Scott Hanselman

When you want to make a new Virtual Machine from the Azure Portal, from the menu you "Create New | Virtual Machine" and you'll see the default images alongside images you have uploaded or created yourself.

There's a pile of Windows stuff, and if you scroll down, some good Linux images like openSUSE, CentOS and Ubuntu.

Note: There's also a Visual Studio Ultimate 2013 Preview, so remember, you can sign up for a free Azure trial and remote into Visual Studio in the cloud and mess around if you like. If you have MSDN you have credits already, so associate your MSDN with Azure.

It's nice to have Linux on Azure, but this isn't the richest selection of images.

There SHOULD be a new section here, in my opinion.

Or here:

Ah, but if you go to the Virtual Machines area, then click Images, there is a link to Browse VM Depot. One of the great secrets of Azure. I'm working with them to get this more obvious, because it really is epic.

And then…bam. Now we're talking.

There’s actually over 400 open source VM images in there, made by the community and companies like BitNami, and hosted by MS Open Tech. You can create VMs from this interface within the Azure Portal, but I think it's even easier to make VMs from the command line.

Get the Azure Command Line

This assumes you have the Azure Command Line Tools. You can get them one of two ways. If you have node and npm, just install azure-cli like this:

npm install azure-cli --g

Then get your account certificates and import it.

azure account download
azure account import "foo.publishsettings"

Then, select a subscription. This is all a one-time thing.

azure account set "some other account name"

At this point I can "azure vm create" this and that. I can manage most of the Azure Cloud from the command line. This tool works on Linux, Windows and Mac, is open source and written in JavaScript.

Creating a VM from an VM Depot Image

Let's say I want a Redis image. I can visit http://vmdepot.msopentech.com and find a Redis one. Here's a customized Ubuntu 12.04 image with Redis configured and hardened security.

If I select Deployment Script at the top, I will get a command line like this:

azure vm create YOUR_DNS_PREFIX -o vmdepot-147-6-1 -l "West US" YOUR_USER_NAME [PASSWORD] --ssh 

That vmdepot number there is the image identifier that tells Azure to copy that VM image over from the VM depot and make a new instance. Make sure you add --ssh or you won't be able to get in at all!

C:\>azure vm create hanselredis -o vmdepot-147-6-1 -l "West US" scott mypassword --ssh
info:    Executing command vm create
+ Looking up community image
+ Retrieving storage accounts
+ Copying blob
+ Looking up image
+ Looking up cloud service
+ Creating cloud service
+ Creating VM
info:    Deleting image
info:    VM image deleted: vmdepot-147-6-1-8d169700
info:    Blob deleted: http://hanselstorage.blob.core.windows.net/vm-images/comm
unity-520-3ed9b6e9-97c6-42f4-b2bd-349fca785b64-6.vhd
info:    vm create command OK

At this point Azure has made the VM from this image. You can than open up endpoints and port forward to the outside world so you can access your service, or create virtual internal networks to keep this VM private.

VM Highlights

A lot of these images come from a startup called Bitnami that configures images with popular packages. Some highlights of this depot, IMHO, are Discourse, the new forum software from Jeff Atwood and friends:

There's a recent Ruby Stack image:

And a good Drupal one:

As well as a nice Debian Wheezy image:

Remember, these are community driven so YOU can publish images of your open source stack if you want.

As with all galleries of community-grown stuff there will be some gems and some duds. I like the Bitnami stuff, for example, as they appear to know what they are doing. Regardless, use good sense and explore and evaluate before you bet your startup on an image. Still, these are a great way to get a VM running in minutes, not hours or days.

If you think that these images are useful, feel free to sound off in the comments and guilt inform the Powers That Be that you think this is useful. Or not. (I will make sure they see these)

Related Links:

• How to setup a Load Balanced Web Farm of Virtual Machines (Linux or otherwise) on Windows Azure (command line)

Sponsor: Big thanks to Red Gate for sponsoring the feed this week. Be sure to pick up their Free eBook: 25 Secrets for Faster ASP.NET Applications - Red Gate has gathered some great tips from the ASP.NET community to help you get maximum performance from your applications. Download them free.

About Scott

Scott Hanselman is a former professor, former Chief Architect in finance, now speaker, consultant, father, diabetic, and Microsoft employee. He is a failed stand-up comic, a cornrower, and a book author.

