Install a high available Istio control plane on Azure Kubernetes Service

Lately I worked intensively with Istio and focused especially on the topic high availability of the Istio control plane. When you install Istio with the default profile, as mentioned in the Istio documentation, you get a non-high available control plane. istioctl manifest apply \ --set values.global.mtls.enabled=true \ --set values.global.controlPlaneSecurityEnabled=true Per default Istio gets Read more [...]

Check cluster manageability with Azure Kubernetes Service Diagnostics

It does not matter if your AKS cluster is running without any issues or you currently experiencing issues, you should run Azure Kubernetes Service Diagnostics on a regular base. But what is Azure Kubernetes Service Diagnostics? Let me give you a quick introduction. AKS Diagnostics is a functionality in the Azure portal which provides you with the capability to run a self-diagnosis against your Read more [...]

Using Octant as alternative Kubernetes dashboard for Azure Kubernetes Service

When you are running an Azure Kubernetes Service cluster you might deployed the cluster without the Kubernetes dashboard or disabled it afterwards. -> https://www.danielstechblog.io/disable-the-kubernetes-dashboard-on-azure-kubernetes-service/ Mainly you are doing it for security purposes to prevent an accidentally exposed and unsecured Kubernetes dashboard to the public. -> https://redlock.io/blog/cryptojacking-tesla The Read more [...]

Secure Kubernetes API server access in Azure Kubernetes Service

Running Kubernetes at a cloud provider especially managed Kubernetes like AKS or GKE provides you with a solid foundation and applied security best practices for the managed master control plane. But there is one downside, the public accessible API endpoint to control the Kubernetes cluster. Even the API endpoint is only exposed via HTTPS and access is secured via the Azure Active Directory integration Read more [...]

Terraform – Working with AKS multiple node pools in TF Azure provider version 1.37

On Tuesday this week the Terraform Azure provider version 1.37 was released and brings some changes regarding AKS multiple node pools support. Multiple node pools are now fully supported in Terraform with their own resource azurerm_kubernetes_cluster_node_pool. First, let us talk about the changes to the resource azurerm_kubernetes_cluster before getting to the azurerm_kubernetes_cluster_node_pool Read more [...]

Working with Windows Server node pools in Azure Kubernetes Service

Back in May Microsoft released the public preview of Windows Server support for Azure Kubernetes Service. -> https://azure.microsoft.com/en-us/blog/announcing-the-preview-of-windows-server-containers-support-in-azure-kubernetes-service/ When you are starting with Windows Server node pools in AKS you should at least be aware of some prerequisites and limitations. Windows Server node pools Read more [...]

Azure Resource Manager templates – Deploy an AKS cluster with multiple node pools

This week the multiple node pool feature for Azure Kubernetes Service went GA. -> https://azure.microsoft.com/en-us/updates/support-for-multiple-node-pools-in-azure-kubernetes-service-is-now-available/ Today we walk through the steps to deploy multiple AKS node pools with Azure Resource Manager templates. Looking at the ARM template reference for AKS, node pools get defined in the managedClusters Read more [...]

Speaking at Azure Saturday Cologne

After a break of nearly five months from public speaking I am back on stage since October. The last public speaking engagement was in May at the European Collaboration Summit in Wiesbaden. Then in October I presented the topic “Terraform on Azure” at the Azure Meetup Bonn hosted by LeanIX. The next event I am presenting at is the Azure Saturday Cologne on December 7th where I talk about Read more [...]

Terraform – Deploy an Azure Kubernetes Service cluster with multiple node pools

UPDATE: Checkout the new blog post covering AKS multiple node pools in Terraform Azure provider version 1.37. -> https://www.danielstechblog.io/terraform-working-with-aks-multiple-node-pools-in-tf-azure-provider-version-1-37/ The multiple node pool feature for AKS is currently in preview. -> https://docs.microsoft.com/en-us/azure/aks/use-multiple-node-pools Multiple node pools Read more [...]

Pin Terraform version in Azure Cloud Shell

When you cannot always work with the latest Terraform version for you Infrastructure as Code deployments and need to stick to a specific one like 0.12.10 for instance, then you should continue reading. The Azure Cloud Shell is Microsoft’s CLI as a Service offering in Azure and provides you with a browser-based interface that is accessible from everywhere and comes with a rich tool set. -> Read more [...]