Empower Kubernetes developers with guardrails

Background A while ago, I wrote a post: Azure DevOps Multi-Stage pipelines for Enterprise AKS scenarios. The idea was having a platform team that enforces best practices, security and other compliance aspects to Kubernetes platform and allows one ore more workload-teams (i.e., product teams) build and deploy their workload into the cluster. The previous post suggested … Continue reading Empower Kubernetes developers with guardrails

Azure Resource Governance with Template Specs & Biceps

All the example codes are available in GitHub. Background Governance of cloud estates is challenging for businesses. It’s crucial to enforce security policies, workload redundancies, uniformity (such as naming conventions), simplify deployments with packaged artifacts (i.e., ARM templates), Azure role-based access control (Azure RBAC) across the enterprise. Generally, the idea is, a centralized team (sometimes … Continue reading Azure Resource Governance with Template Specs & Biceps

Azure AD Pod Identity – password-less app-containers in AKS

Background I like Azure Managed Identity since its advent. The concept behind Managed Identity is clever, and it adds observable value to any DevOps team. All concerns with password configurations in multiple places, life cycle management of secrets, certificates, and rotation policies suddenly irrelevant (OK, most of the cases).Leveraging managed identity for application hosted in … Continue reading Azure AD Pod Identity – password-less app-containers in AKS

Azure template to provision Docker swarm mode cluster

What is a swarm?The cluster management and orchestration features embedded in the Docker Engine are built using SwarmKit. Docker engines participating in a cluster are running in swarm mode. You enable swarm mode for an engine by either initializing a swarm or joining an existing swarm. A swarm is a cluster of Docker engines, or … Continue reading Azure template to provision Docker swarm mode cluster