Azure Kubernetes Service (AKS)
- ALIF Consulting
- Feb 25, 2022
- 5 min read
Updated: Jun 11, 2024
Azure Kubernetes Service (AKS) simplifies deploying a managed Kubernetes cluster in Azure by offloading the operational overhead to Azure. As a hosted Kubernetes service, Azure handles critical tasks, like health monitoring and maintenance. Since Kubernetes masters are managed by Azure, you only manage and maintain the agent nodes. Thus, AKS is free; you only pay for the agent nodes within your clusters, not for the masters.
Azure Kubernetes Service Benefits
Azure Kubernetes Service is currently competing with both Amazon Elastic Kubernetes Service (EKS) and Google Kubernetes Engine (GKE). It offers numerous features such as creating, managing, scaling, and monitoring Azure Kubernetes Clusters, which is attractive for users of Microsoft Azure. The following are some benefits offered by AKS:
Efficient resource utilization
The fully managed AKS offers easy deployment and management of containerized applications with efficient resource utilization that elastically provisions additional resources without the headache of managing the Kubernetes infrastructure.
Faster application development
Developers spent most of the time on bug-fixing. AKS reduces the debugging time while handling patching, auto-upgrades, and self-healing and simplifies the container orchestration. It definitely saves a lot of time and developers will focus on developing their apps while remaining more productive.
Security and compliance
Cybersecurity is one of the most important aspects of modern applications and businesses. AKS integrates with Azure Active Directory (AD) and offers on-demand access to the users to greatly reduce threats and risks. AKS is also completely compliant with the standards and regulatory requirements such as System and Organization Controls (SOC), HIPAA, ISO, and PCI DSS.
Quicker development and integration
Azure Kubernetes Service (AKS) supports auto-upgrades, monitoring, and scaling and helps in minimizing the infrastructure maintenance that leads to comparatively faster development and integration. It also supports provisioning additional compute resources in Serverless Kubernetes within seconds without worrying about managing the Kubernetes infrastructure.
Why Azure Kubernetes?
When running containers in a production environment, containers need to be managed to ensure they are operating as expected in an effort to ensure there is no downtime.
Container Orchestration
Without container orchestration, If a container was to go down and stop working, an engineer would need to know the container has failed and manually start a new one. Wouldn’t it be better if this was handled automatically by its own system? Kubernetes provides a robust declarative framework to run your containerized applications and services resiliently.
Cloud Agnostic
Kubernetes has been designed and built to be used anywhere (public/private/hybrid clouds).
Prevents Vendor Lock-In
Your containerized application and Kubernetes manifests will run the same way on any platform with minimal changes.
Increase Developer Agility and Faster Time-to-Market
Spend less time scripting deployment workflows and focus on developing. Kubernetes provides a declarative configuration which allows engineers to define how their service is to be ran by Kubernetes, Kubernetes will then ensure the state of the application is maintained.
Cloud Aware
Kubernetes understands and supports a number of various clouds such. This allows Kubernetes to instantiate various public cloud based resources, such as instances, VMs, load balancers, public IPs, storage.
Azure Kubernetes Features
Feature | Description |
Managed control plane | Reduced complexity: AKS automates critical tasks like patching, upgrades, and health monitoring of the Kubernetes control plane, freeing you to focus on application development and management. Simplified operations: You only pay for the AKS nodes running your applications, reducing infrastructure management overhead. |
Identity and security management | Integrated Azure Security: Leverage Azure Active Directory for user authentication and authorization within your cluster. Granular Access Control: Enforce RBAC (Role-Based Access Control) to restrict access to specific namespaces, pods, or resources within the cluster. Compliance assurance: Implement security best practices and regulatory compliance with built-in Azure Policy integration. |
Logging and monitoring | Built-in monitoring: Gain insights into cluster health and performance through Azure Monitor integration. View container logs, resource utilization, and application metrics for proactive troubleshooting. Customizable dashboards: Create custom dashboards to visualize key performance indicators (KPIs) and gain deeper application insights. Alerting and notifications: Set up alerts and receive notifications for potential issues identified by monitoring, allowing for prompt remediation. |
Streamlined deployments | Familiar tools and workflows: Deploy containerized applications quickly using tools like Helm charts, kubectl commands, or Azure DevOps pipelines. CI/CD integration: Integrate seamlessly with your existing CI/CD pipelines for automated deployments and rollbacks. Declarative configuration: Manage deployments using declarative configuration files (YAML) for consistent and repeatable deployments. |
Clusters and nodes | Scalability: Easily scale your AKS cluster by adding or removing virtual machine nodes to meet changing application demands. Self-healing capabilities: AKS automatically restarts failed containers and replaces unhealthy nodes to ensure application uptime. High availability: Design geographically distributed clusters for disaster recovery and fault tolerance. |
Storage volume support | Persistent storage options: AKS supports various storage options for your containerized applications' data persistence needs. Choose from Azure Disks (managed disks) for high availability and scalability, Azure Files for shared storage across containers, or persistent local storage for specific use cases. Volume lifecycle management: Automate the provisioning, attachment, and detachment of storage volumes to containerized applications. |
Networking | Integrated load balancing: AKS provides built-in load balancers to distribute traffic across your containerized application instances for scalability and high availability. IP address management: Securely manage IP addresses for your cluster and containerized applications. Network policies: Implement network policies to control how pods within your cluster can communicate with each other and external resources. |
Development tooling integration | Seamless integration: Integrate AKS with popular DevOps tools like Azure DevOps or GitOps workflows for a smooth development experience. Visual Studio Code extensions: Leverage Kubernetes extensions for Visual Studio Code to edit deployments, manage clusters, and debug applications directly from your IDE. Command-line tools: Utilize the familiar kubectl command-line tool to interact with your AKS clusters and manage Kubernetes resources. |
Azure Kubernetes Service Use Cases
We’ll take a look at different use cases where AKS can be used.
