Azure Kubernetes Service (AKS) Concepts
Azure Kubernetes Service (AKS) simplifies deploying, managing, and automating Kubernetes applications. It offloads the operational burden of a managed Kubernetes cluster to Azure, allowing you to focus on your applications. This document explains the core concepts and architectural components of AKS.
What is Kubernetes?
Kubernetes is an open-source system for automating deployment, scaling, and management of containerized applications. It groups containers that make up your application into logical units for easy management and discovery.
AKS Architecture
An AKS cluster consists of two main components:
- Control Plane: Managed by Azure, this includes the Kubernetes API server, etcd data store, scheduler, and core controllers. You don't pay for the control plane in AKS; it's provided as a free Azure service.
- Worker Nodes: These are Azure virtual machines that run your containerized applications. You pay for the worker nodes and their associated resources (e.g., storage, networking).
Diagram illustrating AKS control plane and worker nodes.
Core Kubernetes Objects
When you deploy applications to Kubernetes, you interact with various objects that define the desired state of your applications. Key objects include:
Pods
The smallest deployable units in Kubernetes. A Pod represents a single instance of a running process in your cluster and can contain one or more containers. Containers within the same Pod share resources like network namespace and storage volumes.
apiVersion: v1
kind: Pod
metadata:
name: my-nginx-pod
spec:
containers:
- name: nginx
image: nginx:latest
ports:
- containerPort: 80
Deployments
A Deployment provides declarative updates for Pods and ReplicaSets. You describe the desired state in a Deployment, and the Deployment Controller changes the actual state to the desired state at a controlled rate. Deployments manage the lifecycle of your Pods.
apiVersion: apps/v1
kind: Deployment
metadata:
name: azure-vote-frontend
spec:
replicas: 3
selector:
matchLabels:
app: azure-vote-back
template:
metadata:
labels:
app: azure-vote-back
spec:
containers:
- name: azure-vote-back
image: mcr.microsoft.com/azuredocs/azure-vote-back:v1
ports:
- containerPort: 80
resources:
requests:
cpu: "100m"
memory: "128Mi"
limits:
cpu: "100m"
memory: "128Mi"
Services
Kubernetes Services define a logical set of Pods and a policy by which to access them. They provide a stable IP address and DNS name to access a group of Pods, even as Pods are created or destroyed.
- ClusterIP: Exposes the Service on a cluster-internal IP.
- NodePort: Exposes the Service on each Node's IP at a static port.
- LoadBalancer: Exposes the Service externally using an Azure load balancer.
Namespaces
Namespaces provide a mechanism for isolating groups of resources within a single cluster. They are useful for organizing resources across multiple teams or projects.
AKS Networking
AKS supports different networking models to integrate with your Azure Virtual Networks.
- Kubenet: A basic networking solution where each node gets a virtual network interface. Network routes are configured on the Azure virtual network.
- Azure CNI: Integrates AKS with Azure Virtual Network using Azure Container Network Interface (CNI). Each Pod gets its own IP address from the VNet, allowing for more granular network policies.
Key AKS Features
- Managed Control Plane: Azure manages the availability and scaling of the Kubernetes control plane.
- Automated Upgrades and Patching: Keep your Kubernetes versions up-to-date with minimal downtime.
- Identity and Access Management: Integrate with Azure Active Directory for robust authentication and authorization.
- Scalability: Easily scale your node count or enable autoscaling to match workload demands.
- Monitoring: Integrate with Azure Monitor for comprehensive cluster and application insights.
Next Steps
Explore the following resources to deepen your understanding: