An interesting use case for Workload Identity came up recently. I was asked if a Pod in an AKS cluster that was deployed in one tenant can access Azure resources within another tenant.
I’ve configured Workload Identity on AKS many times, and I thought “in theory” it should “just work”, but I never tested it across tenants. So I decided to give it a try.
TL;DR: Yes, it does work.
Continue readingHave you ever had to troubleshoot network issues in your Kubernetes clusters? If so, you know how challenging it can be to identify and resolve problems.
To troubleshoot network issues you probably had to use a combination of tools like kubectl, tcpdump, wireshark, and netstat. The list goes on and on… While these tools are great for debugging and capturing network logs and traces, they don’t provide a holistic view of your cluster’s network traffic.
Did you know that Azure App Configuration Service is a managed service that helps you centralize your application configuration? It provides a way to store all your app configs in one place and manage them centrally. It also provides a way to manage feature flags and control feature rollouts. I highlighted the feature management capabilities in a breakout session the Microsoft Build conference a few weeks ago. If you have not watched the session yet, you can find the recording here
Continue readingI had the opportunity to speak at #MSBuild 2023. Build is Microsoft’s largest developer conference held every year in May. This year, we were lucky enough to get back to a full in-person experience with plenty of awesome sessions with tons of technical demos. I shared the stage with Jorge Palma from the AKS PM team, and we spoke about how you can to integrate Azure AI and Azure Kubernetes Service to build and run your intelligent apps.
Continue readingDo you constantly provision and delete Azure Key Vaults?
If so, you may have noticed attempts to recreate a recently deleted key vault will result in the following error:
The vault name is already in use.
This is because Azure Key Vaults are kept in a deleted state and not automatically purged. You must manually purge these key vaults to be able to reuse the name.
To confirm the key vault in question is in “deleted” state, you can run the following:
Continue readingUPDATE On March 15, 2024 Acorn Labs announced that they will be shifting focus to developing an LLM app platform based on GPT-Script technology and has archived the Acorn Runtime project.
In this post, I’ll walk you through deploying a web application to Azure Kubernetes Service (AKS) without having to write any Docker or Kubernetes manifest files.
Using open-source command-line tools Draft and Acorn, we’ll containerize and deploy to AKS in just a few steps! Let’s go 🚀
Continue reading“Build microservices”, they said… “it’ll be fun”, they said…
There are many reasons why you would want to deploy a solution based on the microservices architectural pattern, but it comes at a cost. More microservices means more deployments to manage, more microservices to connect, more microservices to secure… yeah, it gets complex real quick.
If you’re just getting started with microservices or have a small number of microservices deployed, you may have heard of the term “service mesh”, but not needed one yet.
Continue reading