Campus Connections Summit – February 1-2nd, the 5th annual CCS: Education Transformation

by Contributed | Feb 1, 2021 | Technology

This article is contributed. See the original author and article here.

Campus Connections Summit (CCS) convenes higher education senior campus leaders in a global gathering to share best practices, explore strategies, and engage in dialogue with colleagues around digital transformation in higher education.    

On February 1-2nd, the 5th annual CCS: Education Transformation: From Recovery to Reimagine, will dive into the recent events that have created a catalyst to dramatically shift the importance of technology’s role in higher education and created a transformation imperative for higher education worldwide.    

Seemingly overnight we transitioned from a “Why?” digital transformation conversation to “How much?” and “How quickly?”. As we face a new world of work and changing economies, innovation and collaboration are more important now than ever before. At Microsoft, we have a mission to empower every person and every organization on the planet to achieve more. We support higher education efforts to digitally transform with innovative tools to enable student success, collaborative teaching, learning, and research, safe and secure environments, as well as data and identity protection. Join us at CCS 2021, a unique forum for individual and collaborative exploration of the possibilities and partnerships that will change our world.

Please note the following: 

• All sessions will be provided in English.


• Event participants will be added to the Microsoft Higher Education Community Teams site in preparation for the Campus Connections Summit.   


• The Summit will run live February 1-2, 2021 to accommodate various time zones. Registration is required & you may register for any sessions that you would like to join.  


• E-mail: please register with your Microsoft associated e-mail account. If unable or unavailable please note you might not be able to access the Microsoft Higher Education Community Team. Tip: Here’s how to associate your account.


• Please use the checkboxes to register for more than one event.

For more details and full agenda at Campus Connections Summit (eventbuilder.com)

Azure Digital Twins Microsoft Learn – Learning Pathway

by Contributed | Feb 1, 2021 | Technology

This article is contributed. See the original author and article here.

Microsoft Azure learning path for developers: Develop with Azure Digital Twins.

The goal of the new learn path is to take the learner on a journey of creating an end-to-end industry based solution using ADT. The hands-on exercises leverage a manufacturing scenario, where learners will be using the Chocolate Manufacturing Factory example to complete the practical units and accomplish e2e solution building.



Azure Digital Twins (ADT) General Availability announcement was back in December, 2020 and contribute to our mission of simplifying and accelerating customers’ and partners’ journeys creating next-generation IoT solutions that model the real world.

Highlights

The learning path covers background information and hands-on exercises for developing end-to-end Azure Digital Twins solution over the following sequence of modules:

• Module 1: Introduction to Azure Digital Twins


• Module 2: Build an Azure Digital Twins graph for a chocolate factory production line


• Module 3: Ingest Data into Azure Digital Twins


• Module 4: Output from Azure Digital Twins to Downstream Services

Microsoft Learn Module Details

• Module 1 lays the foundation on how the industry defines “digital twins” in general, how the term evolved over time with the introduction of Cloud, IoT, modeling, simulation and additional core concepts to become what it is today, the benefits of digital twins, examples of industries, use cases and customers where digital twins are leveraged and finally how Microsoft defines digital twins, assets, ecosystem, and how Microsoft can help the conversation
  
  Digital Twin Consortium (DTC), cofounded by Microsoft, Dell, Ansys, Autodesk, GE Software, Northrop Grumman, and Lendlease
  
  


• Module 2 covers the first steps in building an Azure Digital Twins solution; such as making an instance of Azure Digital Twins, and learning about creating and visualizing DTDL models. In this module learners will create, validate, graph, and query models for a chocolate factory production line
  
  


• Module 3 deep dives on the different ways to ingest data into Azure Digital Twins, as well as covers the hands-on elements to create the chocolate manufacturing digital twin instance, instantiate the models and ingest data from IoT Hub and simulated app client via Azure Functions, Rest API’s and Logic Apps
  
  


• Module 4 is the capstone module that revisits the solution architecture, automates deployment of the environment using ARM template, and where you will learn about how Azure Digital Twins use event routes to send data to consumers outside the service. It’s also the fun part of the learning journey as you can finally start experiencing the ‘outcome’ of the hard work you invested earlier in the form of insights, dashboards, visualizations, and more!

