OpenSource

Azure Database for MariaDB: Public Preview

October 4, 2018 Azure Database for MariaDB, Managed Services, MariaDB, OpenSource No comments

During Ignite 2018, Microsoft has announced the availability of Maria DB support in Azure Database services. Today it has been opened for Public Preview for all Azure customers.

mariadbhero

What is MariaDB?

MariaDB is a community-developed fork of the MySQL relational database management system intended to remain free under the GNU GPL.Development is led by some of the original developers of MySQL, who forked it due to concerns over its acquisition by Oracle Corporation.Wikipedia

Azure Database for MariaDB: Public Preview Availability

The Azure Database for MariaDB service is now available in preview. It offers an enterprise-ready, fully managed database service that based on the Community Edition of MariaDB.

The service features open-source compatibility, built-in high availability, dynamic scaling, and flexible pricing. Customers can lift and shift to the cloud and use languages and frameworks of their choice, leveraging the power of MariaDB running on Azure.

To learn more about the service, view the service page, pricing, and documentation.

You can create a MariaDB server by using the Azure portal or Azure CLI.

More References:

Node.js 9.x.x and npm 6.x.x – “npm audit” to identify and fix security vulnerabilities in dependencies

June 3, 2018 JavaScript, Javascript Development, Modern Web Development, Node.js, NPM, OpenSource, Package Manager, Tech Newz, TypeScript, Web No comments

nodejs-npm

It has been a while I have been reading about the major changes that areintroduced in Node.js 9.x.x / NPM 6.x.x and myself faced by Node.js application going to a toss after I upgraded to Node.js 9.x.x, as I always keep Node.js up to date in my development environment.

I use NVM(Node Virtual Manager) to switch between different version of Node.js and I love the flexiblity NVM provides. So I was able to quickly switch back to 8.x.x version, when I figured out this change.

But npm packgage downgrade did not work using “npm install –g npm@5.x.x” due to old traces of 6.x.x   I had to clean up my npm cache and do npm install again.

Introduction – The “npm audit” command:

Recently with 6.0.0 NPM team has introduced many improvements such as :

a.) Provide protection against insecure code into the workflow during your npm install . When a user downloads code from the npm Registry, npm will review the request against the Node Security Platform database and return a warning if the code contains a vulnerability.

b.) Package signing for publishers.   npm-signature field will allow users of npm packages to verify the integrity of the package regardless of the tools they use to retrieve it or the registry from which they download it.

c.) Security auditing capability (which I am covering in this article).

The audit capability, which provides an ability to perform a security audit  on your project and dependency components.  To simplify it provides a moment-in-time security review of your project’s dependency tree.

  • It will scan your project for any vulnerabilities. 
  • You can choose the option to automatically install the compatible updates vulnerable dependencies.
  • Audit reports contain information about security vulnerabilities in your dependencies.
  • This report also contains necessary steps to be taken to fixe these vulnerability. For example, by running an npm install <package>@new-version.
  • It would work very well with your private/enterprise registries such as artifactory etc. 
  • It  will allow the developer to recursively analyze trees of dependent code to identify specifically what’s insecure.

The audit command submits a description of the dependencies configured in your project to your default registry and asks for a report of known vulnerabilities.

Quick Insight on the new commands:

  • npm audit      – Scan your project for vulnerabilities and just show the details, without fixing anything.
  • npm audit [—json]      – To provide report in Json format.
  • npm audit fix   – to scan and fix all vulnerabilities
  • npm audit fix –only=prod     – to skip updating devDependecies
  • npm audit fix –force  – will install semver-major updates to all top level dependencies.
  • npm audit fix –dry-run –json   – to do a dry run on the fixes and provide you a report.

NB: Npm audit fix runs a full  npm install under the hood, all configs that apply to the “npm audit fix”  will also apply to npm install.

References:

[NPM Tip] Error: self signed certificate in certificate chain

May 10, 2018 JavaScript, Javascript Development, OpenSource, TypeScript, Web, Web Development No comments

As a developer, if you are behind a corporate proxy that assigns an intermediatory self signed SSL certificate to every request to provide secure content filtering as part of cybersecurity measures, I am sure you might have gone through the pain to get it working when working with NodeJS.

if you have Admin access to your windows machine, you could simply try the following fix:

    • Simply Add an Environment Variable
Environment Variable Name: NODE_TLS_REJECT_UNAUTHORIZED, Value: 0

image

image

Hope that solves your problem.

