Background Recently, I found myself delving into the intricacies of Workload Identity Federation within Azure Kubernetes Service (AKS) while explaining it to some friends. As I delved deeper into the topic, I realized the importance of documenting and summarizing this information for anyone else navigating the same waters - including my future self. So, let's… Continue reading AKS Workload identity – A Deeper look
Tag: Azure
End-to-End Security: Function, Azure SQL, and API Management
Introduction In the dynamic realm of today's digital environment, safeguarding your applications and data holds utmost importance. This blog post is designed to lead you through the steps of establishing comprehensive security measures for an Azure Function App, Azure SQL database, and API Management. Our approach involves leveraging Azure Virtual Network (VNet) for robust network… Continue reading End-to-End Security: Function, Azure SQL, and API Management
Enforce stateless containers on Azure
Background In the constantly changing realm of containerization and cloud computing, the demand for dynamic and scalable solutions has taken center stage. I recently faced a distinctive challenge from a client who was determined to attain stateless containers throughout their Azure infrastructure. While Azure Kubernetes Services (AKS) provided a built-in policy to restrict stateful containers,… Continue reading Enforce stateless containers on Azure
Azure Communication Service with Managed Identity
Background A few months ago, I have written a Demo application that shows how to send email and SMS via Azure Communication Service. The code was written in Spring Boot (Java) and hosted on Azure Container Apps. During the demo, I have used Connection strings of Azure Communication Service which is not ideal for production… Continue reading Azure Communication Service with Managed Identity
Email and SMS with Azure Communication Service: Step-by-Step
Introduction Azure Communication Service is a powerful cloud-based platform offered by Microsoft that enables developers to integrate real-time communication features like SMS, voice, and email into their applications. With Azure Communication Service, developers can easily send emails and SMS to end users in a unified and seamless way, reducing the complexity of managing multiple communication… Continue reading Email and SMS with Azure Communication Service: Step-by-Step
Azure DevOps Container agents without PAT
Azure DevOps now supports Service principals and Managed identities for authentication. This is currently (at the time of writing) in Public Preview. This is quite an interesting feature and addresses many concerns related to personal access tokens (PATs). I have a self-hosted container agent runs on Docker which needs PAT to spin up. With the new development… Continue reading Azure DevOps Container agents without PAT
GitOps for AKS with Azure Blob Storage (Flux v2)
GitOps is a modern way of managing infrastructure and applications using Git as a single source of truth. Flux v2 is a Kubernetes-native GitOps toolkit that automates the deployment and lifecycle management of applications in Kubernetes clusters. In this blog post, we will show you how to use GitOps with Flux v2 on Azure Kubernetes… Continue reading GitOps for AKS with Azure Blob Storage (Flux v2)
Self-Hosted GitHub runner on Azure Container Apps
Last week I have shown how to run Azure DevOps self-hosted agents on Azure Container Apps. Using KEDA with its built-in Azure Pipeline scaler it was relatively straightforward to spin up new replicas in Container Apps. You can read all about that process here. However, today I wanted to achieve the same for GitHub self-hosted… Continue reading Self-Hosted GitHub runner on Azure Container Apps
Self-Hosted Azure DevOps pool on Azure Container Apps
A while ago, I have worked with few of our customers, helping to build elastic self-hosted pool for their Azure DevOps pipeline agents based on Azure Kubernetes Service. You can read all about that journey here - where I have created a Kubernetes Controller that observes the Job queue of Azure DevOps for incoming pipeline… Continue reading Self-Hosted Azure DevOps pool on Azure Container Apps
Demystifying Azure Container Apps & Dapr – Part 5
Read Part 1 here. Read Part 2 here. Read Part 3 here. Read Part 4 here. Today I will be using the traffic-splitting capability of Azure Container Apps. Azure Container Apps implements container app versioning by creating revisions. A revision is an immutable snapshot of a container app version. Revisions in Azure Container App The… Continue reading Demystifying Azure Container Apps & Dapr – Part 5
Reverse Engineering 