Deploying an ARM template hierarchy

ARM templates are a powerful way to deploy Azure resources.

It’s a declarative language which express the target state. It can therefore be used to create or update resources.

An ARM template is a JSON file. Once a target is big enough it becomes convenient to split the ARM template into multiple files....

Multiple Service Endpoints to multiple services

Use case: I have a central thingy that needs to talk to a service protected by a service endpoints (e.g. storage account, Azure SQL DB, Azure Maria DB, etc.). That service is also accessible to another compute in other Virtual Networks.

Is that possible?

Just to make it a little more concrete, let’s...

Requests vs Limits in Kubernetes

Kubernetes doesn’t know what resources (i.e. CPU & memory) your container needs. That is why you must give it some hints.

If you run way under capacity and / or fairly similar pods, you do not need to do that. But if you start approaching the maximum capacity of your cluster or if you...

API Management exclusive access to Azure Function

[Update 05-04-2019: Erratum on the original article. Logic Apps is actually able to perform public IP filering.]

Azure API Management acts as a front door to your APIs.

Typically, we do not want users / apps to be able to access the underlying APIs directly since that would bypass the API Management policies,...

Testing outbound connections in AKS-Kubenet and ACI

What happens if a pod in AKS initiates a connection with a private endpoint? Which private IP address does the outbound connection uses?

This is relevant for a private IP inside the same VNET, a peered VNET or an IP accessible via a VPN or Express Route.

In general, the private IP of the...