Daniel's Tech Blog

Cloud Computing, Cloud Native & Kubernetes

Tag: Public Cloud

  • Combine istioctl commands with kubectl-select

    Since working with Istio I stumbled a couple of times over some of the istioctl commands that require to select a specific pod or service. Some of these commands are istioctl… …dashboard controlz {Istio pilot pod name} …dashboard envoy {pod name} …experimental describe service {service name} …experimental metrics {service name} …proxy-config bootstrap {pod name} For…

  • Install a high available Istio control plane on Azure Kubernetes Service

    Lately I worked intensively with Istio and focused especially on the topic high availability of the Istio control plane. When you install Istio with the default profile, as mentioned in the Istio documentation, you get a non-high available control plane. istioctl manifest apply \ –set values.global.mtls.enabled=true \ –set values.global.controlPlaneSecurityEnabled=true Per default Istio gets installed with…

  • Check cluster manageability with Azure Kubernetes Service Diagnostics

    It does not matter if your AKS cluster is running without any issues or you currently experiencing issues, you should run Azure Kubernetes Service Diagnostics on a regular base. But what is Azure Kubernetes Service Diagnostics? Let me give you a quick introduction. AKS Diagnostics is a functionality in the Azure portal which provides you…

  • Using Octant as alternative Kubernetes dashboard for Azure Kubernetes Service

    When you are running an Azure Kubernetes Service cluster you might deployed the cluster without the Kubernetes dashboard or disabled it afterwards. -> https://www.danielstechblog.io/disable-the-kubernetes-dashboard-on-azure-kubernetes-service/ Mainly you are doing it for security purposes to prevent an accidentally exposed and unsecured Kubernetes dashboard to the public. -> https://redlock.io/blog/cryptojacking-tesla The Kubernetes dashboard is neat for demo purposes, but…

  • Secure Kubernetes API server access in Azure Kubernetes Service

    Running Kubernetes at a cloud provider especially managed Kubernetes like AKS or GKE provides you with a solid foundation and applied security best practices for the managed master control plane. But there is one downside, the public accessible API endpoint to control the Kubernetes cluster. Even the API endpoint is only exposed via HTTPS and…

  • Terraform – Working with AKS multiple node pools in TF Azure provider version 1.37

    On Tuesday this week the Terraform Azure provider version 1.37 was released and brings some changes regarding AKS multiple node pools support. Multiple node pools are now fully supported in Terraform with their own resource azurerm_kubernetes_cluster_node_pool. First, let us talk about the changes to the resource azurerm_kubernetes_cluster before getting to the azurerm_kubernetes_cluster_node_pool resource. In the…

WordPress Cookie Notice by Real Cookie Banner