Forem: Arun Kumar Palani

Memory leaks in C#

Arun Kumar Palani — Mon, 24 Apr 2023 09:21:32 +0000

Hi, I am Arun Kumar Palani, Senior software engineer in Luxoft & Microsoft certified solution Architect - Associate level.

What is memory leak?

A memory leak in C# happens when an application repeatedly allocates memory but neglects to release it even after the memory has served its purpose. As a result, the application gradually uses more memory over time, which may finally result in the application crashing or ceasing to function. Programming mistakes include failing to deallocate objects that are no longer required or keeping references around for longer than necessary can result in memory leaks. Circular object references, improper usage of data structures like lists and dictionaries, and improper handling of exceptions are just a few causes of these mistakes.

Various memory leaks situations.

Usage of static objects.
A long running thread.
Manually implementation of IDisposable pattern.
Usage of unmanaged objects.
Caching.

Let's discuss one by one in detail.
1. Usage of static objects: When we use static class, variables will be available throughout the application life cycle. We need to be very careful when we are using static variable/classes. This is due to the garbage collector not collecting static objects and everything they reference. Don't use static keywords if it is not necessary.

2. A long running thread: If we work on long running or infinite looping conditions the thread will hold the object for a long time. If the object is being held for a long time GC will think that the object is in use and won’t clean up the memory. But it’s not because of the infinite looping, we should be very careful on writing such cases in programming.
Always set a exit condition.

3. Caching: It is a very good strategy to improve the application performance. But if we are using caching in all areas of the application that will lead to over caching and will end up with the out of memory. It is always good to cache only the frequently used objects.

4. Usage of unmanaged objects: Handling OS file system is the one of the best examples of unmanaged objects. If we are going to use a file system, we should properly dispose of all the objects once the work is done. Otherwise, because they are not cleaned up by the GC, these will result in a memory leak.

5. Manually implementation of IDisposable pattern: Always use the Dispose function on a class that implements the IDisposable interface. Otherwise, a memory leak may occur. The "using" sentence, which calls the dispose method for each condition, is the best approach to accomplish this. If you are unable to use the "using" statement, remember to do it manually and to suppress the finalize method as it is not required.

GC.SuppressFinalize();

Why suppress the finalize method?

If we are using IDisposable interface, we are manually going to clean the object using Dispose method. Finalize is the automatic memory management method called by garbage collector to remove the unused objects.

If you're facing memory leak problem in your application and how did you resolved, it? Please comment below.

Azure Virtual machine & AWS EC2 Instance

Arun Kumar Palani — Tue, 11 Apr 2023 14:30:18 +0000

Hi, I am Arun Kumar Palani, Senior software engineer in Luxoft & Microsoft certified solution Architect - Associate level.

Note: This article provides detailed idea about how IAAS provides virtual machines and enable entire control to organization to set up their own security implementation and configuration. The audience require some knowledge about cloud IAAS. If not, no problem I'll give some idea about IAAS in introduction.

Introduction:

IAAS: It is a method for providing computing infrastructure as on-demand services. It is one of the three essential models for cloud services. In a fully outsourced, on-demand service model, the user purchases servers, software data centers, or network equipment and rents those resources. The resources are distributed as services, and it supports dynamic scalability. On a single piece of hardware, numerous users are typically supported.

In this article, I will explain step by step how to create an AWS EC2 instance in AWS portal and Azure virtual machine in Azure portal and its usage, advantages, disadvantages, and how to deploy a .NET application in an AWS EC2 instance and Azure virtual machine in detail from portal also through CLI.

AWS EC2 instance:

Amazon EC2 or Elastic Compute Cloud is an AWS service that offers highly scalable computing capacity. In AWS, servers are referred to as “instances”. Amazon EC2 provides you with virtual servers in the cloud.

Step 1: Create an AWS account.

To use AWS services, you need to have an AWS account. Visit aws.amazon.com and click on the Sign-Up button. You will be prompted to enter your personal details and payment information.

Step 2: Select the Region.

After creating an AWS account, log in to the AWS Management Console. Then select the region where you want your EC2 instance to be deployed. It’s important to choose a region that is close to your users.

Step 3: Launch an Instance.

To launch an instance, go to the EC2 dashboard and click on the Launch Instance button. You will be taken to a wizard that will guide you through the process of launching an EC2 instance.

a) Choose an AMI (Amazon Machine Image):

The first step is to choose an Amazon Machine Image (AMI), which is a pre-configured virtual machine image. An AMI contains the information necessary to launch instances, such as the operating system, application server, and applications. You can either choose a pre-configured AMI or create your own custom AMI.

b) Choose an Instance Type:

Next, choose an instance type based on the amount of CPU, memory, storage, and network connectivity you require. The instance types range from micro to large and come with different pricing options based on your usage.

c) Configure Instance Details:

In this step, you can choose to configure Instance Details like Number of Instances, Network settings, IAM Role, Shutdown behavior, etc. You can also add user data and configure the instance to run a script on startup.

d) Add Storage:

In this step, you can add storage to your instance. You can choose the type of storage you want, like Elastic Block Store (EBS) or Instance Storage and specify the size of the volume.

e) Configure Security Group:

In this step, you need to configure the security group for your instance. A security group acts as a virtual firewall that controls inbound and outbound traffic to your instances. You can create a new security group or select an existing one.

f) Review and Launch:

After configuring all the settings, review them to ensure they are correct. Once you’re satisfied with the configuration, click on Launch to launch the instance. You will be prompted to select a key pair, which is used to securely log in to your instance.

Step 4: Connect and Configure your Instance.

Once your EC2 instance is launched, you need to connect to it and configure it to meet your needs. This can be done using Remote Desktop Protocol (RDP) for Windows instances and Secure Shell (SSH) for Linux instances.

Usage of AWS EC2 instances:

EC2 instances can be used to host websites and web applications, process big data and machine learning workloads, or store data in databases.
Below listed are few advantages that make EC2 instances popular among businesses.

Advantages:

Scalable: EC2 instances can scale up or down based on demand without any downtime, which helps businesses save money by paying only for the resources they use.

Easy Deployment: Setting up an EC2 instance is fast and easy using the console dashboard or API integration.
Security: AWS offers comprehensive security features to protect data and applications hosted on EC2 instances.

Reliability: EC2 instances are designed for high availability and offer a 99.99% uptime Service Level Agreement (SLA).

Cost-Effective: With EC2 instances, there are no upfront costs or long-term commitments, and users pay only for what they use.

Disadvantages:

Though AWS provides many benefits with the EC2 instances, it has a few challenges as well. Few challenges are listed below:
Steep Learning Curve: The platform has a high learning curve, especially for beginners or companies unfamiliar with cloud infrastructure.

Complexity: Setting up a complex network requires good knowledge of networking concepts.

Create an AWS EC2 instance through CLI.

Install and configure the AWS CLI:

To install the AWS CLI, visit the AWS documentation page and follow the instructions for your operating system. Once installed, open a terminal window and run ‘aws configure’ to provide your AWS credentials.

Choose an Amazon Machine Image (AMI):

Determine which Amazon Machine Image (AMI) you want to use as the basis for your instance. You can use one of the default Amazon AMIs, or create your custom AMI.

Choose an instance type:

Select the instance type that best suits your requirements based on the number of CPUs, memory, and storage.

Create a key pair:

A Key Pair is used to SSH in your instance. You can create a new key pair using the following command:

$ aws ec2 create-key-pair --key-name my-keypair --query 'KeyMaterial' --output text > my-keypair.pem

Create a security group:

A Security Group acts as a virtual firewall for your instance. You can create a security group using the following command:

$ aws ec2 create-security-group --group-name my-security-group --description "My security group"

Configure inbound rules:

Inbound rules control the traffic that’s allowed to reach your instance. You can add inbound rules using the following command:

$ aws ec2 authorize-security-group-ingress --group-name my-security-group --protocol tcp --port 22 --cidr 0.0.0.0/0

This example allows all IP addresses to connect to your instance over port 22.

Launch the instance:

Finally, launch the EC2 instances using the following command:

$ aws ec2 run-instances --image-id ami-xxxxxx --count 1 --instance-type t2.micro --key-name my-keypair --security-group-ids my-security-group --subnet-id subnet-xxxxxx

Replace ‘ami-xxxxxx’ with the ID of your chosen AMI, and ‘subnet-xxxxxx’ with your VPC subnet ID.

Deploying .NET Application in AWS EC2 instance:

To deploy a .NET application in an AWS EC2 instance, follow the below steps:

Step 1: Create an EC2 Instance.

Follow the steps and launch an EC2 instance. Choose an Amazon Machine Image (AMI) that is compatible with the version of the .NET framework you intend to use.

Step 2: Install IIS.

IIS (Internet Information Services) is a web server that can be installed on Windows Server OS to host web applications. You can install IIS from the Server Manager UI or PowerShell command-line.

Step 3: Configure Access to Your Application.

