-
Using Cilium Hubble Exporter to log blocked egress traffic on Azure Kubernetes Service
In one of my previous blog posts, I covered how to do egress traffic blocking with Cilium bring-your-own CNI on Azure Kubernetes Service -> https://www.danielstechblog.io/egress-traffic-blocking-with-cilium-cluster-wide-network-policies-on-azure-kubernetes-service/ Today we look into Cilium Hubble Exporter which lets us write Hubble flows to the Cilium agent log output. Thus, Hubble flows can be collected by the logging solution running…
-
Egress traffic blocking with Calico global network policies on Azure Kubernetes Service
In my last blog post, I covered how to do egress traffic blocking with Cilium bring-your-own CNI on Azure Kubernetes Service as Azure CNI powered by Cilium does not officially support Cilium cluster-wide network policies and Cilium CIDR groups. -> https://www.danielstechblog.io/egress-traffic-blocking-with-cilium-cluster-wide-network-policies-on-azure-kubernetes-service/ In addition to the Cilium option on Azure Kubernetes Service, there has been and…
-
Egress traffic blocking with Cilium cluster-wide network policies on Azure Kubernetes Service
Today, we talk about how to block egress traffic with Cilium cluster-wide network policies on Azure Kubernetes Service. For this, we need an Azure Kubernetes Service cluster with Cilium installed via the bring-your-own CNI approach. Azure CNI powered by Cilium unfortunately only partially supports Cilium network policies. However, Cilium cluster-wide network policies and Cilium CIDR…
-
Use Fluent Bit for Kubernetes events gathering on Azure Kubernetes Service
For a while now Fluent Bit has a new input plugin that allows us to gather Kubernetes events, modify, and ingest them into the logging backend. -> https://docs.fluentbit.io/manual/pipeline/inputs/kubernetes-events Today we look at how to configure and deploy Fluent Bit to gather Kubernetes events on an Azure Kubernetes Service cluster and ingest them into an Azure…
-
New Fluent Bit Azure Data Explorer output plugin version available
In the recent 3.2.2 release, the new Azure Data Explorer output plugin version is available. Azure_kusto (Output) fix multiple files tail issue and timeout issue (#8430) -> https://fluentbit.io/announcements/v3.2.2/ -> https://github.com/fluent/fluent-bit/pull/8430 The previous version had a couple of issues that have now been fixed. For instance, I was running into an unreliable authentication with the earlier…
-
Retrieve Kubernetes Pods IP addresses with Fluent Bit
In the recent 3.2.1 release, Fluent Bit added a long-awaited functionality that has been available for a long time in FluentD: the capability to extract the Kubernetes Pod IP address and enrich the log data with it. Kubernetes (Filter) Retrieve kubernetes pod ip address if it is set in status.podip (#2783) -> https://fluentbit.io/announcements/v3.2.1/ -> https://github.com/fluent/fluent-bit/issues/2301…