The Cloud Blog

Cloud Computing, Cloud Native & Kubernetes by Rahul

Using Identity Governance and Azure Functions To Build a Self-Service Application Access Management Solution - Part 2

Aug 13, 2022 · 6 min read

In this series: Creating an authenticated web application and using Azure Functions to invite guest users to the organization Creating an access package and redeeming it In the last article, we created an application that can be accessed only by the users assigned to it. We also used Azure Functions and Microsoft Graph API to invite guest users to the organization. However, at this point, the guest user can not access the application, and manually adding every new user to the application and periodically reviewing their access is a cumbersome process.

#azure#app service

Read more of Using Identity Governance and Azure Functions To Build a Self-Service Application Access Management Solution - Part 2

Using Identity Governance and Azure Functions To Build a Self-Service Application Access Management Solution - Part 1

Aug 06, 2022 · 9 min read

In this series: Creating an authenticated web application and using Azure Functions to invite guest users to the organization Creating an access package and redeeming it Azure Active Directory serves two primary use cases: It enables you to grant users and applications access to your Azure resources in a secure and scalable manner. You can set up Azure AD as an authentication provider for your web applications so that only the desired Azure AD users can access your application.

#azure#app service

Read more of Using Identity Governance and Azure Functions To Build a Self-Service Application Access Management Solution - Part 1

Managing Applications in Kubernetes with the Carvel Kapp Controller

May 06, 2022 · 8 min read

Any typical enterprise-grade application deployed on Kubernetes comprises several API resources that need to be deployed together. For example, the WordPress application, which is one of the example applications available on the Kubernetes GitHub repository, includes: a wordpress frontend pod a wp-pv-claim persistent volume claim mounted to the frontend pod a wordpress-mysql MySQL database pod a mysql-pv-claim persistent volume claim mounted to the MySQL database pod two persistent volumes: wordpress-pv-1 and wordpress-pv-2 to serve the persistent volume claims services for the database and frontend pods Application (or app) is not a native construct in Kubernetes.

#kubernetes

Read more of Managing Applications in Kubernetes with the Carvel Kapp Controller

OpenTelemetry in Action: Optimizing Database Operations

May 02, 2022 · 14 min read

Many software developers can attest that some of the most significant issues in their applications arise from database performance. Though many developers prefer to use a relational database for enterprise applications, typical logging and monitoring solutions provide limited signals to detect database performance issues. Rooting out common bad practices such as chatty interactions between the application code and the database is non-trivial. As developers, we need to understand how our database is performing from the context of user transactions.

#opentelemetry#programming

Read more of OpenTelemetry in Action: Optimizing Database Operations

OpenTelemetry in Action: Identifying Database Dependencies

May 01, 2022 · 12 min read

Microservices can help any organization achieve its goal of increasing agility by addressing critical factors such as improving team autonomy, reducing time to market, cost-effectively scaling for load, and avoiding complete outages of the applications. As organizations break their monolith applications into microservices, one of the major hurdles they encounter is identifying database dependencies. Database sharing can be a complex and time-consuming challenge to solve. Databases do not allow you to define what is shared and what is not.

#opentelemetry#programming

Read more of OpenTelemetry in Action: Identifying Database Dependencies

Lab: Tip/Code sample Azure Infrastructure Made Immutable with Locks

Mar 26, 2022 · 3 min read

After an application is deployed to production, developers should lock down its underlying infrastructure to prevent accidental changes. Some of the commons accidents that can affect the availability of an application in production are: moving, renaming, or deleting the resource crucial to the function of the application. You can use locks that prevent anyone from performing a forbidden action to avoid such mishaps. Creating Locks Almost every resource in Azure supports locks, so you will find the lock option in the settings section of nearly all resources in the portal.

#azure

Read more of Azure Infrastructure Made Immutable with Locks

Lab: Tip/Code sample Delete Multiple Resources and Resource Groups in Azure with Tags

Mar 14, 2022 · 4 min read

You might have noticed that resources comprising some Azure services such as Azure Kubernetes Service (AKS) span multiple resource groups by default. In some cases, you might intentionally want to segregate resources such as disks and network interfaces from VMs by placing them in different resource groups for better management. A common problem arising from the resource spread is that you might find it challenging to delete multiple resources and resource groups to entirely remove a service from a subscription.

#azure

Read more of Delete Multiple Resources and Resource Groups in Azure with Tags

Practical Introduction to Kubernetes Autoscaling Tools with Linode Kubernetes Engine

Mar 06, 2022 · 16 min read

Your cloud infrastructure can scale in real time with your application without making a configuration change or writing a line of code. Autoscaling is the process of increasing or decreasing the capacity of application workloads without human intervention. When tuned correctly, autoscaling can reduce costs and engineering toil in maintaining the applications. The overall process of enabling autoscaling is simple. It begins with determining the set of metrics that can provide an indicator for when Kubernetes should scale the application capacity.

#kubernetes

Read more of Practical Introduction to Kubernetes Autoscaling Tools with Linode Kubernetes Engine

Enhancing Istio Operations with Kong Istio Gateway

Feb 12, 2022 · 12 min read

If you’re a developer for a service-oriented application, routing requests between services can be overwhelming. This work may force you to focus on operational details that take you away from building great features for your customers. Fortunately, with Kong Istio Gateway, we can solve many inter-service networking concerns such as security, resiliency, observability, and traffic control with services-first networking policies. By offloading network-related problems to the service mesh, you can focus on building features that deliver business value.

#kong#kubernetes

Read more of Enhancing Istio Operations with Kong Istio Gateway

Lab: Tip/Code sample Kubernetes Container Lifecycle Events and Hooks

Oct 19, 2021 · 4 min read

You might encounter cases where you need to instruct Kubernetes to start a pod only when a condition is met, such as dependencies are running, or sidecar containers are ready. Likewise, you might want to execute a command before Kubernetes terminates a pod to release the resources in use and gracefully terminate the application. You can do so easily with two container lifecycle hooks: PostStart: This hook is executed right after a container is created.

#kubernetes

Read more of Kubernetes Container Lifecycle Events and Hooks