Tag: kubernetes

Lab: Tip/Code sample Limit Communication Between Microservices with Kubernetes Network Policies

Aug 31, 2021 · 5 min read

🎁Special Giveaway@ManningBooks just launched Microservices in .NET, Second Edition by @chr_horsdal I am giving one away to my Tweeple ♥ Rules: 1. 👉🏻 Follow me 2. 🔃 Retweet this tweet#contest #giveaways #ebooks #dotnet #microservices pic.twitter.com/OWBc5wiMtM — Rahul Rai (@rahulrai_in) August 31, 2021 Security is an important concern for microservices applications. Although security is a broad topic, I want to zoom into a critical aspect: limiting communication between microservices. By default, microservices platforms such as Kubernetes allow unconstrained communication between services.

#azure#kubernetes

Read more of Limit Communication Between Microservices with Kubernetes Network Policies

Persistent Volume Management and Expansion in Kubernetes with Azure Kubernetes Service

Jul 17, 2021 · 9 min read

Applications or databases running out of disk space are a common issue that the Operations team addresses regularly. This problem has existed since the days we used to host applications on bare metal servers and is still present in virtualized and container environments. However, since we have reached a stage where the compute and storage systems are decoupled from each other, granting additional storage to applications rarely requires updating the application or modifying the underlying application host infrastructure.

#azure#kubernetes

Read more of Persistent Volume Management and Expansion in Kubernetes with Azure Kubernetes Service

Lab: Tip/Code sample Practical Top-down Resource Monitoring of a Kubernetes Cluster with Metrics Server

May 15, 2021 · 7 min read

You might have previously used observability tools such as Prometheus, Azure Monitor, AWS Container Insight, or commercial products such as Logic Monitor to monitor your Kubernetes cluster. Let’s probe the Kubernetes magic that makes the beautiful CPU and memory dials tick on the monitoring dashboards. Kubernetes has a built-in Metrics API (see spec.) and a simple CLI query, kubectl top (documentation), that you can use to fetch a snapshot of the CPU and memory consumption of a Kubernetes object.

#kubernetes

Read more of Practical Top-down Resource Monitoring of a Kubernetes Cluster with Metrics Server

Tracing and Profiling a .NET Core Application on Azure Kubernetes Service with a Sidecar Container

Feb 03, 2021 · 11 min read

Imagine running a .NET Core application in Kubernetes, which suddenly starts being sluggish, and the telemetry fails to give you a complete picture of the issue. To remediate performance issues of applications, starting with .NET Core 3, Microsoft introduced several .NET Core runtime diagnostics tools to diagnose application issues. dotnet-counters to view Performance Counters. dotnet-dump to capture and analyze Dumps. dotnet-trace to capture runtime events and sample CPU stacks. dotnet-gcdump to collect Garbage Collector dumps of application.

#azure#kubernetes#programming

Read more of Tracing and Profiling a .NET Core Application on Azure Kubernetes Service with a Sidecar Container

Monitoring Health of ASP.NET Core Background Services with TCP Probes on Kubernetes

Oct 24, 2020 · 9 min read

Many microservices applications require background tasks and scheduled jobs to process requests asynchronously. In the .NET Core ecosystem, background services are called Hosted services because a single host, such as a web host or a console host, can run several such services in the background while it is alive. In terms of implementation, a hosted service is required to implement the IHostedService interface. You can implement the IHostedService interface yourself, or even better, leverage the BackgroundService class that implements some common concerns such as cancellation token management and error propagation to the host for you.

#programming#kubernetes

Read more of Monitoring Health of ASP.NET Core Background Services with TCP Probes on Kubernetes

Lab: Tip/Code sample Enable TLS on HTTP Triggered Function App in Kubernetes Using KEDA and NGINX

Sep 26, 2020 · 4 min read

With KEDA (Kubernetes-based Event-Driven Autoscaling), you can host Azure Functions on Kubernetes. KEDA allows you to scale pods based on configurable rules that rely on metrics from data sources such as Azure Queue. The Microsoft documentation outlines how you can use the Prometheus scaler to scale HTTP triggered Azure functions. However, it does not discuss the the security of the transport channel in detail. This quick tip will demonstrate how you can expose your HTTP triggered Azure Functions over TLS/SSL (HTTPS endpoint).

#azure#kubernetes

Read more of Enable TLS on HTTP Triggered Function App in Kubernetes Using KEDA and NGINX

Dynamic Admission Control in AKS with Azure Functions

Sep 20, 2020 · 15 min read

This article is part of #ServerlessSeptember. You’ll find other helpful articles, detailed tutorials, and videos in this all-things-Serverless content collection. New articles from community members and cloud advocates are published every week from Monday to Thursday through September. Find out more about how Microsoft Azure enables your Serverless functions at https://docs.microsoft.com/azure/azure-functions/. Nov 02,2020: The implementation of validating webhook Azure Function that uses Azure Communication Service is available in the feature/impl-azure-comm-service branch.

#azure#kubernetes#compute

Read more of Dynamic Admission Control in AKS with Azure Functions

Istio Succinctly

Apr 21, 2020 · 4 min read

I am super happy to announce the release of my new eBook: Istio Succictly, published by Syncfusion. You can grab a copy of the book for free by clicking this link. If you are familiar with Kubernetes and want to augment your Kubernetes clusters with the most popular Service Mesh implementation, Istio, then this book is for you. In Istio Succinctly, we have tried to comprehensively cover the quintessence of Istio without sacrificing the necessary concepts and theory behind it.

#kubernetes#service-mesh

Read more of Istio Succinctly

Durable Cloud Event Production from Knative Container Source with Azure Durable Task Framework

Jan 15, 2020 · 11 min read

Knative is an excellent platform for building, deploying and managing serverless workloads on Kubernetes. The Serving resources of Knative extend Istio to support serverless applications. Another class of resources of Knative called Eventing extend Istio to support the production and consumption of Cloud Events. Knative offloads the responsibility of scaling the workloads from the users by only activating pods when they receive a request. It scales out the workload pods based on the number of requests and scales pods down to zero when they are idle.

#azure#kubernetes

Read more of Durable Cloud Event Production from Knative Container Source with Azure Durable Task Framework

Origin Authentication and RBAC in Istio with Custom Identity Provider

Nov 11, 2019 · 15 min read

The concept of access control can be boiled down to two factors: authentication (AuthN) and authorization (AuthZ). While authentication determines the identity of a client based on the data presented to the identity provider (e.g., Google and Microsoft AD), authorization determines whether an authenticated principal may interact with the resource. I am not going to delve deep into the security architecture of Istio since I have covered this topic in detail in my upcoming FREE quick start guide on Istio.

#kubernetes#service-mesh

Read more of Origin Authentication and RBAC in Istio with Custom Identity Provider