7 best practices for operating containers

7 best practices for operating containers proposed by Google. These can serve as blueprint for ensuring resilient solutions.

Below are some of the best practices for operating containers proposed by Google. These can serve as blueprint for ensuring resilient solutions.

  1. Use native logging mechanisms or containers
    • JSON logs
    • Log aggregator sidecar pattern
  2. Ensure that containers are stateless and immutable
  3. Avoid privileged containers
  4. Make application easy to monitor
    • Metrics HTTP endpoint
    • Sidecar pattern for monitoring
  5. Expose the health of your application
    • Liveness probe
    • Readiness probe
  6. Avoid running as root
  7. Carefully choose image version

For full details of each line item check this link:



Notes from Microsoft Build Conference 2020

Some notes from the 3-day online MSFT Build Conference held on May 2020Recording of all sessions: https://channel9.msdn.com/Events/Build/2020

  • Microsoft Teams user base grew to 75 million in April!
  • Github is the home for developers
    • Lots of Visual Studio Code integration
    • CI/CD with Github Actions
    • Remote developer productivity with Codespaces
    • Codespaces in Github is very similar to Cloud Shells: an IDE in the browser integrated with github repo, with browser preview and Azure Static Web Apps integration.
    • https://github.com/features/codespaces/
  • Windows Subsystem for Linux (WSDL)
    • WSDL 2 will be released with the next Windows (~ Sept)
    • Almost native Linux Kernel – Faster – Can open Linux GUI apps
    • Docker Desktop runs better on WSDL
  • Power Platform
    • Tool to building low-code/no-code apps
    • Great for quick data-driven business apps
    • Integrates nicely with Teams, reaching a wide audience instantly
  • Azure
    • 95% of Fortune 500 use Azure
    • Azure Arc is the first control plane for multi-cloud env
    • Azure Static Web App http://aka.ms/staticwebaapps
      • A modern web app service that offers streamlined full-stack development from source code to global high availability.
      • Very easy a quick to spin up a production app from github
    • Cloud Native App Development
      • Spot pricing
      • Kubenertes Engine – Run windows servers
      • Cosmos DB
        • Free tier
        • Serverless pricing
        • Auto-scale
      • Azure Cognitive Services
        • Vision
        • Speech
        • Search
        • Language

Kubernetes Cheat Sheet

A list of commonly used commands when working with Kubernetes cluster.

Below is a list of common and useful commands for working with kubernetes.

Note: appending <-o wide> to some of the commands below will provide more details.

Get all nodes in a cluster

kubectl get nodes
kubectl get nodes -o wide

Get all services in a cluster

kubectl get services

Get all pods in a cluster

kubectl get pods

Create a resource (Deployment, Service)

kubectl create -f <resource.yaml>

Modify a resource

kubectl apply -f <resourcce.yaml>

Get into a pod with ‘bash’ command

kubectl exec -it <podid> -- bash


Get secrets

kubectl get secrets

Create secrets

From string literals:

kubectl create secret generic myunsafesecret --from-literal=password=Password123

From file:

# Create files
echo -n 'admin' > ./username.txt
echo -n '1f2d1e2e67df' > ./password.txt

kubectl create secret generic db-user-pass --from-file=./username.txt --from-file=./password.txt

From yaml resource:

# Content of secret.yaml
apiVersion: v1
kind: Secret
  name: mysecret
  type: Opaque
  username: {{username}}
  password: {{password}}

kubectl create -f ./secret.yaml

Ref: https://kubernetes.io/docs/concepts/configuration/secret/


Get storage classes

kubectl get sc

Get persistent volumes

kubectl get pv

Get persistent volume claims

kubectl get pvc


Get deployments

kubectl get deploy

Get deployment details

kubectl describe deploy <deploymentname>

Get replica sets

kubectl get rs -o wide

Get deployment rollout status

kubectl rollout status deploy <deploymentname>

Get deployment rollout history

kubectl rollout history deploy <deploymentname>

Tip: Adding –record flag to kubctl apply will stick the command to the object, so that it will appear under CHANGE-CAUSE in history

Get details for a particular deployment revision

kubectl rollout history deploy <deploymentname> --revision=<revisionnumber>

Rollback a deployment

kubectl rollout undo deploy <deploymentname>

Tip: It is better to avoid this rollback mechanism, and downgrade the version in the deployment.yaml itself and reposting it with “kubectl apply”. This “imperative” way could cause inconsistent environment, where the version of the running container instance doesn’t match the yaml manifest, and any redeployment could accidentally deploy unwanted version. “Declarative” approach is preferred.


Get snapshot logs for a particular pod with only one container

kubctl logs <pod name>

Run kubectl logs -h for all options

Ref: https://kubernetes.io/docs/concepts/cluster-administration/logging/


Run a container directly

kubectl run -i --tty <name> --image=<imagename> <command>
kubectl run -i --tty loader --image=busybox /bin/sh

Note: This command will create a pod and will run the container inside it. if “–replica=<number>” is used, it will also create a replication controller in the cluster and will monitor the pod. This is useful when testing (i.e.: hitting a service and generating load, checking service/pod network, etc)

Summary and References

This post contains a list of commonly used commands when interacting with a Kubernetes cluster. Shout out to @nigelpoulton and his great ACG course: “Kubernetes Deep Dive“. Also, here is a far better Cheat Sheet from original kubernetes team.

AWS vs GCP – Cloud Services Comparison

The following table provides a side-by-side comparison of the various services available on AWS and Google Cloud.

Service Category



Google Cloud



Amazon Elastic Compute Cloud

Compute Engine



AWS Elastic Beanstalk

App Engine



AWS Lambda

Cloud Functions



Amazon Elastic Kubernetes Service, Amazon Elastic Container Service

Google Kubernetes Engine


Containers without infrastructure

AWS Fargate

Cloud Run


Container registry

Amazon Elastic Container Registry

Container Registry


Virtual networks

Amazon Virtual Private Cloud

Virtual Private Cloud


Load balancer

Elastic Load Balancer

Cloud Load Balancing


Dedicated interconnect

AWS Direct Connect

Cloud Interconnect


Domains and DNS

Amazon Route 53

Google Domains, Cloud DNS



Amazon CloudFront

Cloud CDN


DDoS firewall


Google Cloud Armor


Object storage

Amazon Simple Storage Service

Cloud Storage


Block storage

Amazon Elastic Block Store

Persistent Disk


Reduced-availability storage

Amazon S3 Standard-Infrequent Access, Amazon S3 One Zone-Infrequent Access

Cloud Storage Nearline and Cloud Storage Coldline


Archival storage

Amazon Glacier

Cloud Storage Archive


File storage

Amazon Elastic File System



In-memory data store

Amazon ElastiCache for Redis




Amazon Relational Database Service, Amazon Aurora

Cloud SQLCloud Spanner


NoSQL: Key-value

Amazon DynamoDB

FirestoreCloud Bigtable


NoSQL: Indexed

Amazon SimpleDB



In-memory data store

Amazon ElastiCache for Redis


Data analytics

Data warehouse

Amazon Redshift



Query service

Amazon Athena




Amazon Simple Notification Service, Amazon Simple Queueing Service



Batch data processing

Amazon Elastic MapReduce, AWS Batch



Stream data processing

Amazon Kinesis



Stream data ingest

Amazon Kinesis



Workflow orchestration

Amazon Data Pipeline, AWS Glue

Cloud Composer

Management tools


AWS CloudFormation

Cloud Deployment Manager


Cost management

AWS Budgets

Cost Management



Amazon CloudWatch

Cloud Monitoring



Amazon CloudWatch Logs

Cloud Logging


Audit logging

AWS CloudTrails

Cloud Audit Logs




Cloud Debugger


Performance tracing


Cloud Trace

Security & identity


Amazon Identity and Access Management

Cloud Identity and Access Management


Secret management

AWS Secrets Manager

Secret Manager


Encrypted keys

AWS Key Management Service

Cloud Key Management Service


Resource monitoring

AWS Config

Cloud Asset Inventory


Vulnerability scanning

Amazon Inspector

Web Security Scanner


Threat detection

Amazon GuardDuty

Event Threat Detection (beta)


Microsoft Active Directory

AWS Directory Service

Managed Service for Microsoft Active Directory

Machine learning


Amazon Transcribe




Amazon Rekognition

Cloud Vision


Natural Language Processing

Amazon Comprehend

Cloud Natural Language API



Amazon Translate

Cloud Translation


Conversational interface

Amazon Lex

Dialogflow Enterprise Edition


Video intelligence

Amazon Rekognition Video

Video Intelligence API


Auto-generated models

Amazon SageMaker Autopilot



Fully managed ML

Amazon SageMaker

AI Platform

Internet of Things

IoT services

Amazon IoT

Cloud IoT

Reference: https://cloud.google.com/docs/compare/aws

Comparison of Google Cloud Storage Options


Considering key technical differentiators for storage options is critical when deciding what services to adopt to migrate workloads to cloud providers. Here is a brief and concise comparison of some of the Google Cloud Storage options in terms of technical details and use cases.

