Implementation scenario to establish autorotation of pod mounted key vault secrets and reloading pods to update environment variables of those secrets.
Author: Roy Kim (MVP)
Solutions architect and developer for the enterprise. Azure, SharePoint and Microsoft 365
Microsoft Azure MVP
Technical Expertise:
Azure, SharePoint, Office 365, .NET, JavaScript, Microsoft Azure, MS Business Intelligence, Solutions Architecture.
roy@roykim.ca
How To Mount Azure Key Vault Secret to Pods in Azure Kubernetes Service
Scenario: You require a pod to mount a secret stored in an Azure Key Vault. So that an application running in the pod can access the secret as a file and environment variable. Also manage the access security between the AKS cluster to the key vault using a user assigned managed identity. Background: To integrate …
Continue reading How To Mount Azure Key Vault Secret to Pods in Azure Kubernetes Service
Caution: Az CLI Querying for values omitting quotes
Tip as a caution and awareness to avoid assigning values with double quotes. This will alleviate errors in your scripts and az command such as invalid value or format.
JMeter Load Testing against Azure Kubernetes Service
JMeter is an free load testing tool. You can find it at https://jmeter.apache.org/download_jmeter Comparing with other options freely available, I find this is has the right balance between being free, functionality and capabilities. I used to use Visual Studio Load Test tool but that is deprecated. The UI isn't has intuitive and there is some …
Continue reading JMeter Load Testing against Azure Kubernetes Service
Beginner’s Outline to Assessing an Azure Environment
How to use this Outline You are new to a corporate Azure environment or tenant as a new hire or consultant and need to get an a good breadth of understanding so you are in a position to support, build, design and solution in this Azure environment. This outline serves as a checklist, not exhaustive, …
Continue reading Beginner’s Outline to Assessing an Azure Environment
My 3 Key Benefits of Istio Service Mesh with AKS
I have been working with Istio Service Mesh with Azure Kubernetes for a couple years, I like to share my experiences that were beneficial and impactful in my projects. Istio Service mesh helps with managing traffic among your microservices applications. Read more at https://istio.io/latest/about/service-mesh/ The general architecture is as follows where a service A (in …
Continue reading My 3 Key Benefits of Istio Service Mesh with AKS
DNS Resolution with Azure Private Endpoints and Azure SQL Server
Use Case: A virtual machine requires private network traffic to an Azure SQL Server for stringent network security requirements. There can not be any network traffic over the internet and Azure backbone network. Introduction When creating an Azure SQL Database Server, there are three typical options for connectivity. I will give simplistic description of each. …
Continue reading DNS Resolution with Azure Private Endpoints and Azure SQL Server
Comparing Azure Kubernetes Networking Scenarios
To recap the AKS configuration settings we explored Network Model/Type: Basic (Kubenet) or Advanced (Azure CNI) Choose between a basic network configuration using kubenet with a default VNet, or an advanced configuration using Azure CNI with the option to customize your VNet. Kubenet is a very basic, simple network plugin, on Linux only. It does …
Continue reading Comparing Azure Kubernetes Networking Scenarios
Building a Hub and Spoke with Site to Site VPN Part 5 Network Security
Part 5: Network Security Scenario: Building a demo or proof of concept to understand the technology, azure resources and configuration settings that involve Azure Virtual Networks, VNet Peerings, Virtual Network Gateway, and Site to Site VPN Connections. The architecture is to emulate a hybrid cloud topology with on-premises network emulated with an Azure VNETs in …
Continue reading Building a Hub and Spoke with Site to Site VPN Part 5 Network Security
Building a Hub and Spoke with Site to Site VPN Part 4 VNET, Subnet and Peerings
Part 4: VNET, Subnet and Peerings Scenario: Building a demo or proof of concept to understand the technology, azure resources and configuration settings that involve Azure Virtual Networks, VNet Peerings, Virtual Network Gateway, and Site to Site VPN Connections. The architecture is to emulate a hybrid cloud topology with on-premises network emulated with an Azure …
Continue reading Building a Hub and Spoke with Site to Site VPN Part 4 VNET, Subnet and Peerings
Roy Kim on Azure and Microsoft 365 