Tag Archives: post

Microsoft’s connected vehicle platform presence at IAA, the Frankfurt Auto Show

This post was co-authored by the extended Microsoft Connected Vehicle Platform (MCVP) team. 

A connected vehicle solution must enable a fleet of potentially millions of vehicles, distributed around the world, to deliver intuitive experiences including infotainment, entertainment, productivity, driver safety, driver assistance. In addition to these services in the vehicle, a connected vehicle solution is critical for fleet solutions like ride and car sharing as well as phone apps that incorporate the context of the user and the journey.

Imagine you are driving to your vacation destination and you start your conference call from home while you are packing. When you transition to the shared vehicle, the route planning takes into account the best route for connectivity and easy driving and adjusts the microphone sensitivity during the call in the back seat. These experiences today are constrained to either the center-stack screen, known as the in-vehicle infotainment device (IVI), or other specific hardware and software that is determined when the car is being built. Instead, these experiences should evolve over the lifetime of ridership. The opportunity is for new, modern experiences in vehicles that span the entire interior and systems of a vehicle, plus experiences outside the vehicle, to create deeper and longer-lasting relationships between car makers and their customers throughout the transportation journey.

To realize this opportunity, car manufacturers and mobility-as-a-service (MaaS) providers need a connected vehicle platform to complete the digital feedback loop by incorporating the seamless deployment of new functionality that is composed from multiple independently updatable services that reflect new understanding, at scale, and with dependable and consistent management of data and these services from Azure to and from three different edges: the vehicle, the phone, and the many enterprise applications that support the journey.

The Microsoft Connected Vehicle Platform (MCVP) is the digital chassis upon which automotive original equipment manufacturers (OEMs) can deliver value-add services to their customers. These services areas include:

  • In-vehicle experiences
  • Autonomous driving
  • Advanced navigation
  • Customer engagement and insights
  • Telematics and prediction services
  • Connectivity and over the air updates (OTA)

MCVP is a platform composed from about 40 different Azure services and tailored for automotive scenarios. To ensure continuous over-the-air (OTA) updates of new functionality, MCVP also includes different Azure edge technologies such as Automotive IoT Edge that runs in the vehicle, and Azure Maps for intelligent location services.

With MCVP, and an ecosystem of partners across the industry, Microsoft offers a consistent platform across all digital services. This includes vehicle provisioning, two-way network connectivity, continuous over-the-air updates of containerized functionality, support for command-and-control, hot, warm, or cold path for telematics, and extension hooks for customer or third-party differentiation. Being built on Azure, MCVP includes the hyperscale, global availability, and regulatory compliance that comes as part of the Azure cloud. OEMs and fleet operators leverage MCVP as a way to “move up the stack” and focus on their customers rather than spend resources on non-differentiating infrastructure.

Automotive OEMs already taking advantage of MCVP, along with many of our ecosystem partners, including the Volkswagen Group, the Renault-Nissan-Mitsubishi Alliance, and Iconiq.

In this blog post, we are delighted to recap many of the MCVP ecosystem partners that accelerate our common customers’ ability to develop and deploy completed connected vehicle solutions.

An image showing the aspects of the Microsoft Connected Vehicle Platform.

Focus areas and supporting partnerships

Microsoft’s ecosystem of partners include independent software vendors (ISVs), automotive suppliers, and systems integrators (SIs) to complete the overall value proposition of MCVP. We have pursued partnerships in these areas:

In-vehicle experiences

Cheaply available screens, increasingly autonomous vehicles, the emergence of pervasive voice assistants, and users’ increased expectation of the connectedness of their things have all combined to create an opportunity for OEMs to differentiate through the digital experiences they offer to the occupants, both the driver and the passengers, of their vehicles.

LG Electronics’ webOS Autoplatform offers an in-vehicle, container-capable OS that brings the third party application ecosystem created for premium TVs to In-vehicle experiences. webOSAuto supports the container-based runtime environment of MCVP and can be an important part of modern experiences in the vehicle.

Faurecia leverages MCVP to create disruptive, connected, and personalized services inside the Cockpit of the Future to reinvent the on-board experience for all occupants.

