(intense electronic music) - Coming up, we're joined by the inventor of PowerShell, Mr. Jeffrey Snover, to take a look at the
evolution of PowerShell as the de facto automation scripting tool across Linux and Windows platforms. The latest editions to Cloud Shell, including the ability
for Visual Studio Code to run PowerShell inside of Cloud Shell, and how you can leverage
the cloud with PowerShell to protect secrets and harness
Azure machine learning, to advance management scenarios. So, please, give a warm
welcome, to Mr. Jeffrey Snover, the mastermind behind PowerShell. (raucous applause) - Thanks so much Matt, great
to be back on the show. - It's great to have you
on the show all the time. Now, last time, we had you on the show, we covered Azure Stack, woo! Today, we're going back to your roots, with every IT pro's
favorite tool, PowerShell, which is now playing a very
important roll in the cloud. So, can you tell me a bit
more about the evolution? - [Jeffrey] Yeah, so, when we
first developed PowerShell, our goal was to make it
easy for you to automate your operations, to increase the quality, and in turn, to free you
up to higher level tasks, higher value tasks. Now, with Azure, we've entered a new era, where your PowerShell skills
are even more valuable. Your skills and value,
now extend beyond Windows, to Linux and MacOS environments,
using PowerShell Core. This gives you a cross-platform
scripting from anywhere. At the same time, the
traditional PowerShell experience gets even better because of Azure. You know, so for example,
password management, right? Often we write scripts
that need, you know, the cmdlet needs a credential, a password, and how do you manage
that in your scripts? You don't wanna be putting
clear text passwords in your script, so we
sometimes have to, you know, that's difficult to manage,
and sometimes we have API keys, et cetera. So this can be pretty difficult,
and I'm gonna show how you can store this stuff using, in Azure, using Azure Key Vault. Or another example would
be, sometimes you wanna run a script, on a large set of machines, or a script that's gonna take a long time, and so what you can do is,
you can run that script using Azure automation, to
operate against all the machines, be they in Azure or on
premises with hybrid workers, and frees you up from the local session, 'cause if you invoked it
from your local machine, it would take a long
time, and you couldn't, you could never go home, okay? So, also using Azure automation,
it gives you full logging, and offers very rich scheduling. So, PowerShell gets better
because of the cloud. The on-premises PowerShell experience gets better because of the cloud, right? 'Cause it's managing my
keys, it's formalizing our team's automation,
and also, moving forward, there's the advantage of
being able to take advantage of Azure's artificial intelligence APIs, available through REST APIs, and you can incorporate
those into your scripts to do on-premises management even better. - Cool, and obviously it makes
things even more intelligent, and a result of more
cross-platform coverage, more people, namely Linux
operators, are getting exposed to PowerShell
potentially for the first time. - Right, so, if you're new to PowerShell, it's pretty easy to get started. PowerShell has the verb-noun syntax. - [Matt] So, if you wanna do something, you just ask it to do it. - [Jeffrey] Exactly, you
think about what you want, you type it and you get it. So imagine you wanted to
get all the processes, where the working set was
greater than 30 megabytes. You think about what you
want, you type it, you get it. Or imagine, you wanted
to get all the processes, where the working set was
greater than 30 megabytes, and then sort it, by working
set, and then you wanted to format that, as a table, using the name and the working set. Again, you think about what you want, you type it, and you get it. Okay, now this is not like
traditional systems, right? Traditional systems pipeline, what? They pipeline text, and
when you pipeline text your life's a misery. No, you have to do very
complex, what I call prayer-based parsing, right? Cut off three lines, go
over 27, is it 27 or 28? Is there a tab in there? Oh God, so prayer-based parsing, very difficult, very fragile, if anything moves around,
all your scripts break. PowerShell, on the other
hand, pipelines objects, and what that is, is
it allows you to think about what you want,
type it, and you just, it just gets done for you. - [Matt] Very cool indeed,
