Tag Archives: aks-engine

Disable the Kubernetes dashboard on Azure Kubernetes Service

A recently introduced change enables the capability to disable the Kubernetes dashboard on an AKS cluster. This is achieved by providing the Kubernetes dashboard as an AKS add-on like the Azure Monitor for containers integration, AKS virtual nodes or the HTTP application routing. I stumbled over that capability in the Terraform Azure provider documentation for Azure Kubernetes Service. -> Read more [...]

Custom naming support for AKS node resource group available

When you deploy an Azure Kubernetes Service cluster in Azure a second resource group gets created for the worker nodes. Per default the resource group has the following naming schema MC_resourcegroupname_clustername_location. In most cases this naming schema collides with a naming convention already in place for the company’s Azure environment. A common question since AKS hit the market is, Read more [...]

AKS VMSS base image update script – multiple node pool support

At the beginning of September, I have published a blog post about how to update the base image of a VMSS-based AKS cluster. -> https://www.danielstechblog.io/updating-the-base-image-of-a-vmss-based-aks-cluster/ On LinkedIn I had a good discussion with one of the AKS PMs about that and I want to highlight two things first. The shell script I have written directly interacts with the VMSS Read more [...]

Updating the base image of a VMSS-based AKS cluster

Earlier this year I had written a blog post about updating the VMSS base image of an aks-engine cluster. -> https://www.danielstechblog.io/updating-the-base-image-of-an-vmss-aks-engine-cluster/ Today, we focus on Azure Kubernetes Service running with VMSS. Microsoft releases updates regularly to the AKS service and refreshes also the base image for the AKS worker nodes. -> https://github.com/azure/aks/releases This Read more [...]

Distribute AKS Engine kubeconfig credentials

In my last blog post I showed you the integration of an AKS Engine cluster with Azure Active Directory. -> https://www.danielstechblog.io/using-an-aks-engine-cluster-with-azure-active-directory-integration/ Today we talk about the distribution of the kubeconfig credentials to our engineers and developers. You do not want to give them access via SSH to the AKS Engine master for two reasons. Read more [...]

Using an AKS Engine cluster with Azure Active Directory integration

As you might already know you can run an Azure Kubernetes Service cluster with Azure Active Directory integration for fine-grained RBAC role definitions. I have written a blog post about that awhile ago, if you need further information. -> https://www.danielstechblog.io/azure-kubernetes-service-and-azure-active-directory-integration/ Same as with AKS you can have AKS Engine clusters with Read more [...]

Updating the base image of an VMSS aks-engine cluster

In mid-February was a CVE for runc published and immediately patched on the major cloud provider platforms. -> https://seclists.org/oss-sec/2019/q1/119 -> https://kubernetes.io/blog/2019/02/11/runc-and-cve-2019-5736/ -> https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5736 As an example if you were running an Azure Kubernetes Service cluster with Kubernetes version 1.12.4, you Read more [...]