Cloud Architecture on Chris Reddington

Chaos Engineering for Cloud native Apps

Thu, 03 Nov 2022 00:00:00 +0000

Chaos engineering is the discipline of proactively experimenting on distributed systems to build confidence in their ability to withstand production failures. In this episode, Chris is joined by Ashish Balgath (Cloud Solution Architect at Thoughtworks) to explore why resilience testing requires a fundamentally different mindset to traditional unit testing.

Ashish explains how chaos engineering can be thought of as a fire drill for software: practising failure scenarios in a controlled environment so that teams build the muscle memory they need to respond quickly when real incidents occur. The conversation covers key prerequisites — mature observability, health checks, and structured logging — and explains why these must be in place before introducing chaos experiments safely.

Beyond Monitoring: The Rise of Observability Platform

Tue, 18 Oct 2022 19:00:00 +0000

Monitoring tells you that something is broken. Observability tells you why. In this episode Chris sits down with Samir Pradka, Enterprise Architect and Distinguished Expert in Modern Applications at Artos, to trace the evolution from primitive task-manager debugging through APM dashboards to today’s full-stack observability platforms.

Key topics covered in this episode:

Monitoring vs. observability — why APM tooling falls short for distributed, cloud-native systems at enterprise scale
The three pillars — ingesting and correlating logs, metrics, and traces into a unified observability data lake
AIOps integration — adding machine learning to detect anomalies, predict failures, and generate actionable insights before users are impacted
Self-healing infrastructure — using Infrastructure as Code tools such as Ansible and Azure Resource Manager (ARM) to drive automated remediation when thresholds are breached
Hybrid and multi-cloud coverage — extending a single observability pane of glass across on-premises workloads, single-cloud, and multi-cloud deployments
Incremental adoption — starting with a proof of concept, building a sprint backlog, and maturing the platform over time rather than trying to instrument everything at once

Whether you are running a handful of microservices or a global platform comparable to the scale of Walmart or Amazon, this episode gives you a practical framework for moving beyond reactive monitoring towards a proactive, intelligent observability strategy.

Tools of a Software Architecture for Everyone!

Thu, 08 Sep 2022 19:00:00 +0000

Software architecture is not just the domain of dedicated architects — the tools, practices, and communication patterns it relies on apply to every engineer on every team. In this episode, Chris is joined by John Kilminster, a software architect and Azure MVP with a background in e-commerce and high-traffic systems, who walks through the practical toolbox he has assembled over years in the role.

John begins by clarifying what a software architect actually does — it is less a progression from senior developer and more a shift to a different type of work: setting guard rails across teams, evaluating third-party options, providing cross-team context, and taking a longer-term, more holistic view of technical direction.

Microservices have communication issues, especially when they fail

Thu, 01 Sep 2022 00:00:00 +0000

Communication between entities has been a long-lasting topic in software engineering. IPC, message brokers, and queues are only a few of the main actors in this drama. Building distributed microservices that communicate reliably — and fail gracefully — is one of the hardest engineering challenges teams face today.

In this episode, Chris is joined by Francesco, a software engineer based in Dublin building a payment gateway, to explore practical microservices communication patterns. Francesco shares lessons from handling real-world distributed transactions in production, including why naive REST-over-HTTP calls break down at scale and under failure conditions.

ToolUp Days #11

Tue, 23 Aug 2022 00:00:00 +0000

This episode marks the official rebrand from ToolUp Tuesday to ToolUp Days — giving Chris and Matt the scheduling flexibility they need to maintain a consistent cadence. After recapping progress (multiple microservices built, GitHub Actions CI/CD in place, container images published, and Infrastructure as Code deployed), the pair set a concrete goal: reach a point where two players can independently make a decision, a “tick” happens, and there is a winner and a loser.

ToolUp Tuesday - #9

Tue, 28 Jun 2022 00:00:00 +0000

In this episode, Chris and Matt return after a break to debug why their microservices work locally but fail when deployed to Azure Container Apps. They walk through restructuring their Bicep infrastructure as code to separate core shared resources (container app environment, Log Analytics, storage accounts) from per-microservice deployments — reflecting real-world team ownership patterns. The pair configure Dapr state store components backed by Azure Table Storage, troubleshoot container connectivity issues, and discuss the importance of lifecycle management for infrastructure as code in microservice architectures. They also explore using the draw.io VS Code plugin for architecture diagrams.

Things to Consider Before Migrating Old .NET Applications to Cloud

Thu, 17 Mar 2022 19:30:00 +0000

Migrating a legacy .NET application to the cloud can unlock powerful capabilities — scalability, resilience, built-in monitoring, and more. But moving to Azure without proper preparation is a recipe for costly surprises. In this episode, Jonah Andersson — Microsoft MVP for Azure and software engineer at Forefront Consulting Sweden — shares the real story of a .NET migration that turned into a hard-won lesson.

What Went Wrong (and Why)

The challenges Jonah encountered weren’t Azure problems — they were preparation problems. Key issues included:

Azure Quantum & Microsoft Q#

Thu, 03 Mar 2022 00:00:00 +0000

Quantum computing promises to solve problems that classical computers simply cannot — from breaking cryptographic barriers to modelling complex pharmaceutical interactions. But what does that mean for a software developer today?

In this session, Chris is joined by Johnny Hooybergs — .NET consultant at Involved (Belgium), conference speaker, and author of Introducing Microsoft Quantum Computing for Developers — to make quantum computing approachable for developers.

Topics covered in this session include:

CGN8 - Cloud Gaming Notes Episode 8 - Azure for Game Developers

Wed, 06 Oct 2021 00:00:00 +0000

Chris Reddington and LaBrina Loving — Developer Advocate for Gaming at Microsoft — explore what it takes to get started with game development on Azure, regardless of your background. LaBrina brings twenty years of enterprise development experience, making her perspective especially relevant for developers considering a similar path.

Key Topics Covered

LaBrina’s background: Two decades in the Microsoft stack — .NET, SharePoint, Dynamics, and Azure since its early days in 2010. Her entry into gaming came through an interest in Unity for mixed reality and VR, before moving into a dedicated game developer advocacy role.
Cloud adoption in game studios: Game studios are at a similar inflection point to where enterprise organisations were several years ago — beginning to understand the power of cloud, moving workloads off dedicated servers, and realising the benefits of managed, scalable infrastructure.
Enterprise skills transfer directly: Software fundamentals — clean architecture, scalable design, testing, and DevOps practices — carry over to game development. There is more in common between the two disciplines than most developers expect.
Key technical differences: Latency is paramount. Where enterprise applications rely on TCP connections, game networking commonly uses UDP and socket-based communication for real-time, low-latency responsiveness. Recognising this early avoids painful rewrites.
Getting started with Unity: For .NET developers, Unity provides a natural on-ramp to game development, sharing the C# language and familiar tooling.
Accessibility of the cloud for games: Azure’s managed services remove much of the infrastructure complexity for independent studios and game developers, letting teams focus on gameplay rather than operations.

V040 - Weekly Technology Vlog #40

Sun, 03 Oct 2021 09:30:00 +0000

Chris is joined by Johnny, a .NET developer and architect from Belgium, and Simon, a new Azure support engineer at Intercept, for a Sea of Thieves gaming session filled with cloud conversations. Johnny shares the story behind his upcoming Apress book on Azure Quantum and Q#, from attending a conference talk on quantum computing in 2017 to writing a developer-focused guide that demystifies the subject.

Simon discusses passing AZ-900 in his first month at his new role and outlines his certification roadmap through AZ-104, AZ-500, and AZ-700. Chris recaps a busy week of community speaking including .NET Nots, Azure Thames Valley lightning talks, and his first in-person session in 18 months at the Welsh Azure User Group on Azure Arc for applications. The episode closes with Chris openly discussing the importance of monitoring energy levels and mental health as a content creator, and previewing upcoming talks at South Coast Summit and Azure Community Conference on deploying static websites.

V038 / V039 - Weekly Technology Vlog #38 and #39

Sun, 26 Sep 2021 09:30:00 +0000

A bumper double episode covering two weeks of cloud updates after Chris returns from vacation. On the Azure side, highlights include AKS scale down modes for faster node scaling, custom policy definitions for AKS clusters, Cosmos DB Azure Functions extension v4 with managed identity support, Azure Functions runtime 4.0 with .NET 6, and SQL Managed Instance arriving in the Terraform registry.

The Azure DevOps blog roundup features programming for accessibility with Rory Preddy, leveling up with Bicep alongside April Edwards and John Downs, Azure DevOps audit streaming, and secretless application patterns using managed identities. GitHub updates include CLI 2.0, Advanced Security secret scanning REST API, audit log streaming in public beta, advisory database support for Rust, and new npm access token formats. Chris also previews upcoming community talks on Azure Arc for applications, static web app deployments, and the Cloud Adoption Framework.

V037 - Weekly Technology Vlog #37 (GitHub Issues Beta Special!)

Sun, 12 Sep 2021 09:30:00 +0000

Chris delivers a deep dive into the new GitHub Issues beta, demonstrating project board views, table layouts, YAML-driven issue forms, and the ability to convert checklist items into trackable sub-issues. The walkthrough shows how Chris manages the Cloud with Chris content pipeline using these new project management features.

The episode also covers key Azure announcements including on-demand capacity reservations for guaranteed VM availability, zone redundant storage for Azure disks reaching GA, Azure Firewall regional expansion and premium SKU updates, and VMSS flexible orchestration mode entering preview. On the DevOps side, Chris highlights shifting left with GitHub Actions and Azure Security Center for DevSecOps workflows, plus GitHub Enterprise Server 3.2 bringing dark mode and advanced security capabilities.

Tales from the Real World - Architecting the Transformation

Fri, 10 Sep 2021 00:00:00 +0000

Most organizations undergoing digital transformation are progressing through maturity stages — moving from localized, monolithic setups toward agile, cloud-native, data-driven platforms. But what is the architect’s role in guiding that journey, and how do you build a framework that is practical rather than theoretical?

