INTERVIEW-LEARNING-LINKS

  Azure ExpressRoute Configuration – Step-by-Step ExpressRoute provides a private connection between your on-premises network and Microsoft cloud services such as Azure, Microsoft 365, and Dynamics 365. Traffic does not traverse the public Internet. High-Level Architecture On-Prem Network       │ Customer Edge Router (CE)       │ Service Provider/MPLS       │ Provider Edge Router (PE)       │ ExpressRoute Circuit       │ Microsoft Enterprise Edge (MSEE)       │ Azure Virtual Network Phase 1: Planning Before configuration, determine: Requirements Region (e.g., East US, Central India) Bandwidth (50 Mbps to 100 Gbps depending on provider) Connectivity Provider Redundancy requirements Number of VNets Global connectivity needs Decide Connectivity Model Provider-based ExpressRoute ExpressRoute Direct ExpressRoute Local ExpressRoute Global Reach These are different ExpressRou...

What is Egress in Kubernetes? Egress is the outbound traffic leaving a pod, node, or cluster and going to another destination. Simply: Ingress = Traffic coming INTO the cluster Egress = Traffic going OUT OF the cluster    Example of Egress Suppose your application pod calls an external API: Pod  ↓ api.stripe.com  or Pod  ↓ Azure Storage or Pod  ↓ Database outside cluster All of these are egress traffic . Ingress vs Egress Ingress Traffic enters the cluster:  User  ↓ Ingress Controller  ↓ Service  ↓ Pod Egress Traffic leaves the cluster: Pod  ↓ Internet / Storage / API   AKS Egress Flow Typical AKS architecture: Pod  ↓ Node  ↓ Subnet  ↓ NAT Gateway / Load Balancer SNAT  ↓ Internet   Why Egress Matters Security teams often ask: "Which destinations can pods access?" Without controls: Pod  ↓ Any Internet Address  This may violate security policies.   How Egress is Controlled 1. ...

  What is Ingress in Kubernetes? Ingress is a Kubernetes API resource that provides external HTTP/HTTPS access to services within a cluster. It defines routing rules based on hostnames and URL paths. An Ingress Controller, such as NGINX Ingress Controller or Azure Application Gateway Ingress Controller, reads these rules and routes incoming traffic to the appropriate Kubernetes Services, which then forward requests to pods. Ingress enables centralized traffic management, TLS termination, and host/path-based routing through a single external endpoint.  Ingress is a Kubernetes resource that manages external access to services inside the cluster , typically HTTP and HTTPS traffic. Think of it as a traffic router for incoming requests. Without Ingress: Internet    ↓ LoadBalancer Service    ↓ Application Service    ↓ Pods If you have 10 applications, you might need 10 Load Balancers.   With Ingress  Internet    ↓ Load Balancer ...

 Service Endpoint :  A Service Endpoint is not a separate device, tunnel, VPN, or NIC. It is a feature of an Azure subnet that tells Azure: "When resources in this subnet access a specific Azure service (Storage, SQL, Key Vault, etc.), identify the traffic as coming from this subnet and keep it on the Azure backbone network." Let's walk through how it is established.   Private EndPoint :    A Private Endpoint does not change the Storage Account itself to have a private IP. Instead, Azure creates a private network interface (NIC) with a private IP inside your VNet , and that NIC becomes the private entry point to the Storage Account.    ----   In Azure Kubernetes Service (AKS) , the architecture is broadly divided into the System Node Pool and User Node Pool . Understanding what runs in each is important for designing a reliable cluster. 1. System Node Pool A System Node Pool is dedicated to Kubernetes and AKS platform components that kee...