Пікірлер
@krishnavatsavai927
@krishnavatsavai927 5 ай бұрын
Hi Would like to know if there is a way we can configure the Distingushed names as per the organization needs? Will the ACME bot be able to reconfigure that?
@unitedKR
@unitedKR 6 ай бұрын
So this is Azure application gateway ingress controller with the k8s ingress controller:ngnix type? Dual ingress to cover all security ?
@KDR-Music
@KDR-Music 7 ай бұрын
Nice video!
@HenryLeu
@HenryLeu 8 ай бұрын
My issue is: When I type mvn deploy, it does not look for the dependency in the .m2 local folder. Instead, it looks for the Azure's Artifacts. But Azure Artifacts right now has no JAR file. So it gives me an error saying that no dependency found.
@HenryLeu
@HenryLeu 8 ай бұрын
where is your settings.xml located? Is it in the Azure Devops server?
@GB-xk5zt
@GB-xk5zt 11 ай бұрын
You, sir, are a hidden treasure!
@nirmesh44
@nirmesh44 Жыл бұрын
Brilliant
@azzuasshumasti
@azzuasshumasti Жыл бұрын
Hi Thanks for this great video it's really very useful. could you please also guide me how upload the maven artifacts of project1 into jFrog & download from it jFrog to build project2.
@genesiscarsale1021
@genesiscarsale1021 Жыл бұрын
Great video, help me a lot!!!
@mohamedelgaby3549
@mohamedelgaby3549 Жыл бұрын
Amazing explanation! Can I have multiple ingresses for two different webapps for the same AGIC? so eventually I would have one external IP which is the AppGW IP?
@MohitSoniwal-u4u
@MohitSoniwal-u4u Жыл бұрын
This videos is going to be a short one............ proceeds with half hour video 😂😂, but a great informative video.
@ZoomSpeaksTech
@ZoomSpeaksTech Жыл бұрын
😁 glad you liked it. You can also guess how most of meetings go 😂
@DChristop
@DChristop Жыл бұрын
Nice video, nice work. Thanks a lot!
@kingsadmin
@kingsadmin Жыл бұрын
nice one! thanks!
@VCSekharParepalli
@VCSekharParepalli Жыл бұрын
Awesome wording, scripts, content and pace.
@ZoomSpeaksTech
@ZoomSpeaksTech Жыл бұрын
Much appreciated!
@king-cog
@king-cog Жыл бұрын
Fantastic! Well done for this.
@anselmos_brain
@anselmos_brain Жыл бұрын
lol this is too clear than I👌 thought
@nagasatishvadlamuri8486
@nagasatishvadlamuri8486 Жыл бұрын
hi very use full session which is so help to me.. And please let me know to we App gateway load balancer in ingress file using App service custom managed wildcard certificate purchased from Azure and i stored in Azure key vault . how we use that certificate in ingress file in aks cluster
@ZoomSpeaksTech
@ZoomSpeaksTech Жыл бұрын
Sure, here is a guide on how to do that: azure.github.io/application-gateway-kubernetes-ingress/features/appgw-ssl-certificate/
@mariusschumann6075
@mariusschumann6075 Жыл бұрын
Video was super helpfull!💯
@kennethrodrigues328
@kennethrodrigues328 Жыл бұрын
Excellent. You explained in a very simple language
@ramallways6321
@ramallways6321 Жыл бұрын
Then its created an secrets in k8s cluster, then it's mean there is no encrypt here, because k8s secret just encode and decode using base64. Now there is no point to use this one, I'm guess.
@br0nhy
@br0nhy Жыл бұрын
I found this type of AKS setup unsatisfying. If you kill a pod and simulate some sort of application panic or crash the information about this is not transmitted to the app gateway instantly. It takes several seconds for the app gateway ingress controller to transfer this information over azure resource manger so it can reconfigure the app gateway to inform him that the pod is gone. During this time you will get many more 500 errors then you would with a standard ingress controller setup. Would love to hear your feedback on this.