Once IIS is installed, configure access to your application by setting up security groups and enabling HTTP/HTTPS access through the inbound rules.

Step 4: Publish Your .NET Application.

To publish the application, use Visual Studio’s publish wizard or use Azure DevOps pipeline to automate the deployment process.

Step 5: Test Your Application.

Verify that the application is running by navigating to the public IP address of the instance in a web browser.

Step 6: Automate Deployment Process.

Automating the deployment process using tools like Jenkins or AWS Code Deploy allows for continuous integration and delivery which improves productivity and reduces downtime.

Amazon EC2 provides highly scalable computing capacity in the cloud, which makes it an excellent platform for businesses of all sizes. EC2 instances can be used to host websites, run applications, process big data and stored in databases. However, companies must also be aware of the challenges associated with using AWS services.

We have now seen how to create an AWS EC2 instance, its usage, advantages, disadvantages, and how to deploy a .NET application in an AWS EC2 instance. Proper planning, implementation, and maintenance of your AWS infrastructure can lead to cost savings, improved efficiency, and business growth.

Azure Virtual machines:

Azure Virtual Machines (VMs) allow users to create and manage virtual machines in the cloud. These VMs can run various operating systems and are used for a variety of purposes, such as running applications, hosting websites, or providing infrastructure for testing and development.

Step 1: Create an Azure account.

To use Azure services, you need to have an Azure account. Visit azure.microsoft.com and click on the Start Free button. You will be prompted to enter your personal details and payment information.

Step 2: Select the Region.

After creating an Azure account, log in to the Azure portal. Then select the region where you want your virtual machine to be deployed. It’s important to choose a region that is close to your users.

Step 3: Create a Resource Group.

A Resource Group is a logical container that holds related resources for an Azure solution. To create a resource group, navigate to the Resource Group option in the Azure portal and click on Add. Enter the name, region, and subscription details.

Step 4: Create a Virtual Machine.

To create a virtual machine, follow the steps below.

a) Choose Image and Size:

Select the Image and size for your virtual machine based on your requirements. Azure offers a variety of pre-configured images to choose from.

b) Configure Basic Settings:

Provide relevant names for your virtual machine, username, and password. You can also enable extensions, boot diagnostics, and a public IP address.

c) Configure Disks:

Configure the storage options for your virtual machine. Azure offers multiple disk types for different workloads.

d) Configure Networking:

Configure the network settings for your virtual machine, including virtual network setup, subnet configuration, public IP address allocation, and network security group rules.

e) Review + Create:

Once all the required configurations are completed, review your settings and click on create to create your virtual machine.

Step 5: Connect and Configure Your Virtual Machine.

After creating your Azure Virtual machine, connect to it using Remote Desktop Protocol (RDP) or secure shell (SSH), depending on the virtual machine’s operating system. Then proceed to configure it according to your requirements, such as installing applications, setting up firewalls, and configuring virtual networking.

Usage of Azure Virtual Machines:

Azure VMs are used for various purposes, including hosting websites, running applications, providing infrastructure for testing and development, data storage, and backup.

Below listed are few advantages that make Azure Virtual Machines popular among businesses:

Advantages:

Scalability: Azure VMs can be scaled up or down based on demand without any downtime.

High Availability: Azure provides a Service Level Agreement (SLA) of 99.9% availability for VMs.

Security: Azure offers comprehensive security features to protect data and applications hosted on Virtual Machines.

Reliability: Virtual machines are designed for high availability and offer a 99.9% uptime Service Level Agreement (SLA).

Cost-Effective: With Azure Virtual machines, there are no upfront costs, long-term commitments, and you pay only for what you use.

Disadvantages:

Along with the advantages, Azure VMs have a few limitations as well. Few disadvantages are listed below:

Steep Learning Curve: The platform has a high learning curve, especially for beginners or companies unfamiliar with cloud infrastructure.

Complexity: Setting up a complex network requires knowledge of networking concepts.

Deploying .NET Application in Azure Virtual Machine:
Create an Azure virtual machine using CLI:

Install and configure the Azure CLI:

To install the Azure CLI, visit the Azure documentation page and follow the instructions for your operating system. Once installed, open a terminal window and run ‘az login’ to connect to your Azure account.

Create a resource group:
A Resource Group is a logical container that groups resources together for easy management. You can create a new resource group using the following command:

$ az group create --name MyResourceGroup --location eastus

Choose an image:

Determine which image you want to use as the basis for your instance. You can use one of the default Azure images or create your custom image.

Create a virtual network:

A Virtual Network is required by Azure to create a virtual machine. You can create a new virtual network using the following command:

$ az network vnet create --resource-group MyResourceGroup --name MyVnet --address-prefix 10.0.0.0/16 --subnet-name MySubnet --subnet-prefix 10.0.0.0/24

Create a public IP address:

You need a public IP address to access your virtual machine from the Internet. You can create a public IP address using the following command:

$ az network public-ip create --resource-group MyResourceGroup --name MyPublicIP --dns-name mypublicip

Configure inbound rules:

Inbound rules control the traffic that’s allowed to reach your instance. You can add inbound rules using the following command:

$ az network nsg rule create --resource-group MyResourceGroup --nsg-name MyNSG --name ssh --protocol tcp --priority 1000 --destination-port-range 22 --access allow

This example allows all IP addresses to connect to your instance over port 22.

Launch the instance:

Finally, launch the virtual machine using the following command:

$ az vm create --resource-group MyResourceGroup --name MyVM --image UbuntuLTS --admin-username azureuser --generate-ssh-keys --vnet-name MyVnet --subnet MySubnet --public-ip-address MyPublicIP --nsg MyNSG

Replace ‘UbuntuLTS’ with the ID of your chosen image.

To deploy a .NET application in an Azure Virtual Machine, follow the below steps:

Step 1: Create an Azure Virtual Machine.

Follow the steps and create an Azure Virtual Machine. Choose the image that is compatible with the version of the .NET framework you intend to use.

Step 2: Install IIS

IIS (Internet Information Services) is a web server that can be installed on the Windows Server Operating System to host web applications. You can install IIS from the Server Manager UI or PowerShell command-line.

Step 3: Configure Access to Your Application

Once IIS is installed, configure access to your application by setting up security groups and enabling HTTP/HTTPS access through the inbound rules.

Step 4: Publish Your .NET Application.

To publish the application, use Visual Studio’s publish wizard or use Azure DevOps pipeline to automate the deployment process.

Step 5: Test Your Application.

Verify that the application is running by navigating to the public IP address of the virtual machine in a web browser.

Step 6: Automate Deployment Process.

Automating the deployment process using tools like Jenkins or Azure DevOps allows for continuous integration and delivery which improves productivity and reduces downtime.

Azure provides highly scalable computing capacity in the cloud, which makes it an excellent platform for businesses of all sizes. Azure Virtual Machines can be used to host websites, run applications, process big data, and store data in databases. However, companies must also be aware of the challenges associated with using Azure services.

We have now seen how to create an Azure Virtual Machine, its usage, advantages, disadvantages, and how to deploy a .NET application in an Azure Virtual Machine. Proper planning, implementation, and maintenance of your infrastructure can lead to cost savings, improved efficiency, and business growth.

Comparison:
Azure and AWS are two of the most popular cloud services providers that offer a range of cloud-based services. A Virtual Machine (VM) in Azure is similar to an Elastic Compute Cloud (EC2) instance in AWS. Both Azure VMs and AWS EC2 instances provide on-demand computing, flexibility, scalability, and pay-as-you-go pricing models.

Computing Resources:

Azure Virtual Machines and AWS EC2 Instances provide users with the ability to configure CPU, memory, and storage resources based on their requirements. However, there are some differences between these two services.
In Azure, VMs can be configured with up to 128 vCPUs, while in EC2 you can configure up to 256 vCPUs.
Azure offers a premium SSD disk type that provides high IOPS at a lower cost compared to AWS EBS volumes.
AWS provides an additional compute resource option called Elastic GPU, which allows users to attach graphics acceleration to EC2 instances for performance-intensive workloads.

Operating Systems:

Both Azure Virtual Machines and AWS EC2 instances support a wide range of operating systems, including Linux and Windows. However, there are differences in how these services manage operating system images.
Microsoft Azure offers pre-configured images that are optimized for different workloads like SQL, Java or .NET applications.
Amazon Web Services, on the other hand, offers Amazon Machine Images (AMIs) for customers to launch EC2 instances. It also has an extensive marketplace where users can find and purchase pre-configured images.

Networking:

Azure and AWS both offer virtual network configurations that allow users to build complex networking architectures. However, there are differences in how they are implemented.

Azure’s networking architecture uses a more simplified approach called Azure Virtual Network (VNet). VNets are designed to work like traditional on-premises networks and provide connectivity between VMs within the same VNet. Traffic between VNets or public internet is routed through a virtual gateway.

AWS networking architecture allows users to define network security groups, subnets, and route tables based on their requirements. Users also could manipulate IP addresses in EC2 instances.

