👉 New post: Access Azure Storage across tenants in AKS—no access keys needed 🚀
Securely mount K8s volumes via BlobFuse (Workload Identity) or NFS for Azure Fileshare/Blob. Step-by-step guide with examples!
🔗 Link: blog.joeyc.dev/posts/aks-no...
#Azure #AKS #Kubernetes #DevOps #CloudSecurity
👉 New post: Access cross-tenant resources via workload identity on Azure Kubernetes Service 🚀
In some cases, you need to access resources in different tenant from AKS. A cross-tenant authentication and authorization process is required.
🔗 Link: blog.joeyc.dev/posts/aks-ac...
#Azure #AKS #AAD
My new Azure trial subscription.
Finally started using treadmill after leaving job.
#life
Thanks for blessing from Azure Vietnam AKS (Container) team.
Hope everyone will be "forever young".
#Azure
Today is special.
Chinese Azure CSS team gets dismissed today, due to EO 14117.
I got my compensation today.
Time to start a new life.
Goodbye, Azure.
#Azure
This article is using user-assigned managed identity.
However, to make it work, the following prerequisites need to be met:
1. An app registration
2. App registration needs to be in same tenant with managed identity
(Src: learn.microsoft.com/en-us/entra/...)
I never expected this, honestly. Their outsourcing team cannot even set the DNS record properly. It was disheartening to realize that all my initial complex hypotheses were missing the point when the real issue was this simple but critical network misconfiguration.
Then, the root cause is found, unexpectedly: the old Container Registry was working because someone had manually added it to the Windows host file. Meantime, the new Container Registry failed because it had no entry in the host file.
My initial thought was that there might be a problem with the private link or endpoint in the hub VNet. I tried to locate it, but only to hit a dead end as I couldn't find the hub VNet.
We still engage together in a remote session after 3 days.
One old story about how it was working under a dysfunctional team.
It all started with a gov project that had been outsourced to a vendor team. When I took over the case, their old Container Registry worked fine, but new one was not functioning on their on-premise devices.
#Azure #DevOps #Network
I will continue to make minor contributions, but will no longer come up with original full AKS tutorials/how-to to Microsoft Learn.
I am very dejected today. This is not a fair or square for me to remove my credit (and add their owns) but take my content.
There is no respect to me.
#Azure #AKS
My daily mailbox.
"Issue needing attention of @Azure/aks-leads"
"This issue has been automatically marked as stale because it has not had any activity for 14 days. It will be closed if no further activity occurs within 7 days of this comment."
#Azure #AKS #Github
- Is this ending bit actually worth it?
- I'm sorry. It's terminal, right?