consultant had gone to lunch with the guy that I was working with on a different team and told them, “Hey, don’t use the CLI because, or don’t use PowerShell because everything is going CLI.”

Mike Pfeiffer:
When my customer told me this, he was frustrated because he’d just spent the last five years learning PowerShell. He’s like, “Man, I’ve learned all this PowerShell, now I can’t use it.” I’m like, “No, hang on a second. That’s not true.” Any time somebody is telling you something like that, where one versus the other is better, that’s not the truth. It’s just a choice. What’s your background? If your background has been PowerShell for five years, then that’s a logical choice for you to go off and do, right?

Thomas Maurer:
Yeah, absolutely. No, that’s very important. By the way, that comes up a lot. So a lot of people, like I talk a lot about also Cloud Shell and things like that. People then always show you have a Bash or a CLI and a PowerShell experience, so what’s going on there?

Thomas Maurer:
Again, it really depends on your scenario. So for me as well, I’m using both. In some cases I like the Azure CLI for doing like a one liner or something like that because it’s really powerful doing that. But then I’m a PowerShell guy. So PowerShell for me and the objects I can use in PowerShell, this is really, really powerful if I start to write a script. I really love doing that and it really helps me to get more efficient. Again, this may be different for other people. But I then like the Azure PowerShell much, much more if I write the script with some loops in there and things like that.

Thomas Maurer:
Then I also get a lot of questions. It’s absolutely fair point is sometimes we only have a CLI available or sometimes the service only has PowerShell commandlets and does not have a CLI. The reason for that is basically just, especially when they are on preview, we start with something and we’re looking out at what is the audience? Probably the audience which is going to use to service first. If you look at, for example, containers, we started there I think with the CLI experience.

Thomas Maurer:
Again, could be an older service but we were looking at, okay look, the people who are using containers today, they’re probably using the Docker CLI and so on. They are familiar with the CLI approach. So we start with the CLI, but we also add the PowerShell commands to it. It sometimes it takes a while and it sometimes takes a little bit longer than we expect. But I also want to quickly say it’s also true for the PowerShell part. Some services are, if you come more from the Windows world, you probably have PowerShell first. Then add the other part. I think it’s really good to clarify this, that there is not one better than the other. It really is a different, depends on what you prefer and what your scenario is and what you like to do.

Mike Pfeiffer:
Yeah, and that’s the whole reason why you guys build different versions of things. There you go. Mohammad said, and he has a good point here, this is interesting comments, “I would like to see AI based tooling for writing infrastructure’s code.” So he’s looking for abstractions above even what’s there now. He’s wondering, because he’s like, infrastructure’s code is still plumbing for a lot of devs and so he’s like, do you see more business logic, higher level abstractions for these types of scenarios coming down the road?

Thomas Maurer:
Let’s put it that way and say, we got that feedback and we know that this is something where AI and machine learning could potentially help. Let’s it that way.

Mike Pfeiffer:
Nice. All right, we’ll have to let that play out, right? So we won’t hammer that one anymore, but cool, man.

Thomas Maurer:
Well, one thing I can share. One thing I can actually share is, and not a lot of people, I was not familiar until a couple of months or weeks ago, the actual CLI has a find command. So if you’re looking for something to do in the actual CLI, you can just type AC find, and then for example, let’s say SSH or backup or whatever. This will then give you some examples.

Thomas Maurer:
Now these examples, some of them are hard coded, some of them we give, okay, look, this is a good example. We’ve put it into the CLI as an example. Some of them, and we mark that, are auto-generated. So we basically use a type of machine leaning here, if you will, which maybe we should not call it that way, but where we go through docs and then we look at the different documentation, at the commands. Then we realize, okay look, this looked like it has to do with SSH or backup. Then we take that command as an example and we build it into the CLI. So we don’t have people writing actually these examples in the CLI, we just take them from the docs pages. So that’s actually something we can try out, where we already built some intelligence, if you will, into our tools. But I think there’s much, much more I think what we can do.

Mike Pfeiffer:
Got it. Then the last one that we’ll take, because I know that it’s late for you and I’ve got a call at the top of the hour, but this is a good one. [VJ 00:42:43] was saying, “How do you guys choose between where to put Azure regions? Azure Germany is coming up, Azure China, blah, blah blah. But how do you guys kind of gauge that as you add services in the future, add regions but even add services to those regions?” He’s just trying to understand the logic of that and if there’s any way that they can participate or chime in with their feedback about it.

Thomas Maurer:
Yeah, so it’s about what services are going to be available in which Azure regions. Usually what happens is we have obviously some of our main or hero regions where we basically have almost all the services available. Then we obviously have a lot of other, smaller regions or regions which do not have all the services available.

Thomas Maurer:
The question really is about how do we decide which region gets which service. Again, as most other things, it’s just about customer demand and business cases. It’s as soon as you have a lot of demand in some region for a specific service, the chances are high that we’re working on as well. I mean sometimes we just can’t deploy it fast enough. Would we like to offer every server in every region? My guess is absolutely. The other thing is you just need so much time to deploy these and keep these running and all of that. That’s where we really look out in like where we have a demand. I mean for example, Azure Switzerland, one of the regions which were announced in summer and they were accessible in summer for Swiss customers if that was [inaudible 00:44:27] ticket. I think since yesterday they are available to the general public. You should now see them in the Azure portal as well.

Thomas Maurer:
They, for example, they do also have, not all of the services, but what they have is they have SAP on Azure. Because we had customers specifically asking for this. So it really depends on the customer demands. So definitely if you want the service somewhere, try to speak to your local Microsoft subsidiarity to make sure that your request is heard because they then can go out and basically come back and say, “Hey, we have customers who actually wants to deploy this.”

Mike Pfeiffer:
Got it. All right Thomas, it’s always a great time chatting with you, my friend. I wish we could keep going for hours, but it’s already late where you’re at and I’ve got to boogie. So anything that we should tell people to keep an eye on as we close this one out? You’ve mentioned a lot of resources, I’ll put that in the notes later, but anything on the way out here you want to point people to?

Thomas Maurer:
Yeah, so definitely check out Microsoft Learn if you haven’t done that. Check out the cloud adoption framework if you’re working with Azure, and read what’s there. Check out my blog and obviously check out Mike’s blog and your podcast as well as your [inaudible 00:45:48] courses. I think I always get something good out of that. I think that’s what I want to highlight really, and check out our team’s blog. That’s very important, itopstalk.com, which is like our IT or Azure ops team’s blog where we blog about IT operations topics. This can be Azure governance, ultimation, infrastructure. It can also be Windows server or Linux, DevOps, PowerShell, all of that. It’s a real mix of ops content there.

Mike Pfeiffer:
Well, there it is everybody. Thomas Maurer, the legend from Microsoft. We’ll see you next time. Thanks a lot, Thomas, appreciate you.

Thomas Maurer:
Thank you, Mike.

This podcast is sponsored by the Azure DevOps Training and Certification Bootcamp at CloudSkills.io