Tag Archives: PaaS

Distribute AKS Engine kubeconfig credentials

In my last blog post I showed you the integration of an AKS Engine cluster with Azure Active Directory. -> https://www.danielstechblog.io/using-an-aks-engine-cluster-with-azure-active-directory-integration/ Today we talk about the distribution of the kubeconfig credentials to our engineers and developers. You do not want to give them access via SSH to the AKS Engine master for two reasons. Read more [...]

Using an AKS Engine cluster with Azure Active Directory integration

As you might already know you can run an Azure Kubernetes Service cluster with Azure Active Directory integration for fine-grained RBAC role definitions. I have written a blog post about that awhile ago, if you need further information. -> https://www.danielstechblog.io/azure-kubernetes-service-and-azure-active-directory-integration/ Same as with AKS you can have AKS Engine clusters with Read more [...]

Tweaking data collection for Azure Monitor for containers

Recently Microsoft introduced silently some configurations options for the Azure Monitor for containers solution. As you might know the Azure Monitor for containers solution collects stdout, stderr and environment variables from AKS and AKS-engine clusters except from containers running in the kube-system namespace. If you want to use the new feature the minimum agent version that is required Read more [...]

Updated Azure Function App – AKS Advanced Networking IP address calculation

Just a short information about the update I have done for the Azure Function App doing the AKS Advanced Networking IP address calculation (Azure CNI). Since I have written the Azure Function App, they have been some changes what limits are supported for AKS using Azure CNI networking. Minimum pods per node: 30 Maximum pods per node: 250 Maximum nodes per cluster (only with multiple node Read more [...]

SSH access to AKS nodes for troubleshooting purposes

Under normal circumstances you do not need SSH access to your AKS nodes. Even when you create a new AKS cluster you do not have to provide an admin username and a public SSH key. Deployment method admin username required? public SSH key required? Azure portal No, cannot be set No, cannot be set Azure CLI Optional Optional ARM templates Required Required Terraform Required Required Why Read more [...]

Running Linkerd on Azure Kubernetes Service

Certainly, you have heard the term service mesh in the context of Kubernetes. Istio is one of the service mesh implementations that you might have heard of mostly. Beside Istio, Linkerd is the other popular service mesh implementation for Kubernetes. In this blog post I talk about the installation of Linkerd and running it on Azure Kubernetes Service. The easiest part to get started with Linkerd Read more [...]

Configure Azure Traffic Manager endpoint monitoring for container applications behind an ingress controller on AKS

Running an ingress controller on Azure Kubernetes Service requires configuration of the Azure Traffic Manager endpoint monitoring options when Traffic Manager is used in front of it. In this blog post I will show you an example configuration of the Traffic Manager endpoint monitoring for a container application behind the Ambassador API gateway running on AKS. First, here is the Kubernetes service Read more [...]

Azure Load Balancer behavior when externalTrafficPolicy is set to Local in the Kubernetes service object

In one of my last blog posts I talked about running the Ambassador Kubernetes-native microservices API gateway on Azure Kubernetes Service. Specially to define and set the configuration option externalTrafficPolicy to Local on the Ambassador Kubernetes service object. -> https://www.danielstechblog.io/running-ambassador-api-gateway-on-azure-kubernetes-service/ But have you ever asked yourself Read more [...]

Publishing Azure Functions on AKS through the Ambassador API gateway

In my last blog post I introduced you to the Ambassador Kubernetes-native microservices API gateway as an ingress controller running on Azure Kubernetes Service. -> https://www.danielstechblog.io/running-ambassador-api-gateway-on-azure-kubernetes-service/ Today I would like to show you how to publish an Azure Function running on Kubernetes through the Ambassador API gateway. It is nothing Read more [...]

Running Ambassador API gateway on Azure Kubernetes Service

Lately I was playing around with the Ambassador Kubernetes-native microservices API gateway as an ingress controller on Azure Kubernetes Service. -> https://www.getambassador.io/ Ambassador is based on the popular L7 proxy Envoy by Lyft. Beside the API gateway capabilities, you can use Ambassador just as an ingress controller for publishing your container applications to the outside world. -> Read more [...]