Autonomous driving

The continuous development of autonomous driving systems requires input from both test fleets and production vehicles that are integrated by a common connected vehicle platform. This is because the underlying machine learning (ML) models that either drive the car or provide assistance to the driver will be updated over time as they are improved based on feedback across those fleets, and those updates will be deployed over the air in incremental rings of deployment by way of their connection to the cloud.

Teraki creates and deploys containerized functionality to vehicles to efficiently extract and manage selected sensor data such as telemetry, video, and 3D information. Teraki’s product continuously trains and updates the sensor data to extract relevant, condensed information that enables customers’ models to achieve highest accuracy rates, both in the vehicle (edge) as well in Azure (cloud.)

TomTom is integrating their navigation intelligence services such as HD Maps and Traffic as containerized services for use in MCVP so that other services in the vehicles, including autonomous driving, can take advantage of the additional location context.

Advanced navigation

TomTom’s navigation application has been integrated with the MCVP in-vehicle compute architecture to enable navigation usage and diagnostics data to be sent from vehicles to the Azure cloud where the data can be used by automakers to generate data-driven insights to deliver tailored services, and to make better informed design and engineering decisions. The benefit of this integration includes the immediate insights created from comparing the intended route with the actual route with road metadata. If you are attending IAA, be sure to check out the demo at the Microsoft booth.

Telenav is a leading provider of connected car and location-based services and is working with Microsoft to integrate its intelligent connected-car solution suite, including infotainment, in-car commerce, and navigation, with MCVP.

Customer engagement and insights

Otonomo securely ingests automotive data from OEMs, fleet operators, etc., then reshapes and enriches the data so application and service providers can use it to develop a host of new and innovative offerings that deliver value to drivers. The data services platform has built it privacy by design solutions for both personal and aggregate use cases. Through the collaboration with Microsoft, car manufacturers adopting the Microsoft Connected Vehicle Platform can easily plug their connected car data into Otonomo’s existing ecosystem to quickly roll out new connected car services to drivers.

Telematics and prediction services

DSA is a leading software and solutions provider for quality assurance, diagnostics, and maintenance of the entire vehicle electrics and electronics in the automotive industry. Together, DSA and Microsoft target to close the digital feedback loops between automotive production facilities and field cars by providing an advanced Vehicle Lifecycle Management, based on the Microsoft Connected Vehicle Platform.

WirelessCar is a leading managed service provider within the connected vehicle eco-system and empowers car makers to provide mobility services with Microsoft Azure and the Microsoft Connected Vehicle Platform that supports and accelerates their customers’ high market ambitions in a world of rapid changing business models.

Connectivity and OTA

Cubic Telecom is a leading connectivity management software provider to the automotive and IoT industries globally. They are one of the first partners to bring seamless connectivity as a core service offering to MCVP for a global market. The deep integration with MCVP allows for a single data lake and an integrated services monitoring path. In addition, Cubic Telecom provides connected car capabilities that let drivers use infotainment apps in real-time, connect their devices to the Wi-Fi hotspot, and top-up on data plans to access high-speed LTE connectivity, optionally on a separate APN.

Excelfore is an innovator in automotive over-the-air (OTA) updating and data aggregation technologies. They provide a full implementation of the eSync bi-directional data pipeline, which has been ported to the Microsoft Azure cloud platform and integrated as the first solution for MCVP OTA updating.

Tata Communications is a leading global digital infrastructure provider. We are working with them to help speed the development of new innovative connected car applications. By combining the IoT connectivity capabilities of Tata Communications MOVE™ with MCVP, the two companies will enable automotive manufacturers to offer consumers worldwide more seamless and secure driving experiences.

Microsoft is incredibly excited to be a part of the connected vehicle space. With the Microsoft Connected Vehicle Platform, our ecosystem partners, and our partnerships with leading automotive players – both vehicle OEMs and automotive technology suppliers – we believe we have a uniquely capable offering enabling at global scale the next wave of innovation in the automotive industry as well as related verticals such as smart cities, smart infrastructure, insurance, transportation, and beyond.

Explore the Microsoft Connected Vehicle Platform today and visit us at IAA.

Go to Original Article
Author: Microsoft News Center

3 Fundamental Capabilities of VM Groups You Can’t Ignore

In a previous post, I introduced you to VM groups in Hyper-V and demonstrated how to work with them using PowerShell. I’m still working with them to see how I will incorporate them into my everyday Hyper-V work, but I already know that I wish the cmdlets for managing groups worked a little differently. But that’s not a problem. I can create my own tooling around these commands and build a solution that works for me. Let me share what I’ve come up with so far.

