Blog

So you are new to Dapr and you are trying to understand how it works with you .NET Core application. You already tried launching your app with the Dapr CLI and then you find yourself wondering on how to debug the mix with Visual Studio Code. Well, follow this simple steps and you’ll be ready:

For the last 3 years this blog was written using Jekyll which has a series of requirements such as Ruby that I don’t want to keep installing or maintaining on my PC. So I created this Developer Container for those who want to use Jekyll from an isolated container. Let’s check the container definition:

What if I tell you that it’s possible to connect you AKS pods to an Azure Key Vault using identities but without having to use credentials in an explicit way? Well with AAD Pod Identities you can enable your Kubernetes applications to access Azure cloud resources securely using Azure Active Directory (AAD) including Azure Key Vault.

Durante el mes de Octubre tuve la suerte de grabar en LinkedIn Learning mi primer curso online sobre Kubernetes. Aun me queda mucho por aprender y mejorar en este formato, ya que mientras grabas los cursos no recibes feedback inmediato como sí ocurre cuando das una charla o haces una presentación.

Recently I learned about GitOps which is a way to manage your Kubernetes clusters and the applications you run on top using Git. The idea is that you can declaratively describe the desired state of your systems in Git and roll out changes as soon as merges occur. You can immediately see the main benefits of such an approach: Your Git repositories become the single source of truth for both your infrastructure and application code, allowing the teams to increase productivity and stability (you get the Git log to audit changes).

Two weeks ago I got an email message from Microsoft Azure explaining that Azure Kubernetes Services had been patched but that I had to restart my nodes (reboot the clusters) to complete the operation. The first thing you need to know is that, when things like this happens, the Azure platform creates a file called /var/run/reboot-required in each of the nodes of your cluster.

After collaborating with the Azure Ansible container I decided to also develop a Developer Container for those who want or need to use the Azure Blockchain Development Kit for Ethereum to create smart contracts, taking away the burden of installing Python, Truffle, Ganache and NodeJS on your machine. Once again I collaborated with Chuck Lantz and the container definition resulted in the following two files:

Last year I was working on a project for deploying Azure services using Ansible, and let me tell you something: Back then a feature like Visual Studio Remote Containers would have helped us so much! Why? Because just installing Visual Studio Code, the Remote Development Extension Pack, and Docker you have a killer combo that makes it possible to create a Development environment in a snap and share it with your source code.

Let’s start: Create a folder for your new project # Open a command prompt an run: mkdir kuberenetes.scale Create the project # cd kuberenetes.scale dotnet new api Add the references to KubernetesClient # dotnet add package KubernetesClient -v 1.5.18 dotnet restore Create a PodsController.cs with the following code # using System; using System.Collections.Generic; using System.Linq; using System.Threading.Tasks; using k8s; using k8s.Models; using Microsoft.AspNetCore.JsonPatch; using Microsoft.AspNetCore.Mvc; using Microsoft.Extensions.Configuration; namespace kubernetes.scale { [Route("api/[controller]")] [ApiController] public class PodsController : ControllerBase { private KubernetesClientConfiguration k8sConfig = null; public PodsController(IConfiguration config) { // Reading configuration to know if running inside a cluster or in local mode. var useKubeConfig = bool.Parse(config["UseKubeConfig"]); if (!useKubeConfig) { // Running inside a k8s cluser k8sConfig = KubernetesClientConfiguration.InClusterConfig(); } else { // Running on dev machine k8sConfig = KubernetesClientConfiguration.BuildConfigFromConfigFile(); } } [HttpPatch("scale")] public IActionResult Scale([FromBody]ReplicaRequest request) { // Use the config object to create a client. using (var client = new Kubernetes(k8sConfig)) { // Create a json patch for the replicas var jsonPatch = new JsonPatchDocument<V1Scale>(); // Set the new number of repplcias jsonPatch.Replace(e => e.Spec.Replicas, request.Replicas); // Creat the patch var patch = new V1Patch(jsonPatch); // Patch the "minions" Deployment in the "default" namespace client.PatchNamespacedDeploymentScale(patch, request.Deployment, request.Namespace); return NoContent(); } } } public class ReplicaRequest { public string Deployment { get; set; } public string Namespace { get; set; } public int Replicas { get; set; } } } Replace the contents of the appsettings.Development.json file # Note the UseKubeConfig property is set to true.

Recently I had to update a bunch of Log Analytics Workspaces resources to enable the Container Monitoring Solution. So I came up with this ARM Template that I want to share with you: { "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", "contentVersion": "1.0.0.0", "parameters": { "LogAnalyticsWorkspaceName": { "type": "string", "metadata": { "description": "Log Analytics Workspace name" } } }, "variables": { "workspaceResourceId": "[resourceId('Microsoft.OperationalInsights/workspaces/', parameters('LogAnalyticsWorkspaceName'))]", "containerSolutionName": "[concat(parameters('LogAnalyticsWorkspaceName'), '-containers')]" }, "resources": [ { "type": "Microsoft.OperationsManagement/solutions", "apiVersion": "2015-11-01-preview", "name": "[variables('containerSolutionName')]", "location": "[resourceGroup().location]", "plan": { "name": "[variables('containerSolutionName')]", "product": "[concat('OMSGallery/', 'ContainerInsights')]", "promotionCode": "", "publisher": "Microsoft" }, "properties": { "workspaceResourceId": "[variables('workspaceResourceId')]" } } ], "outputs": {} } Hope it helps!

