Monitoring

When an Azure Policy blocks a deployment, the error message in Terraform or in the portal often shows the responsible assignment but not always the full detail of the violated rule. Azure Activity Logs keep a complete trace of every denial. Where to look in the portal Activity Logs are accessible from several places: at the subscription level, resource group level, or directly from a resource. To diagnose a Policy Deny, go to Activity Log. ...

During my attendance at KubeCon, I had the opportunity to participate in the Azure day with Kubernetes. A new tool currently under development was presented: retina What is Retina? Retina is a tool for monitoring the network and services of AKS clusters. Its goal is to collect customizable telemetry and push it to various backends (Prometheus, via a PV, etc.). How it works Retina offers several data collection modes: Via the CLI In this capture mode, running a command through the Retina CLI triggers the creation of a Kubernetes job that performs a capture based on a node selector. The default duration is one minute, but it can be configured via --no-wait=true to run continuously. Other options include capping the output file size, filtering by [ip]:[port], or filtering via a DNS query udp port 53. ...