Tags

.NET


API


Automation


Big Data


BigData

  • Azure Data Explorer (Kusto)

    Let’s talk about Azure Data Explorer (ADX ADX) also known as Kusto.

    If you ask me that is the best kept secret in Azure.

    Well, it isn’t exactly a secret but most people do not know about it or if they do, they just think of it as the back-end...


Business

  • Digital Transformation - Investing in the Core

    planets-1497200_640Digital Transformation is all the rage.  It’s a little like virtue:  everybody is rooting for it but few can actually articulate what it is!

    I recently found some nice theoretical framework which simplifies its explanation.

    We will first refer to that theoretical framework.  We will then articulate how it...


Containers


Data


DevOps


Identity

  • Azure Functions HTTP – Authorization Levels

    pexels-photo-277593[1]In a past article, we looked at Serverless compute in Azure in general and Azure Functions specifically.

    In this article we wanted to focus on Azure Function triggered by HTTP requests and the different options we have to authenticate:

    • Anonymous
    • Function
    • Admin
    • System
    • User

    Those are...

  • Managing Azure AD Application members in Portal

    One of Azure AD’s powerful concept is the application.  It gives context to an authentication as we explained in this article.

    An application can also be used as an authorization barrier since we can manage an application members.  This is optional as by default, everyone in a tenant has access to its application.  But if we opt in to...

  • Using Microsoft Graph API to interact with Azure AD

    In my last article, I showed how to authenticate on Azure AD using a user name / password without using the native web flow.

    The underlying scenario was to migrate an application using an LDAP server by leveraging an Azure AD tenant.

    The logical continuation of that scenario is...

  • Joining an ARM Linux VM to AAD Domain Services

    Active Directory is one of the most popular domain controller / LDAP server around.

    In Azure we have Azure Active Directory (AAD).  Despite the name, AAD isn’t just a multi-tenant AD.  It is built for the cloud.

    Sometimes though, it is useful to have a traditional domain controller...  in the cloud.  Typically this is with legacy workloads built to work...

  • Azure Active Directory Labs Series – Multi-Factor Authentication

    Back in June I had the pleasure of delivering a training on Azure Active Directory to two customer crowds.  I say pleasure because not only do I love to share knowledge but also, the preparation of the training forces me to go deep on some aspects of what I’m going to teach.

    In that training there were 8 labs...

  • Azure Active Directory Labs Series – Graph API

    Back in June I had the pleasure of delivering a training on Azure Active Directory to two customer crowds.  I say pleasure because not only do I love to share knowledge but also, the preparation of the training forces me to go deep on some aspects of what I’m going to teach.

    In that training there were 8 labs...

  • Azure Active Directory Labs Series – AD Connect

    Back in June I had the pleasure of delivering a training on Azure Active Directory to two customer crowds.  I say pleasure because not only do I love to share knowledge but also, the preparation of the training forces me to go deep on some aspects of what I’m going to teach.

    In that training there were 8 labs...

  • Azure Active Directory Labs Series – Creating an AD Forest

    Back in June I had the pleasure of delivering a training on Azure Active Directory to two customer crowds.  I say pleasure because not only do I love to share knowledge but also, the preparation of the training forces me to go deep on some aspects of what I’m going to teach.

    In that training there were 8 labs...

  • Azure Active Directory Labs Series – Adding Claims

    Back in June I had the pleasure of delivering a training on Azure Active Directory to two customer crowds.  I say pleasure because not only do I love to share knowledge but also, the preparation of the training forces me to go deep on some aspects of what I’m going to teach.

    In that training there were 8...

  • Azure Active Directory Labs Series – Protect Web App

    Back in June I had the pleasure of delivering a training on Azure Active Directory to two customer crowds.  I say pleasure because not only do I love to share knowledge but also, the preparation of the training forces me to go deep on some aspects of what I’m going to teach.

    In that training...

