7 best practices for operating containers

Below are some of the best practices for operating containers proposed by Google. These can serve as blueprint for ensuring resilient solutions.

1. Use native logging mechanisms or containers
   • JSON logs
   • Log aggregator sidecar pattern
2. Ensure that containers are stateless and immutable
3. Avoid privileged containers
4. Make application easy to monitor
   • Metrics HTTP endpoint
   • Sidecar pattern for monitoring
5. Expose the health of your application
   • Liveness probe
   • Readiness probe
6. Avoid running as root
7. Carefully choose image version

For full details of each line item check this link:

https://cloud.google.com/solutions/best-practices-for-operating-containers

Notes from Microsoft Build Conference 2020

Some notes from the 3-day online MSFT Build Conference held on May 2020Recording of all sessions: https://channel9.msdn.com/Events/Build/2020

• Microsoft Teams user base grew to 75 million in April!

• Github is the home for developers
  • Lots of Visual Studio Code integration
  • CI/CD with Github Actions
  • Remote developer productivity with Codespaces
  • Codespaces in Github is very similar to Cloud Shells: an IDE in the browser integrated with github repo, with browser preview and Azure Static Web Apps integration.
  • https://github.com/features/codespaces/

• Windows Subsystem for Linux (WSDL)
  • WSDL 2 will be released with the next Windows (~ Sept)
  • Almost native Linux Kernel – Faster – Can open Linux GUI apps
  • Docker Desktop runs better on WSDL

• Power Platform
  • Tool to building low-code/no-code apps
  • Great for quick data-driven business apps
  • Integrates nicely with Teams, reaching a wide audience instantly

• Azure
  • 95% of Fortune 500 use Azure
  • Azure Arc is the first control plane for multi-cloud env
  • Azure Static Web App http://aka.ms/staticwebaapps
    • A modern web app service that offers streamlined full-stack development from source code to global high availability.
    • Very easy a quick to spin up a production app from github
  • Cloud Native App Development
    • Spot pricing
    • Kubenertes Engine – Run windows servers
    • Cosmos DB
      • Free tier
      • Serverless pricing
      • Auto-scale
    • Azure Cognitive Services
      • Vision
      • Speech
      • Search
      • Language

• Frameworks
  • C# 9 > https://devblogs.microsoft.com/dotnet/welcome-to-c-9-0
  • Blazor and WebAssembly officially released for production
    • Writing client-side apps with C#
    • https://dotnet.microsoft.com/apps/aspnet/web-apps/blazor

• Cool Tools
  • API Development in Visual Studio with HTTPRpl
    • Navigate api like folder structure
    • https://github.com/dotnet/HttpRepl
  • Power Toys
    • https://github.com/microsoft/PowerToys
  • Windows Terminal
    • https://www.microsoft.com/en-us/p/windows-terminal
    • Official version 1.0 released
  • Win-get > Windows Package Manager
    • Scripting Windows environment setup with all productivity and developer tools
    • https://docs.microsoft.com/en-us/windows/package-manager/winget/

Kubernetes Cheat Sheet

Below is a list of common and useful commands for working with kubernetes.

Note: appending <-o wide> to some of the commands below will provide more details.

Get all nodes in a cluster

kubectl get nodes

kubectl get nodes -o wide

Get all services in a cluster

kubectl get services

Get all pods in a cluster

kubectl get pods

Create a resource (Deployment, Service)

kubectl create -f <resource.yaml>

Modify a resource

kubectl apply -f <resourcce.yaml>

Get into a pod with ‘bash’ command

kubectl exec -it <podid> -- bash

Secrets

Get secrets

kubectl get secrets

Create secrets

From string literals:

kubectl create secret generic myunsafesecret --from-literal=password=Password123

From file:

# Create files
echo -n 'admin' > ./username.txt
echo -n '1f2d1e2e67df' > ./password.txt

kubectl create secret generic db-user-pass --from-file=./username.txt --from-file=./password.txt

From yaml resource:

