Using Kata Containers on Azure Kubernetes Service for sandboxing containers

Last year I wrote a blog post about running gVisor on Azure Kubernetes for sandboxing containers. -> https://www.danielstechblog.io/running-gvisor-on-azure-kubernetes-service-for-sandboxing-containers/ Back then, the only managed Kubernetes service that supported sandboxing containers in dedicated node pools was Google Kubernetes Engine via gVisor. A few weeks back, Microsoft announced Read more [...]

Learnings from the field – Running Fluent Bit on Azure Kubernetes Service – Part 3

This is the second part of a three-part series about “Learnings from the field – Running Fluent Bit on Azure Kubernetes Service”. -> https://www.danielstechblog.io/learnings-from-the-field-running-fluent-bit-on-azure-kubernetes-service-part-1/ -> https://www.danielstechblog.io/learnings-from-the-field-running-fluent-bit-on-azure-kubernetes-service-part-2/ Logging is one of the central Read more [...]

Change the replication type of an Azure storage account

Last year I wrote a blog post about migrating an Azure storage account from LRS to ZRS replication. -> https://www.danielstechblog.io/migrate-an-azure-storage-account-from-lrs-to-zrs-replication-without-downtime/ Back then, this procedure required the involvement of Azure support via a support ticket. Things have changed since then, and now you can initiate the migration yourself. Select Read more [...]

Learnings from the field – Running Fluent Bit on Azure Kubernetes Service – Part 2

This is the second part of a three-part series about “Learnings from the field – Running Fluent Bit on Azure Kubernetes Service”. -> https://www.danielstechblog.io/learnings-from-the-field-running-fluent-bit-on-azure-kubernetes-service-part-1/ Logging is one of the central aspects when operating Kubernetes. The easiest way to get started with it is by using the solution your cloud provider Read more [...]

Learnings from the field – Running Fluent Bit on Azure Kubernetes Service – Part 1

This is the first part of a three-part series about “Learnings from the field – Running Fluent Bit on Azure Kubernetes Service”. Logging is one of the central aspects when operating Kubernetes. The easiest way to get started with it is by using the solution your cloud provider provides. On Azure, this is Azure Monitor Container Insights that can also be used on Google Kubernetes Engine and Read more [...]

Azure Kubernetes Service – Using Kubernetes credential plugin kubelogin with Terraform

In today’s blog post we have a look at the Kubernetes credential plugin kubelogin for Azure Kubernetes Service and how to use it with Terraform. -> https://github.com/Azure/kubelogin -> https://kubernetes.io/docs/reference/access-authn-authz/authentication/#client-go-credential-plugins The Azure Kubernetes Service cluster I am using for demonstration is an AKS-managed Azure Active Directory Read more [...]

Azure Kubernetes Service news from KubeCon North America 2022

Last week the KubeCon / CloudNativeCon North America took place in Detroit with a lot of news regarding Azure Kubernetes Service. Let us now walk through what has been announced for AKS. Microsoft further enhances the different CNI options that are available for Azure Kubernetes Service. Besides the standard of Azure CNI with Azure Network Policy Manager or Calico for Kubernetes network policies, Read more [...]

Apply configuration changes to the default node pool in AKS via Bicep

In today’s blog post we look into the Bicep and how to apply configuration changes to the default node pool in Azure Kubernetes Service within the same Bicep template. What sounds easy on the first look gets nasty if all the things shall be done within the same template like creating an Azure Kubernetes Service cluster, adding additional node pools, or changing the configuration of existing ones. Read more [...]

Migrate an Azure storage account from LRS to ZRS replication without downtime

This is a rather short blog post about a hidden gem in the Azure documentation. You have two options today migrating an existing Azure storage account from the LRS (locally redundant storage) to ZRS (zone-redundant storage) replication option. A manual migration or live migration. Choosing the manual migration option requires a new target storage account with ZRS and might imply an application Read more [...]

How to change the node size of the default node pool in AKS without downtime?

Currently, as of writing this blog post, Azure Kubernetes Service does not support changing the node size of the default node pool or additional node pools without recreating the whole AKS cluster or the additional node pool. Having all the configuration in infrastructure as code whether it is Bicep or Terraform seems to be a dead end for this simple operation. If we change the node size in our Read more [...]