Understanding Ingress Controllers and Azure App Gateway for Azure Kubernetes Part 2: AGIC

The previous part 1 blog post went over fundamental concepts of ingress and ingress controller. This part 2 post will build on this concept and give a review of the App Gateway Ingress Controller (AGIC) First of all, what happens when you deploy AKS with its default settings? The default AKS deployment when going through …

Continue reading Understanding Ingress Controllers and Azure App Gateway for Azure Kubernetes Part 2: AGIC

Advertisements

Understanding Ingress Controllers and Azure App Gateway for Azure Kubernetes Part 1: Intro

I will share my experiences with a design and implementation of Azure Application Gateway for an Azure Kubernetes Service (AKS) cluster. This is so that you may get some practical insight as you plan and design for using the Azure App Gateway. In this blog series, I will go over Fundamental Ingress conceptsArchitecture and deployment …

Continue reading Understanding Ingress Controllers and Azure App Gateway for Azure Kubernetes Part 1: Intro

Comparing Azure Kubernetes Networking Scenarios – Part 4 Http App Routing

In this 3rd configuration profile, I will walk through the resulting configuration of AKS and its effect on the Load Balancer, Virtual Network, VM network interface card, deploy and test a web application into the Azure Kubernetes Service (AKS) cluster. The configuration profile is mainly around the Azure CNI network model and enabling the HTTP …

Continue reading Comparing Azure Kubernetes Networking Scenarios – Part 4 Http App Routing

Comparing Azure Kubernetes Networking Scenarios – Part 2 Kubenet

In this 1st configuration profile, I will walk through the resulting configuration of AKS and its effect on the Load Balancer, Virtual Network, VM network interface card, deploy and test a web application in the Azure Kubernetes Service (AKS) cluster. The configuration profile is mainly around the Kubenet network model. Kubenet is a very basic, …

Continue reading Comparing Azure Kubernetes Networking Scenarios – Part 2 Kubenet

Comparing Azure Kubernetes Networking Scenarios – Part 3 Azure CNI

In this 2nd configuration profile, I will walk through the resulting configuration of AKS and its effect on the Load Balancer, Virtual Network, VM network interface card, deploy and test a web application into the Azure Kubernetes Service (AKS) cluster. The configuration profile is mainly around the Azure CNI network model. Please read the Part …

Continue reading Comparing Azure Kubernetes Networking Scenarios – Part 3 Azure CNI

Comparing Azure Kubernetes Networking Scenarios – Part 1 Intro

In Azure Kubernetes Service (AKS), I personally found the networking concepts much to understand and the configuration options are varied. After reading and experimenting with the configuration options, I hope to clear things up with 3 network oriented AKS configuration profiles I have come up with. Note that I won't be covering App Gateway Ingress …

Continue reading Comparing Azure Kubernetes Networking Scenarios – Part 1 Intro

Using Azure Sentinel with Azure App Gateway to Investigate Web Attacks – Part 2 Setup

Continuing from the previous post Part 1, Let's setup Azure Sentinel with a Log Analytics Workspace. To setup Azure Sentinel, you need to add a log analytics workspace. In my case, I have an existing log analytics workspace, called rkimOMS, that is already configured to collect diagnostic data from an existing application gateway. Data Connectors …

Continue reading Using Azure Sentinel with Azure App Gateway to Investigate Web Attacks – Part 2 Setup

Quick Summary of Azure Bastion (Preview)

Azure Bastion provides remote desktop or SSH access to Azure Virtual machines that are private within the network. I work with bastions or what I call jump servers to manage Azure IaaS resources quite often and so excited to hear about Azure Bastion as a PaaS offering. A Typical ScenarioIn a secure public cloud environment …

Continue reading Quick Summary of Azure Bastion (Preview)

Virtual Network Integration between Azure Virtual Machine and Azure SQL Database

Objective: To show database connectivity from an Azure virtual machine to PaaS Azure SQL Database using SQL service endpoints in a virtual network. Background: For IaaS environments for internal facing systems, system designers may choose Azure SQL as their database of choice versus SQL Server in a virtual machine. A question or concern may come …

Continue reading Virtual Network Integration between Azure Virtual Machine and Azure SQL Database

Protecting Azure App Service with Azure Application Gateway Part 2: Configuration

In the previous blog post I covered an overview of Azure Application Gateway and a design scenario with Azure App Service (without App Service Environment). This blog post will go through an overview of the key configuration settings of this design. High level steps and key configuration settings App Service Plan App Service within the …

Continue reading Protecting Azure App Service with Azure Application Gateway Part 2: Configuration