July 2021 Meetup - Build Your Azure Bicep Muscles

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
for having me let me select my screen hopefully in a moment you'll see there we go my vs code instance that says azure bicep quick start before i get rolling here let me see if i can get the chat window out too because i don't want to miss any questions teams kind of goes bonkers when you um screen share doesn't it in fact i have no earthly idea where to even find the chat i'll tell you what would you mind if there's any questions that come up in the chat would you just stop me on my tracks and let me know yeah i'll let you know thank you cameron and anybody else thank you for being here by the way everybody and any questions comments concerns that you have again come right on audio as kevin mentioned so i figure i'll go for about 40 45 minutes or so and if you have questions longer happy to be here with you this is a quick start on azure bicep originally called project bicep it looks like azure bicep is going to be the final name and you can see in the top of this readme file that you're looking at the short link to this repository is tim w dot info slash biceps so that's a place you might want to go and grab all of the session files i don't have a slide deck i'm going to do all of this 100 percent in demo but the readme of this repository contains i think some really worthwhile resources i just tried to distill what's out there into what i think are the biggest impact resources now again as an instructor i like to try to cover as many experience levels as possible devin i i heard you say that you're part of the microsoft academy and server administration so um if you go out to that link that i gave you you don't have to know how to use git necessarily you can just use this code button and then download the entire repository is a zip file if you want to i've already cloned it down to vs code and i'll be doing all of my demos nvs code and part of it is going to be setting up your development environment for azure biceps so it's definitely relevant walk you through this readme file there's my contact details right up at the top if you want to stay in touch outside of the session um let's see might as well do the setup right now i would always recommend that you have the get client installed on your system if you're on mac os or linux you already do but we windows users have to take an additional step at least as of now we do also recommend that you have the latest release of powershell core powershell v7 on your machine as well as the azure cli the azure command line interface why well it's interesting that with azure it's it's funny how some azure products skew more one way than the others i guess originally it was more azure resource manager was more powershell in terms of scripting automation but more and more cli is developing a footprint and some product teams at microsoft appear to have a very strong bias toward the cli and i think that the folks that are doing the the bicep project might feel that way honestly i'll have to ask them and see if i get an answer that they're willing to to share publicly because we're going to see that working with bicep from the command line i think the experience overall is much better with the azure cli i'd be interested to know what you think about that i like vs code as my code editor free open source cross-platform code editor and just to give you the what's up here i've got vs code installed i've got powershell 7 installed i've installed the azure powershell modules and you can do that once you have powershell 7 installed by doing an install module and the name of the azure resource manager bootstrapper is just a z what else will you need uh you'll also want to bring down some extensions if i can speak properly i might as well show you those over here in vs code if we go to the extensions gallery all of these are directly from microsoft we've got the powershell extension which is going to give you language support for powershell we do a search for azure cli there's a azure cli tools extension again these give you intellisense code completion and snippets and debugging support for those languages for arm templates in particular the azure resource manager tools extension is critical or the arm tools extension as it's called this gives vs code the ability to understand and recognize the json that we use with azure resource manager templates let me see well if you're into terraform there's an official hashicorp terraform extension but to our point we're looking at the bicep extensions so we've had um support for the bicep language and vs code right from the beginning and they were really quick to get a custom icon going too originally they used one of those emojis that you have on your smartphone and this is going to give us language support for bicep come back to our readme file again a little clumsy on this computer i'm at my home and i have a mac and normally i'm at my office on windows i'm much faster on windows you want to also come down here don't want to skip this step and install the bicep cli of course you're probably thinking tim what kind of instructor are you haven't even explained what the heck bicep is i know i know that hang on for just a couple more minutes i'm just going through the setup here these are just running next next finish installations to make sure that your workstation is equipped to do this infrastructure is code work the bicep command line interface again it's available on all three operating systems it's a little bit wonky and i'll get more into that in our first demo in terms of you might have to reinstall the bicep cli if you're using both azure cli and powershell but one step at a time one step at a time why do you care about azure bicep that's really a question and i mentioned terraform you hear that a lot nowadays what's the relationship if any between this terraform thing this azure bicep this arm templates what what's going on with all this across the board well here's how i'd like to set the stage if we come into the azure portal here and i'm gonna just go to the resource group level recall that the resource group is the most common deployment scope in azure and if we go to a resource group and come down to deployments we'll see a record in inverse chronological order of every deployment that you and your colleagues have made to that resource group and we can take a look at the details of that in terms of what inputs or parameter values were passed into this if the deployment had any outputs and then most importantly a javascript object notation or json description of this deployment so the json is always going to be there for every deployment whether it's json that you and your colleagues wrote and deployed programmatically or in a pipeline or whatever or if you do a deployment directly in the azure portal