Avoiding vendor lock-in in the public cloud

A little while back, I had a pretty frank discussion with a customer about vendor lock-in in the public cloud and he left me under no illusions that he saw cloud more as a threat than an opportunity. I did wonder if there had been some incident in the past that had left him feeling this way, but didn’t really feel it appropriate to probe into that much further.

Instead of dwelling on the negatives of this situation, we decided to accentuate the positives and try to formulate some advice on how best this risk could be mitigated. This was especially important as there was already a significant investment made by the business into public cloud deployments. It is an important issue though – it’s easy enough to get in, but how do you get out? There are several strategies you could use, I’m just going to call out a couple of them as an example.

To start with, back in the days of all on premises deployments, generally you would try and go for a “best of breed” approach. You have a business problem that needs a technical solution so you look at all the potential solutions and choose the best fit based on a number of requirements. Typically these include cost, scalability, support, existing skill sets and strength of the vendor in the market (Gartner Magic Quadrant, etc.). This applies equally in the public cloud – it’s still a product set in a technical solution so the perspective needn’t change all that much.

One potential strategy is to use the best of breed approach to look at all public cloud vendors (for the purpose of this article, I really just mean the “big three” of AWS, Azure and Google Cloud Platform). As you might expect, the best cost, support and deployment options for say SQL Server on Windows would probably be from Microsoft. In that case, you deploy that part of the solution in Azure.

Conversely, you may have a need for a CDN solution and decide that AWS CloudFront represents the best solution, so you build that part of your solution around that product. This way you are mitigating risk by spreading services across two vendors while still retaining the best of breed approach.

However, “doing the splits” is not always preferable. It’s two sets of skills, two lots of billing to deal with and two vendors to punch if anything goes badly wrong.

Another more pragmatic approach is to make open source technologies a key plank of your strategy. Products such as MySQL, Postgres, Linux, Docker, Java, .NET, Chef and Puppet are widely available on public cloud platforms and mean that any effort put into these technologies can be moved elsewhere if need be (even back on premises if you need to). Not only this, but skills in the market place are pretty commoditised now and mean that bringing in new staff to help with the deployments (or even using outside parties) is made easier and more cost effective.

You could go down the road of deploying a typical web application on AWS using Postgres, Linux, Chef, Docker and Java and if for any reason later this approach becomes too expensive or other issues occur, it’s far easier to pick up the data you’ve generated in these environments, walk over to a competitor, drop it down and carry on.

Obviously this masks some of the complexities of how that move would actually take place, such as timelines, cost and skills required, but it presents a sensible approach to stakeholders that provider migration has been considered and has been accounted for in the technical solution.

The stark reality is that whatever you are doing with technology, there will always be an element of vendor lock in. Obviously from a financial perspective there is a motive for them to do that, but also this comes of innovation when a new technology is created which adds new formats and data blobs to the landscape. The key to addressing this is taking a balanced view and being able to tell project stakeholders that you’re taking a best of breed approach based on requirements and you have built in safeguards in case issues occur in future that prompt a re-evaluation of the underlying provider.




Exam 70-740 : Installation, Storage, and Compute with Windows Server 2016 : Exam Tips and Feedback


I sat and passed the above exam today, and as there seems to be a total lack of information on this exam out there (aside from what’s in the exam blueprint), I thought I would pass on the benefit of my experience and offer a few tips for folks out there planning on taking it.

The 70-740 forms part of the three exams needed to fulfil MCSA : Server 2016 (the other two being 70-741 and 70-742) if you don’t already have a 2012 MCSA, which I don’t. The first exam concentrates on installation, storage and compute as you may guess by the title of the post.

The exam itself is 47 questions and the time allotted is 120 minutes. It seems that gone are the days when you got really verbose scenarios and then asked if the equally wordy solutions matched the requirements. The questions today were pretty concise, and that included ones where a scenario was given and potential solutions offered.

If you’ve done any of the recent MCSA exams such as Office 365, I thought the questions were even shorter than that, so perfect for someone like me with the attention span of a gnat.

In terms of the question formats, there are the usual drag and drops (3 from 6, say), drop down complete the PowerShell commands, select a couple of correct answers from 6 or 8 and then the right answer from 6 or 8. The focus of the questions is pretty faithful to the exam blueprint and you should study (amongst others) on the following areas :-

  • NLB
  • Storage Spaces
  • Nano Server installation and customisation
  • Product activation models
  • Remote PowerShell sessions
  • Hyper-V (create VMs, create VHDs, limitations of nested virtualisation)
  • Failover Clustering (Shared VHDXs, monitoring, live migration requirements)
  • NTFS vs ReFS
  • iSCSI
  • Storage Replicas
  • Containers and Docker commands

The exam took me around 35-40 minutes and I managed to pass with a 796, which was a pleasant surprise as I’d been studying quite piecemeal for the exam and a lot of my answers in the exam itself were educated guesses. As usual, if you aren’t sure, rule out the ones you know can’t be right and then play the percentages after that. Also, a lot of PowerShell answers revolve around a “Get-Something” and “Set-Something” structure, so that may help if you’re not sure.

On now to 70-741 and hopefully I can wrap up the remaining two MCSA exams fairly quickly. Good luck if you’re sitting this one soon. In terms of study resources, I used PluralSight, bought the MS Press Study Guide (use the code MCPEBOOK for 50% off the eBook version) and used a lot of Technet articles and also Hands On Labs to lab stuff I couldn’t quite get my head around.



Azure VMs – New Auto-Shutdown Feature Sneaked In (almost!)

I saw the news the other day that Azure Backup has now been included on the VM management blade in the Azure Portal, which is great news as you don’t want to be jumping around in the portal to manage stuff where you don’t need to. However, one feature I notice that appears to have sneaked into the VM management blade without any fanfare at all is the ability to auto schedule the shutdown of a virtual machine.

Many customers request the function of shutting down virtual machines during off hours in order to save cost once any backups and scheduled maintenance tasks have occurred. Previously this would have to be done by using Azure Automation to execute a run book to shut down VMs. This is fine and a valid way of doing this, but on larger estates ends up being a costed feature as the time taken to run the run books exceeds the free tier allowances.

This typical requirement has obviously found it’s way back the product management team at Microsoft and in order to make it a lot easier when spinning up VMs to enable this, it’s been added to the standard VM management blade, as shown below:-


As far as I can tell, this feature is either not in use yet or is only available in a small number of regions, ahead of a broader roll out. I tried it on VMs in UK South and North Europe, only to see this message :-


And trying to read between the lines of the error message, will this feature allow starting the VM too? You’d have to hope so! I did ping Azure Support on Twitter to see when this feature would be fully available in the UK/EU and got a very speedy response (thanks, chaps!):-



So stay tuned for this feature being enabled at some point in the near future. I’d also assume there will be some corresponding PowerShell command to go with it, so that you can add it to scripted methods of deploying multiple virtual machines.


Achievement Unlocked : MCSA Office 365


I’m pleased to say that after a couple of attempts at 70-347, I successfully passed my MCSA : Office 365 last night. For those looking at doing this certification in the near future, I just wanted to pass on the benefit of my experience. You may think, like me, that Office 365 is a pretty straight forward suite of software. In some respects, it is. It’s pretty much the same Exchange, Office, Sharepoint, etc. that you’ve always been used to, but with the additions in this exam of knowing things like subscription plan differences, AD sync and much more.

Out of the two, I found the first exam 70-346 much easier. This in some ways lures you into a false sense of security in thinking the second will be much the same. This is really where I came unstuck. I got a little bit carried away and perhaps didn’t put quite as much effort as I should have done into my study and got a bit of a kicking in the end.

Once I dusted myself down and went back over the parts I didn’t know on the exam, I felt a lot more confident last night but I still took out the insurance policy of the Microsoft Booster Pack, which is an exam voucher plus 4 resits. Yes it’s more expensive, but it takes out the risk of running up large exam bills and takes the pressure off a bit too. The promotion runs until the end of this month, so if you want to take advantage, you’d better be quick.

Anyway, each exam was around 52 questions, a couple of case studies thrown in but most were the usual drag and drop, order a list, multiple choice type formats. If you’ve sat Microsoft exams before, there shouldn’t be anything in there about the format that should surprise you.

So then, what to study?

  • PowerShell, PowerShell, PowerShell. You’ll get battered on this. Know common switches for things like user manipulation, mailbox settings, mobile devices, Lync configuration etc
  • Make sure you know all of the different Exchange migration methods and when to use them, what their advantages and disadvantages are (cutover, staged, remote move, IMAP, etc.)
  • Know the permissions model of SharePoint well – how to give anonymous access, how to remove it and how to set up site collection hierarchies
  • Install and play with AD Connect and make sure you understand how it works and how you can use it in a hybrid environment, same goes for ADFS if you don’t know that well
  • Know what integrates with Skype for Business
  • Know the plan differences well, especially Enterprise and Small Business plans. Know what is included and what isn’t
  • Did I mention PowerShell?