In this session, Asanka Abesinghe returns to discuss his experience architecting enterprise transformations, covering:

Six design principles for digitally-driven organizations: decentralized, lean-agile, open standards, outside-in (customer-centric), cloud-native, and data-driven
The architecture value stream — how business architecture, information architecture, application architecture, and technology architecture each contribute to business outcomes
Maturity models as a GPS — assessing where you are, setting a destination, and re-routing when the journey deviates
The architect as elevator rider — connecting the business penthouse with the engineering engine room, requiring both broad strategic thinking and hands-on technical depth
BizArch — the case for a business architect role that bridges domain knowledge and technical execution, and why handoffs between business analysts and technical architects so often fail

Asanka also shares references to his open-source maturity model specification (released under Creative Commons) and his Architect to Architect blog series for those looking to go deeper.

Migrating to the Cloud

Wed, 08 Sep 2021 00:00:00 +0000

In this episode Chris is joined by Suzanne Tedrick — Azure Infrastructure Specialist at Microsoft and award-winning author of Women of Color in Tech — to unpack what it really takes to migrate applications and workloads to the cloud successfully.

Key topics covered in this episode:

Why migrations fail — the 2020 Cloud Security Alliance finding that 90% of respondents experienced a failed migration, and why most root causes come back to people and process rather than technology
The Cloud Adoption Framework — Microsoft’s holistic guidance covering not just technical steps but the business strategy, organisational readiness, and cultural changes required for a sustainable migration
Assess before you move — understanding your current application portfolio, identifying which workloads to rehost, refactor, rearchitect, or retire, and setting realistic timelines
Governance from day one — defining who has access to what, managing cost controls, enforcing policy, and avoiding the chaos of ungoverned multi-cloud sprawl
Stakeholder alignment — bringing together infrastructure teams, application owners, business stakeholders, and support partners to act as a coordinated migration symphony rather than isolated silos
Incremental progress — using the Cloud Adoption Framework as a guide, not a checklist; taking measured steps forward rather than trying to migrate everything at once
Diversity and inclusion in tech — Suzanne shares insights from her book Women of Color in Tech, exploring how diverse teams build better, more equitable technology products

Resources mentioned: Microsoft Cloud Adoption Framework, Microsoft Learn, and Microsoft Assessments.

V036 - Talking cloud and playing Among Us with the community

Sun, 05 Sep 2021 09:30:00 +0000

Chris and community guests Dean, John, Matt, and Simon play Among Us while discussing the latest in cloud technology. The conversation covers Azure Spring Cloud Enterprise entering preview, a wave of Azure deprecation notices including Node 6/10, PowerShell 6, and Azure AD Graph retirement, plus notable updates like AKS custom policy definitions and App Service availability zone support going GA.

The group also dives into the Docker Desktop pricing changes affecting enterprise usage, private link now supporting NSGs and UDRs, and shares tips on multi-platform streaming with OBS and Restream. Between rounds of imposter hunting, the community discusses meetup organizing, the challenges of building online audiences, and the value of learning in the open.

Tales from the Real World - Leveraging Azure as a Telco provider

Fri, 03 Sep 2021 00:00:00 +0000

In this Tales from the Real World episode, Chris is joined by Ivo — a cloud evangelist who has led digital transformation at one of Belgium’s largest telco providers — for a fascinating look at how an industry most people never think about as a cloud consumer is rapidly becoming one of cloud’s most interesting use cases.

What’s covered

Telco fundamentals — how traditional telephony works, and why the shift from voice to data changes everything for telco business models
Cloud adoption drivers — the economics of scale, competitive pressure from streaming platforms, and the need to move from subscription revenue to value-added services
5G and IoT — how connectivity evolves from calling and messaging into smart devices, autonomous vehicles, smart cities, and hospitals
Azure Arc and edge computing — managing deployments from cloud to edge consistently, and why this matters for telcos owning physical network infrastructure
AI and machine learning — how telcos can leverage the data flowing through their networks to create new capabilities and services
Security and compliance — the trust challenges unique to the telco industry (data traversing their lines, regulatory requirements), and how cloud can help address them
Transformation challenges — the cultural and organisational struggle of modernising while keeping existing revenue streams alive; the mindset shift required at all levels
Business model evolution — connectivity → security → applications → manageability → services: the layered value stack Ivo recommends for telcos building on Azure

CGN7 - Cloud Gaming Notes Episode 7 - Game Streaming and Cloud-Powered Gaming

Wed, 01 Sep 2021 00:00:00 +0000

Chris Reddington and Lee Williams discuss game streaming — not live-streaming gameplay to an audience, but the technology that streams a game to your device from cloud-hosted infrastructure. This episode of Cloud Gaming Notes explores why cloud makes this possible and what it means for both players and game creators.

Key Topics Covered

What game streaming actually is: The game runs on remote cloud infrastructure; only the video stream is sent to your device, with your inputs sent back in real time. Low latency is critical to a playable experience.
Why cloud enables this: Economies of scale mean providers can amortise the cost of high-end GPU infrastructure across thousands of players, offering access via a subscription rather than requiring expensive local hardware.
Consumer behaviour shift: Just as audiences moved from DVD libraries to Netflix and Spotify, gamers are increasingly comfortable with subscription-based access to game catalogues — Xbox Game Pass and Google Stadia as leading examples.
Multi-device freedom: Players can switch between PC, phone, tablet, and TV without hardware lock-in — the game experience follows the user, not the device.
Games as living services: For game creators, streaming shifts the model from a one-time retail release to a continuously updated, platform-style service with DLC, in-game economies, and ongoing subscriptions (Minecraft and GTA Online as prime examples).
Development economics: Building for a streaming platform reduces per-platform porting costs and enables constant iteration, removing the need for major new release cycles to reach players on different devices.

V034 - Sailing the Sea of Thieves while talking Cloud

Sun, 22 Aug 2021 09:30:00 +0000

A community gaming session where Chris, Simon, James, and John play Sea of Thieves while discussing cloud technology updates and career journeys.

Azure Blog Highlights

Azure Government Top Secret GA — New classification level for U.S. national security missions.
Innovating securely with Azure — Microsoft’s positioning as the only cloud platform built by a security vendor, covering Azure Sentinel, Microsoft 365 Defender, and Azure Defender.
ASP.NET app migration with Azure Migrate — Enhanced tooling for discovering and migrating IIS-based and ASP.NET apps to Azure App Service.
Forrester Wave leader for streaming analytics — Recognition for Azure Stream Analytics and the broader analytics story.
Genomics on the ISS — Azure Functions, Blob Storage, and Power BI supporting genomics testing on the International Space Station with HP Spaceborne Computer 2.

Azure Updates

An extensive set of updates including Azure Database for PostgreSQL Hyperscale Citus reaching GA across multiple features, CSI storage driver support on AKS, Static Web Apps private endpoints preview, private DNS for private AKS clusters, Azure Cosmos DB continuous backup GA, and numerous VM series retirements scheduled through 2022-2024.

43 - A Decentralized Reference Architecture for Cloud-native Applications

Fri, 20 Aug 2021 03:30:00 +0000

Asanka Abeysinghe from WSO2 joins Chris Reddington to introduce the cell-based architecture — a decentralised, API-centric reference architecture for cloud-native applications, intentionally designed to be vendor and technology neutral.

Key Topics Covered

Why a new reference architecture? Most published reference architectures are really reference implementations tied to specific vendors or products. The cell-based model aims to be genuinely technology-agnostic and reusable across organisations.
Microservices governance challenges: As the number of microservices grows, coordinating them becomes complex. Without clear domain boundaries, teams accumulate technical debt and federated governance becomes unmanageable.
Domain-Driven Design (DDD): Scoping microservices by business domain — not arbitrary size — is the foundation. A cell groups related microservices under a single, well-defined boundary aligned to a business capability.
Cell-based architecture: A cell is an independently deployable unit that exposes a well-defined API surface outward while managing its own internal microservices privately. Analogous to biological cells — self-contained, composable, and independently scalable.
API management and identity: API management, integration middleware, and identity & access management (IAM) are the glue between cells — WSO2 provides these as open-source components.
Aligning architecture, development, and DevOps: The three disciplines have historically operated in silos. The cell-based model provides a common unit of work that spans all three, enabling the iterative architecture approach teams need to keep up with evolving systems.
Organisational alignment: Cells map naturally to autonomous two-pizza teams structured around business domains, making the architecture a reflection of real team ownership and accountability.

V032 - Talking cloud and playing Among Us with the community

Sun, 08 Aug 2021 00:00:00 +0000

Chris hosts a community Among Us gaming stream with around twelve cloud professionals including Azure SMEs, cloud solution architects, developer relations leads, and community organizers. Between rounds, the group dives into substantive tech discussions covering several topics.

The Kubernetes debate takes center stage, sparked by Ben’s viral blog post about not using Kubernetes in production. The group explores when container orchestration adds unnecessary complexity, the trade-offs of serverless alternatives, and how Kubernetes has become a career-driven technology choice rather than always the right architectural fit.

Tales from the Real World - Azure AD B2C: A real silver bullet

Fri, 06 Aug 2021 00:00:00 +0000

When COVID-19 forced the vOpen.Tech conference to pivot from a physical event to a fully virtual one, the organising team had fewer than two weeks to build a production-ready registration and identity system — with minimal budget. In this episode, Chris is joined by Facundo La Rocca (Faku), a .NET developer and conference organiser from Buenos Aires, Argentina, who shares how Azure AD B2C became the silver bullet that made it possible.

How to be successful with monitoring in Azure

Wed, 04 Aug 2021 00:00:00 +0000

Monitoring is often the last thing teams think about — and one of the most expensive things to get wrong. In this episode, Chris is joined by Vanessa Bruwer, Senior Engineer on Microsoft’s FastTrack for Azure team, who has spent over 20 years helping organisations build structured observability strategies. Vanessa explains how the FastTrack team runs focused monitoring assessments that take customers from zero to a fully configured Azure Monitor setup — teaching them to fish rather than fishing for them.

Tales from the Real World – Helping veterans transition into IT and Learn Azure

Fri, 30 Jul 2021 18:30:00 +0000

In this Tales from the Real World episode, Chris talks with Dr. Keith McNally — a Marine Corps veteran turned college professor — about the Microsoft Software and Systems Academy (MSSA), a programme that has helped hundreds of transitioning military members gain Azure cloud skills and find employment in the IT industry.

