Overview on Azure Kubernetes Service (AKS)
Kubernetes is an open source container orchestration platform. Which helps to automates process of deploying, managing, and scaling containerized applications. You can cluster together groups of hosts running Linux containers, and Kubernetes helps you easily and efficiently manage those clusters
Azure Kubernetes Service is a managed Kubernetes service that makes building, deploying, and upgrading clusters easier. You also get basic views into your AKS clusters. Azure Kubernetes Service (AKS) offers serverless Kubernetes, an integrated continuous integration and continuous delivery (CI/CD) experience and enterprise-grade security and governance. Unite your development and operations teams on a single platform to rapidly build, deliver and scale applications with confidence.
Prerequisite
- Azure Subscription for Deployment of AKS
- VS Code for Development and Deployment
- Basic Knowledge on Kubernetes
Step 01: - Deploy Azure Kubernetes Service in Subscription
First go to the portal and search for the AKS Azure Kubernetes Service and although you can see that in quick options also.
After that it will ask you to fill for basic details in wizard as it is. And few new options will get to know in this article.
Cluster Preset Configuration: - It is something will offer you preconfigured and selected VM Node SKU based on workload. As per image you can see we have different options.
And Kubernetes name and availability zone is something self-explanatory things.
So next we have Node Size: - Which is preselect is we opt option for preset configuration. But if you want to change you can change the VM SKU manually.
Scale Method: - Here we have two options Manual and Autoscale and both are self-explanatory, and we recommend using autoscale for Production. Also, you can define the range of node count like minimum I want one Node VM and Maximum would be 10 or 20.
Next, we have Node Pools:
So, Node pools is the AKS configuration are grouped together into node pools. These node pools contain the underlying VMs that run your applications. This feature enables higher control over how to create and manage multiple node pools.
Virtual Nodes: - Virtual nodes enable network communication between pods that run in Azure Container Instances (ACI) and the AKS cluster. Basically, Virtual Nodes are featured to provide advance networking features. To provide this communication, a virtual network subnet is created, and delegated permissions are assigned. Virtual nodes only work with AKS clusters created using advanced networking (Azure CNI).
VMSS: - Virtual Machine Scale Set Azure VMSS allow you to create and manage identical, load balanced VMs that automatically increase or decrease based on demand or a set schedule. This enables you to easily manage and scale multiple VMs to provide high availability and application resiliency, ideal for large-scale applications like container workloads
Cluster autoscaler allows you to adjust the size of the Kubernetes clusters based on the load conditions automatically.
In Authentication tab we can see authentication method Service Principal and System-assigned managed identity its wide topic to discuss so will share the link of same.
Service principals for Azure Kubernetes Services (AKS) - Azure Kubernetes Service | Microsoft Docs
Service principals for Azure Kubernetes Services (AKS) - Azure Kubernetes Service | Microsoft Docs
Also, we can enable authentication using Azure AD.
Use Azure AD in Azure Kubernetes Service - Azure Kubernetes Service | Microsoft Docs
Step 02: - Configure Networking in AKS Deployment
So, by default we get Kubenet option in networking also Azure provide us to use Azure CNI which is Azure Container Networking Interface so it allows you to use existing deployed Virtual Network and Kubenet will create new Virtual Network.
You can go through below documentation for deep understanding on Kubenet and Azure CNI
Configure Azure CNI networking in Azure Kubernetes Service (AKS) - Azure Kubernetes Service | Microsoft Docs
Network Plugins | Kubernetes
- DNS: - DNS name prefix to use with the hosted Kubernetes API server FQDN. You will use this to connect to the Kubernetes API when managing containers after creating the cluster.
- Traffic routing: - A public Load Balancer when integrated to provide outbound connections to the cluster nodes inside the AKS virtual network. It achieves this objective by translating the nodes private IP address to a public IP address that is part of its Outbound Pool.
- An internal (or private) load balancer is used where only private IPs are allowed as frontend. Internal load balancers are used to load balance traffic inside a virtual network. A load balancer frontend can also be accessed from an on-premises network in a hybrid scenario.
