The ID token is not yet valid. Make sure your computer’s time and time zone are both correct. Current epoch = 1689517128
- The ID token is not yet valid. Make sure your computer’s time and time zone are both correct. Current epoch = 1689517128. The id_token was: {
“aud”: “0xxxxb-461a-bbee-02f9e1bf7b46”,
“iss”: “https://login.microsoftonline.com/ddffxxxxxx1-a52e-f96d02fed6b6/v2.0”,
“iat”: 1689520008,
“nbf”: 1689520008,
“exp”: 1689523908,
“aio”: “ATQAy/8TAAAAxxxKyHtFIBqtMZJV3h9hgp9YzUU9RxxxQp54mWpV/NZzV1d”,
“name”: “System Administrator”,
“oid”: “cb508935-ad4f-4224-8ea4-3504125ee313”,
“preferred_username”: “admin@xxxx.onmicrosoft.com”,
“puid”: “1003xx04”,
“rh”: “0.AXwAvxxxltAv7WtpV3sATbjRpGu-4C-eG_e0a7AOg.”,
“sub”: “Hb5J9zYpwc7xxx3W-qgJOfG8jURyjUxGBXQH1g”,
“tid”: “ddff00bd-12xxxxxa52e-f96d02fed6b6”,
“uti”: “dD3jVWxxxxpAA”,
“ver”: “2.0”
}
At times, my WSL started behaving cranky with the above message. It’s apparent there is some timing variation (synching issue) btw my laptop and azure svc.
To fix, I have to run $ hwclock -s
Set the System Clock from the Hardware Clock. The time read from the Hardware Clock is compensated to account for systematic drift before using it to set the System Clock. See the discussion below, under The Adjust Function.
You can read more about by typing $ man hwclock and also test by calling $ hwclock –test
.NET Core – How to create a .NET GUI app which runs across the platform
One advantage of the new .NET Core (now .NET) apps is that they are cross platform. Once you create an app, the same code will run on Windows, Mac or Linux with no change. But there are some exceptions to this: WPF or WinForms apps are only for Windows. You cannot create a WPF app and run it on Linux, for example.
If you want to create a cross platform app, you will have to use another technology, like Blazor or MAUI. Blazor UI is based on Razor components and it’s not compatible with XAML, so it may be very difficult to convert. MAUI, on the other side, uses XAML and can be used to port your app to Mac, iOS or Android. But MAUI apps don’t run on Linux. If you want a Linux app, this is not the way. You can use Uno Platform, it can run on the Web (as a WebAssembly), Linux, Mac or Windows, or you also have the option of using Avalonia UI.
Avalonia UI is an open-source cross platform framework for .NET to develop cross platform apps using XAML. https://avaloniaui.net/
PS: Content is not mine.
AKS 2022 updates
Azure Kubernetes Service KubeCon NA 2022 Announcements
https://techcommunity.microsoft.com/t5/apps-on-azure-blog/azure-kubernetes-service-kubecon-na-2022-announcements/ba-p/3660682
Azure Kubernetes Service Microsoft Ignite announcements
https://techcommunity.microsoft.com/t5/apps-on-azure-blog/azure-kubernetes-service-microsoft-ignite-announcements/ba-p/3650443
Linux firewall and connectivity issues
Src: Todd Hammer, Microsoft
All Linux Distributions have a firewall in place, just because it comes with the kernel, but it’s inactive by default. If we’re having connectivity issues, then, the firewall is something we should check. Netfilter is the name for firewall in the Linux kernel, and we can talk with it using a command-line utility called iptables.