  • Azure Active Directory Labs Series – Create Application

    Back in June I had the pleasure of delivering a training on Azure Active Directory to two customer crowds.  I say pleasure because not only do I love to share knowledge but also, the preparation of the training forces me to go deep on some aspects of what I’m going to teach.

    In that training...

  • Azure Active Directory Labs Series - Creating a tenant

    clinic-doctor-health-hospitalBack in June I had the pleasure of delivering a training on Azure Active Directory to two customer crowds.  I say pleasure because not only do I love to share knowledge but also, the preparation of the training forces me to go deep on some aspects of what I’m going...

  • Multi-Tenant SaaS with Azure Active Directory B2B & B2C

    Scenario:  I’m creating a Software as a Service (SaaS).  I’m having multiple customers & I want to manage their identity.  For some of my customers the users won’t have corporate identity ; I would like to offer them to login using their social identity (e.g. Facebook) if they want to or create an account on my site otherwise.  For other...

  • Azure Active Directory Application

    This is a quick post to talk about what an Application is for Azure Active Directory (or Azure AD or AAD).

    If you come from the on premise world and are used to Active Directory on Windows Server, the concept of an application within Active Directory probably is a bit foreign.

    Think about how authentication works in the...

  • Using Azure Active Directory Service Principal

    You need an Azure Active Directory (AAD) identity to run some of your services:  perhaps an Azure Runbook, Azure SQL Database, etc.  .

    You could create a normal user in Azure Active Directory and use it.  If your AAD is synchronized with an on-premise one, it will get more complicated though.  You will need to create it on premise and...


Integration

  • Broadcasting events to multiple solutions

    I sat down with a customer who had an interesting integration problem the other day.

    They are building a system that creates data useful for the entire enterprise. They want to push that data to different solutions. They also expose APIs, but they want to support the push-model where their system pushes the data...

  • Designing Distributed Systems by Brendan Burns

    In this article I wanted to talk about a book I just finished reading.

    Although its title and scope is around distributed systems in general, Brendan Burns discussion is mostly using containers & Kubernetes.

    Brendan Burns is currently (as of this writing in November 2018) at Microsoft. He is a cofounder of...

  • Handling recursivity in Logic Apps

    Azure Logic Apps is a powerful integration platform.

    Some workflows naturally land themselves to recursion. For instance, handling a hierarchical data structure often has a natural recursive solution.

    Azure Logic Apps doesn’t allow recursion directly. It forbids a Logic App invoking itself.

    In this article we are going to explore two avenues...

  • Taming the fire hose: Azure Stream Analytics

    accident-action-adult-280076We came upon an interesting challenge recently.

    Let’s have a stream of events pouring in.  The source is unimportant.  Hundreds, peeking at thousands, of events per second.

    We need to update a table in Azure SQL with a summary of the events.

    Let’s just assume the events are about...

  • Invoking a Stored Procedure from a partitioned CosmosDB collection from Logic Apps

    I struggled a little to make that work, so I thought I would share the learning in order to accelerate your future endeavour.

    I was looking at a way to populate a CosmosDB quickly with random data.

    Stored Procedures came to mind since they would skip client-server latency.  We can call a stored procedure creating hundreds of documents with random...

  • Multi-Tenant SaaS with Azure Active Directory B2B & B2C

    Scenario:  I’m creating a Software as a Service (SaaS).  I’m having multiple customers & I want to manage their identity.  For some of my customers the users won’t have corporate identity ; I would like to offer them to login using their social identity (e.g. Facebook) if they want to or create an account on my site otherwise.  For other...

  • Integration with Azure Service Bus

    message[1]

    I’ve been consulting 1.5 years for a customer embarking a journey leveraging Microsoft Azure as an Enterprise platform, helping them rethink their application park.

    Characteristic of that customer:

    • Lots of Software as a Service (Saas) third parties
    • Business is extremely dynamic, in terms of requirements, transitions, partnerships, restructuring,...
  • Azure Data Factory Editor (ADF Editor)

    Azure Data Factory is still in preview but obviously has a committed team behind it.

    networking[1]

    When I looked at the Service when the preview was made available in last Novembre, the first thing that stroke me was the lack of editor, of designing surface.  Instead, you had to configure...

