Background Recently, I found myself delving into the intricacies of Workload Identity Federation within Azure Kubernetes Service (AKS) while explaining it to some friends. As I delved deeper into the topic, I realized the importance of documenting and summarizing this information for anyone else navigating the same waters - including my future self. So, let's… Continue reading AKS Workload identity – A Deeper look
Tag: Kubernetes
Enforce stateless containers on Azure
Background In the constantly changing realm of containerization and cloud computing, the demand for dynamic and scalable solutions has taken center stage. I recently faced a distinctive challenge from a client who was determined to attain stateless containers throughout their Azure infrastructure. While Azure Kubernetes Services (AKS) provided a built-in policy to restrict stateful containers,… Continue reading Enforce stateless containers on Azure
Elastic self-hosted pool for Azure DevOps (on Kubernetes)
UpdateThere is a follow up post with some updates, you can read here. Introduction If you are using Azure Pipelines, then you surely have used Microsoft-hosted agent. With Microsoft-hosted agents, maintenance and upgrades are taken care of for you. However, there are times when self-hosted agents are needed (i.e. customized images, network connectivity requirements etc.).… Continue reading Elastic self-hosted pool for Azure DevOps (on Kubernetes)
Azure AD Pod Identity – password-less app-containers in AKS
Background I like Azure Managed Identity since its advent. The concept behind Managed Identity is clever, and it adds observable value to any DevOps team. All concerns with password configurations in multiple places, life cycle management of secrets, certificates, and rotation policies suddenly irrelevant (OK, most of the cases).Leveraging managed identity for application hosted in… Continue reading Azure AD Pod Identity – password-less app-containers in AKS
Reverse Engineering 