Post Overview

  • Token checking at the API Management layer

    In the previous blog post, I talked about the OAuth client credentials flow and how to implement it with Azure Active Directory. At the end of the post, I briefly talked about the need to validate the token in either your application or an intermediary layer. In this post, we will take a look at Read more

  • Using the OAuth Client Credentials Flow

    I often get questions about protecting applications like APIs using OAuth. I guess you know the drill: you have to obtain a token (typically a JWT or JSON Web Token) the client submits the token to your backend (via a Authorization HTTP header) the token needs to be verified (do you trust it?) you need Read more

  • Giving linkerd a spin

    Giving linkerd a spin

    A while ago, I gave linkerd a spin. Due to vacations and a busy schedule, I was not able to write about my experience. I will briefly discuss how to setup linkerd and then deploy a sample service to illustrate what it can do out of the box. Let’s go! Wait! What is linkerd? linkerd Read more

  • Azure SQL Database High Availability

    Azure SQL Database High Availability

    Creating a SQL Database in Azure is a simple matter: create the database and server, get your connection string and off you go! Before starting though, spend some time thinking about the level of high availability (HA) that you want: What is the required level of HA within the deployment region (e.g. West Europe)? Do Read more

  • Exposing a local endpoint to the Internet with inlets

    A while ago, I learned about inlets by Alex Ellis. It allows you to expose an endpoint on your internal network via a tunnel to an exit node. To actually reach your internal website, you navigate to the public IP and port of the exit node. Something like this: Internet user –> public IP:port of Read more

  • Deploy AKS and Traefik with an Azure DevOps YAML pipeline

    Deploy AKS and Traefik with an Azure DevOps YAML pipeline

    This post is a companion to the following GitHub repository: https://github.com/gbaeke/aks-traefik-azure-deploy. The repository contains ARM templates to deploy an AD integrated Kubernetes cluster and an IP address plus a Helm chart to deploy Traefik. Traefik is configured to use the deployed IP address. In addition to those files, the repository also contains the YAML pipeline, Read more