Azure Machine Learning Terminal Instance HTTP Access Disruption
Hello everyone, our Azure workspace terminal instance (e.g., https://xxxxxx.eastus.inference.ml.azure.com/score) suddenly became inaccessible via HTTP at 9:30 AM on September 6th. Prior to this incident, we were able to call it normally. We are using a…
AKS NAP (preview) not working
Hi, I followed the NAP tutorial after making sure the prerequisites are fulfilled (as shown in the pictures) and I'm getting the below message: ➜ ~ kubectl get nodeclaim NAME TYPE ZONE NODE READY …
Abnormal Cost for Log Analytics
We have seen a significant increase in infrastructure costs related to the valero and mdsd component log. The containers of these components have inserted hundreds of thousands of entries with a log level debug and info. We have taken steps to mitigate…
How to configure the egress of pods for connecting to other Azure services through their private endpoints?
For reference, our organization's Azure account is being managed by a 3rd-party who specialized on security. I was given a limited access to our AKS clusters that are newly created. I'm not sure how much they changed it from the default configuration.…
can't create a storage share through kubernetes file.csi.azure.com
I am trying to create a fileshare through Kubernetes using the file.csi.azure.com storage class here is an example -- kind: StorageClass apiVersion: storage.k8s.io/v1 metadata: name: azurefile-<NAMESPACE> provisioner:…
What are best security best practices to connect AKS with SQL Server?
Hi, I have an AKS cluster on Azure and one of the pod is connecting to the SQL server, the SQL server is also being consumed by a function app. I dont want my SQL server to be exposed publicly, and I know private endpoint can be used between function app…
AGIC service health probe by default goes to default probe eventhough I define the Ingress rules
I am using AGIC for my cluster. Recently I am observing the behaviour of health probe for each service we deployed is getting added to default probe in app gateway instead of creating a new one. Initially I thought problem with specific namespace but…
Does Spark pool on Azure Synapse Analytics run on AKS?
Hello, Could you let us know whether Spark on Auzre Synapse Analytics run on AKS (Azure Kubernetes Service) or not? Thanks
Why I am getting AKS security recomendation even I have definied in deployment YAML: Container CPU and memory limits should be enforced
I am running a deployment in AKS cluster and below is my YAML where I have clearly defined cpu/memory request and limit. Question is why I am getting AKS security recommendation : Container CPU and memory limits should be enforced ? apiVersion:…
How to hide a Response Server Header from a python application deployed in AKS as service?
Hello, I have my Python flask application running in AKS as a service. I want to hide the server information that is visible in Response headers under Server header. Application specific changes are not working when deployed on AKS. Please suggest ways…
Problem with managed Prometheus and AKS
When starting a new AKS Cluster and enabling the managed Prometheus option I get the following result: Following the https://zcusa.951200.xyz/en-us/azure/azure-monitor/containers/prometheus-metrics-troubleshoot guide, all seems to be working but no…
Hitting AKS Kubernetes API with an AD app
Is there a way to use an AD app (app-id, secret, subscription) to authenticate with the Kubernetes API via HTTPS to get cluster's information without using azure cli? (like nodes, nodes configuration, roles, etc)
How to recreate certitifcate for azure hci AKS worker node ?
Hello, Can anyone provide the steps to generate a certificate for Kubelet? The AKS HCI worker node is in a "NotReady" state because Kubelet is not running. The Kubelet logs show the following error :moc-lhylsw0kus0 kubelet[1514068]:…
How to enable private endpoint between AKS and Azure SQL & Key Vault
Hi I am using AKS on Azure which is communicating with Azure SQL and Key Vault, I want that I disable public access and only use private endpoint but, when I enable private endpoint on SQL I cant see VNet of AKS in the list, same goes for Key Vault as…
PDB issue while draining the nodes
What is the problem with this config. Whenever I run kubectl drain <node> this error is coming: "Cannot evict pod as it would violate the pod's disruption budget". I can clearly see that 3 pods are created on 3 different nodes. Now while…
Insufficient privileges to complete the operation when trying to create Service Principle
Hi, I'm trying to create a Service Principle to use Terraform to create and manage my AKS. I'm successfully logged in to Azure CLI and can list all the subscriptions and resources. My issue starts when I'm trying to use the next cli…
Unable to reach the api server.
Hello Who could help me with a problem that I am having when trying to visualize the Pods within the AKS cluster. I clarify that I am logging within the corresponding VPN, that my Azure user is Owner of the Tenant and that he has all the roles to be able…
How to trace network latency from my AKS to VM in the same network
Hi there, We have our services running on AKS and we have one of our middlewares on Azure Virtual machine, they connect to each other through Virtual Network, I occasionally see very high latencies during these as high as few seconds for bytes of data.…
Inbound rule for agentpool (aks-nodepool) via ARM template
How can I add a inbound rule to NSG of VMSS, attached to network Interface via ARM template?
AKS Ingress Controller not accessible from external network despite correct configuration
I'm encountering an issue with my Azure Kubernetes Service (AKS) cluster where I can't access my application through the Ingress Controller from the external network, despite seemingly correct configuration. Here are the details: Environment: AKS…