Azure Kubernetes Service (AKS)

What is AKS?

Azure Kubernetes Service (AKS) is a managed container orchestration service that simplifies the deployment, management, and operations of Kubernetes. It abstracts away the complexities of Kubernetes infrastructure, enabling developers to focus on building applications.

Core Concepts

Architecture Overview Nodes & Node Pools Pods & Deployments Services & Ingress Scaling & Autoscaling Networking Security & RBAC Monitoring & Logging Cluster Upgrades Best Practices

Architecture Overview

AKS consists of a control plane (managed by Azure) and one or more node pools that run your workloads. The control plane handles API requests, scheduling, and cluster state, while node pools provide the compute resources.

Nodes & Node Pools

Node pools are collections of VMs with the same configuration. You can have multiple pools with different VM sizes, OS types, or workloads. Node scales can be manual or automatic.

Pods & Deployments

Pods are the smallest deployable units. Deployments manage pod replica sets, providing declarative updates and rollback capabilities.

Services & Ingress

Services expose pods to other pods or external traffic. Ingress controllers provide HTTP(S) routing, SSL termination, and more.

Scaling & Autoscaling

Manual scaling: Adjust node count via Azure CLI or portal.
Cluster Autoscaler: Automatically adds/removes nodes based on pod demands.
Horizontal Pod Autoscaler (HPA): Scales pod replicas based on CPU/memory metrics.

Networking

AKS supports Azure CNI, Kubenet, and advanced networking with Azure Virtual network integration. Network policies can be enforced using Azure Policy or third‑party plugins.

Security & RBAC

Role‑Based Access Control (RBAC) secures the API server. Azure AD integration allows user authentication. Secrets are stored in Azure Key Vault or Kubernetes Secrets.

Monitoring & Logging

Azure Monitor for containers provides metrics, logs, and insights. Integration with Log Analytics enables queries and alerts.

Cluster Upgrades

AKS supports in‑place upgrades for the Kubernetes version. Use the Azure portal or CLI to schedule upgrades with minimal downtime.

Best Practices

Use multiple node pools for workloads with different resource needs.
Enable Azure Policy for governance.
Configure autoscaling for cost efficiency.
Store secrets securely via Azure Key Vault.
Implement network policies to limit traffic.