Azure DevOps now supports Service principals and Managed identities for authentication. This is currently (at the time of writing) in Public Preview. This is quite an interesting feature and addresses many concerns related to personal access tokens (PATs). I have a self-hosted container agent runs on Docker which needs PAT to spin up. With the new development… Continue reading Azure DevOps Container agents without PAT
Tag: Azure
GitOps for AKS with Azure Blob Storage (Flux v2)
GitOps is a modern way of managing infrastructure and applications using Git as a single source of truth. Flux v2 is a Kubernetes-native GitOps toolkit that automates the deployment and lifecycle management of applications in Kubernetes clusters. In this blog post, we will show you how to use GitOps with Flux v2 on Azure Kubernetes… Continue reading GitOps for AKS with Azure Blob Storage (Flux v2)
Self-Hosted GitHub runner on Azure Container Apps
Last week I have shown how to run Azure DevOps self-hosted agents on Azure Container Apps. Using KEDA with its built-in Azure Pipeline scaler it was relatively straightforward to spin up new replicas in Container Apps. You can read all about that process here. However, today I wanted to achieve the same for GitHub self-hosted… Continue reading Self-Hosted GitHub runner on Azure Container Apps
Self-Hosted Azure DevOps pool on Azure Container Apps
A while ago, I have worked with few of our customers, helping to build elastic self-hosted pool for their Azure DevOps pipeline agents based on Azure Kubernetes Service. You can read all about that journey here - where I have created a Kubernetes Controller that observes the Job queue of Azure DevOps for incoming pipeline… Continue reading Self-Hosted Azure DevOps pool on Azure Container Apps
Demystifying Azure Container Apps & Dapr – Part 5
Read Part 1 here. Read Part 2 here. Read Part 3 here. Read Part 4 here. Today I will be using the traffic-splitting capability of Azure Container Apps. Azure Container Apps implements container app versioning by creating revisions. A revision is an immutable snapshot of a container app version. Revisions in Azure Container App The… Continue reading Demystifying Azure Container Apps & Dapr – Part 5
Demystifying Azure Container Apps & Dapr – Part 1
I have played with Dapr on Kubernetes (AKS to be specific) before and loved it for its ability to simplify distributed applications development with out of the box binding, service to service communications, secret abstractions, actors and observabilities. I have previously worked with LinkerD and Istio as service mesh and ran workload in production, but… Continue reading Demystifying Azure Container Apps & Dapr – Part 1
Secure your pipelines by frequently rotating secrets
TL; DR: This article and accompanying source codes helps you setting up an automated secret or certificate rotations for Azure service principals and Azure DevOps service connections. Jump into the technical part here. Background If you are deploying applications on Azure from Azure DevOps service connections (or GitHub actions) you are most likely using a… Continue reading Secure your pipelines by frequently rotating secrets
Elastic self-hosted pool for Azure DevOps (on Kubernetes)
UpdateThere is a follow up post with some updates, you can read here. Introduction If you are using Azure Pipelines, then you surely have used Microsoft-hosted agent. With Microsoft-hosted agents, maintenance and upgrades are taken care of for you. However, there are times when self-hosted agents are needed (i.e. customized images, network connectivity requirements etc.).… Continue reading Elastic self-hosted pool for Azure DevOps (on Kubernetes)
Linkerd in Azure Kubernetes Service cluster
In this article I would document my journey on setting up Linkerd Service Mesh on Azure Kubernetes service. Background I have a tiny Kubernetes cluster. I run some workload there, some are useful, others are just try-out, fun stuffs. I have few services that need to talk to each other. I do not have a… Continue reading Linkerd in Azure Kubernetes Service cluster
CloudOven – Terraform at ease!
TL;DR: URL: CloudOven Use Google account or sign-up Google Chrome please! (I've not tested on other browsers yet) Background In recent years I have spent fair amount of time in design and implementation of Infrastructure as code in larger enterprise context. Terraform seemed to be a tool of choice when it comes to preserve the… Continue reading CloudOven – Terraform at ease!
Reverse Engineering 