Thanks for this great comprehensive CI/CD video. You went through a lot of details which is extremely helful. One question about the private DNS zone setup for AKS. I don't see a private endpoint created for this. Is this safe?
In AKS, if you're using a private cluster, the control plane (API server) has a private IP address accessible only within the virtual network. However, this doesn't require a separate private endpoint resource because the private access is built into the architecture of the AKS control plane.
Here, I am using a self-hosted agent. We can use an Azure-hosted agent if we are not setting up any private network, as it simplifies communication between Azure DevOps and Azure services.
Thanks alot...after watching your videos.... Slowly I am getting interest to Upgrade my Technical Skills in DevOps.. Reason behind the scene is? because everything is visualized and bit challenged too... For sure will invest and Start DevOps Course & Certification in my Upcoming Days...
Hi, Thanks for great content. Sir I have a question that if I want to install argocd or flux into this private link also with this separated Vnets. How gitOps can be adopted in architecture. You guide will be helpful.
When a vnet is peered to another, any resources can communicate seamlessly. Why did you create to and fro peering then like aks to acr and acr to aks ?
Say I have production system. Is it not risky to keep both creation and destroy in the same pipeline. And also in most of the production environment we won't expose our public IP even Application gateway. ? Could you add more context to my query..
Separate provisioning (create/update) and destruction pipelines to minimize the risk of accidental deletions. Private IP Considerations for Application Gateway and Use Azure Front Door as a Public Entry Point
Hi thanks for the video. I have one. Doubt I have 3 env and in dev we will deploy via azure webapps and in QA and Prod we will deploy via image into Kubernetes. So my question is if I want to create a resources via Terraform. What is the best practice for my above requirement and how shld we follow the steps to create a pipeline via azure devops when ever there is an new code is pushing it to the Repository . Thanks in advance.
@@thejourneyofdevops1791 thank you.. i am in process of modelling a project demonstration based on your repo, but has failed.. looks like there are quite a few changes required in the terraform manifests and azure pipeline.. in case there is an updated/working copy, pls share at earliest convenience.
@thejourneyofdevops1791 despite trying incessantly for the last many days, i am still encountering incompatibility issues.. it appears the version of azurerm, terraform has changed, which makes it necessary to change the pipeline-yaml.. at present, pipeline run is failing.. if possible, kindly share updated repo and also all the precise required variables.. this would be help immensely and give much needed confidence
can you send (subhek.agrawal@gmail.com) me the error logs where its failing so i can look into this? may be this weekend i will try to update the entire repo.
Very useful session, Completely understand all term , Could you please share the PPT. Its will b more helpful. And upload more video like this session. Thanks a lot.
Hi sir .. may i know why do we need to create a resource of private dns zone .. aks will create a private endpoint, nic & dnz zone for itself automatically right ?
Thank you for this upload.
Thanks for this great comprehensive CI/CD video. You went through a lot of details which is extremely helful. One question about the private DNS zone setup for AKS. I don't see a private endpoint created for this. Is this safe?
In AKS, if you're using a private cluster, the control plane (API server) has a private IP address accessible only within the virtual network. However, this doesn't require a separate private endpoint resource because the private access is built into the architecture of the AKS control plane.
Thanks a lot for the video. Just a question, why can't a self hosted agent be used to create resources through Azure CICD?
Here, I am using a self-hosted agent. We can use an Azure-hosted agent if we are not setting up any private network, as it simplifies communication between Azure DevOps and Azure services.
@thejourneyofdevops1791 yeah got it. Thank You 😊
Thanks alot...after watching your videos.... Slowly I am getting interest to Upgrade my Technical Skills in DevOps.. Reason behind the scene is? because everything is visualized and bit challenged too... For sure will invest and Start DevOps Course & Certification in my Upcoming Days...
Glad to hear that
Hi, Thanks for great content. Sir I have a question that if I want to install argocd or flux into this private link also with this separated Vnets. How gitOps can be adopted in architecture. You guide will be helpful.
When a vnet is peered to another, any resources can communicate seamlessly. Why did you create to and fro peering then like aks to acr and acr to aks ?
Say I have production system. Is it not risky to keep both creation and destroy in the same pipeline. And also in most of the production environment we won't expose our public IP even Application gateway. ? Could you add more context to my query..
Separate provisioning (create/update) and destruction pipelines to minimize the risk of accidental deletions.
Private IP Considerations for Application Gateway and Use Azure Front Door as a Public Entry Point
Hi thanks for the video. I have one. Doubt
I have 3 env and in dev we will deploy via azure webapps and in QA and Prod we will deploy via image into Kubernetes.
So my question is if I want to create a resources via Terraform. What is the best practice for my above requirement and how shld we follow the steps to create a pipeline via azure devops when ever there is an new code is pushing it to the Repository .
Thanks in advance.
you can create module and the environment specific config files.
@@thejourneyofdevops1791 ok thanks.
hi, wish you can also provide the ready reckoner of "pipeline variables" with "values".. which i can change as per our environment
Going forward I will do that
@@thejourneyofdevops1791 thank you.. i am in process of modelling a project demonstration based on your repo, but has failed.. looks like there are quite a few changes required in the terraform manifests and azure pipeline.. in case there is an updated/working copy, pls share at earliest convenience.
@@durgeshsaqcena3711 Same happened with me. Also failed with due to some missing things in terraform and azure pipelines.
@thejourneyofdevops1791 despite trying incessantly for the last many days, i am still encountering incompatibility issues.. it appears the version of azurerm, terraform has changed, which makes it necessary to change the pipeline-yaml.. at present, pipeline run is failing.. if possible, kindly share updated repo and also all the precise required variables.. this would be help immensely and give much needed confidence
can you send (subhek.agrawal@gmail.com) me the error logs where its failing so i can look into this? may be this weekend i will try to update the entire repo.
very nyc session brother do upload more sessions like this
Thanks and sure
Hello Sir, please make a separate video on how to authenticate terraform azure pipeline using service principal & client secret to Azure cloud
Very useful session, Completely understand all term , Could you please share the PPT. Its will b more helpful. And upload more video like this session.
Thanks a lot.
Great work!
Hi sir .. may i know why do we need to create a resource of private dns zone .. aks will create a private endpoint, nic & dnz zone for itself automatically right ?
And also do we need to create a vnet link as well .. does that gets attached to the vnet also
Private DNS is optional but as a best practice it's recommended
Somehow my selfhosted agent is no showing in Agentpools...
What's the error in the log?
hosted agent also Private network??
Yes
Excelllent video and the explaination. Just a thought how can we achieve Blue-Green/Canary deployment startegy in this?
Either you can use workspace or two aks
@@thejourneyofdevops1791 by workspace you mean kubernetes namespaces?
@@sharatbhaskar527 my bad yes
Sri, could you please create a video for SAAS ap + api gateway + devops
can you please provide me complete document on this project
any documentaion for this project can i get
what you need ?
@@thejourneyofdevops1791 step by step all commands
Very useful and pratical.
many thanks for video
Its Very useful
Thanks. Very useful.
Sir, please provide the source code of e-ticket project.
Added in description
i request you to please share PPT that your explaining?
send me your email id on subhek.agrawal@gmail.com
Can I explain this during an interview project explanation
@@roulniur2393 yes you can, but you have to also add DA scenario and multi region for HA.
@@thejourneyofdevops1791 what is DA
May I know what is DA?@@roulniur2393
Nice