Archives For Platform as a Service (PaaS)


Microsoft Azure has a lot of options when it comes to provisioning environments and resources. In my last post about troubleshooting Virtual Machine allocations, I enumerated a few of these options and briefly mentioned that I favored destroying environments to shutting them down. In this post, I will try to give more context around my preference.
Continue Reading…


The Challenge

As developers, we deal with lots of complexity, and this is a good thing. It forces us to be creative, and sometimes to go beyond our known universe to overcome challenges.

Microsoft Azure is designed to help us make the right choices. It imposes performance targets through a multitude of mechanisms like throttling and quotas. One of which, I’m sure you have come to know, is that we cannot scale a Cloud Service to zero instances. Let’s stop for a moment and think about this limitation for a second. How would you creatively overcome this challenge? Continue Reading…


Having written about lifting and shifting a Console Application, I decided to mirror the scenario and describe how a similar method can be used to lift and shift a Windows Service to Microsoft Azure.

Moving a Service to Microsoft Azure

Every time I dig a little deeper into Azure, I’m amazed at how much there is to know. Having done a few projects with Cloud Services in the past, I thought it would be interesting to see if it was possible to lift and shift a Windows Service into an Azure Worker Role.

Lift and Shift: The action of moving a workload to a new environment, without altering the application’s code.

Continue Reading…


Opening Ports on Cloud Services

There are scenarios that warrants us to open ports of the Windows Firewall. Imagine an application that coordinates work across many compute nodes. The workload coordinator needs to know and manage each compute node.

The diagram above, depicts a Virtual Machine that has direct access to instances of a Cloud Service without going through a Load Balancer. Both the Virtual Machine and Cloud Service are deployed to a Virtual Network on Microsoft Azure. Using Internal Endpoints in this scenario, would not yield the desired configuration. Endpoints are defined at the Cloud Service boundary and are IP addresses belong to the Data Center’s Network Address Space. Therefore, In order to allow the Virtual Machine to communicate over specific ports to individual Cloud Service instances, we need to use PowerShell and a Startup Task to configure the Windows Firewall. Continue Reading…


Configuring Internal Endpoints

There are many scenarios where Internal Endpoints make sense. Imagine a web application that needs to communicate with a middle tier. The communication between both Cloud Services does not need to leave Microsoft Azure networks. The diagram above depicts a scenario where a Web Role has access to a middle tier Cloud Service without going through the public Internet.

Role instances running in a Cloud Service on Microsoft Azure communicate through internal and external connections that vary depending on the type of communication that is needed. An internal endpoint can connect by using a protocol of HTTP, TCP or UDP.

The configuration of an Internal Endpoint is done through the Service Definition. Below is the template used to describe what can be done in terms of Endpoint configurations.  Continue Reading…


Configuring Elevated Privileges

There are various scenarios that require us to execute applications with elevated privileges. It’s common for this requirement to surface during lift and shift efforts.

This configuration is done in the Service Definition file. It requires us to specify the Runtime Execution Context to elevated.

Runtime Configuration Template

This template uses the ProgramEntryPoint as an EntryPoint. Roles also support NetFxEntryPoint.

<Runtime executionContext="[limited|elevated]">
   <Environment>
     <Variable name="<variable-name>" value="<variable-value>">
      <RoleInstanceValue xpath="<xpath-to-role-environment-settings>"/>
    </Variable>
  </Environment>
  <EntryPoint>
     <ProgramEntryPoint commandLine="worker.cmd" setReadyOnProcessStart="true" />
   </EntryPoint>
</Runtime>

Continue Reading…


Deploying a Cloud Service to a VNet

In a recent post about Microsoft Azure Virtual Networks, I made the recommendation that Cloud Services should be deployed to Microsoft Azure Virtual Networks. The driving factor behind this recommendation comes from my personal real-world experience, where I learned the hard way, that moving a deployed Cloud Service to a Virtual Network meant downtime… Continue Reading…


Why are Virtual Networks Important?

As a developer, I used to forget about Virtual Networks. And to be fair, I shied away from pretty much everything that can be considered as infrastructure.

Microsoft Azure is a game changer! It requires Developers and IT Pros to collaborate on projects. Let’s take a moment to set things right. Developers and IT Pros are not competing against each other in this new world. They collaborate in order to produce value for the business and customers.

As we move to a Cloud First and Mobile First world, security is more important than it ever was. On Microsoft Azure, the first step towards securing your application resources is to create a Virtual Network. Continue Reading…