Comparison of Storage Options

Technical Details

Cloud Datastore Cloud Bigtable Cloud Storage Cloud SQL Cloud Spanner BigQuery
Type NoSQL document NoSQL wide column Blob storage Relational SQL for OLTP Relational SQL for OLTP Relational SQL for OLAP
Transactions Yes Single-row No Yes Yes No
Complex Queries No No No Yes Yes Yes
Capacity Terabytes+ Petabytes+ Petabytes+ Terabytes Petabytes Petabytes+
Unit Size 1MB/entity ~10MB/cell
5TB/object Determined by DB engine 10,240 MiB/row 10MB/row

Use Cases

Cloud Datastore Cloud Bigtable Cloud Storage Cloud SQL Cloud Spanner BigQuery
Best For Semi-structured application data, durable key-value data “Flat” data, heavy read/write, events, analytical data Structured and unstructured binary or object data Web frameworks, existing apps Large-scale database apps (> ~2tb) Interactive querying, offline analytics
Use Cases Getting started, App Engine apps AdTech, Financial and IoT data Images, large media files, backups User credentials, customer orders Whenever high I/O, global consistency is needed Data warehousing


Docker Cheat Sheet

Below is a list of common and useful commands for working with docker.

List all images in local machine

docker image ls

List all running instances

docker ps -a

Stop/remove all docker images

docker stop $(docker ps -a -q)
docker rm $(docker ps -a -q)

Run a container from Docker Windows using .NET Core image

docker run --rm -it -v "$(pwd):/app" -p 5000:5000 mcr.microsoft.com/dotnet/core/sdk

(Notice the double-quotes around path, otherwise pwd will not work from Windows)

Run a container with Redis

docker run --rm -it -p 6379:6379 redis

Get into a running container

docker exec -it 55ff7be44aba /bin/bash

(Replace 55ff7be44aba with the actual container name or id)



7 Tips to Effectively Sell Your Ideas


Have you ever failed at convincing your colleagues about how great your idea is? Have you felt disappointed because your team didn’t recognize how much productivity they were going to gain by implementing your proposal and didn’t commit to it? Have you ever been at a meeting, talking about something and failing to get the team engaged, then all of a sudden somebody else says the exact same thing and everybody is excited and paying attention?

I’m almost certain that most technology professionals have faced these challenges at some point in their career. Some people are just good at “selling” ideas, but the majority of us have to pay attention and work hard to get better at this.

This article provides 7 tips to help technology professionals become aware and focus on certain areas that will open opportunities to engage others and advance strategic initiatives.

How to make people buy your ideas?

Regardless of how good your intentions are, sometimes is very difficult to make others understand and get on-board with a particular initiative. Why don’t they get it?

This is a very complex area involving not just technical and business expertise, but also a great deal of communication skills and personality traits. It is, however, one area that, if addressed properly, can open many doors in your career.

The 7 points below are some of the simple steps a person can take to at least acquire some awareness and increase the chance of success.

1. Ask yourself: Do they really need it?

This is the first mandatory question. You don’t want to push your agenda without a valid business case first. It will be a waste of resources and time. Be respectful of other people time and money.

2. Ask yourself: Do they understand why they need it?

If there is legitimate business value in your idea, then you must ensure the other side totally understands the message.  Don’t assume they will just get it. You may need to take time to prepare several presentations showing different perspectives. Always use language, data and scenarios where the other side can relate to. Show them how this new idea will make their life easier. Show them what benefits they are getting.

3. Identify key influencers and work with them

Is there someone in the team who can help you convince others? This is the charismatic guy, the trusted technical expert nobody dares to challenge, the person who people follow and listen to. If you are able to convince this guy, he will get others on board and will make your job easier.

4. Understand their biggest challenges and genuinely help solve them

It is very important to understand people’s main challenges. They may be saying no to you right now because they are consumed by other pressing issues and don’t have time to consider alternatives and additional work. If you honestly care for them and offer your help without expecting anything in return, at some point those people will recognize you as one of them and will get on your side, validating your ideas and providing new opportunities. Be cautious though, if you are explicitly getting in just to take advantage, or to make them “own” you a favor, soon enough you will be exposed and will not be able to build strong and lasting relationships.

5. Expand your professional network

This is one of the most basic and important things to building a successful career. It applies to this topic, as well as many other areas. Having a solid professional network can offer countless benefits: guidance, opportunities, support, discovery,  growth, status, resources. See referenced article below for a more details on this topic.

6. Build and maintain your credibility

When you propose something, people will assess your credibility and track record before seriously considering your idea. It is really important to show commitment and deliver quality solutions on every occasion. Also, don’t be shy to share your success stories and lessons learned. People will be more comfortable listening to somebody they trust with a proven record.

7. Get buy in from “decision makers”

Sometimes the only way to get various teams to agree and collaborate is to ensure the priorities are aligned and everybody shares and owns the workload. This can be accomplished by convincing the top managers about how important or critical the work is, and leveraging their decision-making power to remove additional tasks from the team members and focus on one common goal. Sometimes people say no because they are overwhelmed with current responsibilities. If you take some of those tasks off, and ensure the new work is properly prioritized and balanced, that’s a win-win for everybody.


