Updated maximum nodes limit – Azure Function App – AKS Azure CNI IP address calculation

Just a short information about the update I have done for the Azure Function App doing the AKS Azure CNI IP address calculation. Since the last update there has been a change to the maximum nodes per cluster limit supported by AKS. Maximum nodes per cluster (only with multiple node pools and VMSS): 1000 -> https://docs.microsoft.com/en-us/azure/aks/use-multiple-node-pools#limitations This Read more [...]

Combine istioctl commands with kubectl-select

Since working with Istio I stumbled a couple of times over some of the istioctl commands that require to select a specific pod or service. Some of these commands are istioctl… …dashboard controlz {Istio pilot pod name} …dashboard envoy {pod name} …experimental describe service {service name} …experimental metrics {service name} ...proxy-config bootstrap {pod name} For Read more [...]

Install a high available Istio control plane on Azure Kubernetes Service

Lately I worked intensively with Istio and focused especially on the topic high availability of the Istio control plane. When you install Istio with the default profile, as mentioned in the Istio documentation, you get a non-high available control plane. istioctl manifest apply \ --set values.global.mtls.enabled=true \ --set values.global.controlPlaneSecurityEnabled=true Per default Istio gets Read more [...]

Check cluster manageability with Azure Kubernetes Service Diagnostics

It does not matter if your AKS cluster is running without any issues or you currently experiencing issues, you should run Azure Kubernetes Service Diagnostics on a regular base. But what is Azure Kubernetes Service Diagnostics? Let me give you a quick introduction. AKS Diagnostics is a functionality in the Azure portal which provides you with the capability to run a self-diagnosis against your Read more [...]

Using Octant as alternative Kubernetes dashboard for Azure Kubernetes Service

When you are running an Azure Kubernetes Service cluster you might deployed the cluster without the Kubernetes dashboard or disabled it afterwards. -> https://www.danielstechblog.io/disable-the-kubernetes-dashboard-on-azure-kubernetes-service/ Mainly you are doing it for security purposes to prevent an accidentally exposed and unsecured Kubernetes dashboard to the public. -> https://redlock.io/blog/cryptojacking-tesla The Read more [...]

Secure Kubernetes API server access in Azure Kubernetes Service

Running Kubernetes at a cloud provider especially managed Kubernetes like AKS or GKE provides you with a solid foundation and applied security best practices for the managed master control plane. But there is one downside, the public accessible API endpoint to control the Kubernetes cluster. Even the API endpoint is only exposed via HTTPS and access is secured via the Azure Active Directory integration Read more [...]

Terraform – Working with AKS multiple node pools in TF Azure provider version 1.37

On Tuesday this week the Terraform Azure provider version 1.37 was released and brings some changes regarding AKS multiple node pools support. Multiple node pools are now fully supported in Terraform with their own resource azurerm_kubernetes_cluster_node_pool. First, let us talk about the changes to the resource azurerm_kubernetes_cluster before getting to the azurerm_kubernetes_cluster_node_pool Read more [...]

Working with Windows Server node pools in Azure Kubernetes Service

Back in May Microsoft released the public preview of Windows Server support for Azure Kubernetes Service. -> https://azure.microsoft.com/en-us/blog/announcing-the-preview-of-windows-server-containers-support-in-azure-kubernetes-service/ When you are starting with Windows Server node pools in AKS you should at least be aware of some prerequisites and limitations. Windows Server node pools Read more [...]

Azure Resource Manager templates – Deploy an AKS cluster with multiple node pools

This week the multiple node pool feature for Azure Kubernetes Service went GA. -> https://azure.microsoft.com/en-us/updates/support-for-multiple-node-pools-in-azure-kubernetes-service-is-now-available/ Today we walk through the steps to deploy multiple AKS node pools with Azure Resource Manager templates. Looking at the ARM template reference for AKS, node pools get defined in the managedClusters Read more [...]

Speaking at Azure Saturday Cologne

After a break of nearly five months from public speaking I am back on stage since October. The last public speaking engagement was in May at the European Collaboration Summit in Wiesbaden. Then in October I presented the topic “Terraform on Azure” at the Azure Meetup Bonn hosted by LeanIX. The next event I am presenting at is the Azure Saturday Cologne on December 7th where I talk about Read more [...]