Posts

Showing posts from 2020

Tidy up - Unused Project and Nuget package reference using Visual Studio 2019

If you are a Developer/Architect using Visual Studio as IDE for your development activities, this blog post will be of your interest. During the Ignite 2021 conference, Microsoft released Visual Studio 2019 v16.9 and v16.10 Preview 1. As part of version 16.10 Preview 1, one of the cool features they introduced is to "Remove Unused References..." for any Projects and Nuget packages that are not in use. At the time of writing this blog post, we have Visual Studio Version 16.10.0 (official release) which includes this new feature.  As part of development, we generally get carried away and introduce new Nuget package references to your project and add new references to your Projects. By the end of development, you will not be 100% sure which are not being referenced and unused which means you will leave those unused project references in your application. Now you might be wondering what's the big deal in it since it doesn't harm. The advantage of removing unused project r...

Immutable Storage for Azure Blob Storage

Image
Azure Blob Storage provides scalable, cost-efficient storage in the cloud. In general, Blob Storage holds organization data like back-ups, unstructured data, files, etc. With the Immutable Storage feature, it allows storing business-related information in the WORM (Write-Once-Read-Many) state. Immutable storage feature is available in all Azure public regions. Immutable storage feature is set at the container level through an Access policy. Policies apply to all the blobs in the container, can be applied either for the new or existing container and supports all blob tiers (hot, cold, and archive). Immutable storage supports two policy type: Time-based retention Legal hold Note: Immutable policy type can be applied either through Azure Portal or Azure CLI. You cannot delete or modify any files within the container when any one of the policy is enabled on the container. Immutable storage - Policy ...

Azure Function in a Docker Container - Part 2

Image
In my previous blog post , we looked at how to run Azure Function in a Docker Container locally using Docker desktop. In this blog post, we will see how to run the Azure Function container in Azure. Steps to run Azure Function in Container Create an Azure Function by choosing the right resource plan, resource group, a region with a storage account, and Application Insights for monitoring support. As part of the provisioning key things to support containerization, you need to choose the " Publish " option with " Docker Container " as shown below. Choose the hosting options based on your requirements like App-service plan or Premium. Once the Azure Function is provisioned navigate to the overview tab then you will be seeing a warning to configure container settings as shown below. Clicking on "Configure container settings" provides options to choose container image from Image source like  Azure Container Registry Docker hub Private Registry For our demo, I h...

Azure Function in a Docker Container - Part 1

Image
From Azure Function v2, .NET developers can now write functions using .NET Core. This means you can develop and run your Azure functions in more places (cross-platform). This opens up opportunities for running your Azure function in Docker container and taking it one step ahead by running Azure Functions on Kubernetes with KEDA  (Kubernetes-based Event Driven Autoscaling). In this blog post, we will see how to run Azure Function in Docker Container.      Now few questions arise like why do we need to run in a container, do we lose the benefit of Serverless because you will be paying only for the time your function is running based on your plan in Azure Function, etc. All these questions are valid but as soon as we enter the world of containerization and  Kubernetes  we want our application to be flexible enough to be hosted in an on-premises/cloud/hybrid environment.  With containerization now you can use Azure Functions as your...

How to create Azure Function from OpenAPI/Swagger definition?

Image
In my  previous blog post , I have illustrated how to setup OpenAPI/Swagger UI for Azure Function. In this blog, post let's see how to create Azure Function from OpenAPI specification. As part of recent updates from the Azure Functions team, there was an announcement for creating Azure Function by importing OpenAPI/Swagger definition.  Prerequisites Azure Function VS Code extension or command line autorest (Microsoft's OpenAPI specification generator) npm installed npm install -g autorest Supported languages C#, Java, Python, TypeScript. Steps to create function apps from Swagger definition Install or update VS code with Azure Function extension           Navigate to Visual Studio Code à  Azure Extension under which you should be able to see the option for creating Function App as shown in the below screenshot. ...

Swagger UI for Azure Function v2 & v3 APIs

Image
In this blog post, we will see how to setup Swagger UI for Azure Function APIs in v2 and v3. Now you might be wondering why Swagger? Swagger is a language-agnostic specification for describing REST APIs, it also referred to as OpenAPI. Swagger UI offers a web-based UI that provides information about your REST APIs service. Prerequisites HTTP trigger Azure function provisioned or created in C# Azure DI enabled on Azure Function, for more details refer here  with relevant package version installed based on Azure Function version. Integrating Swagger UI into our Applications 1. Install the appropriate package based on the Azure Function version which you are dealing with from the below table. Unfortunately, it's not a single package for both versions due to Azure function v3 because v3 makes use of ASP.NET Core 3.1 which introduces a new serializer System.Text.Json (STJ) out-of-the-box.  Azure Function Version  Nuget package  v2         ...

Azure DevOps Tips: How to set default branch name for new repos?

Image
Recently Azure DevOps came up with a new feature of setting the default branch name for new code repos. Based on my experience, most of the projects or organizations use the master branch to refer to the official release history (which is deployed into production), and the develop branch serves as the integration branch for features.  Azure DevOps Git Repositories by default the branch name is set to master, and whenever we create new repositories, it takes that as default. In a nutshell, if organizations who are following Gitflow Workflow  having the default branch as a master doesn't work well, which means as part of creating a new repository need to follow a two-step process where first they need to create a repo and then navigate to branches of the project  à  select the branch of your preference and click on the three-dot icon to set as the default branch. Set Default Branch - old way How to set the Default branch name for new repos in Azure DevOps? With the ne...

How to enable Automatic Guest OS Patching for Windows Azure VMs?

Image
For any organization and project security plays a very important role, towards that Microsoft tries to simplify and eases the effort required by the customer or end-user. One such thing that they recently announced is Automatic Guest OS patching for windows Azure VMs which is now public preview. With Azure Automatic Guest OS patching enabled it helps update management by safely and automatically patching virtual machines to maintain security compliance. Here VMs are checked periodically for available operating system patches. Operating system patches classified as critical or security are automatically downloaded and applied on the VM. If VM is powered off during assessment by the platform for patching, VM will be automatically assessed during the next periodic assessment when it's turned on. Patches are applied within the 30 days of the monthly Windows update release.  Automatic VM guest patching has the following capabilities: Patches classified ...

Azure Front Door vs Azure Traffic Manager?

Image
 In my previous blog post, we looked in detail Azure Front Door (AFD) . In this blog post, let's compare Azure Front Door (AFD) with another popular Azure service named Azure Traffic Manager (ATM). Prior to AFD most of the applications made use of ATM in their architecture now with AFD being available it's good to understand in which scenarios these individual services are ideal. Azure Front Door (AFD) Azure Front Door Service (AFD) a scalable and secure entry point for the fast delivery of your global applications. Azure Front Door allows you to transform your global (multi-region) applications into robust, high-performance applications, APIs, and content. Azure Traffic Manager (ATM) Azure Traffic Manager is a DNS-based traffic load balancer for geographically distributed Datacenters. Traffic Manager uses DNS to direct traffic to endpoint based on the  traffic routing method and health of the endpoints. Similarities between AFD and ATM Both Azure Services support Multi-...

Azure Front Door - Boost Your Web Application

Image
If you are developing a new or an existing web application that is internet facing and can be accessed globally or deploying the new or existing web application in multiple regions then it's high time to consider Azure Front Door in your application architecture.  Azure Front Door Service (AFD) a scalable and secure entry point for the fast delivery of your global applications. Azure Front Door allows you to transform your global (multi-region) applications into robust, high-performance applications, APIs. AFD makes use of Microsoft Global Network which provides better network performance and reliability. Azure Front Door is a global service and is not tied to any specific Azure region. Azure Front Door is a globally distributed multi-tenant service. The infrastructure for Front Door is shared across all its customers. Reference Architecture with AFD Image Source: Microsoft Benefits of using Azure Front Door: Accelerate application performance, AFD significantl...

Azure Container Registry Image Scanning With Azure Security Center

Image
Just to recap in the previous blog post we looked into how to secure Azure Container Registry and in this post will see the offering from Azure Security Center. Azure Container Registry (ACR) is a manged, private container registry service in Azure to build, store, and manage container images and artifacts. ACR service based on the open-source Docker Registry 2.0. This post explains, what you get from Azure Security Center in the context of ACR. Image scanning is important for any Docker registry. Vulnerability scanning for images stored in Azure Container Registry is now generally available in Azure Security Center (March 2020). This capability is powered by Qualys and seamlessly integrated into the Azure Security Center. ACR image scanning requires Azure Security Center Standard tier . When you push an image to Container Registry, Security Center automatically scans it, then checks for known vulnerabilities in packages or dependencies defined in the file. Each scan tak...

WSL2: Linux on Windows

Image
Windows Subsystem for Linux (WSL) 2 is no longer just for insiders, you can install WSL2 today with Windows 10, Version 2004 , Build 19041 or higher. The Windows Subsystem for Linux lets developers run a Linux environment on Windows like command-line tools, utilities, and applications directly on Windows, unmodified, without the overhead of a traditional virtual machine or dual boot setup.  WSL 2 provides improvements to file system sharing, boot time and allows access to some cool new features for Docker Desktop users. With Docker Desktop running on WSL 2, users can leverage Linux workspaces and avoid having to maintain both Linux and Windows build scripts. In short, now we can have a Linux development environment on Windows. Step 1:  Update Windows 10 to version 2004 or higher To use WSL2, Windows 10 has to be updated to version 2004 (Build 10941) or higher. Once installed or updated check your Windows version by opening the “Run” dialog (Windows key + R) and enter win...

How to deploy containers into Azure Container Instances(ACI) using Docker Desktop?

Image
Recently there was an announcement (May 2020) about Docker partnership with Microsoft Azure for shortening the developer commute with Docker desktop and running containers in Container Instances in Azure. The new edge release of Docker Desktop provides an easy and quick integration between Docker and Microsoft Azure that enables you to use native Docker commands to run your applications as serverless containers with Azure Container Instances. As a developer I can make use of the  same Docker CLI commands and experience which I use locally, to interact with Azure (ACI) as well. This experience is achieved by extending the existing docker context to support ACI. Pre-requisites Docker Desktop edge release latest Azure Subscription with Azure Container Registry (ACR). Container image in ACR Docker CLI commands for ACI Log into Azure from the Docker CLI docker l...

How to secure Azure Container Registry?

Azure Container Registry (ACR) is a managed, private Docker registry service that stores and manages your container images in Azure. Below are the few recommendations for using Azure Container Registry. Image scanning with Azure Security Center With Azure Security Center, you can get automatic scans of your registries for any threats and vulnerabilities of the images. Note if you're on Azure Security Center's standard tier, you can add the Container Registries bundle. This feature is charged per image scan. Whenever an new image is pushed to your registry, Security Center automatically scans that image. Azure Security Center also provide options or recommendations for resolving those vulnerabilities. Enable Content Trust Azure Container Registry implements Docker's content trust model, enabling pushing and pulling of signed images. Content trust helps to verify the source and integrity of the images, ensuring that they are the images we expect. As an im...