Tag: Container
-
Use node initialization taints on Azure Kubernetes Service with Cilium
On an Azure Kubernetes Service cluster with Bring Your Own Container Network Interface (BYOCNI) using Cilium, you could not use Cilium’s agent-not-ready taint functionality. -> https://docs.cilium.io/en/stable/installation/taints/ The reason for that is that the Azure control plane blocks add/remove operations on taints via the Kubernetes API. You have to remove taints via the Azure Kubernetes Service…
-
Restrict access to the IMDS endpoint on Azure Kubernetes Service with Cilium
In today’s blog post, we take a look at restricting access to the Azure IMDS endpoint on an Azure Kubernetes Service (AKS) cluster with Cilium using the BYOCNI approach. The Instance Metadata Service (IMDS) endpoint, also known as short IMDS, can be called directly from every Azure VM or VMSS instance via the following command.…
-
How to restore a container image from an Azure Kubernetes Service node to an Azure Container Registry?
Imagine a specific version of your container image used for your application has been deleted from your Azure Container Registry. It cannot be restored for whatever reason through your CI/CD pipeline, and you still need this version. How can you restore that specific version when you still have a running pod on one of the…
-
Using Istio with Kubernetes native sidecars on Azure Kubernetes Service
In my previous blog post, I showed you how to check for specific feature gates on an Azure Kubernetes Service cluster. -> https://www.danielstechblog.io/show-enabled-feature-gates-on-an-azure-kubernetes-service-cluster/ Especially for the SidecarContainers feature gate, which is enabled on Azure Kubernetes Service running Kubernetes version 1.29 or higher. The SidecarContainers feature gate brings support for running sidecar containers as init containers. For instance, a service…
-
Show enabled feature gates on an Azure Kubernetes Service cluster
Recently, I needed to check which feature gates are active on an Azure Kubernetes Service cluster running Kubernetes version 1.29.0. In particular, the SidecarContainers feature gate brings support for running sidecar containers as init containers. For instance, a service mesh proxy container now starts before the main container and solves a couple of issues with service…
-
Azure Kubernetes Fleet Manager – Advance your Kubernetes cluster update management on Azure
The Azure Kubernetes Fleet Manager comes with two different configuration options with and without a hub cluster configuration. In today’s blog post, we focus on the Azure Kubernetes Fleet Manager without a hub cluster configuration. This configuration option only provides the Azure Kubernetes Service update management, and this is our focus for today, Before we…