Introducing Hyperlight: Virtual machine-based security for functions at scale
The Microsoft Azure Core Upstream team is excited to announce the Hyperlight…
Over the past five years, I’ve had the pleasure of teaching a course titled “Cloud-Powered Mobile App Development” ten times at the University of Houston with my long-time friend and faculty colleague Jesus Hernandez. I’ve been humbled by the course’s success, regularly producing some of the highest course evaluations in the department and earning me a less-official ranking of highest-rated professor on ratemyprofessors.com for the entire University of Houston.
Given the results, I packaged up the curriculum and best practices for others to leverage and duplicate in similar courses. All course materials are open source on GitHub.
For context, this is a course that runs in a compressed, one-week, timeframe. Our shortened timeframe benefited from the instructional modality – it provided an immersive environment, similar to a bootcamp that is free of distraction from other courses. However, note many of the best practices in this guide could be applied to courses that run in different increments or durations.
The course itself is taught in the Bauer College of Business as part of the Management Information Systems degree track. As a result, many students often have high interest in computer systems but the degree of technical ability in areas of software development can be wide-ranging. And that’s okay; we are learning concepts related to cloud computing, many of which are best understood through application after explanation. That’s generally how the flow of the course is handled: we teach a concept, then demonstrate that concept in a lab-based exercise.
Over the years, the content has undergone changes, mainly in reaction to changes in technology trends. When we first taught the course, students would create and publish a mobile application and website as part of the course projects. We now focus on three main areas: a free-reign website project, a hands-on Internet of Things (IoT) project that involves pushing sensor readings from a microcontroller to a cloud-connected application running in a cloud-hosted virtual machine, and a wild card project that has something to do with an emerging technology.
Historically, the wild card project has been related to Virtual Reality, Augmented Reality, Drones, and most recently blockchain/cryptocurrency. In the most recent offering, we dissected the Litecoin codebase.
Aside from the wild card project, the content is relatively static and can be reused by other professors. In fact, the course content is open-sourced and hosted on GitHub for all to use as they please.
Now, I’ll break down how the course is taught day-by-day.
On the first day of class, some time is devoted to setting up accounts for services that we will be employing in the course. Currently this requires a Microsoft Live ID account, an Azure account (which is free for anyone with a .edu e-mail), and a Microsoft Learn account. Once these are obtained, we begin with an introduction to the Cloud and explain the concept of Infrastructure as a Service, Platform as a Service, and Software as a Service. We then apply those concepts by deploying a virtual machine (IaaS) and WordPress site instance (PaaS).
Each day, an associated quiz and Microsoft Learn module are assigned along with a larger homework assignment. The first homework assignment requires the students to create a design document around the website that they plan to build. Students are encouraged to play around with their site instances and understand the limitations of various service tiers. It is common that students exhaust the resources allotted by free-tier services during the class and experience the need for scalability first-hand. We like to refer to this situation as a real-world learning opportunity. 😉
Day one course materials are on GitHub here.
On the second day of class, we teach the students how to leverage more advanced features in WordPress and discuss responsive design. We challenge students to investigate how their site looks on various device form factors, and if there are issues myself and Jesus are on-hand to help.
This allows the students to explore creating something, while having expert assistance on-hand when needed. It is not uncommon that Jesus or myself have to ftp into a site instance to fix a botched plugin installation or to help guide students on how to incorporate a lofty feature that was included on their design document assignment. We usually camp out in a Discord chat after hours to field questions that students have after class.
We very often hear that once students get started on their projects that they don’t want to stop. It’s fun to build something that you can share out to friends and family, but we feel the reason is because we encourage the students to be invested in the project before they begin. Since we leverage WordPress (created by former UH student Matt Mullenweg while studying political science — a fact I love to call attention to), students are mostly on the hook for delivering content. This allows students to focus on creating something they have a legitimate passion or use for.
Students have created wedding sites that include interactive maps for logistics and forms for RSVP’ing and revamped websites for businesses, including a karate school, dentist office, pool repair company, and more. Some have showcased their passions with art portfolios, guitar collections, and foreign film reviews. I had one student build a photography services website in a couple days that he still uses three years later.
The key point is that by making assignments that students invest in personally, they actually want to do the work and often create very stunning projects in only a few days.
Daily quizzes are very insightful and allow me to gauge if students are in fact picking up on the concepts. I like to ask a combination of very targeted and open-ended questions to allow me to test if a student knows a thing as-is, as well as if they can synthesize the knowledge into something new.
Here is an example of a targeted question:
In class, we deployed an instance of WordPress to Microsoft Azure using Platform as a Service. The deployment rendered appropriately because WordPress is written in the PHP programming language which is a supported technology on Azure PaaS. Here is a condensed version of why this works:
1) PaaS is essentially a pre-configured OS environment that has support for certain technologies, like PHP
2) If we put PHP code on the server in an appropriate way, it should execute since PHP is available.Now consider the Prolog programming language, which is not supported on Azure PaaS. That said, there are ways to deploy / run Prolog applications into Microsoft Azure. Similar to above, in 2 steps, describe how you might run a Prolog application on Azure.
If students can answer the question above, then I am satisfied that they understand the difference between IaaS and PaaS. And furthermore, it is my hope that they never forget it since we have tied the question to an in-class experience.
The open-ended questions are a different beast – you never really know what you’ll get, but for the most part, students often impress me with some of the ways they interpret the concepts.
Here is an example open-ended question:
A student asks you: “Hey, I heard you took that cloud class at UH, what is the cloud?” How might you answer this student in your own words?
And here a few anonymous responses:
“Cloud consists of computing and storage. Cloud computing is internet-based computing that provides shared computer resources for processing and other on demand services. Cloud storage backs up data remotely and makes it available to users over the internet.”
“The cloud is basically a network of servers with the ability to store and access data or programs over the internet rather than on a personal hard drive. It allows ease of access and use for a majority of people. Some benefits from the cloud include flexibility and cost. The cloud allows users to scale up or down the servers to accommodate for their usage, which may be financially beneficial.”
“A cloud is basically a data server that is fully controlled virtually. This means that if you want to upgrade, downgrade, grow, or condense your current server host power, you just put in the request and the machine will automatically make the changes rather than a physical person having to go and upgrade the server you are on. The cloud makes it easier and quicker to do server business and make it easier to change your host server size based on your needs.”
All of these responses are acceptable to me, but it is interesting to note the various features that different students will highlight. In the past we ran all of the anonymized responses from students into a text miner to try to see how previous students thought of the cloud in aggregate.
Day two materials are on GitHub here.
Day three is my personal favorite, which is when we focus primarily on the IoT hands-on-lab. I love this because we get to put a microcontroller device into the hands of business students who then make the hardware “do a thing” by connecting it to a cloud service. Traditionally, the idea of working with hardware implies that it must somehow be “hard” to even begin.
I’m not sure whether it is the advances in tooling that now make hardware accessible to hobbyists and the like, or whether techies of the past just wanted to keep it needlessly complex. Whatever the reason, that is all over, as entrepreneurs can now become weekend inventors without the need for a rigorous technical background. The lab has evolved over time to use Raspberry Pi devices connected serially to an Arduino, Particle’s Core and Photon devices, and it’s current incarnation where we leverage the MXChip to produce a simulated Air Traffic Control system.
The lab requires that students deploy a virtual machine (VM), which is capable of running a recent installation of Visual Studio. Inside the VM, they develop a client application that connects to something called Azure IoT Hub. An IoT Hub is a high-throughput service bus that allows for publishing massive amounts of data from IoT devices, similar to an Event Hub but with bi-directional and bookkeeping features for devices. The MXChip device publishes data to this endpoint which is then forwarded to a Serverless function to process the data. The processed data is then forwarded on to a classroom-shared EventHub so that all data flows to a central location. Once a student successfully creates this pipeline, the data from their MXChip will make them appear as an airplane in-flight on a projector at the front of the classroom.
Students race to be the first to have their name on the real-time flight-board, and get excited when they see that first blip of device pumping data through an array of cloud services. Seeing each student tackle the challenge is awesome, as you can see the possibilities light up as they make the hardware “do a thing.” It’s also really cool to see students helping others once they have completed the task.
After this lab, I give a homework assignment, which asks students to create an IoT solution. I don’t expect them to build it, or to go into details on build out materials/parts/etc., but rather let them draw out what they would create if there were no limits. This has produced such gems as the smart bed, a few variants of IoT animal feeders, and solar-powered pants that charge your phone.
Day three materials are on GitHub here.
On day four, I will usually invite a guest speaker. I try to get someone involved in an emerging tech space. These have included Augmented Reality sessions with Jared Bienz, Virtual Reality Development with Faysal Sharif, and Machine Learning with Paige Bailey, among others.
Recently we invited some local Power BI experts from Iron Edge Group who showed us how to create data visualization around mortality rate and alcohol consumption.
We also brought in local startup Zenus Biometrics that does really cool work around event entry using facial recognition.
Once we are finished with the emerging tech session, we do a little prep in anticipation of final presentations the following day. Students are often able to leave early if they have completed their assignments, but usually stay to take advantage of the ginormous projector to play 8-player Smash Bros.
Day four materials are on GitHub here.
Day five is the final presentation day. This day has bit of personal effect as I am effectively asking the students to do what I do for a living as a final grade – i.e., they are required to speak about something they created to a room full of peers for around 5 minutes.
About 99% of the time, students will talk about their website with some insisting on adding time to discuss an app or IoT solution that they created. At the beginning of the course, I ask the students if they want to present in our classroom or at the Houston Microsoft Office. 100% of the time, the students want to present at the office.
This is the part where everyone gets to revel at all of the work that the students have put into their projects throughout the week. It’s an awesome time for students to share a portion of their personalities with others and it is typical that we learn something new with every presentation. For example, I’m pretty sure none of us were prepared for one student’s presentation on Korean Dramas or the fact that one of the students had done makeup for Slim Thug.
At the end of the presentations, we tour portions of the office and take a class picture. We’ve done one of these for every class. It’s awesome to reflect on the creativity I’ve witnessed over ten courses!
Day five materials are on GitHub here.
There are few takeaways that I would like to leave you with. I’ve talked about how I teach my class, from my perspective, and of course everyone has their own teaching and learning styles. However, there are elements discussed here that I think could be beneficial regardless of modality.
I was never really a fan of professors out there who purchase their exams from textbook publishers and assign content according to a prescribed rubric with little, if any, care for how that content is disseminated, leaving students to be measured solely on how accurately their answers match up to the exam key. The ones who stood out for me were the ones who stepped in to show how I could improve or took the time to answer questions when there was confusion. I am certain that the most memorable professors were the ones who were able to present knowledge in a way that was fun. I try to adopt these principles in every subject that I’ve had the opportunity to teach.
In summary, be fun, engage, and take pride in what you do — that’s pretty much all there is to it.
Questions or feedback? Let me know in the comments below.
Follow Paul on Twitter at @pjdecarlo.