Hello there! If you are new here, you might want to subscribe to the RSS feed for updates on this topic.

Azure SDK for node 0.5.4 is out! More secure and now with less angle brackets

Posted on May 12, 2012 by Glenn Block

As Yavor said, Azure SDK for node 0.5.4 is out with a bunch of goodies!

Closing a security hole

Recently a vulnerability was detected in node.exe that could theoretically allow an attacker to perform a header-spoofing attack. Version 0.6.17 contains a fix for this attack. We take security very seriously, so we’re releasing this update which includes node 0.6.17 to remove the vulnerability.

Please go download the latest bits to remove this vulnerability!

Less angle brackets, more YAML

iisnode offers some really nice hosting capabilities like spinning up and managing multiple node procs, allowing access to logs over HTTP, providing good debugger errors in the browser for diagnostics and supporting node-inspector for debugging.

To access any of these benefits however you have to travel the sea of angle brackets known as web.config. For .NET / Windows developers, this is the norm. However, we heard a lot of feedback from folks in the node-a-verse, in particular coming from on a Mac / *nix that this feels very strange that they have use web.config in order to config node-specific things in Windows Azure, especially in light of the other offerings out there. Looking around we saw that a common pattern was to use a simple key-value format for specifying similar settings with YAML being a very popular format.

iisnode.yml

And so our team racked our brains a bit, got a bunch of feedback and iisnode.yml was born and implemented by Tomek! iisnode.yml is an optional file that sits along side web.config. It allows you to set all of our iisnode settings without having to ever touch web.config. Below is a really simple example.

# This is a really simple iisnode.yml file

node_env: development

devErrorsEnabled: true

logggingEnabled: true

The settings set the node_env environment variable to development, enables logging all node.exe output and enables developer errors.

For example, the code below has an error in that it requires a module that does not exist, also it uses spaces in the module name.

var http = require('http');

var notPresent = require('some awesome module');

http.createServer(function (req, res) {

  throw "error";

  res.writeHead(200, {'Content-Type': 'text/plain'});

  notPresent.doSomethingAwesome();

  res.end('Hello World Again\n');

}).listen(process.env.PORT);

If I don’t enable devErrors this is what I get when I do a request.

However, look at what I get when I enable devErrors with logging.

Above you an see that an error occurred because it could not find my wacky module.

Developer errors is a pretty cool feature that allows iis to output in the response any errors that occurred right in the browser. Combined with logging, it’s really useful for debugging on a remote/staging server.

Of course you don’t want anyone seeing that in your live production site, so you should probably shut that off.

myfile.yml

By convention we look for iisnode.yml. If you are not happy with that name however, you can set your own name in the iisnode element of web.config by using the configOverrides property.

<iisnode configOverrides="myfile.yml"/>

Note: configOverrides also allows you to do environment variable expansion. Thus instead of having a static file name you can have a name that includes an environment variable value. More on that in the future.

But wait, don’t I still need a web.config when I publish to Windows Azure?

Great question! Today you still need a web.config though as Tomek said that can be boilerplate and you don’t have to look at it. Tomorrow however….

Go get the latest SDK here.

Posted in node.js | Leave a comment

Honored to have participated in the ACT Fly-In

Posted on May 11, 2012 by johnvpetersen

You can read about the event here.

Every so often, you get the opportunity to participate in a process that affords you the opportunity to talk to those who make policy that affects our personal and business lives. During the Fly-In, a group of us engaged with members of Congress on topics that ranged from privacy, bandwidth and entrepreneurship.

My two big issues: privacy and the available bandwidth spectrum.

Privacy:

What people need is the ability to provide informed consent. It’s very difficult, if not impossible, for government to formulate regulations that covers every conceivable behavior. All these regulations serve to do is stiffle innovation and harm those that play by the rules. What we do know when we see it is bad conduct. The FTC has broad enforcement and police power and they need to use the power Congress gave them. Punish the bad actors and make an example out of them to provide the necessary incentives to handle online privacy the right way.

