Deploying a SailPoint IdentityNow Virtual Appliance in Azure

3rd of May, 2018 / Darren Robinson / No Comments

Introduction

The CentOS image that SailPoint provide for the IdentityNow Virtual Appliance that performs integration between ‘Sources’ and IdentityNow is VMWare based. I don’t have any VMWare Infrastructure to run it on and really didn’t want to run up any VMWare environments for this component. All my other infrastructure is in Azure. I’d love to run my VA(s) in Azure too.
In discussions with SailPoint I understand it is simply a case that they haven’t certified their CentOS image on Azure.… [Keep reading] “Deploying a SailPoint IdentityNow Virtual Appliance in Azure”

Preparing your Docker container for Azure App Services

22nd of August, 2017 / Hector Maldonado / No Comments

Similar to other cloud platforms, Azure is starting to leverage containers to provide flexible managed environments for us to run Applications. The App Service on Linux being such a case, allows us to bring in our own home-baked Docker images containing all the tools we need to make our Apps work.
This service is still in preview and obviously has a few limitations:

Only one container per service instance in contrast to Azure Container Instances,
No VNET integration.

… [Keep reading]

Making application configuration files dynamic with confd and Azure Redis

10th of August, 2017 / Hector Maldonado / No Comments

Service discovery and hot reconfiguration is a common problem we face in cloud development nowadays. In some cases we can rely on an orchestration engine like Kubernetes to do all the work for us. In other cases we can leverage a configuration management system and do the orchestration ourselves. However, there are still some cases where either of these solutions are impractical or just too complex for the immediate problem… and you don’t have a Consul cluster at hand either :(.… [Keep reading] “Making application configuration files dynamic with confd and Azure Redis”

Build from source and package into a minimal image with the new Docker Multi-Stage Build feature

5th of August, 2017 / Hector Maldonado / No Comments

Confd is a Golang written binary that can help us make configuration files dynamic. It achieves this by providing a templating engine that is driven by backend data stores like etcd, consul, dynamodb, redis, vault, zookeeper.

https://github.com/kelseyhightower/confd

A few days ago I started putting together a BYO load-balancing PoC where I wanted to use confd and Nginx. I realised however that some features that I needed from confd were not yet released. Not a problem; I was able to compile the master branch and package the resulting binary into an Nginx container all in one go, and without even having Golang installed on my machine.… [Keep reading] “Build from source and package into a minimal image with the new Docker Multi-Stage Build feature”

SSL Tunneling with socat in Docker to safely access Azure Redis on port 6379

3rd of August, 2017 / Hector Maldonado / No Comments

Redis Cache is an advanced key-value store that we should have all come across in one way or another by now. Azure, AWS and many other cloud providers have fully managed offerings for it, which is “THE” way we want to consume it. As a little bit of insight, Redis itself was designed for use within a trusted private network and does not support encrypted connections. Public offerings like Azure use TLS reverse proxies to overcome this limitation and provide security around the service.… [Keep reading] “SSL Tunneling with socat in Docker to safely access Azure Redis on port 6379”

Getting started with Ubuntu on Windows (Windows Subsystem for Linux)

5th of July, 2017 / Darren Robinson / No Comments

This week I was building in Azure a Linux Server (Ubuntu 14). I’d deployed my new Ubuntu Server and I went to connect to it. But I was on a brand new laptop. No tools with SSH installed. Damn. As I was about to go and get my usual windows favorite SSH tools I remembered a session of Build 2017 and Microsoft starting to talk more loudly about Windows Subsystem for Linux. Yes, Ubuntu on Windows, with SUSE and Fedora coming soon.… [Keep reading] “Getting started with Ubuntu on Windows (Windows Subsystem for Linux)”

Ubuntu security hardening for the cloud.

Hardening Ubuntu Server Security For Use in the Cloud

26th of October, 2016 / hughbadini / 1 Comment

The following describes a few simple means of improving Ubuntu Server security for use in the cloud. Many of the optimizations discussed below apply equally to other Linux based distribution although the commands and settings will vary somewhat.

Azure cloud specific recommendations

Use private key and certificate based SSH authentication exclusively and never use passwords.
Never employ common usernames such as root , admin or administrator.
Change the default public SSH port away from 22.

… [Keep reading]

Performance Tuning Ubuntu Server For Use in Azure cloud

8th of August, 2016 / hughbadini / 3 Comments

The following describes how to performance tune Ubuntu Server virtual machines for use in Azure. Although this article focuses on Ubuntu Server because it’s better established in Azure at this time. It’s worth mentioning that Debian offers better performance and stability overall, albeit at the cost of some of the more recent functionality support available in Ubuntu. Regardless many of the optimizations discussed below apply equally to both although commands and settings may vary occasionally.

Best practice recommendations from Microsoft.… [Keep reading] “Performance Tuning Ubuntu Server For Use in Azure cloud”

Deploy Hardened HA-Proxy Azure VM from VM Depot (Microsoft Open Technologies)

10th of October, 2014 / Andreas Wasita / No Comments

In this post, we will discuss how to deploy various VM image developed by community from VM Depot (Microsoft Open Technologies).

Microsoft Azure Cross Platform Command Line (X-Plat CLI)

I blogged Microsoft Azure Cross Platform Command Line previously. This post will continue to explore Microsoft dedication on Open-Source technologies.

Firstly let’s prepare quickly our tools to run Azure X-Plat CLI:

1. I am using my Windows machine. I run my Azure Command Prompt or You can use node.js… [Keep reading] “Deploy Hardened HA-Proxy Azure VM from VM Depot (Microsoft Open Technologies)”

Microsoft Azure Cross Platform Command Line Step by Step

24th of June, 2014 / Andreas Wasita / No Comments

Microsoft Azure is not just about Windows, Microsoft Azure also supports Linux workloads. Spinning up Linux VMs in Microsoft’s fabric offers alternative options for open-source technologies with Microsoft Azure services.

Microsoft also provides Azure Cross-Platform Command-Line Interface (X-Plat CLI) which is a set of Open-Source, Cross-Platform commands for managing Microsoft Azure platform. X-Plat CLI has few top-level commands which correspond to different set of Microsoft Azure features. Typing “azure” will list each of the sub commands.… [Keep reading] “Microsoft Azure Cross Platform Command Line Step by Step”