now for people who are new to PowerShell, where do
people go and get these cmdlets from? - [Jeffrey] Right, so,
a variety of sources. The core ones are gonna
ship with PowerShell itself. Next, Windows ships with
a bunch of PowerShell cmdlets, and they also ship with the products that support them. So, for instance, it's Exchange,
SQL, SharePoint, Teams. They all ship with their
PowerShell cmdlets. And, the amazing
PowerShell gallery, right? The PowerShell gallery is
where teams and the community ship their latest and greatest work, their scripts, their modules,
Desired State Configuration resources, and they keep them
up to date in the modules, so that's always a place you
wanna go check for things. - Nice, great, thanks
for the quick tutorial, and background as well. So, for the hardcore
PowerShell users out there, of which I'm sure there are
many in the audience today. (audience member shouts) Yeah, exactly, woo! Let's dive into some of the new stuff. - [Jeffrey] Great, so I mentioned to you, we now have PowerShell Core, right? So we introduced this
in January of this year, and we just shipped
PowerShell Core, version 6.1. Right, so awesome. This thing now, it's open-source,
and works on Linux, right? So, you can manage Windows,
you can manage from anywhere, Linux, Windows, MacOS. You can manage any OS,
running in any cloud, AWS, Azure, Google, or on-premises, using any hypervisor, Hyper-V, VMware, or any physical server. So, let me show you an example. Okay, so here, say get process star S, see all the processes,
and now what I'm gonna do, is I'm gonna create a
session to the local host, okay, using SSH, and then
I'm gonna create a session to a Linux VM, using SSH, and now, a third connection,
to a Windows VM, using WinRM. - [Matt] So to clarify, this
is three separate sessions, one, back to the local machine,
which is actually a MacOS, one, to a Linux VM, and
one to a Windows machine. - [Jeffrey] Exactly, correct. - [Matt] Nice. - [Jeffrey] And if I
can figure out how to, what my password is, it'll work just fine. - [Matt] It shows it's secure. - [Jeffrey] There you go. So, get Pssession. - [Matt] So you're just
gonna return a list of the current sessions
that you've got established? - [Jeffrey] Right, so there you see, the three run spaces, different protocols, different operating systems, right? Three different machines,
and then what I can do, is I can do an invoke command, dollar sign S, dollar sign S, get process, oh you know
it, it's GPS, star S, and voila, I'm using
one command, one syntax, to get processes from
three separate machines using different protocols. Boom, you know, if I
had a mic, I'd drop it, but it's pinned to my shirt, man. This is the world we've
wanted to deliver to you from the very beginning, so we
are very thrilled about this. - [Matt] This is awesome,
and now, I'm curious, and I'm sure many other
people are as well, with PowerShell now
open-source, what's the reaction from the community been like? - Well? (audience applause) Yeah, it's been fantastic,
really fantastic. You know, we're open-source,
and so there's this thing called a pull request, and
that's where you change the code. Over 50 percent of the pull
requests for PowerShell version 6.0 and 6.1 have come
from the community, okay? So it's doing fantastic. - [Matt] Awesome. - And then we've had over
four million instances of PowerShell that have run since August, and over 80 percent of
that usage was on Linux. Alright, so, I mean, we knew
it was gonna be popular, but we had no idea it was
gonna be that popular. - Yeah, that is a huge adoption on Linux, in particular, but what about the specific distros that we support, tell us more. - [Jeffrey] Yeah, so
obviously we're supporting the right distributions, right? So here's a list of the
distributions that we're supporting. It's a very large list, the
most popular distributions, and the community will
also support additional distributions, and that
list is there as well. - [Matt] Right, so it's
popular, and Cloud Shell and Azure now have support
for PowerShell Core, so that will open up even
more opportunities for people. - [Jeffrey] Yeah, exactly,
if you haven't tried it, this is just freaking crazy, right? Anybody use Cloud Shell? No, okay, well you gotta try Cloud Shell. Check this out. Okay, so, Cloud Shell,
here's the Azure portal. See up here, looks like
a PowerShell prompt? Guess what, it's a PowerShell prompt. Click it, you get PowerShell
