Daniel's Tech Blog

Cloud Computing, Cloud Native & Kubernetes

Tag: Public Cloud

  • An experiment – Enable Cilium native routing on Azure Kubernetes Service BYOCNI – Part 3

    This is the third and final part of a three-part series about “An experiment – Enable Cilium native routing on Azure Kubernetes Service BYOCNI”. -> https://www.danielstechblog.io/an-experiment-enable-cilium-native-routing-on-azure-kubernetes-service-byocni-part-1/ -> https://www.danielstechblog.io/an-experiment-enable-cilium-native-routing-on-azure-kubernetes-service-byocni-part-2/ We will focus today on how to enable Cilium native routing with Azure Route Server and BGP on Azure Kubernetes Service BYOCNI. Azure Route Server Azure Route…

  • An experiment – Enable Cilium native routing on Azure Kubernetes Service BYOCNI – Part 2

    This is the second part of a three-part series about “An experiment – Enable Cilium native routing on Azure Kubernetes Service BYOCNI”. -> https://www.danielstechblog.io/an-experiment-enable-cilium-native-routing-on-azure-kubernetes-service-byocni-part-1/ We will focus today on how to enable Cilium native routing with WireGuard Transparent Encryption on Azure Kubernetes Service BYOCNI. Enable Cilium native routing with WireGuard Transparent Encryption In this example,…

  • An experiment – Enable Cilium native routing on Azure Kubernetes Service BYOCNI – Part 1

    This is the first part of a three-part series about “An experiment – Enable Cilium native routing on Azure Kubernetes Service BYOCNI”. Cilium supports two routing modes, encapsulation and native routing. Due to its versatility of not depending on the underlying network, the encapsulation, also called tunneling, mode is the default one for most Cilium…

  • Use Azure Log Alerts with Azure Data Explorer

    Since July 2024, the Azure Log Alerts support for Azure Data Explorer is generally available, and you might be familiar with log alerts already by using them with Log Analytics or Application Insights. -> https://azure.microsoft.com/en-us/updates/?id=log-alerts-for-azure-data-explorer Hence, we will focus on specific configuration best practices and a hidden gem that allows you to easily write your…

  • Azure Data Explorer network access restrictions

    Azure Data Explorer offers several configuration options to restrict the network access to and from an Azure Data Explorer cluster. -> https://learn.microsoft.com/en-us/azure/data-explorer/security-network-restrict-public-access -> https://learn.microsoft.com/en-us/azure/data-explorer/security-network-restrict-outbound-access Today, we look into the options that still allow us to reach the Azure Data Explorer from the outside world and prevent data exfiltration by restricting the outbound access. Prevent data…

  • Restrict access to the IMDS endpoint on Azure Kubernetes Service with Cilium

    In today’s blog post, we take a look at restricting access to the Azure IMDS endpoint on an Azure Kubernetes Service (AKS) cluster with Cilium using the BYOCNI approach. The Instance Metadata Service (IMDS) endpoint, also known as short IMDS, can be called directly from every Azure VM or VMSS instance via the following command.…

WordPress Cookie Notice by Real Cookie Banner