https://pradeepl.com/ My technical notes and thoughts on software engineering, programming, and life. en-us Wed, 25 Feb 2026 02:24:21 UTC Hugo -- gohugo.io https://pradeepl.com/blog/model-context-protocol/introduction-to-model-context-protocol/ LLMs are powerful—but without access to live tools, data, and systems, they’re limited. Discover how MCP bridges that gap and why it’s becoming the standard for AI integration. Tue, 29 Apr 2025 13:10:07 +1000 https://pradeepl.com/blog/model-context-protocol/introduction-to-model-context-protocol/ https://pradeepl.com/blog/model-context-protocol/mcp-protocol-mechanics-and-architecture/ Part 2 of our MCP series explores the technical foundations: JSON-RPC communication, supported transports (STDIO, HTTP/SSE, WebSockets), capability discovery (tools, resources, prompts), invocation methods, and security principles. Thu, 01 May 2025 19:03:33 +1000 https://pradeepl.com/blog/model-context-protocol/mcp-protocol-mechanics-and-architecture/ https://pradeepl.com/blog/model-context-protocol/build-a-mcp-server-dotnet/ This guide covers building an MCP server in C# (.NET) with NuGet package management, running it in VS Code, and integrating with GitHub Copilot for AI-assisted development. Fri, 09 May 2025 14:29:22 +1000 https://pradeepl.com/blog/model-context-protocol/build-a-mcp-server-dotnet/ https://pradeepl.com/blog/model-context-protocol/build-a-mcp-server/ This guide demonstrates building an MCP server using Akka Java SDK with annotation-based tool definitions, service discovery, and integration with both external MCP clients and Akka agents. Mon, 27 Oct 2025 14:29:22 +1000 https://pradeepl.com/blog/model-context-protocol/build-a-mcp-server/ https://pradeepl.com/blog/akka/setup-an-akka-cluster/ A complete step-by-step guide to provisioning an Amazon EKS cluster, ECR repository, RDS PostgreSQL database, and deploying Akka SDK agentic AI workloads with observability, autoscaling, and security best practices. Wed, 11 Feb 2026 14:54:34 +1000 https://pradeepl.com/blog/akka/setup-an-akka-cluster/ https://pradeepl.com/blog/agentic-ai/akka-actor-model-agentic-ai/ Use Akka’s actor model to run thousands of concurrent, stateful AI agents with isolation, supervision, and backpressure—plus a minimal Java example. Tue, 16 Sep 2025 16:31:35 +1000 https://pradeepl.com/blog/agentic-ai/akka-actor-model-agentic-ai/ https://pradeepl.com/blog/agentic-ai/agentic-ai-from-copilots-to-agents/ A comprehensive guide to Agentic AI, exploring how autonomous AI systems are evolving beyond traditional generative AI to become proactive, goal-driven agents capable of complex problem-solving. Sun, 14 Sep 2025 11:21:00 +1000 https://pradeepl.com/blog/agentic-ai/agentic-ai-from-copilots-to-agents/ https://pradeepl.com/blog/api/introduction-to-webhooks/ Learn about webhooks, their benefits, challenges, and how they are revolutionizing real-time communication in modern software development. Wed, 15 Jan 2025 11:07:18 +1000 https://pradeepl.com/blog/api/introduction-to-webhooks/ https://pradeepl.com/blog/threat-modeling-2024/ As applications and infrastructures become more complex and distributed, threat modeling has transformed into a continuous, integral part of modern DevSecOps. This post revisits threat modeling fundamentals and introduces the latest standards, methodologies, and technologies shaping this critical discipline today. Fri, 13 Dec 2024 11:31:49 +1000 https://pradeepl.com/blog/threat-modeling-2024/ https://pradeepl.com/blog/security-first-software-design/ This blog examines how prioritizing security from the outset transforms design and development practices, using real-world lessons like the Equifax breach. Mon, 25 Nov 2024 16:36:41 +1000 https://pradeepl.com/blog/security-first-software-design/ https://pradeepl.com/blog/securing-the-supply-chain-for-developers/ Learn how to secure the software supply chain by embracing best practices such as secure coding, CI/CD integration, SBOMs, and proactive monitoring. Thu, 05 Sep 2024 07:05:37 +1000 https://pradeepl.com/blog/securing-the-supply-chain-for-developers/ https://pradeepl.com/blog/migrating-from-sql-server-to-postgresql/ Master SQL Server to PostgreSQL migration with our comprehensive guide covering schema conversion, data migration methods, testing strategies, and optimization - achieve 40-50% cost savings. Wed, 31 Jul 2024 10:26:07 +1000 https://pradeepl.com/blog/migrating-from-sql-server-to-postgresql/ https://pradeepl.com/blog/generate-wildcard-ssl-certificate-using-letsencrypt-certbot/ This blog post guides you through the process of generating SSL wildcard certificates using ACME challenges and Certbot, helping secure your domains with Let’s Encrypt. Sun, 07 Jul 2024 15:47:06 +1000 https://pradeepl.com/blog/generate-wildcard-ssl-certificate-using-letsencrypt-certbot/ https://pradeepl.com/blog/ai-model-inference-explained/ Explore the power of model inference, its importance in machine learning, and best practices for getting the most out of your models. Thu, 04 Jul 2024 11:21:00 +1000 https://pradeepl.com/blog/ai-model-inference-explained/ https://pradeepl.com/blog/install-greenplum-windows-wsl/ Learn how to set up Greenplum on Rocky Linux in WSL2 and explore its powerful features for AI/ML workloads. Tue, 25 Jun 2024 17:56:48 +1000 https://pradeepl.com/blog/install-greenplum-windows-wsl/ https://pradeepl.com/blog/installing-nvidia-cuda-tensorflow-on-windows-wsl2/ Step-by-step guide to configure NVIDIA GPU acceleration for TensorFlow on Windows WSL2. Covers CUDA 12.x installation, cuDNN setup, common errors, and verification - get 10-100x faster training. Thu, 06 Jun 2024 09:35:25 +1000 https://pradeepl.com/blog/installing-nvidia-cuda-tensorflow-on-windows-wsl2/ https://pradeepl.com/blog/building-a-fraud-detection-model/ Fraud detection involves finding patterns in data. In this blog post we will build an AI/ML model for fraud detection Wed, 15 May 2024 11:39:06 +1000 https://pradeepl.com/blog/building-a-fraud-detection-model/ https://pradeepl.com/blog/introduction-to-artificial-intelligence/ Learn the fundamentals of AI and data science in this non-technical guide. Discover subfields like machine learning and robotics, and explore how to use AI for problem-solving. Mon, 22 Apr 2024 13:41:31 +0530 https://pradeepl.com/blog/introduction-to-artificial-intelligence/ https://pradeepl.com/blog/zero-trust-architecture/ ZTA operates on a fundamental principle - never trust, always verify. Lets understand what it is and how to implement it Sat, 23 Mar 2024 13:15:39 +1000 https://pradeepl.com/blog/zero-trust-architecture/ https://pradeepl.com/blog/api/rest-vs-graphql-vs-grpc/ Three technologies stand out as primary choices for developing API’s REST, GraphQL, and gRPC. Understanding what they bring to the table and making sure it aligns with your API design goals is key in developing successful API’s Fri, 09 Feb 2024 09:30:04 +1000 https://pradeepl.com/blog/api/rest-vs-graphql-vs-grpc/ https://pradeepl.com/blog/api/grpc/ Dive into gRPC with this tutorial – understand Protocol Buffers, define services, and implement a gRPC server in .NET for fast, efficient communication. Wed, 31 Jan 2024 09:39:01 +1000 https://pradeepl.com/blog/api/grpc/ https://pradeepl.com/blog/rest/hateoas/ Master HATEOAS to build truly RESTful APIs that are self-documenting, evolvable, and loosely coupled. Includes practical examples with Spring Boot, common mistakes to avoid, and modern implementation patterns. Tue, 30 Jan 2024 14:51:18 +1000 https://pradeepl.com/blog/rest/hateoas/ https://pradeepl.com/blog/platform-engineering/ Platform engineering is an emerging discipline that transcends traditional IT roles by bridging software development (Dev), operations (Ops), security (sec), and quality assurance (QA) into a coherent, streamlined workflow Wed, 13 Dec 2023 12:42:17 +0530 https://pradeepl.com/blog/platform-engineering/ https://pradeepl.com/blog/kpack/ Source Code If you wish to follow along with the code used in this post, you can find it on GitHub here . Kpack - Kubernetes native Buildpacks Kpack is a Kubernetes-native build service that utilizes Cloud Native Buildpacks to transform application source code into OCI compliant container images. Kpack extends Kubernetes by creating new custom resources that implement CNB concepts for image configuration, builders, buildpacks and others. These CRDs allow users to define and manage Kpack resources using the kubernetes native declarative api. It fits seamlessly into the Kubernetes ecosystem, making it easier to integrate with existing Kubernetes-based workflows and tools. Wed, 06 Dec 2023 10:17:38 +1000 https://pradeepl.com/blog/kpack/ https://pradeepl.com/blog/slsa/ SLSA (Supply chain Levels for Software Artifacts) is a security framework designed to ensure the integrity and security of the software supply chain. It is a set of guidelines and best practices that aim to prevent tampering, improve integrity, and secure packages and infrastructure in software development and deployment. Mon, 13 Nov 2023 07:54:57 +1000 https://pradeepl.com/blog/slsa/ https://pradeepl.com/blog/kubernetes-health-checks/ Introduction One of the key factors in Kubernetes’ success is its ability to facilitate the development and deployment of resilient and highly available applications. This is achieved through a combination of features, including its containerization approach, flexible scaling mechanisms, and robust health check mechanisms. As a container orchestration system it is essential for Kubernetes to keep track of the health of the various nodes, pods and containers in the cluster. Kubernetes uses health checks to monitor the health of applications, containers & pods running in a cluster. These health checks are a critical part of the platform and are used by the Kubernetes control plane to ensure that your applications are not just up and running, but also ready and capable of performing their intended functions effectively. Health checks allows kubernetes to take appropriate corrective action by replacing unhealthy components and route traffic to healthy ones. This functionality is critical and provides the high availability and resiliency features of kubernetes. Wed, 25 Oct 2023 14:33:30 +1000 https://pradeepl.com/blog/kubernetes-health-checks/ https://pradeepl.com/blog/kappa-architecture/ Kappa architecture is a data-processing architecture that is designed to process data in real time. It is a single-layer architecture that uses a streaming processing engine to process data as it is received. This architecture is simpler and more efficient than the Lambda architecture, and it can be implemented at a lower cost. Wed, 10 May 2023 16:54:36 +0530 https://pradeepl.com/blog/kappa-architecture/ https://pradeepl.com/blog/lambda-architecture/ Lambda architecture is a data processing architecture designed to handle large amounts of data by combining batch processing with real-time stream processing.Lambda architecture provides a way to handle both real-time and batch processing in a single architecture. Sun, 07 May 2023 16:54:36 +0530 https://pradeepl.com/blog/lambda-architecture/ https://pradeepl.com/blog/data-mesh-architecture/ Data Mesh architecture is a modern approach to data engineering and data operations that aims to improve the scalability, agility, and innovation of data teams within organizations. It is based on the principles of domain-oriented ownership, product thinking, self-serve data infrastructure, platform thinking, data as a first-class citizen, democratized data access, and a culture of collaboration. Thu, 20 Apr 2023 16:54:36 +0530 https://pradeepl.com/blog/data-mesh-architecture/ https://pradeepl.com/blog/gitops-with-argocd/ GitOps is a methodology for continuous deployment using a Git repository as the single source of truth. Argo CD is a declarative, continuous delivery GitOps operator for kubernetes. In this post we will deploy ArgoCD to a kind cluster and deploy an application, the GitOps way. Mon, 22 Aug 2022 03:37:18 +1000 https://pradeepl.com/blog/gitops-with-argocd/ https://pradeepl.com/blog/devops-sydney-securing-your-supply-chain/ I had the pleasure of presenting a talk at the Devops Sydney meetup group. The session was recorded and is here The slides used in the presentation are below Thu, 18 Aug 2022 13:12:36 +1000 https://pradeepl.com/blog/devops-sydney-securing-your-supply-chain/ https://pradeepl.com/blog/12-factor-cloud-native-apps/ Comprehensive guide to the 12 Factor App methodology: practical implementation examples with Docker/Kubernetes, common mistakes to avoid, and a complete checklist for building production-ready cloud-native applications. Fri, 12 Aug 2022 15:55:13 +1000 https://pradeepl.com/blog/12-factor-cloud-native-apps/ https://pradeepl.com/blog/gitops/ GitOps is a methodology for continuous deployment using a Git repository as the single source of truth. The repository contains the YAML manifests or Helm charts for the Kubernetes resources to be created. The Git repo is used to store, track and version control changes to these YAML files. Thu, 07 Jul 2022 14:06:19 +1000 https://pradeepl.com/blog/gitops/ https://pradeepl.com/blog/webassembly-from-browser-to-cloud/ WebAssembly(WASM) is a low-level assembly-like language that is designed for efficient execution and compact representation. WebAssembly systems interface(WASI) is a runtime specification and a standard for WebAssembly interaction with the operating system. Mon, 04 Jul 2022 10:26:07 +1000 https://pradeepl.com/blog/webassembly-from-browser-to-cloud/ https://pradeepl.com/blog/azure/azureeventgrid-createcustomevents/ Azure Event Grid is an eventing back plane that enables event-driven and reactive programming. In this blog post series we will understand Azure Event Grid and look at developing an event driven application using Azure Event Grid as the backplane Fri, 24 Jun 2022 12:25:09 +1000 https://pradeepl.com/blog/azure/azureeventgrid-createcustomevents/ https://pradeepl.com/blog/azure/azureeventgrid-createtopic/ Azure Event Grid is an eventing back plane that enables event-driven and reactive programming. In this blog post series we will understand Azure Event Grid and look at developing an event driven application using Azure Event Grid as the backplane Thu, 23 Jun 2022 12:25:09 +1000 https://pradeepl.com/blog/azure/azureeventgrid-createtopic/ https://pradeepl.com/blog/azure/azureeventgrid-introduction/ Azure Event Grid is an eventing back plane that enables event-driven and reactive programming. In this blog post series we will understand Azure Event Grid and look at developing an event driven application using Azure Event Grid as the backplane Wed, 22 Jun 2022 12:25:09 +1000 https://pradeepl.com/blog/azure/azureeventgrid-introduction/ https://pradeepl.com/blog/cloud-native-summit-wellington-secure-supply-chain/ I had the pleasure of presenting a lightning talk at the Cloud Native summit at Wellington - New Zealand . The session was recorded and is here Sat, 18 Jun 2022 13:12:36 +1000 https://pradeepl.com/blog/cloud-native-summit-wellington-secure-supply-chain/ https://pradeepl.com/blog/kubernetes/knative-fundamental-concepts/ Knative focuses on three key areas - building an application, serving traffic to it, and enabling applications to easily consume and produce events. This post looks at the fundamental concepts of Knative such as Knative Serving, Knative Eventing and Knative build. It also looks at the details of service, configuration, Revision and routes which are part of Knative Serving. It looks at the details of Messaging, Channel, Subscription, sources and sinks which are part of Knative eventing. Fri, 20 May 2022 15:55:13 +1000 https://pradeepl.com/blog/kubernetes/knative-fundamental-concepts/ https://pradeepl.com/blog/internal-developer-portals-spotify-backstage/ Backstage is an open source tool for building Internal developer portals. It improves the overall developer experience by delivering the core features of a developer portal, such as Software Catalogs, templates, and documentation. Tue, 03 May 2022 14:06:19 +1000 https://pradeepl.com/blog/internal-developer-portals-spotify-backstage/ https://pradeepl.com/blog/kubernetes/kubernetes-storage-architecture/ Kubernetes Storage concepts Applications that run on Kubernetes can be stateless or stateful. Kubernetes abstracts away persistent storage from ephemeral pods and containers. Kubernetes provides the ability to dynamically create storage resources. The Kubernetes storage architecture is based on volumes as the primary abstraction. Volumes are created and managed by Kubernetes. It is bound to pods and containers. Volumes are attached to the nodes where the pods and containers are running. Volumes are mounted to the containers and are bound to persistent storage. Wed, 27 Apr 2022 09:18:48 +1000 https://pradeepl.com/blog/kubernetes/kubernetes-storage-architecture/ https://pradeepl.com/blog/kubernetes/cloudnativebuildpacks/ Container images are a popular and standard format to package applications. Building secure, high performance container images can be challenging. Cloud native buildpacks provide solutions to create container images that are secure, high performance, and easy to deploy. Thu, 10 Feb 2022 12:25:09 +1000 https://pradeepl.com/blog/kubernetes/cloudnativebuildpacks/ https://pradeepl.com/blog/kubernetes/deploying-sql-server-on-kubernetes/ In this post we will deploy MS Sql Server in a kubernetes cluster. We will then configure it as an always on availability group.We will also look at synchronization and failover. Mon, 31 Jan 2022 11:00:08 +1000 https://pradeepl.com/blog/kubernetes/deploying-sql-server-on-kubernetes/ https://pradeepl.com/blog/kubernetes/tekton-getting-started-fundamental-concepts/ Tekton provides a cloud-native, standardized set of building blocks for CI/CD systems. It runs natively on Kubernetes and can target any platform, language, or cloud. It extends the Kubernetes API and provides custom resources to create CI/CD pipelines. Tue, 25 Jan 2022 11:01:47 +1000 https://pradeepl.com/blog/kubernetes/tekton-getting-started-fundamental-concepts/ https://pradeepl.com/blog/kubernetes/deploying-a-serverless-knative-application-on-kind/ In this post we will walk through steps to create a Knative serving instance on a local Kind cluster. We will deploy kourier as the networking layer. We will then deploy an application on this cluster and see it scaling up and down Fri, 21 Jan 2022 11:32:59 +1000 https://pradeepl.com/blog/kubernetes/deploying-a-serverless-knative-application-on-kind/ https://pradeepl.com/blog/kubernetes/deploying-gatekeeper-and-defining-constraints/ In this post we will deploy gatekeeper to a kubernetes cluster. We will then define constraints and ensure that gatekeeper enforces those constraints. Fri, 07 Jan 2022 15:55:13 +1000 https://pradeepl.com/blog/kubernetes/deploying-gatekeeper-and-defining-constraints/ https://pradeepl.com/blog/kubernetes/opa-gatekeeper/ OPA Gatekeeper is a Kubernetes-native policy controller that enables resource validation and audit functionality for a Kubernetes cluster. Fri, 07 Jan 2022 15:55:13 +1000 https://pradeepl.com/blog/kubernetes/opa-gatekeeper/ https://pradeepl.com/blog/kubernetes/introduction-to-kubernetes-admission-controllers/ Admission controllers provide