Access KeyVault from Azure Kubernetes Service (AKS) with an ASP.NET Core application using a Managed Identity

Secrets in Kubernetes are not really secret. You should store all your cloud-related secrets in a vault anyway, so why not access this vault from your Kubernetes cluster. If you are using Azure, Azure KeyVault is the most logical place to store your secrets. This blogpost tells you how to access the KeyVault from an ASP.NET Core application running on AKS.

Lees verder

Collection of handy Azure CLI and Bash scripts

More and more people are using the Azure CLI to provision resources on Azure. Since my blogpost about the Azure CLI, I received so many reactions of people who are using the Azure CLI now. It’s readable, easy and is idempotent. Sometimes you want to use the more advanced syntax. This blog post is a collection of Azure CLI Commands and bash scripts that took me more time then I wanted and collect them so it doesn’t take you that much time (and me as well, next time 🙂 ). I will add to this blogpost if necessary.

Lees verder

“Backdoor” in Azure DevOps to get the password of a Service Principal

The password of a Service Principal configured in Azure DevOps in a Service Connection is a secret and hidden. But it’s fairly easy to get the password of a Service Principal in Azure DevOps. It’s not a security bug or a backdoor. It’s a side effect and by design. It looks like leaving the keys in the keyhole. This blogpost tells you how to get the password. As soon as you can use Service Principal credentials, it’s possible to connect to Azure from any laptop, you don’t have to be using a laptop in the same domain as the company. An additional advantage is that you can use the tools you love and that make you productive.

Lees verder

Have a great looking terminal and a more effective shell with Oh my Zsh on WSL 2 using Windows

Now Git, the Azure CLI, and Kubernetes Kubectl are used more and more, the bash prompt is one of the most productive ways to do your daily work. When using Windows, the usage of WSL (2) is a must-have when it comes to having a Linux shell to execute bash scripts. This works nice but with Oh-My-Zsh you can make the command-prompt look- and behave better so you can do your work more efficient.

Lees verder

Stop using ARM templates! Use the Azure CLI instead

I was a big fan of ARM templates: for many years I’m applying ARM templates on a large number of projects for all kinds of customers. I’ve written articles and blog posts about ARM templates. Have given many workshops and started collecting ARM templates used in enterprises ready for production.  I’ve written the Best practices with ARM Templates article together with my colleague Peter Groenewegen, which is the most visited blog post of Xpirit and it’s also published by Microsoft. It’s clear I was a big fan of ARM templates. But times are changing.

Lees verder

Automatic notification of the latest AKS version in Azure with an Azure Logic app and an Azure Function

New releases of Kubernetes follow each other in rapid succession. Azure must support the version of Kubernetes in order to also offer it with AKS.
I would like to know when a new version of Kubernetes will be supported in AKS. This can be checked manually with the Azure CLI. However, I do not want to do this manually every now and then. That’s why I automated the process that checks the latest version of Kubernetes in AKS. The process tweets a message when a new version has been released. In addition, the process also notifies via twitter when a new location in Azure supports AKS. The proces is automated by serverless resources in Azure: with an Azure Function and an Azure Logic app. The twitter account @azureaksupdates notifies about the latest version and latest locations of AKS.

Lees verder

Persistent Storage and Volumes using Kubernetes on Azure with AKS or Azure Container Service

Many applications hosted in a Docker container need a volume to store data on or to read from. The data can’t be stored in the Docker container itself because the data will be lost after a restart or when the container crashes. Persistent Storage has an independent lifecycle of a Pod. This blogposts shows the most used possibilities to use persistent storage using Kubernetes on Azure.

Lees verder