1. Finding Groups

As I explained last time, you can have a VM group that contains a collection of virtual machines, or nested management groups. By default, Get-VMGroup will return all groups. Yes, you can filter by name but you can’t filter by group type. If I want to see only Management groups, I need to use a PowerShell expression like this:

This is not a complicated expression but it becomes tedious when I am repeatedly typing or modifying this command. This isn’t an issue in a script, but for everyday interactive work, it can be a bit much. My solution was to write a new command, Find-VMGroup, that works identically to Get-VMGroup except this version allows you to specify a group type.

Finding specific VM Group types with PowerShell

Your output might vary from the screenshot but I think you get the idea. The default is to return all groups, but then you might as well use Get-VMGroup. And because the group type is coded into the function, you can use tab complete to select a value.

Interested in getting the Find-VMGroup command? I have a section on how to install the module a little further down the page.

2. Expanding Groups

Perhaps the biggest issue (and even that might be a bit strong) I had with the VM Group command is that ultimately, what I really want are the members of the group. I want to be able to use groups to do something with all of the members of that group. And by members, I mean virtual machines. It doesn’t matter to me if the group is a VM Collection or Management Collection. Show me the virtual machines!

Again, this isn’t technically difficult.

 Getting VM Group members

If you haven’t figured out by now I prefer simple. Getting virtual machines from a management group requires even more steps. Once again, I wrote my own command called Expand-VMGroup.

Expanding a single VM group with a custom PowerShell command

The output has been customized a bit to provide a default, formatted view. There are in fact other properties you could work with.

Viewing all properties of an expanded VM group

Depending on the command, you might be able to pipe these results to another Hyper-V command. But I know that many of the Hyper-V cmdlets will take pipeline input by value. This allows you to pass a list of virtual machine names to a command. I added a parameter to Expand-VMGroup that will write just the virtual machine names to the pipeline as a list. Now I can run commands like this:

Piping Expand-VMGroup to another Hyper-V command

Again, the module containing this command can be found near the end of the article and can be installed using Install-Module

3. Starting and Stopping Groups

The main reason I want to use VM groups is to start and stop groups of virtual machines all at once. I could use Expand-VMGroup and pipe results to Start-VM or Stop-VM but I decided to make specific commands for starting and stopping all virtual machine members of a group. If a member of the group is already in the targeted state, it is skipped.

Starting members of a VM group

The third member of this group was already running so it was skipped. Now I’ll shut down the group.

Stopping members of a VM group

It may not seem like much but every little thing I can do to get more done with less typing and effort is worth my time. I’m using full parameter names and typing out more than I actually need to for the sake of clarity.

How Do I Get These Commands

Normally, I would show you code samples that you could use. But in this case, I think these commands are ready to use as-is. You can get the commands from my PSHyperVTools module which is free to install from the PowerShell Gallery.

If you haven’t installed anything before you might get a prompt to update the version of nuget. Go ahead and say yes.  You’ll also be prompted if you want to install from a non-trusted repository. You aren’t installing this on a mission-critical server so you should be OK. Once installed, you can use the commands that I’ve demonstrated. They should all have help and examples.

Getting help for Expand-VMGroup

The module is open source so if you’d like to review the code first or the README, jump over to https://github.com/jdhitsolutions/PSHyperV. There are a few other commands and features of the module that I hope to write about in a future article or two. But for now, I hope you’ll give these commands a spin and let me know what you think in the comments section below!

Go to Original Article
Author: Jeffery Hicks

What is Azure Bastion?

In this post, you’ll get a short introduction into Azure Bastion Host. To be honest, I still don’t know if I should pronounce it as [basˈti̯oːn] (German), /bæstʃən/ (US engl.) or [basˈt̪jõn] (french) but that shouldn’t stop us from learning more about Azure Bastion Host, what is it, and when it’s useful.

So let’s start.

What is Azure Bastion Host?

Azure Bastion Host is a Jump-server as a Service within an Azure vNet (note that this service is currently in preview). What does that mean exactly? Well, a jump server is a fixed point on a network that is the sole place for you to remote in, get to other servers and services, and manage the environment. Now some will say, but I build my own jump server VM myself! While you’re certainly free to do that yourself, there are some key differences between the self-built VM option and a Bastion Host.

