-
Notifications
You must be signed in to change notification settings - Fork 0
/
index.html
488 lines (297 loc) · 40.5 KB
/
index.html
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<title>Chris = blog</title>
<meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1">
<meta name="description" content="Blog by Chris van Sluijsveld about Azure, .NET and other stuff">
<meta property="og:type" content="website">
<meta property="og:title" content="Chris = blog">
<meta property="og:url" content="https://blog.sluijsveld.com/index.html">
<meta property="og:site_name" content="Chris = blog">
<meta property="og:description" content="Blog by Chris van Sluijsveld about Azure, .NET and other stuff">
<meta property="og:locale" content="en_US">
<meta property="article:author" content="Chris van Sluijsveld">
<meta name="twitter:card" content="summary">
<meta name="twitter:creator" content="@cvsluijsveld">
<link rel="alternative" href="/atom.xml" title="Chris = blog" type="application/atom+xml">
<link rel="icon" href="/favicon.png">
<link href="//fonts.googleapis.com/css?family=Ubuntu" rel="stylesheet" type="text/css">
<link rel="stylesheet" href="/css/style.css">
<!-- Global site tag (gtag.js) - Google Analytics -->
<script async src="https://www.googletagmanager.com/gtag/js?id=UA-110055010-1"></script>
<script>
window.dataLayer = window.dataLayer || [];
function gtag(){dataLayer.push(arguments);}
gtag('js', new Date());
gtag('config', 'UA-110055010-1');
// gtag('config', 'UA-110055010-1');
</script>
<meta name="generator" content="Hexo 5.4.0"></head>
<body>
<div id="container">
<div id="wrap">
<header id="header">
<div id="header-outer" class="outer">
<div id="header-title" class="inner">
<h1 id="logo-wrap">
<a href="/" id="logo">Chris = blog</a>
</h1>
</div>
<div id="header-inner" class="inner">
<nav id="sub-nav">
<a id="nav-home-icon" class="nav-icon" href="/"></a>
<a id="nav-archives-icon" class="nav-icon" href="/archives"></a>
<a id="nav-about-icon" class="nav-icon" href="/about"></a>
<a id="nav-rss-link" class="nav-icon" href="/atom.xml" title="RSS Feed"></a>
</nav>
</div>
</div>
</header>
<div class="outer">
<section id="main">
<article id="post-FederatedOIDCGithubActions" class="article article-type-post" itemscope itemprop="blogPost">
<div class="article-meta">
<header class="article-header">
<a class="article-title" href="/25/10/2021/FederatedOIDCGithubActions/">Secretless deployments to Azure with Github Actions</a>
</header>
<time class="article-date" datetime="2021-10-25T06:45:45.000Z" itemprop="datePublished">25-10-2021</time>
</div>
<div class="article-inner">
<div class="article-entry" itemprop="articleBody">
<h3 id="Disclaimer"><a href="#Disclaimer" class="headerlink" title="Disclaimer"></a>Disclaimer</h3><p>The following example uses the beta Azure CLI for now. The CLI change is not yet available in the stable release of Azure CLI.</p>
<p>When deploying from Github Actions to Azure you have to Login to Azure with the <code>azure/login</code> action. This action requires a Service Principal secret which can be stored in Github secrets. However, these secrets are available in Github workflow using them and can even be written to the output with echo for example.</p>
<p>With the new <strong> <a href="mailto:azure/[email protected]" target="_blank" rel="noopener">azure/[email protected]</a> </strong> action you can use <strong> <a href="https://docs.microsoft.com/en-us/azure/active-directory/develop/workload-identity-federation-create-trust-github" target="_blank" rel="noopener">Federated credentials</a> </strong> to login to Azure. Because this feature essentially establishes a trust between Github and Azure Active Directory there is no need for a password/secret anymore. </p>
<h2 id="Create-App-registration-and-Federated-Credential-in-Azure"><a href="#Create-App-registration-and-Federated-Credential-in-Azure" class="headerlink" title="Create App registration and Federated Credential in Azure"></a>Create App registration and Federated Credential in Azure</h2><p>First start by creating a normal AppRegistration in Azure Active Directory. After that go to <strong> Certificates & secrets </strong> and then to the tab <strong> Federated credentials. </strong> </p>
<p><img src="/images/FederatedOIDCGithubActions/oidaad.png" alt="Federated Credentials in AAD"></p>
<p>Create a Federated Credential in Azure Active Directory. This is the credential that will be used to login to Azure. Fill in the correct values for your Github Repository.</p>
<p><img src="/images/FederatedOIDCGithubActions/fedcredaad.png" alt="Federated Credentials creation"></p>
