Azure Insights: GitOps on AKS; Dangling container manifests; Supply chain attacks

July 18 2021

Azure pros discuss GitOps on Azure Kubernetes Service, resolving dangling container manifests with Container Registry, and preventing supply chain attacks.

GitOps on AKS

Microsoft MVP Richard Hooper, writing on Pixel Robots, shared his recent exploration of the AKS-Preview az cli extension. He discovered references to a GitOps AKS addon. Users have anticipated a feature like this for some time for AKS, and a similar option is already available for Arc enabled Kubernetes clusters.

Hooper demoed how to install and register this preview feature. Running a simple command 30 minutes later will check the install status. From there, users need to install the GitOps AKS addon. He wrote:

Fork the repo as later you will be changing a value in a manifest to test a change. This repo has a few folders and inside the folders has a few Kubernetes manifest files. The manifests will provision a few namespaces, deploy a sample website, and create a config map. More information about what will be deployed can be found in the readme in the repo.

After going through the entire process, he found that the pod had deployed and was up and running.

Eliminating dangling container manifests from Container Registry

Daniel Neumann, writing on Daniel's Tech Blog, took a look at how to remove dangling container manifests from Container Registry. Currently, ACR has three different SKUs with between 10 and 500 GB of storage. Either successful or failed pipeline builds can quickly fill up this storage. Dangling container manifests crop up from failed builds and are particularly problematic.

About MSCN Reporter

More about MSCN Reporter