Deploying a Kubernetes Cluster on Azure Stack fails

I just finished updating my Azure Stack ASDK to the latest 1901 version. Before the upgrade I was messing around with the Kubernetes cluster offering, and I wanted to get that added back to my ASDK now that I’ve performed the update. I rushed through the process, and of course got an error. And that error was not very helpful. Just in case you’re like me, and missed a step in the setup for K8s on Azure Stack, here are the various error messages and the solution.

The TL;DR? Add the Service Principal you created for K8s as a Contributor on the subscription the cluster will be running in.

You’re welcome.

Continue reading “Deploying a Kubernetes Cluster on Azure Stack fails”

Day Two Cloud Podcast Launched

In case you didn’t notice, the Day Two Cloud podcast has officially launched! Big thanks to Tim Warner and Kenny Lowe for being the guests in the first two episodes! There is a lot more great content coming. I’ve got ten more episodes already recorded, and two more scheduled. If I stick to a fortnightly schedule for publishing, that should take me through July. That is pretty ridiculous!!! Needless to say that I am already considering moving to a weekly schedule.

I’ve had a few people ask me about where the podcast is hosted, what topics I might be interested in, and what my process is for publishing. The process for recording and publishing is a whole post unto itself, but I can address the other two topics here.

Continue reading “Day Two Cloud Podcast Launched”

Using Azure Active Directory Authentication with HashiCorp Vault – Part 2

This is the second and probably final post in this series. If you haven’t read the first post I would highly recommend it. When we last left our erstwhile heroes, they had successfully setup the Azure authentication method on a Vault server and created a policy associated with a role in the Azure auth method. The policy grants access to a key-value store called webkv. Now comes the fun part, how does an Azure VM go about using the Azure auth method to access the secrets stored in webkv? So glad you asked!

Continue reading “Using Azure Active Directory Authentication with HashiCorp Vault – Part 2”

Using Azure Active Directory Authentication with HashiCorp Vault – Part 1

I am currently working on a Getting Started course for HashiCorp’s Vault product. There was a pretty cool demo I put together for using Azure AD as an authentication source for Vault, but unfortunately I had to cut it for sake of time. I didn’t want it to go to waste though; so I figured I’d write about it here instead. Here’s what we’re going to do. Use the Managed Service Identity feature in Azure to give an Azure VM permissions to access secrets in Vault. This is the sort of thing that could be applied to anything that can receive an MSI in Azure, including App Service, Functions, VMSS, and more!

Continue reading “Using Azure Active Directory Authentication with HashiCorp Vault – Part 1”

Some helper scripts for Azure Stack Development Kit

Not too long ago, I got a DL380 Gen10 from HPE to deploy the Azure Stack Development Kit. I had been limping along with a couple Frankstein systems running on Gen8 and Gen9 hardware. They had slow disks, not enough storage, and not enough RAM. This new beast has 384GB of RAM, 20 cores, and SSDs for the OS disk. Basically it’s awesome, and I am a very happy nerd. Since the early days of the ASDK, when it was just a little Technical Preview, there have appeared a growing library of scripts to help with the deployment of the ASDK. Since I am deploying the latest version today (1811), I thought it might be a good idea to share some helper scripts I put together to make the process a bit faster.

Continue reading “Some helper scripts for Azure Stack Development Kit”