In some cases, you may want to create a private link for the services that you host on an AKS cluster. With private link, clients or services outside of the AKS cluster can communicate with your...
Read More ⟶
Using Azure Private Link Service Integration on AKS
Migrate from Pod Identity to Workload Identity on AKS
I've been using AAD Pod Identity and managed identity for some of my workloads. Since AAD Workload Identity now supports user assigned managed identity, it's time to migrate my workloads from Pod...
Read More ⟶
Kubernetes Secrets vs. Azure Key Vault
Here is an opinionated comparison that I created. Hope it can help you make the decision when you have to choose one.
Kubernetes SecretsAzure Key VaultHow secrets are storedStored in Etcd with...
Read More ⟶
The Essentials of Resource Management in Kubernetes
The resource requests and limits that we set for containers in a Pod spec are the key settings that we can use to influence how Kubernetes schedule the pod and manage the computational resources,...
Read More ⟶
Scaling with Application Gateway Ingress Controller
How Application Gateway Ingress Controller (AGIC) works is depicted in the following diagram on its document site.
AGIC Architecture
Rather than pointing the backend pool of App Gateway to a...
Read More ⟶
Enable Virtual Node on an Existing AKS Cluster
The virtual node can be enabled when you create a new AKS cluster. There are documents talking about how to do it with either the Azure CLI or Azure Portal. Since the virtual node is an AKS add-on, ...
Read More ⟶
Node Allocatable in AKS
Kubernetes' Node Allocatable feature allows the cluster to reserve the resources of node for system daemons of OS and Kubernetes itself. For example, when I ran kubectl describe node for a node in...
Read More ⟶