Deprecated: strtr(): Passing null to parameter #1 ($string) of type string is deprecated in /chroot/home/a40b7614/774635bdc8.nxcli.io/html/wp-content/plugins/moosend-email-marketing/vendor/moosend/website-tracking/src/Utils/Encryption.php on line 8 Deprecated: urlencode(): Passing null to parameter #1 ($string) of type string is deprecated in /chroot/home/a40b7614/774635bdc8.nxcli.io/html/wp-content/plugins/moosend-email-marketing/vendor/moosend/website-tracking/src/Payload.php on line 202 tips – SoftwareArchitect.ca

SoftwareArchitect.ca

Tag: tips

  • Top-Down versus Bottom-Up Approach in TOGAF

    Top-Down versus Bottom-Up Approach in TOGAF

    Within the TOGAF specification, you will sometimes read about there being two options for approaching the design of architecture: a top-down approach or a bottom-up approach.

    But what does that mean?

    ​The top-down approach means that you start with the business requirements (the B layer) and fully decide the problems your business needs to solve before thinking about the technology to solve those problems. The “bottom up” approach means you start with the technology that you are looking to add to your organization and work “up” to change the applications and the business.

    An example of this is, let’s say you have a problem with security. You talk to the business leaders, department heads, etc and come up with an extensive target business architecture for it. Then you start looking at vendors and thinking about implementation. That’s top-down.

    The bottom-up approach is, when you have a problem with security, talking to the technical teams and ops teams. What can you do to improve security? They might suggest you restrict all access from outside your company except through the VPN. You then work up to the business layer to say that certain policies need to be followed to get access to the company network from outside. That’s a top up approach. Thinking about solutions first and then changing the business needs to match.

    Hope that helps.

     

  • How Do Software Architects Make Decisions?

    How Do Software Architects Make Decisions?

    A student asked me a question in my Introduction to Software Architecture course, and I decided to write a bit of a longer answer than usual. So I posted it here. 🙂

     

    How and When Architect decide which technologies to go with?

    I would like to know How and When an Architect decides which technology to go with? If he/she is not having in-depth tech knowledge, how to decide if selected technology is capable of catering the need

     

    Well, that is a big question of course. This course went over the role of a software architect at a high level, but a more practical question is how to decide between two or more options when faced with a tough decision.

     

    So let’s look at a scenario with real products, and figure out which we would like to buy.

     

    Scenario: You know you need to buy a piece of software, but how do you choose which piece of software is best?

     

    You have to go and find a marketing solution. You did your research, and the choices are… IBM Marketing Cloud, Oracle Marketing Cloud, Adobe Marketing Cloud, and Salesforce Marketing Cloud. Yes, four massive companies have named their product the same thing.

     

    So how do you choose which one to go with?

     

    Usually, the way companies do this, is come up with their requirements (part of a RFP). They make a list of features that the product they choose must have, and a list of nice to have features, against which products will be judged against.

     

    In my case, I want a marketing cloud that has the following features, must have:

    • Rock solid security
    • Intelligent folder structure for projects to support all my clients without risk of overlap (multi-tenant)
    • Fine control over which users get access to which clients
    • Proven ability to send high volume of emails
    • Detailed and reliable reporting and tracking features
    • Email automations, funnels
    • Schedule emails
    • Pre-stored templates
    • Customer support by the vendor
    • Cost per user

     

    My nice-to-have features are the following:

    • Can host standalone web pages
    • Support multiple languages for the same email
    • Handle unsubscribes with customizable pages
    • Future roadmap

     

    So you make your lists of features that you’d like to see.

     

    Now for each application, you need to “grade” the application on a score of 1-10 against each of the features.

     

    On a scale of 1-10, how great is the security? Does it integrate with your Active Directory? Can you block IP address ranges? Does is do threat detection and ensure to raise an alert if hackers attempt to get in?

