Compose is a tool for defining and running multi-container Docker applications.

Docker Compose

Very Important concepts to begin with:

From Web development standpoint, Docker compose is definitely one of the more exciting pieces of doctor. It’s a great way to automatically manage the life cycle of your application in the development environment and get it up and running and stop it.
With the docker-compose we can run it through a doctor compose build process. And this build process can actually generate images that we can then use to create containers.

Image for post
Image for post

Creating Docker-Compose File

Docker-Compose uses YAML files as inputs for creation of Services. The docker-compose file contain following fields : version, services, networks, etc. …

The Microsoft definition of Azure Monitor is a comprehensive solution for collecting, analysing, and acting on telemetry from your cloud and on-premises environments. But what exactly this really mean? Good logging and reporting are often not implemented at all in many project because many reasons.

Azure Monitor is the service that allows developers and DevOps engineers to make a stronger argument for making Monitoring a first-class citizen because of its efficiency, variety of features.

Azure Monitor can be divided into 3 main areas:

  • Insights : Azure Monitor includes several features that provide valuable insights into your applications and other resources that they depend on. …

The world of DevOps is continuously changing with constant idea of only one thing “Business Value”. An organisation has the expectation to continual delivery of new value, new capability for business and DevOps enables this.

And the most important is : In this new world of DevOps (Continuous Delivery/Continuous Deployment), we still need to ensure compliance and security are enforced.

Compliance Manager

In a compliance world, we have shared responsibilities related to configuration and compliance as customer and vendor. This is why Microsoft have these compliance solutions that show responsibility splits, enables us to track compliant state of the Microsoft services.

Compliance Manager: It has a number of templates built in related to a number of different requirements that we might want to adhere to, like for example : Infrastructure and virtualisation security. …

PowerShell is a task-orientated shell and scripting solution for Windows system administrators. But PowerShell DSC extends on that idea and provides a declarative syntax that enables people who don’t know anything about the particular IT resources they want to deploy to configure and maintain a particular state for that IT resource, even if they don’t know how to achieve that goal from a technical point of view.

PowerShell allows us to provide a configuration for each server, and ensure that every time the server is deployed, it gets deployed in exactly the same way with the same configuration, and that configuration is maintained for the lifetime of the device. …

What’s the big deal with DevOps and ARM templates for infrastructure? And why should business care about the latest version of something. What really counts is business value?

Now, Business value is what organisations expect from technology today, and they expect that value to be delivered quickly, efficiently, constantly, these constant builds of incremental value. And with Infrastructure as a Code (IaaC) is the first step to leverage the value.

What is Azure Resource Manager?

All of modern Azure functionality is built on the Azure Resource Manager management and deployment service that define all those resources that use JSON to declaratively.

Now there are very deep resource relationships. Often resources will reference and depend on other resources. Example : a virtual machine, It’s an entire object, it’s an instance of the virtual machine resource that’s defined in the Microsoft.Compute resource provider. Thus a VM depends upon Managed Disk, Storage Account, Network Interface Card, and Subnet and VNet and public IP or LoadBalancers. …

In this article, I am covering some of the important concepts behind Azure Role Based Access Control.

Security Principals:

An object that represents an individual, collection of individuals, an application or a service that requires access to an Azure resource, for example Azure WebApp, Azure VM or Blob Storage.

Now, these applications and services can be represented as a thing called a Service Principal.


The scope is the boundary that access applies to the following levels:

  • Management Group
  • Subscription
  • Resource Group
  • Resource

Why Azure RBAC?

Principle of least privilege is that only grant that access which is actually required rather than that access that might be required. And Role-based access control allows you to reduce the chance of unauthorised actions being performed. …

The SOLID principles are comprised of five individual principles for writing better software, especially in object-oriented languages. Let’s see one by one:

1. Single Responsibility Principle:

Class should have one, and only one, reason to change.

Image for post
Image for post

What is responsibility exactly means? : It’s a decision our code is making about the specific implementation details of some part of what the application does. Responsibilities in our code represent things that may change at different times and for different reasons. This is closely related to following points:

  • Loose Coupling: Loose coupling refers to approaches that can be used to support having different details of the application interact with one another in a modular fashion. …

Service Fabric is a core of Microsoft Azure Cloud, which enables many more services such as Cosmos DB, SQL Server, Cortana, and others, but also allows you to build our own back ends based on Microsoft’s years of rich experience.

Before starting getting in to Azure Service Fabric, let’s see how it differs from Kubernetes:

Image for post
Image for post

Programming Models

In general, there are four different approaches to create a microservice in Service Fabric.

1. Reliable Service:

Reliable Services are the easiest way to start with Service Fabric as they’re somewhat similar and sometimes identical to a usual Windows service or a Linux daemon application. …

ASP.NET Core is the latest web framework from Microsoft, and it’s engineered to be fast, easy, and work across platforms.

Internals of ASP.NET Core

One of the most important part of ASP.NET core project is Startup.cs and what makes this class files so special: ASP.NET Core instantiate this class and invoke two methods:

one method which is ConfigureServices, this gives us the ability to put our own custom services into ASP.NET Core, and then have those services injected into pages, and controllers, and anywhere we need them.

And then the other method ASP.NET Core will invoke on the Startup class is the Configure method. The Configure method is going to establish what middleware will execute for each incoming HTTP message. …

OWASP is Open Web Application Security Project. And here is list of Top 10 Web Security Attacks.

1. Injection

SQL Injection attack can lead to the complete and utter compromise of the database. It can mean that everything in the database gets exposed publicly and it can also mean that an attacker can modify or destroy anything within the database. Common Defences against Injection attacks:

  • Whitelists Untrusted Data
  • Parameterise the SQL statements
  • Finetune the Database Permissions

2. Broken Authentication & Session Management

This is one most important attacks because an attacker is able to log onto a system and impersonate the victim. This may happen by Auth cookie theft, Session Id theft or Account management theft.


Milind Chavan

An Azurer, Web developer, Technologist, Writer, Poet, Runner. Opinions are my own.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store