This post will explore the new support in Azure Application Gateway for Containers (AGC) for Web Application Firewall (WAF) as documented in https://aka.ms/agc/waf. This blog is part of a series: Before we start, kudos need to go to the great Christof Claessens, author of this extremely useful Azure Monitor Workbook to triage WAF logs. Is WAF a big … Continue reading Application Gateway for Containers: Web Application Firewall support| Cloudtrooper
After a good while without posting anything, I finally decided to slowly recommence again. This first post is about a little BGP trick that may help you increase the scale of Azure Route Server. Typically the maximum number of 8 BGP peers should be enough for most designs, but if you happen to need to … Continue reading Going beyond 8 peers in Azure Route Server| Cloudtrooper
In my recent blog series Private Link reality bites I briefly mentioned the possibility of inspecting Service Endpoints with Azure Firewall, and many have asked for more details on that configuration. Here we go! First things first: what the heck am I talking about? Most Azure services such as Azure Storage, Azure SQL and many … Continue reading Azure Firewall and Service Endpoints| Cloudtrooper
Right when VNet Flow Logs were launched I blogged about some recipes that help to extract insights out of the different information fields contained in the Flow Logs. After working with VNet Flow Logs and Traffic Analytics for a while now, I thought I could share some additional tips and tricks, this time focusing on … Continue reading VNet Flow Logs Recipes (part 2): fine-tune your security rules| Cloudtrooper
This post will explore the new support in Azure Application Gateway for Containers (AGC) for the overlay network option in Azure Kubernetes Service (AKS) as documented in https://aka.ms/agc/overlay, as well as whether you can see traffic between AGC and AKS with VNet Flow Logs. This blog is part of a series: What am I talking … Continue reading Application Gateway for Containers: a not-so-gentle intro (4)| Cloudtrooper
I would like to credit for this blog post to Abhishek Sharma, talking to him gave me the main inspiration for some of the concepts you are going to see below. Heartfelt thanks go as well to Niti Gupta, a kickass Microsoft engineer who can make Azure Monitor Workbooks really dance and who gave me … Continue reading Grafana and VNet Flow Logs| Cloudtrooper
Azure Kubernetes Fleet Manager is a very interesting solution that allows you to deploy code to multiple clusters at the same time. I am not going to stir up the debate here of whether this approac…| Cloudtrooper
Welcome to the fourth post in the Private Link Reality Bites series! Before we begin, let me recap the existing episodes of the series: Private Link reality bite #1: endpoints are an illusion …| Cloudtrooper
Welcome to the third post in the Private Link Reality Bites series! Before we begin, let me recap the existing episodes of the series: Private Link reality bite #1: endpoints are an illusion (contr…| Cloudtrooper
This post will take you one step further from the hello-world configuration that I described in the first post by adding TLS end-to-end, a scenario described in the public docs here. This blog is p…| Cloudtrooper
Have you ever have the feeling that something that should be easy turns into a mine field when you start working on it? I seem to be a specialist in not reading the required documentation and makin…| Cloudtrooper
I haven’t had a look at the Azure Application Gateway for Containers for a while now, and after I was recently asked about it I decided to go for another dive. I believe I found a couple of i…| Cloudtrooper
Welcome to the sixth post in the Private Link Reality Bites series! Before we begin, let me recap the existing episodes of the series: Private Link reality bite #1: endpoints are an illus…| Cloudtrooper
Welcome to the fifth post in the Private Link Reality Bites series! Before we begin, let me recap the existing episodes of the series: Private Link reality bite #1: endpoints are an illusion (…| Cloudtrooper
Posts about privatelinkrealitybites written by erjosito| Cloudtrooper
Welcome to the second post in the Private Link Reality Bites series! Before we begin, let me recap the existing episodes of the series: Private Link reality bite #1: endpoints are an illusion (cont…| Cloudtrooper
Welcome to this new series of blog posts in which I will be explaining some not-so-well-known facts about Azure Private Link and some associated technologies! This idea is born from the fact that I…| Cloudtrooper
First of all, my apologies for the radio silence, there have been some private projects going on during the Summer months that have kept me away from blogging. With that out of the way: what the he…| Cloudtrooper
You might have heard about the General Availability of Virtual Network Flow Logs in Azure, and even read the announcement blog post. When writing that post with Harsha CS I had the chance to play a…| Cloudtrooper
Designing network connectivity in public cloud can very quickly become a daunting task. Of course, public cloud providers do offer native networking services, and with those it is fairly easy. This…| Cloudtrooper