Resources

Azure Product Pages​

• Full announcement on the Azure IoT blog ​


• ADT product page​


• Watch Azure Digital Twins demo video


• ADT sizzle video​


• Azure Digital Twins documentation(including samples, C# SDK, CLI, DTDL & associated tooling, and more)​


• Azure Portal​


• ADT Explorer​

IoT Shows​

• Azure Digital Twins Preview New Capabilities​


• Deep Dive: Azure Digital Twins Updated Capabilities​


• Ansys Twin Builder Integration with Azure Digital Twins​


• Bentley iTwin and iModel.js Integration with Azure Digital Twins​


• Deep Dive: Integrating 3D Models and IoT data with iTwin and Azure Digital Twins


• Azure Digital Twins technical deep dive video featuring the WillowTwin solution

Build 2020 sessions:

• Sam George – Microsoft IoT Vision and Roadmap​


• Christian Schormann – Azure Digital Twins: Powering the Next Generation of IoT

ADT Demo Resources:

• Azure Digital Twins Hands On Labs


• ADT Supply Chain Demo

Customer/Partner Stories​

• ANSYS: Engineering simulation giant Ansys unlocks value and opportunity with Azure Digital Twins​


• BENTLEY: Bentley Systems helps close the global productivity gap with Azure Digital Twins​


• BOSCH: Bosch expands energy efficiency offerings with connected building solution using Azure Digital Twins​

What’s New in Azure Spring Cloud after GA

by Contributed | Feb 1, 2021 | Technology

This article is contributed. See the original author and article here.

Microsoft and VMware co-announced Azure Spring Cloud General Availability (GA). We were excited to see how Azure Spring Cloud helped customers focus on code and let us take care of the underlying infrastructure management, operation, and maintenance. We continue to prioritize our work according to customers’ requests and feedback. For example, 7 more regions were enabled, and Azure Spring Cloud service is now available in 18 regions of Asia Pacific, Australia, Canada, China, Europe, India, Korea, United Arab Emirates, United Kingdom, and the United States. In this blog, I’ll share more about the newest features and enhancements since GA.

Full APM Capabilities w/ Application Insights Java in-process Agent

Application Insights is an extensible Application Performance Management (APM) service for developers and DevOps professionals. With its latest Java in-process agent you can enjoy full APM functionalities besides distributed tracing. For example, you can monitor real-time live metrics without any code changes and obtain insights into application dependencies – MySQL, PostgreSQL, JDBC, Redis, JMS, Kafka, Netty / WebFlux, etc. Learn more from here about effortlessly monitoring applications and dependencies in Azure Spring Cloud!

As you know, there is always the possibility that a service may be down or having high latency when a service invokes another service. This may lead to exhaustion of the threads as they might be waiting for other requests to complete. With the implementation of the Circuit Breaker pattern, you can prevent failures from cascading and provide fallback behavior until a failing service is restored to normal operation. The new Spring Cloud Circuit Breaker framework unifies all implementations of its metrics data pipeline into Micrometer. Resilience4j is a new option for Spring developers to implement the Circuit Breaker pattern. Resilience4j works well with Spring Boot and using Micrometer libraries, it can produce metrics for monitoring. After enabling Application Insights java in-process agent and dimension collection for Resilience4j metrics, you can collect Spring Cloud Resilience4j Circuit Breaker Metrics and display them in the Metrics blade of Application Insights.

Get outbound public IP to secure the communication with external resources

Some network environments are locked down via a Firewall and allow only whitelisted IP addresses inbound to their internal network.  Learn how to get static outbound public IP addresses of Azure Spring Cloud applications to communicate with external resources, such as databases, storage, and key vaults.

Below is an example to whitelist an Azure Spring Cloud app in Azure Database for MySQL. Azure Database for MySQL provides access security using a firewall to protect your data. You can explicitly add all the outbound IPs of your Azure Spring Cloud apps.

• To find the outbound public IP addresses currently used by your Azure Spring Cloud service instance in the Azure portal, click Networking in your instance’s left-hand navigation pane. They are listed in the Outbound IP addresses field.

• On the MySQL server page, under Settings heading, click Connection Security and add above outbound IPs one-by-one.

VS Code extension for Azure Spring Cloud

Besides feature requests for the Azure Spring Cloud service, we also received requests from developers about how to deploy and manage apps in their familiar environment. You can now use Azure Toolkit for IntelliJ or Azure Spring Cloud extension for VS Code to quickly create, manage and deploy apps to Azure Spring Cloud.

What is upcoming?

Security, elastic scaling, and monitoring are key tenets of Azure Spring Cloud. In the following months, you will see more updates for:

• Managed Virtual Network: allows users to be in control of inbound and outbound network communications for Azure Spring Cloud and enables Azure Spring Cloud to interact with systems in on-premises data centers or Azure services in virtual networks.


• Autoscale: automates the upscaling or downscaling of the application based on load or schedule – thus providing cost-efficiency and better performance.


• E2E TLS: allows users to encrypt and securely transmit sensitive data among applications or from app to the backend.


• Azure RBAC for managed Spring Cloud Config Server/Service Registry: allows users to authenticate with AAD (Azure Active Directory) token for accessing to managed Spring Cloud Config Server/Service Registry by Azure Spring Cloud service.


• Integration with 3rd party APM solutions:  enables out-of-box experience w/ 3rd party Application Performance Monitoring (APM) tools such as New Relic, App Dynamics and Dynatrace for Azure Spring Cloud apps.

Get Started

• Step by step tutorials: Learn the basics of Azure Spring Cloud with well-known Spring sample apps.


• Online workshop: Go through tasks to deploy Spring Boot microservices to Azure Spring Cloud with Azure database for MySQL.


• Troubleshooting tips: Read common tips for troubleshooting Azure Spring Cloud server- and client-side issues.

We are excited about the improving developer experience we are creating for Azure Spring Cloud service. Your feedback has been instrumental in shaping these features, keep the feedback coming. Contact us if you have feedback or questions. 

CI CD in Azure Synapse Analytics Part 4 – The Release Pipeline

by Contributed | Feb 1, 2021 | Technology

This article is contributed. See the original author and article here.

Here’s a quick review of the road so far:

CI CD in Azure Synapse Analytics Part 1

• Creating an Azure DevOps project


• Linking our Azure Synapse Analytics environment to that Project via Git


• Validating that our Azure DevOps Repo was populated with our Azure Synapse Analytics environment

CI CD in Azure Synapse Analytics Part 2:

• Create a new branch on our Repo


• Edit our Azure Synapse Analytics environment
  
  
  
  • Specifically my SQL scripts have demos all over the place and Buck Woody said I have to clean up my very messy room …. Azure Synapse Analytics environment
  
  
  
  


• Create a Pull Request in Azure Synapse Analytics to merge our new branch with the main


• Approve the Pull Request in Azure DevOps


• Validate our main branch is updated in our Azure Synapse Analytics Environment

CI CD in Azure Synapse Analytics Part 3

• Create an Artifact pipeline
  
  
  
  • This is to create an Artifact we can use to deploy to another environment
  
  
  
  

This time we will:

• Give our Azure DevOps Service Principal access to our Azure Synapse Workspace


• Validate or Give our Azure DevOps Service Principal Storage Contributor & User Access Administrator (*This is only if your storage account was provisioned before you created your Synapse Workspace or if you connect your Dev, QA, and Prod to the same ADLS G2 storage account.  If you create your Synapse Workspace and Storage account from an ARM template deployed from DevOps, then your DevOps Service Principal will have Owner on the Storage Account and that gives the Service Principal User Access Administrator capabilities.)


• Create the release pipeline


• Validate the deployment


• *If you have SQL Provisioned Pools as part of your deployment pause them, because they will be created on deployment

Before we create our release pipeline we need to make sure the Azure Service Principal account has the proper permissions.  If we do not, you well get cryptic errors with a GUID and something about “does not have permissions to blah blah blah”.  Trust me, it is super annoying.

The two permission we will need are located in two different places, the first is in our Azure Synapse Workspace, specifically using Azure Synapse Studio.  The second will be in the Storage Account for our Azure Data Lake Gen 2 that is the default ADLS connection for our Azure Synapse Studio.

First open your Azure Synapse Studio and navigate to the Management Blade.

Now Click on Access Control.  The user that created the Azure Synapse Workspace is automatically given the role of Synapse Administrator, the second user with that role will be the Managed Identity for the Azure Synapse Workspace.  We need to add our Azure DevOps Service Principal to this role.

*A quick note, I prefer to manage this in an Azure Active Directory Group. In this blog I will show how to add the account directly to the Azure Synapse Workspace.  However, the best practice would be to have an AAD group that is granted Synapse Administrator and then add the role to that group.

Click the +Add link.

Now we will type in the Azure DevOps Project name.  If your project URL was https://bobsburgers.visualstudio.net and your project name was Azure Synapse Studio CI CD you would type in bobsburgers-Azure Synapse Studio CI CD.  This would show you the Service Principal GUID following that name. 

Click the name as it appears and then click the Apply Button.

