Tag: DevOps

Not a Microsoft Cloud and Datacenter Management MVP Anymore

I’ve got some good news and some bad news…

Goodbye………

The bad news is I am not a Cloud and Datacenter Management MVP anymore. About 6 years ago, I received my first email to say that I had been awarded as Microsoft MVP in the Hyper-V category. And it was really unexpected by me!

I remember myself chatting with Russian Technet members and one of them sent me a private message “hey, can you please check your email?” , I asked him “for what?”, and then I realized..my hard work during almost 2,5 years on Technet forums and offline had been finally appreciated!

I haven’t ever requested a nomination and truly believed that you had to be praised by technical leaders to get your first MVP award. I am still the same person and haven’t changed my beliefs , so if you wanna be a Microsoft MVP, do a lot of great stuff and you will be spotted, either way! Later, Hyper-V expertise was merged into a Cloud & Datacenter Management, which I had been added before the good news came..

Today, I’ve been re-awarded as an Azure MVP! And it’s my 6th award in a row. I’ve been working with Azure and related stuff for almost 5 years and this year all my activities have been only connected with Azure. If you go to my About page, you will see that I’ve changed/extended my expertise and efforts toward public clouds, Azure and DevOps. So, it’s natural that I’ve become an Azure MVP.

Times always change, you don’t have to limit yourself to just one product or technology, always keep track needs and trends instead and you will succeed (sounds like an IT law)

As usual, I’d like to report on activities for 2019-2020 :):

Azure Kubernetes: ARM Template and Managed Identity

Managed identity is now available for Azure Kubernetes Service, so there is no longer need to manage your own service principals or rotate credentials often. Just execute “az aks create -g rgname -n clustername –enable-managed-identity” and the cluster is ready to go. The next option is using ARM template to configure AKS. There are multiple examples of ARM templates for deploying Kubernetes in Azure with advanced networking and etc. However, you can’t find any templates that use Managed Identity along with Azure Kubernetes Service. Plus, if you have resources outside of the MC_* resource group (it’s created automatically during the AKS deployment), you need to grant required permissions to cluster Managed Identity (new and recommended) or Service Principal, so AKS will be able to interact with such “external” resources (for example, read/write on subnets and etc.). Here is an example how you can reference the identity using ARM template:

                            "type": "Microsoft.Network/virtualNetworks/subnets/providers/roleAssignments",
                            "apiVersion": "2017-05-01",
                            "name": "[concat(variables('vnetName'), '/', variables('vnetSubnetName'),'/Microsoft.Authorization/', guid(resourceGroup().id, 'aksvnetaccesscluster'))]",
                            "properties": {
                                "roleDefinitionId": "[variables('networkContributorRole')]",
                                "principalId": "[reference(resourceId('Microsoft.ContainerService/managedClusters/', parameters('clusterResourceName')), '2020-03-01', 'Full').identity.principalId]",
                                "scope": "[variables('vnetSubnetId')]"
                            }