running in a browser, okay? So now, maximize that,
and so, here you go. And so now, PowerShell's
running in a browser, you can store your scripts
in the Azure cloud drive, and then PowerShell can use them to manage and deploy and troubleshoot, you know, all of your resources anywhere, right? Anywhere you have access to
a browser, even your phone. - Now, you've launched PowerShell
within Cloud Shell there, and it looks like you're
in an Azure root drive. Are you in the root of Azure? - Yeah, actually that's
right, so what we've done, is we've exposed Azure as a drive. So anybody have any troubles keeping track of all their Azure stuff? Yeah, boy it's complex right? So here, I do a dir,
and we've surfaced Azure subscriptions as a directory,
so I do a dir of the subscriptions, and now check this out. I'll cd into one of the subscriptions, and do a dir, AllRescources,
ResourceGroups, StorageAccounts, VirtualMachines. Cd in VirtualMachines, do a dir, and there are all my VirtualMachines. And you get objects right, so dir d star, dir pipe to group location. I mean, ahh, it's fantastic. - [Matt} What do we think? (audience applauds) - But wait, it gets better, because, (audience laughs) Ginsu knife man, now
how much would you pay? But it's free, is that crazy? Anyway, so, in this Cloud
Shell, what we've done is, we go and we collect all
the latest and best versions of the tools we think
you're gonna need to manage your cloud environments right? So, there is vim, there's
git, there's Jenkins, there's Python, Terraform, Inspect. - [Matt] AC cmdlets, as well. - AC cmdlets, yeah, so
it's just fantastic. So, check this out. So, I'll get command, I'll get the cmdlets and functions, and we've got over 2,300, nearly 2,400 cmdlets. Again, a great toolkit,
and when a new version of a tool comes out, you don't have to, you know that problem right? Oh, I heard there's a new
version, oh where is it? Is that the new version? Do I have the new version
on the right machine? Oh, this has the old version. You go to Cloud Shell,
it always has the latest and greatest tools for you. We provide that for you. - Well what if you want more? - Right, so then, well,
what if I want more? That's an excellent question, Matt. - Thank you. - Well, where have we
talked about where we might be able to get more stuff. Say, from the community. Right, so here I'll do a find module. Now, here, you'll wanna use
the tag, PSEdition_CORE, that gets you all the modules
that support PowerShell Core, and I'll get the ones, I'll
filter out all the Azure ones, 'cause there are so many of those, and you'll see, ignore that, that warning, - [Matt] Here we go. - [Jeffrey] It just starts flowing. So there's a ton of these things. - [Matt] So, that's a pretty big list. - [Jeffrey] It is. - [Matt] Nice, and yeah,
a fine selection there. And I can see quite a few
useful things in the gallery, but do I have to download
the scripts each time, or can I store them somewhere? - Yeah, you do not have to
download these each time. In fact, everything that you store, in your home directory,
in the Azure cloud drive, in the Azure portal,
everything that's stored in your home directory,
gets saved across sessions. Now, those sessions, you
can use PowerShell or Bash, and everything that you've downloaded is available to both environments, and there's a special
drive, the cloud drive, that's a flavor or Azure
storage that's available from everywhere, so things
like the storage browser, you can access things
to upload, and download artifacts from there. - Awesome, lots of powerful stuff there. Now, we've shown running
PowerShell on the Mac, but how do you write scripts on there? 'Cause there's no PowerShell ISE. - [Jeffrey] Right, right, okay, so the Macintosh does
not have PowerShell ISE. That's a WPF application, it's not gonna work on the Macintosh. That's okay, because we have, Visual Studio Code, running on MacOS. MacOS, Linux and Windows, just fantastic. And it's the real deal, right? So here, I've got a very
simple PowerShell script, but notice the squiggle brackets right? And so when I take a look
at the squiggle brackets, click over it, it's telling me, oh, Where does not follow best practices, best practices is to be Where object, and so I should modify that. Of course, being a
PowerShell user, I'm, what? I'm lazy, so, there's this button here, the little light bulb, and I click on it, and it says, oh, I'll fix that for you. I said, yes you will, thank you very much. And it goes and fixes it for me. - [Matt] Nice, and my favorite
