Post Overview

  • Quick Tip: deploying multiple Traefik ingresses

    Quick Tip: deploying multiple Traefik ingresses

    For a customer that is developing a microservices application, the proposed architecture contains two Kubernetes ingresses: internal ingress: exposed via an Azure internal load balancer, deployed in a separate subnet in the customer’s VNET; no need for SSL external ingress: exposed via an external load balancer; SSL via Let’s Encrypt The internal ingress exposes API Read more

  • Inspecting Web Application Firewall logs

    Inspecting Web Application Firewall logs

    In some of my previous posts, I talked about Azure Front Door and Web Application Firewall policies to protect a workload like one or more APIs running on Kubernetes or App Service. Although I enabled the Web Application Firewall policies, I did not show what happens when the rules are triggered. Let’s take a look Read more

  • Azure Front Door and multi-region deployments

    Azure Front Door and multi-region deployments

    In the previous post, we looked at publishing and securing an API with Azure Front Door and Azure Web Application Firewall. The API ran on Kubernetes, exposed by Kong and Kong Ingress Controller. Kong was configured to require an API key to call the /users API, allowing us to identify the consumer of the API. Read more

  • Publishing and securing your API with Kong and Azure Front Door

    Publishing and securing your API with Kong and Azure Front Door

    In the post, Securing your API with Kong and CloudFlare, I exposed a dummy API on Kubernetes with Kong and published it securely with CloudFlare. The breadth of features and its ease of use made CloudFlare a joy to work with. It didn’t take long before I got the question: “can’t you do that with Azure Read more

  • Securing your API with Kong and CloudFlare

    Securing your API with Kong and CloudFlare

    In the previous post, we looked at API Management with Kong and the Kong Ingress Controller. We did not care about security and exposed a sample toy API over a public HTTP endpoint that also required an API key. All in the clear, no firewall, no WAF, nothing… 👎👎👎 In this post, we will expose Read more

  • API Management with Kong Ingress Controller on Kubernetes

    API Management with Kong Ingress Controller on Kubernetes

    In previous posts, I wrote about Azure API Management in combination with APIs hosted on Kubernetes: API Management with private APIs: requires API Management with virtual network integration because the APIs are reachable via an internal ingress on the Azure virtual network; use the premium tier 💰💰💰 API Management with public APIs: does not require Read more