Skip to main content

Posts

Showing posts from February, 2020

Azure Spring Cloud and DMZ

Starting from 2019, we can find a new service in Azure portfolio - Azure Spring Cloud . Microsoft together with Pivotal joined their forces by offering the capability of running Spring Boot applications inside Azure seamless. Azure Spring Cloud is a SaaS, that is managed by Pivotal offering 100% compatibility with any type of Java application that was built for Spring Boot. It might not sound a big WOW, but having the ability to migrate the line of business applications that are running inside on-premises systems to a full managed Spring Boot environment is awesome.  If you want to find about this service I invite you to check the service page . A common discussion that arises when you need to take the on-premises application and put them inside Azure Spring Cloud is related to network security - more exactly DMZ . There are two different worlds that usually collide and it is important to understand both concerns and limitations.  Azure Spring Cloud is running on top of ...

Demystifying system-assigned managed identity and user-assigned managed identity for Azure Resources

Managing credentials and access rights across services it is always a challenge inside the cloud. Storing them inside the applications can be painful, even when they are encrypted. Managing all of them from one central location can be done quickly using managed to identify feature build on top of Azure AD. Because it is so easy to see and the number of features is high, many people forget to understand better what option they should use depending on the use case. Let’s take a look at some questions that you should ask yourself when you need to manage the identity of cloud services inside Azure. Q: What is the username password when I’m using user-assigned manage identity R: When you create a user-assigned managed identity, there is no used as you have for Azure AD. Even if the name contains the word ‘user’, it does not mean that you manage a user. You have an identity that can be operated independently of the service instance that receives the identity. Q: I want to ...

[Post Event] Winter ITCamp Community Event – Cluj-Napoca, 2019

This week we had a great local ITCamp Community event in Cluj-Napoca. The event was supported by  Micro Focus  and Transilvania Cloud  and more than 50 people joined the event. We had 3 sessions where we talk about KEDA, running Windows Services inside Docker and what a developer shall be aware of when security and cloud meet. I had the opportunity to talk about the last subject - Cloud Security Fundamentals - Developer View. The topic is complex because it is hard to separate automation and infrastructure from development inside a cloud project. The lines are thin and sometimes very grey. You can find more about my bellow. Title : Cloud Security Fundamentals - Developer View Abstract : Do you want to improve cloud security? I thought so. Then why not join this session and build your fundamentals knowledge related to cloud security from a developer perspective. We have a lot of demos and hands-on expertise from Microsoft Azure and AWS. Slides : ...

Implementing an ETL process in AWS and Azure that fetch data from FTP

Have you ever had to automate the data ingestion from an FTP (SFTP) to cloud? The challenge is not to read data from an (S)FTP. The challenge is to do this reliably with minimal investment. In an ideal world, you would go with an approach where you would use an ETL or orchestration solution provided by the cloud. The reality is that you don’t have cloud services that are fully integrated with (S)FTP. On top of this, you need to fight with the network connectivity that might not be so reliable as you think. Let’s see how we can design a solution that: 1.        Access (S)FTP content that it is on-premises 2.        Process and transform the data 3.        Push the content to a MySQL database and updates a cache. The requirements are specific to an ETL process, where we need to extract data from a repository, transform the data and store it inside the database. Running the...

How to get better price of Azure resources for DEV and TEST environments

How often are do you estimate the running cost of DEV, TEST, PRE-PROD, PROD environment?  I assume that at least one time. How often your customers are complaining that the cost of NON-PROD environment is too high or should be reviewed?  Every sprint or new release I assume. One of the biggest mistakes done by teams that are working with Microsoft Azure is forgetting about Azure Dev/Test offer. Microsoft is offering high discounts for Azure resources that are used for Development or Testing scenarios. Case study For an enterprise application, we use to have the following environment configuration AppService | S2 Standard Tier Azure SQL Database | General Purpose, Gen 5, 2 vCore Azure CosmosDB | 8 RU Blob Storage | Standard  The normal total cost of DEV environment per month is around $980. Adding the testing one, the total cost is around $1860. Additional to this there is another subscription, where teams have the ability to create temporar...

Azure Tools - Azure Cloud Explorer

Highlights of  Azure Cloud Explorer Azure Services : Azure Blob Storage Cost : Free of use How it is delivered : Installer Top 3 features:      #1 Looks and feel like File Explorer      #2 Drag and drop functionality      #3 Integrated with local file storage Pain points:      #1 Lack of support for virtual directories (e.g. OneDrive)      #2 Linux support      #3 Hard to find download link using search engine Download URL:       https://monzacloud.com/azure-cloud-explorer/ Credits:       Monza Cloud First time when I discovered these tools was a few months ago. I was looking for a method for copying data from Azure Blob Storage to the local disk for non-technical people. Imagine that you need to share content with somebody from HR knows to use only Office and Windows. For them, a tool that looks like Windows File Explorer is pe...