A regular Jump-server VM must either be reachable via VPN or needs to have a public IP with RDP and/or SSH open to the Internet. Option one, in some environments, is rather complex. Option two is a security nightmare. With Azure Bastion Host, you can solve this access issue. Azure Bastion enables you to use RDP and SSH via the Internet or (if available) via a VPN using the Azure Portal. The VM does not need a public IP, which GREATLY increases security for the target machine.

NOTE: Looking for more great content on security? Watch our webinar on Azure Security Center On-Demand.

After the deployment (which we’ll talk about in a second), Bastion becomes the 3rd option when connecting to a VM through the Azure Portal, as shown below.

Bastion

Virtual Machine Bastion

After you hit connect, an HTTPs browser Window will open and your session will open within an SSL encrypted Window.

Bastion in browser

Azure Bastion Use Cases

Now let’s list some possible use-cases. Azure Bastion can be very useful (but not limited) to these scenarios:

  1. Your Azure-based VMs are running in a subscription where you’re unable to connect via VPN, and for security reasons, you cannot set up a dedicated Jump-host within that vNet.
  2. The usage of a Jump-host or Terminal Server in Azure would be more cost-intensive than using a Bastion Host within the VNet (e.g. when you have more than one admin or user working on the host at the same time.)
  3. You want to give developers access to a single VM without giving them access to additional services like a VPN or other things running within the VNet.
  4. You want to implement Just in Time (JIT) Administration in Azure. You can deploy and enable Bastion Host on the fly and as you need it. This allows you yo implement it as part of your Operating System Runbook when you need to maintain the OS of an Azure-based VM. Azure Bastion allows you to do this without setting up permanent access to the VM.

The way you deploy Azure Bastion Host within a VNet is pretty straightforward. Let’s go through the steps together.

  1. Open the Azure Preview Portal through the following link.
  2. Search for the feature in the Azure Marketplace and walk through the deployment wizard by filling out the fields shown below.

create a bastion

Again, the deployment is quite simple and most options are fairly well explained within the UI. However, if you want further details, you can find them in the official feature documentation here.

Also, be aware that a Bastion Host must be implemented in every vNet where you want to connect to a VM. Currently, Bastion does not support vNet Peering.

How Much Does Azure Bastion Cost?

Pricing for Bastion is pretty easy to understand. As all Microsoft VM Services, you pay for the time the Bastion hast is deployed and for any Bastion service you have deployed. You can easily calculate the costs for the Bastions Hosts you need via Azure Price Calculator.

I made my example for one Bastion Host in West Europe, with the assumption it would be needed all month long.

Azure Bastion Price Calculator

Bastion Roadmap Items

Being in preview there are still a number of things that Microsoft is adding to Bastion’s feature set. This includes things like:

  1. Single-Sign-On with Azure AD
  2. Multi-Factor Auth
  3. vNet Peering (Not confirmed, but being HEAVILY requested by the community right now)

vNet Peering support would make it so that only a single Bastion Host in a Hub or Security vNet is needed.

You can see additional feature request or submit your own via the Microsoft Feedback Forum.

If you like a feature request or want to push your own request, keep an eye on the votes. The more votes a piece of feedback has, the more likely Microsoft will work on the feature. 

Additional Documentation and Wrap-Up

Additional documentation can be found on the Azure Bastion Sales Page.

Finally, I’d like to wrap up by finding out what you think of Azure Bastion. Do you think this is a worthy feature? Is this something that you’ll be putting into production once the feature is out of preview? Any issues you currently see with it today? Let us know in the comments section below!

Finally, if you’re interested in learning more about Azure security issues why not watch our webinar session on Azure Security Center? Presented by Thomas Maurer from the Azure Engineering Team, you will learn all about this important security package and how you should be using it to ensure your Azure ecosystem is fully protected!

Azure Security Center Webinar

Watch the Webinar

Thanks for reading!

Go to Original Article
Author: Florian Klaffenbach

How to Provide PaaS Services with Azure Stack

On this post, we’re going to be getting into some talk about PaaS with Azure Stack, but before we get into that, let’s see where we’ve been thus far!