then the portal will generate some pretty nasty json itself but that's the underlying data representation format for every deployment just like in amazon web services for example you've got json and yaml describing those those deployments so let's uh get more into that json bit here let me clean up my vs code and i just want to again do a little bit more preliminary review let me close all my editors and let's take a look at a representative azure resource manager template just to make sure that you're familiar with the lay of the land json is supposedly i agree an easier to read and easier to parse data format than extensible markup language or xml which it really super you know it replaces and we have in the azure resource manager template a number of required and optional key value pairs we've got our schema declaration this is required and this is going to be the the schema or the definition that we're validating our deployment against that needs to be there content version needs to be there it has to be a four element number you're going to get a lot of help in vs code once you've installed the arm tools extension and the bicep extension because you get this hover help as you can see by hovering over an element it gives you some really nice background on that parameters are optional but you know if you've done any kind of automation how useful it is to be able to parameterize inputs that are likely to change from deployment to deployment if we're going to do a storage account we might want to parameterize the name or part of the name if we're doing tags taxonomic tags that's another good element notice that we can pass default values in such that when we deploy the json template if we don't provide a value for the replication option parameter for example azure will assume whatever you have in your default value will be used and if you use a separate parameter file that value will actually take precedence over the default value that you have in your template we can constrain data as you can see here creating an allowed values array so in my example i would only be allowed to deploy any of those three storage account skus now that's not necessarily security it's just providing a way to you know governance and putting some what's that term guard rails on your deployments what else do we have in the template as we're working through here variables like parameters are optional but super useful main difference between variables and parameters is the parameters is data that goes into the deployment at runtime whereas variables are accessible only within the body of the template in the resources array so i like to describe it that the parameters kind of stick out of the template so they're accessible from outside the template variables are handled internally and variables can be really great for building unique names and more complex resource values for example we have this ability to use functions there's a whole library of arm template functions this one's using two of them where we're using the concat function to do string concatenation where we've got two or more string elements to run them together you know if you've created an azure storage account it has to have a globally unique name that can be difficult to do and you don't want to slow down your automation by having the validate having the deployment fail because of a name collision so concat is going to take this first element here parameters stg prefix and then run it into this static string suffix so concat is going to do string concatenation and parameters here is actually another built-in function that's going to replace at runtime or deployment time whatever i've provided is a value for the stg prefix parameter say so variables are good for those kind of more complex values and then we find that in the resources we have a comma separated list of your resources from the simplest to the most complex deployment azure resource manager templates allow you to do more robust deployments you can do nested templates and and linked templates if you have a multi-template environment that's more modular a lot of these represent pain points actually of arm templates and it's why i think microsoft is created bicep is a way to give us administrators developers architects devops specialists you know the list goes on all of the above as kevin mentioned a programming language a domain specific language or dsl to make this template creation and maintenance easier because alex frankel is the program manager at microsoft on this on the bicep team and he put it really well that json is a data representation language it's not a programming language and when you really look at this the ability to do these expressions here and the way that the expression is indicated in the arm schema is that for your value you do double quotes that's standard then with square brackets which normally represents an array in json but here if you do the double quote brackets that tells azure to expect a function or some kind of expression i mean this isn't stuff that was part of the json spec ever you see what i mean microsoft is kind of hijacked or hacked json in a way in order to make this act a bit more like a programming language and it's got pain points because of that that's really what i'm trying to drive home so lastly we see that as we're defining the storage account resource itself we're able to tap in again using these template functions and expressions we can use the variables function to swap in a variable value parameters function there's a resource group built in function this is a common pattern on line 34 to where as long as you're cool having your deployment go to the parent resource group which why wouldn't you instead of having to hand type or worry about references of of the location you can just do a call of resource group dot location to get the location property of your resource group nice code reuse you might be wondering well if we're going to do bicep in a moment why are we horsing around here spending this time looking at these arm template functions because one of the really nice things that microsoft has done with bicep is help us not have to learn it all over again in other words we're going to see that we can use these same functions in our bicep code so you're able to actually not throw away your existing skills with arm template development but you can roll them into bicep okay so given that now we've got this json file if we wanted to deploy it you know we could do so with azure cli or powershell i actually have some additional supplemental files here but we could try it right now we could do a test a z resource group deployment if we're going to validate or attempt to validate this nice thing that vs code will give us if there's any validation problems against your declared schema they'll normally show up here in the terminal on