Now that Dapr is about to hit version 1.0.0 let me show you how easy is to read secrets with a .NET 5 console application.
Create a console application # dotnet new console -n DaprSecretSample cd DaprSecretSample Add a reference to the Dapr.Client library # dotnet add package Dapr.Client --prerelease Create a Secret Store component # Create a components folder and inside place a file named secretstore.yaml with the following contents:
Hacktoberfest® is an open global event where people all around de globe contribute to open source projects.
The idea behind Hacktoberfest® is great, in my opinion it encourages and motivates contributions specially from those who don’t know where to start with OSS, but saddly what we saw this year was many people, let’s call them trolls, spamming repos with useless pull requests in order to claim the nice tee. The Hacktoberfest® organization reacted quickly to fix the situation and the rules of the game have been changed: the event is now offically opt-in only for projects and mantainers.
Today I’m going to show you how to manage Terraform Cloud with .NET Core using the Tfe.NetClient library.
The idea is to create a simple console application that will:
Add GitHub as a VCS Provider. Create a Workspace conected to a GitHub repo where your Terraform files live. Create a variable in the workspace. Create a Run (Plan) based on the Terraform files Apply the Run. Tfe.NetClient is still in alpha and not every Terraform Cloud API or feature is present. Please feel free to submit any issues, bugs or pull requests.
The intent of this post is to help you understand how to connect an Azure Function to a Storage Account privately so all traffic flows through a VNet therefore enhancing the security of your solutions and blobs.
The Case: # Supose you have the following Azure Function written in C# which only copies a blob from one conatiner to another:
In this post I’ll show you how to expose your “Daprized” applications using and NGINX ingress controller.
Prerequistes # A working kubernetes cluster with Dapr installed. If you need instructions please find them here Deploy an application to your Kubernetes cluster # I’ll be using a simple Azure Function I created back in 2017 in the following post: Run a Precompiled .NET Core Azure Function in a Container which exposes a simple validation function.
Dapr is an event-driven, portable runtime for building microservices on cloud and edge.
Dapr supports the fundamental features you’ll need such as: service invocation, state management, publish/subscribe messaging and since version 0.5.0 the ability to read from secret stores!
This post will show you to read kubernetes secrets using Dapr and .NET Core:
a couple of weeks ago I was trying to deploy MongoDB in AKS using the MongoDB Enterprise Operator and had trouble finding a simple tutorial to make the thing work. This post intends to fill that gap with a straight to the point approach.
Prerequisites # Be sure to deploy AKS with a set of nodes with at least 8GB of RAM. I used Standard_D3_v2
So you are new to Dapr and you are trying to understand how it works with you .NET Core application. You already tried launching your app with the Dapr CLI and then you find yourself wondering on how to debug the mix with Visual Studio Code.
Well, follow this simple steps and you’ll be ready:
For the last 3 years this blog was written using Jekyll which has a series of requirements such as Ruby that I don’t want to keep installing or maintaining on my PC. So I created this Developer Container for those who want to use Jekyll from an isolated container.
Let’s check the container definition:
What if I tell you that it’s possible to connect you AKS pods to an Azure Key Vault using identities but without having to use credentials in an explicit way?
Well with AAD Pod Identities you can enable your Kubernetes applications to access Azure cloud resources securely using Azure Active Directory (AAD) including Azure Key Vault.
Durante el mes de Octubre tuve la suerte de grabar en LinkedIn Learning mi primer curso online sobre Kubernetes.
Aun me queda mucho por aprender y mejorar en este formato, ya que mientras grabas los cursos no recibes feedback inmediato como sí ocurre cuando das una charla o haces una presentación.
Recently I learned about GitOps which is a way to manage your Kubernetes clusters and the applications you run on top using Git. The idea is that you can declaratively describe the desired state of your systems in Git and roll out changes as soon as merges occur.
You can immediately see the main benefits of such an approach: Your Git repositories become the single source of truth for both your infrastructure and application code, allowing the teams to increase productivity and stability (you get the Git log to audit changes).