# Content of secret.yaml
apiVersion: v1
kind: Secret
metadata:
  name: mysecret
  type: Opaque
stringData:
  username: {{username}}
  password: {{password}}
#####

kubectl create -f ./secret.yaml

Ref: https://kubernetes.io/docs/concepts/configuration/secret/

Storage

Get storage classes

kubectl get sc

Get persistent volumes

kubectl get pv

Get persistent volume claims

kubectl get pvc

Deployment

Get deployments

kubectl get deploy

Get deployment details

kubectl describe deploy <deploymentname>

Get replica sets

kubectl get rs -o wide

Get deployment rollout status

kubectl rollout status deploy <deploymentname>

Get deployment rollout history

kubectl rollout history deploy <deploymentname>

Tip: Adding –record flag to kubctl apply will stick the command to the object, so that it will appear under CHANGE-CAUSE in history

Get details for a particular deployment revision

kubectl rollout history deploy <deploymentname> --revision=<revisionnumber>

Rollback a deployment

kubectl rollout undo deploy <deploymentname>

Tip: It is better to avoid this rollback mechanism, and downgrade the version in the deployment.yaml itself and reposting it with “kubectl apply”. This “imperative” way could cause inconsistent environment, where the version of the running container instance doesn’t match the yaml manifest, and any redeployment could accidentally deploy unwanted version. “Declarative” approach is preferred.

Logging

Get snapshot logs for a particular pod with only one container

kubctl logs <pod name>

Run kubectl logs -h for all options

Ref: https://kubernetes.io/docs/concepts/cluster-administration/logging/

Misc

Run a container directly

kubectl run -i --tty <name> --image=<imagename> <command>

kubectl run -i --tty loader --image=busybox /bin/sh

Note: This command will create a pod and will run the container inside it. if “–replica=<number>” is used, it will also create a replication controller in the cluster and will monitor the pod. This is useful when testing (i.e.: hitting a service and generating load, checking service/pod network, etc)

Summary and References

This post contains a list of commonly used commands when interacting with a Kubernetes cluster. Shout out to @nigelpoulton and his great ACG course: “Kubernetes Deep Dive“. Also, here is a far better Cheat Sheet from original kubernetes team.

AWS vs GCP – Cloud Services Comparison

The following table provides a side-by-side comparison of the various services available on AWS and Google Cloud.

Service Category	Service	AWS	Google Cloud
Compute	IaaS	Amazon Elastic Compute Cloud	Compute Engine
	PaaS	AWS Elastic Beanstalk	App Engine
	FaaS	AWS Lambda	Cloud Functions
Containers	CaaS	Amazon Elastic Kubernetes Service, Amazon Elastic Container Service	Google Kubernetes Engine
	Containers without infrastructure	AWS Fargate	Cloud Run
	Container registry	Amazon Elastic Container Registry	Container Registry
Networking	Virtual networks	Amazon Virtual Private Cloud	Virtual Private Cloud
	Load balancer	Elastic Load Balancer	Cloud Load Balancing
	Dedicated interconnect	AWS Direct Connect	Cloud Interconnect
	Domains and DNS	Amazon Route 53	Google Domains, Cloud DNS
	CDN	Amazon CloudFront	Cloud CDN
	DDoS firewall	AWS Shield, AWS WAF	Google Cloud Armor
Storage	Object storage	Amazon Simple Storage Service	Cloud Storage
	Block storage	Amazon Elastic Block Store	Persistent Disk
	Reduced-availability storage	Amazon S3 Standard-Infrequent Access, Amazon S3 One Zone-Infrequent Access	Cloud Storage Nearline and Cloud Storage Coldline
	Archival storage	Amazon Glacier	Cloud Storage Archive
	File storage	Amazon Elastic File System	Filestore
	In-memory data store	Amazon ElastiCache for Redis	Memorystore
Database	RDBMS	Amazon Relational Database Service, Amazon Aurora	Cloud SQL, Cloud Spanner
	NoSQL: Key-value	Amazon DynamoDB	Firestore, Cloud Bigtable
	NoSQL: Indexed	Amazon SimpleDB	Firestore
	In-memory data store	Amazon ElastiCache for Redis	Memorystore
Data analytics	Data warehouse	Amazon Redshift	BigQuery
	Query service	Amazon Athena	BigQuery
	Messaging	Amazon Simple Notification Service, Amazon Simple Queueing Service	Pub/Sub
	Batch data processing	Amazon Elastic MapReduce, AWS Batch	Dataproc, Dataflow
	Stream data processing	Amazon Kinesis	Dataflow
	Stream data ingest	Amazon Kinesis	Pub/Sub
	Workflow orchestration	Amazon Data Pipeline, AWS Glue	Cloud Composer
Management tools	Deployment	AWS CloudFormation	Cloud Deployment Manager
	Cost management	AWS Budgets	Cost Management
Operations	Monitoring	Amazon CloudWatch	Cloud Monitoring
	Logging	Amazon CloudWatch Logs	Cloud Logging
	Audit logging	AWS CloudTrails	Cloud Audit Logs
	Debugging	AWS X-Ray	Cloud Debugger
	Performance tracing	AWS X-Ray	Cloud Trace
Security & identity	IAM	Amazon Identity and Access Management	Cloud Identity and Access Management
	Secret management	AWS Secrets Manager	Secret Manager
	Encrypted keys	AWS Key Management Service	Cloud Key Management Service
	Resource monitoring	AWS Config	Cloud Asset Inventory
	Vulnerability scanning	Amazon Inspector	Web Security Scanner
	Threat detection	Amazon GuardDuty	Event Threat Detection (beta)
	Microsoft Active Directory	AWS Directory Service	Managed Service for Microsoft Active Directory
Machine learning	Speech	Amazon Transcribe	Speech-to-Text
	Vision	Amazon Rekognition	Cloud Vision
	Natural Language Processing	Amazon Comprehend	Cloud Natural Language API
	Translation	Amazon Translate	Cloud Translation
	Conversational interface	Amazon Lex	Dialogflow Enterprise Edition
	Video intelligence	Amazon Rekognition Video	Video Intelligence API
	Auto-generated models	Amazon SageMaker Autopilot	AutoML
	Fully managed ML	Amazon SageMaker	AI Platform
Internet of Things	IoT services	Amazon IoT	Cloud IoT