extension points that augment Kubernetes functionality. Admission controllers determine if the request is well-formed and approve or reject the API request. Thu, 06 Jan 2022 15:55:13 +1000 https://pradeepl.com/blog/kubernetes/introduction-to-kubernetes-admission-controllers/ https://pradeepl.com/blog/policy-as-code/ Policy as Code is the idea of writing code to manage and automate policies. Policy as Code arose as a natural progression from Infrastructure as Code. Sun, 02 Jan 2022 20:34:02 +0530 https://pradeepl.com/blog/policy-as-code/ https://pradeepl.com/blog/kubernetes/open-policy-agent-opa/ The Open Policy Agent (OPA) is a policy engine to author declarative policies as code and use those policies as a component of the decision-making process. Thu, 16 Dec 2021 15:55:13 +1000 https://pradeepl.com/blog/kubernetes/open-policy-agent-opa/ https://pradeepl.com/blog/kubernetes/using-cluster-api-to-create-kubernetes-clusters-on-azure/ In this post let’s look at using CAPI to deploy a Kubernetes cluster in Azure. The end goal is to create a Kubernetes cluster in Azure with three control plane nodes and three worker nodes. Tue, 14 Dec 2021 15:55:13 +1000 https://pradeepl.com/blog/kubernetes/using-cluster-api-to-create-kubernetes-clusters-on-azure/ https://pradeepl.com/blog/kubernetes/cluster-api-capi/ Cluster API brings declarative, Kubernetes-style APIs to cluster creation, configuration, and management. Wed, 08 Dec 2021 15:55:13 +1000 https://pradeepl.com/blog/kubernetes/cluster-api-capi/ https://pradeepl.com/blog/building-a-secure-and-high-performance-aks-kubernetes-cluster-using-terraform/ I have been part of a couple of build outs where we built Kubernetes clusters to run our cloud workloads. These builds involved deploying AKS clusters using terraform and AzDO. Designing the AKS infrastructure is key to ensure that the cloud workloads running on them can be deployed, secured, and hosted effectively. In this post I am documenting the general steps involved in building out a Kubernetes infrastructure on Azure Kubernetes Service (AKS) using terraform and deploy workloads using Azure devops (AzDO) and Helm charts. Thu, 09 Sep 2021 15:55:13 +1000 https://pradeepl.com/blog/building-a-secure-and-high-performance-aks-kubernetes-cluster-using-terraform/ https://pradeepl.com/blog/api/getting-started-with-graphql/ GraphQL is a query language for APIs. It is a query language that provides for client-tailored queries. It is an API specification. Wed, 28 Apr 2021 15:55:13 +1000 https://pradeepl.com/blog/api/getting-started-with-graphql/ https://pradeepl.com/blog/dynamics365/dynamics-365-finance-and-operations-architecture/ Dynamics 365 for Finance and Operations is designed and architected for the cloud. It can be deployed as an on-premises system or on the cloud. Fri, 26 Mar 2021 15:55:13 +1000 https://pradeepl.com/blog/dynamics365/dynamics-365-finance-and-operations-architecture/ https://pradeepl.com/blog/off-the-blocks-with-the-new-cosmos-db-sdk-v4/ Creating Cosmos Db Infrastructure The azure Cosmos DB team provides SQL API SDK’s for various languages. At the time of writing this post the NuGet package for .NET core is at version 4 preview 3. The GitHub repo for this NuGet package is here . To get started we can use the Cosmo Db emulator locally or create a Cosmos Account on Azure. We can log onto Azure portal to create a Cosmos Account or use Azure CLI. I am using the below Azure CLI command to create a Cosmos DB account. This command creates a Cosmos DB Account named eCommerceDb-AC in the eCommerce-RG resource group. Mon, 02 Nov 2020 15:55:13 +1000 https://pradeepl.com/blog/off-the-blocks-with-the-new-cosmos-db-sdk-v4/ https://pradeepl.com/blog/azure/high-performance-data-modelling-in-azure-cosmos-db/ It is imperative to understand core concepts involved in modelling data in Cosmos Db to harness its power. It is an extremely powerful cloud native database. Fri, 30 Oct 2020 15:55:13 +1000 https://pradeepl.com/blog/azure/high-performance-data-modelling-in-azure-cosmos-db/ https://pradeepl.com/blog/azure/getting-started-with-cosmos-db/ Cosmos DB is a cloud native database engine on Azure. It is a born-in the-cloud database with no legacy compatibility requirements. It can expose data using a variety of models and API’s. Wed, 21 Oct 2020 15:55:13 +1000 https://pradeepl.com/blog/azure/getting-started-with-cosmos-db/ https://pradeepl.com/blog/getting-started-with-terraform-on-azure-part-1/ Sunshine coast .Net user group meeting. Topic - Getting started with terraform on Azure. Sun, 11 Oct 2020 15:55:13 +1000 https://pradeepl.com/blog/getting-started-with-terraform-on-azure-part-1/ https://pradeepl.com/blog/getting-started-with-terraform-on-azure-part-2/ Sunshine coast .Net user group meeting. Topic - Getting started with terraform on Azure. Sun, 11 Oct 2020 15:55:13 +1000 https://pradeepl.com/blog/getting-started-with-terraform-on-azure-part-2/ https://pradeepl.com/blog/terraform-getting-started/ Terraform is an open source tool created by HashiCorp to define infrastructure as cod using a simple, declarative language called HCL. Terraform is used to deploy and manage infrastructure across a variety of cloud providers & virtualization platforms. It can be used to deploy infrastructure to all major cloud providers such as Azure, AWS, Digital ocean, and virtualization platforms such as VMware, Open stack, and others. Sun, 11 Oct 2020 15:55:13 +1000 https://pradeepl.com/blog/terraform-getting-started/ https://pradeepl.com/blog/repository-and-unit-of-work-pattern-asp-net-core/ A Repository is used to manage aggregate persistence and retrieval. The repository mediates between the data-access layer and the domain.The unit of work pattern keeps track of all changes to aggregates. Once all updates of the aggregates in a scope are completed, the tracked changes are played onto the database in a transaction Thu, 30 Jul 2020 15:55:13 +1000 https://pradeepl.com/blog/repository-and-unit-of-work-pattern-asp-net-core/ https://pradeepl.com/blog/securing-openapi-endpoint-dotnet/ OpenAPI 3.0 lets you describe how your APIs are protected using various security schemes and their security requirements. Thu, 25 Jun 2020 15:55:13 +1000 https://pradeepl.com/blog/securing-openapi-endpoint-dotnet/ https://pradeepl.com/blog/openapi-specification-swagger/ The Open API Specification is used to define the contract between the API consumers and the API providers. The specification is based on the JSON schema and is a standard format for describing the data exchanged between the API consumers and the API providers. Sat, 20 Jun 2020 11:00:08 +1000 https://pradeepl.com/blog/openapi-specification-swagger/ https://pradeepl.com/blog/creating-a-windows-vm-using-terraform/ This post is a follow up on the Terraform 101 sessions for the Sunshine Coast dotnet user group. The slides and the code from the session are below. Slides Terraform 101 from Pradeep Loganathan Creating a Windows Virtual Machine provider "azurerm" { version = "=2.8.0" features {} } #create the resource group resource "azurerm_resource_group" "rg" { name = "ateam-resource-group" location = "australiaeast" } #create the virtual network resource "azurerm_virtual_network" "vnet1" { resource_group_name = azurerm_resource_group.rg.name location = "australiaeast" name = "dev" address_space = ["10.0.0.0/16"] } #create a subnet within the virtual network resource "azurerm_subnet" "subnet1" { resource_group_name = azurerm_resource_group.rg.name virtual_network_name = azurerm_virtual_network.vnet1.name name = "devsubnet" address_prefixes = ["10.0.0.0/24"] } ##create the network interface for the VM resource "azurerm_public_ip" "pub_ip" { name = "vmpubip" location = "australiaeast" resource_group_name = azurerm_resource_group.rg.name allocation_method = "Dynamic" } resource "azurerm_network_interface" "vmnic" { location = "australiaeast" resource_group_name = azurerm_resource_group.rg.name name = "vmnic1" ip_configuration { name = "vmnic1-ipconf" subnet_id = azurerm_subnet.subnet1.id private_ip_address_allocation = "Dynamic" public_ip_address_id = azurerm_public_ip.pub_ip.id } } ##end creating network interface for the VM ##create the actual VM resource "azurerm_windows_virtual_machine" "devvm" { name = "development-vm" location = "australiaeast" size = "Standard_A1_v2" admin_username = "pradeep" admin_password = "kq7UciQluJt%3dtj" resource_group_name = azurerm_resource_group.rg.name network_interface_ids = [azurerm_network_interface.vmnic.id] os_disk { caching = "ReadWrite" storage_account_type = "Standard_LRS" } source_image_reference { publisher = "MicrosoftWindowsServer" offer = "WindowsServer" sku = "2016-Datacenter" version = "latest" } } ##end creating VM The above code is not at all production ready and was used as part of a live coding exercise to use Terraform to create a Windows VM. The above code creates the VM password as plain text which is not ideal. The password can be generated and printed as an output if necessary. Mon, 18 May 2020 00:00:00 UTC https://pradeepl.com/blog/creating-a-windows-vm-using-terraform/ https://pradeepl.com/blog/https-in-asp-net-core/ In asp.net core https is enabled by default. The HttpsRedirection middleware class provides the necessary functionality to enforce redirection from http to https. Sun, 02 Feb 2020 11:00:08 +1000 https://pradeepl.com/blog/https-in-asp-net-core/ https://pradeepl.com/blog/dotnet/dependency-injection-in-net-core-console-application/ Dependency injection enables an application to use a key design principle called Loose coupling. Loose coupling enables us to write highly maintainable Sat, 01 Feb 2020 15:55:13 +1000 