the problems tab as you can see so we can validate programmatically or when we're ready to actually do the deployment we can do new az resource group deployment i think my terminal disappeared for a second there we're going to need a resource group name i'll use my tim resource group and then we're going to need to path out to at least a template file and then we can path into arm templates storage account.json again why are you showing us this tim well because you actually use the same command when you're deploying bicep because as it happens the current versions of azure powershell and also the current versions of azure cli have support for bicep baked right into it so i wanted you to be aware of that so you can use this new az resource group deployment not only to path out to your json files but nowadays you can go directly to your bicep templates as well as you can see here and the compilation or i always get confused between how microsoft uses compile and decompile between json and the bicep language but it's one or the other you it'll do the translation to json so are you picking up some of the themes here the high level themes with bass with bicep the fact that bicep is not intended to replace arm templates in azure resource manager we're still going to have arm templates as being the way we deploy and maintain infrastructure and to do that in an infrastructure is code or iac way instead the bicep language is a way to simplify the pain of working with the json it's an abstraction on top of it that really is a domain specific language all right well show me some dadgum code i'm going to show you something that if you're not aware of this site i hope this will make your night let me do a control a and control c to copy this json into my clipboard i give you a link to what's called the bicep playground in the in the read me file in my of course files there but this is such a useful website here the actual url is bicepdemo.z22.web.coord.windows.net and what it does in short is it shows you live and i think it's a read-only editor though let me see yeah it's read-only or no it's not it's actually allowing me to modify that i'm kind of surprised okay anyway it shows you on the left your bicep code and on your right your arm code and a couple things you can do here right off the bat is once you have some code up here some bicep code you can copy that or a link to that output and use it elsewhere but watch this you can open the sample template and you can load up from the simplest to the most complex arm templates from the i presume it's coming from the azure quick start templates gallery and then it shows you the live code on the left and right let me see if i can crank the font up a little bit whoa i didn't want magnifier thank you very much let me try that one more time control plus there we go a little bit better yeah so this is worth your playing around with and not just playing around but actually potentially implementing it you know because i tend to use a lot of these as your quick start templates anyway now if you want to convert your existing arm template just to see what it's going to look like in bicep and whether you'll have to do any additional refactoring you can use this compile button here and we can just go ahead and hit my course files here let me look on arm templates storage account dot json load it in and with no hesitation at all now we've got it so now let's learn bicep language the basics of the language by comparing and contrasting our existing what we just went over in an arm template over to bicep and see what you see well first of all my original template was 56 lines this one is 26 so you normally realize at least a 50 percent size reduction if not more it depends between the naked json and the bicep format the bicep language to me resembles kind of a mashup of javascript and maybe a little bit of c plus plus but it was meant to be again approachable to a large audience of people who may have more or less experience with programming so instead of defining your parameters in json javascript object notation here you've got a much more straightforward way of declaring those parameters using the param keyword it's going to be pram the name of your parameter the data type and then you can do a default value just like you would in javascript equals and then your value isn't that cool another thing you'll see in the bicep docs and i give you a link to the bicep docs again in those course files my goal was to give you everything that i thought you'd need to be successful in those course files you can also add what's called a decorator there are certain of those that you can add to modify the behavior of a parameter and again this can make make your life a lot easier it seems to me so notice that for our replication option i'm doing my default value and then that allowed values array just shows up like this at allowed and then i in parentheses i've got the array of the options that i need and that would constrain what the va the illegal inputs that you can add to this particular deployment then we've got a variable declaration as you can see here var that was the original javascript variable keyword and there are some differences this is ver this interpolation business here notice instead of using the concat and the you know the the two expression that i had over in the json here it's using a very javascriptian method where we're doing dollar and then the value of the parameter and then we're just running that so it's a much more natural language way to go than dealing with concat and then nested functions again this is all part of the design vision that microsoft has for this new domain specific language and then we have whereas we have our resources section in our json here we have one or more resource declarations and again it breaks down in the docs to learn line by line what's going on but basically it's going to be resource whatever a friendly name is but this friendly name is just the resource identifier in your bicep file that's not necessarily the name of the resource that azure will give it and then you have your api version and your resource provider and you would get all that from the docs or you can auto generate it here as you can see and then just location tags pretty darn straightforward i think you'd agree with me on that wouldn't you let's go to sample template and let's look up another one there was one i was looking at earlier with virtual networks let me see if i can find it let's see tim at the top if you use the filter option you can just type in like v-net and it'll filter for you oh okay thank you for that yeah any word in the in the template's name it'll uh filter down the list for you to make it easier to find now when you say up on the top you mean i apologize i don't see that in your window there yeah oh yeah it's that selection yeah