How to handle vulnerability in AKS ip-masq-agent?
Team, In case of vulnerability CVE-2019-12900 and CVE-2018-12886 in ip-masq-agent is it necessary to update the complete AKS cluster. Currently, our ip-masq-agent is on v2.5.0 which has these issues. Kindly confirm as early as possible. Thank you …
Bug in proxy support for arc connectedk8s command and subcommand
Hello community! I'm reaching you to open a bug in proxy support in az connectedk8s connect command. This is blocking us a lot. #First point: I just discovered that arguments --proxy-http and --proxy-https are completely ignored as well…
How to mount azure fileshare to kubernetes for use with azure functions deployed using KEDA?
I used to mount azure file share on azure function app so that the functions can access the files inside the fileshare. I want to use azure functions with kubernetes (AKS) using keda. How can I mount the azure fileshare when deploying the function app to…
I had successfully deployed web api on aks but I am not able to route to action. Its calling only get method .
I had successfully deployed web api on aks but I am not able to route to action. Its calling only. Please provide solution for this.
az aks command invoke stopped working
I used below command to administer AKS privately hosted clusters. It used to work until yesterday and stopped working without any changes on the cluster. az aks command invoke --resource-group resource_group_name --name cluster name --command…
Using AKS private cluster can't access internet from pod
We are using free account to test private cluster used by our case. But we found after we create a private cluster we can't reach to internet from pods . As the document said , All pods in an AKS cluster can send and receive traffic without limitations,…
Cannot schedule Pods in AKS GPU node remediator.aks.microsoft.com/unschedulable
I have a Nodepool with Spot GPU nodes NC4as_T4_v3 and cluster autoscaling 0-1 . After scheduling a Pod with Request nvidia.com/gpu , the Node would spawn, but it has this taint: remediator.aks.microsoft.com/unschedulable The nodepool does not…
Using secretclass provider to use key vault from a different resource group to AKS
Hello, I am trying to access Keyvault secrets within my AKS cluster. Currently using helmdeploy task to accomplish this with secretproviderclass. There is no option to declare that the Key Vault is in a different resource group, am assuming just the…
Bot service over private channel
We are looking forward to develop a chatbot to integrate with Sharepoint, bot will be developed on composer framework and needs to interact with API services hosted in AKS Issue we are facing is we want to make everything private for our organization,…
Azure AKS appgw Acig
Hello, I've configured 2 AKS clusters: 1 for dev 1 for prod Both of them are in the same Vnet. Since i will expose some applications, my goal is to protect them with Application gateway with WAF enable. The thing is: when I install ingress…
AKS integration with ACI
I have AKS with advanced network (CNI) setup, I'm interested to enable virtual nodes. I understand that if its enabled, then when there's a need to scale the pods beyond the current limit of a node, it will scale to ACI, without the delay of bringing up…
AKS sould be free so why am I charged for it?
I have created AKS cluster using 2 Standard_D2as_v4 nodes. There are other resources like Load Balancer and Public IPs too. Anyway, the MS documentation says: Azure Kubernetes Service (AKS) is a free container service ... Paying for only the virtual…
Monitor for cluster is disappeared
See the pic But the status of cluster is still running, and containers works as well.
Addon HTTP Application v10.1 to v10.2 deployment error
Hello team, Today I have enable the HTTP application routing for Azure AKS. Update the version v10.1 to v10.2 du to error on 10.1. But after 5-10min a roll-back to 10.1 is automatically update... No error, no logs available. DESCRIBE Events: Type…
azure recommendation there is suggestion to resize the instance for 1 and 3 year but the suggested instance were not available in the region, how to proceed with this ?
Hi All, azure recommendation there is suggestion to resize the instance for 1 and 3 year but the suggested instance were not available in the region, how to proceed with this ? Regards, Ayyappa
Is it possible to use a single Application Gateway as an ingress controller for multiple Azure Kubernetes Services?
I am currently trying to configure ingress routes in two AKS clusters which both use the same Application Gateway instance as an AGIC. My hope thereby is to have a single point where TLS connections from the outside are terminated and distribute…
create the external DNS in Azure AKS v1.22.6
Hi Team, I need your help to fix the issue. I have created Azure AKS cluster v1.22.6. I am trying to create the Kubernetes External DNS to create Record Sets in Azure DNS from AKS, getting the error. My domain name is registered in GoDaddy. I…
Connect Azure keyvault and container registry to on-prem kubernetes cluster
Good morning. I'm trying to connect a kubernetes cluster running on prem in our DC with Azure's key vault and container registry. I cannot find any exhaustive documentation on how to do that (everything revolves around AKS). Is it possible to…
OIDC token generated for AzureAD app not able to access AKS resources that has AzureAD enabled.
I have an AKS cluster that has AzureAD, RBAC enabled I also have registered an app on AzureAD. Now I am trying to get a token with the typical go-oidc package flow with the necessary AzureAD configs but the token i get is not able to access AKS…
Difference between System mode and User mode nodepool
Hi all, Currently we are using AKS v1.22.6 where we have 2 node pools configured with 1 system mode and 1 user mode. As we understood from the document, System mode is capable of hosting both system pods and user pods(in other words application pods)…