If you are responsible for managing multiple Azure subscriptions, you would have notice that there are lot of issues maintaining consistency in resource deployment, organization and management across subscriptions. This is primarily because different subscriptions are designed to target different needs such as products or departments and therefore the Azure Resources being used by different set of people everywhere. To help with bringing consistency across subscriptions, one can use recently launched Azure Management Groups. Azure Management Groups helps to apply governance controls based on access controls, policies and compliance.
Read More »
Last week, Microsoft Azure Team has calmly announced the preview release of one of the exciting features known as Azure Bastion. The concept of using an Bastion Host is nothing new, where one would configure one of the Virtual Machines as Bastion or HopBox and then connect to other private virtual machines configured in the virtual network. This would help providing some security as instead of securely managing all of the virtual machines in an given network, you would need to securely connect and manage only Bastion Host, which is having Public IP address assigned for the connections. However, the onus of configuring all the required networking setup, installing and configuring ssh and rdp protocols, timely patching and hardening of the Bastion Host still lies with the Azure/AWS Administrator. Read More »
Since in last post, we discussed on how to run Azure Pipelines agents as docker containers and configure them accordingly, the next step would be to run them on the Kubernetes platform. This kubernetes cluster can be on-premise and/or cloud and could be self managed or managed by the cloud service provider itself.
One of the reasons you may want to run them on Kubernetes is because you want better utilization of your kubernetes cluster. Another reason might be to leverage your existing knowledge of the kubernetes platform and work on it. Another reason would be to not use Microsoft hosted agents, as by default you would get only 1800 minutes of agent time to utilize, for free accounts.
Read More »
You can easily store your environment related secrets in the Azure Pipelines releases as variables and mark them as secrets which will encrypt and hide them. So anyone having access to the release definition would be not able to view them. Most of the times, it suffices as once set, they become encrypted and can not be viewed in text form.
However, sometimes it may happen that the person who keeps the secret would not be the same person as who is creating the release definition. Think of that as a way of segregating the responsibilities between the two. Also, it may be possible that the person who has provisioned the environment is not comfortable to share the secrets with anyone in plain text. After all, the best way to keep a secret is not to tell anyone about it. This is where the Azure Key Vault fits in very nicely. It can be used to store and transfer the secrets/certificates needed for your environment in a secure way.
Read More »
Few days back, we learned about how to publish Azure Container Instances where-in we can deploy either a container or group of containers and use the same. Azure Web App for Containers allows you to not only run your containers but it also brings forth the PaaS innovations for the Web App. So it brings best of the both worlds together. It also allows you to not worry about the maintaining an container orchestrator mechanism. You can prefer to package their code and dependencies into containers using various CI/CD systems like Jenkins, Maven, Travis CI or VSTS, alongside setting up continuous deployment web hooks with App Service.
In this blog post we’ll learn more about how to deploy .NETCore application packaged as docker container and using CI/CD in Azure Pipelines (Formerly VSTS).Read More »
Containers are fast becoming the preferred way to package, deploy, and manage cloud applications. Azure Container Instances offers the fastest and simplest way to run a container in Azure, without having to manage any virtual machines and without having to adopt a higher-level service.
Azure Container Instances is a great solution for any scenario that can operate in isolated containers, including simple applications, task automation, and build jobs. Also, Azure Container Instances supports the deployment of multiple containers onto a single host by using a container group aka pods in terms of Kubernetes. Multi-container container groups or Pods are useful when building an application sidecar for logging, monitoring, or any other configuration where a service needs a second attached process.
Read More »
While trying to create the Azure Container Instances on one of the newly created Azure Subscription, we came across this strange error, “ERROR: The subscription is not registered to use namespace ‘Microsoft.ContainerInstance'”. So we checked our configuration and the way we were creating the Azure Containers, and it all seemed okay. So we dig a little around by using PowerShell, authenticate to Azure using Login-AzureRmAccount and fire few commands.
The first command we fired was classic Get-Command to check if there are any existing cmdlets to help with Azure Resources and sure enough, there it was:
Read More »
As part of the Continuous Integration process, new builds are generated which contains certain enhancements or modification or bugfixes. For a containerized application deployment, docker images are created as part of builds which then needs to be uploaded to one of the container registries. Over the time, the registry will get filled up. Also as one use more and more space on the container registry, one needs to pay more and more.
There are no inbuilt commands or utilities provided by Docker for this. You have to write complex scripts for doing it. Fortunately, in latest round of the Azure CLI update, Microsoft has added some commands to do this. However, it can be cumbersome to select and remove docker images one at a time. Read More »