Being able to share ideas and influence others is a key part of career advancement. People will recognize, support and follow those who show determination, confidence and a proven record. Whether you want to become a leader or not, being able to convince others about certain approaches and directions may open a significant number of doors and will allow you to tap into the collective knowledge and effort to accomplish bigger and better things. The 7 tips provided in this article intend to bring awareness about common areas that are often overlooked, and can increase the chances of success.



HelloWorld in .Net Core really takes less than 10 minutes!


I have been paying attention to the development of the .NET Core framework and the great features coming out of it. Things like cross-platform compatibility are very appealing and open a whole new window of opportunities to the developer community. I never decided to start experimenting with this until now, and since I saw how easy it was to setup, I decided to share my experience here. In this post I will list the required steps to write a HelloWorld console application using .NET Core framework. It literally took me less than 10 minutes to see “Hello World” in the output window!

Steps to create HelloWorld console application in .NET Core

1. Go to dot.net and download the .NET Core SDK

– Download and install .NET Core SDK for Windows
I am using Windows, but the same steps can be applied to Mac and Linux.

2. Open a command line

I like Windows PowerShell, but you could use the windows command line, or Terminal if using a Mac.

3. Check if .NET Code SDK was successfully installed

Execute the following command:

c:\Users\luis.carrazana\Documents> dotnet
You should see something like this:

4. Create a folder for the project and navigate to it

c:\Users\luis.carrazana\Documents> cd "MyProjects"
c:\Users\luis.carrazana\Documents\MyProjects> md "DotNetCore101"
c:\Users\luis.carrazana\Documents\MyProjects> cd "DotNetCore101"

5. Create a new project

Execute the following command:

c:\Users\luis.carrazana\Documents\MyProjects\DotNetCore101> dotnet new
Two files should be created:
Program.cs  (contains the program logic).
project.json  (contains project configuration, including dependencies).
This is the simplest boilerplate for a console application, and it contains the required logic to print “Hello World” to the console.

6. Restore dependencies and prepare the project for execution

Execute the following command:

c:\Users\luis.carrazana\Documents\MyProjects\DotNetCore101> dotnet restore
This step generates a new file: project.lock.json
This file should not be touched or checked into source control. Its purpose is to cache the result of analyzing project dependencies, so it is faster the next time. More details abut this file here.

7. Run the program

Execute the following command:

c:\Users\luis.carrazana\Documents\MyProjects\DotNetCore101> dotnet run
The logic should get executed and the “Hellow World” message should be displayed.

That’s it! You have a full .NET Core program running.

Editing the program

The steps above are useful for setting up the minimal required infrastructure to execute .NET Core logic. From this point, you will certainly want to start choosing developer tools that will allow you to write code in a very efficient way.
You can choose any text editor (including Notepad), or you may wanna choose a more robust IDE to make the development workflow more efficient. Coming from a pure .NET background, my immediate choice is the lightweight Visual Studio Code, which offers some nice integrations and can be executed in Windows, Mac and Linux.
So to edit and extend this program, I would manually open Visual Studio Code and load the project folder. However, I learned a very useful tip from Scott Hanselman in one of his training videos: from the command line, type “code .” and it will open Visual Studio Code with the current folder already loaded, ready to go. Pretty neat.
c:\Users\luis.carrazana\Documents\MyProjects\DotNetCore101> code .


This post described the required steps to provision and execute a quick console application using .NET Core. This framework is currently in Preview mode, and any developer can start using it to write code and run it on any platform. Being a Consultant working for big enterprises, I don’t see myself leveraging this framework for production in the near future. However, it is a good idea to pay attention to the great amount of innovation coming out of it. This is opening up a whole new world for writing great applications.


How to rename an Azure subscription


This post will provide the steps to rename an Azure subscription.

Why is this needed?

When managing several Azure subscriptions, keeping the default name may not be very desirable because you would like to quickly identify the customer, website, or any other association you have when managing resources and billing.

I recently ran into this issue myself, where I had to create a new subscription for managing the resources and billing for a production website separately from my own development and testing. When creating the subscription, I chose the Pay-As-You-Go type, and I wanted to rename it with the website name. So my naming convention is:”<websitename> Pay-As-You-Go”. This way, I’ll be able to get the exact billing for each production website in my account, and I could even decide to use different credit cards for each one.

The option for renaming a subscription is not available from the Azure portal. This is available from the windows azure account page. I’d be interested to know why Microsoft hasn’t decided to unify this and allow the action from the portal itself, at least for service administrators.

Renaming an Azure Subscription

  1. Navigate to the Windows Azure account page at: https://account.windowsazure.com and click on SUBSCRIPTIONS on top
  2. Select the subscription you want to rename, and click “Edit Subscription Details” from the right menu
  3. Enter the new name and save it
  4. Navigate back to the  Azure portal and you should see the new name reflected under your subscriptions