<h2 id="Modify-Github-workflow-to-use-Federated-Credentials-to-login-on-Azure"><a href="#Modify-Github-workflow-to-use-Federated-Credentials-to-login-on-Azure" class="headerlink" title="Modify Github workflow to use Federated Credentials to login on Azure"></a>Modify Github workflow to use Federated Credentials to login on Azure</h2><p>After the first step of creating the AppRegistration and Federated Credential you can now modify the Github workflow to use the federated credentials. </p>
<p>A example of the modified workflow is shown below.</p>
<figure class="highlight yaml"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br><span class="line">9</span><br><span class="line">10</span><br><span class="line">11</span><br><span class="line">12</span><br><span class="line">13</span><br><span class="line">14</span><br><span class="line">15</span><br><span class="line">16</span><br><span class="line">17</span><br><span class="line">18</span><br><span class="line">19</span><br><span class="line">20</span><br><span class="line">21</span><br><span class="line">22</span><br><span class="line">23</span><br><span class="line">24</span><br><span class="line">25</span><br><span class="line">26</span><br><span class="line">27</span><br><span class="line">28</span><br><span class="line">29</span><br><span class="line">30</span><br><span class="line">31</span><br><span class="line">32</span><br><span class="line">33</span><br><span class="line">34</span><br><span class="line">35</span><br><span class="line">36</span><br><span class="line">37</span><br><span class="line">38</span><br><span class="line">39</span><br><span class="line">40</span><br><span class="line">41</span><br><span class="line">42</span><br><span class="line">43</span><br></pre></td><td class="code"><pre><span class="line"><span class="attr">name:</span> <span class="string">deploy</span></span><br><span class="line"></span><br><span class="line"><span class="attr">on:</span></span><br><span class="line"> <span class="attr">push:</span></span><br><span class="line"> <span class="attr">branches:</span> <span class="string">[</span> <span class="string">main</span> <span class="string">]</span></span><br><span class="line"> <span class="attr">workflow_dispatch:</span></span><br><span class="line"></span><br><span class="line"><span class="attr">permissions:</span></span><br><span class="line"> <span class="attr">id-token:</span> <span class="string">write</span></span><br><span class="line"> <span class="attr">contents:</span> <span class="string">read</span></span><br><span class="line"></span><br><span class="line"><span class="attr">jobs:</span></span><br><span class="line"> <span class="attr">deploy_ota:</span></span><br><span class="line"> <span class="attr">runs-on:</span> <span class="string">ubuntu-latest</span></span><br><span class="line"> <span class="attr">name:</span> <span class="string">Deploy</span></span><br><span class="line"> <span class="attr">steps:</span></span><br><span class="line"> <span class="bullet">-</span> <span class="attr">uses:</span> <span class="string">actions/checkout@v2</span></span><br><span class="line"> <span class="bullet">-</span> <span class="attr">name:</span> <span class="string">Install</span> <span class="string">CLI-beta</span></span><br><span class="line"> <span class="attr">run:</span> <span class="string">|</span></span><br><span class="line"> <span class="string">cd</span> <span class="string">../..</span></span><br><span class="line"> <span class="string">CWD="$(pwd)"</span></span><br><span class="line"> <span class="string">python3</span> <span class="string">-m</span> <span class="string">venv</span> <span class="string">oidc-venv</span></span><br><span class="line"> <span class="string">.</span> <span class="string">oidc-venv/bin/activate</span></span><br><span class="line"> <span class="string">echo</span> <span class="string">"activated environment"</span> </span><br><span class="line"> <span class="string">python3</span> <span class="string">-m</span> <span class="string">pip</span> <span class="string">install</span> <span class="string">--upgrade</span> <span class="string">pip</span></span><br><span class="line"> <span class="string">echo</span> <span class="string">"started installing cli beta"</span> </span><br><span class="line"> <span class="string">pip</span> <span class="string">install</span> <span class="string">-q</span> <span class="string">--extra-index-url</span> <span class="string">https://azcliprod.blob.core.windows.net/beta/simple/</span> <span class="string">azure-cli</span></span><br><span class="line"> <span class="string">echo</span> <span class="string">"installed cli beta"</span> </span><br><span class="line"> <span class="string">echo</span> <span class="string">"$CWD/oidc-venv/bin"</span> <span class="string">>></span> <span class="string">$GITHUB_PATH</span></span><br><span class="line"></span><br><span class="line"> <span class="comment"># Login to Azure </span></span><br><span