Thursday, January 10, 2019

AKS Cluster Autoscaler is now on Preview

Cluster autoscaler (CA) is designed to manage the resource demand when the resource demand increases. CA does a good job on scaling up and down the cluster when in need.

  • CA will periodically check the pending pods or empty nodes for increasing the size of the AKS cluster. If possible, it will increase. 
  • This happens so fast, it will keep scanning the pending pods for every 10 seconds. 
  • It will remove the node if it is not needed for more than 10 minutes. 
  • Horizontal Pod Autoscaler (HPA) will update pod replicas and resources when needed. (Need to use HPA with CA)
  • If not enough or excess, CA will respond and act on it.

Monday, December 31, 2018

Chef and Microsoft Azure

Have you ever wondered that what is the capability of Azure when you are using open source tools? Azure works great when using those products such as ‘Chef’. If you’re using Chef products or open source projects, there’s never been a better time to try Azure.
Microsoft has worked hard to make the partnership and collaboration with Chef to deliver automation tools that help you with cloud adoption. Now you can use chef directly in Azure Cloud Shell, as well as the new Chef Developer Hub in Azure Docs.
Why Chef
As everyone know there are number of tools to do the automation like Ansible and Terraform that are already available and Chef delivers the new feature called Chef Inspec and pre-installed and ready to use for every Azure user in the Azure Cloud Shell. This makes bringing your Inspec tests to Azure super-simple, in fact it’s the easiest way to try out Inspec – no installation or configuration required.

 

Chef Developer Hub for Azure

Microsoft has announced Chef Developer Hub, so Azure customers can more easily implement their solutions using Chef open source software. Whether you’re using Chef, Inspec or Habitat, you’ll find five-minute quick starts, tutorials and reference materials to help get you started and successfully build a solution. All of our docs are open source and hosted on GitHub.

Thursday, December 6, 2018

Protect Linux containers running in IaaS with Azure Security Center


These days most of the enterprises are transforming their monolith applications to run mission-critical, containerized cloud-native applications in production. Using Containers, they can achieve multiple advantages, both for developers and IT professionals. Easy and fast to deploy, immutable, and provide fast iteration are some of them. As the number of containers deployed continues to increase, security solutions need to be in place to provide you with visibility into the security state of your containers and help protect them from threats.
Microsoft Azure team is now providing you with several new capabilities to help you secure your containers.

1.     Visibility to the containers hosted on IaaS Linux machines

There is a new tab to display all virtual machines with Docker.

There is additional information that Security Center now provides, when user exploring the security issues of a virtual machine.
E.g.: Information related to the containers on the machine, such as Docker version and the number of images running on the host.



2. Security recommendations based on the CIS benchmark for Docker

By using security center AI technology Security center scans (Reads) user’s Docker configurations and gives you visibility into misconfigurations by providing a list of all failed rules that were assessed and gives quick fixes as well as it helps you to resolve the issues quickly and save time. Security Center continuously assesses the Docker configurations and provides you with their latest state.


3. Real time container threat detection

Real-time threat detection is searching for threats for the containers using Linux machines, AuditD component
The alerts identify several suspicious Docker activities, such as the creation of a privileged container on host, an indication of Secure Shell (SSH) server run inside a Docker container, or the usage of crypto miners. You can use this information to quickly remediate security issues and improve the security of your containers.





Monday, November 26, 2018

Azure Cognitive Services in Containers


To build solutions with machine learning, requires a data scientist. Now Microsoft is enabling the cognitive services to take advantage of AI with developers, without requiring a data scientist. This is happening by getting machine learning models and the pipelines and the infrastructure needed to build a model and packaging it up into a Cognitive Service for vision, speech, search, text processing, language understanding, and more.
The advantage of this scenario is it is possible for anyone who can write a program to now use machine learning to improve an application. But if the developer tries to create Large scale applications using AI they face many problems on that. To overcome the problems Microsoft is introducing container support for Cognitive Services, making it significantly easier for developers to build ML-driven solutions.
This allows developers to build big AI systems that run at scale, reliably, and consistently in a way that supports better data governance.

Friday, November 16, 2018

Customer Lockbox for Azure


Azure is always try to ease up your data as much as confidential and secure. To improve much more Azure is introducing Customer Lockbox for Microsoft Azure.
What it does:
Customer Lockbox for Microsoft Azure is a service which is integrated into Azure portal.It gives you explicit control in the very rare instance when a Microsoft Support Engineer may need access to your data to resolve an issue.
Some instances may occur where a Microsoft Microsoft Support Engineer requires elevated permissions to resolve this issue such like debugging remote access issue.On that scenario Microsoft engineers use just-in-time access service that provides limited, time-bound authorization with access limited to the service.

Friday, November 2, 2018

Azure Monitor for Containers


Microsoft Azure team has released a useful tool for Azure Kubernetes Service (AKS) called Azure Monitor - container health monitoring capability. And it’s in public preview right now and developers are welcome to work on it. This will Enables to developers to track the health and performance of your Azure Kubernetes Service (AKS) cluster. Later, Microsoft will release new features and updates to onboarding and the portal experience.

What is Azure Monitor for container

Azure Monitor for containers works as the performance visibility by collecting memory and processor metrics from controllers, nodes, and containers that are available in Kubernetes through the Metrics API and Logs even. After User enable monitoring from Kubernetes clusters, these metrics and logs are automatically collected for you through a containerized version of the Log Analytics agent for Linux and stored in your Log Analytics workspace.

Friday, October 26, 2018

Azure Monitor for virtual machines


In Microsoft Ignite Microsoft VM team have announced number of services and products that they are going to launch in near future. And one of its service was public preview of Azure Monitor for VMs which provides an in-depth view of VM health, performance trends, and dependencies.

How to access?

To view Azure Monitor for VMs, navigate to Azure VM resource blade and view details about VMs. From there users can identify compute issues at scale, and from the Resource Group blade to understand whether all the VMs in a common deployment are behaving as you expect.