Deploying Azure Policy using Terraform Module

While working on Azure, you might come across a requirement that says the resources being deployed should be in accordance with the organization’s policies. Suppose you might want to grant a particular or a set of permissions on the resource group or on the management group so that the owner of it should be restricted like denying deploying of resources by enforcing resource tagging, region enforcement, allowing approved Virtual machines (VM) images, and many more. 

In this blog, we will try to resolve these issues by applying Azure policies. 

First, let’s get familiar with the azure policy.

The azure policy is a service that has been designed to help you enforce different rules and to act based on the rule’s effect on your Azure resources. You can use it to create, assign and manage policies. Azure policy evaluates your resources for non-compliance with assigned policies and performs the assigned effect. 

Continue reading “Deploying Azure Policy using Terraform Module”

Trigger Jenkins Job using AWS Lambda triggered by S3 Event

The problem that we faced:

There was a cron scheduled in our environment at a particular time which used to run at 8AM. This cron read data from the s3 bucket and used to succeed but failed when there were no objects present.

Problem this Integration solves:

  • Eliminates the need of keeping a scheduler in the system. Lambda will work as a Scheduler.
  • No manual intervention will be required in case the file from one service is delayed by a minute or an hour due to any reason. 
  • Data exchange and processing between teams become more efficient and less error-prone.
  • Eliminates the need of checking the presence of files on S3. It all gets automated.

Workflow:

  1. The object is uploaded to S3
  2. S3 event triggers a Lambda function
  3. Lambda starts Jenkins job using Jenkins API
Continue reading “Trigger Jenkins Job using AWS Lambda triggered by S3 Event”

Kubernetes CSI: Container Storage Interface – Part 1

There are different application categories in the general application world, but we usually define them in two major types, i.e., stateless and stateful applications.

To have a clearer perspective, we can say that API-based applications are generally stateless, and databases are stateful. In simple words or definition, a stateless application is an application that doesn’t save or persists the client data. On the other hand, a stateful application saves data about each client and uses it for other requests.

In the older days, when we didn’t have a concept of containers and container orchestrators, there was a common way to manage both types of applications: server. For example- API and database-based applications get hosted on servers but with different configurations depending on the resource requirements.

Continue reading “Kubernetes CSI: Container Storage Interface – Part 1”

Deploying Terraform IAC Using Azure DevOps Runtime Parameters

While deploying your same terraform code manually multiple times you must have got through the thoughts:

  • If we can automate the whole deployment process and replace the whole tedious process with few clicks.
  • If we can dynamically change the values of terraform.tfvars.
  • If we can restrict the regions of deployments.
  • If we can limit our VM types to maintain better cost optimization.

In this article, we will touch upon these problems and try to resolve them in a way that the same concepts can also be applied to similar requirements.

Soo… Let’s Get Started !!!

First of all, we need to know what is Terraform & Azure DevOps.

Talking About Terraform: HashiCorp Terraform is an infrastructure as a code tool that lets you define both cloud and on-prem resources in human-readable configuration files that you can version, reuse, and share. You can then use a consistent workflow to provision and manage all of your infrastructures throughout its cycle. Terraform can manage low-level components like compute, storage, and networking resources, as well as high-level components like DNS entries and SaaS features.

Terraform Workflow
Continue reading “Deploying Terraform IAC Using Azure DevOps Runtime Parameters”

Pod Priority, Priority Class, and Preemption

 
While deploying the deployment manifest, we found that some of the critical pods are not getting scheduled whereas others are getting scheduled easily. Now, I wanted to make sure that the critical pod gets scheduled first over other pods. I started exploring pod scheduling and then came across one of the native solutions for Pod Scheduling using Pod Priority & Priority Class. So in this blog, we’ll talk about Priority Class & Pod Priority and how we can use them for pod scheduling.

Pod Priority

It determines the importance of a pod over another pod. It is most helpful when we need to schedule the critical pods, which are unable to schedule due to resource capacity issues.

Priority Class

It is a non-namespace object. It is used to define the priority. Priority Class objects can have any 32-bit integer value smaller than or equal to 1 billion. The higher the value, the higher will be the priority.

Pod Preemption

It allows the higher-priority pods to evict the lower-priority pods so that higher-priority pods can be scheduled, which is by default enabled when we create PriorityClass.

Continue reading “Pod Priority, Priority Class, and Preemption”