Daniel's Tech Blog
115 FOLLOWERS
Daniel's Tech covers blog posts about technology. Hi, my name is Daniel Neumann, I am a Microsoft Professional and this is my blog where I am writing down my thoughts about Microsoft Azure, Kubernetes, and Cloud Native technologies.
Daniel's Tech Blog
1M ago
In my previous blog post, I showed you how to check for specific feature gates on an Azure Kubernetes Service cluster.
-> https://www.danielstechblog.io/show-enabled-feature-gates-on-an-azure-kubernetes-service-cluster/
Especially for the SidecarContainers feature gate, which is enabled on Azure Kubernetes Service running Kubernetes version 1.29 or higher.
The SidecarContainers feature gate brings support for running sidecar containers as init containers. For instance, a service mesh proxy container now starts before the main container and solves a couple of issues with ..read more
Daniel's Tech Blog
2M ago
The Azure Kubernetes Fleet Manager comes with two different configuration options with and without a hub cluster configuration.
In today’s blog post, we focus on the Azure Kubernetes Fleet Manager without a hub cluster configuration. This configuration option only provides the Azure Kubernetes Service update management, and this is our focus for today,
Before we dive into the topic, let us step back and answer the question of why we need the Azure Kubernetes Fleet Manager in times of infrastructure as code.
Why we need the Azure Kubernetes Fleet Manager?
Imagine you use Terraform for your infr ..read more
Daniel's Tech Blog
2M ago
Microsoft Defender for Cloud supports the continuous export of a variety of data to Azure Event Hubs and Azure Log Analytics workspaces. When you use Azure Event Hubs, you can stream those data also to 3rd-party solutions or Azure Data Explorer. The continuous export is handy for security alerts to maintain them for a longer period than the default 90 days.
Using the Azure portal to configure the continuous export functionality is straightforward, but it gets cumbersome when configuring it for multiple subscriptions.
Infrastructure as code
Here comes infrastructure as code into play to automa ..read more
Daniel's Tech Blog
4M ago
The Azure PostgreSQL Flexible Server was from its launch the better option than the Single Server, especially from a performance perspective. However, the Flexible Server was missing important features that were built-in in the Single Server from the beginning.
Since the retirement announcement of the Single Server, it was time for Microsoft to bring the Flexible Server feature set on par.
-> https://azure.microsoft.com/en-us/updates/azure-database-for-postgresql-single-server-will-be-retired-migrate-to-flexible-server-by-28-march-2025?WT.mc_id=AZ-MVP-5000119
-> https://techcommunity.mic ..read more
Daniel's Tech Blog
5M ago
The gateway definition for the Istio ingress gateway provides a configuration parameter to enable the HTTPS redirect of HTTP connections.
-> https://istio.io/latest/docs/reference/config/networking/gateway/#ServerTLSSettings
apiVersion: networking.istio.io/v1beta1
kind: Gateway
metadata:
name: azst-aks-gateway
namespace: istio-config
spec:
selector:
istio: ingressgateway # use Istio default gateway implementation
servers:
- hosts:
- "*.danielstechblog.de"
port:
number: 80
name: http
protocol: HTTP
tls:
httpsRedirect: true
- hosts ..read more
Daniel's Tech Blog
6M ago
In the past, I have written two blog posts about how to run untrusted workloads on Azure Kubernetes Service.
-> https://www.danielstechblog.io/running-gvisor-on-azure-kubernetes-service-for-sandboxing-containers/
-> https://www.danielstechblog.io/using-kata-containers-on-azure-kubernetes-service-for-sandboxing-containers/
Today, I walk you through how you gather log data of an untrusted workload isolated by Kata Containers with Fluent Bit. When you hear isolated, it always comes to mind that only one pattern works to gather log data: the sidecar pattern.
Fluent Bit would run as a sidecar ..read more
Daniel's Tech Blog
7M ago
In May this year, Microsoft announced the general availability of the Azure Linux support in Azure Kubernetes Service.
-> https://azure.microsoft.com/en-us/updates/generally-available-azure-linux-support-in-aks/?WT.mc_id=AZ-MVP-5000119
-> https://techcommunity.microsoft.com/t5/linux-and-open-source-blog/introducing-the-azure-linux-container-host-for-aks/ba-p/3824101?WT.mc_id=AZ-MVP-5000119
Azure Linux is Microsoft’s Linux distribution of CBL-Mariner.
-> https://github.com/microsoft/CBL-Mariner
You can choose now between using Ubuntu or Azure Linux as the host operating system for your ..read more
Daniel's Tech Blog
8M ago
A few weeks back, I passed the Certified Kubernetes Administrator exam, a long-term item on my to-do list, and eventually accomplished it.
-> https://www.cncf.io/certification/cka/
-> https://training.linuxfoundation.org/certification/certified-kubernetes-administrator-cka/
I have been working with Kubernetes for nearly seven years now. Mostly with managed Kubernetes on Azure, Azure Kubernetes Service (AKS). Besides Azure Kubernetes Service, I am using KinD, Kubernetes in Docker, or Kubernetes on Docker Desktop daily for testing. I also played around with kubeadm, k3s, and Rancher Kubern ..read more
Daniel's Tech Blog
9M ago
I have been using Azure Load Testing for my Azure Chaos Studio demos for a while now. The service provides an on-demand infrastructure to run your load tests as a managed service.
Recently, the service received some significant updates I like to share with you.
The first update targets the test duration. Previously limited to three hours max, you can now request an increase to 24 hours. That opens up some new testing scenarios.
-> https://azure.microsoft.com/en-us/updates/azure-load-testing-run-tests-for-up-to-24-hours/?wt.mc_id=AZ-MVP-5000119
The second update also increases a previous lim ..read more
Daniel's Tech Blog
10M ago
Azure resource locks are an essential building block protecting Azure resources from accidental deletion or modifications.
In today’s blog post, I show you how to use Azure resource locks to protect your Azure resources and how to not block your Terraform infrastructure as code processes.
Common setup and the Terraform issue
Resources in Azure inherit the resource lock from their parent resource. Therefore, in most setups, a resource lock is created either on the resource group or the resource itself. In such a setup, you cannot leverage Terraform to its fullest, as delete operations are block ..read more