Now open a browser and navigate to the Azure Portal.  In the search window at the type Storage Accounts.  Select the storage account that you are using as your default ADLS Storage Account for your Azure Synapse Workspace.  Click the Access Control (IAM) blade.  Click +Add, then click Add role assignment.

Select Storage Blob Data Contributor for Role.  In the Select text box, type in the Azure DevOps Service Principal the same way we did in the for the Synapse Administrator role.

Repeat the previous steps, except this time specify the User Access Administrator Role.

Next we will navigate to our Azure DevOps Project.   Select pipelines, Releases, and New Pipeline.

Click on Empty Job.  Then click on Add an artifact.

Ensure our project is selected.  Select the name of the Build Pipeline that we created in our previous blog (Or whatever YOU wanted to name your Build Pipeline because my naming conventions do not define you!).  Select the Latest Build, and click Add. 

Rename the Release Pipeline to reflect what we are doing.  We selected Deploy Dev Release.  Clock on the Stage1 link 1 job, 0 task

Click the + plus sign on Agent Job.  In the search text box type “Synapse”, the Synapse workspace deployment task will appear if you have installed it from the Marketplace.  If not, FEAR NOT!  You should see a link for it below under the heading Marketplace.  Click on it to install the task to your Azure DevOps project.

Once you have added the task, click on the task.  We will fill out the Template, Template parameters, Synapse Workspace connection type, Synapse Workspace name, and we will get to OverrideArmParameters in a moment.  That will a lot more details.

First click on the … ellipses by Template. 

 Navigate through the build pipeline, ASW_Drop, ARM, to the TemplateForWorkspace.json.  Select the .json file and click OK.

Now repeat the same steps for the Template Parameters text box, this time selecting the TemplateParametersForWorkspace.json file.

Under Synapse workspace connection type, select the Azure Subscription that contains the environment where we are deploying our release.  Specify the Resource Group and the Azure Synapse Workspace name.

Now we begin to focus on the override parameters.  First we will travel back to our Repo and look at the TemplateForWorkspace.json.  Any string that has a type “secureString” will need to have an override parameter. Depending on the level of development you have done, you may have many of these strings, in our example we have two.  The default workspace connection to the Provisioned SQL Pools and a Linked Service I created to an Azure SQL Database.

Dear Reader, you are wondering where to find those.  You are in luck!  Navigate to your Azure Synapse Analytics Workspace, click on the Manage blade, then Linked services.  Now click on the { } Code symbol after the name of the linked service that is a type securedString.  


This will open a view of the JSON in that contains the data we need.  Copy the text between the double quotes.  DO NOT SELECT THE DOUBLE QUOTES!! JUST THE STRING BETWEEN THE DOUBLE QOUTES!  

Sorry for yelling, but we will use this string soon and the double quotes “” will cause it to fail.

Now let’s do the same thing for the Azure SQL Database.

Now navigate back to our Azure DevOps Release pipeline.  Click on Variables, then click the + Add button 3 times.  We will be creating two variables based on the secureStrings in our JSON file.  We will also be creating a system.debug value to give us extra information in our release pipeline, it’s value is True.

After you copy in the secureStrings, click the lock button by the two connection strings, leave system.debug unencrypted.

Your pipeline should look similar to this.

Now we will go to the OverrideArmParameters text area.  We will use the following syntax                                -variableNameFromTheJsonFile $(devOpsPipelineVarriable)

For example:

            -bballasw-WorkspaceDefaultSqlServer_connectionString $(WorkspaceDefault) -Lahman_connectionString $(Lahman)

Yours may vary based your number of secureStrings and names.  Now let’s click Save on our pipeline.

Make a comment and click OK

Now click Create release.

Click Create

Click Release-1 (or whatever your release number is).

After your Agent begins to process click on Logs and watch it run!

AND NOW!!!!! ……it failed.

A few times.  But hey, it’s not developing if there isn’t a failure.  So it’s almost 1 am, and I *believe* I have it running so let me take this time to walk you through what I’ve found.

Spark Pools and Self Hosted Integration Runtimes are not created in a pipeline.  If you have a Linked Service that uses a Self Hosted Integration Runtime you will need to manually create that in your QA or Prod environment prior to deployment. 

If you are developing Notebooks and have them connected to a Spark Pool, you will need to recreate that Spark Pool in QA or Production.  Notebooks that are linked to a Spark Pool that does not exist in an environment will fail to deploy.

Name them the same thing.  Do not change names.  Trust me.  