About   Newsletter

Hosting By

The security balance is always user convenience vs. absolute security. You want security? Disconnect your computer from the internet. Don't save your passwords. Use multi-factor authentication. But that's not reasonable.

• Browsers let you save the contents of Forms that you fill out, including passwords.
• Some browsers sync those settings/histories/passwords to other computers with that browser running, if you are signed into a service with a master password.
• Those passwords need to be stored somewhere locally, and they need to be retrieved by the browser (who is not running as administrator) so that the browser can fill out your form for you.
• Someone writes code to retrieve those passwords.
• If you, running as you, the user, can access those passwords, than other code running as you, the user, can also access them.

If you don't like this, don't save your passwords.

I think the concern (I know I was concerned) about the recent hubbub about browser security is the feeling of casual disclosure. It is uncomfortable when it seems easy to get your passwords. But they are still there.

Remember the 10 Immutable Laws of Security, specifically #3.

Law #3: If a bad guy has unrestricted physical access to your computer, it's not your computer anymore.

Every password vault has this behavior. If your passwords are stored locally, they may be encrypted but they are stored with reversal encryption.

Is this a security problem/bug/flaw? No. You saved your passwords as the user and they can be retrieved by code running as the user.

Here's some just a few lines of code to retrieve and dump your Windows Password Vault on Windows 8.

using System;

namespace DumpCredentials {
    class Program {
        static void DumpCredentials(Windows.Security.Credentials.PasswordCredential cred) {
            Console.WriteLine("Resource: {0}", cred.Resource);
            Console.WriteLine("UserName: {0}", cred.UserName);
            Console.WriteLine("Password: {0}", cred.Password);
        }
        static void Main(string[] args) {
            Windows.Security.Credentials.PasswordVault vault = new Windows.Security.Credentials.PasswordVault();
            Console.WriteLine("{0}", vault.GetType());
            foreach (var cred in vault.RetrieveAll()) {
                cred.RetrievePassword();
                DumpCredentials(cred);
            }

        }
    }
}

Feel free to change your browser settings if you like to not save your passwords, or consider other password vaults like LastPass, KeePass, or 1Password.

Chrome

...and also...

Internet Explorer

FireFox

The code to dump Windows 8 Paswords is here. It will compile with VS2012 on Win 8. If you just want the EXE to run, download it here.

About Scott

Scott Hanselman is a former professor, former Chief Architect in finance, now speaker, consultant, father, diabetic, and Microsoft employee. He is a failed stand-up comic, a cornrower, and a book author.

About   Newsletter

Hosting By

I had a great conversation on Twitter with Frans Bouma about pricing where he asked a number of questions that weren't easily answered in 140 characters. The pricing for these things isn't clear or easy. It's not clear or easy because it's complicated.

Frans is thinking about moving his product’s website over to Azure but he’s thinking it’s too expensive for his one website. Good question.

Here's my own Q&A about Azure Websites and Pricing. Folks are always emailing me with confusion so I'm writing it up. If you email me questions from now on (since I have only so many keysleft.com) I'm going to point you here.

Disclaimer: This is written by me, not Marketing. I'm sure they'll be on the phone in a minute when they see this post. It doesn’t make it less true, though.

I wasn't an Azure fan until June of last year. I run all my sites on Azure except for this blog (which is at OrcsWeb where it's been for years).

Today, I have 13 websites and two VMs (one Linux and one Windows) running in Azure. 11 sites run in one VM instances with Azure Websites in the West US, and the other two are in different datacenters.

Q: I have a small website on a custom domain that I'm paying US$5 a month for at FooHost. Should I move to Azure?

A: Probably not. While you can get 10 free websites per data center (meaning, more than 10, technically) to play in Azure, if you want to point a custom domain at it you'll need at least one "shared" (multi-tenant, meaning you get a slice of a CPU) website. That's US$9.68 a month, running full time. If $9.68 is too rich for you, stick with your $5 host. However, you do get to use the same management tools and deployment subsystems even with just one shared site so it depends on what you find valuable. Free sites are great for development and test scenarios where you can experiment with new concepts before you start spending money.

If you’re trying to get by with the minimum for a few bucks a month, I don’t think it’s fair to compare Azure to a random $4.99 PHP host. You get command line management tools, lots of deployment choices, elastic scale in minutes whenever you want, etc.

Q: What if I am OK with $10 a month? What do I get with one shared site?