https://pradeepl.com/blog/dotnet/dependency-injection-in-net-core-console-application/ https://pradeepl.com/blog/git-branching-strategies/ GIT branching strategies are conventions, or a set of rules, that describes when branches are created. Choosing the right branching strategy is key to empower development teams to collaborate effectively. Tue, 28 Jan 2020 15:55:13 +1000 https://pradeepl.com/blog/git-branching-strategies/ https://pradeepl.com/blog/dynamodb-running-locally-using-docker/ DynamoDb from AWS is a major player in the cloud NoSQL database market. It can scale globally and is blazing fast when used appropriately. There are a bunch of reasons to use Dynamodb locally, the primary ones being development cost and integration testing. DynamoDB does not have a desktop install, however thankfully, AWS has created a Docker image to enable running DynamoDb locally. To run DynamoDb locally pull the docker image using the command Mon, 27 Jan 2020 00:00:00 UTC https://pradeepl.com/blog/dynamodb-running-locally-using-docker/ https://pradeepl.com/blog/dotnet/configuration-in-a-net-core-console-application/ Adding configuration to a .Net core Console application to read configuration from a json file, or environmental variables or command line arguments. Fri, 20 Dec 2019 15:55:13 +1000 https://pradeepl.com/blog/dotnet/configuration-in-a-net-core-console-application/ https://pradeepl.com/blog/https/ HTTPS is a network protocol used to serve up web pages. HTTPS, or HTTP Secure, was designed to secure communications between a client and the HTTP server. It is a protocol that uses a secure connection to transfer data over the internet. Fri, 27 Sep 2019 11:00:08 +1000 https://pradeepl.com/blog/https/ https://pradeepl.com/blog/crdt/ Many moons ago I was working on an online eCommerce platform. The platform used to undergo massive traffic spikes periodically. I was trying to implement a distributed counter. I was using a distributed counter because I wanted to be able to increment the counter on multiple servers. CAP Theorem The CAP theorem was proposed by Eric Brewer. CRDT CRDT stands for conflict-free replicated datatype. Conflict-free replicated datatype describe data-types that can be replicated across multiple computation units or nodes, they can be updated concurrently without any coordination, and then merged to get a consistent state. It doesn’t matter in which order you execute operations on the data type or if you repeat operations the result is eventually correct. Each node in a distributed system has its own replica of the CRDT. Each replica can resolve queries in isolation and can also process commands that immediately alter its state. CRDTs they can be concurrently updated across nodes and any conflicts can be resolved sensibly. CRDTs always have a merge function that can take many data entries living on different nodes and merge these automatically into one consistent view of the data, without any coordination between the nodes. CRDTs allow two conflicting updates to be merged. All replicas will converge to the same state when all updates have been delivered. The most important properties of the merge function are that it is symmetric and monotonic. The issue that CRDTs address is conflict resolution when different versions of the structure appear due to network partitions and their eventual repair. For a general data structure, if there are two conflicting versions, the solution is either to choose one (according to some general rules, like take the random one or the latest one, or application-specific logic) or to keep both versions and defer conflict resolution to the client code. CRDTs are conflict-free, that is, the structures are devised so that any conflict is resolved automatically in a way that doesn’t bring any data loss or corruption. Mon, 02 Sep 2019 00:00:00 UTC https://pradeepl.com/blog/crdt/ https://pradeepl.com/blog/chaos-engineering/ Introduction “Chaos Engineering is the discipline of experimenting on a system in order to build confidence in the system’s capability to withstand turbulent conditions in production.” Priciples of Chaos Engineering Introduction In modern, rapidly evolving distributed systems, components fail all the time. These failures can be complex as they can cascade across systems. System weaknesses such as latency, race conditions, byzantine failures etc can be exacerbated in the face of large traffic volumes. Chaos engineering is key to discovering how these complex failures may affect the system and then validating over time that the weaknesses have been overcome. Tue, 13 Aug 2019 00:00:00 UTC https://pradeepl.com/blog/chaos-engineering/ https://pradeepl.com/blog/infrastructure-as-code/ Infrastructure as code (IaC) is the process of provisioning and managing your infrastructure resources through definition files or code. Mon, 29 Jul 2019 00:00:00 UTC https://pradeepl.com/blog/infrastructure-as-code/ https://pradeepl.com/blog/servicemesh/ Imagine a green, sustainable city, meticulously designed for environmental harmony and efficiency. The city has many distinct localities such as neighborhoods, districts, and even villages with their own identity and cultures. This city boasts an intricate public transport system, with buses, trams, and subways efficiently transporting citizens to their destinations from its various localities. Multiple such cities are connected together in a thriving, fast-paced ecosystem. The cities are also similarly connected in an efficient and sustainable design. Each locality in a city represents a microservice, and each city in this system, a domain operating within the larger ecosystem - the application. In an ideal world, this system not only ensures smooth transit but also maintains each city’s eco-friendly ethos; balancing efficiency with sustainability. But how does this ecosystem manage to keep its vast and varied transport network running so smoothly and eco-consciously, avoiding traffic jams, pollution, and inefficiencies? Wed, 24 Jul 2019 00:00:00 UTC https://pradeepl.com/blog/servicemesh/ https://pradeepl.com/blog/patterns/sidecar-container-pattern/ Sidecar pattern is a single-node pattern made up of two containers. It involves co-locating another container in a node/pod along with the main application container. The application container contains the core logic for the application. The role of the sidecar is to augment and improve the application container, often without the application container’s knowledge. In its simplest form, a sidecar container can be used to add functionality to a container that might otherwise be difficult to add. In addition to being co-located on the same machine, the application container and sidecar container share several resources, including parts of the filesystem, hostname and network, and many other namespaces. The sidecar can be plugged and unplugged from the main application, since it is isolated and cannot impact the application in case it starts misbehaving. Wed, 24 Jul 2019 00:00:00 UTC https://pradeepl.com/blog/patterns/sidecar-container-pattern/ https://pradeepl.com/blog/transactional-outbox-pattern/ Transactional Outbox is a pattern to reliably publish messages without the use of distributed transactions. It uses an Outbox and a message dispatcher to reliably persist state and publish messages. Tue, 16 Jul 2019 11:01:47 +1000 https://pradeepl.com/blog/transactional-outbox-pattern/ https://pradeepl.com/blog/patterns/idempotent-consumer-pattern/ The Idempotent Consumer pattern provides the necessary safeguards to allows logic wrapped by it to be executed only once. It implements an unique identifier for each message and an idempotent repository. Sat, 06 Jul 2019 11:01:47 +1000 https://pradeepl.com/blog/patterns/idempotent-consumer-pattern/ https://pradeepl.com/blog/architecture/event-driven-architecture/ Event driven architecture (EDA) is an architectural paradigm where behavior is composed by reacting to events. In this paradigm events imply a significant change in state. Mon, 01 Jul 2019 11:00:08 +1000 https://pradeepl.com/blog/architecture/event-driven-architecture/ https://pradeepl.com/blog/kubernetes/container-orchestration/ A single container provides application isolation and mobility. However, a container by itself doesn’t improve the quality of your service—for example, in terms of load balancing or failover. This is where multi-container solutions come into play. However managing a handful of containers is completely different from managing production-scale containers, which may number from hundreds to thousands. To support container management, we need an easy way of deploying and handling these containers at scale. This is where container orchestration. comes into play. Wed, 23 Jan 2019 00:00:00 UTC https://pradeepl.com/blog/kubernetes/container-orchestration/ https://pradeepl.com/blog/api/api-gateway/ An API Gateway provides a single and unified API entry point across one or more internal APIs. It mediates, routes, and invokes a respective endpoint after request verification, content filtering, authentication, and authorization. Tue, 15 Jan 2019 15:55:13 +1000 https://pradeepl.com/blog/api/api-gateway/ https://pradeepl.com/blog/kubernetes/kubernetes-controllers/ Controllers create and manage pods. Controllers respond to pod state and health. Kubernetes lets you assert that resources such as pods are in a certain desired state, with specific versions. Controllers track those resources and attempt to run your software as described. There are a variety of controllers in Kubernetes, primarily ReplicaSets and Deployments. ReplicaSet - A ReplicaSet is responsible for reconciling the desired state at all times. The ReplicaSet is used to define and manage a collection of identical pods that are running on different cluster nodes. A ReplicaSet defines the image are used by the containers in the pod and the number of instances of the pod that will run in the cluster. These properties and the many others are called the desired state. If some Pods in the ReplicaSet crash and terminate, the system will recreate Pods with the original configurations on healthy nodes automatically and keep a certain number of processes continuously running. For e.g if you specified three Pods in a ReplicaSet and one fails, Kubernetes will automatically schedule and run another Pod for you. If elementary conditions are met (for example, enough memory and CPU), Pods associated with a ReplicaSet are guaranteed to run. They provide fault-tolerance, high availability, and self-healing capabilities. Mon, 14 Jan 2019 00:00:00 UTC https://pradeepl.com/blog/kubernetes/kubernetes-controllers/ https://pradeepl.com/blog/kubernetes/kubernetes-concepts-pods/ Pods are an important feature of Kubernetes. A Pod is the smallest unit of work that Kubernetes manages and is the fundamental unit that the rest of the system is built on. Each pod contains one or more containers. Instead of deploying containers individually, you always deploy and operate on a pod of containers. Pods are always scheduled together (always run on the same machine). A pod is as an atomic unit. Even if a pod does contain multiple containers, they are always run on a single worker node, it never spans multiple worker nodes. All the containers in a pod have the same IP address and port space. They communicate using localhost or standard inter-process communication. All containers in a pod have access to shared local storage on the node hosting the pod. This shared storage is mounted on each container. Pods provide a great solution for managing groups of closely related containers that depend on each other and need to co-operate on the same host to accomplish their purpose. Pods are considered as ephemeral, throwaway entities that can be discarded and replaced at will. Any pod storage is destroyed with its pod. Each pod gets a unique ID (UID), so you can still distinguish between them if necessary. Sun, 13 Jan 2019 00:00:00 UTC https://pradeepl.com/blog/kubernetes/kubernetes-concepts-pods/ https://pradeepl.com/blog/patterns/circuit-breaker-pattern/ The Circuit Breaker pattern is a cornerstone of resilient systems, preventing a single component’s failure from causing a catastrophic system-wide outage. This deep dive explores its mechanics, the strategic benefits beyond simple failure handling, the nuances of configuration, and its crucial role in the modern microservices ecosystem. Fri, 21 Sep 2018 15:55:13 +1000 https://pradeepl.com/blog/patterns/circuit-breaker-pattern/ https://pradeepl.com/blog/reactive-manifesto/ The Reactive Manifesto describes how to design and architect Reactive systems according to your needs.Systems built as Reactive Systems are more Reliable, flexible, loosely coupled, scalable and resilient. This makes them easier to develop and amenable to change. Reactive systems are more tolerant of failure and when failure does occur, they meet it with elegance rather than disaster. Sun, 09 Sep 2018 15:55:13 +1000 https://pradeepl.com/blog/reactive-manifesto/ https://pradeepl.com/blog/simplest-docker-introduction-for-net-core/ I have been working with multiple teams on containerizing their infrastructure using docker. A while back I needed to help a team understand Docker containers by getting them to dive in and get started rather than just talk and point to slide decks. We started by containerizing the simplest possible .net core console app. The first app we built was a simple console app that used a timer and printed the date and time every 2 seconds. The code and the output for this program is below Sat, 25 Aug 2018 00:00:00 UTC https://pradeepl.com/blog/simplest-docker-introduction-for-net-core/ https://pradeepl.com/blog/patterns/retry-pattern/ The retry pattern is an extremely important pattern to make applications and services more resilient to transient failures. A transient failure is a common type of failure in a cloud-based distributed architecture. This is often due to the nature of the network itself (loss of connectivity, timeout on requests, and so on). Transient faults occur when services are hosted separately and communicate over the wire, most likely over a HTTP protocol. These faults are expected to be short-lived. Repeating such a request that has previously failed could succeed on a subsequent attempt. Fri, 10 Aug 2018 00:00:00 UTC https://pradeepl.com/blog/patterns/retry-pattern/ https://pradeepl.com/blog/patterns/bulkhead-isolation/ The Bulkhead pattern is a critical resilience strategy that prevents failures in one part of a system from cascading into a catastrophic, system-wide outage. By partitioning resources, it ensures that one misbehaving dependency cannot exhaust the resources needed to serve others, thereby protecting the overall health of your application. Sun, 08 Jul 2018 00:00:00 UTC https://pradeepl.com/blog/patterns/bulkhead-isolation/ https://pradeepl.com/blog/dates-in-apis/ Representing dates in an API is a common but often not well thought out functionality.We need to be very cognizant of representing dates, intervals, and periods in the API Payload. There are two generally accepted date formats for API’s. Thu, 07 Jun 2018 15:55:13 +1000 https://pradeepl.com/blog/dates-in-apis/ https://pradeepl.com/blog/jwt-angular-interceptor/ JSON Web Token(JWT) is an industry standard for security tokens used to securely transmit information between client and server as JSON objects.It provides a solution to the problem of passing claims between parties. In this post we will create an Angular interceptor to introspect JWT tokens. Sat, 19 May 2018 15:55:13 +1000 https://pradeepl.com/blog/jwt-angular-interceptor/ https://pradeepl.com/blog/serialize-exceptions-as-json-using-custom-middleware-in-net-core/ Creating API’s has a certain rigor to it right from the design phase which is different from a UI based Web application. One of the areas where this is very apparent is communicating exceptions to the client. In a web application exception are communicated to the client using the UI with the most common being a 404 page. This page has been elevated to an art form now. The image below is a 404 page on Pixar’s website. Thu, 10 May 2018 00:00:00 UTC https://pradeepl.com/blog/serialize-exceptions-as-json-using-custom-middleware-in-net-core/ https://pradeepl.com/blog/openid-connect/ OpenID Connect is a simple identity layer built on top of the OAuth 2.0 protocol. OpenID Connect is all about authentication while OAuth is an authorization protocol. In OAuth, authorization is delegated while in OpenID Connect, authentication is delegated. OpenID Connect allows clients to verify end users based on the authentication performed by an auth server. It is also used to obtain basic profile information about the end user in a standards-based, interoperable and REST-like manner. OpenID Connect provides a standard way to obtain user identity.A central part of the OpenID Connect specification is the ID Token. It provides an identity token with information about the user. It also defines an endpoint to get identity information for that user, such as their name or e-mail address. This endpoint is called the user info endpoint. The identity token is a simple JWT token signed by the OpenID provider(OP) through OAuth protocol to suit web, mobile, and browser-based applications.The Identity token is encoded into the base 64 URL-safe string that contains information such as subject (sub), issuing authority (iss), audience (aud), and more. It may also contain some extra information about the user or custom claims in a set of scopes. As OpenID Connect is built on top of the Oauth2 protocol, the flows are the same. It can be used with the authorization code grant and the implicit grant. It’s not possible with the client credentials grant, as the client credentials grant is for server-to-server communication.As part of the oAuth flow, Instead of only requesting an access token, we can request an additional ID token from the security token service (STS) that implements the OpenID Connect specification. The client receives an ID token, and usually, also an access token. The ID token is kept small with the minimal information in it. To get more information for the authenticated user, the client can then send a request to the user info endpoint with the access token. This user info endpoint will then return the claims about the new user. Thu, 03 May 2018 00:00:00 UTC https://pradeepl.com/blog/openid-connect/ https://pradeepl.com/blog/jwt-tokenserver/ JSON Web Token(JWT) is an industry standard for security tokens used to securely transmit information between client and server as JSON objects.It provides a solution to the problem of passing claims between parties. In this post we will be implementing a JWT token server which will serve tokens to users with the appropriate credentials. Sat, 21 Apr 2018 15:55:13 +1000 https://pradeepl.com/blog/jwt-tokenserver/ https://pradeepl.com/blog/jwt/ JSON Web Token(JWT) is an industry standard for security tokens used to securely transmit information between client and server as JSON objects.It provides a solution to the problem of passing claims between parties. Sat, 21 Apr 2018 15:55:13 +1000 https://pradeepl.com/blog/jwt/ https://pradeepl.com/blog/http2/ HTTP & HTTP/2 are both