Azure

Azure Virtual Networks use private IP addresses which aren’t routable on public networks. To enable support networks that exist both in Azure and on-prem environments, we need to configure IP addressing for both networks. Public IP addresses allow resources on the internet to communicate with Azure, and also enable outbound communication for Azure resources to public-facing services on the internet. In Azure, we can create public IP addresses and assign them to specific resources. ...

Azure Virtual Networks (or VNETs) are the fundamental building block for private networks in Azure. We can built Azure VNETs that are similar to on-prem networks, with the benefit of Azure infrastructure. We can create VNETs with their own CIDR block, and link them to other Azure VNETs and on-prem networks (providing that there’s no overlap with CIDR blocks). We can also control DNS server settings, segmentation of VNETs into subnets, and more. ...

A couple of years back, I built a Fitbit API token refresh service using Azure Functions. The purpose of that function was to refresh an access token that I can use to make calls to the Fitbit API and extract my own data using Azure Functions. This was before Azure Container Apps even existed, so Azure Functions was really the only option. WebJobs was an alternative (after all, Functions are essentially built on top of Azure WebJobs), but that wasn’t attractive since this was just an hobby project, and I didn’t want to break the bank. The problem with Azure Functions is that you’re restricted with the programming model. It’s fine if you just need the plumbing done for you for simple integrations, but if you want the flexibility, it’s not great. ...

Cleaning up stale images (images that you’re not using) from your Azure Container Registry is important for a couple of reasons. First off, storing images in ACR isn’t free. Even with the Basic SKU, once you go past your 10GB limit, you end up paying $0.00516 AUD (at the time of writing) per GB of additional storage. If you have container images that are just sitting there not being used, it’ll waste money and second, it’ll be difficult to manage your images. ...

As part of my AKS lab, I wanted to see how I can enforce compliance on workloads and my AKS control plane so I get into the habit of creating secure and compliant sandbox environments. We can achieve this with Azure Policy! So in this article, I’ll cover: What Azure Policy is. How it integrates with Azure Kubernetes Service. How we can enable Azure Policy for our AKS cluster with Terraform How we can apply and test policies to our AKS Cluster How we can check the overall compliance state for our cluster in the Azure Portal. What is Azure Policy? Azure Policy allows us to manage the state of compliance of our Azure services. It compares the state of your resources to the business rules that you define in Azure Policy. This can include enforcing resource tags on your resources, limiting the types of services you can use in Azure and where you can deploy them. ...