- Security: - In security we have two option that can help us to improve security one is Enable private cluster and other is Set authorized IP ranges
Enable Private Cluster is Option which allows you to make you AKS cluster work on Private endpoints only
Set Authorized IP ranges are option to whitelist specified range of IP for your AKS Cluster Access.
Step 03: - Integration of AKS with Azure Container Registry
In next tab AKS offers us to integrate our AKS cluster to integrate with other azure service like Azure Container Registry which is repositories service which stores our Docker images that we can use to deploy or run as container in AKS cluster.
Apart from that we have Azure Monitor which help us to monitor and track our applications
In addition to the CPU and memory metrics included in AKS by default, you can enable Container Insights for more comprehensive data on the overall performance and health of your cluster. Billing is based on data ingestion and retention settings.
And Azure Policy will help us to comply our AKS cluster with security and manage it with central location. Apply at-scale enforcements and safeguards for AKS clusters in a centralized, consistent manner through Azure Policy.
Learn Azure Policy for Kubernetes - Azure Policy | Microsoft Docs
And yes, we have competed the wizard with basic understanding on AKS components and configurations. Now let’s Review and Create it.
Step 04: - Connect to AKS cluster using VS Code
First step is that you should have AZ CLI installed on your local machine so you can login to azure portal. You can install Azure CLI from below link.
Install the Azure CLI for Windows | Microsoft Docs
Next, go to the Overview pane and click on Connect and copy first two commands.
Run these commands as per the above image in your local terminal. And with the help of
kubectl get deployments --all-namespaces=true
you can see all the namespace in your cluster.
Step 05: - Run the application on our AKS Cluster
First will clone the base repo code from GitHub link.
Azure-Samples/azure-voting-app-redis: Azure voting app used in docs. (github.com)
We can clone this code using git clone command. Next, we must create Kubernetes manifest file so it will deploy our application.
Open notepad or any editor tool and paste below YAML in it.
apiVersion: apps/v1
kind: Deployment
metadata:
name: azure-vote-back
spec:
replicas: 1
selector:
matchLabels:
app: azure-vote-back
template:
metadata:
labels:
app: azure-vote-back
spec:
nodeSelector:
"kubernetes.io/os": linux
containers:
- name: azure-vote-back
image: mcr.microsoft.com/oss/bitnami/redis:6.0.8
env:
- name: ALLOW_EMPTY_PASSWORD
value: "yes"
resources:
requests:
cpu: 100m
memory: 128Mi
limits:
cpu: 250m
memory: 256Mi
ports:
- containerPort: 6379
name: redis
---
apiVersion: v1
kind: Service
metadata:
name: azure-vote-back
spec:
ports:
- port: 6379
selector:
app: azure-vote-back
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: azure-vote-front
spec:
replicas: 1
selector:
matchLabels:
app: azure-vote-front
template:
metadata:
labels:
app: azure-vote-front
spec:
nodeSelector:
"kubernetes.io/os": linux
containers:
- name: azure-vote-front
image: mcr.microsoft.com/azuredocs/azure-vote-front:v1
resources:
requests:
cpu: 100m
memory: 128Mi
limits:
cpu: 250m
memory: 256Mi
ports:
- containerPort: 80
env:
- name: REDIS
value: "azure-vote-back"
---
apiVersion: v1
kind: Service
metadata:
name: azure-vote-front
spec:
type: LoadBalancer
ports:
- port: 80
selector:
app: azure-vote-front
You can get the details of the service using below command
kubectl get service azure-vote-front --watch
And as per below image you can see our application is running on AKS external load balancer public IP.
So, this is one of the way you can deploy your application on AKS cluster. You can build your docker image and use ACR to save it and from their also you can push it.
Summary
AKS is a managed Kubernetes container orchestration service in Azure. It helps removing the complexity of implementing, installing, maintaining, and securing Kubernetes in Azure. As it’s still Kubernetes that you’re going to be interacting with at the end of the day, you’re still avoiding being locked into any one vendor or resource
References
Introduction to Azure Kubernetes Service - Azure Kubernetes Service | Microsoft Docs
Monitoring AKS data reference - Azure Kubernetes Service | Microsoft Docs
Also Read
Kubernetes Tutorial for Beginners & Experienced