class="line"> <span class="bullet">-</span> <span class="attr">name:</span> <span class="string">Azure</span> <span class="string">Login</span> <span class="string">Xpirit</span></span><br><span class="line"> <span class="attr">uses:</span> <span class="string">azure/[email protected]</span></span><br><span class="line"> <span class="attr">with:</span></span><br><span class="line"> <span class="attr">client-id:</span> <span class="string">${{</span> <span class="string">secrets.AZURE_CLIENTID</span> <span class="string">}}</span></span><br><span class="line"> <span class="attr">tenant-id:</span> <span class="string">${{</span> <span class="string">secrets.AZURE_TENANTID</span> <span class="string">}}</span></span><br><span class="line"> <span class="attr">subscription-id:</span> <span class="string">${{</span> <span class="string">secrets.AZURE_SUBSCRIPTIONID</span> <span class="string">}}</span></span><br><span class="line"></span><br><span class="line"> <span class="bullet">-</span> <span class="attr">name:</span> <span class="string">'Run az commands'</span></span><br><span class="line"> <span class="attr">run:</span> <span class="string">|</span></span><br><span class="line"> <span class="string">az</span> <span class="string">account</span> <span class="string">set</span> <span class="string">-s</span> <span class="string">'Microsoft Azure Sponsorship 2020'</span></span><br><span class="line"> <span class="string">az</span> <span class="string">group</span> <span class="string">create</span> <span class="string">-l</span> <span class="string">westeurope</span> <span class="string">-n</span> <span class="string">rg-githubexporter</span></span><br><span class="line"> <span class="string">az</span> <span class="string">deployment</span> <span class="string">group</span> <span class="string">create</span> <span class="string">-g</span> <span class="string">rg-githubexporter</span> <span class="string">--template-file</span> <span class="string">./main.bicep</span> <span class="string">--parameters</span> <span class="string">./parameters.json</span></span><br></pre></td></tr></table></figure>
<p>The important part is the change to the <strong> <a href="mailto:azure/[email protected]" target="_blank" rel="noopener">azure/[email protected]</a> </strong> action. Instead of providing a client secret it is now possible to use the federated credentials. The only information that is needed is the client id, tenant id and subscription id. Because of the trust between Github and Azure Active Directory there is no need for a password/secret anymore.</p>
<p>This sample uses the beta version of the Azure CLI. To install it please visit <a href="https://docs.microsoft.com/en-us/cli/azure/install-azure-cli-beta?view=azure-cli-latest&tabs=powershell#how-to-install-azure-cli-beta" target="_blank" rel="noopener">Azure CLI Beta</a>.</p>
</div>
<footer class="article-footer">
<a data-url="https://blog.sluijsveld.com/25/10/2021/FederatedOIDCGithubActions/" data-id="ckv8aphbt0007ocsspyktudtb" class="article-share-link">Share</a>
<a href="https://blog.sluijsveld.com/25/10/2021/FederatedOIDCGithubActions/#disqus_thread" class="article-comment-link">Comments</a>
<ul class="article-tag-list" itemprop="keywords"><li class="article-tag-list-item"><a class="article-tag-list-link" href="/tags/azure/" rel="tag">azure</a></li><li class="article-tag-list-item"><a class="article-tag-list-link" href="/tags/github/" rel="tag">github</a></li></ul>
</footer>
</div>
</article>
<article id="post-AzureContainerImageVnetAzureDevOps" class="article article-type-post" itemscope itemprop="blogPost">
<div class="article-meta">
<header class="article-header">
<a class="article-title" href="/27/09/2018/AzureContainerImageVnetAzureDevOps/">Running Azure DevOps agents inside your virtual network using ACI</a>
</header>
<time class="article-date" datetime="2018-09-27T06:45:45.000Z" itemprop="datePublished">27-09-2018</time>
</div>
<div class="article-inner">
<div class="article-entry" itemprop="articleBody">
<p>As my colleague Rene van Osnabrugge wrote about on his blog <a href="https://roadtoalm.com/2017/08/18/running-a-linux-vsts-agent-on-azure-container-instances/" target="_blank" rel="noopener">original post</a> it is possible to run your Azure DevOps agent on Azure Container instances (ACI). At Ignite 2018 Microsoft announced virtual network integration for Azure Container Instances. So now it is possible to use a ACI based Azure DevOps agent to deploy into your private network. This post explains the extra things you have to do to make this possible.</p>
<h2 id="Setting-up-your-virtual-network"><a href="#Setting-up-your-virtual-network" class="headerlink" title="Setting up your virtual network"></a>Setting up your virtual network</h2><p>Start by creating a virtual network if you do not have a vnet yet. This can be done using the Azure Portal or the the Azure CLI. With the CLI it can be done using the following command: </p>