application level protocols that utilize a lower level protocol like TCP to talk on the Internet. The protocol of the Internet is TCP over IP over Ethernet. Sun, 11 Mar 2018 11:00:08 +1000 https://pradeepl.com/blog/http2/ https://pradeepl.com/blog/creating-a-service-in-angular-5-with-rxjs-5-5/ In the world of Microservices, the prevalence of REST API’s has made client-side developers depend on them for even the smallest of applications. If you want to develop a Weather app, you better know how to connect to one of the Weather API’s. If you want to develop a stock ticker you better know how to connect to a stock ticker API. In the world of Angular 5 connecting to API’s requires developers to understand RxJs, Observables in particular. The new @common/http module provides all the functionality required to connect to an API. we can further make it reactive using observables and the corresponding operators from the Rxjs Libraries. A simple Angular service generally allows us to perform common HTTP actions ( Get, Post, Put, Delete ) and some uncommonly used actions such as Head and Patch. I generally follow the below pattern when I create an angular service. Fri, 16 Feb 2018 00:00:00 UTC https://pradeepl.com/blog/creating-a-service-in-angular-5-with-rxjs-5-5/ https://pradeepl.com/blog/managing-environments-in-angular/ One of the most common tasks in software development is to define specific environments and manage them to develop, test, promote and deploy code. This is essential to use different values for various resources such as API’s or databases in different environments. For e.g. you may use a low powered SQL Lite instance for local development but use a large instance in staging and production. Similarly, you may use a local instance of an API in development and a different instance in production. Generally, frameworks provide environment management patterns to enable switching resources based on the environment. Tue, 13 Feb 2018 00:00:00 UTC https://pradeepl.com/blog/managing-environments-in-angular/ https://pradeepl.com/blog/hiding-js-and-js-map-files-in-vs-code-for-your-typescript-projects/ VS code is a nice IDE for typescript projects and is actually the fastest growing javascript and angular IDE. When working on typescript projects some of us do not like the explorer to be polluted with the transpiled js and the js.map files. Luckily VScode allows us to hide the js files from the explorer using workspace settings. To do this open workspace settings from File –> Preferences –> Settings. Click on the drop down box to select Workspace Settings. Sat, 23 Dec 2017 00:00:00 UTC https://pradeepl.com/blog/hiding-js-and-js-map-files-in-vs-code-for-your-typescript-projects/ https://pradeepl.com/blog/non-static-class-with-static-methods-vs-static-class/ During a design session a few folks in my team had questions on using a static class vs a class with static methods. We hit upon this when designing utility classes and extension methods.During the course of this discussion some of us were surprised about what I felt was basic knowledge and I was also caught out on a few which led me to documenting this down below. Static Class Marking a class as static means that a compile time check will be conducted to ensure that all members of the class are static. Since the CLR does not have a notion of static, marking a class as static translates it to an abstract sealed class. ( conversly you cannot mark a static class as abstract) Static classes always inhert from Object and you cannot have it derive from another class. You cannot inherit from a static class. Static classes cannot implement an interface. You cannot obviously instantiate a static class. It cannot have constructors and the compiler also does not create a default parameterless constructor. Defining extensions in C# requires us to implement the static extension methods in a static class. There is a minor performance gain to using static methods as documented in this code analysis performance tip. The performance gain is due to the fact that instance methods always use the this instance pointer as the first parameter which is a small overhead. Instance methods also implement the callvirt instruction in IL which also leads to a very small overhead. Non Static Class A non-static class can have static members. ( both methods and fields ). You can create an instance of a Non static class with static methods. Factory pattern is an example of a Non Static class implementing a static method to control object instatiation. Microsoft docs has an article on this topic here . Wed, 25 Oct 2017 00:00:00 UTC https://pradeepl.com/blog/non-static-class-with-static-methods-vs-static-class/ https://pradeepl.com/blog/threat-modeling/ In a world increasingly reliant on digital infrastructure, security is no longer a static state but a continuous process. Reactive security is a gamble no organization can afford. Proactive defense is paramount, and threat modeling stands as a crucial first line of defense. Threat modeling provides a structured approach to proactively identify and mitigate security risks. It’s about stepping into the mindset of an attacker, systematically examining your systems—whether a complex application, a sprawling network, or a cloud deployment—to pinpoint potential weaknesses. Threat modeling uncovers potential vulnerabilities, maps likely attack paths, and empowers teams to fortify their defenses preemptively. This process involves visualizing attack vectors, assessing potential impact, and prioritizing mitigation efforts. More than a mere checklist, it’s a dynamic process that blends analytical rigor with creative foresight, enabling you to anticipate and mitigate threats before they materialize. Mon, 21 Aug 2017 00:00:00 UTC https://pradeepl.com/blog/threat-modeling/ https://pradeepl.com/blog/blockchain-meetup-1/ https://www.facebook.com/pradeepl/videos/685380101645645/ Sat, 05 Aug 2017 00:00:00 UTC https://pradeepl.com/blog/blockchain-meetup-1/ https://pradeepl.com/blog/blockchain-meetup-2/ Sat, 05 Aug 2017 00:00:00 UTC https://pradeepl.com/blog/blockchain-meetup-2/ https://pradeepl.com/blog/owin-katana-kestrel/ The Open Web Interface for .NET (OWIN) is a standard that defines an interface between .NET servers and web applications. Katana is an implementation of OWIN by the .Net foundation. Kestrel is a lightweight cross-platform web server that supports .NET Core and runs on multiple platforms such as Linux, macOS, and Windows. Wed, 02 Aug 2017 15:55:13 +1000 https://pradeepl.com/blog/owin-katana-kestrel/ https://pradeepl.com/blog/what-is-blockchain/ A blockchain is a fully-distributed, peer-to-peer software network which makes use of cryptography to securely host applications, store data, and easily transfer digital instruments of value. Originally proposed by Satoshi Nakamoto in 2008 as the back-end for the Bitcoin cryptocurrency.( Nakamoto, 2008 ), Blockchain is now distinct from Bitcoin as a platform and stands on its own right seperated from the cryptocurrency implemenations from where it was born. Satoshi Nakamoto married his distributed consesus protocol to Adam Backs Hashcash algorithm which pioneered the use of mining to send transaction creating a simple database that is decentralized and stored in the nodes of its network. Fri, 21 Jul 2017 00:00:00 UTC https://pradeepl.com/blog/what-is-blockchain/ https://pradeepl.com/blog/oauth2-tokens/ There are two types of tokens in OAuth 2.0, the access token, and the refresh token. Access token The access token represents the authorization of a specific application to access specific parts of a user’s data. Access tokens must be kept confidential in transit and in storage. The only parties that should ever see the access token are the application itself, the authorization server, and resource server. The access token can only be used over an https connection, since passing it over a non-encrypted channel would make it trivial for third parties to intercept. Thu, 13 Jul 2017 00:00:00 UTC https://pradeepl.com/blog/oauth2-tokens/ https://pradeepl.com/blog/consensus/ Consensus is one of the most important and fundamental problems in distributed computing. Simply put, the goal of consensus is to get several nodes to agree on something. It is a distributed computing concept that is used to provide a means of agreeing to a single version of truth by all peers on the distributed network. Wed, 12 Jul 2017 14:06:19 +1000 https://pradeepl.com/blog/consensus/ https://pradeepl.com/blog/merkle-trees/ A Merkle tree, named for its inventor, Ralph Merkle, is also known as a “hash tree". It’s a data structure represented as a binary tree, and it’s useful because it summarizes in short form the data in a larger data set. In a hash tree, the leaves are the data blocks (typically files on a filesystem) to be summarized. Every parent node in the tree is a hash of its direct child node, which tightly compacts the summary. Wed, 12 Jul 2017 00:00:00 UTC https://pradeepl.com/blog/merkle-trees/ https://pradeepl.com/blog/rest/cross-origin-resource-sharing/ Cross-Origin Resource Sharing or CORS is a mechanism that enables a web browser to perform cross-domain requests. Cross-domain requests are HTTP requests for resources hosted on a different domain than the domain of the resource making the request. Mon, 10 Jul 2017 12:25:09 +1000 https://pradeepl.com/blog/rest/cross-origin-resource-sharing/ https://pradeepl.com/blog/hexagonal-architectures/ Hexagonal architecture aims to decouple business logic from other parts of the component, especially the persistence, eventing and services layers. A component, built on the