.NET Core and Devops Part 3: Running ASP.NET Core Services in Docker

Welcome to the third in a series of articles focused on .NET Core from a devops perspective where I hope to demonstrate how we can practically start developing and deploying .NET Core applications on Linux.

In this article I will walk through how we can use Docker to containerise our ASP.NET Core services. This process will form the basis of our final end to end build and deployment process.

Part 1: Running our first .NET Core application on Linux

Part 2: Running our first ASP.NET Core service on Linux

Part 3: Running ASP.NET Core Services on Linux in Docker (This Article)

Part 4: Setting up a CI build and deploy pipeline for our ASP.NET Core Service using Docker

If you have experience of using Docker on Linux then great. If not then just follow along, you will start to see the possibilities that Docker can bring to your build and release process. I am going to be using the same Downcount ASP.NET Core Web API that I introduced in Part 2.

Continue reading .NET Core and Devops Part 3: Running ASP.NET Core Services in Docker

.NET Core and Devops Part 2: Running our first ASP.NET Core Service on Linux

Welcome to the second in a series of articles focused on .NET Core from a devops perspective where I hope to demonstrate how we can practically start developing and deploying .NET Core applications on Linux.

Part 1: Running our first .NET Core application on Linux

Part 2: Running our first ASP.NET Core service on Linux (This Article)

Part 3: Running ASP.NET Core Services on Linux in Docker

Part 4: Setting up a CI build and deploy pipeline for our ASP.NET Core Service using Docker

As a devops engineer working a lot on the Microsoft stack, it is second nature nowadays to automatically setup and configure farms of Windows web servers running IIS and deploy ASP.NET based web sites and services to them. But now with .NET Core and ASP.NET Core it is possible to run those same web sites on Linux.

In my opinion, one of the main motivations to use Linux is cost. In Azure, Linux VMs are approximately half the price of Windows VMs. A D2v2 Windows Server is about £122/month whilst a D2v2 Ubuntu server runs at £62/month. If you are working at scale in the cloud then that is going to equate to a huge cost saving.

In this series of articles I hope to demonstrate that moving to Linux is possible and practical with a real life example including all the automated configuration and deployment processes.

Continue reading .NET Core and Devops Part 2: Running our first ASP.NET Core Service on Linux

.NET Core and Devops Part 1: Running our first .NET Core Application on Linux

Welcome to the first in a series of articles focused on .NET Core from a devops perspective where I hope to demonstrate how we can practically start developing and deploying .NET Core applications on Linux.

Part 1: Running our first .NET Core application on Linux (This Aritcle)

Part 2: Running our first ASP.NET Core service on Linux

Part 3: Running ASP.NET Core Services on Linux in Docker

Part 4: Setting up a CI build and deploy pipeline for our ASP.NET Core Service using Docker

As a devops engineer working a lot on the Microsoft stack, it is second nature nowadays to automatically setup and configure farms of Windows web servers running IIS and deploy ASP.NET based web sites and services to them. But now with .NET Core and ASP.NET Core it is possible to run those same web sites on Linux.

In my opinion, one of the main motivations to use Linux is cost. In Azure, Linux VMs are approximately half the price of Windows VMs. A D2v2 Windows Server is about £122/month whilst a D2v2 Ubuntu server runs at £62/month. If you are working at scale in the cloud then that is going to equate to a huge cost saving.

In this series of articles I  hope to demonstrate that moving to Linux is possible and practical with a real life example including all the automated configuration and deployment processes.

Continue reading .NET Core and Devops Part 1: Running our first .NET Core Application on Linux

Starting and Stopping Azure Virtual Machines in Parallel

The commands Start-AzureRmVM and Stop-AzureRmVM give us a simple way to start and stop VMs in Azure. The only thing is, they work synchronously, so we have to wait for the whole startup or deallocation process to finish before the command returns. If you have to start up anything more than a few virtual machines then using these commands is going to take a long time. If you are working at serious scale in the cloud and are starting up tens or even hundreds of VMs at a time then using these commands is not going to be a option. It would simply take too long to start or stop them one by one. What we need is a way to run these commands asynchronously and startup/shutdown many VMs in parallel.

I want to demonstrate a few ways we can use multi threading in Powershell to achieve this.

Continue reading Starting and Stopping Azure Virtual Machines in Parallel

Custom Auto Scaling for Azure ARM Virtual Machines

Azure has always offered out of the box auto scaling for classic VM’s (virtual machines in cloud services) but for ARM virtual machines no such offering exists.

Azure does offer scale sets for auto scaling ARM VM’s but scale sets may not fit your workflow or you may have existing ARM virtual machine farms that you want to apply auto scaling to. I will demonstrate how we can use Azure VM diagnostics and Azure Automation to create auto scaling systems that can work using a variety of metrics and scale out (increase VM number) as well as scale up (increase VM size)
Continue reading Custom Auto Scaling for Azure ARM Virtual Machines

List all your resources in Azure

I want to share a handy script that lists out all the resources in your Azure subscriptions and exports that data to an excel workbook.

It really lists out every single Azure resource (classic and ARM) from virtual machines and NICS to automation accounts and alerts. There are also a few tricks in there to decorate the data with some extra information. e.g. whether a vm is powered on, what vnet it is in etc. You can use a similar approach to modify the script to output whatever data you are interested in.

The script is very useful at giving a quick overview of what your current azure usage is and is good for flagging up anything that shouldn’t be there.

Continue reading List all your resources in Azure

Auditing Management Certificates in Azure

The cmdlets Get-AzurePublishSettingsFile and Import-AzurePublishSettingsFile setup and configure management certificates in Azure and on the local machine to allow easy authentication to access classic resources in Azure.

man certs

I have seen several potential pitfalls with this approach.

  • Removing a user as co-admin on a subscription does not remove or invalidate the management certificates. Unless you have really on the ball Azure admins, this can leave users with full access to your classic resources even after they have been removed as subscription admins.
  • Management certificates can not be linked to specific users. This makes removing a specific users management certificates very tricky.
  • The anonymity of these certificates makes auditing user actions very difficult.

It is for all these reasons that I see the use of these certificates as a very big security risk and it is worth noting that the use of management certificates and publish settings has been deprecated for ARM resources.

In all the Azure environments I have worked in I have enacted a policy to disallow the use of management certificates completely and force all users and applications to authenticate into Azure using different methods (Azure active directory, service principals). The following scripts show how we can automate the auditing of these certificates and potentially automate the removal of unauthorised certificates.

Continue reading Auditing Management Certificates in Azure