Blah, Blah, Blah, Blah De Blah, and I’m back in the room!

January 29, 2013 8:26 pm /

WARNING: This post has no clear value except to start me blogging again.

It has been a while since I last posted.

Since my last post, I’ve worked on some of the biggest Windows Azure projects, had 2 vacations, spoken at several conferences, changed jobs TWICE, moved office, moved house, made a doll’s bed & changed cars.

Looking back it was a very good year, but it was also an extremely busy year. There were many things I didn’t get to do as much as I wanted too. Cycling and blogging being 2 of the main ones.

  1. Cycling – because riding 18 miles each day actually counts as exercise and its a great way to de-stress and think.
  2. Blogging – because I find it incredibly useful to organize my thoughts into words. It also serves as a reference for when I forget things.

So the goal is to start doing these 2 things again. Wish me luck!

 

Posted in: Ramble, Thinking Out Loud

How to use Diagnostics.wadcfg to configure Windows Azure diagnostics collection

February 27, 2012 4:32 am /

When a role imports the Diagnostics module by using the service definition, the Diagnostics module looks for a file named “diagnostics.wadcfg” in the root directory of the role. This file can be deployed in the same place as your app.config/web.config file.

The file is used by the diagnostics agent to create the initial profile for collection. You can modify the settings after deployment using the PowerShell cmdlets I’ve talked about previously.

Here is a sample file. It should be pretty straight forward to understand. Note, times for seconds would be in the format PT30S, this representing 30 seconds.

<?xml version="1.0" encoding="utf-8" ?>
<DiagnosticMonitorConfiguration xmlns="http://schemas.microsoft.com/ServiceHosting/2010/10/DiagnosticsConfiguration" configurationChangePollInterval="PT15M" overallQuotaInMB="4096">
  <WindowsEventLog bufferQuotaInMB="1024" 
                   scheduledTransferLogLevelFilter="Verbose" 
                   scheduledTransferPeriod="PT10M">
    <DataSource name="Application!*"/>
    <DataSource name="System!*"/>    
  </WindowsEventLog>
  <DiagnosticInfrastructureLogs bufferQuotaInMB="1024"
                                scheduledTransferLogLevelFilter="Verbose"
                                scheduledTransferPeriod="PT10M" />
  <Logs bufferQuotaInMB="1024"
        scheduledTransferLogLevelFilter="Verbose"
        scheduledTransferPeriod="PT10M" />
  <PerformanceCounters bufferQuotaInMB="512" scheduledTransferPeriod="PT10M">
    <PerformanceCounterConfiguration counterSpecifier="\Memory\Available MBytes" sampleRate="PT5M"/>
    <PerformanceCounterConfiguration counterSpecifier="\Processor(_Total)\% Processor Time" sampleRate="PT5M"/>
    <PerformanceCounterConfiguration counterSpecifier="\Network Interface(*)\Bytes Sent/sec" sampleRate="PT5M"/>
    <PerformanceCounterConfiguration counterSpecifier="\Network Interface(*)\Bytes Total/sec" sampleRate="PT5M"/>
  </PerformanceCounters>  
</DiagnosticMonitorConfiguration>

All you really have to do is drop that file in the root directory of your role and you are done!

The documentation here, suggests that you would use code to configure diagnostics. If you have ever read any of my blog posts you probably know how I feel about that. (Note: for those that haven’t its just wrong to use code. Really ops should be supplying this file for production. You have an ops team right?)

THIS POSTING IS PROVIDED “AS IS” WITH NO WARRANTIES, AND CONFERS NO RIGHTS, UNLESS MY BROTHER GAVE YOU THE SECRET CODE.

Posted in: Windows Azure / Tagged: ,

Encrypting and Decrypting in Windows Azure

February 24, 2012 6:27 am /

When deploying applications to Windows Azure, you probably will be dealing with encrypted connections strings, passwords and other such things. If you have ever used Remote Desktop, you will have noticed an encrypted password, along with a certificate that is used to encrypt the password. You can of course do the same with your secret things too.

Doing this creates the need for a tool to encrypt such settings. There are a few posts out there that show how to decrypt the values in code (you can grab some from here), you still need a way for operators to create these values in the first place. I thought a couple of PowerShell scripts should do the trick nicely.

You will need the thumbprint of a certificate in the CurrentUser\My store, which would be the same cert you deploy with you Azure deployment in order to decrypt.

The Encrypt function looks like:

Function Encrypt($stringToEncrypt, $thumb)
{
    $cert = get-item cert:\CurrentUser\My\$thumb
    [System.Reflection.Assembly]::LoadWithPartialName("System.Security") | out-null
    $passbytes = [Text.Encoding]::UTF8.GetBytes($stringToEncrypt)
    $content = New-Object Security.Cryptography.Pkcs.ContentInfo -argumentList (,$passbytes)
    $env = New-Object Security.Cryptography.Pkcs.EnvelopedCms $content
    $env.Encrypt((new-object System.Security.Cryptography.Pkcs.CmsRecipient($cert)))

    [Convert]::Tobase64String($env.Encode())
}

The Decrypt function looks like:

Function Decrypt($EncryptedString, $thumb)
{    
    $cert = get-item cert:\CurrentUser\My\$thumb    
    [System.Reflection.Assembly]::LoadWithPartialName("System.Security") | out-null
    $encodedBytes = [Convert]::Frombase64String($EncryptedString)
    $env = New-Object Security.Cryptography.Pkcs.EnvelopedCms
    $env.Decode($encodedBytes)
    $env.Decrypt($cert)
    $enc = New-Object System.Text.ASCIIEncoding
    
    $enc.GetString($env.ContentInfo.Content)    
}

Usage is simple:

$pwd = Encrypt "TheDavidAiken" "39836617C1A2BBAC6F90C0224C31B019854C6659"
Decrypt $pwd "39836617C1A2BBAC6F90C0224C31B019854C6659"

Enjoy.

THIS POSTING IS PROVIDED “AS IS” WITH NO WARRANTIES, AND CONFERS NO RIGHTS, UNLESS YOU HAVE A NOTE FROM MY MUM

Posted in: Windows Azure / Tagged: , ,