<blockquote>
<p>az network vnet create -g resourcegroup -n vnetname</p>
</blockquote>
<p>after the virtual network is created we have to create a subnet where our Azure DevOps agents will be deployed. This subnet has to have the delegation for Azure Container Instances. Create the subnet using:</p>
<blockquote>
<p>az network vnet subnet create -g resourcegroup -n subnetname –vnet-name vnetname –address-prefix subnetprefix –delegations Microsoft.ContainerInstance.containerGroups</p>
</blockquote>
<p>After creation the subnet should look like this in the Azure Portal <img src="/images/AzureContainerImageVnetAzureDevOps/subnetaci.png" alt="aci subnet">.</p>
<h2 id="Deploy-your-private-Azure-DevOps-agent"><a href="#Deploy-your-private-Azure-DevOps-agent" class="headerlink" title="Deploy your private Azure DevOps agent"></a>Deploy your private Azure DevOps agent</h2><p>Now that the network infrastructure is ready it is time to deploy our Azure DevOps agent. Deploy it to Azure using the Azure CLI.<br><figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br></pre></td><td class="code"><pre><span class="line">az container create -g <resoursegroup> -n <aciagentname> --image microsoft/vsts-agent --vnet-name <vnetname> --subnet <subnetname> --environment-variables VSTS_ACCOUNT=<vstsaccountname> VSTS_POOL=<vstspoolname> VSTS_TOKEN=<PAT> VSTS_AGENT=<Agent-Name></span><br></pre></td></tr></table></figure></p>
<p>After a while the agent should show up inside Azure DevOps.<br><img src="/images/AzureContainerImageVnetAzureDevOps/aciagentvsts.png" alt="agent inside Azure DevOps"></p>
<p>and inside of Azure<br><img src="/images/AzureContainerImageVnetAzureDevOps/aciagentazure.png" alt="agent inside Azure DevOps"></p>
</div>
<footer class="article-footer">
<a data-url="https://blog.sluijsveld.com/27/09/2018/AzureContainerImageVnetAzureDevOps/" data-id="ckv8aphbl0000ocssjuq3nw17" class="article-share-link">Share</a>
<a href="https://blog.sluijsveld.com/27/09/2018/AzureContainerImageVnetAzureDevOps/#disqus_thread" class="article-comment-link">Comments</a>
<ul class="article-tag-list" itemprop="keywords"><li class="article-tag-list-item"><a class="article-tag-list-link" href="/tags/azure/" rel="tag">azure</a></li><li class="article-tag-list-item"><a class="article-tag-list-link" href="/tags/azure-devops/" rel="tag">azure devops</a></li><li class="article-tag-list-item"><a class="article-tag-list-link" href="/tags/containers/" rel="tag">containers</a></li><li class="article-tag-list-item"><a class="article-tag-list-link" href="/tags/docker/" rel="tag">docker</a></li></ul>
</footer>
</div>
</article>
<article id="post-nginx502badgateway" class="article article-type-post" itemscope itemprop="blogPost">
<div class="article-meta">
<header class="article-header">
<a class="article-title" href="/03/04/2018/nginx502badgateway/">Solve Nginx bad gateway with Identity Server and Asp.Net Core on Kubernetes</a>
</header>
<time class="article-date" datetime="2018-04-03T14:00:00.000Z" itemprop="datePublished">03-04-2018</time>
</div>
<div class="article-inner">
<div class="article-entry" itemprop="articleBody">
<p>When deploying components on Kubernetes it is best practice to use Kubernetes Ingress as a way to control the traffic to your actual applications. One of the most popular components to use on Kubernetes for ingress is Nginx. My colleague Pascal Naber has written an excellent <a href="https://pascalnaber.wordpress.com/2017/10/27/configure-ingress-on-kubernetes-using-azure-container-service/" target="_blank" rel="noopener">Post</a> on how to configure Ingress using Nginx. However when you deploy Identity Server and a client web application that uses identity server it fails to do a proper login round trip. You are then presented with the following error<br><img src="/images/nginx502badgateway/502 bad.png" alt="502 Bad gateway">.</p>
<p>After some searching around it seems that the request is failing because the response from IdentityServer is to large for the default Nginx buffer size. These buffer sizes can be changes in the nginx.conf file. However because we were using the default nginx-ingress-controller docker image that wasn’t an easy fix. </p>
<p>There were two solutions for this problem:</p>
<ul>
<li>Create your own Nginx Ingress controller docker image with a modified nginx.conf</li>
<li>Pass in parameters to our Ingress controller using a Kubernetes configmap</li>
</ul>
<p>In this case we used an Kubernetes configmap to configure Nginx properly for the Identity Server responses. For Nginx as a reverse proxy to function properly with Identity Server add the following configmap.yaml:</p>
