Home | GaunaCode

Facundo Gauna

Building cloud-native apps on Azure

Featured / February 24, 2021

Deploying an ingress controller to an internal virtual network and fronted by an Azure Application Gateway with WAF

There are many ways to add a Web Application Firewall (WAF) in front of applications hosted on Azure Kubernetes Service (AKS). In this post, we’ll cover how to set-up an NGINX ingress controller on AKS, then create an Azure Application Gateway to front the traffic from a Public IP, terminate TLS, then forward traffic to the NGINX ingress controller listening on a Private IP, unencrypted.

devops azure kubernetes

Featured / January 29, 2021

Migrating apps from one AKS cluster to another using Velero

Assuming you already set-up Velero on your primary cluster, you can restore all the configuration and applications in a similar cluster using Velero. This can be really useful for scenarios where you want to test dangerous changes without impacting app dev teams using a cluster.

I recently had this scenario where I wanted to experiment with far fetched ideas on a cluster. However, I needed to use all the existing configurations. Because I was not using GitOps or extensive re-hydration CI/CD pipelines, I was able to use Velero to restore my Kubernetes configuration onto a new 1-node “sandbox” cluster.

devops azure kubernetes

Featured / January 23, 2021

Building a Kubernetes cluster on Raspberry Pis with a little Azure

Recently I finished something I’ve been wanting to do for a long time: creating a Kubernetes cluster running on some Raspberry Pis. I mostly followed a recent post from Alex Ellis. So, this post will build on that and speak about my experience with the bill of materials, some kinks, and how to save some time.

devops azure kubernetes

Creating an HTTPS ingress controller with your own TLS certificate and with public static IP on AKS

Microsoft already has good documentation on configuring an NGINX ingress controller with Let’s Encrypt or your own SSL certificate. There’s no guidance on creating an HTTPS ingress with your own certificate and using a public static IP for the ingress...

kubernetes azure

October 3, 2020

AKS Best Practice: Backing up AKS with Velero

Backing up AKS clusters is really important. Even if you’re using Infrastructure as Code and all deployments are automated, you will benefit from taking backups of AKS clusters. It’s also stated as a best-practice by Microsoft.

devops azure kubernetes

September 18, 2020

AKS Cost Savings: Stopping dev/test AKS clusters during off hours

Today, it’s possible to stop the virtual machine scale set (vmss) driving an AKS cluster. You can do this in many ways, including the Azure CLI. In this post, I’ll guide you through running an Azure CLI script to stop...

devops azure kubernetes

September 17, 2020

AKS Cluster Security: Process Linux node updates/reboots using Kured

Microsoft does download and install security patches automatically and transparently on AKS worker nodes. But, by design it’s your responsibility to restart them. Once you do so, these patches will take effect. So it’s really important that you do so...

azure kubernetes

August 31, 2020