  • Azure Key Vault

    Has somebody been peeking on my X-mas list?

    Indeed, one of the weakness of the current Azure Paas solution I pointed out last year was that on non-trivial solutions you end up with plenty of secrets (e.g. user-name / password, SAS, account keys, etc.) stored insecurely in your web.config (or similar store).

    I was suggesting, as a solution, to...

  • Azure ACS fading away

    ACS is on life support for quite a while now.  It was never never fully integrated to the Azure Portal, keeping the UI it had in its Azure Labs day (circa 2010, for those who were born back then).

    In an article last summer, Azure Active Directory is the future of ACS, Vittorio Bertocci announces the roadmap:  the demise...

  • Securing Azure Messaging Service Bus access

    I am currently working on a very exciting project involving systems integration across the Azure Messaging Service Bus. I thought I would share some of the painfully acquired knowledge nuggets with you.

    About %90 of examples you'll find on Internet uses Azure Bus SDK with 'owner'. That is basically 'admin' privilege because owner...

  • Service Bus EAI and EDI

    Back in December (2011), Microsoft released the Azure Service Bus EAI & EDI Labs.  This is a sort of CTP with labs.

    It’s built on top of AppFabric Service Bus, but seems to contain much more than raw messaging.

    According to the MSDN documentation, it seems that a lot of BizTalk concepts were re-used.  For instance, look at a...

  • BizTalk beyond 2010

    I recently blogged about the future of BizTalk and the roadmap of the product version Windows AppFabric.

    An even more recent blog post shed some light on the topic.

    Biztalk Executive Summary

    We are planning to invest in the following main areas:

    • Deep Microsoft Application Platform Alignment

    • ...
  • BizTalk vNext: BizTalk Azure?

    Home

    There are some rumours for the next version of BizTalk (after BizTalk 2010) to be available in the Cloud.  A sort of BizTalk Azure.  That’s interesting news for sure.

    Some are wondering how that will fit with Windows Azure AppFabric. Well, for sure, you’ll need your AppFabric Service Bus in...


Machine Learning


Mathematics


Networking

  • Ingress rules in different Kubernetes namespaces

    In this article I want to show how an ingress controller in Kubernetes can be used to route traffic to workloads deployed in multiple namespaces.

    The online doc for AKS deploys everything in the same namespace. Hence this article is a thin extension to the online doc.

    The basic trick is to deploy...

  • Azure Front Door with App Service

    Azure Front Door service was recently released.

    Azure Front Door is an interesting service combining the capabilities of:

    • Reverse Proxy (SSL Termination, URL based routing, URL rewrite & session affinity)
    • Web Application Firewall (WAF)
    • Accelerated Global routing
    • Global Load Balancing between geo-distributed backend
    • Some bits of Content Delivery Network (CDN, in the...
  • Multiple Service Endpoints to multiple services

    Use case: I have a central thingy that needs to talk to a service protected by a service endpoints (e.g. storage account, Azure SQL DB, Azure Maria DB, etc.). That service is also accessible to another compute in other Virtual Networks.

    Is that possible?

    Just to make it a little more concrete, let’s...

  • Testing outbound connections in AKS-Kubenet and ACI

    What happens if a pod in AKS initiates a connection with a private endpoint? Which private IP address does the outbound connection uses?

    This is relevant for a private IP inside the same VNET, a peered VNET or an IP accessible via a VPN or Express Route.

    In general, the private IP of the...

  • Understanding multiple Ingress in AKS

    Last time, I covered the ins and outs of Ingress on AKS.

    We looked at how to install nginx ingress controller and how the controller is deployed as a load balanced service. We did some URL based routing and domain name overloading.

    This was in the spirit of clarifying the magic...

  • About Ingress in Azure Kubernetes Service (AKS)

    I did a bit of experimentation with Kubernetes Ingress, more specifically NGINX, lately.

