Secure Kubernetes API server access in Azure Kubernetes Service

Running Kubernetes at a cloud provider especially managed Kubernetes like AKS or GKE provides you with a solid foundation and applied security best practices for the managed master control plane. But there is one downside, the public accessible API endpoint to control the Kubernetes cluster. Even the API endpoint is only exposed via HTTPS and access is secured via the Azure Active Directory integration Read more [...]

Terraform – Working with AKS multiple node pools in TF Azure provider version 1.37

On Tuesday this week the Terraform Azure provider version 1.37 was released and brings some changes regarding AKS multiple node pools support. Multiple node pools are now fully supported in Terraform with their own resource azurerm_kubernetes_cluster_node_pool. First, let us talk about the changes to the resource azurerm_kubernetes_cluster before getting to the azurerm_kubernetes_cluster_node_pool Read more [...]

Working with Windows Server node pools in Azure Kubernetes Service

Back in May Microsoft released the public preview of Windows Server support for Azure Kubernetes Service. -> https://azure.microsoft.com/en-us/blog/announcing-the-preview-of-windows-server-containers-support-in-azure-kubernetes-service/ When you are starting with Windows Server node pools in AKS you should at least be aware of some prerequisites and limitations. Windows Server node pools Read more [...]

Azure Resource Manager templates – Deploy an AKS cluster with multiple node pools

This week the multiple node pool feature for Azure Kubernetes Service went GA. -> https://azure.microsoft.com/en-us/updates/support-for-multiple-node-pools-in-azure-kubernetes-service-is-now-available/ Today we walk through the steps to deploy multiple AKS node pools with Azure Resource Manager templates. Looking at the ARM template reference for AKS, node pools get defined in the managedClusters Read more [...]

Speaking at Azure Saturday Cologne

After a break of nearly five months from public speaking I am back on stage since October. The last public speaking engagement was in May at the European Collaboration Summit in Wiesbaden. Then in October I presented the topic “Terraform on Azure” at the Azure Meetup Bonn hosted by LeanIX. The next event I am presenting at is the Azure Saturday Cologne on December 7th where I talk about Read more [...]

Terraform – Deploy an Azure Kubernetes Service cluster with multiple node pools

UPDATE: Checkout the new blog post covering AKS multiple node pools in Terraform Azure provider version 1.37. -> https://www.danielstechblog.io/terraform-working-with-aks-multiple-node-pools-in-tf-azure-provider-version-1-37/ The multiple node pool feature for AKS is currently in preview. -> https://docs.microsoft.com/en-us/azure/aks/use-multiple-node-pools Multiple node pools Read more [...]

Pin Terraform version in Azure Cloud Shell

When you cannot always work with the latest Terraform version for you Infrastructure as Code deployments and need to stick to a specific one like 0.12.10 for instance, then you should continue reading. The Azure Cloud Shell is Microsoft’s CLI as a Service offering in Azure and provides you with a browser-based interface that is accessible from everywhere and comes with a rich tool set. -> Read more [...]

Disable the Kubernetes dashboard on Azure Kubernetes Service

A recently introduced change enables the capability to disable the Kubernetes dashboard on an AKS cluster. This is achieved by providing the Kubernetes dashboard as an AKS add-on like the Azure Monitor for containers integration, AKS virtual nodes or the HTTP application routing. I stumbled over that capability in the Terraform Azure provider documentation for Azure Kubernetes Service. -> Read more [...]

Custom naming support for AKS node resource group available

When you deploy an Azure Kubernetes Service cluster in Azure a second resource group gets created for the worker nodes. Per default the resource group has the following naming schema MC_resourcegroupname_clustername_location. In most cases this naming schema collides with a naming convention already in place for the company’s Azure environment. A common question since AKS hit the market is, Read more [...]

Optimize build performance on Jenkins Azure worker nodes

Today we focus on some performance optimizations for the Jenkins worker nodes on Azure instead of security as in the last blog post. -> https://www.danielstechblog.io/secure-jenkins-worker-nodes-on-azure/ As you might know already each Azure VM gets an additional SSD-based temporary drive beside the OS disk drive. Per default the swap file is stored on this temporary drive, because it is ephemeral. So, Read more [...]