Tag Archives: PaaS

AKS – Authentication issues real-time container logging solution

UPDATE 15.08.2019: The issue described here in my blog post has been resolved in the Azure docs with the following pull request. -> https://github.com/MicrosoftDocs/azure-docs/pull/37045 Back in June Microsoft announced an URL change affecting the Azure Monitor for containers real-time container logging solution. -> https://azure.microsoft.com/en-us/updates/azure-monitor-for-containers-updates-to-live-data-settings/ -> Read more [...]

Setting custom upstream nameservers for CoreDNS in Azure Kubernetes Service

Last year I have written a blog post about configuring kube-dns in Azure Kubernetes Service to provide a custom nameserver for DNS name resolution. -> https://www.danielstechblog.io/using-custom-dns-server-for-domain-specific-name-resolution-with-azure-kubernetes-service/ Since then Kubernetes switched to CoreDNS and AKS as well. Today I am not talking about the topic in my previous blog post, Read more [...]

Distribute Azure Kubernetes Service kubeconfig credentials

Last week I showed you the kubeconfig credentials distribution for AKS Engine. -> https://www.danielstechblog.io/distribute-aks-engine-kubeconfig-credentials/ In this blog post I walk you through the steps for Azure Kubernetes Service. The distribution of the kubeconfig credentials for an AKS cluster with AAD integration is a lot easier thanks to the following two built-in RBAC roles. -> Read more [...]

Distribute AKS Engine kubeconfig credentials

In my last blog post I showed you the integration of an AKS Engine cluster with Azure Active Directory. -> https://www.danielstechblog.io/using-an-aks-engine-cluster-with-azure-active-directory-integration/ Today we talk about the distribution of the kubeconfig credentials to our engineers and developers. You do not want to give them access via SSH to the AKS Engine master for two reasons. Read more [...]

Using an AKS Engine cluster with Azure Active Directory integration

As you might already know you can run an Azure Kubernetes Service cluster with Azure Active Directory integration for fine-grained RBAC role definitions. I have written a blog post about that awhile ago, if you need further information. -> https://www.danielstechblog.io/azure-kubernetes-service-and-azure-active-directory-integration/ Same as with AKS you can have AKS Engine clusters with Read more [...]

Tweaking data collection for Azure Monitor for containers

Recently Microsoft introduced silently some configurations options for the Azure Monitor for containers solution. As you might know the Azure Monitor for containers solution collects stdout, stderr and environment variables from AKS and AKS-engine clusters except from containers running in the kube-system namespace. If you want to use the new feature the minimum agent version that is required Read more [...]

Updated Azure Function App – AKS Advanced Networking IP address calculation

Just a short information about the update I have done for the Azure Function App doing the AKS Advanced Networking IP address calculation (Azure CNI). Since I have written the Azure Function App, they have been some changes what limits are supported for AKS using Azure CNI networking. Minimum pods per node: 30 Maximum pods per node: 250 Maximum nodes per cluster (only with multiple node Read more [...]

SSH access to AKS nodes for troubleshooting purposes

Under normal circumstances you do not need SSH access to your AKS nodes. Even when you create a new AKS cluster you do not have to provide an admin username and a public SSH key. Deployment method admin username required? public SSH key required? Azure portal No, cannot be set No, cannot be set Azure CLI Optional Optional ARM templates Required Required Terraform Required Required Why Read more [...]

Running Linkerd on Azure Kubernetes Service

Certainly, you have heard the term service mesh in the context of Kubernetes. Istio is one of the service mesh implementations that you might have heard of mostly. Beside Istio, Linkerd is the other popular service mesh implementation for Kubernetes. In this blog post I talk about the installation of Linkerd and running it on Azure Kubernetes Service. The easiest part to get started with Linkerd Read more [...]

Configure Azure Traffic Manager endpoint monitoring for container applications behind an ingress controller on AKS

Running an ingress controller on Azure Kubernetes Service requires configuration of the Azure Traffic Manager endpoint monitoring options when Traffic Manager is used in front of it. In this blog post I will show you an example configuration of the Traffic Manager endpoint monitoring for a container application behind the Ambassador API gateway running on AKS. First, here is the Kubernetes service Read more [...]