    I found the concept of Ingress utterly confusing at first. It is actually relatively simple. So, I thought I would share this sense of simplicity.

    This article is conceptual. There will be no code nor even Portal tour.

    If you want to ramp up on Ingress in...

  • Using Application Gateway with VNET peering

    pexels-photo-374710[1]As I write these lines (early November 2017), Application Gateway doesn’t integrate well across VNET peering.

    More precisely, if we put the gateway in a VNET and have scale sets in another, the usual integration, where the scale set registers its VM automatically as the size of the set...

  • Azure Virtual Machines Anatomy

    hand-2194170_640Virtual Machines can be pretty complex little beast.  They can have multiple disks, multiple NICs in different subnets, can be exposed on the public internet either directly or through a load balancer, etc.  .

    In this article, we’ll look at the anatomy of a Virtual Machine (VM):  what are...

  • Virtual Network Service Endpoint - Hello World

    In our last post we discussed the new feature Virtual Network Service Endpoint.

    In this post we’re going to show how to use that feature.

    We’re going to use it on a storage account.

    We won’t go through the micro steps of setting up each services but we’ll focus on the Service Endpoint configuration.

    Resource Group

    As usual for...

  • VNET Service Endpoints for Azure SQL & Storage

    internet-1676139_640It’s finally here, it has arrived:  Azure Virtual Network Service Endpoints.<p>This was a long requested “Enterprise feature”.</p><p>Let’s look at what this is and how to use it.</p><p>Please note that at the time of this writing (end-of-September 2017) this feature is available only in a few region in Public Preview:</p><ul><li>Azure...

  • Azure Application Gateway Anatomy

    Back in May, we talked about Azure Application Gateway.

    In this article, we’re going to look at its anatomy, i.e. its internal component as exposed in the Azure Resource Manager (ARM) model.

    A lot of Azure Resource has an internal structure.  For instance, a Virtual Network has a collection of subnets.

    Azure Application Gateway has a very rich internal...

  • URL Routing with Azure Application Gateway

    Update (13-06-2017):  The POC of this article is available on GitHub here.

    I have a scenario perfect for a Layer-7 Load Balancer / Reverse Proxy:

    • Multiple web server clusters to be routed under one URL hierarchy (one domain name)
    • Redirect HTTP traffic to the same URL on HTTPS
    • Have reverse proxy...
  • Joining an ARM Linux VM to AAD Domain Services

    Active Directory is one of the most popular domain controller / LDAP server around.

    In Azure we have Azure Active Directory (AAD).  Despite the name, AAD isn’t just a multi-tenant AD.  It is built for the cloud.

    Sometimes though, it is useful to have a traditional domain controller...  in the cloud.  Typically this is with legacy workloads built to work...

  • Troubleshooting NSGs using Diagnostic Logs

    I’ve wrote about how to use Network Security Group (NSG) before.

    Chances are, once you get a complicated enough set of rules in a NSG, you’ll find yourself with NSGs that do not do what you think they should do.

    Troubleshooting NSGs isn’t trivial.

    I’ll try to give some guidance here but...

  • Virtual Machine with 2 NICs

    Colorful Ethernet CableIn Azure Resource Manager (ARM), Network Interface Cards (NICs) are a first class resource.  You can defined them without a Virtual Machine.

    UPDATE:  As a reader kingly point out, NIC means Network Interface Controller, not Network Interface Card as I initially wrote.  Don’t be fooled by the Azure logo ;) 

    Let’s...

  • Load Balancing VMs in Azure Resource Manager

    Here I want to show, in details, how you would go about to expose load balanced web server VMs using Azure Resource Manager (ARM) resources.

    It sounds trivial but funnily enough I didn’t find an ARM template fully doing it without bugs.

    I want to explain how it works and all the moving pieces (and there are a few).  I’ll...