If you are doing a deployment and your Provisioned SQL Pools are Paused then the deployment will fail.  *More to come on database migrations, a database project build, and release is still needed.

Here’s a quick image. 

I’m on release 4, attempt 2.  This appears to be running just fine for me.

VICTORY!!

Now let us go and check our QA Workspace!  First up Scripts and Notebooks.

Excellent!  Everything is there.  Next let us look at our Provisioned SQL Pools.

Looks great!  As a quick side note the databases will be brought over at DW100c, so you can auto scale them as needed.  Also if you are in a demo environment like me, be sure to pause them after the deployment completes.   Next up Pipelines.

I like this!  Now let’s check out linked services.

I don’t like this.  Here are my Dev links for my default workspace in my QA environment.  Right now the only way I’ve found to clean this up is to use the Az.Synapse PowerShell Module.  Navigate back to your release pipeline.  Edit it, add an Azure PowerShell task.  We will then use this script:

##Required for azure devops initial deployment
Install-Module Az.Synapse -RequiredVersion 0.2.0 -Scope CurrentUser -Force

#get rid of dev linked service in QA
Remove-AzSynapseLinkedService -WorkspaceName yourworkspaceName -Name linkedservicetoRemove
Remove-AzSynapseLinkedService -WorkspaceName yourworkspaceName -Name linkedservicetoRemove

Under Azure PowerShell version options select Specify other version, set Preferred Azure PowerShell Version 3.1.0.  

The next time you run your deployment, this should clean up those links.

All right Dear Reader, I’m off to sleep.  Happy Monday and as always, thank you for stopping by.

Thanks,

Brad

Use Azure Portal to enable AAD authentication for Service Fabric management endpoint

by Contributed | Jan 31, 2021 | Technology

This article is contributed. See the original author and article here.

Here is our official documentation on how to use Azure AD to authenticate service fabric connection endpoint. It uses PowerShell script to create two applications in the Azure AD resource.

https://docs.microsoft.com/en-us/azure/service-fabric/service-fabric-cluster-creation-setup-aad

We can also do these steps manually with UI in Azure Portal.

Abstract at the beginning of the blog

The service fabric cluster here will be treated as an AAD web app. When users access it with browser, it will pop the sign in box and navigate back to the provided reply URL after authentication just like any web OAuth process.

When user access it with client tool like SF PowerShell module, the AAD client app here will sign in the user, then use the exposed API from AAD web app to validate if the user has the Admin role.

Application registration:

1) AAD web app

The first application we need to register in Azure AD is a web app, represents the cluster.

In authentication blade, we will configure like this:

Redirect URLs

• https://mysftestcluster.eastus.cloudapp.azure.com:19080/Explorer/index.html

Implicit grant and hybrid flows

• ID tokens (used for implicit and hybrid flows)

Supported account types:

• Accounts in this organization directory only (Single tenant)

Allow Public client flows:

• No

User Role assignment:

We need to create an Admin App-Role for the AAD web app.

In App roles blade, we create app role with below configurations.

Display name:

• Admin

Allowed member types:

• Users/Groups

Value

• Admin

Description:

• Admin role

Then we will go to Enterprise applications blade of Azure AD. Go to overview the page of the applications we created. In Getting started section, we will see “Assign users and groups.”

We will add a user as Admin so that user can access SF connection endpoint with Azure AD.

Expose API

We need to expose the authentication API of the web app so that the client app like PowerShell can use it to sign in the admin user.

Steps are done for the AAD web app here.

2) AAD client app

The second application we need to register in Azure AD is a Desktop/Native app, it represents tools like SF PowerShell module. (Connect-ServiceFabricCluster)

In the authentication blade, we will configure like this:

Redirect URLs

• https://login.microsoftonline.com/common/oauth2/nativeclient


• https://login.live.com/oauth20_desktop.srf


• msal29a2c311-3290-471b-a431-66f0d971a668://auth


• urn:ietf:wg:oauth:2.0:oob

Supported account types:

• Accounts in this organization directory only (Single tenant)

Allow Public client flows:

• Yes

Add API Permission

AAD client needs this config so it can call the API we just exposed on AAD web app.

Add a permission => My APIs => your cluster web app => user_impersonation

Steps are done for the AAD client app here.

Done

Now you should be able to use AAD to connect service fabric cluster. And the browser will not prompt the certificate list for SFX.

