Tag Archives: Azure Resource Manager

Apply configuration changes to the default node pool in AKS via Bicep

In today’s blog post we look into the Bicep and how to apply configuration changes to the default node pool in Azure Kubernetes Service within the same Bicep template. What sounds easy on the first look gets nasty if all the things shall be done within the same template like creating an Azure Kubernetes Service cluster, adding additional node pools, or changing the configuration of existing ones. Read more [...]

How to change the node size of the default node pool in AKS without downtime?

Currently, as of writing this blog post, Azure Kubernetes Service does not support changing the node size of the default node pool or additional node pools without recreating the whole AKS cluster or the additional node pool. Having all the configuration in infrastructure as code whether it is Bicep or Terraform seems to be a dead end for this simple operation. If we change the node size in our Read more [...]

Azure Policy for Kubernetes – custom policies on Azure Arc enabled Kubernetes

On September 1st Microsoft announced the public preview of the custom policy support for Azure Policy for AKS. -> https://azure.microsoft.com/en-us/updates/custom-aks-policy-support-now-public-preview/ I am already using the public preview on my AKS cluster and was curious about if this would work as well with Azure Arc enabled Kubernetes. The short answer is yes, but with some minor adjustments. Configuration First Read more [...]

Azure Policy for Azure Kubernetes Service

In June I already covered Azure Policy for Kubernetes in a blog post. -> https://www.danielstechblog.io/using-azure-policy-for-kubernetes/ Back then Azure Policy for AKS was in public preview. At this year’s Microsoft Ignite Azure Policy for AKS went GA. -> https://azure.microsoft.com/en-us/updates/ga-policy-addon-for-azure-kubernetes-service/ There have been some significant changes Read more [...]

Unix time format in Azure Resource Manager templates

The Unix time format is represented in seconds elapsed since 01.01.1970 UTC. So, it is different from the standard time format we are used to. Depending on the Azure service some attributes in the Azure API / ARM template require the Unix time format especially Azure Key Vault keys and secrets. Those ones have two attributes the not before (nbf) and expiry (exp) date requiring the Unix time format. -> Read more [...]

Assigning RBAC permissions with Azure Resource Manager templates

Recently, I updated my AKS ARM template supporting the latest AKS feature set and important RBAC role assignments for the AKS cluster. After having a hard time, I managed to get the RBAC role assignment working. When you now think what should be so complicated? Check out my tweet on Twitter getting the background information. -> https://twitter.com/neumanndaniel/status/1294272253211947008 It Read more [...]

ARM Template – Deploy an AKS cluster using managed identity and managed Azure AD integration

As I mentioned in my other blog post before I have updated my Azure Resource Manager template as well. Switching from the AAD service principal to managed identity option and from the AAD v1 integration to AAD v2 which is also managed. Other changes and improvements are the following ones: Private cluster support Managed control plane SKU tier support Windows node pool support Node Read more [...]

Using Azure Policy for Kubernetes

In my last blog post I mentioned that the next topic is about Azure Policy in combination with Azure Arc enabled Kubernetes. I decided to write about Azure Policy for Kubernetes instead covering Azure Kubernetes Service and Azure Arc enabled Kubernetes. As Azure Policy for Kubernetes is based on the Open Policy Agent Gatekeeper implementation, I will also highlight the difference between the Read more [...]

Connect KinD with Azure Arc enabled Kubernetes

At this year’s first ever digital Microsoft Build conference, Microsoft announced the public preview of Azure Arc enabled Kubernetes. -> https://azure.microsoft.com/en-us/updates/azure-arc-support-for-azure-kubernetes-service-aks-engine-clusters/ Azure Arc enabled Kubernetes lets you connect Kubernetes clusters running on-premises or at another cloud provider with Azure for a unified management Read more [...]

Working with Windows Server node pools in Azure Kubernetes Service

Back in May Microsoft released the public preview of Windows Server support for Azure Kubernetes Service. -> https://azure.microsoft.com/en-us/blog/announcing-the-preview-of-windows-server-containers-support-in-azure-kubernetes-service/ When you are starting with Windows Server node pools in AKS you should at least be aware of some prerequisites and limitations. Windows Server node pools Read more [...]