Reference: https://cloud.google.com/docs/compare/aws

Comparison of Google Cloud Storage Options

Intro

Considering key technical differentiators for storage options is critical when deciding what services to adopt to migrate workloads to cloud providers. Here is a brief and concise comparison of some of the Google Cloud Storage options in terms of technical details and use cases.

Comparison of Storage Options

Technical Details

	Cloud Datastore	Cloud Bigtable	Cloud Storage	Cloud SQL	Cloud Spanner	BigQuery
Type	NoSQL document	NoSQL wide column	Blob storage	Relational SQL for OLTP	Relational SQL for OLTP	Relational SQL for OLAP
Transactions	Yes	Single-row	No	Yes	Yes	No
Complex Queries	No	No	No	Yes	Yes	Yes
Capacity	Terabytes+	Petabytes+	Petabytes+	Terabytes	Petabytes	Petabytes+
Unit Size	1MB/entity	~10MB/cell ~100MB/row	5TB/object	Determined by DB engine	10,240 MiB/row	10MB/row

Use Cases

	Cloud Datastore	Cloud Bigtable	Cloud Storage	Cloud SQL	Cloud Spanner	BigQuery
Best For	Semi-structured application data, durable key-value data	“Flat” data, heavy read/write, events, analytical data	Structured and unstructured binary or object data	Web frameworks, existing apps	Large-scale database apps (> ~2tb)	Interactive querying, offline analytics
Use Cases	Getting started, App Engine apps	AdTech, Financial and IoT data	Images, large media files, backups	User credentials, customer orders	Whenever high I/O, global consistency is needed	Data warehousing

Reference:

• https://cloud.google.com/products/storage/
• https://cloud.google.com/products/databases/
• https://app.pluralsight.com/courses/b92c1f0a-74a5-4ba8-9462-a1a6d0971e53/table-of-contents

Docker Cheat Sheet

Below is a list of common and useful commands for working with docker.

List all images in local machine

docker image ls

List all running instances

docker ps -a

Stop/remove all docker images

docker stop $(docker ps -a -q)
docker rm $(docker ps -a -q)

Run a container from Docker Windows using .NET Core image

docker run --rm -it -v "$(pwd):/app" -p 5000:5000 mcr.microsoft.com/dotnet/core/sdk

(Notice the double-quotes around path, otherwise pwd will not work from Windows)

Run a container with Redis

docker run --rm -it -p 6379:6379 redis

Get into a running container

docker exec -it 55ff7be44aba /bin/bash

(Replace 55ff7be44aba with the actual container name or id)

 

Ref:

• https://coderwall.com/p/ewk0mq/stop-remove-all-docker-containers

Types of Cloud Services

This chart displays very clearly the types of cloud services and highlights what’s managed by cloud provider vs customer.

