Category Archives: Infrastructure

Reliable and scalable infrastructure: Traffic

This is a series of posts: Introduction Principles Layers Traffic (this post) Secrets Now you have multiple environments, each consisting of multiple data centers, each consisting of multiple scale units. How do you wire up them all together to be … Continue reading

Posted in Infrastructure | Tagged , , , | Leave a comment

Reliable and scalable infrastructure: Layers

This is a series of posts: Introduction Principles Layers (this post) Traffic Secrets When designing your service’s infrastructure, you need to remember that your deployment (or scale, more below) unit can go down at any point of time for any … Continue reading

Posted in Infrastructure | Tagged , , | Leave a comment

Reliable and scalable infrastructure: Principles

This is a series of posts: Introduction Principles (this post) Layers Traffic Secrets First and foremost, you have to threat your service’s infrastructure as you threat your service’s code. In other words as infrastructure-as-code. This may include the techniques that … Continue reading

Posted in Infrastructure | Tagged , , , | Leave a comment

3 ways to assign access policy for user-assigned managed identity on key vault using ARM template

This post is a summary of my experience dealing with user-assigned managed identity and key vaults in Azure, it explores multiple ways to achieve the same result – how to assign access policies using an ARM template. Each of the … Continue reading

Posted in Infrastructure | Tagged , , | Leave a comment

How to configure Service Fabric to use AAD for client authentication

This blob post is intended to compliment the official doc which I personally don’t find helpful and comprehensive enough. The configuration that works for me consists of 3 parts: Cluster ARM template change AAD app for the cluster identity (let’s … Continue reading

Posted in Infrastructure | Tagged | Leave a comment

How to hook up child DNS zone into parent by updating its NS records using ARM template

Imagine a scenario: you have one global DNS zone in Prod subscription and several child DNS zones for each environment in their own subscriptions, e.g.: infra.example.com Subscription: Prod dev.infra.examle.com Subscription: Dev test.infra.example.com Subscription: Test prod.infra.example.com Subscription: Prod Each zone is … Continue reading

Posted in Infrastructure | Tagged , | Leave a comment

How to enable automatic clean up of provisioned application types on a Service Fabric cluster

As time goes by and you deploy applications, a new build every time what means a new application type is getting provisioned. Application packages are piling up and after some time old versions become just a clutter that eats up … Continue reading

Posted in Infrastructure | Tagged , , | Leave a comment

How to set access policy on Key Vault in another subscription aka How to deploy to resource group in another subscription using ARM template?

The model for my Service Fabric infrastructure consists of two major parts: Data Center (think Azure region) Scale Unit (think Service Fabric cluster and its child resources) But today due to the limitation around AAD first party application we decided … Continue reading

Posted in Infrastructure | Tagged , | Leave a comment

How to split array into string for Service Fabric cluster ARM template

In order to use a certificates for Service Fabric cluster issues by custom, non publicly trusted CA you’d need to supply a list of thumbprints of intermediate CAs. In a form of a comma-separated string. What means if you have … Continue reading

Posted in Infrastructure | Tagged , | Leave a comment

How to deploy Traffic Manager to a Sovereign cloud using ARM template

On other day I tried to deploy Azure Traffic Manager profile to a sovereign aka national aka government cloud but got an error: Code: BadRequestMessage: A policy with the requested domain name could not be created because the name example.trafficmanager.net … Continue reading

Posted in Infrastructure | Tagged , , | Leave a comment