there should be a type there should be a type filter there or type to filter there oh yes there it is yeah use that that's that's what you want okay oh yeah boy that's good that's a good tip right there so we have looks like as i promised you still can use some of those functions now it is giving me some squiggly text here what is this saying you string oh it's just a suggestion again this is good and this is something that would be surfaced in vs code in the bicep extension getting tips on how to improve your code here they're asking that you use the biceps javascript string interpolation instead of using the legacy or what i guess microsoft might call legacy that can cap function go on from there okay enough about that let's go back to vs code and i want to show you let me see i've got a work file here for both powershell and cli let's look at the cli first and if you're not familiar with the azure cli it's cross-platform non-interactive command line interface and once you've got it installed on your system you'll run azlogin to sign into your subscription and then if you have more than one subscription you can do an easy account show in fact i can i don't need to do a login but i could do an a z account show the um intellisense is pretty slow unfortunately and that's something else that i almost forgot to mention the way that you'll get visual studio code to light up the intellisense is having your file name and not the file name the file extension correct remember that visual studio code operates on the basis of file type so hopefully it makes sense that vs code needs a way to map the file that you're working in with a supported language and extension and it's a little bit weird to me but in order to use azure cli tools extension your script file has to have the extension azcli and in order for the bicep extension to work properly that's pretty easy it's going to be dot bicep and then power shell is typically ps1 right so let me right click this and run this in my integrated terminal cannot retrieve the dynamic oh i don't i don't know what that's all about here let me see yeah i have my fonts a little bit too big so it's kind of ugly but anyway you can set up your account get signed in make sure you're mapped to the correct subscription az account subscription and then your subscription name and here's what i was mentioning that as long as you have a recent version of the azure cli certainly if you do an a z upgrade to make sure that you have the latest version on your machine then you'll have a new context a z bicep this speaks to what i mentioned that azure cli has built-in support for bicep files and it's interesting what happens the first time you run a command that uses a z bicep if you don't have the bicep cli installed then the azure cli will auto install it but remember i mentioned that there's a little glitchiness there the glitchiness is it's like a java app you know how you can bundle the java runtime with your app and the app would run and use that specific runtime well it's a similar thing here so what that means is if you're now going to use azure powershell and you want to do bicep you're going to have to re install another instance or modify your path maybe you could get away with that but it's the azure cli bicep cli is separate from the one that azure powershell will use i know it's kind of wonky it's early days still we have to understand i haven't seen the term public preview used with bicep but i can only assume that's what microsoft would call it if you were to talk to alex or any of those engineers because it's not in generally available status yet there's still a long way to go i have to say that it's amazing the amount of engineering that microsoft has done just over the last several months in improving the language and this is a great example i think of how much these engineering teams are paying attention to the customers who are using the language for sure so as you can see az bicep minus minus help if we run that this just lets you know the additional commands available in the language and as you can see here bicep build is how you build a bicep file decompile is where you decompile an arm template to a bicep file i don't like this language basically a build is going to take an existing bicep file and spit out a json file the good news though is that you don't have to worry about that i'm predicting that the time will come eventually where we're not working with json much at all why do i say that because just a few months ago you did have to do a build process like look on line 12. let's say you're working in bicep and you're ready to actually do a deployment you you used to be not too long ago well i better run a build and convert this bicep file and make a json copy and then i can deploy the json to azure so in this case let me run line 12 here so you can see what i'm talking about so a z bicep build go ahead and grab that storage account file let me scroll down to the bottom and did it create that file let me see um where am i what's my current working directory i'm all discombobulated here let me try that again az bicep build go into the bicep templates folder yeah that should work should have worked just fine buildable oh my gosh this is just yeah i guess the the so-called um demo gods are kind of having a time with me it the way it's supposed to work is that we would get a file in the same directory as we're in now our present working directory it's just it would be storageaccount.json the bicep file would remain exactly as is it's just that you would have a separate json but the rest of the code files you can here see here on starting on line 15. we can take the bicep and send that directly to azure now we don't have to do a separate compilation step to generate the json unless you need it for reporting purposes or whatever so you can see on line 15 we're creating a new resource group and then on 16 we're doing the deployment and this is what you'd normally do with azure cli az deployment group create what is your resource group and then instead of specifying for template file is a json you just do template file directly to a bicep and then azcli will do the compilation and then deploy the json and away you go similar thing i've got going on here in my bi in my powershell file here we're going to connect into our azure account and subscription with connect ac account optionally passing in an azure ad tenant id if you you know if your account i should say belongs to more than one tenant and then if you have more than one subscription we can set our appropriate context as i mentioned the powershell azure powershell will require that you install the bicep cli separately because again i'll repeat it one more time the azure cli will auto install its own personal version of the bicep cli and hopefully that will change in the future but i checked that in the docs just a couple hours ago and that's the case right now so notice that we are doing a bicep build if we do want to see the json of our bicep file but we don't have to do that if you've got a current version of the azure powershell modules and i'm finishing out the file here on lines 11 and 13 by again creating a new resource group and then doing new az resource group deployment specifying a bicep and i want to give a shout out here to this what if are you familiar with this at all this flag powershell has had the what-if switch parameter for a long time and and i haven't been found it particularly useful however in azure powershell what if is entirely different it actually does some really useful work so i just want to mention that briefly looks like i don't have my resource group created so let me right click that and then let me attempt line 13 again what if generates an execution plan when you use it with azure powershell and as you'll see it will let you know which scope you're operating in in this case resource group and then it'll indicate whether it's going to do an add modify or delete based on your resources you might think well that sounds an awful lot like hashicorp terraform well guess what you're really at an advantage if you've used terraform because i submit that the bicep is microsoft's direct implementation of that technology are they cloning it or copying i'm not sure exactly what words to use but there's no question that bicep is a direct azure specific analog to hashicorp terraform and whereas in the terraform domain-specific language you have the concept of the execution plan i forgot what you do to generate that plan i think it's terraform plan actually here the equivalent in azure powershell is you just add what if to your new az resource group and it's telling us here like i said what kind of operation it is what the deployment scope is and then it'll echo what it's actually going to do so i wanted to give a heads up on that i've mentioned terraform a few times if you're not familiar with terraform want to just say a word about why you might want to go and you and your team that is to go in one direction versus the other now this is a sample terraform file first of all terraform is an infrastructure as code platform by hashicorp not microsoft totally separate group and the reason why i and many colleagues like terraform is because it's a single dsl for any cloud or any environment so you and your team can standardize on this platform and use a single language with a plugable provider model so if you're doing an aws deployment you would use the amazon provider if you're doing azure deployment you would do the azure rm provider so it's very modular terraform may be what you and your team want if you're multi-cloud for example so as you can see in the sample tf file very similar syntax here that we saw there's a resource declaration the indented properties as you can see here indentation matters both with bicep as well as terraform files again it's very similar indeed there's no question that bicep is heavily influenced by terraform any questions comments concerns curiosities at this point let me pause for a second what's on your mind tim i have a question regarding uh hashi or terraform versus bicep i i've long been a proponent of terraform myself and that's what we use in my current company um but one of the things that can be frustrating about terraform from time to time is that it lags behind you know azure resources you know and azure comes out with a new resource it might be a few months before that's supported in terraform does it is bicep keeping in step with with azure resources as far as using thanks from that super important real world point i can say definitively because an engineer at microsoft actually told me that and confirmed that these developers on the bicep team know about that pain point and have exploited it so you're not going to have that lag and bicep that you do have and that's an absolutely valid point about terraform there's that catch-up period as azure products go through private preview and public preview and then generally available hashicorp has to rush to make sure that they eventually get support for those resources that's not the case here and that may be a good case where you and your team decide to kind maybe even do a split thing where you're predominantly terraform but you still do bicep for azure specific work i mean because it's so feature parrot i don't know what what's the term am i looking for parody parable something like that it reminds me of multi-factor authentication i love microsoft authenticator but i normally go with authy because i can use it on any device and i don't think authenticator does that yet but authenticator is so convenient with azure mfa just with the push notifications that it's okay i'm not i'm not complaining about having two mfa apps so that's a very good point indeed now let's take a look at some other files here uh conditional deployment because there are some points that have come in more recently that were identified by customers right off the bat that bicep originally didn't have one is the concept of you know how in arm templates you and your team might have your arm template definitions broken out by resource and then the time comes where you want to put together say a virtual network and an azure firewall and an application gateway and vms how can you stitch those multiple templates together and normally the two patterns that are baked into arm are to nest the templates which can get kind of tough where you're literally copying and pasting the templates inside of the parent or the more common approach is to link out from the parent template to one or more outside or external templates so we have in bicep the concept of the module and you'll want to go to the docs for the full what's it especially if you're wondering about reconciling parent and child scopes and all that that i'm just going to punt to the docs but here we have a relatively simple example of a module where if we come down into the resources section uh what am i looking for oh i'm sorry this is just the storage account definition that we were sawing before the other bicep file consume a module this would be the equivalent of the parent module and the module dot bicep would be the equivalent of the child module so in this consume a module dot bicep test file notice that we're calling or invoking a child module here so we've got a new keyword on line six called module we're passing out to that file i don't think they support remote paths yet so it will be a file that's presumably in the same repository and then we just specify if there's going to be parameters that go specifically with that child resource so it's it's much cleaner syntax there's no question about it in fact let me again try a compilation process here