<figure class="highlight yaml"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br><span class="line">9</span><br><span class="line">10</span><br><span class="line">11</span><br><span class="line">12</span><br></pre></td><td class="code"><pre><span class="line"><span class="attr">kind:</span> <span class="string">ConfigMap</span></span><br><span class="line"><span class="attr">apiVersion:</span> <span class="string">v1</span></span><br><span class="line"><span class="attr">metadata:</span></span><br><span class="line"> <span class="attr">name:</span> <span class="string">nginx-configuration</span></span><br><span class="line"> <span class="attr">namespace:</span> <span class="string">ingress-nginx</span></span><br><span class="line"> <span class="attr">labels:</span></span><br><span class="line"> <span class="attr">app:</span> <span class="string">ingress-nginx</span></span><br><span class="line"><span class="attr">data:</span></span><br><span class="line"> <span class="attr">proxy-buffer-size:</span> <span class="string">"128k"</span></span><br><span class="line"> <span class="attr">proxy-buffers:</span> <span class="string">"4 256k"</span></span><br><span class="line"> <span class="attr">proxy-busy-buffers-size:</span> <span class="string">"256k"</span></span><br><span class="line"> <span class="attr">large-client-header-buffers:</span> <span class="string">"4 16k"</span></span><br></pre></td></tr></table></figure>
<p>You can find all the options for configuration on <a href="https://github.com/nginxinc/kubernetes-ingress/tree/master/examples/customization" target="_blank" rel="noopener">Nginx configuration</a>.</p>
<p>Make sure to replace any values with your own if you want to use this configmap. Deploy this configmap.yaml with </p>
<blockquote>
<p>kubectl apply -f configmap.yaml</p>
</blockquote>
<p>The only quirky thing is that you will have to restart your Nginx ingress pods to have them load in the new configuration. However, currently there is no restart option for pods. So you will have to a <strong><em>kubectl delete pod POD_NAME</em></strong>. If you have used the default options when deploying Ingress then Kubernetes will automagically restart your pods when you delete them. Now Nginx ingress runs with the new configuration.</p>
<h3 id="Addendum"><a href="#Addendum" class="headerlink" title="Addendum"></a>Addendum</h3><p>If you are deploying .NET Core applications in Kubernetes on Linux behind a reverse proxy such as Nginx then also make sure to configure your middleware correct. Instructions for that can be found at <a href="https://docs.microsoft.com/en-us/aspnet/core/host-and-deploy/linux-nginx?tabs=aspnetcore2x" target="_blank" rel="noopener">MS Docs</a>.</p>
</div>
<footer class="article-footer">
<a data-url="https://blog.sluijsveld.com/03/04/2018/nginx502badgateway/" data-id="ckv8aphbx000cocssnbr7vodp" class="article-share-link">Share</a>
<a href="https://blog.sluijsveld.com/03/04/2018/nginx502badgateway/#disqus_thread" class="article-comment-link">Comments</a>
<ul class="article-tag-list" itemprop="keywords"><li class="article-tag-list-item"><a class="article-tag-list-link" href="/tags/aspnetcore/" rel="tag">aspnetcore</a></li><li class="article-tag-list-item"><a class="article-tag-list-link" href="/tags/azure/" rel="tag">azure</a></li><li class="article-tag-list-item"><a class="article-tag-list-link" href="/tags/docker/" rel="tag">docker</a></li><li class="article-tag-list-item"><a class="article-tag-list-link" href="/tags/kubernetes/" rel="tag">kubernetes</a></li></ul>
</footer>
</div>
</article>
<article id="post-PrometheusMonitoring" class="article article-type-post" itemscope itemprop="blogPost">
<div class="article-meta">
<header class="article-header">
<a class="article-title" href="/23/11/2017/PrometheusMonitoring/">Monitoring Kubernetes with Prometheus and Grafana</a>
</header>
<time class="article-date" datetime="2017-11-23T06:54:11.000Z" itemprop="datePublished">23-11-2017</time>
</div>
<div class="article-inner">
<div class="article-entry" itemprop="articleBody">
<p>When running workloads on Kubernetes in Azure you probably want some insights in how your cluster and pods are behaving. In this blogpost I will setup Prometheus and Grafana to get a dashboard going. This post assumes you have a Kubernetes cluster running and configured kubectl to connect to it.</p>
<h3 id="Installing-Prometheus"><a href="#Installing-Prometheus" class="headerlink" title="Installing Prometheus"></a>Installing Prometheus</h3><p>Lets start with deploy the configuration for Prometheus using a config map using :</p>
<blockquote>
<p>kubectl create -f prometheus-config-map.yaml</p>
</blockquote>
<p>You can find the code for a example config file on <a href="https://github.com/cvs79/prometheus" target="_blank" rel="noopener">Github</a></p>
<p>Next we deploy Prometheus itself using a Kubernetes yaml file. Create a file named prometheus-deployment.yaml and paste in the following content</p>
<figure class="highlight yaml"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br><span class="line">9</span><br><span class="line">10</span><br><span class="line">11</span><br><span class="line">12</span><br><span class="line">13</span><br><span class="line">14</span><br><span class="line">15</span><br><span class="line">16</span><br><span class="line">17</span><br><span class="line">18</span><br><span class="line">19</span><br><span class="line">20</span><br><span class="line">21</span><br><span class="line">22</span><br><span class="line">23</span><br><span class="line">24</span><br><span class="line">25</span><br><span class="line">26</span><br><span class="line">27</span><br><span class="line">28</span><br><span class="line">29</span><br><span class="line">30</span><br><span class="line">31</span><br><span class="line">32</span><br></pre></td><td class="code"><pre><span class="line"><span class="attr">apiVersion:</span> <span class="string">extensions/v1beta1</span></span><br><span class="line"><span class="attr">kind:</span> <span class="string">Deployment</span></span><br><span class="line"><span class="attr">metadata:</span></span><br><span class="line"> <span class="attr">name:</span> <span class="string">prometheus-deployment</span></span><br><span class="line"><span class="attr">spec:</span></span><br><span class="line"> <span class="attr">replicas:</span> <span class="number">1</span></span><br><span class="line"> <span class="attr">template:</span></span><br><span class="line"> <span class="attr">metadata:</span></span><br><span class="line"> <span class="attr">labels:</span></span><br><span class="line"> <span class="attr">app:</span> <span class="string">prometheus-server</span></span><br><span class="line"> <span class="attr">spec:</span></span><br><span class="line"> <span class="attr">containers:</span></span><br><span class="line"> <span class="bullet">-</span> <span class="attr">name:</span> <span class="string">prometheus</span></span><br><span class="line"> <span class="attr">image:</span> <span class="string">prom/prometheus:v1.8.2</span></span><br><span class="line"> <span class="attr">args:</span></span><br><span class="line"> <span class="bullet">-</span> <span class="string">"-config.file=/etc/prometheus/prometheus.yml"</span></span><br><span class="line"> <span class="bullet">-</span> <span class="string">"-storage.local.path=/prometheus/"</span></span><br><span class="line"> <span class="attr">ports:</span></span><br><span class="line"> <span class="bullet">-</span> <span class="attr">containerPort:</span> <span class="number">9090</span></span><br><span class="line"> <span class="attr">volumeMounts:</span></span><br><span class="line"> <span class="bullet">-</span> <span class="attr">name:</span> <span class="string">prometheus-config-volume</span></span><br><span class="line"> <span class="attr">mountPath:</span> <span class="string">/etc/prometheus/</span></span><br><span class="line"> <span class="bullet">-</span> <span class="attr">name:</span> <span class="string">prometheus-storage-volume</span></span><br><span class="line"> <span class="attr">mountPath:</span> <span class="string">/prometheus/</span></span><br><span class="line"> <span class="attr">volumes:</span></span><br><span class="line"> <span class="bullet">-</span> <span class="attr">name:</span> <span class="string">prometheus-config-volume</span></span><br><span class="line"> <span class="attr">configMap:</span></span><br><span class="line"> <span class="attr">defaultMode:</span> <span class="number">420</span></span><br><span class="line"> <span class="attr">name:</span> <span class="string">prometheus-server-conf</span></span><br><span class="line"> </span><br><span class="line"> <span class="bullet">-</span> <span class="attr">name:</span> <span class="string">prometheus-storage-volume</span></span><br><span class="line"> <span class="attr">emptyDir:</span> <span class="string">{}</span></span><br></pre></td></tr></table></figure>
<p class="article-more-link">
<a href="/23/11/2017/PrometheusMonitoring/#more">Read More</a>
</p>
</div>
<footer class="article-footer">
<a data-url="https://blog.sluijsveld.com/23/11/2017/PrometheusMonitoring/" data-id="ckv8aphbu0009ocssc8kpsvbz" class="article-share-link">Share</a>
<a href="https://blog.sluijsveld.com/23/11/2017/PrometheusMonitoring/#disqus_thread" class="article-comment-link">Comments</a>