If the process does not go as smoothly as expected, there is a troubleshooting section in the doc.

https://docs.microsoft.com/en-us/azure/service-fabric/service-fabric-cluster-creation-setup-aad#troubleshooting-help-in-setting-up-azure-active-directory

You can also read the PowerShell script provided in our official documentation to understand what has been done. This is a steps-by-steps guide for users who prefer Azure Portal.

WebSub to EventGrid via CloudEvents, and Beyond

by Contributed | Jan 31, 2021 | Technology

This article is contributed. See the original author and article here.

Let’s say you’ve got a YouTube channel uploading videos in a regular cadence. When a new video is published, you want to cross-post it to other social media channels that you’re running. What could be the best way to do so? There are hundreds of commercial tools on the market for online content marketing. There are hundreds of companies to help you, and those companies have their proprietary solutions for it. It could make sense to utilise those tools or companies. However, with various reasons or circumstances, what if you need to build your own one? What if the existing tools don’t fulfil your requirements? Then, it’s a good time to build the solution by yourself, isn’t it?

This post will discuss an end-to-end workflow story, from YouTube video update to other social media exposure. For the workflow, let’s use Azure serverless services like Azure EventGrid, Azure Functions and Azure Logic Apps.

If you like to see the source codes of the solution, find this GitHub repository. It’s completely open-source, and you can use it under your discretion with care.

Subscribing YouTube Notification Feed

YouTube uses a protocol called PubSubHubbub for its notification mechanism. It’s now become a web standard called WebSub since 2018, after the first working draft in 2016.

Google registers all YouTube channels to their WebSub Hub. Therefore, if you want to get the update notification from a specific channel, you can simply send a subscription request to the Hub. To subscribe, enter the message handler URL and YouTUbe channel URL and click the Do It! button. Too easy!

Please ensure that the subscription process is completed only after passing the message handler verification request.

Verifying WebSub Subscription Request

To verify the WebSub subscription request, the WebSub Hub sends an API call to the message handler. When it arrives, the handler MUST deal with the following.

• The verification request sends a GET request with the following query parameters:
  
  
  
  • hub.mode: The subscribe string.
  
  
  • hub.topic: The YouTube channel URL.
  
  
  • hub.challenge: A random string generated by the WebSub Hub, used for the verification.
  
  
  • hub.lease_seconds: The validation period in seconds from the time of the request. The request will be void unless the request is not verified within this period.
  
  
  
  


• The response of the verification request MUST include the hub.challenge value to the response body, with the HTTP status code of 200:
  
  
  
  • If the response body includes anything other than the hub.challenge value, the WebSub Hub won’t accept it as the valid response.
  
  
  
  

Here’s the verification request handling logic in the Azure Function method:

    [FunctionName(“CallbackAsync”)]

    public async Task CallbackAsync(

        [HttpTrigger(AuthorizationLevel.Function, “GET”, “POST”, Route = “callback”)] HttpRequest req,

        ILogger log)

    {

        if (HttpMethods.IsGet(req.Method))

        {

            string challenge = req.Query[“hub.challenge”];

            var result = new ObjectResult(challenge) { StatusCode = 200 };

            return result;

        }

Once the message handler is verified, the WebSub Hub keeps sending the notification message to the handler whenever a new video update is made, from the subscribed channel.

Converting WebSub Notification Feed

As the mechanism of WebSub follows the same Publisher/Subscriber (Pub/Sub) pattern, it’s not that new. The only difference of WebSub is the event data that makes use of the existing ATOM feed format. Therefore, as long as any subscriber understands the feed format, it should be OK. In other words, the subscriber has a strong dependency on the event data format the publisher sends. In the modern application environments, we recommend decoupling between the publisher and subscriber as much as we can, so that each can organically grow independently. In other words, the subscriber don’t have to know the ATOM feed format. How can we make them decoupled, then? The event data format or message format needs to be canonicalised. Then, converting the canonical data into the subscriber-specific format should be done by the subscriber’s end.

Therefore, we are going to use CloudEvents as the canonical data format. There are two steps for the conversion–1) canonicalisation and 2) domain-specific conversion. Let’s have a look.