see if this works let's see let me yes would you mind speaking about those uh descriptors for the parameter there after you oh yes yes yes you mean these in lines one through three right here again we have a concept of a decorator as it's called and these decorators replace the constraints that you would have in json like if you have in this case it looks like we want to cap the length of the string where it would be a minimum of three characters and a maximum of 11. those are keywords that are required if you want to do that in json but if you want to modify and add these parameter attributes to your bicep you use this decorator syntax which the keyword starts with an at the at allowed for example is where you do that allowed array that i showed earlier in this presentation if you're doing min and max length for a string or a numeric data type it's as you can see here at min length at max length and any of those decorators will apply to the next parameter so they kind of ride on top of the parameter that they apply to so in this case min and max apply to the name prefix parameter so let me do a bicep build and i'm going to build this not conditional deployment consume a module dot bicep there we go so now if i go to the consumermodule.json file let's see what it's done here yeah so we can see on line 14 and 15 those min and max length decorators are now just standard elements that are part of a parameter definition in the json but then i also want you to see here that we're calling on line 25 that child template called a module in bicep terminology calling the microsoft resources deployment type which i'm sure some of you are familiar of and whether you're looking at parameter values from the parent the outer scope or in this case the inner scope so there's the parameters and then this is kind of interesting i didn't have time to deep dive onto this before tonight's session but it looks like the module will nest the child template when you do convert it to json it makes sense because ultimately the bicep is going to compile just a single json so i guess you would have no choice but to do nested templates but that's that's what you've got here one or more nested templates and this uh light gray text is what's called code lens and again that's just another nice feature that you get with vs code and the arm tools extension and the bicep extension okay so that is a little bit on what's called the module and that's what the bicep term is when you have a more modular deployment and you've got separate templates and you can have a parent template invoking multiple child templates another pain point that comes in with azure resource manager are the subject of dependencies think of a virtual machine and think of depends on v-net depends on nick that can get really complex thinking about your your order of deployment you know because it's not necessarily that your json file is just going to be read from top to bottom so we have the concept of the depends on keyword and the arm template syntax to explicitly say that the creation of this resource depends upon this other resource already having been successfully created so that was another thing that the bicep team knew that they wanted to work on and make easier this dependency mapping kind of business so there's a sample file i have for you called dependencies child resources and up on the top in this multi-line comment it just shows the basic syntax so notice that again we're using indentation to show a parent-child relationship between the parent which has the resource type the resource provider and the api version declaration and then its properties and then for the child beside it being indented we're just specifying the the child's resource type here and then any properties and then i have an example of a storage account and then inside that storage account we're creating a file share for example so this at the end of this deployment process we would have an standard lrs replicated storage account that has a file share called example share and that's worlds different from how that depends on works and arm templates that that is some really nice engineering it seems to me another one that was more recent to the table is the concept of looping and iteration so in this example that i pulled from the bicep docs let's just see what it says we loop over the storage accounts array for each loop storage name is set to the current array item so i think it must be an indexing thing so what do we have here so we're creating a resource with a friendly name storage account resources and then it looks like the we have a counter value here a 4 where it's going to start with zero and terminate on three and then it looks like we're referencing the index values so as we increment each pass through this this resource the end of the process will have if it starts at zero i guess that would be four storage accounts at the end of that process and it looks like they would be called storage name zero storage name one just a simple example again we have this concept of looping in arm templates but it's a little bit messier to say the least it seems to me let's see dependencies condition and then lastly the concept of conditional deployment this is pretty flexible as well again arm templates have been able to do this for a while but i think that bicep makes the process much simpler let me know what you what you think about this so this one says that here we're either going to deploy a new storage account or use an existing one depending upon whether you specify new or existing as a parameter value a new parameter deploys the storage account otherwise no deployment happens so we've got two simple parameter declarations and again notice that we're capitalizing on some of the existing arm template functions so it's that question of you not just throwing away all of your experience with arm templates it's being able to carry that expertise forward in the bicep language and here we've got again a decorator on top of the newer existing parameter where the two allowed options are either new or existing and your default value is going to be new and then we have our resource that actually creates the storage account but notice the magic that's happening here we saw with looping on the resource level we could do a for loop to iterate via an index here we can do a conditional deployment just simply with a very simple if block equals if newer existing equals new then now i would want to add to this of course if you want to explicitly or gracefully handle an else and that kind of thing but again that that's pretty star and slick it seems to me as far as handling conditional deployments and code in a much less verbose and chunky clunky way that we have with the json let me pause again questions comments concerns no okay well let me return to that readme file because there's a