Nginx fails to start when upstream services aren’t available at startup time, showing host not found in upstream. This post focuses on fixing this issue in Docker first, then extends the solution to Kubernetes and Azure Container Apps using environment variables to construct dynamic hostnames (like my-rg-${ENVIRONMENT}-api) which adapt to different deployment environments. The error occurs because Nginx resolves all hostnames at startup, not request time. This fail-fast behaviour is reasonable in many environments, but problematic in container orchestration where services start in unpredictable order or may not always be available by design.

Azure VPN Gateway’s SSTP Point-to-Site (P2S) connections to private VNETs can cause networking issues in WSL. Symptoms include hanging SSL connections, frozen database clients, and DB clients failing in Docker/Kubernetes networks. I encountered this with a SSL secured MySQL connection which would just hang with nothing informative. Worked fine from the Windows host. The culprit: MTU mismatches. The Problem MTU (Maximum Transmission Unit) is the largest packet size that can be transmitted over a network connection.

A short exploration of options for connecting to resources with private VNETs in Azure. Focused on boutique dev work. Think access to state maintaining services like SQL databases, CosmosDB, Redis etc. Costs are indicative at time of writing. Costs vary between Azure regions. Figures are in AUD, multiply by .6 to get an approximate in USD. I haven’t considered use of Site to Site (S2S) VPNs to connect to existing Point to Site (P2S) VPNs here, if that connectivity is a requirement then these options are likely not relevant.

After well over a year without a post… Personal Update At the end of March 2024, my father died. May he rest in peace. With the process of grieving taking its natural course, this site went well on the back-burner, or even off the stove entirely for a time. The Migration Journey Then we moved house, and my Proxmox cluster turned back into a single node. I stayed up late one night and transitioned the site’s K3s stack on to an Azure VM as an interim measure.