1. Canonicalisation: WebSub Feed :right_arrow: CloudEvents

The purpose of this step is to decouple between WebSub Hub and your application. The XML data delivered from the WebSub Hub is just wrapped with the CloudEvents format. When a new video is updated onto YouTube, it sends a notification to the WebSub Hub, which looks like the following:

  <feed xmlns:yt=”http://www.youtube.com/xml/schemas/2015″ xmlns=”http://www.w3.org/2005/Atom”>

    <link rel=”hub” href=”https://pubsubhubbub.appspot.com”/>

    <link rel=”self” href=”https://www.youtube.com/xml/feeds/videos.xml?channel_id=[channel_id]”/>

    <title>YouTube video feed</title>

    <updated>2021-01-27T07:00:00.123456789+00:00</updated>

    <entry>

      <id>yt:video:[video_id]</id>

      <yt:videoId>[video_id]</yt:videoId>

      <yt:channelId>[channel_id]</yt:channelId>

      <title>hello world</title>

      <link rel=”alternate” href=”http://www.youtube.com/watch?v=<video_id>”/>

      <author>

       <name>My Channel</name>

       <uri>http://www.youtube.com/channel/[channel_id]</uri>

      </author>

      <published>2021-01-27T07:00:00+00:00</published>

      <updated>2021-01-27T07:00:00.123456789+00:00</updated>

    </entry>

  </feed>

As the message handler takes this request through POST, it is stringified like this:

        var payload = default(string);

        using (var reader = new StreamReader(req.Body))

        {

            payload = await reader.ReadToEndAsync().ConfigureAwait(false);

        }

The request header also contains the following Link information:

    Link: <https://pubsubhubbub.appspot.com>; rel=hub, <https://www.youtube.com/xml/feeds/videos.xml?channel_id=[channel_id]>; rel=self

As it includes the YouTube channel URL as the message source, you need to extract it.

        var headers = req.Headers.ToDictionary(p => p.Key, p => string.Join(“|”, p.Value));

        var links = headers[“Link”]

                    .Split(new[] { “,” }, StringSplitOptions.RemoveEmptyEntries)

                    .Select(p => p.Trim().Split(new[] { “;” }, StringSplitOptions.RemoveEmptyEntries))

                    .ToDictionary(p => p.Last().Trim(), p => p.First().Trim().Replace(“<“, string.Empty).Replace(“>”, string.Empty));

        var source = links[“rel=self”];

Then, set the event type and content type like the following.

        var type = “com.youtube.video.published”;

        var contentType = “application/cloudevents+json”;

As I mentioned in my previous post, at the time of this writing, the Azure EventGrid Binding for Azure Function currently has a limitation to support the CloudEvents format. Therefore, you should handle it manually:

        var @event = new CloudEvent(source, type, payload, contentType);

        var events = new List<CloudEvent>() { @event };

        var topicEndpoint = new Uri(“https://<eventgrid_name>.<location>-<random_number>.eventgrid.azure.net/api/events”);

        var credential = new AzureKeyCredential(“eventgrid_topic_access_key”);

        var publisher = new EventGridPublisherClient(topicEndpoint, credential);
        var response = await publisher.SendEventsAsync(events).ConfigureAwait(false);
        return new StatusCodeResult(response.Status);

    }

So far, the WebSub data is canonicalised with the CloudEvents format and sent to EventGrid. The canonicalised information looks like this:

    {

      “id”: “c2e9b2d1-802c-429d-b772-046230a9261e”,

      “source”: “https://www.youtube.com/xml/feeds/videos.xml?channel_id=<channel_id>”,

      “data”: “<websub_xml_data>”,

      “type”: “com.youtube.video.published”,

      “time”: “2021-01-27T07:00:00.123456Z”,

      “specversion”: “1.0”,

      “datacontenttype”: “application/cloudevents+json”,

      “traceparent”: “00-37d33dfa0d909047b8215349776d7268-809f0432fbdfd94b-00”

    }

Now, you have cut the dependency on the WebSub Hub.

Let’s move onto the next step.

2. Domain-Specific Conversion: WebSub XML Data Manipulation

At this step, the XML data is actually converted into the format we’re going to use for social media amplification.

The WebSub XML data only contains bare minimum information like the video ID and channel ID. Therefore, you need to call a YouTube API to get more details for social media amplification. An event handler should be registered to handle the published event data on Azure EventGrid. Like the WebSub subscription process, it also requires delivery authentication. One of the good things using Azure Logic Apps as the event handler is that it automatically does all the verification process internally. Therefore, you just use the Logic App to handle the event data.

The Logic App handler’s first action is to verify whether the event data is what you are looking for–it should meet your channel ID and event type of com.youtube.video.published. If either channel ID or the event type is different, this handler stops processing.

If the event data is what you are looking for, the handler passes it to Azure Functions for further manipulation.