<ul class="article-tag-list" itemprop="keywords"><li class="article-tag-list-item"><a class="article-tag-list-link" href="/tags/azure/" rel="tag">azure</a></li><li class="article-tag-list-item"><a class="article-tag-list-link" href="/tags/docker/" rel="tag">docker</a></li><li class="article-tag-list-item"><a class="article-tag-list-link" href="/tags/grafana/" rel="tag">grafana</a></li><li class="article-tag-list-item"><a class="article-tag-list-link" href="/tags/kubernetes/" rel="tag">kubernetes</a></li><li class="article-tag-list-item"><a class="article-tag-list-link" href="/tags/prometheus/" rel="tag">prometheus</a></li></ul>
</footer>
</div>
</article>
<article id="post-DeployingDockerComposedAppOnServiceFabric" class="article article-type-post" itemscope itemprop="blogPost">
<div class="article-meta">
<header class="article-header">
<a class="article-title" href="/20/05/2017/DeployingDockerComposedAppOnServiceFabric/">Deploying a Docker Composed Application on Service Fabric</a>
</header>
<time class="article-date" datetime="2017-05-20T09:59:31.000Z" itemprop="datePublished">20-05-2017</time>
</div>
<div class="article-inner">
<div class="article-entry" itemprop="articleBody">
<p>Last week on the Build 2017 conference in Seattle Microsoft showed how they have added support for Docker compose to <a href="https://azure.microsoft.com/en-us/services/service-fabric" target="_blank" rel="noopener">Azure Service Fabric</a>. They demonstrated this on stage during a breakout session on day 2.</p>
<p>When you want to try this yourself the getting started is missing a lot of information. In this post, I will try to explain what you have to do to get this running.</p>
<p>First you have to make sure you deploy a Service Fabric cluster in Azure which meets the following prerequisites:</p>
<ul>
<li>Deployed on Windows Server 2016 Datacenter with Containers </li>
<li>Has fabric version 255.255.5713.255 or newer</li>
<li>Has DnsService deployed and enabled</li>
<li>Has port 80 opened on the loadbalancer</li>
</ul>
<p>After these requirements are met you can deploy a Docker composed application to this cluster using the Azure CLI.</p>
<h3 id="Creating-a-Cluster"><a href="#Creating-a-Cluster" class="headerlink" title="Creating a Cluster"></a>Creating a Cluster</h3><p>Let’s start with creating a cluster
<p class="article-more-link">
<a href="/20/05/2017/DeployingDockerComposedAppOnServiceFabric/#more">Read More</a>
</p>
</div>
<footer class="article-footer">
<a data-url="https://blog.sluijsveld.com/20/05/2017/DeployingDockerComposedAppOnServiceFabric/" data-id="ckv8aphbr0005ocssh8cz9sba" class="article-share-link">Share</a>
<a href="https://blog.sluijsveld.com/20/05/2017/DeployingDockerComposedAppOnServiceFabric/#disqus_thread" class="article-comment-link">Comments</a>
<ul class="article-tag-list" itemprop="keywords"><li class="article-tag-list-item"><a class="article-tag-list-link" href="/tags/azure/" rel="tag">azure</a></li><li class="article-tag-list-item"><a class="article-tag-list-link" href="/tags/docker/" rel="tag">docker</a></li><li class="article-tag-list-item"><a class="article-tag-list-link" href="/tags/service-fabric/" rel="tag">service fabric</a></li></ul>
</footer>
</div>
</article>
<article id="post-CustomSwaggerUIField" class="article article-type-post" itemscope itemprop="blogPost">
<div class="article-meta">
<header class="article-header">
<a class="article-title" href="/28/01/2016/CustomSwaggerUIField/">Adding a Authorization field to the Swagger UI</a>
</header>
<time class="article-date" datetime="2016-01-28T17:59:31.000Z" itemprop="datePublished">28-01-2016</time>
</div>
<div class="article-inner">
<div class="article-entry" itemprop="articleBody">
<blockquote>
<p><em>The code in this post is build using VS2015 and AspNetCore RC1</em></p>
</blockquote>
<p>Recently we have been looking at <a href="https://swagger.io" target="_blank" rel="noopener">Swagger</a> as a way to generate a meta data endpoint for our Web Api’s. You can easily do this by adding the <a href="https://www.nuget.org/packages/Swashbuckle/6.0.0-rc1-final" target="_blank" rel="noopener">Swashbuckle</a> NuGet packages to you solution.</p>
<h3 id="Setting-up-Swashbuckle"><a href="#Setting-up-Swashbuckle" class="headerlink" title="Setting up Swashbuckle"></a>Setting up Swashbuckle</h3><p>You start by adding the following packages to your package.json:<br><figure class="highlight"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br></pre></td><td class="code"><pre><span class="line">"Swashbuckle.SwaggerGen": "6.0.0-rc1-final"</span><br><span class="line">"Swashbuckle.SwaggerUi": "6.0.0-rc1-final"</span><br></pre></td></tr></table></figure></p>
<p class="article-more-link">
<a href="/28/01/2016/CustomSwaggerUIField/#more">Read More</a>
</p>
</div>
<footer class="article-footer">
<a data-url="https://blog.sluijsveld.com/28/01/2016/CustomSwaggerUIField/" data-id="ckv8aphbp0002ocssijn1l3d2" class="article-share-link">Share</a>
<a href="https://blog.sluijsveld.com/28/01/2016/CustomSwaggerUIField/#disqus_thread" class="article-comment-link">Comments</a>
<ul class="article-tag-list" itemprop="keywords"><li class="article-tag-list-item"><a class="article-tag-list-link" href="/tags/aspnetcore/" rel="tag">aspnetcore</a></li><li class="article-tag-list-item"><a class="article-tag-list-link" href="/tags/swagger/" rel="tag">swagger</a></li><li class="article-tag-list-item"><a class="article-tag-list-link" href="/tags/webapi/" rel="tag">webapi</a></li></ul>
</footer>
</div>
</article>
<article id="post-Windows10spotlight" class="article article-type-post" itemscope itemprop="blogPost">
<div class="article-meta">
<header class="article-header">
<a class="article-title" href="/26/01/2016/Windows10spotlight/">Windows 10 spotlight images as wallpaper</a>
</header>
<time class="article-date" datetime="2016-01-26T17:53:16.000Z" itemprop="datePublished">26-01-2016</time>
</div>
<div class="article-inner">
<div class="article-entry" itemprop="articleBody">
<p><img src="/images/windows10spotlight/spotlight.png" alt="Image of Windows 10 Lockscreen with Spotlight"><br>Do you also like these pictures on the Windows 10 lock screen. Well, you can easily use them as your new wallpaper.</p>
<h3 id="Manual-instructions"><a href="#Manual-instructions" class="headerlink" title="Manual instructions"></a>Manual instructions</h3><p>Go to the folder<br><figure class="highlight powershell"><table><tr><td class="gutter"><pre><span class="line">1</span><br></pre></td><td class="code"><pre><span class="line">[<span class="type">C</span>:\<span class="type">Users</span>\<<span class="type">user</span>>\<span class="type">AppData</span>\<span class="type">Local</span>\<span class="type">Packages</span>\<span class="type">Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy</span>\<span class="type">LocalState</span>\<span class="type">Assets</span>]</span><br></pre></td></tr></table></figure></p>
<p>There are the wallpapers located. Copy those files to your pictures directory and give them an JPG extension (make sure to turn View file name extensions on).<br>
<p class="article-more-link">
<a href="/26/01/2016/Windows10spotlight/#more">Read More</a>
</p>
</div>
<footer class="article-footer">
<a data-url="https://blog.sluijsveld.com/26/01/2016/Windows10spotlight/" data-id="ckv8aphbv000aocssixa3400v" class="article-share-link">Share</a>
<a href="https://blog.sluijsveld.com/26/01/2016/Windows10spotlight/#disqus_thread" class="article-comment-link">Comments</a>
<ul class="article-tag-list" itemprop="keywords"><li class="article-tag-list-item"><a class="article-tag-list-link" href="/tags/powershell/" rel="tag">powershell</a></li><li class="article-tag-list-item"><a class="article-tag-list-link" href="/tags/wallpaper/" rel="tag">wallpaper</a></li><li class="article-tag-list-item"><a class="article-tag-list-link" href="/tags/windows-10/" rel="tag">windows 10</a></li></ul>
</footer>
</div>
</article>
<article id="post-Hello-World" class="article article-type-post" itemscope itemprop="blogPost">
<div class="article-meta">
<header class="article-header">
<a class="article-title" href="/25/01/2016/Hello-World/">Hello World!</a>
</header>
<time class="article-date" datetime="2016-01-25T17:53:16.000Z" itemprop="datePublished">25-01-2016</time>
</div>
<div class="article-inner">
<div class="article-entry" itemprop="articleBody">
<p>This is my very first blog post on my new blog. Welcome!</p>
</div>
<footer class="article-footer">
<a data-url="https://blog.sluijsveld.com/25/01/2016/Hello-World/" data-id="ckv8aphbt0006ocss5eiq4l83" class="article-share-link">Share</a>
<a href="https://blog.sluijsveld.com/25/01/2016/Hello-World/#disqus_thread" class="article-comment-link">Comments</a>
<ul class="article-tag-list" itemprop="keywords"><li class="article-tag-list-item"><a class="article-tag-list-link" href="/tags/blog/" rel="tag">blog</a></li></ul>
</footer>
</div>
</article>
</section>
</div>
<footer id="footer">
<div class="outer">
<div id="footer-info" class="inner">
© 2021 Chris van Sluijsveld<br>
<a href="https://github.com/steven5538/hexo-theme-athena" target="_blank">Athena</a> by <a href="http://steven5538.tw" target="_blank">Steven5538</a> | Powered by <a href="http://hexo.io/" target="_blank">Hexo</a>
</div>
</div>
</footer>
</div>
<script>
var disqus_shortname = 'blogsluijsveld';
(function(){
var dsq = document.createElement('script');
dsq.type = 'text/javascript';
dsq.async = true;
dsq.src = '//go.disqus.com/count.js';
(document.getElementsByTagName('head')[0] || document.getElementsByTagName('body')[0]).appendChild(dsq);
})();
</script>
<script src="//ajax.googleapis.com/ajax/libs/jquery/2.0.3/jquery.min.js"></script>
<link rel="stylesheet" href="/fancybox/jquery.fancybox.css">
<script src="/fancybox/jquery.fancybox.pack.js"></script>
<script src="/js/script.js"></script>
</div>
</body>
</html>