  • Using Network Security Groups (NSG) to secure network access to an environment

    Quite a few demos (including mines) ommit security for the sake of simplicity.  One area where you can secure your applications in Azure is in terms of Networking.

    Network Security Groups act as a firewall in the cloud.

    In this post, I’ll show you how to create a virtual network with 3 subnets:  front-end, middle & back-end.  We’ll then secure...


NoSQL


Office365


Operations


PowerShell

  • Finding a VM Image Reference, Publisher & SKU

    craftsman-3008031_640Automation is great.

    I love to script solutions in Azure.

    But most of the time, that automation started with me fumbling and trialing different approaches in the portal.  Once I got something around what I wanted I’ll automate.

    I suspect you do the same thing.

    This is why today we’re going...

  • Moving from Standard to Premium disks and back

    Azure Managed Disks (introduced in February 2017) simplified the way Virtual Machine disks are managed in Azure.

    A little known advantage of that resource is that it exposes its storage type, i.e. Standard vs Premium, as a simple property that can easily be changed.

    Why would we do that?  Typically we’ll move from standard to premium storage to improve...

  • How to know where a Service is Available in Azure

    pexels-photo-269633[1]Azure has a Global Footprint of 40 regions at the time of this writing (mid-September 2017).

    Not all services are available in every regions.  Most aren’t in fact.  Only foundational services (e.g. storage) are available everywhere.

    In order to know where a service is available, we...

  • Finding ARM template ApiVersion

    Writing an Azure ARM template for a Resource Group is getting easier every day but it remains a sport for the initiated.

    Here I want to give a tip about something I often find hard:  how to get the API version of a resource in an ARM template?

    As everything hardcore in the platform,...

  • Listing Resources under Resource Group with Azure PowerShell

    Simple task:  I want to list resources under a single ResourceGroup within one of the subscription.

    This is an excuse to show how to login on different subscription and play a bit with the PowerShell Azure SDK.

    First thing, start PowerShell Integrated Script Environment (ISE) with the Azure SDK loaded.

    Login

    Login to your accounts…

    <span...
    
  • Move Azure Resources between Resource Groups using Powershell

    Ouf…  I’ve been using Azure for quite a while in the old (current actually) portal.  Now I look into my resources in the new (preview) portal and…  what a mess of a resource group mosaic!

    Unfortunately, at the time of this writing, you can’t move resources from a Resource Group to another via the portal…

     

    If you’ve been there,...


Quantum


Security


Serverless


Streaming


Team


Virtual Machines

  • Linux Custom Script - Docker Sandbox

    boy-child-childhood-6459I do a lot of proof of concepts (POCs) as part of my job.

    I hate keeping demo environment around.  They tend to become brittle, out-of-date and filled with the last stuff I did.

    I prefer to start from a clean slate every single time when possible.

    That means...

  • Finding a VM Image Reference, Publisher & SKU

    craftsman-3008031_640Automation is great.

    I love to script solutions in Azure.

    But most of the time, that automation started with me fumbling and trialing different approaches in the portal.  Once I got something around what I wanted I’ll automate.

    I suspect you do the same thing.

    This is why today we’re going...

  • Recurrent serverless batch job with Azure Batch

    Dig gardenMost solutions have recurrent batch jobs, e.g. nightly / end-of-month batch jobs.

    There are many services we can leverage in Azure to run those.  In this article, we are going to explore a service that has “Batch” in its name:  Azure Batch.

    Azure Batch is typically positioned...

  • Renaming Virtual Machine Disks

    pexels-photo-208637[1]Let’s say we would like to rename disks on a Virtual Machine (VM).  Here we mean renaming the Azure Resource Name of the managed disk.  How would we go about that?

    Why would we want to?  Primarily to get our internal nomenclature right.  A typical example is when we...

  • Azure Virtual Machines Anatomy

    hand-2194170_640Virtual Machines can be pretty complex little beast.  They can have multiple disks, multiple NICs in different subnets, can be exposed on the public internet either directly or through a load balancer, etc.  .