The Azure Functions app calls the YouTube API to get more details of the video, manipulates them, and turns it back to Logic App. The converted data looks like:

    {

      “channelId”: “<channel_id>”,

      “videoId”: “<video_id>”,

      “title”: “hello world”,

      “description”: “Lorem ipsum dolor sit amet, consectetur adipiscing elit. Duis malesuada.”,

      “link”: “https://www.youtube.com/watch?v=<video_id>”,

      “thumbnailLink”: “https://i.ytimg.com/vi/<video_id>/maxresdefault.jpg”,

      “datePublished”: “2021-01-27T07:00:00+00:00”,

      “dateUpdated”: “2021-01-27T07:00:00+00:00”

    }

YouTube data has been massaged for our purpose.

Social Media Exposure

The event handler now needs to help spread the YouTube video update to the world through designated social media. There are two approaches:

• The event handler directly connects to APIs of individual social media, or


• The event handler publishes another event to Azure EventGrid for other event handlers takes care of social media amplification.

Although both approaches are valid, the first one has strong coupling between the handler and amplifiers. If you need to add a new amplifier or remove an existing one, the Logic App handler must be updated, which is less desirable, from the maintenance perspective. On the other hand, The second approach publishes another event containing the converted data. All social media amplifiers act as event handlers, and they are all decoupled. I chose the second one.

1. Event Publish: Converted YouTube Video Details

In order to publish the converted YouTube video details to Azure EventGrid, the data needs to be wrapped with the CloudEvents format. The screenshot shows the action on how to wrap the video details data with CloudEvents. This time, the event type will be com.youtube.video.converted.

The next action is to send an HTTP request to Azure EventGrid, with the CloudEvents payload. You can notice that many metadata headers are starting with ce-, defined in the cross reference check spec over HTTP.

The message handler now completes its workflow. From now on, each social media handler takes care of the new event data.

2. Event Handlers: Social Media Amplification

YouTube video details are now ready for amplification! Each social media handler takes care of the event data by adapting their circumstances. The event data received from EventGrid looks like this:

    {

      “id”: “4cee6312-6584-462f-a8c0-c3d5d0cbfcb1”,

      “specversion”: “1.0”,

      “source”: “https://www.youtube.com/xml/feeds/videos.xml?channel_id=<channel_id>”,

      “type”: “com.youtube.video.converted”,

      “time”: “2021-01-16T05:21:23.9068402Z”,

      “datacontenttype”: “application/cloudevents+json”,

      “data”: {

        “channelId”: “<channel_id>”,

        “videoId”: “<video_id>”,

        “title”: “hello world”,

        “description”: “Lorem ipsum dolor sit amet, consectetur adipiscing elit. Duis malesuada.”,

        “link”: “https://www.youtube.com/watch?v=<video_id>”,

        “thumbnailLink”: “https://i.ytimg.com/vi/<video_id>/maxresdefault.jpg”,

        “datePublished”: “2021-01-27T07:00:00+00:00”,

        “dateUpdated”: “2021-01-27T07:00:00+00:00”

      }

    }

Twitter Amplification

As Logic Apps provides the Twitter connector out-of-the-box, you don’t need to use the API by yourselves. Therefore, simply use the actions like below:

LinkedIn

Logic Apps also provides a built-in LinkedIn connector. So, simply you use it.

Facebook

Unlike the other two connectors, the Facebook connector has been deprecated. Instead, it’s now become an open-source project. So, you should use this open-sourced custom connector or something else. Fortunately IFTTT provides the Facebook Page connector, so you just use it.

From the Logic App point of view, calling IFTTT is just another HTTP call. So it’s not that tricky. The only thing to remember is that the request payload can only include no more than value, value2 and value3.

The actual process result in the IFTTT end looks like this:

We’ve amplified to social media of Twitter, LinkedIn and Facebook.

If you want to add another social media, you can simply add another Logic App as the event handler.

So far, we’ve implemented a workflow solution that posts to designated social media platform when a new YouTube video update is notified through WebSub, by using CloudEvents, Azure EventGrid, Azure Functions and Azure Logic Apps. As steps are all decoupled, we don’t need to worry about the dependencies during the maintenance phase. In addition to that, although a new social media platform is planned to add, it wouldn’t impact on the existing solution architecture.

If you or your organisation is planning online content marketing, it’s worth building this sort of system by yourself. And it would be an excellent opportunity to make a well-decoupled and event-driven cloud solution architecture.

This article was originally published on Dev Kimchi.