A: Whether it's 1 site or 500, all websites get Git deployment (and redeployment, also known as the "oh shit button") as well as deployment from Visual Studio and TFS. Everyone gets the same infrastructure and control panel.  You can also scale out to up to 6 shared instances if you need.

Each instance is a copy of your code running on a different shared server with its own quota of CPU and memory. We chose to limit the number of instances to 6 since having more than 6 instances ends up being more expensive than having one Standard server. You can have up to a 100 sites in Shared mode per data center, each site can have up to 6 instances.

Q: What about running my own VM and not using managed Websites?

A: If you know what you're doing, you can run your Website in a VM, but you need to setup IIS and manage it yourself. You need to keep the VM updated, and configure it however you want. But, you can get an extra small VM for $15 a month with 768MB RAM, which is nice. I run an instance of MySQL in one of these as well as PHP on Apache.

Q: When would I run a VM over a Website?

A. It comes down to what you want to manage. If you're cool with managing a VM and you want the flexibility, do that. If you want the OS and updates handled for you, as well as the deployment choices and scale out, use web sites.

Q: There's Free, Shared and Standard Websites. What's the difference?

A. Free means it's free, there's no uptime guarantee and you're low priority. I put demos and tests and dev on free stuff. I also run some services where it doesn't matter what the URL is because no one can see it. You can't use custom domains or SSL with free.

Shared means you're getting a slice of a computer and you're packed in with a lot of other folks on the shared plans. Most small websites (<20,000 PV) work just fine with shared.

Standard used to be called Reserved. You get your own VM and you can run ASP.NET, nodejs, PHP, etc (the same things you can run on Free and Standard). You can go from 1 core and 1.75G of RAM all the way up to 4 cores and 7G of RAM. I run all my sites in 1 standard small instance. Even with small I've got almost 2 gigs of ram and even though some of my sites (like Hanselminutes) do caching and may use 100-300 megs of RAM on a busy day, I've never had any issues.

If you need more than one server to run your sites you can scale out to 10 instances of your Standard server, if you need more than 10 server instances you can contact support services and they’ll work something out.

Here's the thing about clouds generally and Azure specifically. If you're not packing things densely you're not going to save money.

You can put up to 500 websites into a single instance using Azure Websites. That's not a typo. The more you put in the more value you get from your VM/standard instance.

Tip: Pack sites in tight. To be clear, if you are going to run more than 8 websites in Azure, you're a tool to not move into Standard/Reserved. It's just cheaper. Plus, if you have a bunch of sites in one Data Center (like, I had 10+ in West US) you want to put them all in the same VM. If you can keep serving traffic then effectively all sites you can put comfortably in your existing instance are "free." You're paying for the instance, use it.

Q. You're insane, what kind of sites could provide value and also be packed that tight?

A. There's lots of little sites, like my podcasts for example, that get a few tens of thousands or even hundreds of thousands hits a month. If you're working for a digital agency and putting together simple sites, you can start saving big money after about 6 to 8 sites.

Here's the Azure Pricing Calculator. In my opinion it's silly that it goes past 8 in Shared mode. Anything more than 8 shared sites is a waste of money.

You might look at this and thing, 8 for $77? That's real money and too rich for me. I'm going to stick with my $5 host. And you probably should if you can pack 8 sites onto that $5 machine.

However, things get cheap when you move to Standard mode. Once you have 1 standard website VM you can put lots of stuff on that one machine.

Again, each web site is all alone, isolated and separately deployable and manageable, but they share your 1 VM. But the value is that you never think about the management of the VM. It's always up to date, they're looking for malware, patching the OS, handling stuff. Web Sites sits above the VM and you use FTP, Git Deploy or MS Deploy to get your site there. You can run ASP.NET, PHP, node.js, Python, hell, Classic ASP if you want to.

You're paying for the compute time, 0.10/hr and you're being billed as it's running. If it runs all month long it's $74.40. I run all my sites inside this VM. It's actually a little large, and I could probably get away with an "Extra Small VM" if they would make one for Web Sites (the team is telling me that this is coming soon). Note that I am charged 0.10/hr even if my sites get no traffic, I am essentially paying for “renting” the CPU from Azure.

Q. When do I scale, and how?

A. I talk to customers a lot and most of the ones doing public sites always overstate their traffic. What they want is the ability to scale IF it becomes popular. You can scale UP (bigger instance) or scale OUT (more instances).