Our Microsoft Azure Stack Series So Far

  1. An Introduction to the Microsoft Hybrid Cloud Concept and Azure Stack
  2. How to Install the Azure Stack Development Toolkit (ASDK)
  3. The Ultimate Azure Stack Post-Installation Checklist
  4. How to Provide IaaS Images with Azure Stack

What is PaaS (Platform as a Service)

Now that we’re diving deeper into cloud technologies, we can easily recognize that Infrastructure as a Service is not the best use-case for getting the most out of Azure Stack. With what we’ve covered so far, Azure Stack can really be seen as just more VM technology behind Virtual Machine Manager (VMM). But Platform as a Service can really bring a more dynamic and elasticity capabilities to services running in your cloud. There is no need to manage the underlying infrastructure and is highly available by default in general.

What is PaaS

Azure Stack PaaS is a special flavor because as of today the currently existing resource providers rely upon linking to an existing environment that could either be part of Azure Stack (if we talk about virtual machines that are responsible for the PaaS service itself) or a physical environment that sits outside of Azure Stack.

If you create a database “as a service” in Azure Stack, it will be deployed on this environment and you should take care to manage and back up the PaaS associated VMs themselves. They are not auto-deployed and self-managed like in Azure Public. So while they ARE providing PaaS services to those people and workloads connecting to them, you still need to manage them.

Another thing to keep in mind is that the PaaS solutions are not part of the default Azure Stack setup that is being deployed from the Hardware vendor (Remember that a true Azure Stack deployment will be handled by the hardware vendor), it is optional and needs to be ordered via separate SKUs.

PaaS Solutions in Azure Stack

Azure Stack as of today comes with the following PaaS solutions:

  1. Microsoft SQL Server
  2. MySQL Server
  3. App Services

If you deploy them using the Script from Matt McSpirit, they are part of the deployment by default. Please have in mind that the MS SQL and the MySQL resource providers have completely different APIs than the Azure ones. This means that your automation scripts behave completely different and consistency may be an issue currently.

Microsoft SQL Server on Azure Stack

Resource provider for Microsoft SQL

As you can see, the underlying SQL Server infrastructure is a set of SQL Servers (up to release 2017) on Windows Server or even on Linux (if you’d like) for placement of you PaaS databases.

The deployment itself is being done using the DeploySqlProvider.ps1 script (from the resource provider link above), that performs the following tasks:

  • Certificate and artifact upload to the Azure Stack storage account
  • Publishing gallery items to be able to deploy SQL using the gallery
  • Deploying the SQL resource provider VM which is a Windows Server 2016 core based one
  • Registers a local DNS record that maps to your resource provider VM.
  • Registers your resource provider with the local Azure Resource Manager for the operator account.

NOTE: Please keep in mind, that the registration of the SQL Server resource provider may take up to 75 min on the Azure Stack environment.

To double check if the deployment finished properly you should check this in the .system..sqladapter resource group in your Azure Stack Amin Portal:

Microsoft SQL Server on Azure Stack

Finally, we will need to connect to the existing SQL Server environment (so-called hosting servers) to define the location for the created databases via this resource provider. Basically, we’ll be telling Azure Stack where to put new Databases when Azure Stack users request a new one!

Microsoft SQL Server on Azure Stack 2

You will find the entry for the SQL Hosting Servers under administrative resources and add new server environments:

Microsoft SQL Server on Azure Stack

Fill out the form as shown above.

After having created the corresponding SKUs, it may take up to 30 min to recognize and be able to use them in a proper manner in the environment.

You should now be able to create a first PaaS database using the wizard in the Azure Stack!

MySQL on Azure Stack

The resource provider for MySQL is available in its most recent version here:

If you have a look into the deployment guide, you will shortly recognize that the deployment steps are quite like what we went through above for the Microsoft SQL Server resource provider. The name of the script meanwhile changed a little bit to DeployMySqlProvider.ps1 and even the deployment steps are the same.

Most of you know MySQL as a database environment sitting on a Linux operating system. This is where the resource provider is somehow different as it relies on Windows Server-based MySQL resources.

After having deployed the resource provider you could simply add the MySQL hosting server, define the SKUs and deploy the first databases on your MySQL server environment just like we showed for Microsoft SQL above.

App Services on Azure Stack

The App Services resource provider is one which should be quite familiar with what you may already know from public Azure.