What’s covered

The programme — how Microsoft and Embry-Riddle Aeronautical University partnered to address 500,000 unfilled IT jobs in the US annually, running cohorts across 13–14 military bases from Virginia to Hawaii
Who it serves — why military veterans face a unique and stressful transition cliff when leaving a highly structured environment for the civilian workforce
Project-based learning (PBL) — how cohorts build real Azure solutions (including IoT Hub projects with robots and sensors) rather than studying in the abstract
Teaching people to think — the hardest shift for many veterans: moving from following a manual to reasoning about what-if scenarios, making recommendations, and briefing management
Soft skills — resume writing, LinkedIn networking, communicating technical knowledge, presenting to senior stakeholders; skills civilians take for granted
Azure curriculum — Windows Server, Azure cloud foundations, and hands-on IoT/cloud projects that produce a tangible portfolio
Learning lessons for everyone — the classroom as a safe space to fail, the importance of being open-minded, and why transitioning careers (military background or not) requires the same mindset shift

A deeply human episode about technology, learning, community, and making career change achievable for those who’ve served.

V030 - Sailing the Sea of Thieves while talking Cloud

Sun, 25 Jul 2021 00:00:00 +0000

Chris and Simon team up for a Sea of Thieves gaming session while diving into the week’s cloud news and community updates. The episode covers Azure Firewall Premium and its next-gen capabilities including TLS inspection, IDPS, URL filtering, and web category filtering — along with the pricing differences compared to Firewall Standard. Chris also discusses how 5G and cloud computing intersect for IoT and edge device scenarios.

On the community side, the episode highlights a Cloud With Chris session on using GitHub Actions to build and deploy static websites, plus a conversation with JJ Asghar about lessons learned from cultivating open source projects and communities. Simon shares his progress studying for the AZ-900 certification using Pluralsight and Whizlabs practice exams, touching on how community involvement and osmosis learning contribute to cloud knowledge.

V029 - Sailing the Sea of Thieves while talking Cloud

Sun, 18 Jul 2021 00:00:00 +0000

In this combined gaming and tech update session, Chris is joined by community members James Cook, Simon, and Dean for a Sea of Thieves adventure while weaving in weekly cloud news and updates.

Azure Blogs

Chris covers three Azure blog posts focused on optimizing cloud spend with cost management tools (Azure Advisor, pricing calculator, and consistent dollar-based pricing across regions), a recap of July cost management updates including App Service Environment v3 savings and new free services, and the growing importance of sustainability and carbon footprint reduction through cloud adoption.

IoT Simulation, Azure IoT and real world learnings

Fri, 16 Jul 2021 15:30:00 +0000

The Internet of Things (IoT) has evolved from a collection of smart gadgets into a powerful ecosystem where physical devices connect to cloud services to deliver real business value. In this episode, Peter Gallagher — Microsoft Azure MVP, Pluralsight Author, and organiser of multiple .NET and IoT meetup groups — shares his experience building and learning in the IoT space.

Key topics covered include:

Azure IoT Hub and Azure IoT Edge — connecting, managing, and processing data from devices at the edge and in the cloud
Digital Twins — representing real-world assets as cloud-based models to enable monitoring, simulation, and analytics
IoT simulators — practical tools for prototyping without physical hardware, with analogies to flight simulators and Formula One telemetry
Raspberry Pi and maker culture — getting hands-on with IoT devices as a gateway into the broader ecosystem
Community and content creation — Peter’s journey from lone .NET developer to meetup organiser, Pluralsight author, and co-host of the IoT Live Twitch show

Peter also highlights the breadth of languages IoT development touches — from C# and .NET to Node.js, VB, and Assembler — reinforcing that IoT is a diverse and ever-evolving space. Whether you are a seasoned cloud architect or a curious maker with a Raspberry Pi, this episode delivers practical guidance and genuine enthusiasm for what is possible when smart devices meet cloud power.

V028 - Weekly Technology Vlog #28

Sun, 11 Jul 2021 00:00:00 +0000

Chris returns from a week off with a packed set of Azure, Azure DevOps, and GitHub updates, plus a Cloud With Chris content roundup.

Azure Blog Updates

Genomic Data Analysis with Azure CycleCloud — Using CycleCloud for high-performance compute in healthcare and genomics research.
Resilience Threat Modeling for Distributed Systems — A deep dive into building a culture of risk management, covering premortems, failure mode analysis, postmortems, and evolving threat models as living documents rather than static artifacts.
Privileged Identity Management with Azure Lighthouse — Preview of Azure AD PIM integration with Azure Lighthouse for just-in-time, time-bound access control across multi-tenant environments, reinforcing zero trust principles.
Azure Well-Architected Framework — Reliability — Updates to the WAF reliability pillar, emphasizing shared responsibility in cloud, availability zones, multi-region deployments, and the free self-assessment tool.
Apache Spark 3.0 Connector for SQL Server GA — The Spark connector for SQL Server and Azure SQL based on Data Source v1 API is now generally available.

Azure Updates

VM Bursting GA — Virtual machine bursting now generally available on DSv4, ESv4, FSv2, B-series and more, enabled by default at no additional cost.
Cognitive Services Form Recognizer Containers — Container support now in public preview for running Form Recognizer close to data sources.
IoT Hub IP Address Change — Infrastructure update changing underlying DNS records; best practice is to avoid IP address dependencies.
OWASP ModSecurity CRS 3.2 for WAF — Core Rule Set 3.2 now in public preview for Azure Web Application Firewall on Application Gateway.
Azure Communication Services Direct Routing — Public preview enabling Teams integration with telephony infrastructure for end-to-end customer communication scenarios.
App Service Environment v3 — Major update removing the stamp fee, simplifying deployment, and adjusting pricing for the single-tenant App Service model.
Key Vault Secret References with User-Assigned Managed Identity — App Service and Azure Functions can now use user-assigned managed identities for Key Vault references, eliminating secrets in code.
Azure Bastion Standard SKU Preview — New SKU supporting manual scaling (2–50 instances), IP-based connections, and cross-network connectivity.
Blob Storage Container Soft Delete GA — Container-level soft delete is now generally available.

Azure DevOps Updates

Azure Fun Bites episode on Microsoft Power Apps and the Power Platform for citizen developers.
Community stories on .NET 6 deployments, C# Azure Functions with multi-stage pipelines, on-premises performance testing, deploying to Azure Container Instances, Windows 10 Enterprise multi-session with Terraform and Packer, and adding accessibility to development processes.

GitHub Updates

GitHub Availability Report for June — No downtime incidents reported for core services.
Cross-Cluster Associations in Rails 7 — Engineering post on GitHub’s Rails monolith architecture with 15 database primaries and replicas, functional partitioning, and horizontal sharding considerations.

Cloud With Chris Roundup

Weekly Vlog 27 featured GitHub Copilot exploration.
Blog post introducing the Cloud Native Computing Foundation (CNCF) — first in a series covering individual CNCF projects.
Episode on diversity and inclusion with Melissa, discussing neurodiversity, mental health, and building diverse teams to avoid groupthink.
Cloud Gaming Notes with Lee Williams on esports, streaming, and cloud-enabled gaming.
Episode with Steph Martin on polyglot persistence — choosing the right data stores (SQL, Blob Storage, Azure Search, Time Series Insights) for different scenarios.
Upcoming: Pete Gallagher on IoT simulation with Azurio and real-world learnings.

42 - How to choose the 'Right' Datastore for your scenario

Fri, 09 Jul 2021 00:00:00 +0000

With so many data store options in Azure — relational SQL, NoSQL, document databases, blob storage, key-value stores, and more — how do you choose the right one for your workload? In this episode, Chris Reddington is joined by Steph Martin to explore the concept of polyglot persistence and the trade-offs between data store types. From Azure SQL and Cosmos DB to blob storage and microservices data patterns, they discuss how workload requirements, access patterns, RTO/RPO targets, and application architecture should guide your data platform decisions. A practical guide for architects and developers navigating the modern data landscape on Azure.

CGN6 - Cloud Gaming Notes Episode 6 - Gaming as Entertainment - Esports and Streaming

Wed, 07 Jul 2021 00:00:00 +0000

Game streaming and esports have transformed gaming from a private pastime into a global spectator sport, with cloud infrastructure at the heart of that transformation. In this Cloud Gaming Notes episode, Chris is joined by Lee Williams to explore how platforms like Twitch and YouTube Gaming have built entire business ecosystems around low-latency live content delivery.

The conversation examines the business models that allow individual streamers to earn a living — from subscriptions and donations to sponsorship and ad revenue — and reflects on how this mirrors the broader shift towards live, social content across platforms like Instagram Live, Facebook Live, and Periscope. A core theme running through the episode is community: how the social bonds formed around shared gaming experiences are what keep audiences engaged and platforms sticky.

41 - DevOps on Azure

Fri, 02 Jul 2021 00:00:00 +0000

In this episode, Chris is joined by Mert Yeter — software architect, Azure MVP, and Traefik Ambassador — for a live-demo-driven tour of the key DevOps building blocks on Azure.

Key topics covered:

Azure DevOps Starter: Spinning up a complete CI/CD pipeline for a containerized .NET application in minutes — including a Git repository, build pipeline, release pipeline, and Azure Container Registry — without writing YAML from scratch
Azure Container Registry (ACR): Storing and managing container images within the Azure ecosystem
Azure Container Instances (ACI) and Azure Kubernetes Service (AKS): Deploying containers at different scales, from quick single-container workloads to fully orchestrated production clusters
Traefik: A cloud-native reverse proxy and load balancer that integrates natively with Kubernetes, featuring dynamic service discovery, pluggable middleware, and a built-in dashboard for monitoring cluster ingresses and service health
Traefik Pilot and Traefik Mesh: An introduction to the broader Traefik ecosystem, including service mesh capabilities and the difference from sidecar-based approaches

Mert also highlights the value of the open-source community around projects like Traefik and encourages viewers to explore contributing via GitHub. If you want to see how quickly you can go from zero to a production-ready containerized deployment pipeline on Azure, this session is a great starting point.

V026 - Sailing the Sea of Thieves while talking Cloud

Sun, 27 Jun 2021 00:00:00 +0000

Chris kicks off a new biweekly format combining tech updates with community gaming sessions, joined by Cloud Family members James Cook (Cloud & DevOps Advocate), Mert Ata (Software Architect & Azure MVP), and Dean Ellerby (Get Modern channel).

