normalian blog

Let's talk about Microsoft Azure, ASP.NET and Java!

Azure Firewall の DNS Proxy 機能を利用して、Azure 外部の環境から Azure Private DNS を利用する

DNS サーバを利用した名前解決のうち、オンプレミス・パブリッククラウドを組み合わせた複数環境における閉域網での名前解決は特に複雑化することが多いです。Azure 環境の場合は Azure Public DNS や Azure Private DNS と呼ばれる機能がありますが、閉域網…

Azure と GCP を HA 構成の BGP VPN で接続する

昨今のシステム構築時は複数のプラットフォームを活用することが多いと思います。最も多いケースは特定のパブリッククラウド(Azure 等)とオンプレミスとの組み合わせだと思いますが、異なるパブリッククラウド(AWS, GCP 等)と接続して利用するケースも必…

Azure Front Door のログ情報を Kusto クエリで眺めてみる

前回は Azure Front Door に対してカスタムドメイン設定とBring Your Own Certificate (BYOC) 設定を行った場合のハマりどころについて紹介しました。今回は Azure Front Door のログデータを Log Analytics に送付し、Kusto Query をいくつか発行してデータ…

カスタムドメイン&BYOC で Azure Front Door を試した際のハマりどころ

その昔から Azure には Traffic Manager と呼ばれるリージョンレベルで負荷分散が行える機能がありましたが、同機能の位置づけはグローバル DNS 的なものであり、WAF 的な機能、URL の書き換え、SSL オフロードといった機能を利用したい場合、リクエストをリ…

Tips to attach Ultra disk to Azure VMs

I believe Ultra disks are essential for mission critical workloads - SAP, Oracle DB or other high IOPS workloads. Here are some tips to attach Ultra disks for your existing VMs. Confirm availability and zone for Ultra disk Ultra disk is no…

Tips to onboard for Azure Lighthouse

Azure Lighthouse is really cool feature to retrieve all Azure resources across Azure AD tenants who have owned by your customers or departments. It's sometimes required to retrieve Azure resources across Azure AD tenants especially if you'…

新型コロナ(COVID-19)のモデルナワクチン接種備忘録

昨今は日本でも大分ワクチン接種が盛んになってきたようです(2021年6月4日時点)。皆さんご存じの通り、米国側はかなりワクチン接種が進んでおり、つい先日は米国疾病予防管理センター(CDC)がワクチン接種が完了した人間はマスクを着用しなくても良いとい…

Store passwords and secrets securely by using App Service and Azure Key Vault on each environment without code changes

It was sometimes painful task to change settings, connection string and others depending on environment - production, QT, staging or development. It's also quite important to ensure to keep secret and security for others. As a solution for…

Execute Azure Automation Runbooks with Managed Identity

In past, it was required to execute Runbooks on Azure Automation by using RunAsAccount, but it's still mandatory to renew a self-signed certificate - as far as I remember, it would be annual. This renewal sometimes causes issues because so…

シアトル内で引っ越した際の住所更新手続き+引っ越し費用

3月頭にもともと住んでいた Bellevue downtown から車で10分くらいのところに引っ越しました。もろもろあって 1bed で手狭になったので、2bed の部屋に引っ越そうと思ったというのがモチベーションでした。住所変更で事務手続きを対応したのは以下です。渡米…

渡米3年たったので英語絡みの雑感アレコレ

明けましておめでとうございます。渡米してそろそろ3年ほど経った&英語がらみのことを質問されることが非常に増えたので、所感を交えつつで自分の経験でも共有したら役に立つ人でもいるのかなと思ったのでちょっとまとめてみました。ご参考になれば幸いです…

How to enable Azure Arc command line

Microsoft has offered Azure Arc to manage your Windows and Linux machines hosted outside of Azure, on your corporate network, or other cloud provider consistent with how you manage native Azure virtual machines. Its command lines have been…

Completely turn off your AKS clusters to reduce your cost!

