Tag: Public Cloud
-
Distribute your application across different availability zones in AKS using Pod Topology Spread Constraints
This is the last blog post of a series of posts covering the topic about increasing the application availability on Azure Kubernetes Service / Kubernetes. Today we cover the pod topology spread constraints. What are pod topology spread constraints? In the first post of the series, I talked about the pod disruption budget. The PDB…
-
Run the Envoy Proxy ratelimit service for Istio on AKS with Azure Cache for Redis
The Istio sidecar proxy uses Envoy and therefore supports two different rate limiting modes. A local one targeting only a single service and a global one targeting the entire service mesh. The local rate limit implementation only requires Envoy itself without the need for a rate limit service. In contrast the global rate limit implementation…
-
Cloud Native Club – Kubernetes Policies
Last week I had the pleasure of being the guest of the fifth episode of the Cloud Native Club run by my former colleague Robin-Manuel Thiel. We talked about the topic Kubernetes policies covering the Open Policy Agent, Gatekeeper and Azure Policy for Kubernetes. The Cloud Native Club format is in German and hence no…
-
Evaluating Gatekeeper policies with the Rego Playground
Writing and evaluating Gatekeeper policies can be hard sometimes. Especially the testing part of a newly created policy. There are different approaches to tackle this like having a dedicated test Kubernetes cluster for it. An alternative we used was a script starting a single node KinD cluster on Docker for Mac and installing Gatekeeper onto…
-
Increase your application availability with pod anti-affinity settings in Azure Kubernetes Service
This is the second blog post of a series of posts covering the topic about increasing the application availability on Azure Kubernetes Services / Kubernetes. Today we cover the pod anti-affinity setting. What is the pod anti-affinity? In the first post of the series, I talked about the PodDisruptionBudget. The PDB guarantees that a certain…
-
Increase your application availability with a PodDisruptionBudget on Azure Kubernetes Service
This is the first blog post of a series of posts covering the topic about increasing the application availability on Azure Kubernetes Service / Kubernetes. Today we cover the PodDisruptionBudget. What is a PodDisruptionBudget? A PDB is an additional Kubernetes object that is deployed beside your Deployment, ReplicaSet or StatefulSet increasing your application’s availability. This…