[NPM Tip] Rewriting the default protocol for GitHub package references

May 9, 2018 JavaScript, Javascript Development, OpenSource, TypeScript, Web, Web Development No comments

Some times as a Modern Web Developer you will face some “npm install” as some of the packages would be referring to git/ssh protocol to reference private packages from Git Hub.

This would fail when you are behind a corporate proxy.

Rewriting the default protocol for GitHub, run the following snippet in your command line snippets:

git config --global url."https://github.com/".insteadOf git@github.com
git config --global url."https://".insteadOf git://

Introduction to Kubernetes

April 22, 2018 Cloud Computing, Cloud Native Computing Foundation, Computing, Emerging Technologies, Google Cloud, IaaS, OpenSource, PaaS, Platforms No comments

What is Kubernetes?

Kubernetes (a.k.a K8s) is an open-source system for automating deployment, scaling and management of containerized applications that was originally designed by Google and now maintained by the Cloud Native Computing Foundation.

What Kubernetes can do?
Kubernetes has a number of features in cloud computing world, it can be thought as a :

  • A container platform
  • A microservices platform
  • A portable cloud platform and a lot more

Kubernetes defines a set of building blocks (“primitives”) which collectively provide mechanisms for deploying, maintaining, and scaling applications. The components which make up Kubernetes are designed to be loosely coupled and extensible so that it can meet a wide variety of different workloads. The extensibility is provided in large part by the Kubernetes API, which is used by internal components as well as extensions and containers running on Kubernetes.

If you are interested  to know more, learn more about Kubernates  through Official tutorials:

Some useful online training is:

What’s Azure Container Service (ACS/AKS)

April 12, 2018 Application Virtualization, Azure, Azure Container Service, Cloud Computing, Cloud Services, Computing, Containers, Docker, Emerging Technologies, IaaS, Kubernates, Microsoft, OpenSource, Orchestrator, OS Virtualization, PaaS, Virtual Machines, Virtualization, Windows Azure Development No comments

I will start with history: Sometime around 2016, Microsoft launched an IaaS service called Azure Container Service a.k.an ACS serves as a bridge between Azure Ecosystem and existing container ecosystem being used widely by the developer community around the world.

kubernates_azureIt helps as a gateway for infrastructure engineers and developers to manage underlying infrastructure such as Virtual Machines, Storage, Network Load Balancing services individually than the application itself.  The application developer doesn’t have to worry about planet-scale of the application, instead, a container orchestrator can manage the scale up and scale down of your application environment based on peaks and downs of your application usage.

It offers an option to select from 3 major container orchestrators available today such as DC/OS, Swarm, Docker, and Kubernates.   ACS along with your choice of container orchestrators works efficiently with different container ecosystems to enable the promise of application virtualization.

To make it simpler, ACS is your Super Glue to gel your Azure infrastructure and your container orchestrator together. Means you will be able to make your fully managed container cluster in a matter of minutes with Azure.

ACS is for making your microservices dream come true, by providing individual services scale according to the demand and automatically reduce the scale, if usage is low. You don’t have to worry, ACS and your container orchestrator will take care of you.

If you are a beginner to container-based infrastructure for your applications, you don’t have to take the pain at all of setting up Kubernates on your own, instead, ACS will simplify your implementation with a couple of easier click thru’s and your container infrastructure is ready to be fully managed by you. As simple as that.

What is Azure Container Kubernates Service (AKS) then?

As I am writing today, Microsoft has a new fully managed PaaS service called as Azure Container Service (AKS) or Managed Kubernates, meaning that Kubernates would be your default fully managed container orchestrator, if you choose Azure Container Service. But you would be able to deploy other open-source container orchestrators if you prefer to choose to have your own unmanaged Kubernates, Docker or DC/OS and then add your specific management and monitoring tools.

This service is currently available in PUBLIC PREVIEW, you can get started from here

Means though it is a fully managed service, you still have the option to manage it your own using your preferred set of tools and orchestrators.

Charging Model

Whether you manage your AKS service with your own set of tools and orchestrator or you use Fully Managed Kubernates, you only need to pay for resources you consume. No need to worry about per-cluster charges like other providers.

Useful References: