As I am almost playing around with Azure virtual machines and Azure Kubernetes service every day, I thought the administration tasks for VMSS are not that different. I was wrong. VMSS is indeed a service on its own and unfortunately, the official documentation is not that thorough.

The reasons for…


AKS would require an identity with sufficient permissions to perform the actions like creating additional load balancers, public IP addresses and managed disks on Azure platform. By default, AKS would take care all of this by creating system-assigned managed identities (MI). …


If you have not read through part 1 of this series, please check it from here.

Create Sample Data in Source PostgreSQL Server

If everything is set up correctly in Part 1, PostgreSQL server could be accessed without issues. Follow through this article to create a new PostgreSQL DB inside the server and insert sample data. The…


Since AKS could be integrated with more and more services on Azure, Pods having the identity to be authenticated by AAD becomes a must. AAD Pod Identity (AAD Pod ID) is designed for this purpose.

Before going through the step-by-step setup instructions, let’s take a look on how everything works…


I started to play around this service because a request came in about migrating data from a normal PostgreSQL server to a PostgreSQL server with customer-managed key (CMK) data encryption. Before even we can start testing the migration, we would need to


If you have not yet checked out AKS Network Deep Dive Part1 and Part2, please click on the links above to go through the content.

In this article, we would be focusing on how Azure CNI operates inside AKS.

What is CNI?

Abbreviated for Container Networking Interface. It is a…


This article would be introducing what monitoring solutions administrators could use to visually observe AKS metrics. Specifically, we would be talking about Prometheus and Azure Monitor (Log Analytics Workspace) as metrics-monitoring services and Grafana as the dashboard service.

Prometheus

Firstly, we would need to install Prometheus on AKS cluster to have…


This actually should not be a part 2 as it is not related to part 1 but actually a different way of setting AKS to get AKV’s resources. I name it as part 2 because I would people to go through either method.

Step-by-Step Guidance

  • Create an AKS cluster by following this…


Pod and Service Communication

To understand how external client gets to access services provided by Pods, we would need to create a simple NGINX Deployment with 3 replicas. Then expose it with native Load Balancer Service.

# create a NGINX Deployment with 2 replicas
- kubectl create deployment my-nginx --image=nginx --replicas=2
# check Pods…


If you are like me, who has not much foundation on Docker and learn every cloud native after K8swas introduced, you might have the same urge to figure out how the networking works within the cluster.

In this series, I would try to touch on

  • Container Communication
  • Pod Intra-Node/Inter-Node Communication

Jonathan

Learning new things about Kubernetes every day. Hopefully, the learning notes could help people on the same journey!

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store