ports and adapters pattern, exposes a set of ports to which one or more adapters can be added as necessary. Mon, 10 Jul 2017 12:25:09 +1000 https://pradeepl.com/blog/hexagonal-architectures/ https://pradeepl.com/blog/public-key-cryptography/ The concept of public-key cryptography was invented by Whitfield Diffie and Martin Hellman, and independently by Ralph Merkle.Their contribution to cryptography was the notion that keys could come in pairs—an encryption key and a decryption key—and that it could be infeasible to generate one key from the other. Diffie and Hellman first presented this concept at the 1976 National Computer Conference ; a few months later, their seminal paper “ New Directions in Cryptography ” was published. Thu, 06 Jul 2017 00:00:00 UTC https://pradeepl.com/blog/public-key-cryptography/ https://pradeepl.com/blog/hashing/ A hash is a one-way function that maps data of any arbitrary length to an output digest of fixed length, where it is computationally infeasible to find the input from the output. The values returned by a hash function are often known as Message digest, hash values, hash codes, hash sums, checksums, or simply hashes. Hash functions are keyless and provide the data integrity service. They are usually built using iterated and dedicated hash function construction techniques. A hash function compresses data to a fixed size, which could be considered a shortened reference to the original data. The hash function should be easy to compute but hard to invert. For compression, hash functions usually utilize a one-way function of number theory; hence, they are irreversible. Consequently, it is infeasible to reconstruct specific data when a hash value is known. A hash is a one-way function because it cannot be reversed. We can think of a hash as a digital fingerprint of data that is input into it. These types of hash functions are used in many ways. They can be used for authentication, indexing data into hashed tables, checksums, and digital signatures. An example of an SHA256 hash looks like this: 4UsOw2gKuwzwFpY2UH8cDnfMOqHM7Gv5XZBFxDnV4Ww. Sat, 01 Jul 2017 15:55:13 +1000 https://pradeepl.com/blog/hashing/ https://pradeepl.com/blog/asp-net-core-framework-lifecycle/ A lifecycle encompasses how a web application handles incoming requests, processes them, and generates responses. It is fundamental for developing efficient, scalable, and maintainable web applications Wed, 31 May 2017 15:55:13 +1000 https://pradeepl.com/blog/asp-net-core-framework-lifecycle/ https://pradeepl.com/blog/aws-cloudformation/ AWS CloudFormation is an IaC tool for creating AWS resources in a declarative way. Tue, 30 May 2017 15:55:13 +1000 https://pradeepl.com/blog/aws-cloudformation/ https://pradeepl.com/blog/startup-vlog-week-1/ As promised last week, I am publishing the first week 1 roundup of my vlog. As I started off my initial focus was on product planning, market analysis, architecture, road map discussions etc. All of this was blown away very soon by the nuts and bolts of running a small organization with zero support. I ran headlong into red tape in registering the company which took a few days to get sorted out. I had to understand terms like Memorandum of Association (MOA), Article of Association (AOA) and many others. Post this was bank work and some more legal documentation. Sun, 28 May 2017 00:00:00 UTC https://pradeepl.com/blog/startup-vlog-week-1/ https://pradeepl.com/blog/watch-startup-vlog-intro-on-youtube/ Some of the folks who know me closely know that I recently quit my job at Dell and have started to work on building out my startup. Like any new-born it requires a lot of TLC and takes a lot of my time and energy but it is very exhilarating to start on a fresh new canvas. It has been a huge decision to leave a well-paying , stable and long-term association with Dell and invest Money, time and energy into starting out from scratch. As people have come to grips with my decision , I have been fortunate to receive lots of support and encouragement from my colleagues and friends. As I pick my way across this intriguing path, I am planning to video log every week so that I can share it with folks across and also create a self-reference for me to check back on. Mon, 22 May 2017 00:00:00 UTC https://pradeepl.com/blog/watch-startup-vlog-intro-on-youtube/ https://pradeepl.com/blog/oauth2/ OAuth2 is an open authorization standard designed to provide an authentication and authorization protocol for the web.OAuth 2 was created with the intention of providing a way to grant limited access to protected content hosted by third-party services in a standardized and open manner. Sat, 11 Mar 2017 11:00:08 +1000 https://pradeepl.com/blog/oauth2/ https://pradeepl.com/blog/rest/identifying-resources-and-designing-representations/ The key parts of a Resource oriented architecture (REST architecture) are resources, identifiers, representations, and the links between them. There is no exact science to identifying resources and there is no right or wrong with resources identified.In this post we will look at best practices to do so. Wed, 14 Dec 2016 11:00:08 +1000 https://pradeepl.com/blog/rest/identifying-resources-and-designing-representations/ https://pradeepl.com/blog/handling-common-input-validation-guard-cs/ A fairly simple but common task across all application code that I have written is simple validation of parameters and inputs. Everybody has thier own way of handling this and here is mine. Can I do it better? You Bet. View this gist on GitHub Tue, 25 Oct 2016 00:00:00 UTC https://pradeepl.com/blog/handling-common-input-validation-guard-cs/ https://pradeepl.com/blog/rest/richardsons-maturity-model/ Richardson’s Maturity Model breaks down the journey towards building a truly RESTful API into levels, each adding more constraints and adhering more closely to REST principles. Fri, 21 Oct 2016 00:00:00 UTC https://pradeepl.com/blog/rest/richardsons-maturity-model/ https://pradeepl.com/blog/rest/rest-idempotency-safety/ Implementing the REST architectural principles results in the both Idempotency and safety being incorporated into the system. This is not however not completely automatic and needs to be thought through in detail. Wed, 19 Oct 2016 11:00:08 +1000 https://pradeepl.com/blog/rest/rest-idempotency-safety/ https://pradeepl.com/blog/rest/rest-architectural-constraints/ REST defines six architectural constraints which make any web service – a truly RESTful API. These are also called as Fielding’s constraints. They generalize the Web’s architectural principles and represent them as a framework of constraints or an architectural style. Wed, 19 Oct 2016 11:00:08 +1000 https://pradeepl.com/blog/rest/rest-architectural-constraints/ https://pradeepl.com/blog/rest/rest-communicating-with-verbs-and-status-codes/ REST API’s have a very rich vocabulary to communicate a variety of statuses and results. The verbs put, post, update, get and others are used to indicate the action that must be performed. The status indicate the result of the actions performed by the verbs. Tue, 20 Sep 2016 15:55:13 +1000 https://pradeepl.com/blog/rest/rest-communicating-with-verbs-and-status-codes/ https://pradeepl.com/blog/rest/rest-api-what-is-rest/ Rest is a client server communication model which is stateless, resource based, and Idempotent. Sun, 18 Sep 2016 15:55:13 +1000 https://pradeepl.com/blog/rest/rest-api-what-is-rest/ https://pradeepl.com/blog/git-basics/ Introduction Git, affectionately termed “the information manager from hell” by its creator Linus Torvalds is a distributed version control system. It allows for fast scaling, has robust branching features and is an open source software. It is also a relatively new version control system released in April 2005. It was created to version control the Linux source code and as such was a much proven system at birth. GIT is optimized for distributed development, large file counts, complex merge scenarios and is blazingly fast. Sat, 10 Sep 2016 00:00:00 UTC https://pradeepl.com/blog/git-basics/ https://pradeepl.com/blog/docker-part-3-installing-docker-on-windows/ This post is part of a three-post series on Docker What is Docker Docker Architecture Docker on Windows To install Docker, head over to Download Docker for Windows if you are running windows 10 Pro or enterprise 64 bit and download the installer from this link. If you are on a previous version of Windows, you would need to download Docker Toolbox . Also, you would need to enable Hyper-V virtualization to enable Docker to work. The setup installs the Daemon and the CLI tools. The Docker engine is installed as a service, and you also have a helper on the task bar which is used to further configure Docker. You can also download Kitematic from download.Docker.com to graphically manage Docker containers. Wed, 24 Aug 2016 00:00:00 UTC https://pradeepl.com/blog/docker-part-3-installing-docker-on-windows/ https://pradeepl.com/blog/docker-architecture/ This post is part of a three-post series on Docker What is Docker Docker Architecture Docker on Windows The concept of containers has been on the making for some time. Docker is currently available in two primary flavors namely, Docker for Linux and Docker for Windows based on the platform on which it is running. Docker for Mac is a version of Docker for Linux. It is also available on all cloud platforms such as Azure, AWS, Google Cloud, and others. The Docker architecture is different based on the platform on which it is running. Tue, 23 Aug 2016 00:00:00 UTC https://pradeepl.com/blog/docker-architecture/ https://pradeepl.com/blog/what-is-docker/ What is Docker? This