I am trying to setup a cloud service of n dedicated roles acting as a dedicated cache (https://www.windowsazure.com/en-us/develop/net/how-to-guides/cache/#getting-started-cache-role-instance).
I would like to have a single cloud service providing memcache to all other roles (in other cloud services). Looking to Microsoft's samples, I only can find cloud service deployments with some dedicated cache roles (config with autodiscover=true).
Is it possible to have just a single cloud service providing the feature to the other services?
Anyone can show me a sample (just how to configure security for the host & clients)
Thanks
I reached Microsoft and they told to me: this is not possible at the moment (without custom solutions). The current cache only works with the self deployment. More info at:
http://msdn.microsoft.com/en-us/library/hh914161#Concept_CacheClusters
Good news, will be possible in the future.
You could use SASL for auth - https://code.google.com/p/memcached/wiki/SASLAuthProtocol.
Related
Having read
"The Microsoft Antimalware Client and Service is installed by default in a disabled state in all supported Azure guest operating system families in the Cloud Services platform.
...
When using Azure Websites, the underlying service that hosts the web app has Microsoft Antimalware enabled on it. This is used to protect Azure Websites infrastructure and does not run on customer content."
here: https://learn.microsoft.com/en-us/azure/security/azure-security-antimalware
it appears that although the underlying execution environment is scanned and protected, nothing prevents the deployment of infected files (contrary to the response given here: https://stackoverflow.com/a/44805995/8354791).
And therefore the service needs to enabled.
It also appears this can only be done so via powershell, using the Set-AzureServiceAntimalwareExtension command, as per https://stackoverflow.com/a/25847270/8354791 and Powershell: Add Diagnostics/Antimalware to Azure PaaS Cloud Service using ExtensionConfiguration Parameter
Q: the link is a bit old (2015). Is powershell still the only way to turn on debugging for an App Service?
Q: is the analysis of the above text correct that MS is scanning its own environment, but exclude the scanning of files deployed to their services?
Q: is there a cost to enabling this service?
Q: What is the relationship to Malware Assessment (https://learn.microsoft.com/en-us/azure/log-analytics/log-analytics-malware)? Is that a more current way of scanning Web Apps?
Q: this is a manual approach, using Powershell. Is there a link to understanding how to enable this service using an CI/CD deployed ARM template?
Q: I see this service is mentioned as a solution for scanning deployed code files -- but can this service be used to scan Blobs where uploaded media would be stored?
I know I've asked a lot of questions...but hopefully you agree they are all tightly related...
Thanks immensely!
Azure App Service is a managed platform. Microsoft Antimalware Client and Service is enabled by default on app service instances, there is no user action that allows enabling/disabling this feature for apps hosted in App Service.
All of the documentation you are referencing is about "Azure Cloud Services" and "Azure VM's" and not Azure App Service. Here is the security documentation for Azure App Service: https://learn.microsoft.com/en-us/azure/app-service/app-service-security-readme
Malware Assessment is part of OMS suite and its an additional tool for managing large deployments and detecting instances that might be affected by malicious code.
Is there a way on the management GUI to setup Azure DNS like you would setup all their other services?
The only instructions I can seem to find are for doing it on powershell or creating a DNS server
Currently the only way to set up Azure DNS is via Powershell or REST API! There is no GUI frontend. (I imagine it is on the Azure Team's todo list somewhere!
If using a 3rd party tool is an option, may I suggest you take a look at Cloud Portam. In short, it is a browser-based application for managing your Azure resources.
Recently we released Azure DNS management functionality in there. You can learn more about Azure DNS functionality in Cloud Portam here: http://www.cloudportam.com/features/azure-subscription/dns.
Full Disclosure: I am builder behind this tool.
Because of the limited region availability of deploying Azure Mobile Services, I am investigating deploying the service to Azure Websites. I can deploy the service to a website using the deployment profile easy enough and everything seems to work.
I was just wondering if anyone has had any experience in doing so? Limitations compared to the official Mobile Service hosted deployment? And any specific required changes to typical code?
Having implemented this and using it for the past few months, these are the results I found.
Minimal changes are needed except manually specifying config values as app settings vs the mobile services configuration. I am using Azure AD authentication and the required keys to be configured in Azure websites app settings were
MS_MobileServiceName
MS_MobileServiceDomainSuffix
MS_MasterKey
MS_ApplicationKey
MS_AadClientId
MS_AadTenants
MS_AadAudience
I wrote about the changes here https://pontifex.azurewebsites.net/azure-mobile-services-hosted-in-azure-websites/
Could someone please confirm whether it's possible to make user of Azure Dedicated Cache using normal console application OR it should be the azure project?
If you're using In Role caching, then it would only work from within your roles that too within the roles in your cloud service. You can't use In Role cache outside of your roles.
If you want your cache to be accessible from outside of your roles, you may want to look into Windows Azure Caching Service which is in preview currently. From whatever documentation I have read about it, my understanding is that this cache can be shared among various cloud resources (Cloud Services, Web Sites, VM etc.). Going by that, I would assume that this cache should be available to your console application also. Check out this blog post from Scott Guthrie: http://weblogs.asp.net/scottgu/archive/2013/09/03/windows-azure-new-distributed-dedicated-high-performance-cache-service-more-cool-improvements.aspx.
You can have a console app for development purposes, but if you want to access with a decent latency, you would anyway have to use cloud.
We are thinking of using Windows Azure for simulation. ~100 VM nodes each working on it's problem set and reporting back the result to a Master node.
I have created VM instances from the web UI. In order for this to work, we would need to use Azure API to bring servers up and shut them down once they are done.
Does anyone have any experience with something like this? I am looking for advise, gotchas etc.
thanks.
You sure can do it and I have helped other to make it happen on hundreds on nodes. Take a look at Windows Azure Rest API to configure your role as described here. While others may have other idea, I think the general steps would be as below:
Create a master machine or a webrole to manage your roles using REST API
Create a worker role instance and use it to clone multiple instances as if needed
Use REST API to start and shutdown worker role along with update the instance count when in need
Use Azure Boot Strapper to bootstrap the VM depend on your requirement
Azure REST based Service Management API can work from a web app or a standalone app, so you can also have a web role to make it happen from anywhere in world. This way you don't need any on premise components at all as it will be totally cloud solution. If you need any help on creating web role I sure can help.
You can provision Virtual Machines using Service Management REST API (there's also a managed API on NuGet).
But in your case you might want to consider using Cloud Services (PaaS). With Cloud Services you simply build your application, you package it and deploy it. Then using the portal or the management API you can simply configure the number of instances. There is even a command line tool (csmanage.exe) which allows you to to change the number of instances through the service configuration.