The options with the App Services resource provider are:

  1. Web Apps
  2. Mobile Apps
  3. Function Apps

Therefore, the use-cases are a bit broader compared to the SQL options mention thus far.

Looking into the deployment guide, the setup is more GUI based and quite simple. You can run the deployment using the appservice.exe installer that collects all requirements and lets you define the required parameters before starting the installation itself.

The requirements besides a few basic parameters are:

  • Microsoft SQL Database (e.g. via the MS SQL resource provider)
  • Windows File Server

After the installation has finished, the appropriate resources will show up in the portal.

App Services on Azure Stack

Having this done, the resource provider for App Services is up and running and can be used in your environment.

PaaS Use Cases on Azure Stack

After having installed all available resource providers for Azure Stack, you will be able to provide these services to your tenants using Plans and Offers. They are now able to deploy e.g. a WebApp as their services frontend with a SQL server-based backend.

Looking into hybrid cloud environments using Azure and Azure Stack, one part of the solution architecture may reside on Azure Stack (e.g. database) and the frontend on public Azure to be nearer to the customer itself or vice versa depending on the solution requirements. The only requirement would be again to have networking connectivity between both environments.

One other thing to note, regarding the Azure Stack Update cycles, you should have in mind that Azure Stack updates do not include updates for PaaS solutions. These need to be done manually and based on their availability. As the last months showed, the updates always included new features. So, I would say it is mandatory to follow the cycle. Regarding the update tasks, see the corresponding resource provider download as mentioned in this article. They should include a description and will show you how the update has to take place.

Wrap-Up

How are you liking Azure Stack so far? Have you found it easy to use? Difficult? Have you run into anything not covered yet in this series? We’d love to know in the comments section below.

Thanks for reading!

Go to Original Article
Author: Markus Klein

Telstra empowers its employees to do their best work from anywhere with Microsoft Office 365 – Microsoft 365 Blog

The Telstra logo.

Today’s post was written by Gregory Koteras, general manager of digital workplace solutions at Telstra in Melbourne, Australia.

Image of Gregory Koteras, general manager of digital workplace solutions at Telstra in Melbourne, Australia.At Telstra, our mission is to connect people. We’re Australia’s leading telecommunications and technology company, providing mobile phone and internet access to 17.6 million retail customers.

We’re currently fundamentally re-engineering how we operate through our new T22 strategy, designed to remove complexity and management layers, decrease the focus on hierarchical decision making, and increase the focus on empowered teams making decisions closer to the customer.

The strategy leverages the significant capabilities already being built through Telstra’s up to $3 billion strategic investment announced in August 2016 in creating the Networks for the Future and digitizing the business.

The key to any successful organizational change is having engaged and empowered people. One of the ways we’re doing this is by providing new tools and systems that our employees can use to connect across more than 20 countries around the world. This includes outfitting our employees and contractors with Microsoft Office 365 to provide state-of-the-art collaboration and conferencing tools needed to design better services and transform our customers’ experience.

We also know how important it is to give our people a voice, and we use Yammer to let all employees connect with each other, ask questions, and get the answers they need. Conversely, Telstra executives use Yammer to engage with our global staff and rally support for corporate initiatives. Yammer is our corporate living room. There are thousands of work-related conversations happening there, but also book club groups, fitness groups, Brilliant Connected Women groups, and technical interest groups.

We’re also proud to be a corporate leader in serving customers with disabilities and addressing barriers to accessibility and inclusion. And that extends to our people. With the built-in accessibility features in Office 365 ProPlus, such as screen reader support, voice alerts, and keyboard shortcuts, all Telstra employees can use these new tools to be part of company conversations.

In March 2014, Telstra adopted a flexible workstyle model called All Roles Flex, which recognizes the need for flexible hours and modes for different job roles. It includes part-time work, working outside normal nine-to-five business hours, and working from different locations. To support this way of working, our people need to have access to the best tools and services, so they can connect anywhere, anytime. Office 365 gives them the flexibility and functionality to do that.

As we focus on transforming our company, the tools we provide our people will play a critical role. By greatly simplifying our structure and ways of working, we empower our people and better serve our customers.

Read the case study to learn how Telstra is creating a simpler and productive workplace with Microsoft Office 365.