post is part of a three post series on Docker What is Docker Docker Architecture Docker on Windows Docker is a container technology for packaging an application along with all its dependencies. Docker did not invent containers, it made container technology simpler and easier to use. Solomon Hykes started the development of Docker in March 2010 as a PaaS offering from dotCloud, a company which he cofounded along with Sebastien Pahl. This was open sourced in March 2013. In the last quarter of that same year, the name of the company was changed to Docker Inc. Tue, 23 Aug 2016 00:00:00 UTC https://pradeepl.com/blog/what-is-docker/ https://pradeepl.com/blog/multiversion-concurrency-control/ Every developer I know of has used or uses databases on a daily basis, be it SQL Server or Oracle but quite a few of them are stumped when asked how this SQL will execute and what would its output be. insert into Employee select * from Employee; Select * from Employee; Additionally what happens if multiple people execute this statement concurrently. Will the select lock the insert ? Will the insert lock the select ? How does the system maintain data integrity in this case ? The answers have ranged from, this is not a valid SQL statement to this will be an indefinite loop. Sun, 20 Jul 2014 00:00:00 UTC https://pradeepl.com/blog/multiversion-concurrency-control/ https://pradeepl.com/blog/internet-of-things-iot/ Microsoft recently announced that Visual Studio will start supporting device development and started by initially supporting Intel’s Galileo board.This is not entirely new to Visual Studio. One of the earliest add on’s to support board based development was visual micro which supported the Arduino board. Arduino is an open-source physical computing platform based on a simple i/o board and a IDE integrated development environment that implements the Processing/Wiring language. Arduino can be used to develop stand-alone interactive objects and installation or can be connected to software on your computer. The first Arduino board was produced on January 2005. The project is the result of the collaboration of many people primarily David Cuartielles and Massimo Banzi who taught physical computing. The others would be David Mellis, who built software engine , Tom Igoe and Gianluca Martino. Tue, 15 Jul 2014 00:00:00 UTC https://pradeepl.com/blog/internet-of-things-iot/ https://pradeepl.com/blog/suportvectormachines/ Support Vector Machines (SVMs) Support Vector Machines (SVMs) are a robust and versatile set of algorithms utilized in machine learning and data science for classification and regression tasks. Originally developed for binary classification by Cortes & Vapnik in 1995, SVMs are distinguished by their capability to find an optimal hyperplane that categorizes observations into distinct classes. This guide delves into the theoretical underpinnings, operational mechanics, and practical applications of SVMs. Tue, 11 Mar 2014 00:00:00 UTC https://pradeepl.com/blog/suportvectormachines/ https://pradeepl.com/blog/external-environment-opportunities-threats-industry-competition-and-competitor-analysis/ Understanding the competitive forces shaping your industry is not just beneficial; it’s essential for survival and growth. Porters five forces provides the key Fri, 06 Dec 2013 10:17:38 +1000 https://pradeepl.com/blog/external-environment-opportunities-threats-industry-competition-and-competitor-analysis/ https://pradeepl.com/blog/graphing-my-facebook-network-social-network-analysis/ Netvizz is a cool tool which can export your Facebook data in a format which makes it easier to visualize or do a network analysis offline. There are other apps available on the Facebook platform which perform this using predefined bounds within the app itself but what I like about Netvizz is that it allows you to extract this information and play with it using any tool you are comfortable with like R, Gephi etc. This sort of visualization is a core of Social network analysis systems. I spent some time to play around with my Facebook network information over the weekend. I extracted out my network using Netvizz. It gives a GDF file with all the necessary information and can be imported into Gephi directly. The idea was to see how much the Facebook visualization of my friend network compares with my real life network. I do understand that the online world and the offline world social networks differ but on a massive system like Facebook my guess was that it should mirror my real life network much more realistically. I built the network and used the community detection algorithm and did a ForceAtlas2 layout. This is the network visualization I ended up with after tweaking a few things. The network diagram is both surprising and a bit scary. Tue, 08 Oct 2013 00:00:00 UTC https://pradeepl.com/blog/graphing-my-facebook-network-social-network-analysis/ https://pradeepl.com/blog/porters-five-forces-in-advertising-and-marketing-industry/ Sun, 11 Aug 2013 00:00:00 UTC https://pradeepl.com/blog/porters-five-forces-in-advertising-and-marketing-industry/ https://pradeepl.com/blog/walmart-globalization-strategy/ http://www.slideshare.net/pradeep_loganathan/globalization-strategy-walmart Sat, 09 Mar 2013 00:00:00 UTC https://pradeepl.com/blog/walmart-globalization-strategy/ https://pradeepl.com/blog/strategy-execution/ Strategy helps an organization position itself uniquely in order to create value and exploit the unfolding opportunities , hedge against threats, leverage strengths and remove weaknesses. Strategy execution has two components namely the action planning to operationalize the core strategy and its physical implementation. Strategy execution is one integrated in which action planning and physical implementation are integrated in real time basis. High quality execution presupposes high quality action planning , assigning the right people for the right jobs, adequate follow through and robust MIS and review processes. Strategy execution involves the optimal balancing of seven key variables namely Strategy, Structure, Systems , Staff, Skills, Style and Shared values. Strategy execution is the key role of the business leader. This execution is a discipline and must be learned specifically. The primary areas are Mon, 11 Feb 2013 00:00:00 UTC https://pradeepl.com/blog/strategy-execution/ https://pradeepl.com/blog/concept-of-strategy-and-strategy-process/ In the new business environment customers are not just demanding but they also have infinite options. Competition is not just intensifying but there are new sources of competition. Resources too are not just limited but they are fluid and move fast. Investors are impatient and look at above average returns consistently and constantly. Huge opportunities coexist with massive risks. An organization must think and act differently and smartly to face the new environmental context. Strategy derived through the strategy process is what makes the organization stand apart from ”also rans” and perform differently. Wed, 30 Jan 2013 00:00:00 UTC https://pradeepl.com/blog/concept-of-strategy-and-strategy-process/ https://pradeepl.com/blog/agentic-ai/plan/ Agentic AI with Akka (Java): A 16‑Part Blog Series & Book Plan Goal: Author a cohesive blog series that can be compiled into a book. The series teaches readers to design, implement, and operate production‑grade agentic systems using Akka (Java), with optional Python stubs where helpful. Each post includes runnable code, diagrams, and a clear learning objective. Table of Contents Part 1 — Foundations of AI Agents Mon, 01 Jan 0001 00:00:00 UTC https://pradeepl.com/blog/agentic-ai/plan/ https://pradeepl.com/blog/greenplum/introduction-to-in-database-machine-learning-greenplum-madlib-pgvector/introduction/ Introduction The Business Challenge: Traditional loan approval processes are slow, error-prone, and rely on outdated data. Manual reviews and data silos create bottlenecks and hinder decision-making. Businesses need a way to quickly analyze vast amounts of loan data and make accurate predictions in real-time. The In-Database ML Solution: In-database machine learning (ML) with Greenplum leverages the power of your existing data warehouse to build and deploy ML models. This eliminates the need to move data out of the database, resulting in faster model training and scoring. Greenplum’s MPP architecture enables parallel processing, accelerating ML tasks and providing real-time insights. Why Greenplum for In-Database Machine Learning? Mon, 01 Jan 0001 00:00:00 UTC https://pradeepl.com/blog/greenplum/introduction-to-in-database-machine-learning-greenplum-madlib-pgvector/introduction/ https://pradeepl.com/blog/greenplum/introduction-to-in-database-machine-learning-greenplum-madlib-pgvector/untitled-1/ Blog Post Series: Building a Logistic Regression Model with Greenplum, MADlib, and pgvector Part 1: Introduction to In-Database Machine Learning with Greenplum, MADlib, and pgvector Title: “Introduction to In-Database Machine Learning with Greenplum, MADlib, and pgvector” Summary: Explore the benefits of in-database machine learning with Greenplum. Learn about Greenplum, MADlib, and pgvector, and understand why in-database machine learning is a game-changer. Sections: Introduction Overview of in-database machine learning Benefits of in-database machine learning Key Technologies Mon, 01 Jan 0001 00:00:00 UTC https://pradeepl.com/blog/greenplum/introduction-to-in-database-machine-learning-greenplum-madlib-pgvector/untitled-1/ https://pradeepl.com/blog/understanding-agentic-ai/ Mon, 01 Jan 0001 00:00:00 UTC https://pradeepl.com/blog/understanding-agentic-ai/