Thoughts from the clouds
Would you like a compliance report for Azure best practices on your Azure resources, like the following screenshot shows (in this case for Azure Kubernetes Service)? If so, keep reading! Where is this coming from? You might have read some previous posts where I describe the work that the FastTrack for Azure team (where I … Continue reading Are you following Azure best practices? Sure?
If you are reading my blog you probably know what Virtual WAN and Azure Kubernetes Service are. You probably know as well that you can configure AKS so that egress traffic is sent through an Azure Firewall by using Azure routing as described in the article Control Egress Traffic in AKS. That article explains how … Continue reading Filtering AKS egress traffic with Virtual WAN
I finally decided to carve out an afternoon to test workload identity on AKS. I had done some preliminary reading, and my conclusion was that there had to be some voodoo magic and quantum entanglement at play there to make it work, so I braced myself for failure. The goal of the exercise was clear: … Continue reading Workload identity on AKS with Python: boring
Do you use AKS private clusters? Do you hate jump hosts? If the answer to both questions is “yes”, this blog post might be interesting for you. Let’s set things straight: it is not that I “hate” jump hosts, it is more that I “love” the way I have setup my PC’s environment: I like … Continue reading Accessing AKS private clusters with Azure Bastion and VS Code
There are many nuances when choosing a node size in Azure Kubernetes Services, and not all of them are obvious. I decided to write a short post to discuss the most important ones. At the end of the day, this is going to be a trade-off: some factors are going to drive you towards larger … Continue reading Which VM size should I choose as AKS node?
You probably know that you can use Azure Machine Learning Services to support you along the complete life cycle of your Machine Learning development, from training to deployment. And you probably know as well that for production-grade deployments one of the best platforms to run your inferencing is Kubernetes. From the Azure Machine Learning portal … Continue reading Azure Machine Learning inferencing on AKS under the covers
Hey there, welcome to yet another instance of the wonderful networking world of Kubernetes. Today I will explore some new cool stuff that recently came to Azure Kubernetes Service (AKS), plus one thing I did not have in previous blogs. First things first, this is a blog series, you can find previous installments here: Part … Continue reading A Day in the Life of a Packet in AKS (part 4): NSGs
This post is a continuation from Part 4: NSGs. Other posts in this series: Part 1: deep dive in AKS with Azure CNI in your own vnet Part 2: deep dive in AKS with kubenet in your own vnet, and ingress controllers Part 3: outbound connectivity from AKS pods Part 4: NSGs with Azure CNI … Continue reading A Day in the Life of a Packet in AKS (part 5): Virtual Node
This post is a continuation from Part 5: Virtual Node. Other posts in this series: Part 1: deep dive in AKS with Azure CNI in your own vnet Part 2: deep dive in AKS with kubenet in your own vnet, and ingress controllers Part 3: outbound connectivity from AKS pods Part 4: NSGs with Azure … Continue reading A Day in the Life of a Packet in AKS (part 6): Network Policy
Thanks for the good feedback on this blog series! Here another set of questions I have been receiving lately: how does outbound connectivity look like for AKS pods? To answer that, we will look at how that works on both the Azure CNI and kubenet AKS clusters, deployed in one virtual network. After deploying your … Continue reading A Day in the Life of a Packet in AKS (part 3): Outbound Connectivity
Cloudtrooper 