Paul's Blog

A collection of notes and stuff I find interesting

Purging Deleted Azure Key Vaults

2023-02-27 1 min read Azure Key Vault
Do you constantly provision and delete Azure Key Vaults? If so, you may have noticed attempts to recreate a recently deleted key vault will result in the following error: The vault name is already in use.. This is because Azure Key Vaults are kept in a deleted state and not automatically purged. You must manually purge these key vaults to be able to reuse the name. To confirm the key vault in question is in “deleted” state, you can run the following: Continue reading

Web Application Routing on AKS

2022-11-16 5 min read Azure Kubernetes NGINX Ingress
Exposing your web applications on Azure Kubernetes Service (AKS) has gotten a little bit easier. In this post, I will cover the new Web Application Routing feature for AKS and discuss reasons why you may want to implement it within your cluster. Exposing your app You have a lot of options when it comes to exposing your application Pods to the world. If you’re using a managed-Kubernetes service in the cloud, you could deploy a Service and set the type to LoadBalancer and your cloud provider will provision one with a public IP. Continue reading

Deploying ARM64 workloads to AKS

2022-11-02 6 min read Azure Kubernetes ARM64 Docker
You might have heard by now that Azure has partnered with Ampere to bring ARM-based processors for virtual machines on Azure. This is super exciting as it gives you an opportunity to deploy workloads on highly performant and power efficient virtual machines and these characteristics ultimately result in excellent price-performance (lower costs 🥳) So… are you ready to deploy your workloads to ARM64 node pools on AKS? I sure wasn’t when attempting to deploy the azure-voting-app-redis application to my cluster. Continue reading

Sharing Bicep Modules with Azure Container Registry

2022-10-11 14 min read Azure Bicep
One of the things I do as a Cloud Native Advocate at Microsoft is build end-to-end lab scenarios in the repo. Most of the demo scenarios we aim to cover is in and around the container space and a majority of the labs uses Azure Bicep to declaratively provision Azure infrastructure. As more labs get spun up, there is a potential for redundant Bicep code. You might have already guessed, there’s a need for re-usable code to spin up AKS clusters. Continue reading

Securely connect to your Azure Linux Virtual Machine with Tailscale SSH

2022-08-12 13 min read Azure Virtual Machines Linux
Being on the Cloud Advocate team at Microsoft, we’re always looking to empower every developer to achieve more on Azure. One way of doing this is by bringing you hands-on content to deliver end-to-end scenarios using cloud-native and open source technologies. My colleague on the Cloud Native team, Aaron Wislang has been cooking up a bunch of labs in our Azure Open Source Labs repo and one area we’ve been collaborating on is within the Azure Linux VM space. Continue reading

Run Terraform With Azure Pipelines

2022-02-25 14 min read DevOps Infrastructure-as-Code
This repo will walk you through an approach to provisioning Azure resources using Terraform code stored in a Git repo and leverage Azure Pipelines (YAML-based) to deploy to dev, test, and prod environments (all in different subscriptions) with approval gates in front of test and prod environments. Prerequisites Azure Subscription If you don’t have Azure, go sign up for a free account and come back. Azure DevOps If you do not already have an Azure DevOps organization, follow these instructions to create one. Continue reading

Run Your Pipelines in Azure Container Instance

2021-07-16 6 min read DevOps Pipelines
Background Microsoft-hosted Azure Pipeline agent run in the public space; therefore, they can only deploy to environments that are publicly accessible. Some organizations may need to deploy to target environments that are only accessible within private space (e.g., inside a Azure Virtual Network). When the target environment is not publicly accessible, deploying self-hosted pipelines agents are a common solution. Organizations can self-host Azure Pipeline agents on Linux, macOS, or Windows (physical or virtual machines) or Azure Virtual Machine Scale Sets; however, this may introduce unwanted overhead in having to patch and maintain these machines. Continue reading
Older posts