    In this article, we’ll look at the anatomy of a Virtual Machine (VM):  what are...

  • Virtual Network Service Endpoint - Hello World

    In our last post we discussed the new feature Virtual Network Service Endpoint.

    In this post we’re going to show how to use that feature.

    We’re going to use it on a storage account.

    We won’t go through the micro steps of setting up each services but we’ll focus on the Service Endpoint configuration.

    Resource Group

    As usual for...

  • VNET Service Endpoints for Azure SQL & Storage

    internet-1676139_640It’s finally here, it has arrived:  Azure Virtual Network Service Endpoints.<p>This was a long requested “Enterprise feature”.</p><p>Let’s look at what this is and how to use it.</p><p>Please note that at the time of this writing (end-of-September 2017) this feature is available only in a few region in Public Preview:</p><ul><li>Azure...

  • Moving from Standard to Premium disks and back

    Azure Managed Disks (introduced in February 2017) simplified the way Virtual Machine disks are managed in Azure.

    A little known advantage of that resource is that it exposes its storage type, i.e. Standard vs Premium, as a simple property that can easily be changed.

    Why would we do that?  Typically we’ll move from standard to premium storage to improve...

  • Sizing & Pricing Virtual Machines in Azure

    https://pixabay.com/en/dog-dog-breed-large-puppy-1966394/I’m recurrently asked by customers similar questions around sizing & pricing of Virtual Machines (VMs), storage, etc. .  So I thought I would do a reusable asset in the form of this article.

    This is especially important if you are trying to size /...

  • Taking a snapshot of a Managed Disk

    We talked about Managed Disks, now let’s use them.

    Let’s snapshot a Managed Disk and restore the snapshot on another VM.

    Deploy ARM Template

    { "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", "contentVersion": "1.0.0.0", "parameters": { "VM Admin User Name": { "defaultValue": "myadmin", "type": "string" }, "VM Admin Password": { "defaultValue": null, "type": "securestring" }, "VM Size": { "defaultValue": "Standard_DS4", "type": "string", "allowedValues":...
    
  • Migrating from unmanaged to managed disks

    We talked about Managed Disks, now let’s use them.

    Let’s migrate existing VMs from unmanaged to managed disks.

    Install pre-requisites

    Update your Microsoft Azure PowerShell to the latest bits in order to include Managed Disks functionalities

    Deploy ARM Template

    { "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", "contentVersion": "1.0.0.0", "parameters": { "VM Admin User Name": { "defaultValue": "myadmin", "type": "string" }, "VM Admin...
    
  • Azure Managed Disk–Overview

    pexels-photo-196520[1]

    Microsoft released Azure Managed disk 2 weeks ago.  Let’s look at it!

    What did we have until then?  The virtual hard disk (.vhd file) was stored as a page blob in an Azure Storage account.

    That worked quite fine and Azure Disks are a little more than that.  A...

  • Joining an ARM Linux VM to AAD Domain Services

    Active Directory is one of the most popular domain controller / LDAP server around.

    In Azure we have Azure Active Directory (AAD).  Despite the name, AAD isn’t just a multi-tenant AD.  It is built for the cloud.

    Sometimes though, it is useful to have a traditional domain controller...  in the cloud.  Typically this is with legacy workloads built to work...

  • Troubleshooting NSGs using Diagnostic Logs

    I’ve wrote about how to use Network Security Group (NSG) before.

    Chances are, once you get a complicated enough set of rules in a NSG, you’ll find yourself with NSGs that do not do what you think they should do.

    Troubleshooting NSGs isn’t trivial.

    I’ll try to give some guidance here but...

  • Moving existing workloads to Azure

    From https://www.pexels.com/

    Applications born in the cloud can take full advantage of the cloud and the agility it brings.

    But there are a lot of existing solutions out there that weren’t born in the cloud.

    In this article I want to sketch a very high level approach on how...

