C4: Container, Code, Cloud & Context
Designing intelligent systems, one layer at a time. ~ Nithin Mohan T K
After two decades of managing containerized workloads across production environments, I’ve come to appreciate that the difference between a good Kubernetes deployment and a great one often comes down to how intelligently it responds to changing demand. Horizontal Pod Autoscaling (HPA) represents one of those fundamental capabilities that separates reactive operations from proactive infrastructure management.… Continue reading
Introduction: Amazon Elastic Container Registry (ECR) is a fully managed container registry service provided by AWS. It enables developers to store, manage, and deploy Docker container images securely. In this guide, we’ll explore how to provision a new AWS ECR using Terraform, a popular Infrastructure as Code (IaC) tool. We’ll cover not only the steps… Continue reading
GitOps is a relatively new approach to software delivery that has been gaining popularity in recent years. It is a set of practices for managing and deploying infrastructure and applications using Git as the single source of truth. In this blog post, we will explore the concept of GitOps, its key benefits, and some examples… Continue reading
Today, we’ll take a look at a new feature in AKS called Azure Private Link, which allows you to connect to AKS securely and privately over the Microsoft Azure backbone network. In the past, connecting to AKS from an on-premises network or other virtual network required using a public IP address, which posed potential security… Continue reading
Azure Kubernetes Service(AKS) offers several options for managing identities within Kubernetes clusters, including AKS Managed Identity, Pod Managed Identity, and Workload Managed Identity. Here’s a comparison of these three options: Key Features AKS Managed Identity Pod Managed Identity Workload Managed Identity Overview A built-in feature of AKS that allows you to assign an Azure AD… Continue reading
AKS workload identity and AKS pod managed identity both provide a way to manage access to Azure resources from within a Kubernetes cluster. However, there are some key differences between the two features. Scope AKS pod managed identity provides a managed identity for each individual pod within a Kubernetes cluster. This allows you to grant… Continue reading
Kubernetes has become one of the most popular container orchestration tools, and Azure Kubernetes Service (AKS) is a managed Kubernetes service provided by Microsoft Azure. With the increasing use of Kubernetes and AKS, there is a growing need to improve the security and management of access to cloud resources. AKS pod managed identity is a… Continue reading
AKS workload identity is a feature of Azure Kubernetes Service (AKS) that enables you to use Azure Active Directory (AAD) to manage access to Azure resources from within a Kubernetes cluster. In this blog post, we’ll explore how AKS workload identity works and how to use it with an example code. How does AKS workload… Continue reading
Azure Kubernetes Service (AKS) is a fully managed Kubernetes container orchestration service provided by Microsoft Azure. It allows users to quickly and easily deploy, manage, and scale containerized applications on Azure. AKS has been a popular choice among developers and DevOps teams for its ease of use and its ability to integrate with other Azure… Continue reading