We will learn about:
- What is Kubernetes ?
- Concepts related to AKS
- Azure Kubernetes Service tutorial
Here is a recommended YouTube video on our YouTube channel about Kubernetes which will give you a headstart:
What is Kubernetes ?
According to wikipedia, “It is an open source container orchestration system for automating computer application deployment, scaling and management”.
It is commonly called K8s. It was originally designed by Google and is now maintained by Cloud Native Computing Foundation. It works with a range of container tools and runs containers on clusters, often with images built using Docker. It was founded by Joe Beda, Brendan Burns and Craig McLuckie. It was first announced in mid-2014. K8s v1.0 was released on July 21, 2015.
Kubernetes is used because it makes the work of organizing and scheduling applications across multiple machines easier. It acts like an OS (Operating System) to the cluster. It can automatically mount a storage system. It performs automated rollouts and rollbacks. It possesses the characteristics of self healing. It supports clouds with all kinds of privacy, i.e., public, private and hybrid.
What is Azure Kubernetes Service (AKS) ?
It is a fully managed service that allows you to run Kubernetes in Azure without having to manage your own Kubernetes clusters.
These are its few basic features:
- In the case of VMs, we need to pay only for the nodes.
- It works with various Azure and OSS tools and services.
- As a hosted Kubernetes service, Azure handles critical tasks, like health monitoring and maintenance.
- Kubernetes can scale nodes using cluster autoscaler.
- AKS automatically configures all of the Kubernetes nodes that control and manage the worker nodes during the deployment process.
- Users can monitor a cluster directly or view all clusters with Azure Monitor.
User access to AKS can be given in 3 ways:
- Through AKS management portal
- Through AKS CLI
- By using templates through
Pros and Cons of Azure Kubernetes Service (AKS)
-> AKS has a very good support system for windows.
-> Configuring the virtual network and subnet is very simple.
-> Vigorous support to the command line.
-> Azure Active Directory integration for cluster authentication.
-> It being relatively new, many features are still in the testing levels.
-> The Virtual Machines do not support customization directly and there is no ability to provide a cloud init or user data script.
-> The server type cannot be changed, once it has been deployed.
-> Node updates are not automatically done.
Nodes do not recover automatically after failure.
Concepts related to AKS
The following concepts will give a headstart in understanding the Azure Kubernetes Services:
This is automatically created and configured when we create an AKS cluster. This is provided for free. We only need to pay for the Nodes attached. This exists only in the region where it is created. We can review the control plane logs through Azure Monitor logs to troubleshoot possible issues.
The usage of node resources can create a discrepancy between AKS allocated resources and total resources required. Suppose that the name of the node which we are using is node1. We can find the allocable resources for that particular node by using:
Kubectl describe node nodel
Learn more about Kubectl:
The size of the node is directly proportional to the resource reservation. This is due to a higher need for managing the user deployed pods.
The resources reserved are of two types:
-> CPU is dependent on the node type and cluster configuration.
-> Memory utilization and allocation depends on sum of two values:
- kubelet daemon:
- This is installed on Kubernetes agent nodes to manage container creation and termination.
- A node must have at least 750 Mi allocatable.
- In case it is less than this, kubelet will terminate a running pod and free up memory on the host machine.
- Regressive rate of memory reservations:
- 25% of the first 4 GB of memory
- 20% of the next 4 GB of memory (till 8 GB)
- 10% of the next 8 GB of memory (till 16 GB)
- 6% of the next 112 GB of memory (till 128 GB)
- 2% of any memory adobe 128 GB
-> Keep agent nodes healthy. Cause the nodes to report less allocatable memory and CPU if it were not part of a Kubernetes cluster.
Nodes and Node Pools
We need a Kubernetes node to run the applications and supporting services. An AKS cluster has at least one node. This runs the kubernetes node components and container runtime. It’s important to scale out the number of nodes in the AKS cluster to meet the demand.
When we create an AKS cluster or scale out the number of nodes. While payment, agent nodes are considered as regular Virtual Machines, hence, any VM size discounts are automatically applied. Instead of containerd or Docker, we can use aks-engine. This helps to configure and deploy a Kubernetes cluster that meets your current needs.