  • Virtual Machine with 2 NICs

    Colorful Ethernet CableIn Azure Resource Manager (ARM), Network Interface Cards (NICs) are a first class resource.  You can defined them without a Virtual Machine.

    UPDATE:  As a reader kingly point out, NIC means Network Interface Controller, not Network Interface Card as I initially wrote.  Don’t be fooled by the Azure logo ;) 

    Let’s...

  • Recreating VMs in Azure

    From http://www.hdwalls.xyz/In this article I’m going to explain how to destroy VMs, keep their disks on the backburner and re-create them later.

    Why would you do that?

    After all, you can shut down VMs and not be charged for it.  You can later restart them and...


Web

  • Ingress rules in different Kubernetes namespaces

    In this article I want to show how an ingress controller in Kubernetes can be used to route traffic to workloads deployed in multiple namespaces.

    The online doc for AKS deploys everything in the same namespace. Hence this article is a thin extension to the online doc.

    The basic trick is to deploy...

  • Azure Front Door with App Service

    Azure Front Door service was recently released.

    Azure Front Door is an interesting service combining the capabilities of:

    • Reverse Proxy (SSL Termination, URL based routing, URL rewrite & session affinity)
    • Web Application Firewall (WAF)
    • Accelerated Global routing
    • Global Load Balancing between geo-distributed backend
    • Some bits of Content Delivery Network (CDN, in the...
  • Azure Application Insights Role Name Nuget Package

    I’ve been using Azure Application Insights to monitor micro-services.

    Since I have many micro-services, it isn’t practical to have an Application Insight resource per service. Given that those micro-services interact with each other and I want to monitor those interactions, it makes sense to get all telemetry in one place.

    The issue with...

  • Understanding multiple Ingress in AKS

    Last time, I covered the ins and outs of Ingress on AKS.

    We looked at how to install nginx ingress controller and how the controller is deployed as a load balanced service. We did some URL based routing and domain name overloading.

    This was in the spirit of clarifying the magic...

  • Azure Functions HTTP – Authorization Levels

    pexels-photo-277593[1]In a past article, we looked at Serverless compute in Azure in general and Azure Functions specifically.

    In this article we wanted to focus on Azure Function triggered by HTTP requests and the different options we have to authenticate:

    • Anonymous
    • Function
    • Admin
    • System
    • User

    Those are...

  • Using Application Gateway with VNET peering

    pexels-photo-374710[1]As I write these lines (early November 2017), Application Gateway doesn’t integrate well across VNET peering.

    More precisely, if we put the gateway in a VNET and have scale sets in another, the usual integration, where the scale set registers its VM automatically as the size of the set...

  • Azure Application Gateway Anatomy

    Back in May, we talked about Azure Application Gateway.

    In this article, we’re going to look at its anatomy, i.e. its internal component as exposed in the Azure Resource Manager (ARM) model.

    A lot of Azure Resource has an internal structure.  For instance, a Virtual Network has a collection of subnets.

    Azure Application Gateway has a very rich internal...

  • URL Routing with Azure Application Gateway

    Update (13-06-2017):  The POC of this article is available on GitHub here.

    I have a scenario perfect for a Layer-7 Load Balancer / Reverse Proxy:

    • Multiple web server clusters to be routed under one URL hierarchy (one domain name)
    • Redirect HTTP traffic to the same URL on HTTPS
    • Have reverse proxy...
  • Web Socket Protocol

    Web Socket is a new protocol, standardised in RFC 6455, attempting to bring the best features of HTTP & TCP together.  More specifically, it aims at being Connected & full-duplex (as TCP), allowing server to call-back clients and universal (as HTTP).

    This wasn’t done without pain.  Web Socket has a non-trivial handshake process, done over HTTP, after which the...

  • Web Design: Make Complex thing Simple

    I’m always amazed at you a simple user interface can simplify complex tasks.

    Take Windows Explorer where you can drag & drop multiple files from one folder to another.  The user sees which folders the files are going into, it takes a few seconds and boom!  Doing that by command line would be much more abstract, left alone much more...