| List currently configured iptables | iptables -L |
| List main tables | iptables -t security -L iptables -t mangle -L iptables -t filter -L iptables -t nat -L |
| Clear all currently configured rules | iptables -F |
| Block connection to specific ip address | iptables -A INPUT -s <ip_address> -j DROP |
| Block connection to a ip addresses range | iptables -A INPUT -s <ip>/<netmask> -j DROP |
| Block connection to a specific port and ip address | iptables -A INPUT -p tcp –dport <port> -s <ip_address> -j DROP |
| Block connections to a specific port from any ip address | iptables -A INPUT -p tcp –dport <port> -j DROP |
| Add port in firewall(22 in example) | /sbin/iptables -A INPUT -m state –state NEW -m tcp -p tcp –dport 22 -j ACCEPT |
| Save changes you made | Ubuntu: sudo /sbin/iptables-save Red Hat/CentOS: sudo /sbin/service iptables save Others: /etc/init.d/iptables save |
| Listen open ports | sudo lsof -i -P -n | grep LISTEN sudo lsof -i:22 ## see a specific port such as 22 ## sudo ss -tulpn |
Now, some people’s distributions has their firewall in place so, you can use these commands (of course there are more options you can apply, read the manuals please) to check on them:
Red Hat/CentOS/SuSE
| Get current firewall status: | sudo systemctl status firewalld |
| Start/Stop Firewalld | sudo systemctl start firewalld/sudo systemctl stop firewalld |
| Enable/disable firewalld at system startup | sudo systemctl enable firewalld/sudo systemctl disable firewalld |
| List zones | firewall-cmd –get-zones |
| Check active zones | firewall-cmd –get-active-zones |
| List configuration | firewall-cmd –list-all |
| List allowed services | firewall-cmd –list-services |
| List allowed ports | firewall-cmd –list-ports |
| Allow a service | firewall-cmd –add-service=<servicename> –zone=<zonename> –permanent |
| Allow a port | firewall-cmd –add-port=<portnumber/protocol> –zone=<zonename> –permanent |
| Reload the firewall | firewall-cmd –reload |
Ubuntu
| Firewall status | sudo ufw status [verbose] |
| Enable/Disable firewall | sudo ufw enable/sudo ufw disable |
| Allow port for tcp/udp | sudo ufw allow <port_number> |
| Allow port for tcp | sudo ufw allow <port_number>/tcp |
| Allow port by service name (will check in /etc/services file) | sudo ufw allow <service> |
| Block outgoing traffic | sudo ufw reject out <service/port> |
| Delete a rule | sudo ufw delete reject out <service/port> |
| Deny tcp traffic from specific ip on specific port | sudo ufw deny proto tcp from <ip> to any port <port_number> |
| Reset firewall to its default state | sudo ufw reset |
| See application profiles available | sudo ufw app list |
| View information about a profile and its included rules | sudo ufw app info <app_name> |
| Allow an application profile | sudo ufw allow <app_name> |
| Enable logging to print firewall messages to -system log | sudo ufw logging on |
There is something called Security-enhanced Linux(SELinux) that can also block connections,
More information:
- iptables manual: https://man7.org/linux/man-pages/man8/iptables.8.html
- firewall-cmd manual: https://firewalld.org/documentation/man-pages/firewall-cmd.html
- Ufw manual: http://manpages.ubuntu.com/manpages/bionic/man8/ufw.8.html
Microsoft Ignite (Sep22-24) event recap & On-demand sessions
- Microsoft Ignite launches and announcements (Book of news) -> here
- Microsoft Ignite keynote by Satya -> here (58 mins)
- Complete list of all our sessions (800+ sessions) -> here
| Access on Demand | Title | Abstract | Track – Sub-track /Solution Area |
| OD202 | Best Practices of Running Cloud Native Applications on Azure | Join us to learn best practices to optimize costs and implement multi-layered security for your cloud native applications that cut across Azure Kubernetes Service and Cosmos DB. | Azure-Application Development |
| DB110 | Enterprise-grade Kubernetes on Azure | Gain an overview of latest and greatest of Kubernetes on Azure. Get Kubernetes up and running confidently, create consistent management across cloud and edge, and add efficiency to your operations and governance. | Azure-Application Development |
