November 25, 2020
In the first post in this series, we’re going to talk about the infrastructure. We need some database server to host each tenant’s database and the shared database that contains information on all the tenants (like which database belongs to whom). We also need infrastructure to host the API on and off course, need something for configuration and secret management. TL;DR: All templates and the pipeline can be found in my repository.
Multi tenant app with database-per-tenant
November 15, 2020
I recently started building an architecture for a multi-tenant app to support a database per tenant (customer) scenario for one of my customers. Splitting your data in multiple databases like that has a few benefits like easy backup and restore per customer, better security by separation of data, and potential performance benefits. Especially the separation of data was a hard requirement here. I found this to be a nice challenge as it involves many moving parts to get it right.
Using an Azure Virtual Machine Scale set as Azure DevOps agents
October 2, 2020
Over the past few weeks, I’ve been implementing a few new networking features in Azure for a client. We did that to make our infrastructure more secure. I’ve been playing around with VNET’s, Private Links, Services Endpoints and Access Restrictions on Azure Web App, SQL databases, Storage and KeyVault. One of the issues I stumbled upon quite quickly was the fact that when you restrict access to a resource, Azure DevOps can’t reach that anymore as well.
Disable Azure Security Center recommendations using ARM Templates
September 8, 2020
Azure Security Center gives you a great overview of the state of your workloads security hygiene and compliance. I recently got tasked with going through the recommendations, take action, and improve our overall security and compliance status. Some of the recommendations presented to me were in the ‘Enable advanced threat protection’-group, like ‘Advanced threat protection should be enabled on Azure App Service plans’.
My first look at Azure IoT Hub
September 3, 2020
I recently decided it was time for me to take a shot at passing another few Microsoft exams. While studying for one of them, I noticed that I didn’t knew too much about Azure IoT Hub. I had never come across it in my daily job. So I gave myself the following goal: have something that acts as an IoT device that sends data into Azure IoT Hub and have something read that data and does something useful with it. When talking about the data that comes out of IoT Hub we usually split that into a hot and/or cold analytics path, in this blog I’ll show you an example of both.
Generating API clients using NSwag and Azure DevOps
August 10, 2020
Whenever you create an API you probably want to be able to create some documentation around that API. Swagger has been around for a long time and allows you to explore and test your API using a nice UI in the browser. It also provides you with an OpenAPI spec in json format describing your service. OpenAPI is to REST what WSDL is to an SOAP-endpoint. Wouldn’t it be cool if you could generate your clients using that spec? Well, you can!
Azure App Configuration and KeyVault
July 26, 2020
Recently I started on a new project and therefor a whole new application. It’s build using .NET Core and like many apps, it needs some configuration that varies between deployments. Azure now has a service called Azure App Configuration that allows you to store and manage your configuration. Combined with Azure KeyVault to store your secrets, we get configuration management nearly for free. Let’s dive in!
Autoscaling .NET Core Azure Functions on Kubernetes
June 16, 2020
Everyone who worked with containers on Kubernetes probably agrees that there is a pretty steep learning curve in the beginning. Once you overcome that, you’ll find that it’s an awesome and very capable product and that it will make your life better (when used in the right context of-course). One area where Kubernetes is not so great is event-based autoscaling. That’s where KEDA comes in. KEDA stands for Kubernetes-based Event-driven Autoscaler.
Securing your Azure SQL DB using Azure Private Link
May 27, 2020
Whenever you create a new SQL Database on the Azure Cloud, one of the first things you probably do is set the ‘Allow Azure services and resources to access this server’-switch to ‘Yes’. This allows your App Service for example to access your database. It’s not very secure however since all an attacker then needs is your connections string. And although you are probably very careful with that, it might just accidentally get public.
Using an ARM template to deploy your SSL certificate stored in KeyVault on an Web App
October 20, 2019
Everyone knows it’s completely normal nowadays to have your website loaded over https. Troy Hunt explains why. There are quite some examples out there on how to use Let’s Encrypt certificates on your Azure web app, see this one by Henry Been for example. For most of us that’s a perfect and free solutions. It doesn’t work for all of us however.
Reading secrets from KeyVault in your Azure Cloud Service
October 18, 2019
Azure Cloud Service was one of the earliest Platform as a Service offerings by Microsoft Azure. With Cloud Services you can run web applications or run background applications. Since it is a PaaS offering, you dot not need to worry about the issues that comes with IaaS, patching for example and they offer a lot of flexibility. They are not officially deprecated, though Microsoft is pushing for the use of other PaaS offerings.
Reading secrets from KeyVault in your Azure Web App
October 18, 2019
Azure KeyVault is a great Azure offerring that allows you to store for example secrets or certificates. You are currently looking at the first post out of a series of posts on how to grab secrets or certificates from KeyVault in your web applications. This post wil focus on creating the KeyVault, giving access to you Azure Web App and retrieving a secret in two different ways. I will be using an ASP.
My k3s OpenFaaS Raspberry Pi cluster
September 10, 2019
A few months ago I build a Raspberry Pi cluster running K3S. I build it because I wanted to have a nice environment the learn more about Kubernetes and OpenFaas. It always feels nice to have something you can actually touch in this all software world I normally live in. After tweeting and giving a session about my OpenFaas Raspberry Pi cluster people started asking what parts the cluster consists of and what software I use to run it.
Creating a simple OpenFaas template
May 11, 2019
Whenever you want to create a new function to run on OpenFaas your starting point would be an OpenFaas template. OpenFaas has a template engine build-in which can create new functions in a given programming language. There are the official/default templates and there are templates in the store provided by the community. If a language you would like to use isn’t available or it doesn’t suite your needs, you can always write your own!
Your first .NET Core Serverless function on OpenFaas
May 8, 2019
In my previous blog I described how to set-up OpenFaas on a Kubernetes cluster with a little help from Rancher. Now it’s time to deploy our first serverless function. In this blog we’ll create and deploy a .NET Core function that reads a bit of config using both an environment variable and Kubernetes secrets. Creating your first function In the previous blog we installed the OpenFaas cli. If you didn’t already, here are the instructions.
Octopus Deploy and Entity Framework migrations
February 3, 2017
A step that is very common in almost every deployment pipeline is the migration of the database. In this blog I’ll show you how to do this using Octopus Deploy and Entity Framework Migrations. I’ll be using a very simple ASP.Net MVC application called SimpleMVCApp. In the same solution, I’ve created a library project named SimpleMVCApp.Data in which my context, models, migrations and migration scripts reside. This application can be found on my GitHub account.
Continuous delivery bij SnelStart
December 22, 2016
Bij SnelStart ontwikkelen we boekhoudsoftware voor het midden en klein bedrijf. SnelStart doet dat al meer dan 30 jaar door middel van een desktopapplicatie en sinds kort ook met een online variant. Ongeveer drie jaar geleden zijn we bij SnelStart begonnen met de ontwikkeling van ons service platform. Dit is een Azure Cloud oplossing die onze klanten onder andere de mogelijkheid geeft om in te loggen vanuit hun desktop- of webapplicatie, online administraties aan te maken en belastingaangiften te versturen.