An interesting use case for Workload Identity came up recently. I was asked if a Pod in an AKS cluster that was deployed in one tenant can access Azure resources within another tenant.
I’ve configured Workload Identity on AKS many times, and I thought “in theory” it should “just work”, but I never tested it across tenants. So I decided to give it a try.
TL;DR: Yes, it does work.
Continue readingHave you ever had to troubleshoot network issues in your Kubernetes clusters? If so, you know how challenging it can be to identify and resolve problems.
To troubleshoot network issues you probably had to use a combination of tools like kubectl, tcpdump, wireshark, and netstat. The list goes on and on… While these tools are great for debugging and capturing network logs and traces, they don’t provide a holistic view of your cluster’s network traffic.
Did you know that Azure App Configuration Service is a managed service that helps you centralize your application configuration? It provides a way to store all your app configs in one place and manage them centrally. It also provides a way to manage feature flags and control feature rollouts. I highlighted the feature management capabilities in a breakout session the Microsoft Build conference a few weeks ago. If you have not watched the session yet, you can find the recording here
Continue readingUPDATE On March 15, 2024 Acorn Labs announced that they will be shifting focus to developing an LLM app platform based on GPT-Script technology and has archived the Acorn Runtime project.
In this post, I’ll walk you through deploying a web application to Azure Kubernetes Service (AKS) without having to write any Docker or Kubernetes manifest files.
Using open-source command-line tools Draft and Acorn, we’ll containerize and deploy to AKS in just a few steps! Let’s go 🚀
Continue reading“Build microservices”, they said… “it’ll be fun”, they said…
There are many reasons why you would want to deploy a solution based on the microservices architectural pattern, but it comes at a cost. More microservices means more deployments to manage, more microservices to connect, more microservices to secure… yeah, it gets complex real quick.
If you’re just getting started with microservices or have a small number of microservices deployed, you may have heard of the term “service mesh”, but not needed one yet.
Continue readingA few months ago I wrote a post that described how you can add custom features to your Dev Containers. That didn’t age very well 😅
But good news is that there is a better way to add or extend functionality for your Dev Containers. 🥳
Since my original post, @BrigitMurtaugh published a post on the VS Code blog announcing new repos, the open dev container specification and discussed a new way of adding features. If you haven’t read the post, go check it out here.
Continue readingExposing your web applications on Azure Kubernetes Service (AKS) has gotten a little bit easier. In this post, I will cover the new Web Application Routing feature for AKS and discuss reasons why you may want to implement it within your cluster.
You have a lot of options when it comes to exposing your application Pods to the world. If you’re using a managed-Kubernetes service in the cloud, you could deploy a Service and set the type to LoadBalancer and your cloud provider will provision one with a public IP. The Service sits in front of your Pods and if all you need is a public IP, you’re good to go.
Continue reading