in Visual Studio Code, if anybody's new to it,
PowerShell document, right click, format document, again the laziness, it will just sort out your formatting, and make it look perfect,
which is great for a lazy PowerShell person like me, as well. Excellent, now, this is
working on your local machine, on your Mac, but what about if you wanna write scripts in Cloud Shell? - [Jeffrey] Right, right,
so what if you wanna write scripts in Cloud Shell? Well, of course, you've got, you know Vim, and things like that, you have eMax, if anybody can figure
out how to exit eMax, you should come up and tell me afterwards, cause I can never do that. But here I am, back in Cloud Shell. I'll cd, check this
out, you ready for this? - [Matt] I'm ready. - [Jeffrey] Visual Studio
Code, running in the browser, how crazy is that? (audience applauds) - [Matt] It's awesome. - [Jeffrey] Yeah, so let's
get this in focus, right? 'Cause this is just crazy. I'm on a Mac, I'm connected to a Linux environment, running in a container, via a browser, via Chrome browser, and I've got my PowerShell script open, and it's a completely familiar experience to me, a Windows guy. You know, who would have
imagined that Microsoft, we'd be delivering this
experience to our customers, but the reality is, when
we talked to customers, they made it clear, they
have a heterogeneous world, and they want a single
tool-set, that their entire organization can use, and
solidify, so that everybody can come together, learn
one tool, to manage from anywhere, and manage anything. - [Matt] Exactly, now in all these cases, we've been showing PowerShell
Core, but what about Windows admins, traditional
Windows admins where, are they gonna get the
same coverage that their used to with PowerShell? - Right, so PowerShell Core
is based upon a new version of the .NET Core, and so
there's reduced functionality at the beginning, but
right now, we're moving, we've done very great work,
and we are working very fast. So, about 60 percent
of your Windows modules already work natively on PowerShell Core, so let me just bring up RS5,
and show you where we are. Okay, so this is a virtual
machine, showing RS5, okay? So, here is PowerShell version 6.0, and what I'll do, is
I'll say, get-command, but wait, just to put this in focus, when we shipped PowerShell version 1.0, we had 128 cmdlets. When we shipped PowerShell
version 2.0 a couple years later, we had about 250 some odd, and then PowerShell version
3.0 was when we finally got over 2,000, okay? But that was, many, many years later, so here, ten months after we shipped, we run get-command to measure, and voila, 1,900 cmdlets, and these are your most used cmdlets, so we're doing great, but
wait, imagine I went to, - [Matt] Where can we get more? - [Jeffrey] Where could
I possibly get more? So I went to the gallery, and I downloaded all the ones that support PowerShell, and now I'm gonna add
that, so I loaded them to a directory, CommunityModules, and I'll add that to my
path, and I'll do it again. And now we have 5,400 cmdlets, okay? So, over 5,000 cmdlets,
running on PowerShell Core, just ten months after its release. - Awesome. - You will see this
continue to accelerate. (audience applause) So, as more, thank you,
as more teams develop cloud services, and et
cetera, they're developing PowerShell modules, so
as they come online, teams, et cetera, their PowerShell modules will be available on
PowerShell Core as well. And, we've been clear about
how to write these modules, so that you don't have to pick. They write these modules
in a way that will work with PowerShell Core, or
full Windows PowerShell. - [Matt] Awesome, awesome stuff, now, there's lots that
PowerShell brings to Azure, and other cloud services,
but you mentioned before, that the PowerShell experience
is also getting better because of Azure, so,
can you take us through what you mean there? - Yeah, exactly. So, let me, find Visual Studio again. Okay, so, here is a module that I wrote, and basically, this is
a module that we wrote, that stores keys in KeyVault, okay? So, what I'm gonna do is,
one time, I'm going to get my credentials and I'm gonna
save them up to KeyVault. So, if I can remember
my password correctly. - [Matt] So this scenario
would be beneficial, rather than post-it note passwords. - [Jeffrey] Yeah, right. - [Matt] Or clear Text. - [Jeffrey] If you're putting
passwords on post-it notes, please tell me your