Bandwidth Spectrum:

Recently, Congress mandated FCC Spectrum Auctions. Are you tired of dead spots and sluggish performance over 3G/4G networks? Did you know the carriers stand at the ready to fund the billions of $’s necessary to put up and light up more towers? To make that work, the amount of available bandwidth has to be increased. Congress has taken an important first step – but more needs to be done. Increasingly, we rely on more than just plain text. Mobile Apps are providing (at least are trying to provide) rich content. What’s holding things back? Lack of available bandwidth. The bandwidth is out there, we just need to make it available and use it.

Posted in Uncategorized | Tagged ACT, Privacy, Regulation, Spectrum | Leave a comment

Node.js and Azure on .NET Rocks!

Posted on May 9, 2012 by Glenn Block

Recently I had the privilege to talk to my good friends Richard and Carl about the work we’re doing enabling Node.js development with Windows Azure along with our friends in the node community. It was also a great opportunity for me to practice my new subdued Glenn persona You have to listen to believe it!

http://dotnetrocks.com/default.aspx?showNum=763

Carl and Richard talk to Glenn Block about node.js on Azure. Glenn digs into how node.js has grown in popularity, and points to the Cloud9 IDE as a development environment in the Cloud as an example of a node.js application – which happens to be able to build node.js applications. And Cloud 9 can deploy node.js to Azure. The conversation digs into the Azure stack and the diversity of technologies (including node.js) that run great in the cloud.

Posted in azure, node.js | Leave a comment

I’ll be at GOTO CPH and QCON NYC spreading the node.js love

Posted on May 4, 2012 by Glenn Block

Conference season is coming again. I am excited this year that I’ll be finally speaking at goto AND that I’ll be speaking at the first QCon NYC. The topic, well you guessed it, node.js and Windows Azure.

May 21-23

First stop will be Copenhagen where I will be speaking at goto in the “Microsoft, beyond the echo chamber track” I am really looking forward to this event. I’ve watched it for years before when it was JAOO but never got the chance to attend. I am happy to say this year that will be changing. I hope to see you there!

Presentation: Breaking the Barrier with Node.js on Windows and Azure

June 18-22

I’ll be speaking at QCon NYC in the “Battle of the Clouds track”. If you are planning to attend, you can save $100 by using this promotion code when you register: BLOC100

Presentation: “Unlock your Inner Node.js in the Cloud with Windows Azure”. I’m planning to show some really cool stuff that we have coming down the pike soon at this event, so be there!

After the event, I’ll also be delivering two half day tutorials on node.js.

“node.js, jumping in with both feet”. This tutorial will be a basic primer around node.js and take you from 0 to 60 with node.js development. It will cover the basics, common practices as well as popular third party modules.
“node.js in Windows Azure”. In this tutorial we will dive into deploying node.js applications to Windows Azure as well as using Azure storage services and ServiceBus from within your node.js apps. We’ll also cover development tools like Cloud9 IDE that you can use for deploying node apps to Azure.

If you are looking to get up to speed with node or to start deploying node apps to Azure come to these tutorials.

While I am in town for both events I’ll be doing a bunch of user group meetups and such. I’ll cover that in my next post

Posted in azure, node.js | 3 Comments

Cron and AppEngine

Posted on April 28, 2012 by Kyle Baley

Quick PSA on using cron jobs with Google App Engine because it almost wreaked havoc for us.

App Engine has a lovely feature of having different versions of your app. You can upload a new version but not make it the default until you’re good and ready. We do this all the time for deployment. Deploy to a new version and try it out, then make it the default when we’re ready to unleash it. Often, we deploy to the new version a day or so in advance.

Cron jobs, it seems, are handled outside this versioning mechanism. If you upload a new cron.xml file, it’s active. Right now. Doesn’t matter if the version it was deployed in is the default or not. As soon as it’s uploaded, it’s the new cron-ness.

Where this almost bit us is that we added a new cron job in our most recent release (deployed yesterday but not active) to use a dynamic backend. As soon as the cron job got uploaded, it started running. I didn’t notice until this morning when our backend usage reflected the new cron job. Some quick research and here we are.

What this means long term is that cron.xml is no longer going to be deployed as part of our application anymore. It now becomes an entirely separate process. I’m a little annoyed that we have to wait until we pull the trigger on the new version before we can upload the new cron.xml but it’s a quick step.

Kyle the Mis-scheduled

Posted in Uncategorized | Tagged Google App Engine | 2 Comments