Home - About me - Browse by categories

How to: Azure Kubernetes Service + Custom VNET with Kubenet

You probably already know that it is possible to deploy an Azure Kubernetes Service cluster into an existing virtual network (VNET) to be able to control the network CIDR and consume other services on your private networks, like on-premises services through an Express Route for example.

If you read the network documentation of AKS you will see that there are two networking modes: Basic networking that controls the virtual network and uses Kubenet as network plugin or Advanced networking that lets you control the virtual network and uses Azure CNI network plugin.

In this post, I will explain how to use Advanced networking, to keep control on the virtual network, but continue to use Kubenet as a network plugin.

Thank you very much to my colleague St├ęphane Erbrech who has helped a lot to get this scenario working and review this post before publication

read more

Use Azure managed identities with Azure Kubernetes Services (AKS)

In this blog post, I will explain how you can use the aad-pod-identity project (currently in Beta) to get an Azure managed identity bound to a pod running in your Kubernetes cluster. I will illustrate this with a basic sample that consists in retrieving secrets from an Azure Keyvault in a Go application running in a Kubernetes pod.

read more

How to access Kubernetes dashboard on an Azure Kubernetes Service cluster with RBAC enabled

RBAC (Role Based Access Control) is enabled by default when you deploy a new Azure Kubernetes Service cluster, which is great. But if you are not use to that, you may have some trouble to access the Kubernetes dashboard using kubectl proxy or az aks browse command line tools (remember to never expose the dashboard over the Internet, even if RBAC is enabled!).

In this post, I will explain how you can simply configure RBAC on your cluster to solve authorization access issues.

read more

How to monitor your Python Flask web application using Azure Application Insights

I recently worked with a customer on hosting Python Flask web app and web jobs on Azure App Service. When it comes to monitoring, Azure Application Insights is really awesome because it allows to collect traces, requests and exceptions very easily and build analytics queries and dashboard for visualization out of the box.

Azure Application Insights comes with a Python SDK that supports direct integration with the Flask Framework. To help you to get started quickly, I have made this quick start sample available on GitHub.

The most important parts of this sample are described below.

Thanks to my colleague Clemens for the precious help.

read more

How to use the Azure Container Instance connector for Kubernetes with Azure Container Service (AKS)

Azure Container Service (AKS) is a new service (currently in preview) that allows to deploy a managed Kubernetes cluster into Azure. Basically, you only have to pay for the nodes (virtual machines) that run in your cluster and you do not have to deal with Kubernetes masters. Actually, you do not even see Kubernetes masters that are totally managed by the AKS service.

Azure Container Instance (ACI) is a serverless service that allows to spin up both Linux and Windows Containers, without having to deal with complex infrastructure or orchestration system. Machines that run your containers are not visible and you do not pay for them. You only pay for your containers, on a per-minute billing base.

In this blog post I will explain how it is possible to use the ACI-Connector for Kubernetes, that allows to ask Kubernetes to schedule workloads into Azure Container Instance.

read more