     

    Some applications only do the basics, while others have security features you haven’t even thought of.

     

    You go down the list, and evaluate the software on each feature. If an application doesn’t support something on your must-have list, that’s a big problem. A 0, and possible elimination from contention unless you’re willing to modify your requirements.

     

    Now add up the scores under the must-haves and nice-to-haves.

     

    There will be applications that have a low score compared to the others, and that puts them at the bottom of the list. There will be applications have have a high score compared to others, and that puts them at the top. Easy enough, right?

     

    Now how do you choose between two applications where the scores are similar?

     

    Well if they meet the requirements, and the price is within your budget, it might just come down to picking the one you feel will suit you best. Which one had sales teams that replied to your questions the fastest? Which one has the best reputation for support online? Do you already have this company’s other products in your organization?

     

    There’s no perfect solution. Every architect has experienced the case where you start down the path of choosing one vendor, and then you learn that they don’t support something basic. Or things don’t got as easily as you planned. Such is life sometimes.

     

    But if you start with your requirements, and grading applications based on your requirements, you’ll have “the facts” in front of you on which you can make a decision.

     

  • Free Azure Guide to Setting Up Linux VMs

    Free Azure Guide to Setting Up Linux VMs

  • 17 Small Projects That Can Teach You Microsoft Azure

    17 Small Projects That Can Teach You Microsoft Azure

  • October 2017 Changes to 70-533 Azure Infrastructure Exam

    October 2017 Changes to 70-533 Azure Infrastructure Exam

    Last year in October, Microsoft announced some sweeping changes to it’s exams.

    And this year, they did it again. At the MS Ignite conference, they announced changes to the requirements for two exams – 70-532 Azure Developer and 70-533 Azure Infrastructure. Let’s look at the 70-533 changes with this post. I reviewed the 70-532 changes here.

    The changes are slated to take effect on October 12, 2017. They are posted to the US website only, and so there’s no official word as to how this will be rolled out internationally.

    Things removed from the 70-533 exam:

    • Storage objective – SQL Databases

    Things added to the 70-533 exam:

    • App Service objective – App service environment (ASE)
    • App Service objective – deployment methods such as Git and FTP
    • App Service objective – App service backups
    • App Service objective – Authentication and authorization for app service apps
    • Virtual Machine objective – configure fault domains and update domains
    • Virtual Machine objective – Azure Container Services (ACS), Docker, DC/OS, Swarm, or Kubernetes, Azure Container Registry
    • Storage objective – manage SMB file storage
    • Storage objective – Azure Key Vault
    • Storage objective – Azure Storage Service Encryption (SSE)
    • Storage objective – Encryption and RBAC for Azure Data Lake Store
    • Network objective – VNet peering
    • Network objective – Puppet or Chef to configure networking
    • ARM Templates – count loops and marketplace items
    • New objective Security and Recovery objective – Azure Key Vault, SSL task automation, Azure Security Center, Single-Signon SaaS, Manage access to a SaaS app, federation, public identity providers
    • New objective Security and Recovery objective – Backup vault, backup agent, snapshots, geo-replication for recovery, DR as a service
    • New objective Azure Operations objective – Powershell runbooks, Azure Automation
    • New objective Azure Operations objective – Analyze data across multiple systems, custom visualizations, data across multiple subscriptions, flexible search queries, monitor system updates and malware status, track server configuration changes with Azure Log Analytics
    • Identity objective – Azure AD Connect Health
    • Identity objective – Azure AD Domain Services
    • Identity objective – MFA

    And finally, the number and weightings for each of the objectives have shifted.

    There used to be six objectives and now there are eight. Microsoft shuffled some things around, so that topics that used to fall under one objective now were moved to another.

    • Azure App Services was 15-20%, now 10-15% (down 5%)
    • Virtual Machines remains 20-25%
    • Storage was 20-25%, now 10-15% (down 10%)
    • Virtual Networks was 10-15%, now 15-20% (down 5%)
    • ARM Templates remains 10-15%
    • Azure Security and Recovery (new) 25-30%
    • Azure Operations (new) 5-10%
    • Azure Identities was 15-20%, now 5-10% (down 10%)

    It’s hard to judge, since they moved things around a bit. But virtual machines, virtual networks, and security are the top 3. Storage and Active Directory (identity) fell the most.

    [thrive_leads id=’6447′]​

  • October 2017 Changes to 70-532 Azure Developer Exam

    October 2017 Changes to 70-532 Azure Developer Exam

    Last year in October, Microsoft announced some sweeping changes to it’s exams.

    And this year, they did it again. At the MS Ignite conference, they announced changes to the requirements for two exams – 70-532 Azure Developer and 70-533 Azure Infrastructure. Let’s look at the 70-532 changes with this post.

    The changes are slated to take effect on October 12, 2017. They are posted to the US website only, and so there’s no official word as to how this will be rolled out internationally.

    Things removed from the 70-532 exam:

    • Virtual Machines objective – Configure ARM VM Networking
    • Manage Identity objective – Hybrid connections, Site to Site VPN and ExpressRoute
    • References to DocumentDB

    Things added to the 70-532 exam:

    • Virtual Machines objective – Azure Disk Encryption
    • Virtual Machines objective – DevTest Labs
    • Azure Storage objective – connecting to Azure Files, shard large data-sets, blob leasing
    • Azure Storage objective – implement Cosmos DB Table API
    • Azure Storage objective – choose between Azure Tables and Cosmos DB Table API
    • Azure Storage objective – Cosmos DB, all aspects
    • Azure Storage objective – Redis caching for ASP.NET sessions
    • Manage Identity objective – MFA and MFA API
    • Manage Identity objective – determine when to use event hubs, service bus, IoT Hub, Stream Analytics and Notification Hubs
    • Manage Identity objective – Azure Key Vault
    • Azure Compute objective – goes deeper into Functions
    • Azure Compute objective – Third Party Platform as a Service (PaaS), Cloud Foundry, OpenShift, Azure Quickstart Templates, Azure Marketplace Solutions
    • Azure Compute objective – DevOps, Application Insights, Continuous Integration, Continuous Development, third-party deployment tools, mobile DevOps using HockeyApp

    And finally, the weightings for each of the objectives have shifted.

    • Virtual Machines, was 30-35%, now 20-25% (down 10%)
    • Storage, remains 25-30%
    • Identity, was 15-20%, now 10-15% (down 5%)
    • Azure Compute, was 25-30%, now 35-40% (up 10%)

    So you can see where Microsoft’s priorities for this exam are.

    [thrive_leads id=’6447′]​

  • Free 10-Page PowerShell cmdlet Guide for Azure

    Can I interest you in a FREE 10-page study guide for the Microsoft Azure exams 70-534 and 70-533? 

    Sign up to my list below, and I’ll immediately email you a free 10-page PDF with the most useful PowerShell cmdlets for managing Azure resources.

    This guide covers:

    • Web Apps
    • Virtual Machines
    • Storage
    • Security
    • Alerts and Monitoring
    • Azure Active Directory
    • Virtual Networks

    It also contains sample scripts that you can copy and use in testing.

    If that sounds interesting, why not let me send it to you right now?

    [tcb-script src=”https://softwarearchitectca.activehosted.com/f/embed.php?id=19″ type=”text/javascript” charset=”utf-8″][/tcb-script]

  • Azure PaaS vs IaaS vs SaaS

    Azure PaaS vs IaaS vs SaaS

    Today a student in my 70-532 course, Pankaj, asked about the difference between Paas, IaaS, and SaaS within Azure. Specifically he wanted some examples, so let me list a few.

    I found this helpful diagram that might set up this discussion.

    This comes from Microsoft.

    To translate the above.

