Azure Latency Spikes Due to Socket Exhaustion

We have an app we’re working on that has been experiencing some weird inconsistent latency spikes in Azure. It’s a .NET 6 (C#) REST API on a P1V2 Linux AppService and using Azure Health Data Services - FHIR API as the primary data store1. While this post discusses the Azure FHIR service, the findings apply to any third party HTTP service your app uses.

Load testing the app indicated really high latency spikes every couple of minutes. Most requests were well under a second response time, but after awhile it would spike up to over a minute, sometimes encountering socket timeouts. This was not even a particular big load test, just five users clicking on a listing page and then accessing the details page of a random item. Maybe 2-3 requests per second.

Simple load test simulating five users clicking around

Read More

Resource Based Authorization Rules in .NET Core

Most .NET developers are familiar with using the [Authorize] attribute on their controller actions to specify access requirements for certain operations. It’s often combined with a Role property to require the current user to belong to a certain role. Recent versions of .NET and .NET Core introduced a Policy authorization mechanism as well.

Instead of specifying a Role you can specify a required Policy. This is an improvement because we can get a little more precise: an operation requires the Read permission policy, not simply that the user belongs to the Admin role. Flexibility! We can easily change what permissions are granted by each role, and have very little code to change.

This all works pretty well for coarse permissions like “can this user read things in general?” but it is insufficient for the more complicated case of evaluating access to particular resources and entities in the system. Just because the user is in the right role or group to grant them the ReadRecipe permission doesn’t mean they have access to “this particular recipe”. Handling rules like that requires a bit of custom code, but ASP.NET Core provides some hooks that can help us make our business logic clear, without being too muddled with authorization concerns.

What follows is a sketch of my approach to resource based authorization.

Read More

Availability in 2019

UPDATE: I’ve landed on my feet at Artisan Technology Group. Thank you to everyone who reached out with contacts and assistance.

I have greatly enjoyed my time at The Nerdery. Unfortunately, after 4+ years of service, the regional office where I worked was shut down.

For the first time in almost a decade I suddenly find myself out of work. I am immediately available for hire in senior or team lead positions in .NET or Javascript. While much of my career has been in consulting companies, I would also be interested to try working for a product company. In either type of role, one of my main interest is in getting opportunities to guide and mentor newer developers and help them level up their skills and careers.

If you are looking to fill roles similar to this, please get in contact with me at Further contact information can be found on my CV. See also my LinkedIn profile for additional detail and recommendations from my previous coworkers.

Read More

Background File Processing with Azure Functions

Processing uploaded files is a pretty common web app feature, especially in business scenarios. You frequently get a request from your users that they want to be able to do some work on some data in Excel, generate a CSV, and upload it into the system through your web application.

If files are small enough, or can be processed quickly, its generally fine to just handle the import within the request. But sometimes you have to do so much processing, or so much database IO that its impractical to run the import as part of the upload process: you need to push that work out to a background job of some sort.

Read More

Migrated to Hexo

Migrated this site to hexo as a static site generator. Its written for node, and performs much better for me than octopress.

Running ruby on windows was annoying to install, slow, and tough to maintain.

I wasn’t writing much because the workflow was so annoying. I had to run ruby in bash for windows, use rake isolate to test a single article at a time, and wait minutes for site re-generation.

Hexo generates the site in under 10 seconds.

I’ll be looking for a new non-default theme, but at least all the articles moved over without getting lost. Nothing important should be 404ing.

There’s probably some display quirks, but I’ve gone through all the posts and things looked mostly right.

Let me know if something is out of place.