Migration of existing applications
You can easily migrate existing apps to containers and run them with Azure Kubernetes Service. You can also control access via Azure AD integration and SLA-based Azure Services like Azure Database using Open Service Broker for Azure (OSBA).
Simplifying the configuration and management of microservices-based Apps
You can also simplify the development and management of microservices-based apps as well as streamline load balancing, horizontal scaling, self-healing, and secret management with AKS.
Bringing DevOps and Kubernetes together
AKS is also a reliable resource to bring Kubernetes and DevOps together for securing DevOps implementation with Kubernetes. Bringing both together improves the security and speed of the development process with Continuous Integration and Continuous Delivery (CI/CD) with dynamic policy controls.
Ease of scaling
AKS can also be applied in many other use cases, such as ease of scaling by using Azure Container Instances (ACI) and AKS. By doing this, you can use the AKS virtual node to provision pods inside Azure Container Instance (ACI) that start within a few seconds and enable AKS to run with the required resources. If your AKS cluster runs out of resources, it will scale out additional pods automatically without any additional servers to manage in the Kubernetes environment.
Data streaming
AKS can also be used to ingest and process real-time data streams with data points via sensors and perform quick analysis.
AKS Reference Art
The reference architecture is composed of:
Azure Kubernetes Service (AKS)
At the center of the architecture is AKS.
Kubernetes cluster
A cluster running your workloads, deployed on AKS. With AKS you only manage agent nodes; AKS assumes responsibility for the Kubernetes control plane.
Virtual Network
AKS creates a virtual network in which agent nodes can be deployed. In advanced scenarios, you can create a virtual network first to give you more control over the configuration of subnets, local connections, IP addresses, etc.
Ingress
The ingress provides an HTTP/HTTPS path to access cluster services. Behind it, you will typically deploy an API Gateway to manage authentication and authorization.
Azure Load Balancer
Created when the NGINX ingress controller is implemented. Used to route incoming traffic to the ingress.
External data storage
Microservices are usually stateless and save data to external data stores, such as relational databases like Azure SQL Database or NoSQL stores like Cosmos DB.
Azure Active Directory (AD)
AKS has its own Azure AD identity, used to generate and control Azure resources for Kubernetes deployments. In addition to these mechanisms, Microsoft recommends using Azure AD to establish user authentication in client applications that use the Kubernetes cluster.
Azure Container Registry (ACR)
used to store your organization’s Docker images and use them to deploy containers to the cluster. ACR can also leverage authentication by Azure AD. Another option is to store Docker images in a third-party registry, like DockerHub.
Azure Pipelines
part of the Azure DevOps service, and can help you automate the build/test/deployment cycle. Alternatively, you can use a third-party CI/CD solution like Jenkins.
Helm
the Kubernetes package manager. You can use it to combine Kubernetes objects into a package for easier distribution and versioning.
Azure Monitor
Collects and stores logs from Azure services that interact with your Kubernetes cluster, including AKS controllers, nodes, and containers. You can use this data to monitor applications, configure alerts and dashboards, and analyze the root causes of errors.
Azure Kubernetes Service Pricing
AKS is a free container service where nothing will be charged for Kubernetes cluster management. You’ll have to pay only for the cloud resources such as VMs, storage, and network resources you consume, making it the most cost-effective container orchestration service in the market. Microsoft Azure introduced the Container Services calculator to calculate the estimated cost of the consumed or required resources.
Comments