Resources I used :-

  • Microsoft MVA training – Managing Office 365 Identities and Services. A little dated now but still very useful
  • CBT Nuggets – very concise course giving you most of the information you need to know
  • Pluralsight – A bigger deep dive into things like SharePoint sites and administration, which was a gap for me initially

Good luck if you’re sitting this any time soon, just don’t underestimate it or it will bite you on the arse!



Zero to Azure MCSD in a month (or so)


Today I passed the 70-532 exam to complete my MCSD so I thought I would give some feedback for anyone else going down that road. I’ve only been hands on with Azure for about three months, so to get here from a standing start has been a major accomplishment for me. That being said, I think that with hard work and a bit of study dedication, it’s well within reach for most experienced IT pros.

Firstly, get them done as quickly as you can and don’t space them too far apart. I think from start to finish it’s taken me just over a month. I started with the 533, then the following week the 534 and then today the 532. I’d have done it sooner but I spent some time recently on a non-Azure project which meant I lost a bit of momentum. Depending on your experience, confidence and availability, I’d suggest between 1 or 2 weeks apart, certainly no more than that.

In terms of difficulty, 534 was one of the easiest exams I’ve ever sat and the result bore this out. It’s very high level and quite a few of the questions were what I would call “gimmes”. As it’s an architecture exam, you need to have a good understanding of the core Azure constructs and use cases for where they fit best.

533 was a bit harder but still well within my compass – this exam is more for people in an operational role I’d say. Lots of knowledge required about where to find knobs and things in both portals (ASM/ARM), service tiers and also plenty of PowerShell. Latterly you don’t need to be a PS guru, just understand which command to use and when and what switches are appropriate. Also differences between VM quick create and normal, for example. 

532 today was absolutely brutal and frankly I’m still amazed I managed to pass it. You need to be a hardcore developer to even know what they’re asking you. I basically read and re-read the questions and tried to apply some logic to my guesses, obviously that paid off. Not only was the content more gruelling, but there were a lot more questions than I was expecting, meaning it’s a pretty thorough test of your skills. Tip – know Visual Studio and debugging/logging well.

Another tip is do it online from home, don’t go to a test centre if you can help it. I’ve found it a lot easier to relax and focus in my home surroundings. When I did the AWS exam at my local centre it was very noisy and in some small part didn’t aid me in passing it (which I didn’t).

Which order to take them? Depends – if you’re a Visual Studio propeller head, 532 first. If you’re coming from VMware like me, either 534 or 533. There is a huge amount of overlap between the questions in each exam, so loads on networking, VMs, storage, instance sizing, IaaS and PaaS tiers, the usual stuff. When you have the essentials down pat, you can apply this knowledge across all three exams. I’d say about 60/70% of each exam used common themes, with an additional 30% relative to that specific exam.

If you’re not confident in your Azure skills, buy one of the Microsoft exam Booster Packs from here and basically brute force your way through it. 532 would have been a good use case for this tactic in my case. It also takes the pressure off, especially if you’re funding it yourself to know that you’ve got the ability to resit a few times “for free”. They’re only $200 (£141 at today’s prices), so not much more expensive than a one off exam which costs around £118 in the UK.

In terms of training, generally the CBT Nuggets were very good and concise but woeful for 532. I know they will have updated the exams since those were recorded, but there’s little in the way of actual coding explanations (though to be fair I didn’t get to the end in those videos).

I also used the official MS Press guides for each exam (532, 533 and 534), but they’re exceptionally dry and an excellent cure for insomnia. Only you know what works best for you, but I’d go for a hybrid approach of MS Press study guides, CBT Nuggets and Pluralsight, labbing stuff in Azure using your MSDN entitlement (if you have one, or get a free trial) and watch Channel9 or MVA videos on topics you’re not sure of.

Don’t also forget that the Azure exam blueprints were recently updated (March 10th), so some training guides may not include items you may be tested on, such as OMS for example. The excellent BuildAzure website has a good, concise article on what those changes are, for reference.

Do I feel like an Azure expert? Not really, no. But I’ve got a decent grasp of the concepts now and it’s up to me to build on those with some upcoming projects I have. One of the biggest challenges for cloud and especially studying for the cloud is the fact that everything moves along so quickly. One day you login to Azure and there are two new services. The following day, pricing has changed or functionality has been added to Traffic Manager, for example. It must be a major headache for the folks who write the exams!

What’s next for me is a VCAP6-DTM Design beta next week and then I’ll probably circle back for another crack at the AWS Certified Solutions Architect Pro.