couple more things on here i wanted to draw your attention to let me um open the preview here make sure again you have everything you need getting started i've got links to each of those extensions i mentioned i've got some hashicorp terraform bare bones links for arm templates because again to repeat some of these top level themes again i just think it bears restating to make sure we're all crystal clear that um bicep is a language on top of the arm language it doesn't replace arm templates the bicep compiles to the arm json it's not going away so i think it would behoove you to have a good grasp of arm template syntax even if you plan on doing most or all of your actual development in bicep and to help you along those lines here in the file there's link to the arm template docs the quick start templates gallery the rest api reference and then two fellow mvp colleagues sam cogan and adam marzak and i all have youtube videos on arm template development so i think between the three of us there can get you pretty darn far as far as having a really broad and deep understanding of the arm side of things and then lastly the best resources i could find take away with bicep as you can see install repository docs i would say of these the repository link perhaps is most important in terms of a source of authority from the development team itself so we're out on github azure bicep and this readme file here normally will have the latest and greatest there's some really nice links embedded here as a matter of fact there's you'll find there's a link to the bicep playground there's a vs code a github code spaces repo to do a pre-configured environment that you can run in your browser so that that's one way that potentially you can contribute to the project if you're interested in doing that you'll also find that in the docs like let's do a quick google search here let me see what's something we might want to do how about create an azure storage account if we do a search for create azure storage account docs we can hit up the microsoft docs you're going to see that the um well it figures it's not showing up here the bicep is really working its way into the microsoft docs and that is a clear indication to me that bicep is not going anywhere i'd be very interested to know what happened behind the scenes for this to have such great pickup and i've been with powershell for a long time if you know the powershell story powershell didn't have a great pickup at the beginning for sure but in fact it was met the project was met with a lot of resistance you know jeffrey snover says he recalls another exec at microsoft saying jeffrey what part of windows don't you understand but bicep doesn't appear to be suffering from that kind of stuff you'll find that the bicep code is natively baked directly into the docs i obviously chose a bum article but you'll see it in these integrated code comparisons right alongside the template code actually that's probably what we should look at instead of powershell api templates they have all the biceps listings in there now yeah so and i have a link in the course files to this the arm template reference so if we look for the storage account for example here just trying to find a general purpose storage account for heaven's sake come on whatever we'll look here yeah there we go that i was just barking up the wrong proverbial tree so we've got the json and the bicep again so yeah it ain't going anywhere really interested to hear what your thoughts are because i know we have a lot of developers in the audience as well what do you all think bicep's great um i i've been actually doing quite a bit of development and actually working with a couple customers on getting some templates deployed and it's the the pickup time to try and teach someone who's never done arm templates or or has done little infrastructure's code is leaks beyond um trying to teach them how to do an arm template um just to the fact that some of the uh like with them with the last version the dot four or six or whatever it is a bicep with the um the pre-created um templates uh that you can do with some of the resources is fantastic it just makes it so easy to go out and create resources so much faster and sort of make that development look a lot faster versus trying to do an arm template there's just you know there's so much less to have to think about it just does a lot of it for you out of curiosity how are you doing your deployments are you deploying the bicep file itself or are you compiling to json and then submitting the json we are uh using azure devops and deploying and we're configuring to json right now um because when we first started it was uh before you could do the transpile with inside the azure cli um going forward we'll probably switch over to just doing straight bicep because unless you want the json for your records there's not a real reason to have to deploy the json um but yeah uh i was gonna i was gonna ask you about outputs um did you how is bicep handling outputs like you would in a json file not very cleanly in fact in the course files or exercise files i have a good example of that let me see if i can find it that storage account json sample file i have notice that i'm doing an outputs declaration just to get your endpoints and then if we look at the corresponding bicep file which i also have i think it's the same one let's see yeah output and then the name and object type equals yeah so it's just the same dot notation and you can reference the variables etc just like you would elsewhere and that unique storage name is the name of the resource you're deploying right let me see it yes right on line 14. yep it looks like the name of the storage account you go oh third there it is yes yes okay cool you know while we're here let me quickly because it just occurred to me when you're saying um pre-created resources are you talking about vs code snippets or something else can you speak yeah sure um if you create a new bicep uh file and then you just start typing um res dash uh there'll be a slew of pre-created snippets that the bicep team is um maintaining and supporting and they are taking um community um uh can be compete uh sorry community um the rich answer the community for these as well but you can storage group you know it'll it'll show you what it's going to deploy as far as the template now you have tab completion through that template as well so you can question enumerations yes oh yeah that as well too that's cool i didn't know that there we go yeah that's fantastic so that's that's what you meant the snippets thank you for lighting that up because that's another great part about vs code and the arm tools extension gives you your json snippets and the bicep extension now gives us these bicep snippets so again as long as your file has the correct file type dot bicep it looks like what was