Ref: Design a Compute Strategy for Microsoft Azure by John Savill

7 Tips to Effectively Sell Your Ideas

Intro

Have you ever failed at convincing your colleagues about how great your idea is? Have you felt disappointed because your team didn’t recognize how much productivity they were going to gain by implementing your proposal and didn’t commit to it? Have you ever been at a meeting, talking about something and failing to get the team engaged, then all of a sudden somebody else says the exact same thing and everybody is excited and paying attention?

I’m almost certain that most technology professionals have faced these challenges at some point in their career. Some people are just good at “selling” ideas, but the majority of us have to pay attention and work hard to get better at this.

This article provides 7 tips to help technology professionals become aware and focus on certain areas that will open opportunities to engage others and advance strategic initiatives.

How to make people buy your ideas?

Regardless of how good your intentions are, sometimes is very difficult to make others understand and get on-board with a particular initiative. Why don’t they get it?

This is a very complex area involving not just technical and business expertise, but also a great deal of communication skills and personality traits. It is, however, one area that, if addressed properly, can open many doors in your career.

The 7 points below are some of the simple steps a person can take to at least acquire some awareness and increase the chance of success.

1. Ask yourself: Do they really need it?

This is the first mandatory question. You don’t want to push your agenda without a valid business case first. It will be a waste of resources and time. Be respectful of other people time and money.

2. Ask yourself: Do they understand why they need it?

If there is legitimate business value in your idea, then you must ensure the other side totally understands the message.  Don’t assume they will just get it. You may need to take time to prepare several presentations showing different perspectives. Always use language, data and scenarios where the other side can relate to. Show them how this new idea will make their life easier. Show them what benefits they are getting.

3. Identify key influencers and work with them

Is there someone in the team who can help you convince others? This is the charismatic guy, the trusted technical expert nobody dares to challenge, the person who people follow and listen to. If you are able to convince this guy, he will get others on board and will make your job easier.

4. Understand their biggest challenges and genuinely help solve them

It is very important to understand people’s main challenges. They may be saying no to you right now because they are consumed by other pressing issues and don’t have time to consider alternatives and additional work. If you honestly care for them and offer your help without expecting anything in return, at some point those people will recognize you as one of them and will get on your side, validating your ideas and providing new opportunities. Be cautious though, if you are explicitly getting in just to take advantage, or to make them “own” you a favor, soon enough you will be exposed and will not be able to build strong and lasting relationships.

5. Expand your professional network

This is one of the most basic and important things to building a successful career. It applies to this topic, as well as many other areas. Having a solid professional network can offer countless benefits: guidance, opportunities, support, discovery,  growth, status, resources. See referenced article below for a more details on this topic.

6. Build and maintain your credibility

When you propose something, people will assess your credibility and track record before seriously considering your idea. It is really important to show commitment and deliver quality solutions on every occasion. Also, don’t be shy to share your success stories and lessons learned. People will be more comfortable listening to somebody they trust with a proven record.

7. Get buy in from “decision makers”

Sometimes the only way to get various teams to agree and collaborate is to ensure the priorities are aligned and everybody shares and owns the workload. This can be accomplished by convincing the top managers about how important or critical the work is, and leveraging their decision-making power to remove additional tasks from the team members and focus on one common goal. Sometimes people say no because they are overwhelmed with current responsibilities. If you take some of those tasks off, and ensure the new work is properly prioritized and balanced, that’s a win-win for everybody.

Summary

Being able to share ideas and influence others is a key part of career advancement. People will recognize, support and follow those who show determination, confidence and a proven record. Whether you want to become a leader or not, being able to convince others about certain approaches and directions may open a significant number of doors and will allow you to tap into the collective knowledge and effort to accomplish bigger and better things. The 7 tips provided in this article intend to bring awareness about common areas that are often overlooked, and can increase the chances of success.

Reference

• How to Get Your Idea Approved?
• How to Win Friends and Influence People
• 7 Career Benefits of a Strong Network

 

HelloWorld in .Net Core really takes less than 10 minutes!

Intro

I have been paying attention to the development of the .NET Core framework and the great features coming out of it. Things like cross-platform compatibility are very appealing and open a whole new window of opportunities to the developer community. I never decided to start experimenting with this until now, and since I saw how easy it was to setup, I decided to share my experience here. In this post I will list the required steps to write a HelloWorld console application using .NET Core framework. It literally took me less than 10 minutes to see “Hello World” in the output window!