    • IaaS means that Microsoft takes care of the data center as a building, networking, firewalls, security, servers, storage, backup and recovery.
    • PaaS means that Microsoft takes care of maintaining the operating system, provides development tools, handles database management, and provides tools for business analytics. With IaaS, you’d be responsible for all of that.
    • SaaS covers the above plus Microsoft provides the application that you are just one customer (one tenant) inside.

     

    Infrastructure as a Service – IaaS

    One example of IaaS is any Virtual Machine product. Anything that gives you control of a piece of “hardware” (it’s not really control of hardware because a VM is virtual). Anything found under the Compute menu of Azure Portal can be counted as IaaS. Also networking pieces like VNets and storage pieces like Azure Storage.

    Examples include:

    • Virtual Machines
      • Windows Server 2016 Datacenter
      • Red Hat Enterprise Linux
      • Ubuntu Server
      • Data Science Virtual Machine
      • SQL Server 2016 SP1 Enterprise on Windows Server 2016
      • Miscellaneous firewall and third-party network products
    • Virtual networks and subnets
    • Public IP
    • Load balancers
    • Traffic Manager
    • Azure Blob Storage
    • Azure File Storage

    These are the fundamental pieces of any network (self-hosted or cloud), and nothing else.

    Platform as a Service – PaaS

    Best known as the core Azure App Services, which is web apps, mobile apps, API apps, logic apps and function apps. If you think of what a “platform” means though, it means you can build your application on top of it. PaaS often runs inside an App Service Plan or an App Service Environment, but not always. But when you’re creating one of these, it’s clear you are creating an “app” and have to give it an “app name”.

    When working with platform as a service, you are creating your own “instance” of these services. You give them names, and you can start and stop them.

    • Web App
    • Web App + SQL
    • Mobile App
    • API App
    • Logic App
    • Function App
    • WordPress Web App
    • SiteCore Web App
    • Joomla! Web App

    Software as a Service – SaaS

    Finally, software as a service is an application which Microsoft Azure provides to you, which you can configure, but is a fully functioning application that you cannot modify the core features of. Often these have special and unique features. You are an tenant in these multi-tenant applications and are not running your own version of this.

    • Azure Search
    • SQL Database
    • HDInsight
    • Cosmos DB
    • Azure Active Directory

    Service Fabric

    I’ve seen Service Fabric described as PaaS.

    Basically, it’s a set of servers that you can provision but Microsoft provides a ton of functions on top of that to automatically management deployment and balancing of microservices, to give it automatic healing, etc. The Service Fabric is a platform on which you deploy your applications. You don’t control those servers and cannot remote into them.

    Hope that clears it up. Let me know if you have any questions.

     

  • Why Should You Get Azure Certified?

    Why Should You Get Azure Certified?

    As you know, cloud computing has quickly grown over the past 5-10 years to be one of the hottest in-demand skills in the industry.

    It’s true that you can learn Azure, use it in your job, be very successful with it, and move up in your career without ever answering a single multiple-choice test or analyzing a single case study.

    So what are the benefits of getting Azure certified?

    Well over my career, I’ve pursued about a dozen certifications from various vendors. From the early days, I was Java Certified within the first year that it came out. I had an IBM certification, and some of the early Microsoft ones (remember Microsoft FrontPage?).

    Over that time, I’ve come to feel that there are three main benefits to getting certified, and it’s certainly true with Microsoft Azure.

    The three benefits are:​

    1. Certification is like an amulet, it gives an experience boost

    Just like in those games where you wear a special ring, and get some type of small but useful extra power, having a certification attached to your resume gives you a small boost in perceived skill.

    When you’re looking for a job, and lack extensive experience in something, having a certification tells the interviewer that you have been trained on it and passed a test. This gives you a leg up on anyone who claims to know it, but cannot demonstrate that experience.

    I often say that certification substitutes for 1 year of experience when you need it.