You can set you sites to auto-scale if you get on Hacker News or your startup becomes popular. Azure will add (and remove!) instances to make sure traffic gets handled. It will never go above or below the settings you choose.

This is a way to control costs. In this screenshot, I will never go above 3 instances, so my site can fall over if it gets slammed, but I decide how hard it tries to scale. I want to balance costs with availability. I could change this however I want from just 1 small VM to 10 large ones, so that's 1 core to 40, as I like.

Q: Are Azure Websites running all the time, 24/7?

A: If you have a standard VM with a bunch of websites in them, the VM is running all the time and you're paying for that VM. If one of the web sites isn't used for some large number of hours, it will be put to sleep, freeing up resources for other sites on the same VM. If you're worried about the web site not warming up quickly, you can use the build in Monitoring feature to not only ensure they are always up but that they are always warm.

Q: I’ve got an MSDN Subscription, what does that get me?

Link your MSDN and Azure accounts and you can get up to $150 a month in Azure credits, so up to two free VMs running all day for a month.

I've done a few posts on "Penny Pinching in the Cloud" that you may enjoy.

• Penny Pinching in the Cloud: Enabling New Relic Performance Monitoring on Windows Azure Websites
• Penny Pinching Video: Moving my Website's Images to the Azure CDN (and using a custom domain)
• Penny Pinching Video: Moving an Azure Website between data centers
• Pinching pennies when scaling in The Cloud - lazy loading images and using the Azure CDN to save money
• Penny Pinching in the Cloud: How to run a two day Virtual Conference for $10

About Scott

Scott Hanselman is a former professor, former Chief Architect in finance, now speaker, consultant, father, diabetic, and Microsoft employee. He is a failed stand-up comic, a cornrower, and a book author.

About   Newsletter

Hosting By

I've been hating my iPhone lately and I've got a love-hate relationship with my Lumia 920 so my buddy at AT&T loaned me a Blackberry Z10 for a month to try out. This is the same buddy who loaned me an AT&T Unite Hotspot in May. These are loans, I don't keep them.

Imagine a world where there is no iPhone and there is no Android and there is no Windows Phone. In this world, the Blackberry rocks. Not just rocks, present-tense, but rocked, past tense.

I mean, seriously, the RIM 950 had an Intel 386 and 4MB of RAM. That thing ran for a week on a AA battery and changed my life. Blackberry connected me. That was truly innovative. Research in Motion changed mobile forever.

The Blackberry Z10 changes nothing. It pains to me to say this, truly it does. I'm sure that in some parallel universe Blackberry is on top and Mr. Spock has a beard. But on this planet, Mr. Spock has an iPhone (or probably a rooted iPad Mini that runs LCARS).

But, still, I ran with a Blackberry Z10 for a month and I tried, I really did. It's a lovely device, the Blackberry Z10, make no mistake. But, it's a Blackberry-iPhone. It's evil Spock, not Spock - a mirror if you will.

Don't we all appreciate the innovation in phone design that's happened since the introduction of the iPhone?

But is it a Blackberry? Kind of. It has BBM (BlackBerry Messenger) but that's where it ends. It actually feels more like the lovely HP TouchPad's webOS than like anything I've seen in the Blackberry universe. It's certainly more visually polished and consistent than any Android I've used, has more clarity and depth than a Windows Phone and is some how as fluid as an iPhone.

Moving Around

You can move in and out of apps within a grid of four running apps. It's similar to the row of thumbnails you see on iPhone iOS7 or Windows Phone, except in a grid. One nice touch is that some apps, like the NYTimes for example, can opt-in and draw a custom tiny thumbnail of their own. Apps that choose not to just show a standard thumbnail. This is a small but under-utilized touch that has potential if it takes off with developers.

You swipe left and right between the Blackberry Hub on the far left, the running task list, and the actual app launch takes up the remaining screens.

Browsing

The browser is excellent. It supports much of HTML5, CSS3 and Media Queries and modern sites like my blog and podcast site rendered great. It's not quite Mobile Safari but it's very close. Fonts render clear and clean and the 1280x720 screen is fantastic.

Your Information

The calendar has such potential, although the Month View is useless, as it is on literally ever smart phone I've ever used. It's all birthdays and wasted space. Week View tips over quickly as well once you start having anything that resembles a normal person's schedule.

