Hi Would like to know if there is a way we can configure the Distingushed names as per the organization needs? Will the ACME bot be able to reconfigure that?
@unitedKR6 ай бұрын
So this is Azure application gateway ingress controller with the k8s ingress controller:ngnix type? Dual ingress to cover all security ?
@KDR-Music7 ай бұрын
Nice video!
@HenryLeu8 ай бұрын
My issue is: When I type mvn deploy, it does not look for the dependency in the .m2 local folder. Instead, it looks for the Azure's Artifacts. But Azure Artifacts right now has no JAR file. So it gives me an error saying that no dependency found.
@HenryLeu8 ай бұрын
where is your settings.xml located? Is it in the Azure Devops server?
@GB-xk5zt11 ай бұрын
You, sir, are a hidden treasure!
@nirmesh44 Жыл бұрын
Brilliant
@azzuasshumasti Жыл бұрын
Hi Thanks for this great video it's really very useful. could you please also guide me how upload the maven artifacts of project1 into jFrog & download from it jFrog to build project2.
@genesiscarsale1021 Жыл бұрын
Great video, help me a lot!!!
@mohamedelgaby3549 Жыл бұрын
Amazing explanation! Can I have multiple ingresses for two different webapps for the same AGIC? so eventually I would have one external IP which is the AppGW IP?
@MohitSoniwal-u4u Жыл бұрын
This videos is going to be a short one............ proceeds with half hour video 😂😂, but a great informative video.
@ZoomSpeaksTech Жыл бұрын
😁 glad you liked it. You can also guess how most of meetings go 😂
@DChristop Жыл бұрын
Nice video, nice work. Thanks a lot!
@kingsadmin Жыл бұрын
nice one! thanks!
@VCSekharParepalli Жыл бұрын
Awesome wording, scripts, content and pace.
@ZoomSpeaksTech Жыл бұрын
Much appreciated!
@king-cog Жыл бұрын
Fantastic! Well done for this.
@anselmos_brain Жыл бұрын
lol this is too clear than I👌 thought
@nagasatishvadlamuri8486 Жыл бұрын
hi very use full session which is so help to me.. And please let me know to we App gateway load balancer in ingress file using App service custom managed wildcard certificate purchased from Azure and i stored in Azure key vault . how we use that certificate in ingress file in aks cluster
@ZoomSpeaksTech Жыл бұрын
Sure, here is a guide on how to do that: azure.github.io/application-gateway-kubernetes-ingress/features/appgw-ssl-certificate/
@mariusschumann6075 Жыл бұрын
Video was super helpfull!💯
@kennethrodrigues328 Жыл бұрын
Excellent. You explained in a very simple language
@ramallways6321 Жыл бұрын
Then its created an secrets in k8s cluster, then it's mean there is no encrypt here, because k8s secret just encode and decode using base64. Now there is no point to use this one, I'm guess.
@br0nhy Жыл бұрын
I found this type of AKS setup unsatisfying. If you kill a pod and simulate some sort of application panic or crash the information about this is not transmitted to the app gateway instantly. It takes several seconds for the app gateway ingress controller to transfer this information over azure resource manger so it can reconfigure the app gateway to inform him that the pod is gone. During this time you will get many more 500 errors then you would with a standard ingress controller setup. Would love to hear your feedback on this.
@sapnandu Жыл бұрын
Thanks for publishing this tutorial. I have configured it in the same way but somehow it's showing a bad gateway error. Could you please help me to fix it. Please share your email I will post you the issue.
@michaeljimma3913 Жыл бұрын
Excellent work. I loved it.
@namithcc2 жыл бұрын
Hello, Thank you for teh video. Could you please share the nginx and basic ingress yaml please
@ZoomSpeaksTech2 жыл бұрын
Link to blog post with all code snippets: zoomspeaks.tech/publishing-aks-with-agic
@musj.40672 жыл бұрын
One of the best explanations I've seen on this topic, straight to the point. Many thanks
@ramanmama2 жыл бұрын
Excellent tutorials! Thanks for the efforts
@Anonymous-tk6pm2 жыл бұрын
This is very helpful. Thanks for your effort sharing your knowledge. I did notice that I didn't need to add CORS for custom domain for custom html page. It straightaway worked for me. Any suggestion of rewriting long url to some short one?
@ZoomSpeaksTech2 жыл бұрын
That is weird. CORS must be configured in case you are using custom html. Are you sure the policy you ran wasn't just using a default ui? What do you mean by rewriting url?
@Anonymous-tk6pm2 жыл бұрын
@@ZoomSpeaksTech I'm using custom policies and not user flows. From rewriting url means providing a short url which translates to original b2c url with policy name and other parameters. Maybe I'm thinking something wrong and which is not logically possible.
@ZoomSpeaksTech2 жыл бұрын
@@Anonymous-tk6pm Oh I got it. So you can use Front Door's Url Rewrite feature. That should work: learn.microsoft.com/en-us/azure/frontdoor/front-door-url-rewrite?pivots=front-door-standard-premium
@tayoadaraloye2 жыл бұрын
Amazing tutorial
@mkeii2 жыл бұрын
gosh kubernetes can be so verbose sometimes. this is neat, but everytime i have a new secret, i have to update: 1. the deployment, 2. the secretproviderclass parameters.objects, 3. the secretproviderclass secretobjects 😓
@ZoomSpeaksTech2 жыл бұрын
I agree. You can automate everything, but at some point it would be overkill to build something that serves no specific function other than to overcome verbosity. Which is why sometimes I prefer my apps to grab their own secrets whenever possible and absolve kubernetes of having to manage that. Keyvault integration can be easily done on most languages from the app code itself. The app merely needs a managed identity to be able to grab it.
@alkanandaappala38772 жыл бұрын
How to connect maven repository with azure artifact feed, any suggestion please
@faisalabdi63502 жыл бұрын
جزاك الله خيرا يا اخي الكريم. لا توقف علشان نستفيد من خبرتك.
@Mr431232 жыл бұрын
Well explained !
@alkanandaappala38772 жыл бұрын
This vedio helped a lot to me! Great explanation , want more vedios from you.
@alkanandaappala38772 жыл бұрын
Please continue to do vedios on azure devops regarding yaml pipeline for java code
@raghur56782 жыл бұрын
Hello Sir, i created a nuget.config file in azuredevops pipeline and the packages are getting downloaded , but with that same nuget.config file the Developers also need to use to Download the Pacakges in VIsual Studio, how can i achive this. Presently i have given accces to download the packages by Creating a group and given permission as a contributor in AZURE ARTIFACTS, so thats how they are able to download the packages.
@ZoomSpeaksTech2 жыл бұрын
Apologies Raghu, I haven’t actually done this with nuget before.
@raghur56782 жыл бұрын
@@ZoomSpeaksTech ok fine.. just i came to know that with Azure Artifacts Credentials we can do it.. like we can give access to the Developers of the Private Artifact Feeds, but getting confused with that , how to implement.
@raghur56782 жыл бұрын
and any idea how to Send Test Results EMail Notification to a Developer via Send Grid. Thanks for the Reply
@ZoomSpeaksTech2 жыл бұрын
@@raghur5678 you can use this task: marketplace.visualstudio.com/items?itemName=kasunkodagoda.sendgrid-email Another alternative is to talk to the SendGrid API directly via an API call
@raghur56782 жыл бұрын
@@ZoomSpeaksTech but i couldnt find how to send TEST report results via mail through send Grid.. :( or URL
@gousiashaik38192 жыл бұрын
How to upgrade tls/ssl version in azure cosmos DB I.e i have present tls1. 0..,I need tls 1.2
@mehmetcolgecen95332 жыл бұрын
it is a good one, really enjoyed the explanations, keep going!!!
@devopsengineer17982 жыл бұрын
Make me ur deciple
@jonathh142 жыл бұрын
I've just found this - its great. I don't suppose you have one on how to set the JRE if you require one that isn't on the agent already, do you?
@ZoomSpeaksTech2 жыл бұрын
I suppose you can run whatever commands u need to setup the JRE as you want it prior compilation. That could be anything including uninstalling/installing a specific JRE version and setting up whatever settings u need. All the tasks are going to run on the same disposable agent. Or you can use a pre-setup agent using ur own machines or vmss. I have posted another video on this topic.
@THIAGOMARTINS-fx8pm2 жыл бұрын
Amazing video tks a lot !
@ihsanizwer2 жыл бұрын
Great tutorial. Thank you
@kaunainbaig89812 жыл бұрын
jwt token giving invalid token error on deploying to azure web app but not working on localhost? what might be the reason
@ZoomSpeaksTech2 жыл бұрын
Hi Kaunain, can you please be a little more specific? Which scenario are you trying to accomplish?
@kaunainbaig89812 жыл бұрын
@@ZoomSpeaksTech It validated jwt token in weatherforecast with postman with localhost but when i uploaded the same weatherforecast app in azure and replaced the azure web app url with localhost it give 401 unauthorized error
@ahmedtheba38082 жыл бұрын
In all of the various options we still end up with a credential on disk/mount in clear or Base 64 encoded form. There is no protection of the secret if the container is breached. All that we have done is cleaned up the code and pipelines from being littered with secrets.
