.NET C#.Net .NET (Core) development Azure Microsoft Azure Azure DevOps Azure Security Azure Kubernetes Services (AKS) Cloud Security Application Security DevSecOps and GitOps in practice DevSecOps Modern Software Development DevOpsCulture Software Deveopment Cloud & DevOps DevOps Cloud Security Architecture Software Development Web Development DevOps & Automation Software Architecture Microservice Architecture Cloud Architecture Azure Architecture Kubernetes Kubernetes Security Containerization Container Security Azure Container Registry (ACR) Azure Container Instance (ACI) Windows containers Azure container Apps Container and Kubernetes security Docker GitHub GitHub Actions
I'm Kris and I like to code :)
Currently I'm working as a Lead Software Architect, driving several exciting tech projects that support digitalization journey in public and private sector, minimizing bureaucracy and making citizens' life easier. I also have a tech blog where I share my knowledge about different IT topics with the rest of the world: https://kristhecodingunicorn.com/
My main areas of interest are .NET, C#, Cloud computing (mainly Azure platform), Cloud Native application development and Secure Software Architecture and Development.
If you would like to talk tech, you're welcome to send me an IM. I'm also a Potterhead, a Witcher fan and a cat fan (especially when it comes to putting cat pics in ppt-s) - if you are too, then you're also very much welcome to send me an IM :)
Kubernetes has been a hot technology for a while and now that cloud providers are offering a managed Kubernetes service it sounds like setting up a Kubernetes cluster and start hosting applications on it should be easy-peasy, right? Right?!
Well, it depends. For instance, Microsoft offers Azure Kubernetes Service which is a PaaS offering but it doesn't mean that Microsoft takes responsibility for everything. And long before you start running your applications on AKS in production it's important for you to be aware of what you will be responsible for in terms of operating and maintaining AKS clusters and how these changes will affect the rest of your organization.
In this session I will share experiences from my own journey of migrating from VM-hosted applications to AKS and containers, what learnings I have taken out of it and what is important for you to consider and plan for before you start migrating applications to AKS.
Considerations will be related to:
- Culture, mindset and readiness of your organization
- Readiness and maturity of your application(s)
- Day 2 Operations
- Security and configuration of AKS clusters
- Upgrade strategy
- Developer experience
During the session I will also show a few demos, based on real-life events, of how changes of minor significance (like missing request and resource limits in a deployment template) can have disatrous consequences in production and how the probability of such issues happening can be minimized with proper policies and planning.
There are a lot of different ways you can set up Continuous Deployment to AKS - many of these ways may mean introducing a new tool. Introducing a new tool will require competence development, increased maintenance, auditing and operating needs - not to mention that it will be a new external tool to add to your supply chain.
But what if you could utilize additional capabilities of the tool that you already have? That's where Azure DevOps Environments and multi-staged Azure Pipelines come into picture! If you're actively using Azure DevOps and have all of your source code stored there, it can be easier and more lightweight for you to utilize Azure DevOps Environments as a deployment tool.
In this session I will talk about what Azure DevOps Environments are and what can be the benefits of using it. I will also share recommendations on how to group Kubernetes resources in ADO Environments based on my experience.
I will also demonstrate a whole flow from checking in your microservice to setting up an Azure DevOps Environment that will target an AKS cluster that the microservice will be deployed to, and a deployment stage in the build pipeline that will execute the deployment itself based on the newly created ADO Environment.
We'll also take a look at additional policies and checks you can set up for an ADO Environment in order to implement even more granular control over your deployment to critical environments like production environment.
Finally, we'll take a look at how much information you can retrieve directly from Azure DevOps once the application is deployed in AKS, both when it's running successfully and when something goes wrong and starts failing - without the need to interact with AKS cluster directly or learn kubectl :)
When you're a developer in a cloud native, microservice world you probably imagine that you're lying somewhere on a beautiful, sandy beach with a tasty drink and only focusing on delivering application code for the new microservice? Well, in reality it's not that simple. Before the new microservice can reach production you must:
- Know and comply with tens or even hundreds of coding guidelines,
- Know how to create build and deployment pipelines,
- Know how to implement automated security checks,
- Know how to containerize the microservice and configure Dockerfile,
- Know how to create a Helm chart and add proper configuration to securely and sustainably deploy the microservice to Kubernetes,
- Know how to define a deployment target to actually execute the deployment to Kubernetes,
...and the list goes on....All in all, as a developer, you may suddenly need to gain a lot of new knowledge and competence in order to be able to deliver a new microservice - not only in the software development domain, but also in the area of DevOps or even DevSecOps.
So, how can we help developers to stress less and focus on bringing value to the application itself? And at the same time how can we ensure that development and deployment of microservices is done in the same, standardized way by different developers and that established policies, coding and security guidelines are being followed?
In this session I would like to show how dotnet custom templates can help you with that. We'll take a look at what dotnet custom templates are, how you can create a template collection, what you can include in such a template and how a developer can start using it.
By making it more realistic I'll put myself in the shoes of a developer that needs to create a new microservice, add it to source code in Azure DevOps and deploy it AKS. I will use a dotnet custom template for this purpose and demonstrate the whole flow: from the point we execute a dotnet custom template until the microservice is up and running in AKS. During the demo we'll briefly take a look at multi-staged Azure Pipelines, Azure DevOps Environments and automatic security controls that can be integrated in the build pipeline for a .NET microservice.