Access KeyVault from Azure Kubernetes Service (AKS) with an ASP.NET Core application using a Managed Identity

Secrets in Kubernetes are not really secret. You should store all your cloud-related secrets in a vault anyway, so why not access this vault from your Kubernetes cluster. If you are using Azure, Azure KeyVault is the most logical place to store your secrets. This blogpost tells you how to access the KeyVault from an ASP.NET Core application running on AKS.

Lees verder

Collection of handy Azure CLI and Bash scripts

More and more people are using the Azure CLI to provision resources on Azure. Since my blogpost about the Azure CLI, I received so many reactions of people who are using the Azure CLI now. It’s readable, easy and is idempotent. Sometimes you want to use the more advanced syntax. This blog post is a collection of Azure CLI Commands and bash scripts that took me more time then I wanted and collect them so it doesn’t take you that much time (and me as well, next time 🙂 ). I will add to this blogpost if necessary.

Lees verder

“Backdoor” in Azure DevOps to get the password of a Service Principal

The password of a Service Principal configured in Azure DevOps in a Service Connection is a secret and hidden. But it’s fairly easy to get the password of a Service Principal in Azure DevOps. It’s not a security bug or a backdoor. It’s a side effect and by design. It looks like leaving the keys in the keyhole. This blogpost tells you how to get the password. As soon as you can use Service Principal credentials, it’s possible to connect to Azure from any laptop, you don’t have to be using a laptop in the same domain as the company. An additional advantage is that you can use the tools you love and that make you productive.

Lees verder

Automatic notification of the latest AKS version in Azure with an Azure Logic app and an Azure Function

New releases of Kubernetes follow each other in rapid succession. Azure must support the version of Kubernetes in order to also offer it with AKS.
I would like to know when a new version of Kubernetes will be supported in AKS. This can be checked manually with the Azure CLI. However, I do not want to do this manually every now and then. That’s why I automated the process that checks the latest version of Kubernetes in AKS. The process tweets a message when a new version has been released. In addition, the process also notifies via twitter when a new location in Azure supports AKS. The proces is automated by serverless resources in Azure: with an Azure Function and an Azure Logic app. The twitter account @azureaksupdates notifies about the latest version and latest locations of AKS.

Lees verder

Persistent Storage and Volumes using Kubernetes on Azure with AKS or Azure Container Service

Many applications hosted in a Docker container need a volume to store data on or to read from. The data can’t be stored in the Docker container itself because the data will be lost after a restart or when the container crashes. Persistent Storage has an independent lifecycle of a Pod. This blogposts shows the most used possibilities to use persistent storage using Kubernetes on Azure.

Lees verder

Configure Https / TLS / SSL on Kubernetes with Kube-Lego hosted on Azure Container Service

What if you can configure your infrastucture with a process that requests your SSL Certificates automatic. Not only this, but this process registeres the certificates in your infrastructure also. There is more. The process also requests new versions of certificates every 30 days so the certificate will not expire. All of this, complely automated. It’s even completely free! You or your traditional ops department won’t believe this is possible.

Enter the new world of infrastructure: Kube-Lego, ofcourse hosted on Kubernetes.
Now I hear you think: “This is to good to be true. It must be hard to configure”. The configuration is really easy actually, as you will see in this blogpost.
Lees verder