Two weeks ago I got an email message from Microsoft Azure explaining that Azure Kubernetes Services had been patched but that I had to restart my nodes (reboot the clusters) to complete the operation.
The first thing you need to know is that, when things like this happens, the Azure platform creates a file called /var/run/reboot-required in each of the nodes of your cluster.
After collaborating with the Azure Ansible container I decided to also develop a Developer Container for those who want or need to use the Azure Blockchain Development Kit for Ethereum to create smart contracts, taking away the burden of installing Python, Truffle, Ganache and NodeJS on your machine.
Once again I collaborated with Chuck Lantz and the container definition resulted in the following two files:
Last year I was working on a project for deploying Azure services using Ansible, and let me tell you something: Back then a feature like Visual Studio Remote Containers would have helped us so much!
Why? Because just installing Visual Studio Code, the Remote Development Extension Pack, and Docker you have a killer combo that makes it possible to create a Development environment in a snap and share it with your source code.
Let’s start:
Create a folder for your new project # Open a command prompt an run:
mkdir kuberenetes.scale Create the project # cd kuberenetes.scale dotnet new api Add the references to KubernetesClient # dotnet add package KubernetesClient -v 1.5.18 dotnet restore Create a PodsController.cs with the following code # using System; using System.Collections.Generic; using System.Linq; using System.Threading.Tasks; using k8s; using k8s.Models; using Microsoft.AspNetCore.JsonPatch; using Microsoft.AspNetCore.Mvc; using Microsoft.Extensions.Configuration; namespace kubernetes.scale { [Route("api/[controller]")] [ApiController] public class PodsController : ControllerBase { private KubernetesClientConfiguration k8sConfig = null; public PodsController(IConfiguration config) { // Reading configuration to know if running inside a cluster or in local mode. var useKubeConfig = bool.Parse(config["UseKubeConfig"]); if (!useKubeConfig) { // Running inside a k8s cluser k8sConfig = KubernetesClientConfiguration.InClusterConfig(); } else { // Running on dev machine k8sConfig = KubernetesClientConfiguration.BuildConfigFromConfigFile(); } } [HttpPatch("scale")] public IActionResult Scale([FromBody]ReplicaRequest request) { // Use the config object to create a client. using (var client = new Kubernetes(k8sConfig)) { // Create a json patch for the replicas var jsonPatch = new JsonPatchDocument<V1Scale>(); // Set the new number of repplcias jsonPatch.Replace(e => e.Spec.Replicas, request.Replicas); // Creat the patch var patch = new V1Patch(jsonPatch); // Patch the "minions" Deployment in the "default" namespace client.PatchNamespacedDeploymentScale(patch, request.Deployment, request.Namespace); return NoContent(); } } } public class ReplicaRequest { public string Deployment { get; set; } public string Namespace { get; set; } public int Replicas { get; set; } } } Replace the contents of the appsettings.Development.json file # Note the UseKubeConfig property is set to true.
Next Saturday the Global Azure Bootcamp will be celebrated all over the world and as in previous years their will be a Science Lab where we’ll try to discover a planet!!!. Isn’t that cool?
Well to make this fast you can run the Science Lab using Azure Container Instances following the instructions found here or you can use the following gist to run the workload in an existing kubernetes cluster:
If you install the Azure Application Gateway Ingress Controller for your AKS clusters you may want to expose more than one service through the same Public IP just changing the url path. In order to make this work you must use the backend-path-prefix annotation.
In the following sample I create an ingress with the following behavior:
In order to deploy a Persistent Volume in your AKS cluster using an existing Storage Account you should take the following steps:
Create a Storage Class with a reference to the Storage Account. Create a Secret with the credentials used to access the Storage Account. Create a Persistent Volume with a reference to the Storage Class, the secret and the File Share. Create a Persistent Volume Claim with a reference to the volume by name. Use the following yaml as a template for the resources described above. Save the contents as aks-existing-storage-account-pv.yaml: