Tag: AKS
-
Azure Load Balancer Health Event Logs
In February, Microsoft announced the general availability of the Azure Load Balancer health event logs. -> https://azure.microsoft.com/en-us/updates?WT.mc_id=AZ-MVP-5000119&id=481818 Those health event logs are part of the diagnostic logs of an Azure Load Balancer As seen in the screenshot above, I have configured them on the Azure Load Balancer, part of my Azure Kubernetes Service cluster, and…
-
Using Hubble CLI’s automatic port forwarding
This will be a rather short blog post today, but it will highlight a new feature in the Hubble CLI in version 1.17 and later. Since version 1.17, the option -P has been added to the Hubble CLI. -P enables the automatic port forwarding to the Hubble relay in the Kubernetes cluster. As seen in…
-
Using Cilium Hubble Exporter to log blocked egress traffic on Azure Kubernetes Service
In one of my previous blog posts, I covered how to do egress traffic blocking with Cilium bring-your-own CNI on Azure Kubernetes Service -> https://www.danielstechblog.io/egress-traffic-blocking-with-cilium-cluster-wide-network-policies-on-azure-kubernetes-service/ Today we look into Cilium Hubble Exporter which lets us write Hubble flows to the Cilium agent log output. Thus, Hubble flows can be collected by the logging solution running…
-
Egress traffic blocking with Calico global network policies on Azure Kubernetes Service
In my last blog post, I covered how to do egress traffic blocking with Cilium bring-your-own CNI on Azure Kubernetes Service as Azure CNI powered by Cilium does not officially support Cilium cluster-wide network policies and Cilium CIDR groups. -> https://www.danielstechblog.io/egress-traffic-blocking-with-cilium-cluster-wide-network-policies-on-azure-kubernetes-service/ In addition to the Cilium option on Azure Kubernetes Service, there has been and…
-
Egress traffic blocking with Cilium cluster-wide network policies on Azure Kubernetes Service
Today, we talk about how to block egress traffic with Cilium cluster-wide network policies on Azure Kubernetes Service. For this, we need an Azure Kubernetes Service cluster with Cilium installed via the bring-your-own CNI approach. Azure CNI powered by Cilium unfortunately only partially supports Cilium network policies. However, Cilium cluster-wide network policies and Cilium CIDR…
-
Use Fluent Bit for Kubernetes events gathering on Azure Kubernetes Service
For a while now Fluent Bit has a new input plugin that allows us to gather Kubernetes events, modify, and ingest them into the logging backend. -> https://docs.fluentbit.io/manual/pipeline/inputs/kubernetes-events Today we look at how to configure and deploy Fluent Bit to gather Kubernetes events on an Azure Kubernetes Service cluster and ingest them into an Azure…