Azure Kubernetes Service (AKS) - Plan your design and operations
Article
Kubernetes is an open-source system for automating deployment, scaling, and management of containerized applications. Azure Kubernetes Service (AKS) is the recommended way to deploy a managed Kubernetes cluster in Azure.
Organizations are at various points in their understanding, rationalizing, and adoption of Kubernetes on Azure. Your organization's journey will likely follow a similar path to many other technologies you've adopted; learning, aligning your organization around roles & responsibilities, and deploying production-ready workloads. From there, you'll iterate; growing your product as your customer and business demands change.
Introduction to Azure Kubernetes Service (AKS)
If you're new to Kubernetes or AKS, the best place to learn about the service is Microsoft Learn. This free online platform provides interactive training for Microsoft products and more. The Introduction to Kubernetes on Azure learning path will provide you with foundational knowledge that will take you through core concepts of containers, AKS cluster management, and workload deployment.
You understand the benefits and trade-offs of Kubernetes, and have decided that AKS is the best Azure compute platform for your workload. Your organizational policies for this technology have been established; you're ready to learn how to deploy production-ready clusters for your workload.
Microsoft's AKS baseline cluster is the recommended starting point to help you design a production-ready AKS cluster.
We recommend you start your design from the baseline implementation and modify it to align to your workload's specific needs.
Suite of baseline implementations
We've provided a set of more baseline implementations to illustrate how you can adopt and configure components of the AKS baseline cluster for various scenarios.
Microservices
When running microservices in the baseline cluster, you'll need to configure network policies, pod autoscaling, and set up distributed tracing for observability.
If you need a regulated environment, make the baseline implementation highly secure and restrict interactions to and from of the cluster. This use case is demonstrated in a cluster that's designed to run a PCI-DSS 3.2.1 workload.
As organizations such as yours have adopted Azure, the Cloud Adoption Framework provides them prescriptive guidance as they move between the phases of the cloud adoption lifecycle. The Cloud Adoption Framework includes tools, programs, and content to simplify adoption of Kubernetes and related cloud-native practices at scale.
As part of ongoing operations, you might want to spot check your cluster against current recommended best practices. Start by aligning your cluster with Microsoft's AKS Baseline Cluster.
You might also consider evaluating a community-driven utility like The AKS Checklist as a way of organizing and tracking your alignment to these best practices.
Operations guide
Getting your workload deployed on AKS is a great milestone and this is when day-2 operations are going to be top-of-mind. Microsoft's AKS day-2 operations guide was built for your ease of reference. This will help ensure you are ready to meet the demands of your customers and ensure you are prepared for break-fix situations via optimized triage processes.
Kubernetes and AKS are both moving fast. The platform is evolving and just knowing what's on the roadmap might help you make architectural decisions and understand planned deprecations; consider bookmarking it.
The typical AKS solution journey shown ranges from learning about AKS to growing your existing clusters to meet new product and customer demands. However, you might also just be looking for additional reference and supporting material to help along the way for your specific situation.
Example solutions
If you're seeking additional references that use AKS as their foundation, here are two to consider.
Azure Kubernetes Service (AKS) offers you a managed Kubernetes experience on Azure, however there are workloads or situations that might be best suited for placing your own Kubernetes clusters under Azure Arc-enabled Kubernetes management. This includes your clusters such as RedHat OpenShift, RedHat RKE, and Canonical Charmed Kubernetes. Azure Arc management can also be used with Kubernetes Cluster API Provider Azure clusters to benefit from the Azure Resource Manager representation of the cluster and availability of cluster extensions like Azure Monitor container insights and Azure Policy. Azure Arc-enabled Kubernetes can also be used with AKS on Azure local instances and with Kubernetes clusters running on other cloud providers.
If you're a managed service provider, you already use Azure Lighthouse to manage resources for multiple customers. Azure Kubernetes Service supports Azure Lighthouse so that you can manage hosted Kubernetes environments and deploy containerized applications within your customers' tenants.