How can I analyze the logs coming from AKS and reduce them?
I have recently added a data connector for AKS to my Sentinel workspace and it has caused a major hike in the amount of logs ingested in the workspace (which eventually increases the costs as well) I want to know: How can I check which tables are…
What are best security best practices to connect AKS with SQL Server?
Hi, I have an AKS cluster on Azure and one of the pod is connecting to the SQL server, the SQL server is also being consumed by a function app. I dont want my SQL server to be exposed publicly, and I know private endpoint can be used between function app…
Azure Machine Learning Terminal Instance HTTP Access Disruption
Hello everyone, our Azure workspace terminal instance (e.g., https://xxxxxx.eastus.inference.ml.azure.com/score) suddenly became inaccessible via HTTP at 9:30 AM on September 6th. Prior to this incident, we were able to call it normally. We are using a…
PDB issue while draining the nodes
What is the problem with this config. Whenever I run kubectl drain <node> this error is coming: "Cannot evict pod as it would violate the pod's disruption budget". I can clearly see that 3 pods are created on 3 different nodes. Now while…
AGIC service health probe by default goes to default probe eventhough I define the Ingress rules
I am using AGIC for my cluster. Recently I am observing the behaviour of health probe for each service we deployed is getting added to default probe in app gateway instead of creating a new one. Initially I thought problem with specific namespace but…
Why I am getting AKS security recomendation even I have definied in deployment YAML: Container CPU and memory limits should be enforced
I am running a deployment in AKS cluster and below is my YAML where I have clearly defined cpu/memory request and limit. Question is why I am getting AKS security recommendation : Container CPU and memory limits should be enforced ? apiVersion:…
How to hide a Response Server Header from a python application deployed in AKS as service?
Hello, I have my Python flask application running in AKS as a service. I want to hide the server information that is visible in Response headers under Server header. Application specific changes are not working when deployed on AKS. Please suggest ways…
Problem with managed Prometheus and AKS
When starting a new AKS Cluster and enabling the managed Prometheus option I get the following result: Following the https://video2.skills-academy.com/en-us/azure/azure-monitor/containers/prometheus-metrics-troubleshoot guide, all seems to be working but no…
Hitting AKS Kubernetes API with an AD app
Is there a way to use an AD app (app-id, secret, subscription) to authenticate with the Kubernetes API via HTTPS to get cluster's information without using azure cli? (like nodes, nodes configuration, roles, etc)
How to recreate certitifcate for azure hci AKS worker node ?
Hello, Can anyone provide the steps to generate a certificate for Kubelet? The AKS HCI worker node is in a "NotReady" state because Kubelet is not running. The Kubelet logs show the following error :moc-lhylsw0kus0 kubelet[1514068]:…
How to enable private endpoint between AKS and Azure SQL & Key Vault
Hi I am using AKS on Azure which is communicating with Azure SQL and Key Vault, I want that I disable public access and only use private endpoint but, when I enable private endpoint on SQL I cant see VNet of AKS in the list, same goes for Key Vault as…
Number of K8s per cluster in
Hi, When trying to build an estimation for container insights data volume (Azure pricing calculator -> Azure monitor -> Log Data Ingestion -> Estimate Data Volume -> Estimate data volume using Container Insights) there is a field called…
How to update AKS Coredns?
Hello, I have a quick question how to properly upgrade an AKS CoreDNS deployment. Current CoreDNS image mcr.microsoft.com/oss/kubernetes/coredns:v1.9.4-hotfix.20240704 I modify the deployment but it keeps getting written when restarting the…
AKS Ingress works with IP and DNS label but not with Cloudflare DNS Record
So, I created an AKS cluster with 2 deployments: C# RESTfull API C# YARP API Gateway both have ClusterIP services. I added nginx ingress controller to my cluster and created an ingress component in namespaces where the pods and services of my…
I would like to know if there is any cost associated with enabling the feature of LiveRezise in azure Disk and AKS PVs?
I would like to know if there is any cost associated with enabling the feature of LiveRezise in azure Disk and AKS PVs? Microsoft.compute/LiveResize
Insufficient privileges to complete the operation when trying to create Service Principle
Hi, I'm trying to create a Service Principle to use Terraform to create and manage my AKS. I'm successfully logged in to Azure CLI and can list all the subscriptions and resources. My issue starts when I'm trying to use the next cli…
Unable to reach the api server.
Hello Who could help me with a problem that I am having when trying to visualize the Pods within the AKS cluster. I clarify that I am logging within the corresponding VPN, that my Azure user is Owner of the Tenant and that he has all the roles to be able…
How to trace network latency from my AKS to VM in the same network
Hi there, We have our services running on AKS and we have one of our middlewares on Azure Virtual machine, they connect to each other through Virtual Network, I occasionally see very high latencies during these as high as few seconds for bytes of data.…
Inbound rule for agentpool (aks-nodepool) via ARM template
How can I add a inbound rule to NSG of VMSS, attached to network Interface via ARM template?
AKS Ingress Controller not accessible from external network despite correct configuration
I'm encountering an issue with my Azure Kubernetes Service (AKS) cluster where I can't access my application through the Ingress Controller from the external network, despite seemingly correct configuration. Here are the details: Environment: AKS…