Steps to create HelloWorld console application in .NET Core

1. Go to dot.net and download the .NET Core SDK

– Download and install .NET Core SDK for Windows

I am using Windows, but the same steps can be applied to Mac and Linux.

2. Open a command line

c:\Users\luis.carrazana\Documents>

I like Windows PowerShell, but you could use the windows command line, or Terminal if using a Mac.

3. Check if .NET Code SDK was successfully installed

Execute the following command:

c:\Users\luis.carrazana\Documents> dotnet

You should see something like this:

4. Create a folder for the project and navigate to it

c:\Users\luis.carrazana\Documents> cd "MyProjects"
c:\Users\luis.carrazana\Documents\MyProjects> md "DotNetCore101"
c:\Users\luis.carrazana\Documents\MyProjects> cd "DotNetCore101"
c:\Users\luis.carrazana\Documents\MyProjects\DotNetCore101>

5. Create a new project

Execute the following command:

c:\Users\luis.carrazana\Documents\MyProjects\DotNetCore101> dotnet new

Two files should be created:
– Program.cs  (contains the program logic).
– project.json  (contains project configuration, including dependencies).

This is the simplest boilerplate for a console application, and it contains the required logic to print “Hello World” to the console.

6. Restore dependencies and prepare the project for execution

Execute the following command:

c:\Users\luis.carrazana\Documents\MyProjects\DotNetCore101> dotnet restore

This step generates a new file: project.lock.json

This file should not be touched or checked into source control. Its purpose is to cache the result of analyzing project dependencies, so it is faster the next time. More details abut this file here.

7. Run the program

Execute the following command:

c:\Users\luis.carrazana\Documents\MyProjects\DotNetCore101> dotnet run

The logic should get executed and the “Hellow World” message should be displayed.

That’s it! You have a full .NET Core program running.

Editing the program

The steps above are useful for setting up the minimal required infrastructure to execute .NET Core logic. From this point, you will certainly want to start choosing developer tools that will allow you to write code in a very efficient way.
You can choose any text editor (including Notepad), or you may wanna choose a more robust IDE to make the development workflow more efficient. Coming from a pure .NET background, my immediate choice is the lightweight Visual Studio Code, which offers some nice integrations and can be executed in Windows, Mac and Linux.

So to edit and extend this program, I would manually open Visual Studio Code and load the project folder. However, I learned a very useful tip from Scott Hanselman in one of his training videos: from the command line, type “code .” and it will open Visual Studio Code with the current folder already loaded, ready to go. Pretty neat.

c:\Users\luis.carrazana\Documents\MyProjects\DotNetCore101> code .

Summary

This post described the required steps to provision and execute a quick console application using .NET Core. This framework is currently in Preview mode, and any developer can start using it to write code and run it on any platform. Being a Consultant working for big enterprises, I don’t see myself leveraging this framework for production in the near future. However, it is a good idea to pay attention to the great amount of innovation coming out of it. This is opening up a whole new world for writing great applications.

Reference

Free ASP.NET Core 1.0 Training on Microsoft Virtual Academy by Scott Hanselman

Introduction to Asp.Net Core 1.0 – MVA

Visual Studio Code page

How to rename an Azure subscription

Intro

This post will provide the steps to rename an Azure subscription.

Why is this needed?

When managing several Azure subscriptions, keeping the default name may not be very desirable because you would like to quickly identify the customer, website, or any other association you have when managing resources and billing.

I recently ran into this issue myself, where I had to create a new subscription for managing the resources and billing for a production website separately from my own development and testing. When creating the subscription, I chose the Pay-As-You-Go type, and I wanted to rename it with the website name. So my naming convention is:”<websitename> Pay-As-You-Go”. This way, I’ll be able to get the exact billing for each production website in my account, and I could even decide to use different credit cards for each one.

The option for renaming a subscription is not available from the Azure portal. This is available from the windows azure account page. I’d be interested to know why Microsoft hasn’t decided to unify this and allow the action from the portal itself, at least for service administrators.

Renaming an Azure Subscription

1. Navigate to the Windows Azure account page at: https://account.windowsazure.com and click on SUBSCRIPTIONS on top
   
2. Select the subscription you want to rename, and click “Edit Subscription Details” from the right menu
   
   
3. Enter the new name and save it
   
4. Navigate back to the  Azure portal and you should see the new name reflected under your subscriptions