@ZoomSpeaksTech2 жыл бұрын
That’s true. And there is no way around it except if you take the time/effort to write code in your application to try and grab its own secrets from Key Vault using its managed identity.
@jgps962 жыл бұрын
How Artifacts choose which dependencies cached from maven central?, because you have many dependencies but just a few are cached (like junit and hamcrest Minute: 29), for example, If we have Az DevOps Server and just Artifacts has permissions to go out to Maven central, and our clients just use Azure Artifacts not directly internet, we need to cache all the dependencies from Maven Central in Azure Artifacts
@ZoomSpeaksTech2 жыл бұрын
I think your agents will still require internet access or at least proxy access to the Azure Artifacts. I do not think there is a mechanism which allows you to cache them locally. Maybe Azure DevOps Server (the on-prem version of ADO) will allow you to do so but I am not an expert on it.
@aghapymikhail73862 жыл бұрын
i have a small issue i found the feed is empty is that related to maven token definition ?
@kadabaraghu2 жыл бұрын
i am using the serviceproviderclass as per the directions , its creating the secertproviderclass but its not creating the secret , when i query for kubectl get secrets i dont dind them there , could you please let me know what could be wrong or is there any additional step i need to follow , int his example you create the secrets in prior should we do the same ???
@ZoomSpeaksTech2 жыл бұрын
No, the secret should be created for you. If it is not then there is probably a permission issue somewhere. Check the logs of the secrets provider containers and it might point you somewhere.
@ironfrogclark2 жыл бұрын
Hi Sir, good morning, would like to check if we can also use the cert-manager in this method, maybe you have some simple flow that we can replicate. thanks :)
@ZoomSpeaksTech2 жыл бұрын
I do not have any experience with cert-manager yet. I am not sure whether it supports key-vault.
@alisyed92402 жыл бұрын
If the secret volumes are still mounted inside the container. Does it mean that password would still be in clear text and we can simply read the password file?
@ZoomSpeaksTech2 жыл бұрын
Yes indeed, if you want an additional layer of security then you can encrypt it and decrypt it using your app.
@alisyed92402 жыл бұрын
@@ZoomSpeaksTech would other solutions like hashicorp vault do the same thing like mount secret volumes with password in plain text or they will at least automatically encrypt it?
@ZoomSpeaksTech2 жыл бұрын
They work exactly the same. If this bothers you, the other option is to write code to extract secrets from a secure vault like Azure Key Vault in your app.
@kkupadhyay51082 жыл бұрын
Hi bro , i have a question , why we have not specified redirect uri for backend api in app registration , how token end point gonna recognize where to pass the token if redirect uri is not there for backend api? You have put client id in backen api code that looks good but is that enough?
@ZoomSpeaksTech2 жыл бұрын
Timestamp?
@kkupadhyay51082 жыл бұрын
@@ZoomSpeaksTech this is a question i have , like why you have not specified redirect uri in app register for api in azure ad , is this not necessary
@ZoomSpeaksTech2 жыл бұрын
I did later on here: kzbin.info/www/bejne/gIWuoaikhdWMn5om47s and here: kzbin.info/www/bejne/gIWuoaikhdWMn5om55s Depending on the scenario you set the proper redirect uri. Client Credentials workflow however does not need a redirect url, as it is just a request/response to the token endpoint.
@kkupadhyay51082 жыл бұрын
@@ZoomSpeaksTech yup bro you have the redirect uri for APIM app ,but i have seen articles as well where no one is putting redirect uri for API , everyone one puttinh redirect uri for APIM
@ZoomSpeaksTech2 жыл бұрын
APIs generally validate tokens, not issue them. There need not be a redirect uri for that.
@vipham67322 жыл бұрын
hi Helsabini, I got this error when create Agic. Any idea form you pls? {"error":{"code":"InvalidTemplateDeployment","message":"The template deployment 'ag_deploy_CH72M7xFXCjStfrsYAbGJ8TkrFFT6WAl' is not valid according to the validation procedure. The tracking id is '6130faf9-f909-4513-b3a6-d24106e9b0b2'. See inner errors for details.","details":[{"code":"ApplicationGatewayRequestRoutingRulePriorityCannotBeEmpty","message":"Priority for the request routing rule /subscriptions/bf70bc9a-d03e-4725-85a7-ba059e05fdef/resourceGroups/helshabini-gw/providers/Microsoft.Network/applicationGateways/helshabini-gw/requestRoutingRules/rule1 cannot be empty. All request routing rules should have a priority defined starting from api-version 2021-08-01","details":[]}]}