Using Trident to Automate Azure NetApp Files from OpenShift

Some time ago I wrote this post about different storage options in Azure Red Hat OpenShift. One of the options discussed was using Azure NetApp Files for persistent storage of your pods. As discussed in that post, Azure NetApp Files has some advantages: ReadWriteMany support Does not count against the limit of Azure Disks per … Continue reading Using Trident to Automate Azure NetApp Files from OpenShift

Cisco ACI and Microsoft Azure

Sometimes you meet an old friend you haven’t seen for many years, and although both of you might have evolved differently during that time, most often than not you find the common ground and the reasons why you loved each other. Before I get any more sentimental, that is a bit of what I have … Continue reading Cisco ACI and Microsoft Azure

Azure Traffic Analytics and Breach Detection

Azure Traffic Analytics and NSG flow logs are one of Azure’s best kept secrets. In short, you can log every single network flow going through your Network Security Groups (NSGs), including the number of packets and its ingress/egress bandwidth. Traffic Analytics already makes a great job at showing interesting stuff: the scenarios documented in the … Continue reading Azure Traffic Analytics and Breach Detection

Deploying ExpressRoute with Megaport in 1 hour

I have heard some organizations complaining that deploying a fully functional ExpressRoute circuit takes too long: days, or even weeks. Does this always have to be like that? I recently got access to Megaport‘s service portal: Megaport is one of Azure ExpressRoute providers, and they can provision virtual routers dynamically and connect them to Azure … Continue reading Deploying ExpressRoute with Megaport in 1 hour

Listen to the Whispers of BGP

An old Cherokee proverb says: “Listen to the whispers and you won’t have to hear the screams”. Routing problems are hard: Hard to uncover, because sometimes they will not become apparent until something happens. For example, when your backup routes disappear, and you only notice when the primary routes are gone too. And hard in … Continue reading Listen to the Whispers of BGP

Using Route Server to firewall onprem traffic with an NVA

In a previous blog we had a setup with a Network Virtual Appliance (NVA) for Internet egress and hybrid connectivity based on Azure Virtual Network Gateways. There is another fairly typical use case with regards to traffic between on-premises an Azure: firewalling it with an NVA: In some situations customers will combine the role of … Continue reading Using Route Server to firewall onprem traffic with an NVA

Azure as Internet breakout from on-premises with Route Server

This is not a topology I would define as “best practice”, or one that I see in every Azure deployment out there, but I would certainly not describe it as exotic either. In this design, organizations want to leverage Azure as Internet breakout for their on-premises systems. Potentially because they do not have a good … Continue reading Azure as Internet breakout from on-premises with Route Server

New Azure Sample: ACI in VNet with Init and Sidecar Containers

Hey there! I have recently published a new Azure Sample: ACI in VNet with Sidecar Containers. It has generated a bit of controversy (there is a reason why I picked such a crowded image for the post title), so let me add some color to it. But let me give you the TL;DR first: the … Continue reading New Azure Sample: ACI in VNet with Init and Sidecar Containers

Connecting your NVAs to ExpressRoute with Azure Route Server

In a previous blog post I have described the features of the new Azure Route Server I am most excited about, as well as a possible setup to create a hub and spoke design with firewall NVAs (Network Virtual Appliance) across multiple regions here. In this one I will focus on how to integrate the … Continue reading Connecting your NVAs to ExpressRoute with Azure Route Server

Route Server Multi-Region Design

In my previous blog I wrote my view on the characteristics of the new Azure Route Server that I am most excited about. In this one I would like to give you a glimpse of how it works with a design that I see in many organizations: a multi-region setup, with Network Virtual Appliances acting … Continue reading Route Server Multi-Region Design