Using Identity Governance and Azure Functions To Build a Self-Service Application Access Management Solution - Part 2
Aug 13, 2022 · 6 min read
In this series: Creating an authenticated web application and using Azure Functions to invite guest users to the organization Creating an access package and redeeming it In the last article, we created an application that can be accessed only by the users assigned to it. We also used Azure Functions and Microsoft Graph API to invite guest users to the organization. However, at this point, the guest user can not access the application, and manually adding every new user to the application and periodically reviewing their access is a cumbersome process.
Read more of Using Identity Governance and Azure Functions To Build a Self-Service Application Access Management Solution - Part 2
Using Identity Governance and Azure Functions To Build a Self-Service Application Access Management Solution - Part 1
Aug 06, 2022 · 9 min read
In this series: Creating an authenticated web application and using Azure Functions to invite guest users to the organization Creating an access package and redeeming it Azure Active Directory serves two primary use cases: It enables you to grant users and applications access to your Azure resources in a secure and scalable manner. You can set up Azure AD as an authentication provider for your web applications so that only the desired Azure AD users can access your application.
Read more of Using Identity Governance and Azure Functions To Build a Self-Service Application Access Management Solution - Part 1
Managing Applications in Kubernetes with the Carvel Kapp Controller
May 06, 2022 · 8 min read
Any typical enterprise-grade application deployed on Kubernetes comprises several API resources that need to be deployed together. For example, the WordPress application, which is one of the example applications available on the Kubernetes GitHub repository, includes: a wordpress frontend pod a wp-pv-claim persistent volume claim mounted to the frontend pod a wordpress-mysql MySQL database pod a mysql-pv-claim persistent volume claim mounted to the MySQL database pod two persistent volumes: wordpress-pv-1 and wordpress-pv-2 to serve the persistent volume claims services for the database and frontend pods Application (or app) is not a native construct in Kubernetes.
Read more of Managing Applications in Kubernetes with the Carvel Kapp Controller
OpenTelemetry in Action: Optimizing Database Operations
May 02, 2022 · 14 min read
Many software developers can attest that some of the most significant issues in their applications arise from database performance. Though many developers prefer to use a relational database for enterprise applications, typical logging and monitoring solutions provide limited signals to detect database performance issues. Rooting out common bad practices such as chatty interactions between the application code and the database is non-trivial. As developers, we need to understand how our database is performing from the context of user transactions.
Read more of OpenTelemetry in Action: Optimizing Database Operations
OpenTelemetry in Action: Identifying Database Dependencies
May 01, 2022 · 12 min read
Microservices can help any organization achieve its goal of increasing agility by addressing critical factors such as improving team autonomy, reducing time to market, cost-effectively scaling for load, and avoiding complete outages of the applications. As organizations break their monolith applications into microservices, one of the major hurdles they encounter is identifying database dependencies. Database sharing can be a complex and time-consuming challenge to solve. Databases do not allow you to define what is shared and what is not.
Read more of OpenTelemetry in Action: Identifying Database Dependencies
Azure Infrastructure Made Immutable with Locks
Mar 26, 2022 · 3 min read
After an application is deployed to production, developers should lock down its underlying infrastructure to prevent accidental changes. Some of the commons accidents that can affect the availability of an application in production are: moving, renaming, or deleting the resource crucial to the function of the application. You can use locks that prevent anyone from performing a forbidden action to avoid such mishaps. Creating Locks Almost every resource in Azure supports locks, so you will find the lock option in the settings section of nearly all resources in the portal.
Delete Multiple Resources and Resource Groups in Azure with Tags
Mar 14, 2022 · 4 min read
You might have noticed that resources comprising some Azure services such as Azure Kubernetes Service (AKS) span multiple resource groups by default. In some cases, you might intentionally want to segregate resources such as disks and network interfaces from VMs by placing them in different resource groups for better management. A common problem arising from the resource spread is that you might find it challenging to delete multiple resources and resource groups to entirely remove a service from a subscription.
Read more of Delete Multiple Resources and Resource Groups in Azure with Tags
Practical Introduction to Kubernetes Autoscaling Tools with Linode Kubernetes Engine
Mar 06, 2022 · 16 min read
Your cloud infrastructure can scale in real time with your application without making a configuration change or writing a line of code. Autoscaling is the process of increasing or decreasing the capacity of application workloads without human intervention. When tuned correctly, autoscaling can reduce costs and engineering toil in maintaining the applications. The overall process of enabling autoscaling is simple. It begins with determining the set of metrics that can provide an indicator for when Kubernetes should scale the application capacity.
Read more of Practical Introduction to Kubernetes Autoscaling Tools with Linode Kubernetes Engine
Enhancing Istio Operations with Kong Istio Gateway
Feb 12, 2022 · 12 min read
If you’re a developer for a service-oriented application, routing requests between services can be overwhelming. This work may force you to focus on operational details that take you away from building great features for your customers. Fortunately, with Kong Istio Gateway, we can solve many inter-service networking concerns such as security, resiliency, observability, and traffic control with services-first networking policies. By offloading network-related problems to the service mesh, you can focus on building features that deliver business value.
Read more of Enhancing Istio Operations with Kong Istio Gateway
Kubernetes Container Lifecycle Events and Hooks
Oct 19, 2021 · 4 min read
You might encounter cases where you need to instruct Kubernetes to start a pod only when a condition is met, such as dependencies are running, or sidecar containers are ready. Likewise, you might want to execute a command before Kubernetes terminates a pod to release the resources in use and gracefully terminate the application. You can do so easily with two container lifecycle hooks: PostStart: This hook is executed right after a container is created.
Read more of Kubernetes Container Lifecycle Events and Hooks