Database migration is a flexible operation. You can run them as a deployment step on a build server. The disadvantage of that approach is a larger window between migration being applied and the application being ready to run. This is an even bigger issue when trying to employ GitOps strategies…
Managed identities are a good way to avoid secrets and enhance the security of your application. Workload identity provides a means to connect your AKS cluster to managed identities. The previous method of connecting these identities to AKS involved installing AAD Pod Identity in the cluster and using CRDs (Custom…
Phew, that's a mouthful! Working with AKS sometimes is. However, I can assure you that this approach to securing your applications in your Kubernetes cluster is worth it. The advantages to have a secretless solution are many: * No secrets are lost in the wild 🐅 The need to send…
It's not always easy to tell what is happening inside a kubernetes cluster. There are many alternatives like prometheus that can do alerting and monitoring for you. However by using AKS (Azure Kubernetes Service) you get a lot of Azure tools included. Most prominently the centralized logging with…
In this post, we're building a simple Ghost blog with HTTPS provided by Let's Encrypt. This will also renew itself. This is initially based on a guide made by Elton Stoneman, but we'll be diving into nginx-ingress, Let's Encrypt and cert-manager as…