Pricing:

Both Azure Virtual Machines and AWS EC2 Instances offer pay-as-you-go pricing models. However, there are differences in how they are priced.

Azure offers discounts for users who pre-pay for their virtual machines or reserve instance capacity for one- or three-year terms.

AWS provides a more granular pricing model that allows users to choose different payment options for computing resources, storage, and data transfers.

Management Tools:
Azure and AWS offer several management tools that enable users to manage their virtual machines from a centralized location. However, there are some differences in the management tools they provide.

Azure provides the Azure portal, which allows users to manage services using a web-based interface.

AWS provides the AWS Management Console, which allows users to manage services using a web-based interface. It also provides command-line tools and APIs that allow access to advanced features.

Conclusion: If we are IAAS Azure VM and AWS EC2 instance it makes a big difference because we own all the controls from our side like VNet, Ip configuration and it provides security features. We need to be very careful if we are using IAAS there is a high chance of potential threats if we misconfigured some areas in IAAS.

If you have any doubts and require help for using IAAS please drop a comment. Happy to help.

Stay tuned!!!

Azure services for .NET developers.

Arun Kumar Palani — Wed, 05 Apr 2023 11:12:38 +0000

Hi, I am Arun Kumar Palani, Senior software engineer in Luxoft & Microsoft certified solution Architect - Associate level.

Let's discuss 6 Azure services, developers might use day to day life if the project is completely developed in Microsoft platform.

Before going to discuss in detail let’s see some short introduction of them in 2 lines.

1.Azure Key vault – It is a place where we can keep our secrets. Mostly connection strings and external API secret keys are maintained here.

2.Azure Dev-ops – A simplified solution for maintaining source code, creating and maintaining CI/CD pipelines, release management, a place for maintaining artifacts and it also has test plan.

3.Azure API management – Acts as an entry gate in front of API’s and mostly used for API gateway implementation without much coding.

4.Azure Storage services – Mostly used for storing files and information in different azure storage services.

5.Azure SQL: Similar to on- premises database but offers more flexibility in terms of backup/restore and also in high availability/Auto scaling feature.

6.Azure App Service/VM: App service is a PAAS and VM is IAAS both are used for hosting web applications. VM’s have a lot of advantages other than hosting.

Note: This article is intended for those who have an interest in learning azure conceptually. It will give a clear idea and the exact usage of the service. If you’re new to Azure, please read it twice to get a clear picture of it. This is not a technical article this will just cover the overall view about all the 6 services.

1. What is an Azure Key vault?

Azure Key Vault is a cloud-based service that allows you to securely store and manage cryptographic keys, secrets and certificates used in your applications and services. It is a centralized service where you can store and manage all the sensitive data of your application instead of storing it locally, thus improving the security of your applications.

The Azure Key Vault service provides robust access control, auditing, and monitoring capabilities to ensure that your keys are being accessed only by authorized personnel. It also allows you to generate and manage encryption keys for your applications, making it easier to encrypt/decrypt data and keep it secure.

Advantages of Azure Key vault:

a. Enhanced Security: With Azure Key Vault, you can store and manage all your cryptographic assets in a secure, centralized location. This helps to reduce the risk of keys being compromised or lost due to insecure storage or sharing practices.

b. Simplified Key Management: Azure Key Vault provides a simple, easy-to-use interface for managing your encryption keys, secrets and certificates, which makes it easier for developers to implement secure key management practices.

c. Integration with Azure Services: Key Vault is tightly integrated with other Azure services like Azure Functions and Azure App Service, enabling developers to easily add encryption and decryption features to their applications without having to worry about key management.

d. Easy Compliance: Azure Key Vault supports compliance with various industry standards.

e. Bring Your Own Key Support: Azure Key Vault supports use cases where you want to manage keys on-premises while still utilizing Azure's many platform services.

f. Monitoring and Auditing Capabilities: Key Vault provides robust monitoring, logging, and auditing capabilities that enable teams to track usage, access, and changes to cryptographic keys, certificates, and secrets.

Disadvantages:

a. Cost: Using the Azure Key Vault service can add to your overall cloud expenses, especially if you have large amounts of keys, secrets, or certificates to manage.

b. Learning Curve: Azure Key Vault can be complex for new users and may require some time to learn and become familiar with its capabilities and integration with other Azure services.

c. Limited Programming Language Support: Although Azure Key Vault provides SDKs for multiple programming languages like .NET, Java, Python, etc., its functionality may not be fully supported by all programming languages and frameworks, which could limit its usage in some situations.

d. Dependency on Azure Infrastructure: Since Azure Key Vault is a cloud-based service, it requires an active internet connection and depends on Azure's infrastructure, which can lead to issues if there are any service disruptions or outages.

2. What is Azure DevOps?

Azure DevOps is a collection of services that allow software development teams to plan, build, test, and deploy software. It includes Azure Boards, Azure Repos, Azure Artifacts, Azure Test Plans, and Azure Pipelines. These tools work together seamlessly to provide a comprehensive DevOps solution for teams of any size.

What Azure DevOps Provides?

a. Azure Boards: Like Jira\HP ALM, where we can create and manage user stories/bugs. We can also create branches from the user story where the commit and branch are linked with the parent user story for easy tracking.
Azure Boards also includes built-in analytics features that allow teams to track metrics such as lead time, cycle time, and throughput, which can be useful for identifying bottlenecks and areas for improvement.
We can visualize our data from the azure board and track dependencies.

b. Azure Repos: Like GitHub\Bitbucket\ GitLab\ TFS, where we can push our changes and we can maintain versioning. We can add people from our team and collaborate on code, track the changes, and roll back it whenever necessary.
It provides options for code review and search option for code with specific pieces of snippet.

c. Azure Artifacts: Like JFrog\team city, where we can maintain our NuGet package for the organization includes NuGet, NPM, Maven packages.
With the help of artifacts, we can fetch easily build our pipeline.
Additionally, Azure Artifacts includes package management capabilities, which allow teams to manage dependencies, ensure that packages are up to date, and roll back to previous versions if necessary.

d. Azure Test-Plan: Like Q-test, TestRail. With Azure test plan, we can configure manual testing and exploratory testing plans. It also integrates with Azure Pipelines, making it easy to automate tests and ensure the software is tested before deployment.
We can make a track of all the test cases and we can automate it before going to deployment. So that our application is fully tested before release.
From the developer’s side, we can see the test failure and root cause of the error.

e. Azure Pipelines: Like Jenkins. With Azure Pipelines, teams can automate their software delivery process, from building and testing to deploying to multiple environments. It supports CI\CD which allows teams to build the application, test and deploy the code to environments when it is merged with repository.
The team can use Azure Pipelines to automate the application's build, test, and deployment process and release it to different environments whenever necessary.

We can create a release trigger either manual or automatic by setting the condition to trigger.

What is the advantage of using Azure DevOps?

Easy integration.
Cost effective solution.
Single sign on using Azure AD.
A complete package not depending on different software for each step.

Implementing a DevOps strategy is essential for software development teams to deliver software quickly and efficiently. Azure DevOps provides this feature with minimal cost, i.e.) cost is calculated on a user basis.

How to deploy a .NET application using Azure DevOps?

Step 1: Create an Azure DevOps feature from the azure portal.
Step 2: Create a simple Web API project and configure it to Azure repository.
Step 3: Create an App server or Virtual machine to host the application.
Step 4: Create a release pipeline. Once the build is available from the pipeline, we can deploy the build to the app service/ VM in the continuous way.
Step 5: What are the steps while deploying our application to app service?
1.Build the environment - Ubuntu\Windows etc.
2.Restore dependencies from the NuGet.
3.Build your project.
4.Run the test cases (Unit\Integration tests).
5.Collect code coverage if required.
6.Publish artifacts to azure pipelines.
7.Publish to NuGet feed.
8.Deploy to web app (app server or VM).

3. Azure API Management It is a cloud-based platform that allows developers to expose, publish, and manage APIs. The service provides a robust set of tools for managing APIs, controlling access to APIs, and monitoring traffic.
Within Azure API Management, developers can create new APIs or import existing ones, add restrictions on how the API may be consumed, and configure policies to apply when requests are received.
"Basically, we do the same thing in API gateway pattern. For this we might use the Ocelot NuGet package. The same service is provided by Google Apigee and in AWS as well".

Key Features of Azure API Management:

API Gateway:

At the core of Azure API Management is an API gateway, which acts as a reverse proxy through which requests are routed to the appropriate backend services. The gateway provides protocol translation, message transformation, and other communication functions to enable seamless integration between client applications and backend services.

API Definition:

With Azure API Management, developers can define APIs using the API Specification (formerly known as Swagger). The specification allows developers to describe the operation of their APIs in a machine-readable format, making it easier for clients to discover and consume the API.

a. Security:

APIs are often resources that need to be guarded against unauthorized access. To this end, Azure API Management provides a range of security features including authentication, authorization, and encryption.
Developers can require API consumers to authenticate themselves before accessing an API. Access can also be controlled by roles, allowing fine-grained control over which users can access which APIs.

b. Rate Limiting:
To prevent abuse of APIs, Azure API Management allows developers to apply rate limits. Limits can be applied based on the number of calls allowed per user, per minute or any other defined period. By setting up rate limits, developers can ensure that their APIs are not subjected to excessive load, which could affect system performance.

c. Analytics:
API data analytics are essential for understanding how your APIs are being used, where performance bottlenecks may exist, and what changes can be made to improve them. With Azure API Management, developers have access to detailed data analysis and reporting tools that provide real-time insights into the performance and usage of their APIs.
This feature includes tracking metrics such as call count, response codes, latency, and other relevant indicators.

d. Developer Portal:
A developer portal is a self-service interface that is used by developers to discover, learn, test, and get support for the APIs they use. Developers can browse documentation, test endpoints, download code samples, and subscribe to new APIs from a single location.
With Azure API Management, developers can build fully customized developer portals that include all the necessary information related to their APIs. Personalization options allow for branding and customization so that the developer portal can match the look and feel of your website or application.

Creating APIs with Azure API Management

The process of creating APIs with Azure API Management typically involves the following steps:
Define the backend service – you may have existing services, or you can create new ones that return the data or perform the operations the API will expose.

Create a new API – either by specifying the API specification directly or by importing an existing API definition.
Configure API policies – policies can be used to modify the behavior of your API, add additional security, or allow efficient caching.

a. Creating Inbound rules: This is the place where the incoming request and its IP address is filtered, and it will check whether these URL is allowed for communication.
Ex) we can directly CORS in API gateway itself rather configuring in the code.

b. Creating outbound rules: Here we can set our custom response headers and send the response back to the user. If there is any modification, we need here we can do that as well.

c. Backend policies: Here we can configure backend URL so that it can safely accessed with the help of inbound and out bound policy.

d. Issue API keys – Issuing authorization keys is a technique used to track the usage of your API and maintain control over who is allowed to use it.

e. Configure usage plans – usage plans allow you to specify rates at which developers can use your API under free, paid, or custom tier models.

f. Publish the API – Once the API has been thoroughly tested and reviewed, developers can publish it to make it publicly available.

Azure API Management is a powerful tool that enables developers to create, manage, and publish APIs quickly and efficiently. The platform comes equipped with a host of features that enable secure and reliable API management, including developer-friendly portals and comprehensive analytics capabilities.

4. Azure storage service: It offers a flexible and scalable solution for storing unstructured data, such as text or binary data, in the cloud. The service supports various types of data including blobs, files, queues, tables, and disks.
Azure Storage is designed to provide a highly available and durable storage infrastructure across multiple regions. It provides automatic replication of data within the same region and enables geo-replication across different regions. This ensures that data is always available even in case of regional disasters. Additionally, Azure Storage also provides multiple layers of security to protect data, including encryption at rest and in transit.

Let's take a closer look at some of the key features and services offered by Azure Storage:

a. Blob Storage
Azure Blob Storage is a scalable and secure object storage service that allows you to store large amounts of unstructured data, such as text or binary data, in the cloud. It provides support for several APIs including REST, .NET, Java, Python, and Node.js. It also provides three tiers of storage: hot, cool, and archive, allowing you to choose the storage option based on the frequency of access to the data.

b. File Storage
Azure File Storage provides fully managed file shares in the cloud. It allows you to create file shares that can be accessed from anywhere in the world using standard SMB 3.0 protocol. It allows you to store and share files with ease, enabling you to easily migrate your existing applications to the cloud.

c. Queue Storage
Azure Queue Storage is used to transmit messages between components of distributed systems. It provides a simple messaging service that allows you to send and receive messages between different components of your application. It is ideal for asynchronous communication and can be used to build reliable systems, decoupled systems, and scalable applications.

d. Table Storage
Azure Table Storage provides NoSQL-like storage capabilities for unstructured data. It allows you to store large amounts of structured, non-relational data in the cloud, and supports features such as secondary indexes and queries.

e. Disk Storage
Azure Disk Storage provides persistent block-level storage for virtual machines (VMs) running in Azure. With disk storage, you can attach disks to your VMs, providing them with durable, low-latency storage. You can also use managed disks, which provide simplified management of storage accounts.

In addition to these services, Azure Storage also provides several other features that make it a versatile and flexible storage solution:

a. Azure Data Lake Storage Gen2:
Azure Data Lake Storage Gen2 is a fully managed service that provides scalable, secure, and cost-effective storage for big data analytic workloads. It combines the power of a Hadoop file system with Azure Blob Storage to provide a common namespace for both structured and unstructured data.

b. Azure Backup:
Azure Backup provides reliable and scalable backup solutions for your data in the cloud. It enables you to protect your data by backing up files, folders, or entire VMs to Azure Storage. Azure Backup also provides support for backup of on-premises data to the cloud, making it a comprehensive backup solution.

c. Azure Site Recovery:
Azure Site Recovery provides disaster recovery solutions for your applications and workloads. It enables you to automate the replication of VMs and physical servers to the cloud, providing you with a seamless failover and failback experience in case of any disasters. It also provides support for real-time replication to minimize data loss.

d. Azure StorSimple:
Azure StorSimple provides a hybrid cloud storage solution that enables you to tier cold data to the cloud while keeping hot data on-premises. This helps reduce storage costs as you only pay for the data that you store in the cloud. Additionally, StorSimple provides intelligent caching and data management capabilities to optimize storage performance.

e. Azure Data Box:
Azure Data Box is a physical device that allows you to move large amounts of data to and from Azure Storage securely and quickly. It is ideal for scenarios where transferring large datasets over the network is not feasible. Data Box supports various storage options, including Blob Storage, File Storage, and Disk Storage.

5. Azure SQL service: It provides a highly scalable and flexible solution for managing relational data in the cloud. The service provides various features, including automatic scaling, high availability, security, and backup and recovery mechanisms.
Azure SQL provides support for several deployment options, including single databases, managed instances, and elastic pools. It also supports several programming languages and development tools, such as .NET, Java, Python, and Node.js, making it easy to develop and deploy applications in the cloud.

Let's take a closer look at some of the key features and services offered by Azure SQL:

1. Database-as-a-service:
Azure SQL is a fully managed database-as-a-service (DBaaS) that eliminates the need for managing infrastructure and hardware. The service takes care of database maintenance tasks such as patching, tuning, backups, and monitoring, freeing up your time to focus on application development.

2. Automatic Scaling:
Azure SQL provides automatic scaling capabilities, allowing you to automatically adjust the resources allocated to your database based on the workload demands. This ensures that your database can handle peak loads without compromising on performance.

3. High Availability:
Azure SQL provides high availability through its built-in replication technology. The service automatically replicates your database across multiple regions, ensuring that your application remains available even in case of regional disasters. Additionally, Azure SQL provides transparent failover mechanisms, so that your application can continue running seamlessly in case of any disruptions.

4. Security:
Azure SQL provides several layers of security to protect your data, including encryption in transit and at rest, firewall rules, identity and access management, and threat detection. It also provides compliance with industry-specific regulations such as HIPAA, PCI DSS, and GDPR.

5. Backup and Recovery:
Azure SQL provides automated backups and point-in-time restore capabilities, ensuring that your data is protected against accidental deletion, corruption, or other types of data loss.

In addition to these features, Azure SQL also provides several other services that make it a versatile and flexible database solution:

a. Single Databases:
Azure SQL supports single databases, which are fully managed databases that can be quickly created and managed in the cloud. You can choose from various database sizes based on your requirements and pay only for the resources that you use.

b. Managed Instances:
Azure SQL also provides managed instances, which are fully managed instances of SQL Server in the cloud. Managed instances provide full SQL Server compatibility, enabling you to easily migrate your existing applications to the cloud.

c. Elastic Pools:
Azure SQL supports elastic pools, which allow you to share resources among multiple databases with different usage patterns. This enables you to reduce costs by optimizing resource utilization across multiple databases.

d. Azure Synapse Analytics (formerly SQL Data Warehouse):
Azure Synapse Analytics is a cloud-based analytics service that allows you to analyze large amounts of data in the cloud using a combination of SQL queries and big data technologies such as Apache Spark. It provides integration with Azure Machine Learning, making it easy to build predictive models and integrate them into your data analysis workflows.

e. Azure Database Migration Service:
Azure SQL also provides a migration service that allows you to migrate your on-premises databases to Azure SQL easily. The service supports various database types, including SQL Server, MySQL, PostgreSQL, and MongoDB.

6. Azure App Service and VM: Azure App Service is a fully managed Platform-as-a-Service (PaaS) offering that allows you to quickly build, deploy, and scale web applications, mobile backends, and RESTful APIs. It supports various programming languages, including .NET, Java, Node.js, PHP, Python, and Ruby.
With Azure App Service, you can easily create and manage web apps, API apps, mobile apps, and logic apps using a single integrated solution. The service provides several features such as automatic scaling, high availability, continuous deployment, and DevOps integration, making it easy to maintain your applications and achieve faster time-to-market.

On the other hand, Azure Virtual Machines (VM) is an Infrastructure-as-a-Service (IaaS) offering that allows you to set up and run virtual machines in the cloud. You can choose from a wide range of pre-configured VM images or create your custom image based on your requirements. This gives you complete control over the operating system, applications, and configuration of your virtual machines.

Let's take a closer look at the key features and services offered by Azure App Service and virtual machines:

1. Azure App Service:
Azure App Service provides several features that make it a versatile and flexible platform for developing and deploying web applications and mobile backends.

a. Web Apps:
Azure Web Apps allow you to easily deploy and manage web applications using a single integrated solution. It supports various frameworks and technologies, including ASP.NET, Node.js, Python, and PHP. You can deploy your applications using FTP, Git, or continuous deployment tools such as Azure DevOps, GitHub, or Bitbucket.

b. Mobile Apps:
Azure Mobile Apps provide a scalable and secure backend for mobile applications. It enables you to build cross-platform mobile applications using Xamarin or Apache Cordova and authenticate users using popular identity providers such as Facebook, Google, and Twitter.

c. Logic Apps:
Azure Logic Apps provide a low-code framework for building workflows and integrations between different applications and services. It supports various connectors to integrate with popular SaaS applications such as Salesforce, Dynamics 365, and Office 365.

2. Virtual Machines:
Azure Virtual Machines provide several features that make it a versatile and flexible platform for running various workloads in the cloud.

a. Pre-configured VM Images:
Azure provides various pre-configured virtual machine images, allowing you to easily set up your preferred operating system and application stack. It includes images for Windows Server, Linux, SQL Server, Oracle, and much more.

b. Customizable VMs:
You can also create custom virtual machines based on your requirements. This enables you to configure the operating system, applications, and settings according to your specific needs.

c. High-performance Computing (HPC):
Azure provides several options for running HPC workloads, including high-performance computing clusters, low-latency storage, and GPU-enabled virtual machines.

d. Hybrid Cloud:
Azure provides seamless integration with your on-premises infrastructure, allowing you to extend your datacenter to the cloud with a hybrid cloud solution. This enables you to easily migrate your existing applications to the cloud and take advantage of its scalability and flexibility.

Comparison
Let's compare some key differences between Azure App Service and Virtual Machines:

a. Management:
Azure App Service is a fully managed service that eliminates the need for managing infrastructure or hardware. In contrast, Azure Virtual Machines require you to manage the underlying infrastructure, such as operating system updates, security patches, and backups.

b. Scalability:
Azure App Service provides automatic scaling capabilities, allowing you to scale your web apps, API apps, and mobile apps dynamically based on usage patterns. Azure Virtual Machines require manual intervention to scale resources up or down.

c. Cost:
Azure App Service charges based on the number of instances and their size, whereas Azure Virtual Machines charge based on the number of virtual machines, their size, and the amount of storage used.

d. Configuration:
Azure App Service provides a ready-to-use environment for developing and deploying web applications and mobile backends, whereas Azure Virtual Machines require you to set up your infrastructure from scratch.

e. Control:
Azure Virtual Machines provide complete control over the virtual machines' configuration, allowing you to configure hardware resources, operating systems, and applications based on your specific needs. In contrast, Azure App Service provides limited control over the underlying infrastructure.

Conclusion: Azure services play a major role if we are using Microsoft technologies like C#, it has direct integration with azure cloud PAAS and IAAS. There are lot of advantages if we use azure services in terms of cost, performance, security. Azure services also built in log facilities like application insight where we can the logs if in case of any failures.

If you have any doubts and require technical implementation for the same, please comment below. I am happy to provide the solution in my GitHub link on the next post.

Stay tuned!!!

What is Chat GPT?

Arun Kumar Palani — Tue, 21 Mar 2023 12:27:54 +0000

Hi, I am Arun Kumar Palani, Senior software engineer in Luxoft. Let’s discuss chat GPT in detail.

Note: I have implemented it in .NET, since I am from .NET background.

What is Chat GPT?

Chat GPT is an AI based (LLM) large language model designed by Open AI which is trained by large amount of data. In Chat GPT the data is trained up to 2021. One of the Open AI co-founders was Elon Musk.

Chat GPT working is based on GPT (Generative Pre-trained Transformer) model, an AI-based conversational agent, to produce intelligent responses to user inputs. A neural network architecture used for understanding and processing natural language is used in GPT model implementation.

Simply, the Chat GPT system tries to understand what a user is saying and then reacts to it in accordance with its training data. It can respond to a variety of topics and is intended to be helpful, knowledgeable, and informative.

The main benefit of Chat GPT is that it can communicate with users in natural language and gives tailored answers to each question. By removing the need for human interaction, this gives users instant access to pertinent information and contributes to time savings.

Mainly in Customer service, e-commerce, and education are just a few sectors where Chat GPT is extensively used. In the big data and machine learning era, it has become an essential tool. Large amounts of data can be analyzed by the software, which can then deliver insights that are tailored to the requirements of businesses.

How Chat GPT is used in real life?

Creating a chat bot.
Generating text-based applications.
Creating a virtual assistant.
Implement a customer service system in an automated way.
Providing answers to most frequently asked questions in many e-commerce and general-purpose applications.
Text summarizing and generating reports.

How is Chat GPT implemented?

The fundamental operating principle of Chat GPT is to take input from users, process the input data, and produce an insightful response.
Here is a step-by-step description of how the system works:
User input: The first step entails gathering information from the users. The users contribute by chatting in natural language via text or voice.

Processing the Input Data: After receiving user input, the data undergoes pre-processing to clean it up and eliminate unnecessary elements like stop words and punctuation. The text is then divided into smaller units by the software, typically words and phrases, which are then examined pairwise.

Application of Machine Learning Model: Following preprocessing of the input data, further analysis is conducted using the machine learning algorithm based on the GPT model. This algorithm creates new sentences with a probability determined by the frequency of appearance in the training sources using previous training data that was learned from millions of lines of publicly available text sources.

Response Generation: Using the linguistic patterns discovered in the earlier steps as a basis, Chat GPT applies the algorithm to produce a pertinent output text.

What is making Chat GPT unique?

Because of its capacity for instant learning and adaptation, Chat GPT is exceptional. Chat GPT uses machine learning to generate conversations based on its training data, in contrast to rule-based systems that adhere to a predetermined set of rules. The system can pick up on various conversational topics and behaviors and respond appropriately.
Another distinguishing feature of Chat GPT is that its models are trained on vast amounts of data, giving it an advantage over competing products of a similar nature. This guarantees that the system is effective at responding to user inquiries in a way that is both helpful and accurate.

What’s more interesting as a developer to do with Chat GPT?

Yes, as a developer we would like to communicate with Chat GPT end points and to create a working model so that we can demonstrate how these models help in real life scenarios and what problems it solves. Along with this we would also like to know the different search models are available and how we can use those models.

NuGet extension: OpenAI.
Different Chat GPT search models:

Chat GPT version 3 models:

1.AdaText
2.BabbageText
3.CurieText
4.Davinci
5.CushmanCode - codex model
6.DavinciCode – codex model
7.AdaTextEmbedding
Let’s see how these models are going to help based on the requirements.

1.AdaText: This model is capable of very simple tasks, usually the fastest model in the GPT-3 series, and this is one of the lowest cost models in the GPT series. The string code for this model is represented by “text-ada-001”.
1.Max token supported: 2049 tokens.
2.Trained data set: up to Oct- 2019

2.BabbageText: This model is capable of straightforward tasks, very fast, and lower cost and the string representation for this model is “text-babbage-001”.
1.Max token supported: 2049 tokens.
2.Trained data set: up to Oct-2019

3.CurieText: This model is Very capable, but faster and lower cost than Davinci and the string representation is “text-curie-001”.
1.Max token supported: 2049 tokens.
2.Trained data set: up to Oct-2019

4.DavinciText: This is the most capable GPT-3 model. Can do any task the other models can do, often with higher quality, longer output and better instruction-following.
1.Max token supported: 2049 tokens.
2.Trained data set: up to Oct-2019

5.CushmanCode: Almost as capable as Davinci Codex, but slightly faster. This speed advantage may make it preferable for real-time applications and its representation is “code-cushman-001”.
1.Max token supported: 2049 tokens.
2.Trained data set: up to Oct-2019

6.DavinciCode: Most capable Codex model. Particularly good at translating natural language to code. In addition to completing code, also supports inserting completions within code and its representation is “code-davinci-002”.
1.Max token supported: 8001 tokens.
2.Trained data set: up to Jun-2021

7.AdaTextEmbedding: OpenAI offers one second-generation embedding model for use with the embeddings API endpoint and its representation is “text-embedding-ada-002”.
1.Max token supported: 2049 tokens.
2.Trained data set: up to Oct-2019

Chat GPT version 3.5 models:

1.gpt-3.5-turbo
2.gpt-3.5-turbo-0301
3.text-davinci-003
4.text-davinci-002
5.code-davinci-002

1.gpt-3.5-turbo: The most powerful GPT-3.5 model, which is chat-optimized, costs only one-tenth as much as the text-davinci-003. updated with the most recent model iteration.
1.Max token supported: 4096 tokens.
2.Trained data set: up to Sep-2021

2.gpt-3.5-turbo-0301: GPT-3.5-Turbo snapshot taken from gpt-3.5-turbo. Contrary to the GT-3.5 Turbo, this model will only be supported for three months, ending on June 1, 2023, and will not receive any updates.
1.Max token supported: 4096 tokens.
2.Trained data set: up to Sep-2021

3.text-davinci-003: Can perform any language task better, faster, and with more consistency in following instructions than the curie, babbage, or ada models. Additionally supports text completions being inserted.
1.Max token supported: 4097 tokens.
2.Trained data set: up to Sep-2021

4.text-davinci-002: Like text-davinci-003 in terms of abilities but trained using supervised fine-tuning rather than reinforcement learning.
1.Max token supported: 4096 tokens.
2.Trained data set: up to Jun-2021

5.code-davinci-002: Designed code completion task.
1.Max token supported: 8001 tokens.
2.Trained data set: up to Jun-2021

Chat GPT version 4 models:

1.gpt-4
2.gpt-4-0314
3.gpt-4-32k
4.gpt-4-32k-0314

1.gpt-4: More capable than any GPT-3.5 model, able to do more complex tasks, and optimized for chat. Will be updated with our latest model iteration.
1.Max token supported: 8192 tokens.
2.Trained data set: up to Sep-2021.

2.gpt-4-0314: Snapshot of gpt-4 from March 14th, 2023. Unlike gpt-4, this model will not receive updates, and will only be supported for a three-month period ending on June 14th, 2023.
1.Max token supported: 8192 tokens.
2.Trained data set: up to Sep-2021.

3.gpt-4-32k: Same capabilities as the base gpt-4 mode but with 4x the context length. Will be updated with our latest model iteration.
1.Max token supported: 32768 tokens.
2.Trained data set: up to Sep-2021.

4.gpt-4-32k-0314: Snapshot of gpt-4-32 from March 14th, 2023. Unlike gpt-4-32k, this model will not receive updates, and will only be supported for a three-month period ending on June 14th, 2023.
1.Max token supported: 32768 tokens.
2.Trained data set: up to Sep-2021.

Other models:

1.DALL.E
2.Whisper
3.Embedding
4.Moderation

DALL.E: DALLE is an artificial intelligence program that can produce art and realistic images from a description in natural language. We currently provide support for the creation of new images with a specific size, the editing of existing images, and the creation of variations of user-provided images. The DALLE model that is currently available through our API is the second version of DALLE, which has more accurate, realistic, and images with a 4x higher resolution than the first model.

Whisper: A general-purpose speech detection model is whisper. It is a multi-task model that can perform multilingual voice recognition, speech translation, and language identification and was trained on a sizable dataset of varied audio. Our API presently offers the Whisper v2-large model under the name whisper-1.
Right now, there is no distinction between the Whisper accessible through our API and the open-source version. However, we provide an optimized inference procedure through our API, which makes using Whisper through our API much faster than using other methods.

Embedding: It is a numerical representation of text that can be used to quantify the relatedness between two pieces of text. At a fraction of the price, our second-generation embedding model, text-embedding-ada-002, is intended to take the position of the 16 first-generation embedding models that came before it.
Tasks involving search, clustering, recommendations, anomaly detection, and categorization can benefit from embeddings.

Moderation: The Moderation models' purpose is to determine whether material abides by Open Ai’s usage guidelines.
The models offer the ability to categorize material by searching for items that fall under the following headings: hate, hate/threat, self-harm, sexual, sexual/minors, violence, and violence/graphic.

How to integrate Chat GPT in .NET application?

Create an account in OpenAI.com.
Get the API-key from the Open AI website once successfully logged in.
There are 2 different ways to implement this in .NET
1. Completion request class
2. Direct Http client usage to hit Open AI end points.

Completion request implementation:
1.Install Open AI from the NuGet package manager.

There are few inputs we need to pass to the completion request. They are.
a. Prompt: It is basically the input string where we are sending from the input request.

b. Model: This is the place we need to define which Chat GPT model we are going to use when we are making a API call to Open AI endpoint.

c. Temperature: It gives sampling rate for the search that we are trying with. If we are sampling rate is higher ex) 0.9f we can get creative answer from the endpoint. If we are using 0f we will get the standard answers.

d. Max Tokens: It gives the information how much is the maximum string that the API will give as a response. This can be set manually if we are using either completion request class or from Http Client as well. We need to ensure the maximum token available to generate response for the particular model before specifying the value.

e. TopP: An alternative to sampling with temperature, called nucleus sampling, where the model considers the results of the tokens with top_p probability mass. So 0.1 means only the tokens comprising the top 10% probability mass are considered. It is generally recommend to use this or OpenAI_API.Completions.CompletionRequest.Temperature but not both.

f. Frequency Penalty: The scale of the penalty for how often a token is used. Should generally be between 0 and 1, although negative numbers are allowed to encourage token reuse. Defaults to 0.

g. Presence Penalty: The scale of the penalty applied if a token is already present at all. Should generally be between 0 and 1, although negative numbers are allowed to encourage token reuse. Defaults to 0.

2.Apply the API key and start running the application.
3.Full code for creating the working model using completion request class.
4.Sample C# code:
var gpt = new OpenAIAPI(apiKey);
CompletionRequest completionRequest = new
CompletionRequest()
{
Prompt = input,
Model = Model.DavinciText,
Temperature = 0.5f,
MaxTokens = 4000,
TopP = 1.0,
FrequencyPenalty = 0.0,
PresencePenalty = 0.0,
};
completionResult = await
gpt.Completions.CreateCompletionAsync(completionRequest);

Http client Implementation:
1.We just need some basic idea of how Http client works before implementing this. We need to pass the proper parameters and request and response formats that should match with the Open API endpoint which is officially released.

2.There are different endpoints which was provided by Open AI for chat completion, Image generation, Image edit, Audio translation, Audio transcription and so on. Let's see one how to implement the chat completion in Http client.

3.It requires a base address to establish a connection to the open API endpoint. For chat completion we need to use this URL: https://api.openai.com/v1/completions

4.Authorization can be done by the unique API-key given by Open AI this will perform authentication for us.

I have used .NET 6 so the Http client will have PostAsJsonAsync() method where we need to pass the input request.
With the help of ReadFromJsonAsync() method in the response we can get the result from Open AI.
Here is the C# code.
public async Task
GenerateCompletion(ChatCompletionRequestcs request,
CancellationToken cancellationToken = default)
{
try
{
HttpClient httpClient = new HttpClient();
httpClient.BaseAddress = new Uri(chatEndpoint);
httpClient.DefaultRequestHeaders.Add("Authorization",
$"Bearer {apiKey}");
httpClient.DefaultRequestHeaders.Add("Accept",
"application/json");
var res = await
httpClient.PostAsJsonAsync(chatEndpoint, request,

cancellationToken);
var result = await
res.Content.ReadFromJsonAsync
(cancellationToken: cancellationToken);
return result;
}
catch (Exception)
{
throw;
}
}

Advantages of Chat GPT:

Automated decision making with AI based system.
Precise use case with safety and security of data we search.
Increased accuracy.
Quick response time and increased engagement.
Reduced expense and increased customer service.

Disadvantages of Chat GPT?

Inaccuracies and Ambiguities in some times.
Limited Knowledge of Recent Events - because it is trained with data up to 2021.
Ethical Issues and Concerns.
Other Possible Legal Implications.

Conclusion: Chat GPT is a highly powerful language model with the potential to revolutionize a variety of fields and sectors. It is a useful tool for applications like chatbots, virtual assistants, and content production due to its capacity to generate extremely accurate and contextually relevant responses to natural language inputs. Although if bias and interpretability provide difficulties that must be overcome, Chat GPT represents a promising area for future research and development in the field of artificial intelligence.

Thanks for reading the article, if you have any queries or suggestions, please post it in the comments section.

What is CORS?

Arun Kumar Palani — Tue, 07 Mar 2023 15:10:33 +0000

Hi, I am Arun Kumar Palani, Senior software engineer in Luxoft. Let's discuss CORS in detail.

Note: This is a technical topic. If the reader is from a development background, he/she can easily get the key concepts of CORS. If not from development background, please read it twice it will help you to understand what is CORS? And how we can implement it in any application.

What is CORS?

CORS is a technique that allows servers to specify who can access its resources and which HTTP request methods are allowed by the requested resource.

Origin and sample use case:

CORS started to make request resource giving easier and more effective. With CORS, it is attainable for one app to share possessions with an application owned by another domain. This leads to a netting where many apps from various rules share money with one another.

For example,

Online food delivery app: have you ever doubted how miscellaneous online food delivery apps’ latest fares and other connected data lands on your favorite food delivery app? That’s the power of the CORS policy. If you are going to build an online food delivery application that integrates data and possessions from all vendors and hotels, the easiest habit would be to attract data from the vendor’s or hotel’s APIs with CORS configured. Specifically, CORS is a technical implementation that uses additional HTTP headers to state browsers to give a web request running at one inception access to selected possessions from a different inception. A web application kills a cross-origin HTTP request when it requests a property that has a different origin (rule, protocol, or traffic) from its own. A CORS request can be sparked by providing an additional plunge called “Origin” in the http request.

The cross-origin request policy of the browser (or web view) determines whether the request is allowed. Most browsers implement a same-origin policy that restricts how JavaScript can interact with resources from other domains. The same-origin policy is a critical security mechanism that helps isolate potentially malicious code from running on a user's web page. The same-origin policy has some drawbacks, however. For example, it prevents web pages from loading resources from other domains that they might need to display content or interact with users.

CORS is a mechanism that allows web pages to request resources from other domains in a way that is safe and secure. CORS defines a standard way for browsers to request resources from other domains. When a browser makes a request for a resource from a different domain, it first sends a request to the server to see if the server will allow the cross-origin request. If the server allows the request, the browser then makes the request for the resource. The server can specify which resources are allowed to be requested from other domains, and which methods (such as GET or POST) are allowed. The server can also specify how long the response to the request can take. CORS is a safe and secure way for web pages to request resources from other domains. It is a standard that is supported by all major browsers.

Why do we need such communications?

1.Nowadays modern application architecture and evolving microservice design implementations require a front-end application and a backend application.

2.Assume for Frontend we might use Angular or React. Because it is simple, lightweight and we can create SPA or multiple page applications with html and CSS combination with improved state management techniques like redux, store etc.

3.For Backend we might use .NET, Java or python based on product and architectural suggestions.

4.Our Angular application is hosted on some web app and the backend application is hosted on some different web app.
Ex) Angular app: https:anuglartestapp.com
Ex) backend app: https:testapi.com

5.To establish a connection between these two web apps we might need some configurations that can be explicitly written in our only allow the origin of my front-end application.

What will happen If we don’t specify such origin conditions?

1.The backend application can be accessed by different people and different other endpoints.

2.It will lead to a cross site scripting attack and might create security vulnerability in the application.

3.If proper permission is not provided it will again lead to security vulnerability. Ex) (we want to expose a GET method to some third-party but if we don’t add CORS to only GET method the third party may access to POST, PUT & DELETE which is security concern)

How to work with CORS?

1.First, we need to check the HTTP scheme: Whether it is HTTP or HTTPS

2.Second, we need to check the port where the application is hosted.

3.Third, we need to the check domain name of the hosted application.

Once we get all those necessary information, we need to configure our front-end URLs to the back-end application so that it can communicate and produces response in the UI.

1.From the example we can see the scheme is HTTPS for both the frontend and backend, the port if we run in local host both the applications will run on different ports. We can see the domain name is different for each web app.
Ex) Angular app: https:anuglartestapp.com
Ex) backend app: https:testapi.com
Technical configurations: We must be very careful when we configure CORS for a web client, and we need to provide only necessary permissions.

What is Preflight request?

The CORS Operates in the following manner for Complicated Requests:
1.A pre-flight request is sent to the destination site before the actual request is sent. The OPTIONS HTTP Request method is used to send this pre-flight request.

2.The Authorized methods and Allowed origin information about the target site would be included in the response to the pre-flight request. The browser sends the actual GET/POST request after evaluating this answer to see whether the target site can deliver the desired information.

CORS attributes:

It works by setting specific HTTP headers, which allow a server to specify which origins are allowed to access its resources. The most common CORS headers are:

Request headers: These headers are set by the client browser when it makes a call to server.

Base Origin: This gives the details about the client application where the client application is hosted (The DNS related details of the client app)

Access-Control-Request-Methods: This is the header which is added in preflight mechanism of the request. It will check with the backend server whether these methods are allowed in the backend server for processing.

Access-Control-Allow-Headers: Here we can pass which http headers are allowed to pass to the backend server to establish connection. This is also a preflight mechanism to check which http headers are supposed to be allowed in server.

Response headers:

Access-Control-Allow-Origin: This header specifies which origin is allowed to make requests to the resource. If the values come from the base origin did not match with the server configured value, then the user will experience CORS error on the mismatched Origin.
Sample headers:
1.Access-Control-Allow-Origin: *
2.Access-Control-Allow-Origin: where origin = [www.test.com]
3.Access-Control-Allow-Origin: null which refers to null reference origin.

Access-Control-Allow-Methods: This header specifies which HTTP methods (e.g., GET, POST, PUT, etc.) are allowed to access the resource. If the headers did not match with the Access-Control-Request-Methods request headers, then the user or the resource who is sending the request will experience CORS error on the permissible methods.

Sample headers:
1.Access-Control-Allow-Methods: * which allows all header.
2.Access-Control-Allow- Methods: < methods -name> [GET, PUT, POST, DELETE] We can specify which methods are allowed.

Access-Control-Allow-Headers: This header specifies which HTTP headers (e.g., Content-Type, Authorization, etc.) are allowed to be sent with the request.
Sample headers:
1.Access-Control-Allow-Headers: * which allows all header.
2.Access-Control-Allow-Headers: .

Access-Control-Max-Age: This header specifies how long (in seconds) the preflight request can be cached in the browser.
Sample headers:
1.Access-Control-Max-Age: 3600 specifies the preflight request is valid for next 1 hour.

Access-Control-Allow-Credentials: Requests are passed without credentials like cookies or the authorization header by default in CORS. But, by setting the CORS Access-Control-Allow-Credentials header to true, the cross-domain server can allow reading the response when credentials are supplied to it. The browser will allow the requesting website to access the answer if the asking website uses JavaScript to signal that it is sending cookies along with the request since the Access-Control-Allow-Credentials response header is set to true.
Sample headers:
1.Access-Control-Allow-Credentials: true, which allows credentials to be shared. We can toggle it based on the requirement.

How to Implement CORS in .NET core?

1.Install the NuGet package - Microsoft.AspNetCore.Cors
2.In configureService() method add - services.AddCors()
3.In Configure() method - options => options.AllowAnyOrigin()
4.CORS can be enabled in controller level by adding [EnableCors] attribute and we need to add few lines in ConfigureService() method.
services.AddCors(options => { options.AddPolicy(\"AllowSpecificOrigin\", builder =>
{
builder.WithOrigins(\"http://localhost:3000\")
.AllowAnyHeader()
.AllowAnyMethod();
});
});
}
We need to change the origin as per requirements, we can also add multiple origins and can also set what method can access the controller.
5.In configure method we need to add it as a middleware
app.UseCors(\"AllowSpecificOrigin\");

How to Implement CORS in .NET framework?

Install the Microsoft.AspNet.WebApi.Cors NuGet package
We need to add the following line of code to the WebApiConfig.cs file -> config.EnableCors();
We can also CORS in the controller level, method level as well. By adding EnableCors[“”,””,”*”] as an attribute from the controller top. This is the default value for security purpose we need to configure the Domain, Method, Port where we want to provide access.
Another way is writing this code in a separate class file and providing all the domain URL’s, methods and ports and we can add this class as a attribute over the controller top.

CORS in Microservice:

Prior to the standardization of CORS, the same-origin-policy (SOP) prohibits resource sharing between two web application domains with different origins. Yet today, microservice architecture is becoming more popular. This combines numerous tiny apps to create large, complicated applications. The ability to share resources is crucial for these little applications. Although they are hosted on several domains or ports and deployed on various servers, they are loosely connected. Standardized CORS are essential in this situation. Even when a http request is performed to a different domain, subdomain, protocol, or port, it still permits resource sharing.

Significance of SOP:

SOP is a crucial security feature that limits the interactions between resources imported from different origins in a document or script. It assists in isolating potentially harmful papers, hence lowering attack surfaces. Cross Site Scripting (XSS) and Cross Site Request Forgery (CSRF) attacks frequently target or hit web applications. Developers of online applications have utilized SOP as a solution to this problem.

The concept of "origin," which mandates that two web pages in the same domain, host, and protocol have the same origin, is a crucial part of SOP. Traditionally, origins are formatted as follows: "Origin= (domain, port, protocol)".

For example, a rule running in a browser cannot access the values on other domains running in the alike browser. This is causing the web browser carries out the same origin tactics, isolating the data being joint between two different requests on the same portal.

Advantages of CORS:

1.We can provide options for different domains of the application would establish communication between each other in a secure way.
2.We can provide security of the resource in three levels.
a. Origin level
b. Method level
c. Header level
3.The front-end application can easily integrate with the back end in a secure for data exchanging.
4.We can test the CORS header in the postman and verify it.

Disadvantages of CORS:

1.CORS increases the complexity of the applications, and it can introduce security risks if it is not properly implemented.
2.Access-Control-Allow-Origin: (*) All domains are allowed which leads to CSRF attack.
3.Improper regular expression in the validations leads to request failure even if it is a valid request.

Agile software development in simple.

Arun Kumar Palani — Fri, 07 Oct 2022 12:04:43 +0000

Hi I am Arun Kumar Palani, Senior software engineer in Luxoft. Lets discuss agile in detail.

What is Agile basically?

Agile is a project management technique which is used to create software products in an iterative approach. Rather than creating a complete product in one stretch, we can breakdown that approach into smaller units, so that we can continuously deliver an item in each sprint. If any increment/story does not meet our expectations, we can only work on that increment and deliver it in the upcoming sprints by not disturbing the previously completed increments/stories.

Advantages:

Quality products will be delivered at the end of each sprint.
The product will be developed and delivered faster than the waterfall model.
Regular Inspection and adaptation when there is a change in requirements.
Openness and communication will be sent to all the levels in the team and can get clear visibility. We can directly talk to stakeholders and customers to get a clear picture of the exact requirement and track that in Jira or project management tool.
Stakeholder engagement and client satisfaction can be reviewed at the end of each release.

Disadvantage:

When the requirement is dynamic it is a bit hard to achieve the exact goal at the time described.
When the product is ever changing then it is a never-ending project.

What is Scrum?

Scrum is a framework for developing software products and it is one of the famous agile software development methodologies. Scrum is a lightweight framework, and it can create products in an incremental and iterative approach. It helps the organization and team to solve complex problems with adaptive resolution.

So, what are the main concepts of scrum?

Scrum theory
Scrum values
Scrum team
Scrum artifacts
Scrum events

Scrum theory:

It is basically the set of ideas which is used to create a completely working software product. They are

Transparency,
Inspection and
Adaptation.

These three main principles are very useful for creating iterative and incremental solutions. All these three principles are interrelated.

Transparency enables inspection and adaptation.

Inspection without adaptation is not useful.

Scrum Values:

“The success” in the software we created using scrum mainly depends on how we are using the main scrum value.

What are the main values of Scrum?

Commitment: It is a goal that all the members in the team want to achieve and to create a valuable increment. The scrum master helps the development team by not adding anything in the middle of the sprint. This will help achieve the goals of the individual and sprint goal as well.

Focus: It helps team members to focus on the sprint goal. This can be achieved by scrum master by not burdening the team members with additional tasks. If the team member faces an impediment, it should be immediately resolved so that focus of the sprint won't be affected.

Openness: All the team members in the scrum team must be honest and transparent in their progress. The purpose of the daily scrum meetings is to share the progress of every individual in the team, and it helps to achieve openness with the help of transparency.

Respect: It is the most important thing in the scrum team, all the team members should each other by their values and the work they do. There is a concept in scrum inside the team all are developers there is no seniority. One developer should equally respect other developers.

Courage: The scrum team must be open and courage to take the tuff problems and try to resolve them or try to find a solution to that problem. All the team members should be given a chance to work with this kind of problem so that equality in the scrum team is maintained.

Scrum Team: The scrum team is composed of the scrum master, the Product owner and the Development team. Within the scrum team there is no sub team. It is a cross functional team, which means all the members in the team must have the necessary skills to create a value. The scrum team is a self-managed team, they know what to do? When to do it? And how to do it? To create a value.

The scrum team is a small team typically not more than 10 people so that it helps the team to communicate with each other. The smaller the team, the better the communication is.

The Developer: They are the members of the scrum team who are committed to creating an increment at each sprint. The skills of all the developers vary from domain to domain and project technical stack.

Responsibility of the developer:

Go through the sprint backlog and create a plan for the sprint to execute it properly.
Committed to create a valuable increment each sprint.
Cross functional, should adapt new technology and provide solutions
Accountability and should maintain professionalism to the team members and stories they committed to finish.
Must respect all the other developers in the team.
Developers in the scrum team should have courage to take difficult stories and can complete them on time.
They should be adaptable for the changing requirement.

Product owner: The product owner is the one who is accountable for maintaining the effective product backlog for the scrum team. He is the one who is responsible for maximizing the product value from the resultant work of the scrum team.

The product owner talks to the stakeholders and customers regularly and checks feedback for the item we delivered and for the new enhancements. The decision taken by the product owner is visible to all the stakeholders and the scrum team.

Responsibility of the Product owner:

Should reorder the product backlog.
Should define the product goal.
Responsible for clear communication for the product backlog items
Creating transparent product backlog item.
Should help the development team when there is a doubt about the product backlog item.
Regularly in touch with customers and get feedback and new enhancements they want.
Should take proper decision. Because the PO decision on the product is the final and the organization should respect it.

Scrum master: The Scrum master is the one who establishes scrum in the team as well as the organizational level. They are helping the team to adapt scrum and coach them by understanding scrum values.

The role of the scrum master is not only coaching scrum across team and organization. If they wish to develop some piece of code or if they wish to test some functionality, it is always allowed. The scrum master can perform dual roles if they wish to do it.

The scrum master must be in touch with the product owner and should help him find a technique to align product backlog items.

Responsibility of the Scrum master:

To remove the impediments faced by the scrum team members.
Help people to coach scrum when it is required.
Helping the team members to create high valued increments and it should match the definition of done for that story.
Provide training and coaching scrum for the organization to adapt to it.
Make sure that all meetings are happening at the same time so that consistency reduces the complexity.
Should create meetings properly with stakeholders at proper time so that the scrum team can ask their doubts and create a valuable increment.
It’s the responsibility of the scrum master to timebox all events like sprint planning, daily scrum, sprint review and sprint retrospective.
All the meetings are positive and productive, it’s again the responsibility of the scrum master.

Scrum artifacts: Artifacts in the scrum describing the product goals/vision and how we are going to create a successful product. It is a roadmap for the product's success.

The three main artifacts of scrum methodology are

Product backlog
Sprint backlog
An increment

What is Product backlog?

Product backlog describes the complete project, and it is a living document. Inside the product backlog the high valued items of the product are placed in an ordered way so that it can be picked up in the sprint refinement process and create a valuable increment.

Who can do all these things?

The product owner is the one who maintains the product backlog and orders the highly valued stories at the top of the list. It's the duty of the product owner to contact the customers regularly and stakeholders to get feedback and new enhancements can be written in a priority-based stories in the product backlog.

Sprint backlog: It is the place where we keep track of all the work we are doing inside the sprint. The sprint backlog contains the stories or features which have high priority in the product backlog. When a feature or story is assigned to the sprint backlog it needs to be refined before starting the work.

An Increment: At the end of each sprint an increment will be born. An increment is a valuable thing that adds value to the product and makes the product developed. This increment is reviewed by the stakeholders, product owners and customers before releasing that to the actual product.

When will the Increment be successful?

Once it meets all the points of the acceptance criteria, thoroughly reviewed by the product owner, giving enough time for the customer and stakeholders to review the changes. Once it meets all the definition of done the story will be considered as a successful increment.

Who will mark the definition of done?

The developer in the scrum team will mark all the definition of done.
But the product owner will cross verify the DOD.

So, the increment is a new addition to the product and meets the goal of the product backlog in an iterative manner. If the story which fails to be a part of the increment it will be re-estimated and added again to the next sprint based on the priority.

Scrum events: All the events in the scrum process are timeboxed. We should keep track of the time for all the scrum meetings.

The Sprint: It is a time boxed event with the maximum time for the sprint 1 month and we can decrease the time period based on our work culture.

Sprint planning: Sprint planning is 8 hours and for a shorter sprint the time will decrease. In the sprint planning event, we will discuss with the entire team regarding the stories that we are going to pick and work on in the sprint.

Sprint review: 4 hours and for shorter sprint the time will decrease. In this event we will show case our active increment to the stakeholders and customers and will get review and feedback.

Sprint retrospective: 3 hours and for shorter sprint the time will decrease. In this event we will check what went wrong/good and how to improve the weaker areas all things will be discussed, and the checklist will be actively revisited at the next retro meeting.

Daily scrum: 15 minutes. In this event we will check the below three points.

What are we going to do today?
What did we do yesterday?
Are there any impediments we are facing?

What is Velocity?

Velocity is a term used to describe the scrum team’s completed work. Basically, it is calculated by the number of stories we estimated to take in to the sprint, before sprint starts and the number of stories we completed at the end of the sprint.

The velocity chart looks like this, vertical axis – Total story points, horizontal axis – no of sprints.

Average velocity of the team - 46: It is calculated by

Total story delivered towards all the sprint/ number of sprints = 464/10 = 46.4 This team can complete 46 story points on average each sprint.

Burnt down chart: It shows the actual progress of the team in a sprint. How effectively the time is used.