For a customer that is developing a microservices application, the proposed architecture contains two Kubernetes ingresses: internal ingress: exposed via an Azure internal load balancer, deployed in a separate subnet in the customer’s VNET; no need for SSL external ingress: exposed via an external load balancer; SSL via Let’s Encrypt The internal ingress exposes API … Continue reading “Quick Tip: deploying multiple Traefik ingresses”
In some of my previous posts, I talked about Azure Front Door and Web Application Firewall policies to protect a workload like one or more APIs running on Kubernetes or App Service. Although I enabled the Web Application Firewall policies, I did not show what happens when the rules are triggered. Let’s take a look … Continue reading “Inspecting Web Application Firewall logs”
In the previous post, we looked at API Management with Kong and the Kong Ingress Controller. We did not care about security and exposed a sample toy API over a public HTTP endpoint that also required an API key. All in the clear, no firewall, no WAF, nothing… 👎👎👎 In this post, we will expose … Continue reading “Securing your API with Kong and CloudFlare”
We recently had to deploy an Angular application to Kubernetes in three different environments: development, acceptance and production. The application is not accessed via the browser directly. Instead, it’s accessed via a Microsoft Office add-in. The next sections will provide you with some tips to make this work. In practice, I do not recommend hosting … Continue reading “Hosting an Angular app in Kubernetes”
baeke.info 