Welcome to the Third post in a series of "AKS From Zero To Hero".
In the first post, we talked about AKS in general. In this post, we will continue the discussion around AKS.
In this post, I will try to exaplind what is and Why AKS.
What is AKS?
Azure Kubernetes Service (AKS) simplifies deploying a managed Kubernetes cluster in Azure by offloading the operational overhead to Azure. As a hosted Kubernetes service, Azure handles critical tasks, like health monitoring and maintenance. Since Kubernetes masters are managed by Azure, you only manage and maintain the agent nodes. Thus, AKS is free; you only pay for the agent nodes within your clusters, not for the masters.
What is the benefits of using AKS?
AKS Nodes: Node pools are used to group nodes in your AKS cluster. You specify the VM size and OS type for each node in the node pool based on your app requirements
By default, an AKS cluster will have a Linux node pool in system mode but you always add more.
New nodes created in the node pool will always be the same size as you specified when you created the node pool. You can change the node count later in the cluster's configuration panel.
AKS Networking - The Basic
A Kubernetes cluster blocks all external communications by default and has two network availability abstractions: services and ingresses.
A service acts as a load balancer and redirects traffic to the specific ports by using port-forwarding rules.
ClusterIP: Exposes the app internally only
LoadBalancer: Exposes the app externally by using Azure’s load balancing solution
NodePort: Exposes the app externally
ExternalName: Maps the app by using a DNS resolution through a CNAME record.
Ingress: An ingress exposes routes (It is a collection of rules) for HTTP and HTTPS traffic from outside a cluster to services inside the cluster. You define ingress routes by using ingress rules
AKS allows you to overcome the complexity of setting up an ingress by enabling what's called HTTP application routing (not recommended for production workload)
We have two main type of ingress in Azure:
Ingress Controller is supported exclusively by Standard_v2 and WAF_v2 SKUs, which also brings you autoscaling benefits. Application Gateway can react in response to an increase or decrease in traffic load and scale accordingly, without consuming any resources from your AKS cluster.
Using Application Gateway in addition to AGIC also helps protect your AKS cluster by providing TLS policy and Web Application Firewall (WAF) functionality.
As we explained before Kubernetes API is the entry point to the cluster, so how to protect it on azure, you can easily do that on azure by using one of the following options:
so, when to use AKS, as per Microsoft the below are Top scenarios for Kubernetes on Azure
This was part two of the article. In the next part, we will continue this discussion with AKS.
Continue Reading: AKS From Zero To Hero - Part 4
Mohammad Al Rousan is a Microsoft MVP (Azure), Microsoft Certified Solution Expert (MCSE) in Cloud Platform & Azure DevOps & Infrastructure, An active community blogger and speaker.
Al Rousan has over 8 years of professional experience in IT Infrastructure and very passionate about Microsoft technologies and products.
Top 10 Microsoft Azure Blogs