Before I introduce you to Azure Service Operator and how it helps you to manage your Azure resources with Kubernetes let me briefly start with why you should use it and where it can help. Let me give you two examples:

Think of a common cloud-native application. Some microservices running on Kubernetes, using Redis for caching and a database to persist state. In such a scenario a common practice is to store and manage the application and its dependencies together. Until now you might have packed your microservices into a Helm chart for easier deployment and also created some Terraform code to deploy and manage the Redis and database. But those are still not linked together and are also deployed via two different continuous delivery pipelines. You could now argue that for example, the Terraform Helm provider could fix this issue by combining your application and infrastructure. But do you like your developers to learn and use another tool — mainly used for infrastructure management? Wouldn’t it be better to just manage the application dependencies together with the application itself in a Helm chart? …

Before I talk about Policy and Governance for Kubernetes let’s briefly talk about policy and governance in general. In short, it means to provide a set of rules which define a guideline that either can be enforced or audited. So why do we need this? It is important because in a Cloud ecosystem decisions are made decentralized and also taken at a rapid pace. A governance model or policy becomes crucial to keep the entire organization on track. Those definitions can include but are not limited to, security baselines or consistency of resources and deployments.

So, why do we need Governance and Policy for Kubernetes? Kubernetes provides Role-based Access Control (RBAC) which allows Operators to define in a very granular manner which identity is allowed to create or manager which resource. But RBAC does not allow us to control the specification of those resources. As already mentioned this is a necessary requirement to be able to define the policy boundaries. Some examples…

This blog post is not a kind of post I would normally publish. I’m normally focusing on technical blog posts around Cloud, Kubernetes and containers.

But normal is not normal anymore. In this post, I would like to talk about my new conference life. A life where I attend conferences and meetups without leaving my apartment. 😉

My last four weeks

So what did I do in the last four weeks? Everything started with the Azure Virtual Community Days which was a great world-wide event streamed on Youtube with multiple tracks. I had the pleasure to talk about Containers and Kubernetes on Azure.

This Youtube stream was completely managed by the team. …

This post is an updated version of my previous post “Using Terraform with Azure” that I published some time ago. Now, nearly one year later, I have learned a lot and also optimized and extended the examples and code snippets here and there. As a result, we decided to publish all code in this public GitHub repository. This post should provide you with some further details on the project and any details around it. All below code snippets are related to this project.

The project

As mentioned above, we decided to publish everything needed to scaffold a new production-ready Terraform project on Azure. …

In my previous article “Part:1 How Containerized CI/CD Pipelines Work with Kubernetes and GitLab”, I wrote about Kubernetes’ popularity and importance in 2019. I also described the advantages of containerized pipelines with GitLab CI/CD and Kaniko offer. In this post, I would like to introduce more open source projects and GitLab features that help you deploy and run your cloud native application.

Enhance Application Deployments

Now let’s get back to application deployment and introduce you to the open source project Kustomize. Kustomize, which is part of the Kubernetes project and sponsored by sig-cli, lets you customize raw and template-free YAML files for multiple purposes, leaving the original YAML untouched and usable as is. …

It is hardly surprising Kubernetes’ popularity continued to grow in 2019 and this trend will likely continue in 2020.

However, while it offers so many advantages, Kubernetes adoption has also revealed new difficulties that have to be addressed — and fixed. One of them is how we automatically deploy and manage our applications. With the below examples, I will share useful tips and tricks on how to enhance your Kubernetes CI/CD pipelines with the help of GitLab and open source technologies.

There are already many articles out there that provide you with details on how to containerize your .NET Core application. Nevertheless, I still saw the need to write a bit more detailed post which helps you to build a production-ready container image based on container and .NET Core best practices. This article is a part of Applied Cloud Stories initiative.

For better understanding, I will explain everything in detail based on a small sample ASPNET Core web application. You will find more details on the application itself here. Of course, the shared best practices are not limited to .NET Core. …

Ephemeral Containers are a new kind of container that runs temporarily in an existing Pod to allow easy user integrations like troubleshooting a container workload.

Why do we need Ephemeral Containers?

The advantages of containers are that they run isolated processes by providing all needed dependencies using an immutable approach. By adding only the required dependencies into the image a container lowers attack vectors and provides faster startups and deployments. Building container images using the “distroless” approach (building them from scratch) is taking this to the next level by only containing the compiled application binary. Unlike ordinary container images, these are not based on any kind of Linux distribution and therefore do not contain any other binaries and tools which could be executed via kubectl exec for troubleshooting purposes. …