Blog

By default Cloud Shell sessions run inside a container inside a Microsoft network separate from any resources you may have deployed in Azure. So what happens when you want to access services you have deployed inside a Virtual Network such as a private AKS cluster, a Virtual Machine or Private Endpoint enabled services?

As you may know I’ve been collaborating with Dapr and I’ve learned that one of the things it enables you to do is to collect traces with the use of the OpenTelemetry Collector and push the events to Azure Application Insights. After some reading I went and check if I could also write my ASP.NET Core applications to log using the OpenTelemetry Log and Event record definition:

Now that Dapr is about to hit version 1.0.0 let me show you how easy is to read secrets with a .NET 5 console application. Create a console application # dotnet new console -n DaprSecretSample cd DaprSecretSample Add a reference to the Dapr.Client library # dotnet add package Dapr.Client --prerelease Create a Secret Store component # Create a components folder and inside place a file named secretstore.yaml with the following contents:

Hacktoberfest® is an open global event where people all around de globe contribute to open source projects. The idea behind Hacktoberfest® is great, in my opinion it encourages and motivates contributions specially from those who don’t know where to start with OSS, but saddly what we saw this year was many people, let’s call them trolls, spamming repos with useless pull requests in order to claim the nice tee. The Hacktoberfest® organization reacted quickly to fix the situation and the rules of the game have been changed: the event is now offically opt-in only for projects and mantainers.

Today I’m going to show you how to manage Terraform Cloud with .NET Core using the Tfe.NetClient library. The idea is to create a simple console application that will: Add GitHub as a VCS Provider. Create a Workspace conected to a GitHub repo where your Terraform files live. Create a variable in the workspace. Create a Run (Plan) based on the Terraform files Apply the Run. Tfe.NetClient is still in alpha and not every Terraform Cloud API or feature is present. Please feel free to submit any issues, bugs or pull requests.

The intent of this post is to help you understand how to connect an Azure Function to a Storage Account privately so all traffic flows through a VNet therefore enhancing the security of your solutions and blobs. The Case: # Supose you have the following Azure Function written in C# which only copies a blob from one conatiner to another:

In this post I’ll show you how to expose your “Daprized” applications using and NGINX ingress controller. Prerequistes # A working kubernetes cluster with Dapr installed. If you need instructions please find them here Deploy an application to your Kubernetes cluster # I’ll be using a simple Azure Function I created back in 2017 in the following post: Run a Precompiled .NET Core Azure Function in a Container which exposes a simple validation function.

Dapr is an event-driven, portable runtime for building microservices on cloud and edge. Dapr supports the fundamental features you’ll need such as: service invocation, state management, publish/subscribe messaging and since version 0.5.0 the ability to read from secret stores! This post will show you to read kubernetes secrets using Dapr and .NET Core:

a couple of weeks ago I was trying to deploy MongoDB in AKS using the MongoDB Enterprise Operator and had trouble finding a simple tutorial to make the thing work. This post intends to fill that gap with a straight to the point approach. Prerequisites # Be sure to deploy AKS with a set of nodes with at least 8GB of RAM. I used Standard_D3_v2

So you are new to Dapr and you are trying to understand how it works with you .NET Core application. You already tried launching your app with the Dapr CLI and then you find yourself wondering on how to debug the mix with Visual Studio Code. Well, follow this simple steps and you’ll be ready:

For the last 3 years this blog was written using Jekyll which has a series of requirements such as Ruby that I don’t want to keep installing or maintaining on my PC. So I created this Developer Container for those who want to use Jekyll from an isolated container. Let’s check the container definition:

What if I tell you that it’s possible to connect you AKS pods to an Azure Key Vault using identities but without having to use credentials in an explicit way? Well with AAD Pod Identities you can enable your Kubernetes applications to access Azure cloud resources securely using Azure Active Directory (AAD) including Azure Key Vault.

Durante el mes de Octubre tuve la suerte de grabar en LinkedIn Learning mi primer curso online sobre Kubernetes. Aun me queda mucho por aprender y mejorar en este formato, ya que mientras grabas los cursos no recibes feedback inmediato como sí ocurre cuando das una charla o haces una presentación.

Recently I learned about GitOps which is a way to manage your Kubernetes clusters and the applications you run on top using Git. The idea is that you can declaratively describe the desired state of your systems in Git and roll out changes as soon as merges occur. You can immediately see the main benefits of such an approach: Your Git repositories become the single source of truth for both your infrastructure and application code, allowing the teams to increase productivity and stability (you get the Git log to audit changes).

