Tips and tricks

Best Practices for Building Applications on Microsoft Azure

/ hownot2code / Leave a comment

Image Source

The demand for cloud-native application development is increasing on a daily basis. Cloud-native apps can provide benefits that traditional apps can’t, including high availability, automatic resource provisioning, and auto-scaling. These applications also help organizations and developers maintain their competitive edge.

In this article, you will learn best practices for cloud-native application development on Azure, including tooling for creating and deploying your first Azure-native application.

What Are Cloud-Native Applications?

The simplest definition of cloud-native application is an app you develop for use in the cloud. The app’s design completely adheres to the cloud environment it was designed for.

This definition differentiates between a cloud-based application and a cloud-native application. Cloud-based applications are apps that are hosted in the cloud, but were not built for this environment.

The Cloud Native Computing Foundation (CNCF) extended this definition, and added their own criteria of cloud-native apps. CNCF defines the cloud-native approach as the use of microservices-based and containerized software that can be dynamically orchestrated.

Best Practices for Cloud-Native Application Development on Azure

You might think that, with CNCF’s extended definition of cloud-native you can just go ahead and develop apps that are native for all clouds. However, every cloud has its own structure, capabilities, resources, and features. Below, are four aspects of the Azure cloud that you should take into consideration when developing Azure-native apps.

1. Use Azure backup and smaller Virtual Machines (VMs)

Hardware failures can occur at any given moment. To avoid data loss, you should backup your cloud environments. Small-sized VMs are more immune to failures than large-sized VMs because of their transient local storage. This is why you should avoid large VMs unless they are really necessary. Instead, you can utilize the Azure Backup feature that maintains the disk-based replicas on multiple locations for on-premise or online applications.

2. Use autoscaling

Autoscaling enables you to use only the resources you need when you need them by leveraging dynamic resource allocation. Autoscaling can also help reduce the cost of running your applications. Design your applications to be horizontally scalable to get the maximum performance and cost benefits. Apps usually don’t need more powerful processors, they distributed workloads.

Try not to tie your code to specific cloud instances when developing your application. Specific instances can limit scalability and availability. You can create a scheduled autoscaling policy, if you expect a high traffic volume at specific times. This policy can start instances before your demand increases.

3. Understand Azure storage and database options

Azure offers solutions for relational database management systems (RDBMS), as well as big data workloads. Azure database and storage options include blob storage, table storage, file storage and more. You can easily migrate databases to Azure using Azure Migrate or third party migration tools.

Table storage does not support the features of the relational database and indexing. Use it to store unstructured data. Leverage Azure SQL Database in case of complex data manipulation and queries. However, you need to understand the limitations of Azure SQL shared database before starting working with it. Limitations include the lack of authentication on SQL Azure, and the lack of high availability features like backup and restore.

4. Focus on security

The isolated services of cloud-native approach can make your applications more secure than traditional applications. However, cloud-native applications do not provide better security by default.

  • Conduct penetration tests — to find vulnerabilities inside your environment and apps.
  • Monitor app traffic and log your application activity — this data can help you detect threats and alert you when your application becomes unavailable.
  • Shut down remote debugging features — when you’re done troubleshooting your app. Attackers can use remote debugging features to modify your application code.
  • Use HTTPS for communication — any incoming and outgoing traffic should be passed through HTTPS. HTTPS can help ensure that transmitted data isn’t modified or rerouted.

Tools to Create and Deploy Azure Applications

Microsoft Azure offers a couple of ways to build and deploy applications, as explained below.

Azure App Service

Azure App Service enables you to build and host RESTful APIs, mobile, and web apps without managing infrastructure. Azure App Service provides all the necessary tools to create apps for particular business needs.

Moreover, developers can use any programming language they want and integrate the service with GitHub, and Visual Studio Online for a quick development cycle. The list below reviews some of the apps you can build with the help of Azure App Service.

  • Mobile App Service — enables you to host and build cross-platform and native apps for iOS, Android, Windows, or Mac. You can use this service from any location at any time. The development environment meets the requirements for creating large enterprise-grade applications.
  • Web Apps Service — create, deploy, and load balance websites or web applications with Python, Java, PHP, .NET, and Node.js..
  • API Apps Service — enables you to host and build your APIs securely in the cloud. Developers can use Azure API Apps to develop APIs using Python, C#, or PHP.
  • Logic App Service — schedule, automate, and orchestrate business-critical workflows, and processes. You can integrate systems, apps, and data more easily with prebuilt connectors and APIs.

