Industry Use Cases of Azure Kubernetes Service!!!
What is Microsoft Azure Kubernetes service??
Azure Kubernetes Service is a robust and cost-effective container orchestration service that helps you to deploy and manage containerized applications in seconds where additional resources are assigned automatically without the headache of managing additional servers.
WHAT IS KUBERNETES??
Kubernetes , also known as K8s, is an open-source system for automating deployment, scaling, and management of containerized applications. It was originally designed by Google and is now maintained by the Cloud Native Computing Foundation. Kubernetes is open source giving us the freedom to take advantage of on-premises, hybrid, or public cloud infrastructure.
Uses of AZURE KUBERNETES SERVICE:-
Lift and shift to containers with AKS
Microservices with AKS
Secure DevOps for AKS
Bursting from AKS with ACI
Azure IOT reference Architecture
Machine learning model training with AKS
Data Streaming Scenario
Azure Kubernetes Best Practices
Cluster Multi-Tenancy
. Logically isolate clusters to separate teams and projects in an effort to try to minimize the number of physical AKS clusters you deploy
. Namespace allows you to isolate inside of a Kubernetes cluster
. Same best practices with hub-spoke but you do it within the Kubernetes cluster itself.
Scheduling and Resource Quotas
. Enforce resource quotas — Plan out and apply resource quotas at the namespace level
. Plan for availability
. Define pod disruption budgets
. Limit resource intensive applications — Apply taints and tolerations to constrain resource intensive applications to specific nodes.
Cluster Security
Azure AD and Kubernetes RBAC integration
. Bind your Kubernetes RBAC roles with Azure AD Users/Groups
. Grant your Azure AD users or groups access to Kubernetes resources within a namespace or across a cluster.
Real Life Example
Logicworks is a Microsoft Azure Gold Partner that helps companies migrate their applications to Azure. In the example below, one of our customers was looking to deploy and scale their public-facing web application on AKS in order to solve for the following business use case:-
. Achieve portability across on-prem and public clouds
. Accelerate containerized application development
. Unify development and operational teams on a single platform
Take advantage of native integration into the Azure ecosystem to easily achieve:-
Enterprise-Grade Security
. Azure Active Directory integration
. Track, validate, and enforce compliance across Azure estate and AKS clusters
. Hardened OS images for nodes
Operational Excellence
. Achieve high availability and fault tolerance through the use of availability zones
. Elastically provision compute capacity without needing to automate and manage underlying infrastructure.
. Gain insight into and visibility into your AKS environment through automatically configured control plane telemetry, log aggregation, and container health.
The customer’s architecture includes a lot of the common best practices to ensure we can meet the customers business and operational requirements:
Cluster Multi-Tenancy
SDLC environments are split across two clusters isolating Production from lower level SDLC environments such as dev/stage. The use of namespaces provides the same operation benefits while saving cost and operational complexity by not deploying an AKS cluster per SDLC environment.
Scheduling and Resource Quotas
Since multiple SDLC environments and other applications share the same cluster, it’s imperative that scheduling and resource quotas are established to ensure applications and the services they depend on get the resources required for operation. When combined with cluster autoscaler we can ensure that our applications get the resources they need and that compute infrastructure is scaled in when they need it.
Azure AD integration
Leverages Azure AD to authenticate/authorize users to access and initiate CRUD (create, update, and delete) operations against AKS clusters. AAD integration makes it convenient and easy to unify layers of authentication (Azure and Kubernetes) and provide the right personnel with the level of access they require to meet their responsibilities while adhering to principle of least privilege.
Pod Identities
Instead of hardcoding static credentials within our containers, Pod Identity is deployed into the default namespace and dynamically assigns Managed Identities to the appropriate pods determined by label. This provides our example application the ability to write to Cosmos DB and our CI/CD pipelines the ability to deploy containers to production and stage clusters.
Ingress Controller
Ingress controllers bring traffic into the AKS cluster by creating ingress rules and routes, providing application services with reverse proxying, traffic routing/load balancing, and TLS termination. This allows us to evenly distribute traffic across our application services to ensure scalability and meet reliability requirements.
Monitoring
Naturally, monitoring the day-to-day performance and operations of our AKS clusters is key to maintaining uptime and proactively solving potential issues. Using AKS’ toggle-based implementation, application services hosted on the AKS cluster can easily be monitored and debugged using Azure Monitor.
Microsoft named a leader in Gartner’s Magic Quadrant for Enterprise Integration Platform as a Service:-
Microsoft has now remained an EiPaaS MQ leader for the past three years.
According to Gartner, “Enterprise iPaaS providers continue to broaden their go-to-market strategies to cover an increasing range of enterprise integration scenarios.” Our vision is to help customers enable integration in all areas of their operations, from traditional central IT to business-led activities. Azure Integration Services (AIS), comprising of API Management, Logic Apps, Service Bus, and Event Grid, helps customers connect applications and data seamlessly to the cloud for services such as machine learning, cognitive services, and analytics, enabling increased enterprise-wide visibility and agility.
Companies Currently Using Azure Kubernetes Service (AKS) Some companies among the AKS user:-
Starbucks
United Wholesale Mortage
Carmax
Fiserv
Wind River
Humana
Conclusion
We’ve gone over the high-level features of Azure Kubernetes Service and what it does. We also covered a step-by-step process for creating a new Kubernetes cluster in AKS using Azure portal, and what the options for each step mean. Finally, we quickly went over the commands needed to set up kubectl to work with your new AKS cluster so you can start deploying test workloads to it.
Overall, I find the process of creating a basic AKS cluster fairly straightforward, and the UI covered more options than some of the competing managed Kubernetes solutions.