@sapnandu
@sapnandu Жыл бұрын
Thanks for publishing this tutorial. I have configured it in the same way but somehow it's showing a bad gateway error. Could you please help me to fix it. Please share your email I will post you the issue.
@michaeljimma3913
@michaeljimma3913 Жыл бұрын
Excellent work. I loved it.
@namithcc
@namithcc 2 жыл бұрын
Hello, Thank you for teh video. Could you please share the nginx and basic ingress yaml please
@ZoomSpeaksTech
@ZoomSpeaksTech 2 жыл бұрын
Link to blog post with all code snippets: zoomspeaks.tech/publishing-aks-with-agic
@musj.4067
@musj.4067 2 жыл бұрын
One of the best explanations I've seen on this topic, straight to the point. Many thanks
@ramanmama
@ramanmama 2 жыл бұрын
Excellent tutorials! Thanks for the efforts
@Anonymous-tk6pm
@Anonymous-tk6pm 2 жыл бұрын
This is very helpful. Thanks for your effort sharing your knowledge. I did notice that I didn't need to add CORS for custom domain for custom html page. It straightaway worked for me. Any suggestion of rewriting long url to some short one?
@ZoomSpeaksTech
@ZoomSpeaksTech 2 жыл бұрын
That is weird. CORS must be configured in case you are using custom html. Are you sure the policy you ran wasn't just using a default ui? What do you mean by rewriting url?
@Anonymous-tk6pm
@Anonymous-tk6pm 2 жыл бұрын
@@ZoomSpeaksTech I'm using custom policies and not user flows. From rewriting url means providing a short url which translates to original b2c url with policy name and other parameters. Maybe I'm thinking something wrong and which is not logically possible.
@ZoomSpeaksTech
@ZoomSpeaksTech 2 жыл бұрын
@@Anonymous-tk6pm Oh I got it. So you can use Front Door's Url Rewrite feature. That should work: learn.microsoft.com/en-us/azure/frontdoor/front-door-url-rewrite?pivots=front-door-standard-premium
@tayoadaraloye
@tayoadaraloye 2 жыл бұрын
Amazing tutorial
@mkeii
@mkeii 2 жыл бұрын
gosh kubernetes can be so verbose sometimes. this is neat, but everytime i have a new secret, i have to update: 1. the deployment, 2. the secretproviderclass parameters.objects, 3. the secretproviderclass secretobjects 😓
@ZoomSpeaksTech
@ZoomSpeaksTech 2 жыл бұрын
I agree. You can automate everything, but at some point it would be overkill to build something that serves no specific function other than to overcome verbosity. Which is why sometimes I prefer my apps to grab their own secrets whenever possible and absolve kubernetes of having to manage that. Keyvault integration can be easily done on most languages from the app code itself. The app merely needs a managed identity to be able to grab it.
@alkanandaappala3877
@alkanandaappala3877 2 жыл бұрын
How to connect maven repository with azure artifact feed, any suggestion please
@faisalabdi6350
@faisalabdi6350 2 жыл бұрын
جزاك الله خيرا يا اخي الكريم. لا توقف علشان نستفيد من خبرتك.
@Mr43123
@Mr43123 2 жыл бұрын
Well explained !
@alkanandaappala3877
@alkanandaappala3877 2 жыл бұрын
This vedio helped a lot to me! Great explanation , want more vedios from you.
@alkanandaappala3877
@alkanandaappala3877 2 жыл бұрын
Please continue to do vedios on azure devops regarding yaml pipeline for java code
@raghur5678
@raghur5678 2 жыл бұрын
Hello Sir, i created a nuget.config file in azuredevops pipeline and the packages are getting downloaded , but with that same nuget.config file the Developers also need to use to Download the Pacakges in VIsual Studio, how can i achive this. Presently i have given accces to download the packages by Creating a group and given permission as a contributor in AZURE ARTIFACTS, so thats how they are able to download the packages.
@ZoomSpeaksTech
@ZoomSpeaksTech 2 жыл бұрын
Apologies Raghu, I haven’t actually done this with nuget before.