| OD225 | Code, collaborate, and ship from anywhere: Meet the Microsoft Developer Cloud | Join this demo-filled session to learn how you can leverage the power of Visual Studio, GitHub (including Codespaces!), and Azure to keep productive, collaborate with your team in real-time, and deploy your code easily – especially if you’re remote or distributed. | Azure-Application Development |
| OD211 | Event-driven Applications with Azure Functions & Logic Apps | This session will showcase how you can automate workflows using event-driven messaging patterns with Azure Functions and Logic Apps. | Azure-Application Development |
| DB109 | Migrate, Modernize .NET applications on Azure | Learn how to modernize .NET Framework Apps, by migrating to App Service or porting to .NET core on Azure. We’ll cover the latest product updates, new options for networking, and increased performance. | Azure-Application Development |
| OD214 | Resilient DevOps Practices with Code to Cloud automation | Learn how to use GitHub Actions for Azure to easily create resilient code-to-cloud workflows that apply governance best practices with Azure Policies, scan Azure Containers, and more. | Azure-Application Development |
| DB105 | .NET App Modernization and Migration from End to end, using data migration tools and Azure SQL | In this session, you’ll learn about an end-to-end scenario that takes customers through the application migration process, and how that relates to the data migration. This demo heavy session will help you understand the tools and services (and what’s new!) required in winning customer engagements and migrating their workloads to Azure. | Azure-Data |
| OD224 | Azure SQL: What to use when and updates from the Product Group | Come learn about the latest capabilities in the Azure SQL family (VM, SQL Managed Instance, SQL Database) in the past year, along with the latest “game changers” that Azure SQL brings to the table for organizations, including hyperscale, serverless, intelligence, and more. | Azure-Data |
| OD205 | Building modern apps with Azure Cosmos DB serverless and Azure Cache for Redis enterprise | In this session, you will learn about two Azure services developers use to build fast and responsive applications. First, you’ll be introduced to the new serverless model for Azure Cosmos DB, the fast NoSQL database built to run mission-critical applications at any scale. Then, you’ll take a tour of Azure Cache Redis, a fully managed cache service that helps applications scale as they gain more users, and the powerful new integration of Redis Enterprise in partnership with Redis Labs. | Azure-Data |
| DB111 | Building real-time enterprise analytics solutions with Azure Synapse Analytics | In this demo rich session we’ll showcase the latest Azure Synapse Analytics capabilities for developing end-to-end solutions for real-time analytics, data warehousing, and machine learning | Azure-Data |
| OD213 | How Delta Lake with Azure Databricks can accelerate your big data workloads by 100x | Delta Lake empowers you to build reliable Data Lakes at scale. Come learn how you can leverage the new and advanced features of Delta Lake on Azure Databricks to easily transform your big data analytics and machine learning workloads. We will discuss Apache Spark optimizations like file compaction, Z-Order partitioning, schema evolution, unified batch and streaming, time travel, and how you can set expectations on data quality. | Azure-Data |
| DB119 | New innovations on Azure Database for MySQL and Azure Database for PostgreSQL to turbo charge application development | Flexible Server is a new deployment option for Azure Database for PostgreSQL and MySQL, our relational open source database services. This new deployment option gives you more control of your database configuration, maintenance, and tuning—enabling you to better optimize your workloads. Flexible Server for Postgres and MySQL also gives you zone redundant high availability plus the ability to Stop/Start your database to optimize costs. | Azure-Data |
| OD217 | Real-time analytics and BI using Azure Synapse Link for Azure Cosmos DB | In this session, we will cover how you can build real time BI dashboards with deep granularity using Azure Synapse and Azure Cosmos DB. Learn how to enable no-ETL analytical processing on real time operational data with no performance impact on mission critical operational workloads. Azure Synapse Link for Azure Cosmos DB is Microsoft’s cloud-native implementation of hybrid transactional/analytical processing (HTAP). | Azure-Data |
| OD220 | Running cost effective big data workloads with Azure Synapse and Azure Data Lake Storage | Learn how you can migrate expensive open source big data workloads to Azure and leverage latest compute and storage innovations within Azure Synapse and HDInsight with Azure Data Lake Storage to develop a powerful and cost effective analytics solutions. | Azure-Data |
| OD229 | AI customer use cases and learnings | In this session, the AI Platform Customer Engineering (ACE) we will share learnings and best practices from our AI customer engagements by using Machine Learning and AI Platform technologies. | Azure-AI |
| DB103 | Building AI-powered applications with Azure Cognitive Search | Azure Cognitive Search allows customers to find relevant content and insights in your application. In this session, we take an open dataset of research papers on COVID-19 and leverage Azure Cognitive Search to help first responders and medical professionals better search through all types of content and make sense of the research. We will dive into the techniques used and share samples, so you can walk away with the understanding of how to build a similar solution using Cognitive Search. | Azure-AI |
| DB120 | Fast-Track development of production-ready ML models with Azure Machine Learning | We’re making machine learning possible for all skill levels with Azure Machine Learning. Data labeling provides a central place to create, manage and monitor labeling projects which aids in generating labeled datasets in minutes. Designer capability is a powerful yet simple drag-and-drop authoring environment with no code needed. Automated ML helps developers and data scientists build models without understanding the complexity of featurization, algorithm selection and hyper parameter tuning. | Azure-AI |
| OD210 | Managing your ML lifecycle with Azure Databricks and Azure Machine Learning | Machine learning development has new complexities beyond software development. There are a myriad of tools and frameworks which make it hard to track experiments, reproduce results, and deploy machine learning models. Learn how you can accelerate, collaborate and manage your end-to-end machine learning lifecycle on Azure Databricks using MLflow and Azure ML to reliably build, share, and deploy machine learning applications using Azure Databricks. | Azure-AI |
| DB106 | What’s new in Azure Cognitive Services | Do you want to find anomalies in data to quickly identify and troubleshoot issues? Or analyze how many people are keeping their six feet of social distancing in your store? From the introduction of the new Metrics Advisor service to the public preview of our new spatial analysis feature in Computer Vision, this session will provide an overview of the new services and features in Cognitive Services. | Azure-AI |
| OD286 | What’s new and what’s coming in Microsoft Cloud App Security with the hyper focus on remote work | Every organization on the planet is looking for ways to improve their security while being effective and efficient from remote locations. With the release of our new Forrester Total Economic Impact report, there is some very strong data to justify your investment: Microsoft Cloud App Security is the most uniquely integrated CASB on the planet. | Security-Security |
| DB165 | Save money by securing access to all your apps with Azure Active Directory | Azure Active Directory helps you provide secure access to all your apps, but do you know how to take full advantage of single sign-on and the rich app ecosystem Microsoft offers? Come to this session to learn about what Microsoft is doing to make it easy to connect with the apps you care about, build identity into the apps your organization needs, and manage access efficiently while providing ease-of-use to your workforce. | Security-Identity |
| OD274 | Simplify authentication and authorization with the Microsoft identity platform | Join this session and learn how to build great single sign-on experiences on mobile and in the browser. This session will cover how browser privacy is evolving and how to ensure single sign-on for your web applications can still be great by switching to MSAL.js 2.0. We’ll also cover how to take advantage of the Authenticator app to provide a seamless single sign-on experience for your iOS and MacOS apps. Finally, we’ll show you how to upgrade your apps from ADAL to MSAL. | Security-Identity |
| OD276 | Ninja skills: manage your Conditional Access policies at scale | Microsoft Conditional Access is a powerful policy-based security tool to help you set access controls for the right balance of security and productivity for your business. Did you know that Microsoft Graph, with its rich set of feature APIs, can help you take your Conditional Access policies to the next level? Did you know that you can apply policies to Office 365 suite? Come learn how you can code your policies, deploy policies at scale, and take your identity-driven security to the next level. | Security-Identity |
The Future of .NET is .NET 5
https://myignite.microsoft.com/sessions/338ab7e7-0c86-47b2-b928-9b93c2503a30
What’s New in Azure Storage
https://myignite.microsoft.com/sessions/2561e297-176e-4dac-aefa-305504641dd5
What’s New in Azure Networking
https://myignite.microsoft.com/sessions/a45e90d1-f609-4af8-9458-c197c3d29f84
What’s New in Azure Compute
https://myignite.microsoft.com/sessions/568c6a96-03ab-4ea3-91ab-1d1047ce041d
Five questions you should be asking your team about reliability…
https://myignite.microsoft.com/sessions/6a8c4daf-40ea-473c-8534-7ed0668d7521
Intro to GitHub
https://myignite.microsoft.com/sessions/93f49a5f-71f9-4036-afcf-6cdcbb8abf05
Migrate, Modernize .NET applications on Azure
https://myignite.microsoft.com/sessions/38b4d134-d7bd-4104-8d63-a70dd2570654
Migrating an ASP.NET web application to Azure App Service
https://myignite.microsoft.com/sessions/8ae811a8-4a4b-4ede-a48c-b6fca33751b6
Roadmap to developing enterprise apps on Windows
https://myignite.microsoft.com/sessions/74fe1738-eab2-45fb-a508-49bfcfac0001
7 ways to optimize your Azure costs (30 mins)
https://myignite.microsoft.com/sessions/6c48f069-210d-4d0f-8f07-1cfff17bc7b3
Find, try, and buy solutions with ease in Azure Marketplace
https://myignite.microsoft.com/sessions/6e0827f9-1e21-43cd-b2ea-472d007ee981
[Linux] Steps to install and configure sysstat package for monitoring.
Sysstat is a System performance tools for the Linux operating system -> https://github.com/sysstat/sysstat
Steps to install and configure sysstat package for monitoring.
Step 1: SSH to the server as root user.
Step 2: #dpkg –l sysstat* ? to check if sysstat is already installed.
The output will be like this if it is installed. Then jump to step 4 and configure sysstat on both the VM’s
root@ubuntu:/var/log/sysstat# dpkg -l sysstat*
Desired=Unknown/Install/Remove/Purge/Hold | Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend |/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad)
Name Version Architecture Description
=============================================-================
ii sysstat 11.2.0-1ubuntu0.1 amd64 system performance tools for Linux
root@ubuntu: /var/log/sysstat#
The output will be like this if it is not installed. Then you have to proceed with step 3 and then step 4.
root@ubuntu: /var/log# dpkg -l sysstat*
dpkg-query: no packages found matching sysstat*
Step 3: apt-get install sysstat
Step 4: $ vim /etc/default/sysstat
change ENABLED=”false” to ENABLED=”true”
Step 5: $ vim /etc/cron.d/sysstat
Change
5-55/10 * * * * root command -v debian-sa1 > /dev/null && debian-sa1 1 1
To
*/2 * * * * root command -v debian-sa1 > /dev/null && debian-sa1 1 1
save the file
Step 6: service sysstat restart
After installing you will find directory in /var/log/sysstat. We need also need that sysstat report.
-
Recent
- The ID token is not yet valid. Make sure your computer’s time and time zone are both correct. Current epoch = 1689517128
- .NET Core – How to create a .NET GUI app which runs across the platform
- AKS 2022 updates
- Linux firewall and connectivity issues
- Microsoft Ignite (Sep22-24) event recap & On-demand sessions
- [Linux] Steps to install and configure sysstat package for monitoring.
- Azure Security Enablement – Centralized place for all the links
- Presenting tech session with stories [linkedin learning notes]
- gRPC using .NET core notes
- .NET in 2020 (Build recap)
- #KubeCon CNCF – North America 2019 watchlist
- AKS CLI Sheetcheat for the labs
-
Links
RSS
//Cloud notes from my desk -Maheshk 