Nodes of the same configuration are grouped together into node pools. A Kubernetes cluster contains at least one node pool. Initial number of nodes and size are defined when you create an AKS cluster, which creates a default node pool. This contains the VMs that run your agent nodes.
When there are multiple node pools, we must specify the node pool to be used by the Kubernetes Scheduler. Node Selectors let you define various parameters. One is node OS, which helps control the location of the pod.
Pods are used to run an instance of your application. A particular pod represents a single instance of the application. Pods and containers usually have a 1:1 mapping with each other. When creating a pod, we can define resource requests to request a certain amount of CPU or memory resources. We can also specify maximum resource limits to prevent a pod from consuming compute resources from the underlying node. Pod is a logical resource but application workloads run on the containers. Pods are deployed and managed by Kubernetes Controllers.
Let us look into the Networking part of Azure Kubernetes Services:
- Cluster IP
- Creates an internal IP address within the cluster.
- Creates port mapping on the underlying node.
- Creates a load balancer resource, configures an external IP address and connects the requested pods to the load balancer.
- Creates specific DNS entries for easier application access.
Azure virtual networks
- Kubenet networking
- The network resources are typically created and configured as the AKS cluster is deployed.
- Azure Container Networking Interface (CNI) networking
- The AKS cluster is connected to existing virtual network resources and configurations.
Azure CNI networking
Every pod gets an IP address from the subnet and can be accessed directly. Every node has a configuration parameter for the maximum number of pods it supports. Unlike Kubenet, traffic to endpoints in the same virtual network is not NAT’d to the node’s primary IP.
Network security Groups
A network security group filters traffic for VMs like the AKS nodes. We do not need to manually configure network security group rules. The Azure platform creates or updates the appropriate rules. We can also use network policies to automatically apply traffic rules to pods.
Backend applications are only exposed to required frontend services. Database components are only accessible to the application tiers that connect to them. Network policy is an AKS feature that lets you control the traffic flow between the pods. We can allow or deny traffic based on required settings.
Learn and gain knowledge,
But do not forget to implement it,
Because learning might be fun,
But what’s the use when you don’t know how to use it.
Azure Kubernetes Service tutorial
It is very important to put into practice everything that we learn. Let us proceed with some Hands-On:
Before we Begin
- If you do not have an Azure subscription, you can create a free account.
- You can use the bash environment in the Azure Cloud Shell or if you want you can also install the Azure CLI to run the commands.
- Run az version to check the version of the CLI.
- This Hands-On requires the version 2.0.64 or above.
- To install the latest version, run az upgrade.
1. Create a resource group
KAR is the name given to the created cluster and eastus is the location. You can give your own cluster name but the location should only be set from the list of availability zones.
2. Enable Cluster Monitoring
Verify if Microsoft.OperationsManagement and Microsoft.OperationalInsights are registered on your subscription:
If not, then:
3. Create AKS Cluster
az aks create --resource-group KAR --name KARCluster --node-count 1 --enable-addons monitoring --generate ssh-keys
KARCluster is the Cluster name
Wait a minute or two and a long JSON file format will be output on the screen.
4. Connect to the Cluster
Get the list of available nodes:
Wait for the status to change to ready and only then move to the next step
5. Run the Application
Create a file by name azure-vote.yaml
I have used nano, you can also use vi or code.
Paste the following code into your file and save it:
- name: azure-vote-back
- name: ALLOW_EMPTY_PASSWORD
- containerPort: 6379
- port: 6379
- name: azure-vote-front
- containerPort: 80
- name: REDIS
- port: 80
Deploy using kubectl
6. Test the Application
Monitor the progress:
Open the external-ip in your browser to view
You can check the cluster nodes’ and pods’ health metrics captured in the Azure Portal.
7. Delete the Cluster
To stay away from azure charges, remove the unnecessary resources.
Businesses are transforming from on-premises to the cloud very quickly while building and managing modern and cloud-native applications. Kubernetes is one among the solutions that’s open-sourced and supports building and deploying cloud-native apps with complete orchestration. Azure Kubernetes Service is a robust and cost-effective container orchestration service. Azure Kubernetes Service is a powerful service for running containers in the cloud. We hope you learn Azure Kubernetes service step-by-step in this tutorial. Do let us know in the comment section below.
Preparing for Azure ?
Look into the top interview questions and be a step higher