Skip to main content

Ignite 2023 - Day 2

·1988 words·10 mins
Table of Contents

There is so much content about AI it’s a little mind-numbing to type out. I am going to apologize ahead of time for any sarcastic AI-related comments, two days of non-stop Copilot are taking a bit of a toll.

Keynote #

Cloud in the Era of AI #

The opening keynote for the day was led by the VP of Cloud and AI, Scott Guthrie. He opened by stating that Microsoft’s goals was to build productivity and capability for all businesses, and also to provide tools for businesses to make their own AI.

The second goal seems really obvious with the “Copilot for everything” narrative you see everywhere at Ignite this year. But it’s also worth noting that the productivity and capability emphasis is really notable in demonstrations and the statistics they show when discussing their early copilot adopters. While they kind of gloss over the complexity for using AI on your internal company data, it doesn’t seem like an exaggeration when they report a 60-75% reduction in mundane tasks and an associate increase in feelings of value for people trialing copilot.

The ability to skip the bulk of writing an email, or generate a starting template for a script or section of code is both simple and attainable for anyone. I haven’t used any sort of generative AI service much up to this point, but after the (numerous) demonstrations this week, I’m asking myself why I’m not using it for these sorts of simple tasks.

Not surprisingly, most of today’s keynote was also centered around Copilot:

  • Github Copilot
    • Comes in two flavors, there is a VS Code-based version for assisting with development, and then there’s another github.com version that can assist with GitOps/workflow related actions like automatically generating a PR description
    • Some demonstrations involved things like the user typing a comment into a node.js file and Copilot automatically generated a code block to do what the comment was describing. Or if a user highlighted a Regex statement, Copilot could generate a description and add a comment to the file for the regex.
    • Copilot is integrated with GitHub advanced security licenses so it can generate code fixes for identified security issues.
  • Power Platform / Copilot Studio
    • As was mentioned yesterday, the Copilot Studio, which is used to integrate Copilot assistants with your existing business data, is already equipped with over 1,000 plugins to different data products out of the box.
    • The studio gives you a GUI where you can specify trigger questions or language that might be asked, and then steer those questions towards the backend data source for answers. You can also specify multiple sources and assist Copilot in integrating the results it would get to give valid contextual answers to users with sources specified. (This seemed like something that would be a lot more complicated in practice than they made it seem in the demo.)
    • The main point of emphasis seems to be on the plugins available to make Copilot interact with your existing systems.
  • They discussed some new features coming to AKS such as Fleet Manager, some Cost Management improvements, and AI Toolchain Operator for running AI workloads in AKS
  • Cosmos DB now has Vector Search generally available, while PostgreSQL has a new AI extension and performance tier in preview.
  • A big demonstration on Fabric:
    • Talked a lot about OneLake as a central source of all your data for analytics and AI
    • Announced Mirroring in Fabric, which is a service that allows Fabric to read your existing databases or other information and mirror it live in a data format that can be used by the AI services in Azure
    • Of course Fabric will also come with it’s own Copilot
    • Purview Hub in Fabric was also announced to give you full visibility of data governance within Fabric
  • AI Platform:
    • GPT4 Turbo, Dall-E, and GPT4 Turbo with Vision now available in Preview
    • Re-emphasized the simplicity of using AI against your own data, and Microsoft’s commitment to data security in AI products
    • Announced that the Customer Copyright Commitment from September now includes the Azure OpenAI service as well
  • AI Studio
    • General availability for vector search in Azure AI Search, which leads to improved information retrieval for gen. AI systems.
    • Announced fine tuning capability in OpenAI service.
  • General availability for their Azure AI Content Safety Systems
    • This is a layered security approach to filtering input content and also the content coming out of a response
    • Allows you to build in protections against jailbreaking (bypassing a content filter) and protected material (like generating tax advice)
  • Announced that Microsoft Copilot for Azure is now in preview
    • This is an assistance for helping you manage the Azure platform itself
    • Generates tailored, interactive platform insights (like Azure advisor, but you can chat with it)
    • Based on your Azure tenant, with access to any information available via ARM about any of your resources
    • Can make cost analysis recommendations or answer questions related to costs in Azure
    • Can make architecture or resource recommendations based on business needs

Future of Security With AI #

I cut out of this section a little early so I didn’t hear everything they had to say. But they opened by discussing how Microsoft is in a unique place as the owners of Microsoft 365 and Azure services to be at the forefront of cyber security. They talked about how they are using their data about attacks with AI to generate cutting edge protections with Microsoft Defender.

This is the same selling point they have used for Defender for years, with the added benefit of now having a form of AI analysis against that data. The products they announced will be a surprise for everyone:

  • Microsoft Security Copilot
  • Copilot in Entra
  • Copilot in Intune
  • Copilot in Purview

Breakouts #

Simplifying Cloud Operations with Copilot for Azure #

This was actually a cool presentation where they discussed the vision and core problems they were looking to solve with Copilot for Azure. Probably because my job revolves around the Azure platform, this seemed like one of the most practical use cases for Copilot that I’ve seen so far. it’s worth noting that this Copilot operates under the context of the user who is interacting with it, so answers are scoped to that users permissions, and any management that it may do it limited by their permissions.

The goal of Copilot for Azure is to assist with four core areas: Design, Operate, Optimize, and Troubleshoot. They went over a number of small demos to illustrate these.

  • Design
    • Asked the Copilot to design an environment (Management Groups, Subscriptions, and Policies) based on the Azure security benchmark and to provide an ARM template for deployment
    • Generated a Kubernetes YAML file that could be used to run a nightly cron job
    • Asked for an Azure CLI script to build and deploy a basic web application with an Azure SQL backend
  • Operate
    • Show me a KQL query to see resources modified in the last 24 hours
    • Catch up on latest alerts
    • Write a script I can use to shut down a set of VMs based on certain properties
    • Show me metrics on this VM (used the current page context)
  • Optimize
    • Show me my most expensive VMs
    • Build a budget forecast for me, and which resources should I look at to reduce overall cost?
    • Tell me what the monthly cost would be to run the current VM for 8 hours each day
    • Can show code recommendations for a running application based on App Insights and can open a GitHub issue from the chat prompt
  • Troubleshoot
    • “Our web app is slow” asks for confirmation about which app and then runs an investigation
    • Asked about proactive tools, it took them to a diagnostics tools page and then made recommendations about how to use each one
    • “Why am I seeing decreased availability in my storage account” prompted the user if it wanted Copilot to look at the storage files, then did an investigation and returned results.

Design Cloud to Edge Architecture Patterns with Azure Arc #

Azure Arc now has the ability to connect with and manage VMWare vCenter and all servers under management, simplifying the deployment of Arc agents to an entire datacenter.

They discussed in depth how integrating servers in Arc allows you to use your Azure platform as a central tool for all operations, as well as granting you the benefits of Azure such as being able to deploy VM Extensions, use Azure Updates, or access data about your on prem servers through the Azure portal.

This also allows the Azure Copilot to analyze and manage your on prem devices as they are now members of the same data plane as your Azure resources.

Azure DNS Scenarios and Best Practices #

You could tell by the absolutely packed crowd at this breakout that DNS on Azure is something a lot of people think about. The problem was, this session was not at all a “best practices” and instead just a “here’s some new features”.

They talked about a new ability to import/export DNS records via the GUI, they talked about a new feature to disable health checks in a Traffic Manager portal so you can always serve clients to a backend application despite it failing health checks, and then I ducked out before they talked about Private Zone enhanced searches because the new session was more important.

Securely Operate and Manage your Estate with Azure Policy and More #

This is where we tried to go next, but if DNS was a hot topic, this was even more so. We were denied entry at the door because the room was at capacity and ended up needing to watch this one online while sitting just outside the room.

This was a really great session and you definitely got the impression that the team behind Azure policy is very in tune with it’s challenges and they definitely have a long list of features they are working to add. I’m going to bullet some of the things they covered:

  • They were discussing some enhancements to Selectors or Fitlers on policies when I joined the online session, because it took me a little bit I missed most of what they said but I will be looking into it later.
  • They are releasing versioning of Built-In policies so you can lock in a specific version of the policy you have deployed, with support for auto upgrades for patches/minor versions. Versioning in Custom policies is on their roadmap but they said their priorities are to support this new versioning system, build better management tools around it, and then to release it for Custom policies afterwards.
  • Can now use a capabilities selector instead of field or value in your if statements to target common resources based on a capability. The example they gave was:
"if": {
  "capability": "SupportsPrivateLink",
  "equals": true,
}
  • They are working towards making policies user-aware so that you can use filters or selectors or exemptions based on the user deploying the resource. They said the biggest challenge they are dealing with is that the policy system currently has no awareness or ties into user context at all.
  • They are working on supporting RegEx in Policy. They stated in the chat that this isn’t going to be a direct RegEx-in-a-policy solution. Rather, they are working on allowing Policy objects to utilize Azure Resource Graph, which supports RegEx and will come with a host of other benefits at the same time, no word on the schedule for this.
  • They are currently in preview for a feature to enhance resource state notifications with event grid

Wrap #

Another day down, I felt like it was pretty apparent based on where I saw some crowds that there are a lot of people hungry for more infrastructure/platform related sessions but it seems like those are harder to come by with the emphasis on making AI products.

Looking forward to another session with the Azure Platform Engineering team tomorrow.

Related

Ignite 2023 - Day 1
·1178 words·6 mins
Day one of the Microsoft Ignite conference, the word of the week is “Copilot”.
Azure, Terraform, GitHub and My Last Year
·1034 words·5 mins
I prefer to write posts that are topical, however I haven’t been writing anything in over a year so I don’t think it’s going to be a problem to spend some time writing a personal catch-up post.
Terraform Comparing Count and For_Each
·1068 words·6 mins
When I was looking at building the module that could attach additonal disks to servers in azure I know I needed to support the ability to add and potentially remove data disks without the risk of losing data.