SETTING UP OAUTH 2.0 AUTHENTICATION FOR APPLICATIONS IN AKS WITH NGINX AND OAUTH2 PROXY
Introduction and use cases Setting up authentication with OAuth 2.0 Create OAuth2 Proxy application in Azure AD Configure NGINX Ingress Controller Configure and deploy OAuth2 Proxy Cookie Secret Create OAuth2 Proxy secrets in AKS cluster Deployment with Helm Can a single OAuth2 Proxy instance be used for multiple applications using different subdomains?
Read moreACCELERATED NETWORKING FOR AKS NODES
What is Accelerated Networking and why use it in AKS? Network performance test with and without Accelerated Networking in AKS Linux nodes Windows nodes Enable Accelerated Networking for AKS nodes Additional resources In this blog post I would like to talk about Accelerated Networking, how it can improve internal communication inside an AKS cluster and how you can enable that for Linux and Windows AKS nodes.
Read moreCONTINUOUS DELIVERY TO AKS WITH AZURE DEVOPS ENVIRONMENTS - PART 2
Deploy application to AKS with ADO Environments Create Azure DevOps Environment and Kubernetes resource Update Access Control and Deployment Policies Create build pipeline with deployment stage Deploy and look around Workloads Services Automate migration of Kubernetes resources between Azure DevOps Environments Additional resources Welcome to Part 2 of blog post series on Continuous Delivery to Azure Kubernetes Service with Azure DevOps Environments!
Read moreCONTINUOUS DELIVERY TO AKS WITH AZURE DEVOPS ENVIRONMENTS - PART 1
What is an Azure DevOps Environment? Introduction Benefits of using ADO Environments (IMHO) Resource Grouping Tips One Environment representing all development/staging/production clusters One Environment representing one development/staging/production cluster One Environment representing one application deployed in development/staging/production cluster Next Steps In the first part of this blog series I would like to talk about Azure DevOps Environments, benefits of using it for deployment of applications to AKS or any other Kubernetes distribution (or even a VM), and provide a few tips and tricks for how ADO environments and resources can be created.
Read moreIMPROVING .NET CODE QUALITY WITH NDEPEND IN VISUAL STUDIO AND AZURE DEVOPS
What is NDepend? Improving and enforcing source code quality with NDepend Azure DevOps extension Adding NDepend Build Task NDepend build output and Azure DevOps Dashboard Adding code coverage to NDepend analysis Adding code coverage from external location to NDepend analysis Trends section in NDepend Dashboard in Azure DevOps Enabling NDepend quality gate checks in build pipeline Quality gate and rule management with NDepend VS Extension Running initial NDepend analysis in Visual Studio Modifying default quality gate Deactivate, Suppress and Resolve quality gate issues Adding custom rule and connecting it to existing quality gate Additional resources What is NDepend?
Read moreCLEANING UP SECRETS IN AZURE DEVOPS AND GITHUB REPOSITORIES WITH BFG REPO-CLEANER
Why should you care about secrets management? I’ve committed a secret - now what? o.O Cleaning up secrets in Azure DevOps and GitHub repos (or any other Git repo) with BFG Repo-Cleaner Step-by-step walkthrough Final note on permissions in Azure DevOps repos Additional resources Why should you care about secrets management?
Read moreHOW TO UPGRADE NGINX INGRESS CONTROLLER WITH ZERO DOWNTIME IN PRODUCTION
Introduction to the needs for upgrading Ingress Controller Walkthrough of the process for upgrading NGINX Ingress Controller with zero downtime Preparations Create temporary Ingress Controller Re-route traffic to temporary Ingress Controller Upgrade original Ingress Controller and re-route traffic from temporary IC Final test and cleanup Additional resources Introduction to the needs for upgrading Ingress Controller In some scenarios you may need to perform maintenance work on the Ingress Controller which can potentially result in downtime - in my case the time has come to move away from NGINX Ingress Controller for Kubernetes Helm chart located in stable repo and fully embrace the new Helm chart located in ingress-nginx repository.
Read moreHOW TO INCLUDE NEW KUBERNETES RESOURCE INTO EXISTING HELM RELEASE
What is Helm? How to let existing Helm release “adopt” a new Kubernetes resource and why it’s important? Additional resources Helm is extremely useful and efficient when it comes to distributing, installing and upgrading applications hosted in Kubernetes. But sometimes you may have a need to patch an existing release and there is a quick way to do that which I would like to share with you today.
Read moreUSING KUBERNETES SERVICE FOR PROXYING TO EXTERNAL SERVICES
Why would proxying to external services from Kubernetes cluster be relevant? What is a Kubernetes Service and what kinds of Kubernetes Service can be created? Endpoint vs. EndpointSlice Implementation description and preparation Proxy to external services with Service without Selectors Proxy to external services with ExternalName Service Additional resources So, recently I’ve faced a scenario where I got a chance to dig more into different Kubernetes Service types and experiment with those.
Read moreHOW TO PERFORM STATIC CODE ANALYSIS OF .NET CODE WITH SECURITY CODE SCAN
What is static code analysis and why do I need it? How to install and use Security Code Scan tool? Installation in CI/CD pipeline Local installation How to view and read result report? Additional resources What is static code analysis and why do I need it? Developers are doing an important job - we create programs and systems that make life on this planet easier, better and safer.
Read more