Building secure cloud environments for the customers in Sweden

We’re pleased to introduce you to Vladimir, who is our DevSecOps guru working at the Stockholm office. On a daily basis, he helps our customers in creating safe cloud environments. We decided to ask him about his experience in harnessing modern cloud technologies for our Swedish customers.

1. Where are you from and how did you end up at Nordcloud?

I’m originally from Russia but I have lived in Sweden since 2011. Before joining Nordcloud I used to work for Ericsson as a solution architect in the systems integration domain. At some point, I realised that I needed a major change, so I left Ericsson and joined Nordcloud to work on public and hybrid cloud projects.

2. What is your role and your core competence?

When it comes to core competencies, I have 25 years of experience spanning across many roles including software developer, UX designer, product manager and solution architect. Currently I’m addicted to building modern CI/CD pipelines with security focus, so called DevSecOps. 

3. What sets you on fire / what’s your favourite thing technically with public cloud?

I really like guiding customers in the best ways to develop and support modern containers / serverless-based applications and workloads.

4. What do you like most about working at Nordcloud?

I have the full freedom to do what I believe is best for the customer, I’m not limited by specific products, services, or processes.

5. What is the most useful thing you have learned at Nordcloud?

Ultimately, ‘learned’ is not the right word being in the past tense, as I have realised we need to learn constantly in our fast-changing world of IT. Nordcloud is a community of great colleagues, who are willing to share deep technical and “how-to” knowledge and experience.

6. What do you do outside work?

Trying to help my daughters to do things right. Personally I do a lot of sport activities – alpine skiing, mountain biking, calisthenics, and table tennis.

7. How would you describe Nordcloud’s culture?

While this is not our official culture, for me personally I think it’s built around a fast paced environment, that encourages each individual to have the freedom to use their skills to help customers challenges, while always going that extra mile to find solutions.

Get in Touch.

Let’s discuss how we can help with your cloud journey. Our experts are standing by to talk about your migration, modernisation, development and skills challenges.

    Istio webinar by Nordcloud



    What is Istio?

    Istio is an open platform-independent service mesh that provides traffic management, policy enforcement, and telemetry collection.

    Istio addresses the challenges developers and operators face on the transition from monolithic architecture to a distributed microservice architecture. To learn how, it helps to take a more detailed look at Istio’s service mesh.


    Join the Istio webinar by Nordcloud!

    The webinar will be hosted (in polish language) by one of our Cloud Architects – Piotr Kieszczyński.


    31.01.2019 18.00 CET


    What is Istio?
    – Why it is important?
    – Quick Demo
    – Q&A

    Webinar Connection Info:

    Join Zoom Meeting

    One tap mobile
    +48223987356,,723434349# Poland
    +48223073488,,723434349# Poland

    Dial by your location
    +48 22 398 7356 Poland
    +48 22 307 3488 Poland
    Meeting ID: 723 434 349
    Find your local number:

    Join by Skype for Business

    Add to calendar:

    Get in Touch.

    Let’s discuss how we can help with your cloud journey. Our experts are standing by to talk about your migration, modernisation, development and skills challenges.

      #NordcloudianStories: “Legends and union of cloud architects”

      As a company that is rapidly growing, there are a lot of different people and new starters almost every week and as all 300+ of us are working in different cities, countries and in remote locations, communication is a massive key for success. It’s also about getting to know each and every one. We have pretty solid systems for communicating internally and people are always welcoming new joiners warmly as well as helping each other to get up and running and integrated as efficiently and smoothly as possible.

      One of the first tips I got, in the beginning, was “get to know the people”.

      Nordcloudians are helpful and willing to go the extra mile. By knowing our people, we build even more transparent and successful business.

      I had a chat with one of our Cloud ArchitectsPeter G. Marczis, who was happy to tell about his story.

      1. Where are you from and how did you end up at Nordcloud?
      I am Hungarian with a background in electrical engineering, programming, software development and dev ops (for example at Nokia and Rovio). I have lived also in Finland and when Nordcloud opened an office in Denmark, I wanted to get back in the company!

      2. What is your role and core competence?
      Cloud Architect. I have software development background and many years with Linux. I now work mostly with AWS.

      3. What do you like most about working at Nordcloud?
      Flexibility and investment on our people. We have the opportunity to work remotely as well as have social and customer facing role. Our environment is never settling and always changing, so there are always new challenges. We have a very good training program – I am encouraged to take any courses and learn new things every day.

      4. What is the most useful thing you have learned at Nordcloud?
      To speak with both IT&Business people and being able to fill the gaps between, as you really need these social skills.

      5. What’s your favourite thing with public cloud?
      Nowadays it’s so easy to start new things from scratch, for example, apps from anywhere. You can learn new things quickly and anybody can start a huge journey and make a big difference without big investments.

