You can easily store your environment related secrets in the Azure Pipelines releases as variables and mark them as secrets which will encrypt and hide them. So anyone having access to the release definition would be not able to view them. Most of the times, it suffices as once set, they become encrypted and can not be viewed in text form.
However, sometimes it may happen that the person who keeps the secret would not be the same person as who is creating the release definition. Think of that as a way of segregating the responsibilities between the two. Also, it may be possible that the person who has provisioned the environment is not comfortable to share the secrets with anyone in plain text. After all, the best way to keep a secret is not to tell anyone about it. This is where the Azure Key Vault fits in very nicely. It can be used to store and transfer the secrets/certificates needed for your environment in a secure way.
Continue reading “Store the app secrets in Azure Key Vault and use during Azure Pipelines”
As part of the Continuous Integration process, new builds are generated which contains certain enhancements or modification or bugfixes. For a containerized application deployment, docker images are created as part of builds which then needs to be uploaded to one of the container registries. Over the time, the registry will get filled up. Also as one use more and more space on the container registry, one needs to pay more and more.
There are no inbuilt commands or utilities provided by Docker for this. You have to write complex scripts for doing it. Fortunately, in latest round of the Azure CLI update, Microsoft has added some commands to do this. However, it can be cumbersome to select and remove docker images one at a time. Continue reading “Remove old docker images from Azure Container Registry”
Recently while deploying the source code using our CI/CD pipelines, we have got this error:
There were errors in your deployment. Error code: DeploymentQuotaExceeded.
2018-05-30T04:52:38.0042831Z ##[error]Creating the deployment ‘azuredeploy-20180430-045236-1abd’ would exceed the quota of ‘800’. The current deployment count is ‘800’, please delete some deployments before creating a new one. Please see https://aka.ms/arm-deploy for usage details.
2018-05-30T04:52:38.0051084Z ##[error]Task failed while creating or updating the template deployment.
One of the steps used by our release pipelines uses ARM template to make sure that resource being targeted has required azure configuration.
Continue reading “Azure RM Resource group deployment failed with error: Creating the deployment xx would exceed the quota of ‘800’.”
Nested Virtualization is one of the cool new features in Windows Server 2016 that allows you to install hyper-v, create and run virtual machines inside a hyper-v virtual machine itself. In other words, a hyper-v virtual machine can act as a virtual host server. A great benefit of nested Hyper-V virtualization is for labs and training scenarios where you can, for instance, build a cluster of several virtual Hyper-V hosts on a single physical computer. This also allows one to use hyper-v containers and is required by Docker.
Also, provided you have required resource capacity, there are no depths of this feature. That means, you can create a virtual machine, inside a virtual machine, install hyper-v on guest virtual machine and then create virtual machines inside it. Well if you have seen inception, its something like it. In this blog post, we will learn how to do the same for Azure Virtual Machine. Continue reading “Enable and Use Nested Virtualization on Azure Virtual Machine”
Windows Azure App Service (Now an umbrella term for Azure Web App, Azure Api App, etc.) has a handy capability whereby developers can store key-value string pairs in Azure as part of the configuration information associated with a website. At runtime, Windows Azure Web Sites automatically retrieves these values for you and makes them available to code running in your website. Since the key-value pairs are stored behind the scenes in the Windows Azure Web Sites configuration store, the key-value pairs don’t need to be stored in the file content of your web application. From a security perspective that is a nice side benefit since sensitive information such as Sql connection strings with passwords never show up as cleartext in a config file. However, sometimes, this can be a little too much for the Azure Admins to configure each setting over there. In this blog post, we’ll learn how to apply application settings using PowerShell. Continue reading “Apply / Update application settings for Azure App Service using PowerShell”