As you might know, it was not possible to stop your AKS clusters completely because system pools are always required to be running. I have posted about this like below in past. normalian.hatenablog.comHere is quite useful feature to reduce…

Let's utlize Azure Front Door to route requests globally

Azure Front Door is useful feature to manage and monitor your web traffics with global routing. Azure Front Door enables you to manage and optimize your global(multi-regions) customers easily. I believe readers of my blog want to acquire p…

Azure NAT Gateway enables Azure VMs to access internet without assigning Public IP

I guess some folks are not familiar with Azure NAT Gateway because this feature is quite useful but it's a little bit hard to recognize use cases. Here are my idea for Azure NAT Gateway use cases. Azure VMs, attached with Standard Internal…

Access Azure VMs individually through Private Link connections

I have posted about Azure Private Link both for "private endpoint" and "private link service". You can acquire knowledge how to exclusively expose your endpoints to your other VNETs and how to utilize such endpoints from your VMs on other …

How to expose your endpoints exclusively by using "private endpoint" and "private link service" of Azure Private Link

I believe Azure Private LInk is really essential feature especially for enterprise customers because this feature enables to exclusively expose your Azure PaaS resources and Azure VM resources. At first, we should confirm again that Azure …

Object Replication - easiest way to replicate Block BLOBs into other regions?

Object Replication is a new feature for Azure Storage. This feature enable you to transfer BLOB objects into different regions easily with minimizing latency. You might know Data redundancy - Azure Storage | Microsoft Docs, but this featur…

Azure VMs cost reduction tips for dev and test environment

I believe Azure VMs is the most popular feature for all Azure users, and Azure VM usage would occupy most charge among your Azure billing. You will require high performance VM at the beginning because it would be needed to setup something …

Tips to utilize Windows Server containers on AKS

Microsoft has announced that Azure Kubernetes Service (AKS) supports Windows Server containers as GA. This is quite useful and essential feature to containerize your ASP.NET Framework applications. In this article, you can acquire tiny tip…

Manage authorization for your application with user account attributes

Azure AD offers quite useful features to manage accessibilities for your applications. I believe most Azure developers has already utilized user groups to assign privilege easily, but I guess many people don’t know “Dynamic User” user grou…

Reduce AKS clusters cost by setup zero node count for user mode node pools

Here is interesting article - Release Release 2020-04-13 · Azure/AKS · GitHub. You can find that "AKS now allows User nodepools to scale to 0" in the article. This feature enables to reduce AKS cost in your environments. I believe you woul…

Spot node pool limitation for AKS

Azure Kubernetes Service(AKS) recently offers spot node pool feature as preview - 4/30/2020 right now. This feature enable Azure developers to reduce VM costs by using spot VMs for AKS clusters. Refer to Preview - Add a spot node pool to a…

Upload Camera images into Azure Blob Storage by PowerApps

As you know, PowerApps offers a bunch of useful features to build up powerful applications easily. It's also possible to retrieve Microsoft Azure Platform not only Power Platform. You can acquire knowledge how upload images token by Camera…

Create Excel based simple apps with PowerApps

PowerApps support for various types of data sources. Of course, it's possible to connect with on-premise resources by using On-Premise Data Gateway not only Microsoft Azure data sources. In this article, you can acquire knowledge to build …

How to update texts on TextInput with button clicks on PowerApps

I believe it might be first challenge to update text of TextInput because it's a little bit far from intuition steps. Most easiest way to understand how to build up this is to test for yourself. Here is an one of simplest articles to descr…

How Hybrid Runbook Worker work on Azure Automation in practice

I believe many Azure developers have already utilized Azure Automation to automate your management, operation and other tasks to avoid human effort. Azure Automation is fully PaaS feature on Azure, but some cases you might need to integrat…

How to get started with Azure Lighthouse to manage Azure resources across Azure AD tenants

I believe some of Azure users might worry about how to manage Azure resources across Azure AD tenants. It should be an important topic especially Azure CSP users, because CSP subscription management is on the assumption of Azure AD tenants…

Whose accounts you can invite into EA Portal as administrator role?

As you know, you can utilize Azure EA Portal to create new Azure subscriptions to charge from your EA contract. Microsoft will send an invitation mail to an account which your company has own. The account will be invited as Enterprise Admi…

Where can you get Azure EA Onboarding Guide?

Almost of all EA Portal users complain about EA Portal because they can't find its manual, but you can download EA Portal manual from there. You can download "Azure EA onboarding Guide" just following an image below. Now, you can retrieve …