      6. What do you do outside work?
      I have 2 small kids whom I spend most of my free time with. I also like to repair my car, I am also dj’ing, and I am learning to play piano.

      7. Best Nordcloudian memory?
      We have a lot of fun! Our amazing staff is open and friendly and we have a great team spirit. I really feel part of the family, and we are more than a company, more like “legends and union of cloud architects”. We share the same mindset and I really like our tech&beer events. Our management is always pushing us to learn the newest technology, tools and processes. Everything moves quickly, not a single day is the same, there are no limitations and communication is easy.

      Sounds pretty awesome! If you feel like you could be a good fit to the team, please have a look at our open vacancies here: Nordcloud Careers

      Thanks for reading! Stay tuned for more #NordcloudianStories


      Get in Touch.

      Let’s discuss how we can help with your cloud journey. Our experts are standing by to talk about your migration, modernisation, development and skills challenges.

        Cloud computing news #10: Serverless, next-level cloud tech



        This week we focus on serverless computing which continues to grow and enables agility, speed of innovation and lower cost to organizations.

        Serverless Computing Spurs Business Innovation

        According to Digitalist Magazine, serverless computing is outpacing conventional patterns of emerging technology adoption. Organizations across the globe see technology-driven innovation as essential to compete. Serverless computing promises to enable faster innovation at a lower cost and simplify the creation of responsive business processes.

        But what does “serverless computing” mean and how can companies benefit from it?

        1. Innovate faster and at a lower cost: Serverless cloud computing execution model in which the cloud provider acts as the server, dynamically managing the allocation of machine resources. This means that developers are able to focus on coding instead of managing deployment and runtime environments. Also, pricing is based on the actual amount of resources consumed by an application. Thus, with serverless computing, an organization can innovate faster and at a lower cost. Serverless computing eliminates the risk and cost of overprovisioning, as it can scale resources dynamically with no up-front capacity planning required.
        2. Enable responsive business processes: Serverless function services – function as a service (FaaS) – can automatically activate and run application logic that carry out simple tasks in response to specific events. If the task enchained by an incoming event involves data management, developers can leverage serverless backends as a service (BaaS) for data caching, persistence, and analytics services via standard APIs. With this event-driven application infrastructure in place, one organization can decide at any moment to execute a new task in response to a given event.

        Organizations also need the flexibility to develop and deploy their innovations where it makes the most sense for their business. Platforms that rely on open standards, deploy on all the major hyperscale public clouds, and offer portability between the hyperscaler IaaS foundations are really the ideal choice for serverless environments.

        Read more in Digitalist Magazine

        Nordcloud tech blog: Developing serverless cloud components

        cloud component contains both your code and the necessary platform configuration to run it. The concept is similar to Docker containers, but here it is applied to serverless applications. Instead of wrapping an entire server in a container, a cloud component tells the cloud platform what services it depends on.

        A typical cloud component might include a REST API, a database table and the code needed to implement the related business logic. When you deploy the component, the necessary database services and API services are automatically provisioned in the cloud.

        Developers can assemble cloud applications from cloud components. This resembles the way they would compose traditional applications from software modules. The benefit is less repeated work to implement the same features in every project over and over again.

        Check out our tech blog that takes a look at some new technologies for developing cloud components

        Nordcloud Case study: Developing on AWS services using a serverless architecture for Kemppi 

        Nordcloud helped Kemppi build the initial architecture based on AWS IoT Core, API Gateway, Lambda and other AWS services. We also designed and developed the initial Angular.js based user interface for the solution.

        Developing on AWS services using a serverless architecture enabled Kemppi to develop the solution in half the time and cost compared to traditional, infrastucture based architectures. The serverless expertise of Nordcloud was key to enable a seamless rampup of development capabilities in the Kemppi development teams.

        Read more on our case study here

        Serverless at Nordcloud

        Nordcloud has a long track record with serverless, being among the first companies to adopt services such as AWS Lambda and API gateway for production projects already in 2015. Since then, Nordcloud has executed over 20 customer projects using serverless technologies for several use case such as web applications, IoT solutions, data platforms and cloud infrastructure monitoring or automation.

        Nordcloud is an AWS Lambda, API Gateway and DynamoDB parter, a Serverless framework partner and contributor to the serverless community via contribution to open source projects, events and initiatives such as the Serverless Finland meetup.

        How can we help you take your business to the next level with serverless?

        Get in Touch.

        Let’s discuss how we can help with your cloud journey. Our experts are standing by to talk about your migration, modernisation, development and skills challenges.

          App Service environment isolated: Making security & internal network connectivity easier and cheaper



          Azure App Services

          Azure App Services is arguably the most popular Azure PaaS service, allowing you to host Web Sites and App Functions in a fully managed service.