Email and The Hub

The one differentiator that this Blackberry has is the omnipresent "Hub." It is always off to the side and accessible from any app. It's Email and Facebook and Twitter and Texting all in one.

Pros

• Mini HDMI connection - I'm not sure I'd never use this, but I love that I have the chance. However with things like the Chromecast (and Miracast, AirPlay and Wi-Di) there's just no reason to have a physical connection to a large screen anymore. Or at least there soon won't be.
• Feels great in your hand - It feels like an iPhone 5. It's weighty, but not heavy, firm and well built. Even though the back comes off (a plus, so you can swap batteries) it still feels tight.
• Fast - It never lagged, swipes were recognized and responsive
• Blackberry Hub - Everything (Twitter, SMS, Email, etc) is all in one place. Reminiscent of the Windows Phone People Hub, but more "swiss army knife" with all your messages in one giant list, my only complaint is that the swipe to access the Hub is not-intuitive. You swipe up from the bottom, then turn 90 degrees and keep swiping to the right, like a right-turn sign.
• Browser - I was really impressed with the browser. It supports CSS3 media queries nicely and scrolls fast.

Cons

• Smallish battery - I never made it a full day without having to charge. To be clear, my iPhone barely makes it past 2pm, but I somehow expected more from a Blackberry. This battery is only 1800mAh.
• Small App Ecosystem - The Angry Birds, Twitters, and Facebooks are all here, but once you start digging it's clear that this is a paper dragon of an AppStore.

If you're #teamblackberry and you have #iphoneenvy then this is likely the phone for you. However, there's no compelling reason to switch if you already have a smart phone. If you're in the market for your first smart phone, I'd consider one of the top three phones, as I just don't see Blackberry winning. Still, it's an impressive first outing.

About Scott

Scott Hanselman is a former professor, former Chief Architect in finance, now speaker, consultant, father, diabetic, and Microsoft employee. He is a failed stand-up comic, a cornrower, and a book author.

About   Newsletter

Hosting By

I'm always trying to tidy up my blog layout and remove 'noise' but every time I try to remove those social sharing buttons for Twitter and Facebook I get a barrage of email asking me to put them back. Personally, I use bookmarklets in my browser for tweeting links, rather than relying on AddThis or ShareThis or any of the other garish sharing JavaScripts.

This sharing button thing is out of control. Links work too, folks. It's the web. Let's not have our blogs turn into Vegas Billboards.*

Twitter, Facebook and Google+ all offer JavaScript that they'd LOVE for you to add to your site. Tracking is one of the reasons that they'd love you to add these. That may or may not be a strong reason not to add their JavaScript, but a concrete reason not to is speed.

When you add three services' JavaScript you're adding three DNS lookups, three (or 20) HTTP requests for their JavaScript and images, and on and on. That JavaScript has to execute as well, of course, but the value it provides isn't justified over the speed and hassle involved in my opinion.

I wanted to add social sharing links without adding JavaScript. Fortunately all these services support sharing via simply visiting a URL. Stated differently, you can share via an HTTP GET.

Below, I'm adding "YOURURLHERE" in the places you'll want the URL for your blog post. You should change these templates for your own blog engineer. WordPress, BlogSpot, DasBlog, etc all have different macro formats. Your mileage may vary.

NOTE: Make sure you check that you have the right number of quotes and ampersands when adding these to your blog template.

Twitter

Note that twitter's sharing format includes the URL, the Title and the "via" which is your twitter name.

<a href="https://twitter.com/intent/tweet?url=YOURURLHERE&text=YOURPOSTTITLEHERE&via=YOURTWITTERNAMEHERE">Twitter</a>

Facebook

<a href="https://facebook.com/sharer.php?u=YOURURLHERE">Facebook</a>

Google+

<a href="https://plus.google.com/share?url=YOURURLHERE">Google+</a>

You can share THIS post by clicking the links just below here on the same line as the Comments link.

Let me know about other social sites that support this kind of sharing in the comments, and I'll add your tips to this post.

* Yes, I know I have ads on this blog. It's taco money and it pays for the gadgets I review. It's hardly Vegas.

About Scott

Scott Hanselman is a former professor, former Chief Architect in finance, now speaker, consultant, father, diabetic, and Microsoft employee. He is a failed stand-up comic, a cornrower, and a book author.

About   Newsletter

Hosting By