that keyword trigger again uh res res thank you for that yeah and then you get the uh all the dash items uh res dash sorry and then it'll have all the different um application names uh there's not a good standard i kind of wish that they stuck to the like um the uh azure naming conventions for some of these things like like aks or wbd but they did for some and not for others so you sort of have to like scroll through what's out there and then um grab your resource very good yeah anybody else what's on your mind i i'm wondering you know when you when you talked about the some of the conditionals um you know i as i mentioned earlier i'm much more of a terraform guy but i mean what bicep seems to offer looks great it would be cool if you could use it everywhere but that's another story um but you know terraform a few years back and perhaps you know incrementally keeps in introducing more kind of conditional logic which i i kind of have mixed feelings about because in order to run it you know in a true ci cd platform we want it to be basically item potent you know so i can run this again and again and again i just want to specify the desired state so i've seen some terraform in the past where some conditionals that have been used kind of break that mentality um so i i'm curious to know what others have to say about that that similar thing with bicep seems very similar in that way couldn't couldn't you supply a default value though to ensure that you're not breaking validation like you're doing here on line 12 or did i misunderstand your point in question no i think you certainly could and i'm not saying necessarily that any conditionals are a bad thing but um i'm i'm trying to think of an example that would you know would kind of break something um i don't know one's not quickly coming to mind um but where whereas you know kind of sticking to the true again and i'm thinking more terraform of saying i want to you know here's what i want the desired state to look like you know so i'm putting in my terraform to make it happen as opposed to saying something like you know like on line 14 i guess why would you need to know if it's new or existing you know as opposed to just specifying here's what i want it to look like okay i see what you're saying yeah because with item potency as long as you're doing an incremental and not a complete deployment we should be able to add or subtract from this and re-run the deployment as is and azure will make whatever changes that you specify yeah yeah this example i think is a bit too contrived actually yeah it is a bit too theoretical it's not realistic enough that and it's not gracefully handling the existing case either i think we're still pretty new on this i'm i plan tonight during my nightly reading time to read more into conditionals with bicep because i'd like to know specifically where where we are on that edge because i know it's a relatively new feature to the language anybody else have experience with that i'd love to hear as well yeah uh the conditional piece is you know i would say definitely try and use it as sparingly as you can um i've seen some good use cases for say if it's if you're deploying to dev test and prod for devon test you're choosing your storage group and your sku is going to be standard lrs but then for production we want to do standard grs or do something that's globally available you know giving you that sort of option to for a certain environment in these criteria you deploy it this way everywhere else you deploy it that way the um or if in the case uh yes that's that's i think one of the best places to use it um or if you know trying to determine between environments seems to be a big place where i've had looked using it so far is this is this diverse this test um another useful case is if it's different subscriptions if you're deploying resources across this risk subscriptions and you need to um uh you know i need to create a network peering between a devtest subscription and a production subscription uh for some peanut i need to let it know is it inside the subscription or outside and if so supply the right subscription id so it can connect to it um that way so there's some conditional places where it's useful i would again still say sparingly use it as you need to um don't use it as the way to write your file adjust what you're writing or edit parameters is the better way to keep it simple great examples thank you they think there are some additional comments on the chat if you want to if you want to check them out does that what if command worked for all things in bicep or only specific biceps or like just deployments does it work for pretty much both the same in azure cli and the powershell you showed that what if command is it supported 50 universes oh i only know well the what let me get the file back so we can take a look at it again what if is a a parameter of the new az resource group azure powershell command i don't know if azcli has an analog to that as a matter of fact so um yeah what if is is a parameter of this specific command it's not part of and anything else it's not part of bicep or cli it's just simply an optional switch parameter of new az resource group deployment but you bring up a good point is there an analog to what if in the azure cli you know because it's potentially it's a useful step to to get an execution plan of what it's going to do before you actually fire it off okay that's what easy deployment does um the easy deployment group or sub does have a what if commands does okay i i've actually never used it but it is out there so i would imagine it's fairly similar to what you have in powershell there i'll be darned that is really cool though i mean that's you know going back several years ago that's kind of what you know had me so interested in terraform to begin with is the terraform plan that you could run to do that what if so that's pretty neat yeah yeah the i find that the intellisense can be really sticky control space i find is a lifesaver as far as trying to give the intellisense engine a boot but even then it's kind of stuck here i wanted it to show the the what if parameter here but looks like it doesn't want to do that yeah that is very slow wow i've posted a link in the chat it looks like just by searching google on the microsoft site there is some what-if support in azure cli yeah nice and that whatever is actually pretty nice let's see well i think that's about all i have any i can't for the life of me i can't get the chat up on my screen because the team's window is micro sized is are there any outstanding questions that i can address
Info
Channel: Milwaukee Azure
Views: 225
Rating: undefined out of 5
Keywords:
Id: omSwhZHaiN8
Channel Id: undefined
Length: 64min 16sec (3856 seconds)
Published: Fri Jul 16 2021
Related Videos
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.