    Of course, as you gain more real world experience, the benefit of certification is small compared to the real-world projects and experiences you can talk about in an interview.​

    So if you’re trying to gain real-world experience but don’t have the opportunity at your job at the moment, getting certified gives you credibility in that regard.

    2. Even if you have years of experience the topic, certification forces you to learn everything​

    One thing I’ve always discovered is that certification is a learning process! You actually are forced to poke about into the dark corners of the technology and learn the things ​you might not use on a day-to-day basis.

    Take for instance the Microsoft 70-534 certification, on architecting a Microsoft Azure application. That certification is difficult and extensive. It covers 100 distinct topics having to do with Azure – everything from load balancing, to traffic manager, to application gateway, to networking​, to virtual machines. Not exaggerating to say it’s 100 topics. And it may be that you only work with 20 or 30 of those things in your job. 

    So even if you’re experienced with some parts of Azure, very few of us are experienced with all. So getting certified actually exposes you to way more than you may have even known existed.

    And the third benefit is…​

    [thrive_leads id=’6447′]​

    3. Learning the Microsoft way​

    And finally, we all should admit that with any complex technology, the first time we go to implement a solution using it, it won’t be done in an efficient or ideal fashion. We will use tools in ways they were not intended, and patch together a solution using duct-tape and string to make it work on-time and on-budget.

    That’s a natural way of operating, although many would shudder to think about the applications that are important to our lives being developed in such a fragile fashion.

    For instance, I worked at a company that used Drupal for several of their websites. They had maybe 10 sites developed in Drupal.

    But when talking with the developers and architects, I was told “Oh these sites here were developed when we didn’t know what we were doing. From this point forward, we developed them using the Drupal way.”

    There is a “way” to develop cloud applications.

    So it’s important as an architect (and developers of course) that we understand how to best use tools in the cloud to accomplish what we want. Instead of spinning up a new VM each time we have some task we want accomplished, would it be better as a Web App? Or an Azure Function?

    Choosing the right tool for the job is an important part of constructing a solution. So while we’re learning about all of the tools that Azure has available for us (the 100 plus Azure Cloud Services), we also need to learn when to use one over another, and the limitations we will face when making certain decisions.

    Certification is relevant

    In 2017 and beyond, certification is still relevant in the tech field. While we can get jobs based on skills and experience, and certainly ​is a smart approach when hiring, it also makes sense that the teams are properly trained on the platforms they are developing solutions for.

    The cloud is this big wonderful world where hundreds of services are available to rent and use in our solutions that can cut costs, speed up development time, and reduce future maintenance headaches. And cutting the time required to be a master at that will yield better solutions and a happier overall team.

  • 70-532 70-533 VM Workloads that are Not Supported

    70-532 70-533 VM Workloads that are Not Supported

    One of the more confusing requirements of the 70-532 and 70-533 exams says, talking about Virtual Machines:

    Identify workloads that can and cannot be deployed

    Microsoft has a web page that lists some Windows software that cannot be deployed into Azure.

    https://support.microsoft.com/en-us/help/2721672/microsoft-server-software-support-for-microsoft-azure-virtual-machines

    Most interesting is the list of Windows features that are not supporting inside Azure. Most make sense if you think about the on-premises specific uses or things like disk encryption which Azure has it’s own version of.

    Microsoft Windows Server Roles not supported:

    • Dynamic Host Configuration Protocol Server
    • Hyper-V
    • Rights Management Services
    • Windows Deployment Services

    Microsoft Windows Server Features not supported:

    • BitLocker Drive Encryption (on the operating system hard disk, may be used on data disks)
    • Internet Storage Name Server
    • Multipath I/O
    • Network Load Balancing
    • Peer Name Resolution Protocol
    • RRAS
    • DirectAccess
    • SNMP Services
    • Storage Manager for SANs
    • Windows Internet Name Service
    • Wireless LAN Service