-
How to send Cilium metrics to Azure Managed Prometheus
In today’s blog post, I walk you through the setup on how to send Cilium metrics to Azure Managed Prometheus. Our setup covers two scenarios. The first one is an Azure Kubernetes Service cluster using Cilium via the BYOCNI (Bring Your Own CNI) option, and the second one is a K3s single node cluster running…
-
Use an Azure Managed Identity for Fluent Bit’s Azure Data Explorer output plugin on Azure Kubernetes Service
The new Fluent Bit version 4 contains an interesting new feature for the Azure Data Explorer output plugin. Besides the standard option of using an Azure Service Principal for authentication, it now additionally supports an Azure Managed Identity for authentication. Azure_kusto (Output) azure managed identity support added (#10036) -> https://fluentbit.io/announcements/v4.0.0/ -> https://github.com/fluent/fluent-bit/pull/10036 Azure Managed Identities…
-
Provide additional metadata information to Cilium for IP addresses outside of the Kubernetes cluster scope
In Cilium, IP addresses that do not belong to the Pod CIDR or Kubernetes Service CIDR range, and some special ranges like the Kubernetes API server, are recognized as the reserved:world identity. So, to say they do not belong to the Kubernetes cluster scope, known to Cilium itself. -> https://docs.cilium.io/en/stable/gettingstarted/terminology/#special-identities When you start using DNS-based…
-
Identifying values for the Azure Policy field parameter
In Azure, you can use Azure Policy with its field parameter to check for or enforce certain Azure resource configurations. For instance, the built-in policy “Allowed virtual machine size SKUs” uses the field parameter to restrict the available VM SKUs. This is especially useful for not accidentally provisioning very expensive VM SKUs like the ones…
-
Azure Load Balancer Health Event Logs
In February, Microsoft announced the general availability of the Azure Load Balancer health event logs. -> https://azure.microsoft.com/en-us/updates?WT.mc_id=AZ-MVP-5000119&id=481818 Those health event logs are part of the diagnostic logs of an Azure Load Balancer As seen in the screenshot above, I have configured them on the Azure Load Balancer, part of my Azure Kubernetes Service cluster, and…
-
Using Hubble CLI’s automatic port forwarding
This will be a rather short blog post today, but it will highlight a new feature in the Hubble CLI in version 1.17 and later. Since version 1.17, the option -P has been added to the Hubble CLI. -P enables the automatic port forwarding to the Hubble relay in the Kubernetes cluster. As seen in…