company's stock ticker, so I can short it. Okay, so, now here, once,
we took my credentials and I stored them up in
KeyVault, super safe. Now, imagine, another
script, on another machine, on another OS, I'm gonna
go and I'm gonna get that credential, and
then, remember when I was connecting to everything? With, when I did SSH, I didn't
have to provide my password, but when I used WinRM I did, so now what I'm gonna
do, is I'm gonna do the same connection to WinRM,
but I'm gonna provide the credential that
was stored in KeyVault, so I just select this. It's retrieving it from KeyVault, boom! I got a connection, happy days. (audience applauds) And because it's managed in
KeyVault, I can change it, you know, I can update it,
once all the scripts get it, none of the scripts see the password. If I want to, I can give
permissions to other people to access it, and not. - [Matt] Yeah, so you're
securely controlling access to that, those
credentials, but it could be certificates and all sorts
of sensitive information, but you can use it for deployments of Vms and applications and all
sorts, which is cool. Now, of course, with Azure,
comes the intelligence of the cloud, but what
can you do now to create more intelligent scripts? - [Jeffrey] Yeah, right, so
the great thing about Azure is this wealth of
services available to you, all through REST APIs, so in PowerShell, accessing
the REST API, super simple. So, what we did was, we wrote some module that does that, right? And, so what this is, is a
module that does accesses the machine learning
anomaly detection API. So, imagine this scenario,
you've got a bunch of web servers that are
collecting all these logs, and you know, potentially you
have anomalies that happen. Right, as perhaps you're being DDOSed, or attacked from a particular location. Well, you could go
through all the logs and manually inspect for things,
that's not gonna work, right? So, here what I've done, is
I've collected all those logs in a CSV and what I'm gonna do. - [Matt] So you've got a CSV
file on your local machine. - [Jeffrey] I hope I do. - [Matt] that you've
collected this data in? Somewhere. - [Jeffrey] Well, let's see
if we can find our CSV file. - [Matt] There it is, MLReady. - [Jeffrey] Is it there? - [Matt] Yeah. - [Jeffrey] Okay, that's the one I want. Well. Voila! - [Matt] There we go,
we found it, on the fly. - [Jeffrey] You might have
heard this, but it's true. PowerShell is so powerful
because I'm such a deeply flawed human, and I could
build a system that compensated for my weaknesses, that's why
wild cards are everywhere. Demonstration taken. So, I've found that CSV file finally, I take that CSV file, I
hand it up to the machine learning API, it returns things. These two here, are
showing areas where anomaly was detected, okay? So, I got that data as
a merged object here, and now, what I'm gonna
do, is I'm gonna say, now, find me the date
associated with the anomaly detected by Azure's machine learning. Shows me these dates, and then, I've got another script that says, now, grab the AnomalyDate, go back
to that anomaly information, and find me the IP address
that's creating the anomaly. And voila, there, you know,
we have a large hit count from this one IP address. I can take this and now go investigate, find out whether it's a
normal user testing something, or whether I've got a
malicious actor attacking our environment. - And you could use huge numbers
of logs in Azure ML server. - Yeah, exactly. (audience applauds) So, the great thing is,
Azure has all this fantastic capabilities that's now easy
to access from PowerShell. - [Matt] Great, well thank you Jeffrey, for bringing us up to date. It's good to see all the
latest PowerShell advances, I think we can all agree. Now, how can everyone learn more. - Yeah, the best thing to do is, number one, go to
Microsoft.com/PowerShell. Number two, attend the Ignite sessions, the most important one is mine, and do what I did here today. Open up a PowerShell window,
and start hacking around. Make mistakes, don't feel bad about it. The inventor of PowerShell
makes mistakes all the time. Just make some mistakes, have fun with it. - [Matt] Yeah. - That's how you learn. - [Matt] Use VS Code, use
Cloud Shell, all of those new things as well. Fantastic stuff, well, thank
you for your attendance, keep watching Microsoft
Mechanics for the latest tech updates, and check us out on Twitter. Thanks for watching. (audience applauds) (upbeat electronic music)