You can find more information about Azure App Service in the official page.

Azure Cloud Services

Azure Cloud Service is a Platform as a Service (PaaS) offering that supports reliable, scalable, and inexpensive applications. Azure cloud service provides more control over Azure VMs, because it is hosted on Virtual Machines (VMs). You can access these VMs remotely and install your own software. However, deployment and monitoring of complex workloads and VMs is challenging compared to App Service.

There are two different roles in Azure Cloud Services. Each role provides different app hosting:

  • Worker roles — worker roles deploy the app as a standalone application without using Internet Information Services (IIS). Worker roles are usually used for powerful applications and APIs.
  • Web roles — host the app automatically via the (IIS). A web role is usually assigned for lightweight and straightforward applications.

Azure Functions

Azure Functions is a serverless computing service that enables developers to run small pieces of code in the cloud without managing infrastructure. That leaves more time for writing code and developing new features.

You have to use a trigger to execute an Azure function. A trigger is an external services event that fires up the Functions. An external event can be a Blob being inserted into a container, an HTTP request, or a timer being lapsed. Azure Functions can also help you reduce your cloud costs, since Microsoft charges only for the time the Function actually runs.

Azure Virtual Machines (VMs)

Azure VMS is a large collection of pre-defined Windows or Linux servers that provides you with the flexibility of virtualization without having to purchase and manage hardware. Virtual machines provide full responsibility for updates, support, installations, and administration, as well as full control over configurations.

Azure Virtual Machines can isolate two operating systems and their applications. For instance, if you create an Ubuntu VM and install PHP, MySQL, and Apache, they will not conflict with the Microsoft SQL, PHP 5 installation on another virtual machine. In addition, you can find some VM images with pre-installed Visual Studio in the Azure Marketplace. You can quickly create a temporary, or long-term use development VM by using these images.

Conclusion

There are multiple steps you need to take in order to deploy cloud-native applications in Azure. First, you have to understand Azure storage and database options, then design your applications to be scalable, and evaluate your backup options. Then you should choose a tool that best suits your needs. Remember that each of the Azure application development has its weaknesses, strengths, and learning curves.

C++ Is Faster and Safer Than Rust: Benchmarked by Yandex

/ hownot2code / 3 Comments

Author: Roman Proskuryakov

Spoiler: C++ is not faster or slower – that’s not the point, actually. This article continues our good tradition of busting myths about the Rust language shared by some big-name Russian companies.

The previous article of this series is titled “Go is faster than Rust: benchmarked by Mail.Ru (RU)“. Not so long ago, I tried to lure my coworker, a C-programmer from another department, to Rust. But I failed because – I’m quoting him:

In 2019, I was at the C++ CoreHard conference, where I attended Anton @antoshkka Polukhin’s talk about the indispensable C++. According to him, Rust is a young language, and it’s not that fast and even not that safe.

Anton Polukhin is a representative of Russia at the C++ Standardization Committee and an author of several accepted proposals to the C++ standard. He is indeed a prominent figure and authority on everything C++ related. But his talk had a few critical factual errors regarding Rust. Let’s see what they are.

The part of Anton’s presentation (RU) that we are particularly interested in is 13:00 through 22:35 .

Continue reading

Zero, one, two, Freddy’s coming for you

/ hownot2code / Leave a comment

This post continues the series of articles, which can well be called “horrors for developers”. This time it will also touch upon a typical pattern of typos related to the usage of numbers 0, 1, 2. The language you’re writing in doesn’t really matter: it can be C, C++, C#, or Java. If you’re using constants 0, 1, 2 or variables’ names contain these numbers, most likely, Freddie will come to visit you at night. Go on, read and don’t say we didn’t warn you.


Continue reading

A 6 Step Field Guide for Building Machine Learning Projects

/ hownot2code / Leave a comment

Author: Daniel Bourke
Machine learning is broad. The media makes it sound like magic. Reading this article will change that. It will give you an overview of the most common types of problems machine learning can be used for. And at the same time give you a framework to approach your future machine learning proof of concept projects.

First, we’ll clear up some definitions.

How is machine learning, artificial intelligence and data science different?

These three topics can be hard to understand because there are no formal definitions. Even after being a machine learning engineer for over a year, I don’t have a good answer to this question. I’d be suspicious of anyone who claims they do.

To avoid confusion, we’ll keep it simple. For this article, you can consider machine learning the process of finding patterns in data to understand something more or to predict some kind of future event.

