Tag Archives: Container

High available control plane with Istio 1.5 on Azure Kubernetes Service

Back in January I have written a blog post about installing the Istio control plane on AKS in HA mode. -> https://www.danielstechblog.io/install-a-high-available-istio-control-plane-on-azure-kubernetes-service/ Since the release of Istio 1.5 this month the overall architecture of the Istio control plane has changed. -> https://istio.io/news/releases/1.5.x/announcing-1.5/#introducing-istiod With Read more [...]

Updated maximum nodes limit – Azure Function App – AKS Azure CNI IP address calculation

Just a short information about the update I have done for the Azure Function App doing the AKS Azure CNI IP address calculation. Since the last update there has been a change to the maximum nodes per cluster limit supported by AKS. Maximum nodes per cluster (only with multiple node pools and VMSS): 1000 -> https://docs.microsoft.com/en-us/azure/aks/use-multiple-node-pools#limitations This Read more [...]

Combine istioctl commands with kubectl-select

Since working with Istio I stumbled a couple of times over some of the istioctl commands that require to select a specific pod or service. Some of these commands are istioctl… …dashboard controlz {Istio pilot pod name} …dashboard envoy {pod name} …experimental describe service {service name} …experimental metrics {service name} ...proxy-config bootstrap {pod name} For Read more [...]

Install a high available Istio control plane on Azure Kubernetes Service

Lately I worked intensively with Istio and focused especially on the topic high availability of the Istio control plane. When you install Istio with the default profile, as mentioned in the Istio documentation, you get a non-high available control plane. istioctl manifest apply \ --set values.global.mtls.enabled=true \ --set values.global.controlPlaneSecurityEnabled=true Per default Istio gets Read more [...]

Check cluster manageability with Azure Kubernetes Service Diagnostics

It does not matter if your AKS cluster is running without any issues or you currently experiencing issues, you should run Azure Kubernetes Service Diagnostics on a regular base. But what is Azure Kubernetes Service Diagnostics? Let me give you a quick introduction. AKS Diagnostics is a functionality in the Azure portal which provides you with the capability to run a self-diagnosis against your Read more [...]

Using Octant as alternative Kubernetes dashboard for Azure Kubernetes Service

When you are running an Azure Kubernetes Service cluster you might deployed the cluster without the Kubernetes dashboard or disabled it afterwards. -> https://www.danielstechblog.io/disable-the-kubernetes-dashboard-on-azure-kubernetes-service/ Mainly you are doing it for security purposes to prevent an accidentally exposed and unsecured Kubernetes dashboard to the public. -> https://redlock.io/blog/cryptojacking-tesla The Read more [...]

Disable the Kubernetes dashboard on Azure Kubernetes Service

A recently introduced change enables the capability to disable the Kubernetes dashboard on an AKS cluster. This is achieved by providing the Kubernetes dashboard as an AKS add-on like the Azure Monitor for containers integration, AKS virtual nodes or the HTTP application routing. I stumbled over that capability in the Terraform Azure provider documentation for Azure Kubernetes Service. -> Read more [...]

Custom naming support for AKS node resource group available

When you deploy an Azure Kubernetes Service cluster in Azure a second resource group gets created for the worker nodes. Per default the resource group has the following naming schema MC_resourcegroupname_clustername_location. In most cases this naming schema collides with a naming convention already in place for the company’s Azure environment. A common question since AKS hit the market is, Read more [...]

AKS VMSS base image update script – multiple node pool support

At the beginning of September, I have published a blog post about how to update the base image of a VMSS-based AKS cluster. -> https://www.danielstechblog.io/updating-the-base-image-of-a-vmss-based-aks-cluster/ On LinkedIn I had a good discussion with one of the AKS PMs about that and I want to highlight two things first. The shell script I have written directly interacts with the VMSS Read more [...]

Updating the base image of a VMSS-based AKS cluster

Earlier this year I had written a blog post about updating the VMSS base image of an aks-engine cluster. -> https://www.danielstechblog.io/updating-the-base-image-of-an-vmss-aks-engine-cluster/ Today, we focus on Azure Kubernetes Service running with VMSS. Microsoft releases updates regularly to the AKS service and refreshes also the base image for the AKS worker nodes. -> https://github.com/azure/aks/releases This Read more [...]