Tag Archives: Microsoft Azure

Distribute Azure Kubernetes Service kubeconfig credentials

Last week I showed you the kubeconfig credentials distribution for AKS Engine. -> https://www.danielstechblog.io/distribute-aks-engine-kubeconfig-credentials/ In this blog post I walk you through the steps for Azure Kubernetes Service. The distribution of the kubeconfig credentials for an AKS cluster with AAD integration is a lot easier thanks to the following two built-in RBAC roles. -> Read more [...]

Distribute AKS Engine kubeconfig credentials

In my last blog post I showed you the integration of an AKS Engine cluster with Azure Active Directory. -> https://www.danielstechblog.io/using-an-aks-engine-cluster-with-azure-active-directory-integration/ Today we talk about the distribution of the kubeconfig credentials to our engineers and developers. You do not want to give them access via SSH to the AKS Engine master for two reasons. Read more [...]

Using an AKS Engine cluster with Azure Active Directory integration

As you might already know you can run an Azure Kubernetes Service cluster with Azure Active Directory integration for fine-grained RBAC role definitions. I have written a blog post about that awhile ago, if you need further information. -> https://www.danielstechblog.io/azure-kubernetes-service-and-azure-active-directory-integration/ Same as with AKS you can have AKS Engine clusters with Read more [...]

Tweaking data collection for Azure Monitor for containers

Recently Microsoft introduced silently some configurations options for the Azure Monitor for containers solution. As you might know the Azure Monitor for containers solution collects stdout, stderr and environment variables from AKS and AKS-engine clusters except from containers running in the kube-system namespace. If you want to use the new feature the minimum agent version that is required Read more [...]

Installing Helm and Azure IoT Edge on a k3s Kubernetes cluster on Raspbian

This is the third and last blog post in a series covering k3s a new Kubernetes distribution by Rancher. -> https://k3s.io/ In this post we focus on the Azure IoT Edge deployment on Kubernetes via the package manager tool Helm. -> https://docs.microsoft.com/en-us/azure/iot-edge/about-iot-edge -> https://helm.sh/ The topic is divided in two parts. First about the automated container Read more [...]

Updated Azure Function App – AKS Advanced Networking IP address calculation

Just a short information about the update I have done for the Azure Function App doing the AKS Advanced Networking IP address calculation (Azure CNI). Since I have written the Azure Function App, they have been some changes what limits are supported for AKS using Azure CNI networking. Minimum pods per node: 30 Maximum pods per node: 250 Maximum nodes per cluster (only with multiple node Read more [...]

SSH access to AKS nodes for troubleshooting purposes

Under normal circumstances you do not need SSH access to your AKS nodes. Even when you create a new AKS cluster you do not have to provide an admin username and a public SSH key. Deployment method admin username required? public SSH key required? Azure portal No, cannot be set No, cannot be set Azure CLI Optional Optional ARM templates Required Required Terraform Required Required Why Read more [...]

Running Linkerd on Azure Kubernetes Service

Certainly, you have heard the term service mesh in the context of Kubernetes. Istio is one of the service mesh implementations that you might have heard of mostly. Beside Istio, Linkerd is the other popular service mesh implementation for Kubernetes. In this blog post I talk about the installation of Linkerd and running it on Azure Kubernetes Service. The easiest part to get started with Linkerd Read more [...]

Configure Azure Traffic Manager endpoint monitoring for container applications behind an ingress controller on AKS

Running an ingress controller on Azure Kubernetes Service requires configuration of the Azure Traffic Manager endpoint monitoring options when Traffic Manager is used in front of it. In this blog post I will show you an example configuration of the Traffic Manager endpoint monitoring for a container application behind the Ambassador API gateway running on AKS. First, here is the Kubernetes service Read more [...]

Azure Load Balancer behavior when externalTrafficPolicy is set to Local in the Kubernetes service object

In one of my last blog posts I talked about running the Ambassador Kubernetes-native microservices API gateway on Azure Kubernetes Service. Specially to define and set the configuration option externalTrafficPolicy to Local on the Ambassador Kubernetes service object. -> https://www.danielstechblog.io/running-ambassador-api-gateway-on-azure-kubernetes-service/ But have you ever asked yourself Read more [...]