This post covers end to end about Azure Kubernetes Service.
Kubernetes is an open-source platform for managing containerized workloads and services in this we need to manage master & worker. Azure provides managed Kubernetes service Azure Kubernetes Service in which azure manages the master nodes and end-user needs to manage the worker nodes.
Before Covering the Azure Kubernetes Service let’s understand some basics about Docker and Kubernetes.
What Is Container (Docker)?
Containers are a software package into a logical box with everything that the application needs to run. That includes the operating system, application code, runtime, system tools, system libraries, and etc. Docker containers are built off Docker images. Since images are read-only, Docker adds a read-write file system over the read-only file system of the image to create a container.
Note: Read More about the Docker Architecture
Difference Between Virtual Machine & Container (Docker)
The major difference between the VMs and Container is In VMs a hypervisor is used to virtualize physical hardware. Each VM contains a guest OS, a virtual copy of the hardware that the OS requires to run while in Containers Instead of virtualizing the underlying hardware, containers virtualize the operating system so each container contains only the application and its libraries.
Note: Also read our previous blog on Docker vs VM
Docker Architecture & Components
Docker uses a client-server architecture. The docker client talks to the Docker daemon, which used to building, running, and distributing the Docker containers. The Docker client and daemon communicate using a REST API, over UNIX sockets, or a network interface.
There are five major components in the Docker architecture:
a) Docker Daemon b) Docker Clients c) Docker Host d) Docker Registry e) Docker Image
Azure Container Instances (ACI)
Azure Container Instances (ACI) is Microsoft PaaS (Platform as service) solution that offers the fastest and simplest way to run a container in Azure, without having to manage any underlying infrastructure. For container orchestration in Azure (build, manage, and deploy multiple containers) use Azure Kubernetes Service (AKS). You can deploy Azure Container Instances using Azure Portal, Azure CLI, Powershell, or ARM Template. Same as the docker registry we can push our images to Azure Container Registry (ACR) which is a private secure registry propose by the Azure platform.
Note: To read more about the Azure container instance (ACI), click here
What Is Kubernetes?
In organizations, multiple numbers of containers running on multiple hosts at a time so it is very hard to manage all the containers together we use Kubernetes. Kubernetes is an open-source platform for managing containerized workloads and services. Kubernetes takes care of scaling and failover for your application running on the container.
Note: Read More about the Kubernetes Architecture & Components in detail
Azure Kubernetes Service (AKS)
Azure Kubernetes Service (AKS) is a managed Kubernetes service in which the master node is managed by Azure and end-users manages worker nodes. Users can use AKS to deploy, scale, and manage Docker containers and container-based applications across a cluster of container hosts. As a managed Kubernetes service AKS is free – you only pay for the worker nodes within your clusters, not for the masters. You can create an AKS cluster in the Azure portal, with the Azure CLI, or template-driven deployment options such as Resource Manager templates and Terraform.
Note: To read about the Azure Kubernetes Service (AKS), click here.
Create Azure Kubernetes Cluster
Azure Kubernetes Service (AKS) is a managed Kubernetes service that lets you quickly deploy and manage master and worker nodes in clusters.
We can Deploy Azure Kubernetes cluster In Three ways:
A) Azure Portal B) Azure CLI C) Azure power shell
Note: To learn how to Deploy an Azure Kubernetes Service (AKS), Click here
Note: We will cover how to Create Azure Kubernetes cluster in our next blog.
Service Types In K8S
To simplify the network configuration for application workloads, Kubernetes uses Services to logically group a set of pods together and provide network connectivity.
We can Deploy Azure Kubernetes cluster In Three ways:
A) Cluster IP B) NodePort C) LoadBalancer D) ExternalName
Azure Kubernetes Service Networking
In AKS, we can deploy a cluster using the following networking models:
A) kubenet (Basic Networking)
B) CNI (Advanced Networking)
Also check: All you need to know about Kubernetes RBAC
AKS kubenet (Basic Networking)
By default, Azure Kubernetes Service (AKS) clusters use kubenet, and this will create an Azure virtual network and subnet for you. Using kubenet, only the nodes receive an IP address in the virtual network subnet and pods can’t communicate directly with each other. Instead, User Defined Routing (UDR) and IP forwarding are used for connectivity between pods across nodes. In basic networking pod, IP natted inside subnet. Network address translation (NAT) is used so that the pods can reach resources on the Azure virtual network.
Check Out: What is a pod in Kubernetes. Click here
AKS CNI (Advanced Networking)
In Azure Container Networking Interface (CNI) every pod gets an IP address from the subnet and can be accessed directly via their private IP address from connected networks. These IP addresses must be unique across your network space. These IP’s must be planned in advance. Advance networking requires more planning if all IP addresses used then we need to rebuild clusters in a larger subnet as your application demands.
Note: To read more about the Networking in AKS, click here.
Azure Kubernetes Service Storage
In AKS, There are two types of storage options available:
A) Azure Disk
B) Azure Files
These stores are used to provide persistent storage to store data and images persistently. Azure disks can be used to create a Kubernetes DataDisk resource and mounted as ReadWrite, so the disks are only available to a single pod. we can’t share this with multiple pods. Azure Files are SMB based shared file system mounted across different machines. Using Azure files we can share data across multiple nodes and pods.
Note: To read more about the Storage Options On (AKS), click here.
Also Read: Our blog post on Aks Cluster. Click here
Azure Kubernetes Service Security
Azure Active Directory with AKS, We can integrate Azure Kubernetes with Azure Active Directory so the users in Azure Active Directory for user authentication. Using this user in Azure Active Directory can access the AKS cluster using an Azure AD authentication token. we can also configure Kubernetes role-based access control (RBAC) based on a user’s identity. Azure AD legacy integration can only be enabled during cluster creation.
Note: To read more about the Azure Kubernetes Service Security, click here.
Also Check: How to Create Virtual Machine in Azure. Click here
Azure Kubernetes Service With CI/CD
We can deploy AKS in CI/CD environment, using this we can continuously build and deploy applications in Azure Kubernetes Service. By deploying these using Azure Kubernetes Service (AKS), we can achieve replicable, manageable clusters of containers.
Note: We will cover Azure Kubernetes Service with CI/CD in our upcoming blog.