The following steps have a bias towards building something and seeing how it works. Learning by doing.

Continue reading

Hunting Down and Fixing Memory Leaks in Java

/ hownot2code / Leave a comment

Author: Bradley Kofi
In the last article, we covered the most basic aspects of what memory leaks are, what causes them and how to eliminate them from your program.

As a preamble, memory leaks happen when the garbage collector (GC) is unable to clear unreferenced objects from working memory. Considering how much of its popularity Java owes to its garbage collector, how can it this be possible? As it turns out, the GC has a few weak spots:

Unreferenced static fields: The GC is unable to clear static fields unless the class that owns it is unloaded, which only happens if the Classloader that called it is garbage collected.

Unclosed system resources: The GC indirectly frees up files since classes like FileInputStream are written such that if an instance is garbage collected, the ‘close()’ method will be called first. This way, unclosed system resources don’t always pose a risk, so a lot of developers tend to look over them.

Most systems have hard limits on how many files can be open at once, and in addition to hard-to-reproduce bugs like different processes being unable to access the file or OS errors, such issues can be quite problematic to debug. They aren’t memory leaks in the exact sense but memory usage does remain high in the time that the stream remains open.

Besides, it’s also worthwhile to remember that class unloading may or may not happen depending on the JVM implementation.

Unclosed connections: Like with unclosed resources, unclosed database or network connections can lead to significant memory use if not unloaded.

Additional reasons memory leaks may occur include having a small heap space, excessive page swapping by the operating system and long delays in garbage collection.

The focus of this article is the various techniques that can be used to hunt down memory leaks once you’ve recognized how memory leaks happen.

Continue reading

Why I’m Using C

/ hownot2code / 1 Comment

Author: Casper Beyer

The front cover of the “C Programming Language” book as I recall it from memory

Why on earth would someone would pick C to start a new project in 2020? Surely there is a newer language with more shiny features that’s better right? Well I can’t speak for other people but I’ll tell you my reasons.

First of all let me preface this by saying that of course this is a biased opinion and the language I pick for something depends on the context it’s going to be used in. For example; I doubt I’ll ever be reaching for C when writing a web service simply because the ecosystem around that domain isn’t great and I’m not itching to write my http framework at this time.

But for games, more specifically cross-platform games C is a clear winner for me because it provides me with exactly the things I’m looking for which is reliability, simplicity and performance.

Continue reading

Best Books for Programmers in 2020

/ hownot2code / Leave a comment

Author: Aleksandar Vasilevski

There are many books out there for programmers and no one can read every book out there. There are many more articles about programming books written too, but it is hard to find a good filtered list with books for programmers. In this article, I wanted to make a list that will help everyone to find particular books about programming topics that they are interested in to read. I selected this particular list of books not just to improve your coding skills and make you a better programmer, but would also help you to grow as a person in every way.

I have sorted the list by the types of books that I think are the most important. In this list about best books for programmers, you will find books that are foundational to topics in computer science that will introduce you to the major programming concepts, will improve the way you think and your problem-solving ability. You will also find books that will help you write clean code and structure your code greatly. On the list, you will find books that will help you to advance your career as a programmer. And lastly, you will find books that will help you to grow as a person and to achieve the goals you want to achieve in your life. Many of the books listed are also used as textbooks in many computer science and software engineering universities around the world.

There might be affiliate links on this page, which means we get a small commission of anything you buy. As an Amazon Associate we earn from qualifying purchases.

Continue reading

PVS-Studio Static Analyzer as a Tool for Protection against Zero-Day Vulnerabilities

/ hownot2code / Leave a comment

A Zero-day (0-day) vulnerability is a computer-software vulnerability introduced during the development process and not yet discovered by the developers. Zero-day vulnerabilities can be exploited by hackers, thus affecting the company’s reputation. Developers should seek to minimize the number of defects leading to such vulnerabilities. PVS-Studio, a static code analyzer for C, C++, C#, and Java code, is one of the tools capable of detecting security issues.


Continue reading

10 Ways to Bring Code Quality Up to Scratch

/ hownot2code / Leave a comment

Author: Gilad David Maayan

Code quality is a set of practices and standards that can help you achieve structural and functional software quality. You can use code quality metrics, tools, and practices to standardize collaboration attributes and maintain high product quality through continuous testing.

Code quality can also help promote the use of best practices through regularly updated documentation, as well as help you enforce standard refactoring practices. Read on to learn nine methods of implementing and improving code quality practices and processes.

Continue reading