Azure Blog Updates

Azure FX Series VMs — New high-performance compute virtual machine SKUs with benchmark details for HPC workloads.
NFS 3.0 for Azure Blob Storage — NFS 3.0 protocol support is now generally available for Blob Storage.
JBoss on Azure App Service — Red Hat JBoss EAP is now GA on Azure App Service, available as a runtime stack selection.
ISC 2021 HPC Innovations — Microsoft presenting at the ISC 2021 conference on high-performance compute advances.
Cloud Adoption Framework for Retail — New retail-specific guidance for cloud adoption and migration planning.
Azure VM Image Builder GA — Managed service for building VM images (similar to HashiCorp Packer) is now generally available.

Azure DevOps Updates

Azure Fun Bytes episode on Azure Data Factory security.
Jay Gordon on creating a personal blog with Gatsby and Azure Static Web Apps.
Community stories covering dark/light themes in Azure DevOps, GitHub Actions with Bicep, Azure Key Vault secrets in variable groups, and more.

GitHub Updates

GitHub Packages Container Registry GA — Container registry is now generally available.
Open Graph Image Framework — Engineering post on how GitHub builds and renders repository preview images.
New GitHub Issues Beta — Introduction to the redesigned GitHub Issues experience with project planning features.
GitHub Security Bug Bounty — 7 Years — Retrospective on the bug bounty program with 2020 highlights.

Cloud With Chris Roundup

Introduction to Azure API Management blog post covering core concepts for API consumers and producers.
Session with Aaron Davies on Agile coaching and the agile mindset.
Upcoming: Annie Talvasto on top CNCF projects, Mert Ata on DevOps and container technologies with Traefik, and a live event with The Latte Bar on Azure fundamentals.

Sea of Thieves & Cloud Gaming

The crew sails a galleon, completing treasure vault quests and battling skeleton ships while discussing cloud gaming infrastructure. Topics include how Sea of Thieves leverages Azure cloud servers for real-time multiplayer coordination, world events, inventory management, and continuous deployment — a real-world example of DevOps principles applied to game development.

39 - A discussion with John Lunn

Fri, 18 Jun 2021 00:00:00 +0000

Chris sits down with John Lunn (aka jonnychipz) — technical architect at BT Enterprise, co-organiser of the Welsh Azure User Group, and creator of johnnychips.com. John shares his journey from M365 and unified comms into Azure cloud architecture, what sparked his commitment to the #100DaysOfCloud challenge, and his practical advice on navigating certifications, managing the overwhelming breadth of the cloud ecosystem, and why getting involved in the community is one of the fastest ways to grow. Whether you’re just starting out with Azure or thinking about launching a blog or YouTube channel, there’s plenty to take away here.

Azure & VMWare - A Discussion with Shannon Kuehn

Wed, 16 Jun 2021 00:00:00 +0000

Chris is joined by Shannon Kuehn, a Senior Cloud Advocate at Microsoft, for an accessible deep dive into Azure VMware Solution (AVS) — the dedicated VMware platform hosted within Azure datacentres.

What’s covered:

What Azure VMware Solution is: dedicated bare metal nodes running vSphere, ESXi, vCenter, vSAN, and NSX-T inside Azure
Why organisations on VMware on-premises choose AVS over re-platforming — meeting infrastructure teams where they are
The AVS architecture: dedicated address space (/22 CIDR), ExpressRoute circuit, and peering into an Azure VNet to unlock integrations
Networking prerequisites: ExpressRoute Global Reach, BGP routing, and site-to-site VPN as an alternative during setup
HCX (Hybrid Cloud Extension): site pairings, tunnels, and live vMotion for zero-downtime VM migration from on-premises to Azure
HCX Advanced (3 site pairings) vs. HCX Enterprise (up to 10 site pairings) licensing
Azure integrations unlocked by AVS: Azure Security Center, Azure Active Directory, Application Gateway, API Management, and PaaS services via VNet injection
Infrastructure as Code with Bicep and ARM templates for AVS deployments
Pricing, regional availability, the AV36 SKU, and the capacity-management subscription whitelisting process
How Azure ExpressRoute Global Reach pricing reductions are improving the economics of migration

Ideal for infrastructure engineers, cloud architects, and VMware administrators exploring modernisation paths to Azure without a forklift migration.

V024 - Weekly Technology Vlog #24

Mon, 14 Jun 2021 00:00:00 +0000

Vlog #24 came to you on a Monday morning — a sunny weekend meant Sunday’s scheduled recording was skipped in favour of family celebrations. Same great content, one day later.

Azure News

Azure Virtual Desktop (the newly rebranded Windows Virtual Desktop) continued to generate buzz, with Azure Active Directory support, multi-session Windows 10 Enterprise VM management, and expanded enterprise scenarios all now available.

The Azure API for FHIR update highlighted compliance deadlines relevant to healthcare organisations using the CMS Patient Access and Provider Directory APIs.

38 - Hands-on with The Geode Pattern (Build globally distributed applications!)

Fri, 11 Jun 2021 00:00:00 +0000

Building on the theoretical foundation from episode 11, this hands-on session with Will Eastbury demonstrates what it actually takes to deploy and operate a Geode pattern implementation on Azure.

Will walks through a distributed OData service running across three Azure regions — US West, Australia Southeast, and UK West — showing how Azure Front Door acts as the single intelligent entry point that routes users to their nearest geode. Azure Cosmos DB serves as the multi-region data backplane, making every geode identical and capable of servicing any tenant.

Hybrid Cloud Update and Life as a Cloud Advocate

Thu, 10 Jun 2021 00:00:00 +0000

Chris Reddington is joined by Sarah Lean (Techielass), Senior Cloud Advocate at Microsoft, for a wide-ranging session covering two distinct topics.

Azure Arc & Hybrid Cloud

The first half focuses on Azure Arc — Microsoft’s solution for extending Azure management capabilities beyond the public cloud. Sarah explains how Azure Arc acts as a unified management plane for on-premises servers, Kubernetes clusters, data services, and (more recently) application services, regardless of whether they live in your own datacentre, AWS, or Google Cloud. Key capabilities discussed include:

V023 - Weekly Technology Vlog #23

Sun, 06 Jun 2021 00:00:00 +0000

In weekly vlog #23, Chris covers a packed week of Azure, Azure DevOps, and GitHub news alongside a series of Cloud with Chris episode recaps.

Azure News

Azure Virtual Desktop (formerly Windows Virtual Desktop) received a full rebrand and platform update, adding Azure Active Directory support, multi-session Windows 10 Enterprise VM management, and quick-start application scenarios — a timely evolution for a service that kept organisations productive throughout the pandemic.

CGN5 - Cloud Gaming Notes Episode 5 - Building a game remotely

Wed, 02 Jun 2021 00:00:00 +0000

The COVID-19 pandemic forced game studios worldwide to rethink how large, cross-disciplinary teams — developers, artists, designers, sound engineers — collaborate remotely on titles with enormous file sizes and tight release schedules.

In this episode of Cloud Gaming Notes, Chris is joined by Lee Williams to explore how the gaming industry adapted, and what cloud tools and technologies made it possible.

Key topics covered:

Why remote game creation is uniquely challenging: massive asset files, real-time creative iteration, and the need to review work collaboratively across disciplines
How cloud-hosted design environments allow teams to build and iterate on assets directly in the cloud, without downloading and re-uploading huge files locally
How GitHub and Azure DevOps support source control workflows, CI/CD pipelines, and build automation across game development teams
The role of Azure services in supporting multiplayer backends and live game streaming infrastructure
How collaboration tools like Microsoft Teams have quietly become part of the game development workflow
The emergence of gaming and game streaming as a cloud-native entertainment industry, and the latency requirements that underpin it

This episode offers a fascinating lens on remote collaboration challenges that apply far beyond gaming — and how cloud technology is enabling complex, distributed creative work at scale.

Tales from the real world with Matt Bradley

Fri, 28 May 2021 00:00:00 +0000

Chris is joined by Matt Bradley, who helped establish the Public Cloud division at UKFast — one of the UK’s leading managed hosting providers — and shares four years of hands-on Azure experience: from first-generation migrations and consultancy to DevOps automation, Kubernetes, and hybrid cloud management.

Topics covered include:

Keeping up with Azure — the Azure Updates page, Microsoft Tech Community blog, and John Savill’s weekly infrastructure summaries as practical ways to stay current
The Azure Storage Minefield — the security and access-control pitfalls Matt uncovered and shared in his widely-attended community talk
Infrastructure as code trade-offs — ARM templates vs Terraform vs the emerging Bicep language, including why the native ARM tooling receives new Azure features first
Azure DevOps as a unified platform — consolidating fragmented “Frankenstein DevOps” pipelines (Jenkins, Jira, Bitbucket) into a single boards-repos-pipelines-artifacts workflow
Azure Arc and hybrid cloud governance — applying Azure Policy to on-premises virtual machines for consistent compliance reporting
Designing for failure — HA patterns, cattle-vs-pets thinking, and the real cost of single-instance cloud deployments that appear cheap but carry hidden risk
Compliance acceleration — how public cloud adoption simplifies ISO accreditation by providing pre-built infrastructure-level documentation
Kubernetes learning and certification — Nigel Poulton’s books, the hands-on CKA and CKAD exams, and why practical certifications better reflect real-world capability

36 - Application Insights: The Tool You Never Knew You Needed

Fri, 21 May 2021 15:30:00 +0000

Production issues, performance bottlenecks, and silent failures are every developer’s nightmare. Azure Application Insights — part of the Azure Monitor family — gives you the visibility to detect, diagnose, and resolve problems before they escalate. In this session, Chris is joined by Isaac Levins (self-described Application Insights superfan) to explore how Application Insights fits into the full DevOps lifecycle.

Topics covered in this session include:

What Application Insights is and how it sits within the broader Azure Monitor ecosystem
Instrumenting a .NET 5 application via Visual Studio in seconds, using the eShopOnWeb reference app
Codeless instrumentation for IIS-hosted apps using a PowerShell commandlet — no codebase access required
Live exception tracking and root-cause analysis for production incidents
User flow and funnel analysis to understand how customers navigate your application
Business-level custom event tracking to inform product investment decisions
How telemetry closes the DevOps loop — feeding insights back into the next development sprint

Whether you are a developer triaging exceptions, an architect evaluating observability tooling, or a product owner trying to understand real user behaviour, Application Insights delivers actionable data at every level.

Cloud Drops - Building an Event-Driven workflow with Event Grid

Sat, 15 May 2021 00:00:00 +0000

Event-driven architectures decouple producers from consumers, making them a natural fit for serverless consumption models where you pay only when work is being done. This Cloud Drop builds a real image-processing workflow step by step:

Source storage account — a Blob Storage container called images where uploads trigger events.
Queue storage account — a Storage Queue (work-in-progress) that acts as a durable buffer guaranteeing at-least-once processing.
Event Grid system topic + subscription — created on the source storage account, filtered by subject (/blobServices/default/containers/images) so only image-container blob-created events are forwarded; the event handler is set to the Storage Queue.
System-managed identity + RBAC — the Event Grid system topic’s managed identity is assigned the Storage Queue Data Message Sender role on the queue storage account, eliminating stored credentials.
Azure Function queue trigger — consumes and removes messages from the queue, with Application Insights showing execution logs.

The demo also verifies subject filtering by uploading to the thumbnails container and confirming no extra messages appear in the queue, and discusses dead-lettering, retry policies, and the important distinctions between Azure Storage Queues and Azure Service Bus Queues for message-processing guarantees.

Cloud Drops - Beginners guide to PowerShell in Azure Functions

Thu, 06 May 2021 00:00:00 +0000

Azure Functions supports multiple runtime stacks — including PowerShell Core — meaning that operations teams already fluent in PowerShell can build serverless automation without switching to a compiled language. The consumption plan charges only per invocation with no idle cost, and Application Insights is enabled by default to provide monitoring and logging from day one.

The demo creates two functions inside a single Function App. The first uses an HTTP trigger with a simple run.ps1 that reads a query-string parameter and returns it in the response body, illustrating the input-binding and output-binding model. The second uses an Event Grid trigger connected to a subscription-level topic: whenever a resource group is created, the function fires and calls Set-AzResourceGroup to apply a cost-centre tag based on the environment value. Before the Az module commands work, you must declare the dependency in requirements.psd1 (under App Files) and restart the Function App. A system-assigned managed identity with the Contributor role on the subscription provides the necessary RBAC permissions without storing any credentials in code.

CGN4 - Cloud Gaming Notes Episode 4 - Cross-platform social Sudoku with Azure PlayFab

Wed, 05 May 2021 00:00:00 +0000

Cloud Gaming Notes Episode 4 features Dominic, a Senior PM Manager at Microsoft, who built Sudoku Social — a cross-platform competitive Sudoku game for iOS and Android — entirely as a passion project outside his day job.

The problem Dominic solved: Most Sudoku apps were platform-locked. Players on iOS couldn’t compete against players on Android. Sudoku Social bridges that gap, enabling cross-platform leaderboards and social play. The driving question: who is the fastest Sudoku player?

35 - A discussion on Azure Spring Cloud

Fri, 23 Apr 2021 00:00:00 +0000

Spring, Spring Boot, and Azure Spring Cloud demystified. Chris is joined by Gitte Vermeiren (Microsoft FastTrack Engineer) to explore the Java microservices landscape on Azure. They cover:

Spring vs Spring Boot — how Spring Boot is to Java what ASP.NET scaffolding is to .NET, and how start.spring.io gets you up and running instantly
Spring Cloud — adding microservice concerns like service discovery, circuit breakers, and routing on top of Spring
Azure Spring Cloud — the fully managed platform that lets you run Spring Cloud applications without provisioning or managing the underlying infrastructure
Comparing your options — when to choose Azure Spring Cloud vs. Azure App Service vs. AKS, and understanding the trade-offs around simplicity, control, and learning curve
Real customer reactions — why Java developers with existing Spring workloads often describe Azure Spring Cloud as a game-changer

Whether you’re coming from the Java world or just exploring Azure’s app hosting options, this episode offers a clear and approachable introduction.

Discussing the Cloud with Chris GitHub Architecture and GitHub setup

Tue, 20 Apr 2021 00:00:00 +0000

Karl Cooke (Implementation Specialist at Action Point Technology Group, blogger at irishtechie.com) turns the tables on Chris Reddington, interviewing him about the architecture and GitHub workflow behind CloudWithChris.com.

Platform Architecture

The site is a three-layer stack:

Azure DNS — public DNS zone with an apex domain redirect to www, plus separate subdomains for preview, staging, and the podcast feed (podcasts.cloudwithchris.com)
Azure CDN — global edge caching with a rules engine for HTTP→HTTPS redirects and security header injection
Azure Storage — static website hosting for all HTML, CSS, JS, and media assets; chosen for its low cost, simplicity, and natural fit with static content

Security Hardening

34 - The Bulkhead Pattern (Isolate your components to prevent failures)

Fri, 09 Apr 2021 00:00:00 +0000

The Bulkhead pattern takes its name from the watertight compartments in a ship’s hull. Just as poorly designed bulkheads contributed to the sinking of the Titanic, poorly isolated cloud services can cause a single failure to cascade across your entire application.

What You’ll Learn

The Bulkhead pattern as a resilience mechanism for microservices and distributed cloud architectures
How resource exhaustion in one service can starve others sharing the same underlying infrastructure (e.g., multiple App Services on a shared App Service Plan)
Partitioning strategies:
- Using connection pools to isolate workloads from specific backend services
- Deploying services onto separate VMs, containers, or App Service Plans to enforce hardware-level isolation
- Using Kubernetes resource requests and limits to guarantee quality-of-service between pods
How the Bulkhead pattern limits the blast radius of failures, preventing cascading outages in microservices architectures
Multi-tenancy considerations: per-tenant isolation vs. shared deployment stamps, and the pricing model implications (e.g., Azure SQL Elastic Pools vs. single databases)
Monitoring individual partitions to ensure per-service SLA compliance, not just aggregate system health

Complementary Patterns

The Bulkhead pattern works alongside the Retry, Circuit Breaker, and Throttling patterns to build comprehensive resilience. Define your blast radius with bulkheads, then layer in these patterns to handle the failures that do occur gracefully.

CGN3 - Cloud Gaming Notes Episode 3 - Inventory and Economy

Wed, 07 Apr 2021 00:00:00 +0000

In this third episode of the Cloud Gaming Notes series, Chris Reddington and Lee Williams load up Sea of Thieves to talk through the cloud engineering challenges behind one of gaming’s most critical systems: inventory and economy.

Key topics covered in this episode:

Persistent player state — how modern games use cloud storage to ensure that every item, currency balance, and progression milestone is preserved across sessions and devices without the player needing to manage saves manually
Inventory architecture — treating in-game objects as first-class cloud entities, and the relationship between in-game mechanics (swords, loot, ammo) and the backing data stores that represent them
Economy design — structuring in-game currencies, rewards, and progression loops so they remain balanced, fair, and resistant to exploitation
Azure Cosmos DB and PlayFab — choosing between building a custom inventory data layer on Cosmos DB versus adopting a fully managed gaming backend like PlayFab, and the trade-offs each approach involves
Live Ops — continuously updating and evolving game content post-launch, and how cloud infrastructure supports rapid deployment of seasonal events, balance patches, and new rewards without server downtime
Cross-platform and cross-device — designing inventory systems that follow a player from console to PC to mobile via cloud synchronisation
Community and monetisation — how a well-designed economy builds long-term player engagement, supports streaming audiences, and opens monetisation opportunities for publishers

Next in the series: a conversation with Dominic from Australia on building a social Sudoku game with PlayFab.

33 - External Config and Claim Check Pattern - Easier Management and Externalising Payloads

Fri, 02 Apr 2021 00:00:00 +0000

Chris and Peter explore two cloud design patterns that address everyday operational challenges in cloud application development.

External Configuration Store — The core principle is simple: never store secrets, connection strings, or environment-specific configuration in source code. Azure Key Vault and Azure App Configuration are the go-to implementations in the Azure ecosystem. The episode covers deployment slot behaviour, the risks of accidentally committing credentials to version control history, and why even “temporary” hardcoded values create lasting security exposure. App Service and Azure Functions application settings are also framed as a form of external config store, with important caveats.

V013 - Weekly Technology Vlog #13 (Lots of Azure, DevOps & GitHub) Blogs, Quick-fire Azure Updates

Sun, 28 Mar 2021 00:00:00 +0000

Weekly Vlog #13 covers an action-packed Azure week, with standout blog posts including Mark Russinovich’s Ignite session on Azure innovation, enterprise landing zones with modular designs, zonal disaster recovery enhancements via Azure Site Recovery, Security Center compliance updates, and Azure Databricks on Azure. On the Azure DevOps side, Chris highlights “DevOps-ing everything as code” and community stories touching on Terraform, Bicep, and policy-gated release pipelines.

The GitHub roundup digs into the GitHub Actions capture-the-flag writeup — revealing how an overly permissive workflow can expose repository secrets — and a fascinating multi-stage exploit chain from the GitHub Security Lab, both underscoring the growing importance of DevSecOps practices with GitHub Advanced Security.

31 - Deploying to Azure through Terraform Cloud

Fri, 19 Mar 2021 00:00:00 +0000

You may have heard of Terraform, but are you aware of Terraform Cloud or Terraform Enterprise? In this session, Chris gives a practical walkthrough of how he uses Terraform Cloud as the underlying engine to deploy some of his own projects onto Azure.

What is Terraform?

Terraform is an open-source Infrastructure as Code (IaC) framework from HashiCorp that uses HCL (HashiCorp Configuration Language) to define cloud resources declaratively. Unlike ARM templates, Terraform is cloud-agnostic and has a rich provider ecosystem — including the Azure RM provider used throughout this session.

30 - The Cache Aside Pattern (Optimise your caching approach!)

Fri, 12 Mar 2021 00:00:00 +0000

Caching speeds up reads by storing frequently requested data in a faster store closer to the application, avoiding repeated round-trips to the underlying data store. The cache-aside pattern is specifically for caches that do not natively implement read-through or write-through — the application itself is responsible for populating and invalidating the cache.

The flow is: (1) attempt a cache read; (2) on a miss, read from the data store; (3) write the result into the cache before returning it to the caller, so the next request for the same data is served from cache. Over time, hot data naturally rises into the cache without needing to pre-load everything upfront.

V010 - Weekly Technology Vlog #10 (Episode backlog until Mid-July! New Microphone, Ignite Content!)

Mon, 08 Mar 2021 00:00:00 +0000

In this milestone tenth episode, Chris marks a birthday and a one-year podcast anniversary, picks up a new microphone, then spends the majority of the runtime covering the best of Microsoft Ignite.

Personal Milestones

Vlog #10 & Birthday: A new Shure SM7B microphone arrives — a noticeable audio quality upgrade. Episodes are now booked through to mid-July with more guests lined up into August.
One Year of Cloud With Chris: The podcast launched on 1 March 2020.

Recent Content

GPG Keys Part 2: Hands-on guide to generating GPG keys; Part 3 (linking keys to Git commits and uploading to GitHub) is coming this week.
Cloud Gaming Notes Ep. 2: Chris and Lee discuss matchmaking in cloud gaming-as-a-service — how cloud infrastructure shapes the player experience when joining sessions dynamically rather than connecting to a fixed server. Next episode covers Sea of Thieves, inventory systems, and in-game economies.
Sidecar & Ambassador Patterns with Peter Piper: Another co-hosted patterns episode with a bingo card of API buzzwords.
DotNet Limerick Azure User Group: A live presentation on using GitHub Actions to build and deploy a static podcast/blog site. Recording available on cloudwithchris.com.

Upcoming

Welsh Azure User Group (18 March): Lightning talk — GitHub for podcast/blog deployment.
MSHowTo Live with Mert (25 March): DevOps discussion.
Northern Azure User Group (6 April): Sharing the bill with Scott Hanselman.
Cache Aside Pattern episode (this Friday).
GPG Keys Part 3 (this Wednesday).

Microsoft Ignite Highlights

Azure Cognitive Search — Semantic Search: Results ranked by user intent rather than keyword frequency, powered by Microsoft Research models.

29 - The Sidecar and Ambassador Patterns

Fri, 05 Mar 2021 00:00:00 +0000

Modernising legacy applications doesn’t have to mean rewriting them from scratch. Two cloud design patterns — the Sidecar and the Ambassador — provide elegant ways to extend legacy services with modern capabilities, incrementally and safely. In this episode of Architecting for the Cloud, one pattern at a time, Chris and Peter break down both patterns.

The Ambassador Pattern

The Ambassador pattern places a proxy service between a client and an upstream service or external dependency. This proxy handles cross-cutting concerns that the underlying application doesn’t natively support:

28 - Intro to Landing Zones

Fri, 26 Feb 2021 00:00:00 +0000

What exactly is an Azure Landing Zone, and why does every cloud architect keep talking about it? In this episode, Chris Reddington is joined by Karim Fahmy — an Azure Solutions Architect with over 12 years of IT experience — to demystify Azure Landing Zones and their place within the Cloud Adoption Framework. Learn how landing zones provide the structured foundation covering networking topology, identity, governance, subscriptions, and security that your workloads need to succeed in the cloud. The episode also covers Azure Blueprints, Terraform automation, and real-world strategies for incrementally building and evolving your cloud foundation over time.

27 - The Compute Resource Consolidation Pattern (Optimise for Cost!)

Fri, 19 Feb 2021 00:00:00 +0000

Are you running dedicated compute for every tenant, microservice, or application instance — and paying for it? The Compute Resource Consolidation pattern shows you how to consolidate tasks onto shared infrastructure, such as a single AKS cluster with namespace isolation or an Azure SQL elastic pool, to reduce costs and management overhead. This episode explores the key trade-offs: blast radius containment, noisy neighbour contention, scalability profiles, and multi-tenancy strategies. Part of the “Architecting for the Cloud, One Pattern at a Time” series.

26 - The Pub Sub, Priority Queue and Pipes and Filter Patterns

Fri, 12 Feb 2021 00:00:00 +0000

Chris and Willy cover three fundamental messaging patterns in this episode of Architecting for the Cloud, One Pattern at a Time.

Publish-Subscribe (Pub/Sub) transitions systems from point-to-point messaging (one sender, one receiver) to a multicast model where a single event triggers multiple independent subscribers simultaneously. Azure Service Bus topics and Azure Event Grid are the primary Azure implementations. Canonical use cases include:

Insurance aggregators fanning out quote requests to 15–50 backend services in parallel
Credit check pipelines triggering multiple reference agencies from a single event
Account sign-up flows dispatching to billing, provisioning, and notification services concurrently

Key benefit: subscribers are fully decoupled — adding a new consumer requires only a new subscription, with no changes to the producer.

CGN1 - Cloud Gaming Notes Episode 1 - Hosting a Game Server

Wed, 03 Feb 2021 00:00:00 +0000

What does it actually take to host a multiplayer game server in the cloud? In this first Cloud Gaming Notes episode, Chris Reddington is joined by Microsoft Azure for Gaming specialist Lee Williams to explore how cloud infrastructure powers connected gaming experiences. Using a Minecraft server on Azure as a hands-on example, they cover virtual machine hosting, multiplayer scalability challenges, DDoS protection, player data privacy, resilience patterns, and the evolution from self-hosted servers to fully managed game-as-a-service platforms.

V005 - Weekly Technology Vlog #5 (My Setup, Architecture Patterns, Mental Health and NEWS)

Mon, 01 Feb 2021 00:00:00 +0000

This episode marks two significant milestones arriving later in the week: the debut of Cloud Gaming Notes, a monthly series exploring how cloud technology intersects with the gaming industry (launching with Lee Williams on game server hosting trends and Minecraft), and a candid mental health conversation with advocate Andrew Nathan — the first time Chris has spoken publicly about his own mental health experiences.

From Azure Updates, Azure Cloud Services Extended Support arrives in public preview with a new ARM-based deployment model, offering a migration path for classic Cloud Services workloads. Azure AD Premium customers will receive a 99.99% uptime SLA from April 1, reinforcing the critical importance of cloud identity as a security boundary. Resource instance rules for Azure Storage enter public preview, enabling managed-identity-based access restrictions for resources that cannot be isolated through virtual network service endpoints. The Azure Architecture Center’s January digest includes updated guidance on performance efficiency and scalability monitoring within the Well-Architected Framework, key and secret management best practices, and AKS day-two operational considerations for cluster upgrades. Peter de Tender’s Azure DevOps blog post explains service connections and service principals in the context of Azure DevOps pipelines. On the GitHub engineering side, two posts cover the canary-stage deployment process for github.com and the JavaScript optimisations — including lazy loading and CPU usage reduction — behind the fast GitHub homepage.

24 - Health Endpoint Monitoring Pattern (Monitor your service and its dependencies!)

Fri, 29 Jan 2021 00:00:00 +0000

Stop waiting for users to tell you something is broken. The Health Endpoint Monitoring pattern puts you on the front foot with proactive, application-level health checking.

What You’ll Learn

The Health Endpoint Monitoring pattern as defined in the Azure Architecture Center
How to design a health endpoint that checks downstream dependencies: databases, storage layers, APIs, and microservices
Responding with HTTP status codes and structured JSON payloads to convey granular health state (e.g., database latency, worker availability)
Implementing red/amber/green health classifications rather than simple binary up/down checks
Key design considerations:
- Caching: balancing freshness vs. added load during incidents
- Security: avoiding information leakage through health endpoint responses
- DoS risk: health checks can amplify load during outages—design accordingly
- Aggregation: composing microservice health endpoints into a system-level view
When this pattern complements (rather than replaces) Azure Monitor and Application Insights

Relationship to Other Patterns

The Health Endpoint Monitoring pattern pairs naturally with the Circuit Breaker and Retry patterns. Detecting degradation via health checks enables automated remediation workflows and supports SLA reporting across your distributed architecture.

23 - Gatekeeper and Valet Key Patterns - Secure your APIs and Resources

Fri, 22 Jan 2021 00:00:00 +0000

Continuing the ‘Architecting for the Cloud, one pattern at a time’ series, Chris and Peter Piper explore two closely related cloud design patterns that address a core challenge in distributed systems: how do you give clients access to exactly what they need — and nothing more?

The Gatekeeper Pattern

The Gatekeeper acts as a dedicated intermediary between untrusted clients (the public internet) and trusted backend services. Rather than exposing internal services directly, all traffic flows through the Gatekeeper, which can enforce:

22 - Static Content Hosting Pattern (Save cost and gain performance for static websites!)

Fri, 15 Jan 2021 00:00:00 +0000

Serving static HTML, CSS, images, and JavaScript from a general-purpose web server wastes compute and money. The Static Content Hosting pattern offloads these assets to purpose-built cloud storage for both cost savings and performance gains.

What You’ll Learn

The Static Content Hosting pattern from the Azure Architecture Center and when to apply it
Why compute platforms (App Service, VMs, Kubernetes) are the wrong tool for serving static assets
How Azure Blob Storage (and equivalent AWS S3 / GCP Cloud Storage) can serve static sites directly over HTTP/HTTPS
The role of a CDN (Content Delivery Network) in addressing two key challenges:
- Geographic latency: serving content from Points of Presence close to end users
- Storage throughput limits: the 20,000 requests/second cap on Azure Storage accounts
Geo-redundancy considerations for resilience against data centre failures
When to use the Valet Key pattern for securing access to private static content
Real-world walkthrough of cloudwithchris.com: Hugo static site generation → GitHub Actions build → Azure Blob Storage → Azure CDN

Limitations

This pattern suits truly static content. Dynamic content requiring server-side rendering or complex routing is not a good fit—though JavaScript-driven API calls can bridge many of those gaps.

21 - The Queue Based Load Levelling and Competing Consumers Pattern

Fri, 01 Jan 2021 09:30:00 +0000

Do you have an application with specific scalability and continuity-of-service requirements? What happens when your service is hit by heavy load — could performance or reliability issues cascade through your solution?

In this Architecting for the Cloud, One Pattern at a Time episode, Chris and Will Eastbury cover three closely related patterns that are almost always used together in high-throughput systems:

Queue-Based Load Levelling — use a message queue as a shock absorber to smooth dramatic traffic spikes, so a downstream service processes at a consistent rate regardless of inbound demand
Competing Consumers — scale out message processing by running multiple consumers in parallel, pulling from the same queue to clear backlogs faster
Asynchronous Request-Reply — retrofit async processing into existing synchronous architectures using a status-polling pattern (HTTP 202 / redirect), without tearing apart the existing application

Along the way, Willy and Chris discuss real-world analogies (drive-throughs, ticketing ballots, smart motorways), Azure Service Bus configuration considerations such as maximum queue depth, and how Azure Functions bindings can scale consuming instances dynamically based on queue depth. They also address distributed tracing with Application Insights and the critical reminder that these patterns introduce real complexity — and should only be adopted when requirements genuinely justify it.

20 - The Anti-corruption layer, Gateway Aggregation and Gateway Routing patterns

Wed, 30 Dec 2020 00:01:00 +0000

In this episode of the Architecting for the Cloud, One Pattern at a Time series, Peter Piper returns to walk through three powerful cloud design patterns that build on the Façade concept explored in earlier episodes.

What’s covered

Context reset: The Strangler pattern — a brief recap to set the scene for migration from legacy to modern systems
Anti-Corruption Layer (ACL) — how to prevent a legacy system’s data model from “corrupting” a new microservices domain; translating between old SOAP/REST contracts and modern REST APIs; how this enables high cohesion and low coupling through domain-driven design
Gateway Aggregation — reducing client chattiness by aggregating multiple backend service calls into a single response at the gateway layer; chatty I/O anti-patterns and their performance impact
Gateway Routing — layer-7 routing by IP, port, header, or URL path; decoupling consumers from versioned backend services; Azure load balancing options (Application Gateway, Azure Front Door, Traffic Manager, Azure Load Balancer) and when to use each
Azure service mapping — how Azure API Management, Application Gateway, and Front Door map to these patterns in practice
Cross-cutting concerns — resilience (single points of failure, HA/DR), observability (monitoring and logging), Infrastructure as Code for gateway configuration, and integration/regression/performance testing for each pattern
When not to use these patterns — anti-patterns for scenarios where a WAF/DDoS layer is a better fit than a full gateway

All three patterns share a common thread: a facade layer that decouples front-end consumers from back-end complexity, enabling independent evolution, safe versioning, and testability.

19 - The Event Sourcing, Materialized View and CQRS Patterns

Wed, 23 Dec 2020 00:00:00 +0000

These three cloud design patterns — Event Sourcing, Materialized View, and CQRS — are frequently used together in event-driven systems and are especially well-suited to cloud environments like Azure. In this episode, Chris and Steph explore each pattern individually and explain how they complement each other.

Event Sourcing

Instead of storing only the current state of an entity, Event Sourcing records every event that led to that state as an immutable, append-only log. Think of it as a complete audit trail of decisions:

11 - The Geode Pattern - What is it and how can it be useful for my app?

Mon, 21 Dec 2020 00:00:00 +0000

You may have heard of patterns like the Retry pattern, Circuit Breaker, or CQRS — but have you heard of the Geode pattern?

In this Architecting for the Cloud, One Pattern at a Time episode, Chris and Will Eastbury — who contributed to the original Azure Architecture Center documentation for this pattern — explore how Geodes enable planet-scale, active-active applications.

Key concepts covered:

What is the Geode pattern? Geodes are identical, globally distributed compute nodes where all nodes actively serve any request. Unlike Deployment Stamps (which constrain a tenant to a specific stamp), all Geodes contain the same data, enabling any node to serve any user
Geodes vs Deployment Stamps: Deployment Stamps are tenant-scoped and support multi-tenancy models; Geodes prioritize global consistency and maximum compute utilization. The two patterns can be combined
Performance and availability: The primary benefit is low latency for globally distributed users, with high availability as a natural side effect. Azure Front Door acts as the intelligent global load balancer routing requests to the nearest healthy Geode
Data sovereignty considerations: Because data is replicated to all Geodes, organizations with strict regional data residency requirements need to plan carefully — potentially combining Geodes with Deployment Stamps for tenant-bounded slices
Active-active vs active-passive: Geodes are designed for scenarios where active-passive is too expensive or wasteful; all nodes are live and independently scalable
Hands-on demo: A globally distributed real-time voting application using Azure Functions (event bindings), Cosmos DB (change feed), and SignalR — demonstrating the event-sourcing and messaging aspects of the pattern in practice
Intelligent edge evolution: How this pattern naturally extends to IoT edge and 5G scenarios, with millions of tiny Geodes in roadside cabinets all maintaining configuration from a central service

This episode was originally recorded on 9th October 2020, but had some technical issues and was re-recorded on 21st December 2020.

18 - Tales from the Real World - Defying Gravity.. The magic behind Flight Simulator 2020

Fri, 18 Dec 2020 00:00:00 +0000

Flight Simulator 2020 is more than a game — it’s a globally distributed cloud application delivering photorealistic terrain, live weather, and real-time multiplayer to millions of users simultaneously. In this episode, Chris and Cam use an actual flight in the simulator as a vehicle for exploring the cloud architecture behind it.

Topics covered during the flight include:

Content distribution at scale: How a 150 GB game download reaches players on launch day — Azure Storage as origin, CDN for global caching and edge delivery, and why proximity to the user matters more for players in Australia than in North America
Real-time data pipelines: How live weather, Bing Maps terrain data, and other players’ aircraft appear in your cockpit in near-real time — pointing to Azure Event Hubs and Stream Analytics as candidate services for high-throughput, low-latency event streams
Game backend services: PlayFab for player authentication, session management, and leaderboards; Service Fabric or Kubernetes as the microservices substrate
Resilience and protection: DDoS protection strategies for public-facing game services where mid-session interruption is unacceptable
Architectural trade-offs: Why “low latency” isn’t a real requirement — “less than 5ms for this component” is — and how conflicting requirements force priority decisions between competing architectural concerns

The session demonstrates how the same patterns used in enterprise workloads apply directly to consumer gaming platforms, and why domain context shapes architectural decisions in ways that generic best-practice guidance cannot anticipate.

17 - The Throttling, Retry and Circuit Breaker Patterns

Fri, 04 Dec 2020 00:00:00 +0000

How do you protect your infrastructure from traffic spikes, safeguard multi-tenant workloads from noisy neighbours, and handle transient failures gracefully? Chris and John Downs walk through three essential cloud resilience patterns that every developer building on Azure should understand. Part of the “Architecting for the Cloud, One Pattern at a Time” series.

The Throttling Pattern Protect your services and downstream dependencies from high or unexpected load. Rather than a simple binary on/off gate, throttling can degrade gracefully — disabling non-critical features under load, shaping traffic, or signalling clients via HTTP 429 with a Retry-After header. Azure services like Cosmos DB and Service Bus use this approach natively.

16 - The Backends for Frontends and Strangler Pattern with Peter Piper

Sun, 22 Nov 2020 00:00:00 +0000

Managing APIs across web, mobile, and multiple consumer types creates tight coupling that slows modernisation and makes versioning painful. In this episode, Chris Reddington is joined by Peter Piper to explore the Backend for Frontends (BFF) pattern — creating dedicated backends tailored to each consumer — alongside the Strangler Fig pattern for incrementally migrating legacy monoliths without disrupting existing clients. The Façade pattern also features as a key decoupling mechanism for smooth API migrations. Part of the “Architecting for the Cloud, One Pattern at a Time” series.

15 - The Sharding and Index Table Patterns

Fri, 13 Nov 2020 00:00:00 +0000

Starting to think about the data layer of your application and concerned about scalability? In this episode, Chris is joined by Steph Martin to cover two complementary cloud data patterns: Sharding and Index Table.

The Sharding Pattern

Sharding horizontally scales a data store by partitioning data across multiple shards (database nodes), so no single node becomes a bottleneck. Key design decisions include:

Shard key strategies: Lookup sharding (explicit map of key to shard), range sharding (e.g., customer IDs 1–1000 on shard A), and hash sharding (consistent hashing to distribute load evenly).
Cross-shard queries: Designing your shard key to avoid cross-shard queries is critical — querying across shards is expensive and may require scatter-gather patterns.
Noisy neighbour problem: In multi-tenant SaaS, a single large tenant can saturate a shard and degrade performance for co-tenants. Good key design is the best prevention.
Data sovereignty: Sharding is an elegant solution for customers that require data residency in specific regions.
Azure SQL Database elastic client library: Microsoft’s tooling for managing shard maps and routing queries to the correct shard automatically.

The Index Table Pattern

14 - The Deployment Stamps Pattern

Fri, 06 Nov 2020 00:00:00 +0000

The Deployment Stamps pattern is a powerful cloud architecture approach for scaling, resilience, and multi-tenancy. In this episode, Chris Reddington is joined by John Downs — who contributed the pattern to the Azure Architecture Center — to explore how stamping out independent copies of your application stack across regions enables geographic distribution, data sovereignty, isolated failure domains, and deployment rings for staged rollouts. Discover when to use this pattern, how Azure itself relies on it internally, and the key considerations around request routing, cross-stamp querying, and disaster recovery planning.

13 - Tales from the Real World - Defying DDOS

Fri, 30 Oct 2020 00:00:00 +0000

DDoS attacks have scaled to cloud-level volumes — terabits per second — that on-premises hardware simply cannot absorb. In this episode, Chris is joined by Cam Adams, an engineering manager from Brisbane, Australia, who shares first-hand experience helping customers across Asia-Pacific defend against distributed denial-of-service attacks using Azure.

Cam describes three distinct customer profiles: organisations fully committed to Azure, those in a hybrid state with workloads split between cloud and on-premises, and those yet to begin their cloud journey but still needing cloud-scale defence for on-premises systems. For the latter group, the approach centres on using Azure as an absorptive layer against what Cam calls the “last mile” bottleneck — the narrow point where an internet connection meets on-premises routers and security appliances with throughput measured in gigabits, now being targeted by attacks in the hundreds of gigabits to terabits per second.

12 - Modern Identity Patterns

Fri, 16 Oct 2020 00:00:00 +0000

Chris is joined by Christos Matskas — former Microsoft Premier Field Engineer, developer tools evangelist, and .NET identity expert — for a deep-dive into modern identity patterns in the cloud. They cut through the confusion between Azure AD, Azure AD B2B, Azure AD B2C, and External Identities, explain why the network perimeter is no longer your security boundary, and make the case for letting battle-hardened libraries like MSAL do the heavy lifting rather than rolling your own auth. From eliminating secrets in ARM templates to Zero Trust principles, this episode lays a practical foundation for securing any cloud application.

9 - Building smart Integration Solutions with Microsoft Azure

Sun, 02 Aug 2020 00:00:00 +0000

When we think about cloud architecture, we typically think about distributed systems and the challenge of bringing different components or services together. But integration in the cloud is more nuanced than simply connecting services — it requires understanding messaging semantics, failure modes, and observability.

In this episode, Chris is joined by Ezhilarasi Chezhiyan, Technical Lead at Serverless360 (Kovai.co), to explore practical patterns for building smart Azure integration solutions.

Events vs. Messages — a critical distinction

8 - Azure Security

Sun, 07 Jun 2020 00:00:00 +0000

Moving to Azure? Security has to come first. Chris is joined by cybersecurity expert Andrew Nathan to explore how organisations can build a strong security posture in the cloud. They cover:

Azure Security Center & Secure Score — getting immediate visibility into misconfigurations and threat vectors
Identity strategy — understanding the critical difference between Azure AD and Azure RBAC, managing stale credentials, and enforcing MFA for privileged accounts
Threat modelling — identifying high-value assets, high-value identities, and building appropriate alerting
Azure Policy and Management Groups — using governance controls to audit and control your cloud environment
Red team / Blue team war gaming — evolving your security operations so you’re always testing your own defences

Whether you’re starting your cloud journey or course-correcting an existing environment, this episode helps you understand where to begin — and how to keep improving over time.

6 - Hybrid Cloud

Sun, 10 May 2020 00:00:00 +0000

Hybrid cloud is no longer just a transitional state between on-premises and public cloud — for many enterprises, it is an end state in its own right. Chris is joined by Thomas Maurer, Senior Cloud Advocate at Microsoft, to explore this shift in thinking and how Microsoft’s Azure platform is evolving to support it.

Thomas explains that hybrid today extends well beyond the traditional on-premises-plus-Azure model. It encompasses factory floors running IoT edge workloads that cannot tolerate internet dependency, retail stores with local compute requirements, disaster recovery and backup scenarios, and true multi-cloud deployments spanning multiple public cloud providers. The episode covers a broad range of Azure technologies designed to bring cloud-like management and consistency to all of these environments: Azure Stack Hub, Azure Stack HCI, Azure Stack Edge, Azure Arc, and Azure IoT Edge.

5 - The API Economy

Sat, 25 Apr 2020 00:00:00 +0000

APIs are the connective tissue of modern cloud architectures — but poor API design compounds into technical debt that is expensive to unwind. In this episode, Chris Reddington and Peter Piper explore the full lifecycle of API design: defining versioning contracts up front, modernising legacy APIs using the Strangler and Façade patterns, and securing APIs with JWT tokens, OAuth 2.0, and OIDC. They also cover Azure API Management patterns, circuit breakers, throttling, key rotation with Azure Key Vault, and the DevSecOps practices that keep an API estate healthy at scale.

2 - Cost Control

Sun, 15 Mar 2020 00:00:00 +0000

Moving to the cloud shifts infrastructure spend from capital expenditure (CapEx) to operational expenditure (OpEx)—but realising those savings requires deliberate, cost-aware design from the start.

What You’ll Learn

The CapEx → OpEx mindset shift and why cloud infrastructure should be treated as a commodity
Why requirements drive cost decisions—over-engineering for undefined SLAs leads to unnecessary spend and complexity
Right-sizing: identifying and correcting over-provisioned VMs and PaaS tiers migrated from on-premises
Auto-scaling: scaling out (more instances) vs. scaling up (larger SKUs), and why ephemeral scale-out is typically more cost-efficient for spiky or seasonal workloads
Compute Resource Consolidation: reducing 10 service instances to 2 via colocation or containerisation on Kubernetes
Governance and tagging: associating resources with metadata (environment, team, service) to enable cost reporting and chargeback
Using cloud pricing calculators for bronze/silver/gold architecture cost modelling with stakeholders
Reserved instances and licensing benefit portability (e.g., Azure Hybrid Benefit) for predictable, steady-state workloads
DDoS cost risk: why auto-scale maximum instance limits and DDoS protection services are also financial safeguards

Key Mindset Shift

Treat cloud resources as cattle, not pets. Right-size, auto-scale, and regularly review spend against your workload’s actual usage patterns—turning the monthly bill into a continuous optimisation feedback loop rather than a fixed infrastructure investment.

1 - Requirements in Context

Sun, 01 Mar 2020 00:00:00 +0000

Every cloud project starts with requirements. In this episode, Chris explores the critical pillars of cloud architecture: resilience, scalability, performance, and cost—and why defining them upfront (before drawing any architecture diagram) is essential.

What You’ll Learn

Why requirements engineering is the foundation of any cloud architecture project
Key resilience metrics: SLA, RTO (Recovery Time Objective), RPO (Recovery Point Objective), MTTR (Mean Time to Recovery), and MTBF (Mean Time Between Failures)
How composite SLAs differ from looking at the weakest link in your architecture
The relationship between availability tiers (e.g., 99.9% vs 99.999%) and real-world downtime allowances
How scalability, performance, and cost form trade-off dimensions in every architecture decision
Why over-engineering for loosely-defined requirements leads to unnecessary cost and complexity

Key Concepts

This episode maps on-premises thinking (racks, data centres, zones, regions) to equivalent cloud failure domains, helping architects understand how availability requirements translate when moving to the cloud. Cost is introduced as a first-class design dimension—not a post-hoc optimisation—and the importance of composite SLAs over single-component SLA views is highlighted throughout.

I can use any Azure Compute Service to solve any problem? (Azure Mythbusters)

Fri, 31 Jan 2020 00:00:00 +0000

Azure offers a broad spectrum of compute services, each optimised for different workload characteristics — picking the wrong one results in the wrong scaling envelope, the wrong cost model, and unnecessary management overhead.

The episode steps through the main options:

App Service — fully managed multi-tenant hosting for web apps and APIs; drag a slider to scale.
App Service Environment (ASE) — single-tenant App Service deployed inside your own virtual network, required for compliance scenarios such as PCI DSS where the public front-end of standard App Service is not acceptable.
Container Instances — simple, fast container execution for single containers or small groups without the orchestration overhead of Kubernetes; ideal for short-lived tasks.
Azure Kubernetes Service (AKS) — managed Kubernetes with the platform handling control-plane upgrades; you still configure node pools, networking, and auto-scale rules, and must understand Kubernetes concepts to use it effectively.
Service Fabric — Microsoft’s native microservices platform (underpinning many Azure services) that natively supports stateful services by co-locating data with code, eliminating the network hop to an external state store — critical for ultra-low-latency workloads.
Azure Batch — managed job scheduler for large-scale HPC and Monte Carlo-style workloads across thousands of VMs; think big scheduled jobs, not microservices.
Azure Functions — event-driven serverless execution; consumption plan abstracts all infrastructure but you still choose between consumption and dedicated plans, and must design for stateless execution (or use Durable Functions for state management).
Logic Apps — low-code graphical workflow designer billed per step execution; great for rapid prototyping and integration scenarios.
Virtual Machines — maximum flexibility and compatibility for lift-and-shift or workloads that cannot run on PaaS; requires manual scaling or custom automation.
VM Scale Sets — treats a fleet of VMs as a single object with auto-scale rules; workloads must be stateless since any VM can be removed at any time.

The key question across all options is whether your workload is stateful or stateless, how sensitive it is to latency, what compliance constraints apply, and how predictable or spiky the load profile is.

There are no clear architecture patterns for the Cloud? (Azure Mythbusters)

Fri, 24 Jan 2020 00:00:00 +0000

Cloud does not lack architecture patterns — the Azure Architecture Center hosts a large and growing catalogue, and many patterns predating cloud remain equally applicable in distributed systems today.

The episode walks through four patterns in depth:

Cache-aside — lazily populates a cache by reading from the data store on a cache miss and storing the result so subsequent reads are served from cache. Key considerations include cache expiry, eviction policy, and write invalidation (remove from cache on write so the next read refreshes it).
Circuit breaker — prevents cascading failures by tracking a downstream dependency’s health through three states: closed (normal traffic), open (dependency known-failed, calls rejected immediately), and half-open (probe traffic allowed to test recovery). Requires a companion pattern (e.g., queue-based load levelling) to handle traffic diverted when the circuit is open.
Health endpoint monitoring — extends a simple liveness probe to a deep health check that queries each sub-component (database, queue, cache) and aggregates their status, making it especially valuable in microservices architectures to surface partial failures before they cascade.
Materialized view — pre-aggregates data from an ingestion store into a query-optimised read model, commonly used with event sourcing and CQRS to separate the write model from the reporting view without running expensive aggregation queries at read time.

Azure Myth 6: Cloud is expensive - Azure MythBuster

Wed, 04 Sep 2019 00:00:00 +0000

The perception that cloud is expensive often stems from comparing on-premises hardware purchase costs against cloud operational spend without accounting for the hidden costs of on-premises: hardware depreciation cycles, power, cooling, physical access control, and network connectivity circuits. A more accurate comparison treats cloud as a leasing model where you pay for what you use and can scale to zero during off-peak hours — something that rarely happens in on-premises environments.

Azure Myth 4: Azure is Magical! Management in the cloud compared with on-premises - Azure MythBuster

Wed, 21 Aug 2019 00:00:00 +0000

Azure automates many underlying infrastructure concerns, but it does not make management decisions for you — you still define scalability boundaries, resilience configurations, and the correct IaaS/PaaS/SaaS model for each workload.

Scalability comes in two forms: scale-out (adding more instances, ideal for stateless workloads) and scale-up (increasing a VM’s CPU/RAM, suitable for applications that cannot run across multiple instances). Virtual Machines require you to provision and remove instances manually or via scripting; Virtual Machine Scale Sets expose a slider-style auto-scale rule so the platform handles the fleet. Azure Functions on a consumption plan abstracts all of that away, but you still choose between consumption and App Service plans based on workload characteristics.

Azure Myth 3: You don’t need requirements in the Cloud… Or do you? - Azure MythBusters

Tue, 20 Aug 2019 00:00:00 +0000

Requirements are not optional in the cloud — they are the primary driver of every architectural decision. The FastTrack for Azure team frames requirements gathering using an Aim-Plan-Do approach: first understand the scenario (e-commerce, healthcare, etc.) to surface compliance obligations, data sovereignty rules, and contractual SLAs; then let those requirements determine which Azure services and configurations are appropriate.

The episode demonstrates composite SLA calculation for a multi-tier web application (SQL Database + Queue + Web App), showing how multiplying individual service SLAs reveals whether a single-region deployment meets the target. Reference architectures from the Azure Architecture Center illustrate the progression: a basic single-region web app satisfies moderate availability; adding CDN, DNS, and additional tiers addresses scalability and higher availability requirements. Over-fitting requirements results in unnecessarily complex, expensive designs, while under-fitting leaves the solution unfit for purpose.