Two weeks ago I got an email message from Microsoft Azure explaining that Azure Kubernetes Services had been patched but that I had to restart my nodes (reboot the clusters) to complete the operation. The first thing you need to know is that, when things like this happens, the Azure platform creates a file called /var/run/reboot-required in each of the nodes of your cluster.

After collaborating with the Azure Ansible container I decided to also develop a Developer Container for those who want or need to use the Azure Blockchain Development Kit for Ethereum to create smart contracts, taking away the burden of installing Python, Truffle, Ganache and NodeJS on your machine. Once again I collaborated with Chuck Lantz and the container definition resulted in the following two files:

Last year I was working on a project for deploying Azure services using Ansible, and let me tell you something: Back then a feature like Visual Studio Remote Containers would have helped us so much! Why? Because just installing Visual Studio Code, the Remote Development Extension Pack, and Docker you have a killer combo that makes it possible to create a Development environment in a snap and share it with your source code.

Let’s start: Create a folder for your new project # Open a command prompt an run: mkdir kuberenetes.scale Create the project # cd kuberenetes.scale dotnet new api Add the references to KubernetesClient # dotnet add package KubernetesClient -v 1.5.18 dotnet restore Create a PodsController.cs with the following code # using System; using System.Collections.Generic; using System.Linq; using System.Threading.Tasks; using k8s; using k8s.Models; using Microsoft.AspNetCore.JsonPatch; using Microsoft.AspNetCore.Mvc; using Microsoft.Extensions.Configuration; namespace kubernetes.scale { [Route("api/[controller]")] [ApiController] public class PodsController : ControllerBase { private KubernetesClientConfiguration k8sConfig = null; public PodsController(IConfiguration config) { // Reading configuration to know if running inside a cluster or in local mode. var useKubeConfig = bool.Parse(config["UseKubeConfig"]); if (!useKubeConfig) { // Running inside a k8s cluser k8sConfig = KubernetesClientConfiguration.InClusterConfig(); } else { // Running on dev machine k8sConfig = KubernetesClientConfiguration.BuildConfigFromConfigFile(); } } [HttpPatch("scale")] public IActionResult Scale([FromBody]ReplicaRequest request) { // Use the config object to create a client. using (var client = new Kubernetes(k8sConfig)) { // Create a json patch for the replicas var jsonPatch = new JsonPatchDocument<V1Scale>(); // Set the new number of repplcias jsonPatch.Replace(e => e.Spec.Replicas, request.Replicas); // Creat the patch var patch = new V1Patch(jsonPatch); // Patch the "minions" Deployment in the "default" namespace client.PatchNamespacedDeploymentScale(patch, request.Deployment, request.Namespace); return NoContent(); } } } public class ReplicaRequest { public string Deployment { get; set; } public string Namespace { get; set; } public int Replicas { get; set; } } } Replace the contents of the appsettings.Development.json file # Note the UseKubeConfig property is set to true.

Recently I had to update a bunch of Log Analytics Workspaces resources to enable the Container Monitoring Solution. So I came up with this ARM Template that I want to share with you: { "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", "contentVersion": "1.0.0.0", "parameters": { "LogAnalyticsWorkspaceName": { "type": "string", "metadata": { "description": "Log Analytics Workspace name" } } }, "variables": { "workspaceResourceId": "[resourceId('Microsoft.OperationalInsights/workspaces/', parameters('LogAnalyticsWorkspaceName'))]", "containerSolutionName": "[concat(parameters('LogAnalyticsWorkspaceName'), '-containers')]" }, "resources": [ { "type": "Microsoft.OperationsManagement/solutions", "apiVersion": "2015-11-01-preview", "name": "[variables('containerSolutionName')]", "location": "[resourceGroup().location]", "plan": { "name": "[variables('containerSolutionName')]", "product": "[concat('OMSGallery/', 'ContainerInsights')]", "promotionCode": "", "publisher": "Microsoft" }, "properties": { "workspaceResourceId": "[variables('workspaceResourceId')]" } } ], "outputs": {} } Hope it helps!

Next Saturday the Global Azure Bootcamp will be celebrated all over the world and as in previous years their will be a Science Lab where we’ll try to discover a planet!!!. Isn’t that cool? Well to make this fast you can run the Science Lab using Azure Container Instances following the instructions found here or you can use the following gist to run the workload in an existing kubernetes cluster: