Part 1 of this article is here. Last time, I created an empty Azure Container Apps Environment using Bicep. I also created some required components like Key vaults, Log analytics workspace, Application Insights and Computer vision. Application Architecture Today I want to make progress on that. As I have briefly explained before, I want to… Continue reading Demystifying Azure Container Apps & Dapr – Part 2
Demystifying Azure Container Apps & Dapr – Part 1
I have played with Dapr on Kubernetes (AKS to be specific) before and loved it for its ability to simplify distributed applications development with out of the box binding, service to service communications, secret abstractions, actors and observabilities. I have previously worked with LinkerD and Istio as service mesh and ran workload in production, but… Continue reading Demystifying Azure Container Apps & Dapr – Part 1
Add Private Link to an existing Azure storage account
Recently I needed to help somebody to use private link for an existing Azure Storage account. I came up with a Bicep template that helped them achieve the goal. I thought, let's just the share the code, in case somebody (or maybe even my future self) would need that for inspiration. Bicep templates I have… Continue reading Add Private Link to an existing Azure storage account
Short Update on: Elastic self-hosted pool for Azure DevOps (on Kubernetes)
Introduction Few months before, I have written a Kubernetes .net controller that uses Azure Kubernetes Service as a platform to host Azure pipeline agents. It allows elastic scale-out model by continuously watching the job queue in Azure DevOps. You can read about it here. I have received quite a few messages from others who are… Continue reading Short Update on: Elastic self-hosted pool for Azure DevOps (on Kubernetes)
Folder structure for Azure DevOps repositories
Recently I was helping an enterprise where they have large number of repositories in Azure DevOps projects and wanted to have a folder hierarchies to ease the navigation. Azure pipelines have folder structures but there is no feature at this point to organize repositories into folders. There is a open feature request about it already.… Continue reading Folder structure for Azure DevOps repositories
Empower Kubernetes developers with guardrails
Background A while ago, I wrote a post: Azure DevOps Multi-Stage pipelines for Enterprise AKS scenarios. The idea was having a platform team that enforces best practices, security and other compliance aspects to Kubernetes platform and allows one ore more workload-teams (i.e., product teams) build and deploy their workload into the cluster. The previous post suggested… Continue reading Empower Kubernetes developers with guardrails
Multi-Tenant Daemons with Microsoft Identity platform
Background I have recently speaking to a customer about the following scenario. Customer has an API that supposed to be consumed by some **trusted** daemon applications built and managed by their partners. It's not the interactive users (no signed in users via an web application) who will be using the API, rather some background process… Continue reading Multi-Tenant Daemons with Microsoft Identity platform
Secure your pipelines by frequently rotating secrets
TL; DR: This article and accompanying source codes helps you setting up an automated secret or certificate rotations for Azure service principals and Azure DevOps service connections. Jump into the technical part here. Background If you are deploying applications on Azure from Azure DevOps service connections (or GitHub actions) you are most likely using a… Continue reading Secure your pipelines by frequently rotating secrets
Elastic self-hosted pool for Azure DevOps (on Kubernetes)
UpdateThere is a follow up post with some updates, you can read here. Introduction If you are using Azure Pipelines, then you surely have used Microsoft-hosted agent. With Microsoft-hosted agents, maintenance and upgrades are taken care of for you. However, there are times when self-hosted agents are needed (i.e. customized images, network connectivity requirements etc.).… Continue reading Elastic self-hosted pool for Azure DevOps (on Kubernetes)
Azure App Service with Front-door – how to fix outbound URLs?
https://docs.microsoft.com/en-us/azure/frontdoor/quickstart-create-front-doorThis article shows how to rewrite IIS URLs (outbound) with URL rewrite module to configure legacy asp.net web apps hosted on Azure App Service but safeguarded with a WAF (Front-door/Application Gateway). Setting up Azure Front-door or Azure Application Gateway are fairly straight forward process and well documented in Microsoft Azure Docs. That is beyond the… Continue reading Azure App Service with Front-door – how to fix outbound URLs?