          Once you had created your App Service Plan, and Web App, API App, Logic App or Function you can upload your code and have a simple website, API, Logic App or Function up and running in under 10 minutes. Of course, there are a number of other configuration options, such as binding a domain name, adding an SSL Certificate and the ‘out the box’ ability to do blue / green deployments. However, it was simple to get up and running and like any PaaS, Service should be, simple to manage.

          Azure App Servers runs in a multi-tenanted Environment. In short, your App Service shares the same hardware as other Azure Customers, and while this provided a cost-effective hosting solution, the multi-tenanted aspect introduced a number of restrictions around scalability and security. To address this, in June 2015, Microsoft Azure released App Service Environments (ASE), a premium tier of Azure App Services, which allow you to run App Services isolated within a subnet of your own Virtual Network.

          As a premium service, ASE comes with a premium price tag, so if you are architecting a solution that included an ASE, (compared to the multi-tenanted and cheaper equivalent) you have to make sure your business case can justify it. If you need:

           – Your App Service to connect to infrastructure within your local network, via a site-to-site VPN, Express Route of VNET Peering,

           – Your App Server hosts internal or Line of Business Application that should not be publicly accessible,

           – Layer 3 Network Access Control, on both inbound and outbound traffic,

           – A Static Outbound IP Addresses that can be whitelisted on on-premises or third-party firewalls, including securing connections to AzureSQL,

           – You need more compute resource (without an ASE, you have can have a maximum of 10 compute resources, with an ASE you can have up to 100),

           – You wish to place a Network Virtual Appliance in front of your App Service, or,

           – You require a fully isolated & dedicated compute resource,

          In July Microsoft released the next generation ASE: App Service Environment Isolated or ASEv2, but what are the differences between ASE Isolated and the Original (ASEv1) and should you migrate?

          What has changed?

          User Experience

          If you are used to deploying ASEv1, the biggest change you will notice is that they have made using an ASE simpler, and there is less to set up and manage. It feels a lot more ‘PaaS’ like and is generally a good experience. Gone is the configuration overhead of ‘Front End Workers’ and ‘Backend Workers’, and you no longer need to worry about ensuring you have additional workers for fault-tolerance and scaling – this is all now managed for you.


          This change means that there is a large change to how an ASE is priced. There are two components you need to be familiar with to be able to price an ASEv2:

          1. The App Service Environment Base Fee which covers the costs of running your ASE in “a private dedicated environment”, these include load balancing, high-availability, publishing, deployment slots, and general configuration that takes place at an ASE level. This cost (which varies by region, in UK South the pricing currently stands at £782.88/per month) remains consistent provided you don’t alter the default Front-End Configuration – one I1 instance for every 15 worker instances. The Front-End Instances only handle SSL termination & layer 7 load balancing. In this case, the default settings will work in the majority of cases, and while they do, regardless of how many worker instances you have the base fee will not change. If you scale up the Front End instances, (or the I2 or I3 instance type) or decrease the number of workers per Front-End Instance, your base feel will increase with every additional core above the default configuration.
          2. Isolated Workers (the compute that excuses your code) – you decide how many workers you require to run and scale your app and as such, you have control of the costs of the worker layer. This is charged per hour, so if your workers are scaling to meet demand, this cost may not be consistent each month.

          Compute Resource

          ASEv2 only supports the ‘I’ series of virtual machines – these are all Dv2 based machines, which means faster cores, SSD storage and twice the memory per core when you compare to ASEv1. In short – the Dv2 almost doubles the performance compared to the previous generation.


          As part of the process of making ASEv2 simpler, fault tolerance is now managed for you. You no longer need to have, or pay for, standby workers.


          In ASEv2, they have simplified how the scaling works to bring it inline with you auto-scale your App Service Plan outside of an ASE. You no longer need to worry about ensuring you have enough workers at the ASE level to enable your scaling actions to happen, and again, means you are not paying for computer resource that you’re not using.

          Cost Savings

          If you do a head to head cost comparison of ASEv1 and ASEv2, you might question if ASEv2 is any cheaper. However, when you consider that you are getting almost twice the compute power in the ‘I’ series of computer resource (and therefore should need less of them) and that you no longer need to pay for fault-tolerance or workers ready to scale, ASEv2 will work out cheaper.

          Should we migrate?

          Microsoft Azure has taken the end user feedback and each of the changes we have listed above bring real benefits. Nordcloud has already seamlessly migrated a number of its clients from ASEv1 to ASEv2 and they are already benefiting from the cost savings, both directly and indirectly from the reduced effort of operating the ASE.

          If you would like to talk to Nordcloud about if an ASE is suitable for your requirements, or how we can help quickly and seamlessly migrate you from an ASEv1 to and ASEv2, please get in touch today. 

          Get in Touch.

          Let’s discuss how we can help with your cloud journey. Our experts are standing by to talk about your migration, modernisation, development and skills challenges.