Next Saturday the Global Azure Bootcamp will be celebrated all over the world and as in previous years their will be a Science Lab where we’ll try to discover a planet!!!. Isn’t that cool? Well to make this fast you can run the Science Lab using Azure Container Instances following the instructions found here or you can use the following gist to run the workload in an existing kubernetes cluster:

If you install the Azure Application Gateway Ingress Controller for your AKS clusters you may want to expose more than one service through the same Public IP just changing the url path. In order to make this work you must use the backend-path-prefix annotation. In the following sample I create an ingress with the following behavior:

In order to deploy a Persistent Volume in your AKS cluster using an existing Storage Account you should take the following steps: Create a Storage Class with a reference to the Storage Account. Create a Secret with the credentials used to access the Storage Account. Create a Persistent Volume with a reference to the Storage Class, the secret and the File Share. Create a Persistent Volume Claim with a reference to the volume by name. Use the following yaml as a template for the resources described above. Save the contents as aks-existing-storage-account-pv.yaml:

Lately I’ve been learning Go and this week I started a side project named kube-sherlock. The purpose of this small program is to list any pod that does not have the labels that your organization requires. For kube-sherlock I created a dockerfile were both the program (kube-sherlock) and the default configuration (config.yaml) are placed in the app folder:

Many of you come to my site to read the post Step by step: Serilog with ASP.NET Core which I wrote in 2016 and is completely out of date, so with this post I will show you how to setup Serilog to work with your ASP.NET Core 2.2 applications. Create an ASP.NET Core project # md aspnet.serilog.sample cd aspnet.serilog.sample dotnet new mvc Add the following dependencies to your project # dotnet add package Serilog.AspNetCore dotnet add package Serilog.Extensions.Logging dotnet add package Serilog.Sinks.ColoredConsole Change your Program.cs file to look like the following # using System; using System.Collections.Generic; using System.IO; using System.Linq; using System.Threading.Tasks; using Microsoft.AspNetCore; using Microsoft.AspNetCore.Hosting; using Microsoft.Extensions.Configuration; using Microsoft.Extensions.Logging; using Serilog; using Serilog.Core; using Serilog.Events; namespace aspnet.serilog.sample { public class Program { public static void Main(string[] args) { Log.Logger = new LoggerConfiguration() .Enrich.FromLogContext() .MinimumLevel.Debug() .WriteTo.ColoredConsole( LogEventLevel.Verbose, "{NewLine}{Timestamp:HH:mm:ss} [{Level}] ({CorrelationToken}) {Message}{NewLine}{Exception}") .CreateLogger(); try { CreateWebHostBuilder(args).Build().Run(); } finally { Log.CloseAndFlush(); } } public static IWebHostBuilder CreateWebHostBuilder(string[] args) => WebHost.CreateDefaultBuilder(args) .UseSerilog() .UseStartup<Startup>(); } } Inject the logger to your services or controllers # Change the home controller and log some actions:

When you install a AKS cluster you can configure it to deploy the http application routing addon or you you can update an existing cluster to deploy it. Either way you end up with an NGINX Ingress Controller running, in the kube-system namespace of your cluster, with the following properties: ingress-class: addon-http-application-routing annotations-prefix: nginx.ingress.kubernetes.io Does this means that you can use this controller for TLS termination? The answer is yes! And you can also use rate limits, and whitelisting as described in my post Secure your Kubernetes services with NGINX ingress controller, tls and more.

Nowadays it’s clear that IT trends such as serverless computing, containerization, cloud native apps, DevOps artificial intelligence, machine learning and both hybrid and multi-cloud solutions are becoming main stream or the “new normal”. All businesses, big or small, are looking for cloud experts with key skills in many of these hot trends. With serverless architectures, applications are separated into various individual functions which are triggered by different types of events. This changes the way we normally think about applications and also the way we must approach operations in terms of monitoring performance, tracing, scaling and high availability. Good knowledge of AWS Lambda, Azure Functions, Google Cloud Functions, and event-driven architectures are skills employers will be looking for.

You start developing an ASP.NET Core application to run it in Kubernetes and suddenly you find yourself creating a docker file, building an image, pushing the image to a registry, creating both a deployment and a service definition for Kubernetes and you wonder if there is a tool out there to help you streamline the whole process.

For my recent talk at .NET Conf Madrid I managed to install Elastic Search, Fluentd and Kibana (EFK) as a logging solution for the AKS cluster I used in my demos. The fact is that such deployment was possible thanks to Tim Park and his post Logging with Fluentd, ElasticSearch, and Kibana (EFK) on Kubernetes on Azure where I learned that to effectively deploy EFK on AKS I would have to tweak the resource definitions found in the Kubernetes project.

On April I wrote a post about Using Docker Multi Stage Builds to build an ASP.NET Core Echo Server and these days while preparing a talk, on CI/CD and kubernetes, I started to play with the simple sample I wrote back then. Soon enough I noticed that with each docker build command I issued the dependencies for the echoserver were always restored, even if no changes were made to the project file (csproj).