@raghur5678
@raghur5678 2 жыл бұрын
@@ZoomSpeaksTech ok fine.. just i came to know that with Azure Artifacts Credentials we can do it.. like we can give access to the Developers of the Private Artifact Feeds, but getting confused with that , how to implement.
@raghur5678
@raghur5678 2 жыл бұрын
and any idea how to Send Test Results EMail Notification to a Developer via Send Grid. Thanks for the Reply
@ZoomSpeaksTech
@ZoomSpeaksTech 2 жыл бұрын
@@raghur5678 you can use this task: marketplace.visualstudio.com/items?itemName=kasunkodagoda.sendgrid-email Another alternative is to talk to the SendGrid API directly via an API call
@raghur5678
@raghur5678 2 жыл бұрын
@@ZoomSpeaksTech but i couldnt find how to send TEST report results via mail through send Grid.. :( or URL
@gousiashaik3819
@gousiashaik3819 2 жыл бұрын
How to upgrade tls/ssl version in azure cosmos DB I.e i have present tls1. 0..,I need tls 1.2
@mehmetcolgecen9533
@mehmetcolgecen9533 2 жыл бұрын
it is a good one, really enjoyed the explanations, keep going!!!
@devopsengineer1798
@devopsengineer1798 2 жыл бұрын
Make me ur deciple
@jonathh14
@jonathh14 2 жыл бұрын
I've just found this - its great. I don't suppose you have one on how to set the JRE if you require one that isn't on the agent already, do you?
@ZoomSpeaksTech
@ZoomSpeaksTech 2 жыл бұрын
I suppose you can run whatever commands u need to setup the JRE as you want it prior compilation. That could be anything including uninstalling/installing a specific JRE version and setting up whatever settings u need. All the tasks are going to run on the same disposable agent. Or you can use a pre-setup agent using ur own machines or vmss. I have posted another video on this topic.
@THIAGOMARTINS-fx8pm
@THIAGOMARTINS-fx8pm 2 жыл бұрын
Amazing video tks a lot !
@ihsanizwer
@ihsanizwer 2 жыл бұрын
Great tutorial. Thank you
@kaunainbaig8981
@kaunainbaig8981 2 жыл бұрын
jwt token giving invalid token error on deploying to azure web app but not working on localhost? what might be the reason
@ZoomSpeaksTech
@ZoomSpeaksTech 2 жыл бұрын
Hi Kaunain, can you please be a little more specific? Which scenario are you trying to accomplish?
@kaunainbaig8981
@kaunainbaig8981 2 жыл бұрын
@@ZoomSpeaksTech It validated jwt token in weatherforecast with postman with localhost but when i uploaded the same weatherforecast app in azure and replaced the azure web app url with localhost it give 401 unauthorized error
@ahmedtheba3808
@ahmedtheba3808 2 жыл бұрын
In all of the various options we still end up with a credential on disk/mount in clear or Base 64 encoded form. There is no protection of the secret if the container is breached. All that we have done is cleaned up the code and pipelines from being littered with secrets.
@ZoomSpeaksTech
@ZoomSpeaksTech 2 жыл бұрын
That’s true. And there is no way around it except if you take the time/effort to write code in your application to try and grab its own secrets from Key Vault using its managed identity.
@jgps96
@jgps96 2 жыл бұрын
How Artifacts choose which dependencies cached from maven central?, because you have many dependencies but just a few are cached (like junit and hamcrest Minute: 29), for example, If we have Az DevOps Server and just Artifacts has permissions to go out to Maven central, and our clients just use Azure Artifacts not directly internet, we need to cache all the dependencies from Maven Central in Azure Artifacts
@ZoomSpeaksTech
@ZoomSpeaksTech 2 жыл бұрын
I think your agents will still require internet access or at least proxy access to the Azure Artifacts. I do not think there is a mechanism which allows you to cache them locally. Maybe Azure DevOps Server (the on-prem version of ADO) will allow you to do so but I am not an expert on it.
@aghapymikhail7386
@aghapymikhail7386 2 жыл бұрын
i have a small issue i found the feed is empty is that related to maven token definition ?
@kadabaraghu
@kadabaraghu 2 жыл бұрын
i am using the serviceproviderclass as per the directions , its creating the secertproviderclass but its not creating the secret , when i query for kubectl get secrets i dont dind them there , could you please let me know what could be wrong or is there any additional step i need to follow , int his example you create the secrets in prior should we do the same ???
@ZoomSpeaksTech
@ZoomSpeaksTech 2 жыл бұрын
No, the secret should be created for you. If it is not then there is probably a permission issue somewhere. Check the logs of the secrets provider containers and it might point you somewhere.
@ironfrogclark
@ironfrogclark 2 жыл бұрын
Hi Sir, good morning, would like to check if we can also use the cert-manager in this method, maybe you have some simple flow that we can replicate. thanks :)
@ZoomSpeaksTech
@ZoomSpeaksTech 2 жыл бұрын
I do not have any experience with cert-manager yet. I am not sure whether it supports key-vault.
@alisyed9240
@alisyed9240 2 жыл бұрын
If the secret volumes are still mounted inside the container. Does it mean that password would still be in clear text and we can simply read the password file?
@ZoomSpeaksTech
@ZoomSpeaksTech 2 жыл бұрын
Yes indeed, if you want an additional layer of security then you can encrypt it and decrypt it using your app.
@alisyed9240
@alisyed9240 2 жыл бұрын
@@ZoomSpeaksTech would other solutions like hashicorp vault do the same thing like mount secret volumes with password in plain text or they will at least automatically encrypt it?
@ZoomSpeaksTech
@ZoomSpeaksTech 2 жыл бұрын
They work exactly the same. If this bothers you, the other option is to write code to extract secrets from a secure vault like Azure Key Vault in your app.
@kkupadhyay5108
@kkupadhyay5108 2 жыл бұрын
Hi bro , i have a question , why we have not specified redirect uri for backend api in app registration , how token end point gonna recognize where to pass the token if redirect uri is not there for backend api? You have put client id in backen api code that looks good but is that enough?
@ZoomSpeaksTech
@ZoomSpeaksTech 2 жыл бұрын
Timestamp?
@kkupadhyay5108
@kkupadhyay5108 2 жыл бұрын
@@ZoomSpeaksTech this is a question i have , like why you have not specified redirect uri in app register for api in azure ad , is this not necessary
@ZoomSpeaksTech
@ZoomSpeaksTech 2 жыл бұрын
I did later on here: kzbin.info/www/bejne/gIWuoaikhdWMn5om47s and here: kzbin.info/www/bejne/gIWuoaikhdWMn5om55s Depending on the scenario you set the proper redirect uri. Client Credentials workflow however does not need a redirect url, as it is just a request/response to the token endpoint.
@kkupadhyay5108
@kkupadhyay5108 2 жыл бұрын
@@ZoomSpeaksTech yup bro you have the redirect uri for APIM app ,but i have seen articles as well where no one is putting redirect uri for API , everyone one puttinh redirect uri for APIM
@ZoomSpeaksTech
@ZoomSpeaksTech 2 жыл бұрын
APIs generally validate tokens, not issue them. There need not be a redirect uri for that.
@vipham6732
@vipham6732 2 жыл бұрын
hi Helsabini, I got this error when create Agic. Any idea form you pls? {"error":{"code":"InvalidTemplateDeployment","message":"The template deployment 'ag_deploy_CH72M7xFXCjStfrsYAbGJ8TkrFFT6WAl' is not valid according to the validation procedure. The tracking id is '6130faf9-f909-4513-b3a6-d24106e9b0b2'. See inner errors for details.","details":[{"code":"ApplicationGatewayRequestRoutingRulePriorityCannotBeEmpty","message":"Priority for the request routing rule /subscriptions/bf70bc9a-d03e-4725-85a7-ba059e05fdef/resourceGroups/helshabini-gw/providers/Microsoft.Network/applicationGateways/helshabini-gw/requestRoutingRules/rule1 cannot be empty. All request routing rules should have a priority defined starting from api-version 2021-08-01","details":[]}]}