Azure Infrastructure Made Immutable with Locks
Mar 26, 2022 · 3 min read
After an application is deployed to production, developers should lock down its underlying infrastructure to prevent accidental changes. Some of the commons accidents that can affect the availability of an application in production are: moving, renaming, or deleting the resource crucial to the function of the application. You can use locks that prevent anyone from performing a forbidden action to avoid such mishaps. Creating Locks Almost every resource in Azure supports locks, so you will find the lock option in the settings section of nearly all resources in the portal.
Delete Multiple Resources and Resource Groups in Azure with Tags
Mar 14, 2022 · 4 min read
You might have noticed that resources comprising some Azure services such as Azure Kubernetes Service (AKS) span multiple resource groups by default. In some cases, you might intentionally want to segregate resources such as disks and network interfaces from VMs by placing them in different resource groups for better management. A common problem arising from the resource spread is that you might find it challenging to delete multiple resources and resource groups to entirely remove a service from a subscription.
Read more of Delete Multiple Resources and Resource Groups in Azure with Tags
Kubernetes Container Lifecycle Events and Hooks
Oct 19, 2021 · 4 min read
You might encounter cases where you need to instruct Kubernetes to start a pod only when a condition is met, such as dependencies are running, or sidecar containers are ready. Likewise, you might want to execute a command before Kubernetes terminates a pod to release the resources in use and gracefully terminate the application. You can do so easily with two container lifecycle hooks: PostStart: This hook is executed right after a container is created.
Read more of Kubernetes Container Lifecycle Events and Hooks
Limit Communication Between Microservices with Kubernetes Network Policies
Aug 31, 2021 · 5 min read
Security is an important concern for microservices applications. Although security is a broad topic, I want to zoom into a critical aspect: limiting communication between microservices. By default, microservices platforms such as Kubernetes allow unconstrained communication between services. However, to prevent a few compromised services from affecting all the services on the platform, a microservices platform needs to limit the interactions between services. This constraint is enforced by creating network policies in Kubernetes.
Read more of Limit Communication Between Microservices with Kubernetes Network Policies
Crosspost Tweets to LinkedIn with Power Automate
Jun 01, 2021 · 3 min read
Do you want your LinkedIn audience to know what you are up to on Twitter? Here’s how I have set up Power Automate to crosspost specific tweets to LinkedIn. What is Power Automate Power Automate is one of the products of the Microsoft Power Platform family. It is a web-based service that helps you create automated workflows between your favorite apps and services to synchronize files, get notifications, collect data, and more.
Read more of Crosspost Tweets to LinkedIn with Power Automate
Practical Top-down Resource Monitoring of a Kubernetes Cluster with Metrics Server
May 15, 2021 · 7 min read
You might have previously used observability tools such as Prometheus, Azure Monitor, AWS Container Insight, or commercial products such as Logic Monitor to monitor your Kubernetes cluster. Let’s probe the Kubernetes magic that makes the beautiful CPU and memory dials tick on the monitoring dashboards. Kubernetes has a built-in Metrics API (see spec.) and a simple CLI query, kubectl top (documentation), that you can use to fetch a snapshot of the CPU and memory consumption of a Kubernetes object.
Read more of Practical Top-down Resource Monitoring of a Kubernetes Cluster with Metrics Server
Managing GitHub Organizations with GitHub GraphQL API
Feb 18, 2021 · 6 min read
I prefer using GraphQL over REST APIs wherever available, primarily because I can avoid overfetching and underfetching data while still enjoying the benefits of contract-based development. For this exercise, assume that you are the DevOps lead of an organization/open-source community that uses GitHub to manage its projects under a GitHub Organization. GitHub Organizations are shared accounts consisting of members and projects with sophisticated security and administrative features. You have been asked to ensure that your organization’s repositories are healthy such that there are no PRs in an unmerged state for more than one week, and every issue is either resolved or updated in 12 hours.
Read more of Managing GitHub Organizations with GitHub GraphQL API
Serverless Visitor Counter Badge with Azure Functions
Nov 22, 2020 · 7 min read
We all love web badges. You might have spotted many of them in README of repositories, including the repository of my blog, The Cloud Blog. In general, web badges serve two purposes. They are visually appealing. They display key information instantly. If you scroll to my website’s footer section, you will find GitHub and Netlify badges that display the status of the latest build and deployment. I use them to quickly check whether everything is fine with the world without navigating to their dashboards.
Read more of Serverless Visitor Counter Badge with Azure Functions
Generating Dynamic Open Graph Images with Azure Functions
Oct 08, 2020 · 6 min read
Open Graph (OG) tags allow you to control what content shows up when you share the webpage on major social media sites such as Facebook, Twitter, and Google. The essential Open Graph properties that you must configure in the <head> section of your webpage are the following. og:title: The title of your webpage. og:image: An image URL displayed as the thumbnail of your webpage when it is shared. The recommended dimension of this image is 1200px X 627 px.
Read more of Generating Dynamic Open Graph Images with Azure Functions
Enable TLS on HTTP Triggered Function App in Kubernetes Using KEDA and NGINX
Sep 26, 2020 · 4 min read
With KEDA (Kubernetes-based Event-Driven Autoscaling), you can host Azure Functions on Kubernetes. KEDA allows you to scale pods based on configurable rules that rely on metrics from data sources such as Azure Queue. The Microsoft documentation outlines how you can use the Prometheus scaler to scale HTTP triggered Azure functions. However, it does not discuss the the security of the transport channel in detail. This quick tip will demonstrate how you can expose your HTTP triggered Azure Functions over TLS/SSL (HTTPS endpoint).
Read more of Enable TLS on HTTP Triggered Function App in Kubernetes Using KEDA and NGINX