Kubernetes in Azure: Architecture and Service Options

[Azure, Azure NetApp Files, Elementary, 6 minute read]

What is Kubernetes in Azure?

Kubernetes is a fast-growing platform for managing containerized applications, storage and networking components. It allows developers and administrators to focus on application workloads, not infrastructure components. Kubernetes provides a convenient, declarative way to deploy large numbers of containers, with a powerful set of APIs for management tasks.

Kubernetes can be complex to install and maintain, especially when running in production and at enterprise scale. To reduce the complexity of key management and deployment operations, such as scalability and Kubernetes updates, you can use Azure Kubernetes Service (AKS), which offers managed Kubernetes services.

To simplify the process, Azure manages the AKS control plane, and customers pay only for the AKS nodes the application runs on. AKS is based on the Azure Kubernetes Service Engine, which was released by Microsoft as open source.

In this article, you will learn:

Azure Kubernetes: Reference Architecture

To illustrate how Kubernetes is typically implemented on Azure, Microsoft provides a reference architecture, which is a Microsoft application implemented in Azure Kubernetes Service (AKS). This reference architecture can be a starting point for most implementations.

Azure Kubernetes Service diagramSource: Azure

The reference architecture is composed of:

  • Azure Kubernetes Service (AKS)—at the center of the architecture is AKS.
  • Kubernetes cluster—a cluster running your workloads, deployed on AKS. With AKS you only manage agent nodes; AKS assumes responsibility for the Kubernetes control plane.
  • Virtual network—AKS creates a virtual network in which agent nodes can be deployed. In advanced scenarios, you can create a virtual network first, to give you more control over configuration of subnets, local connections, IP addresses, etc.
  • Ingress—the ingress provides an HTTP/HTTPS path to access cluster services. Behind it, you will typically deploy an API Gateway to manage authentication and authorization.
  • Azure Load Balancer—created when the NGINX ingress controller is implemented. Used to route incoming traffic to the ingress.
  • External data storage—microservices are usually stateless and save data to external data stores, such as relational databases like Azure SQL Database or NoSQL stores like Cosmos DB.
  • Azure Active Directory (AD)—AKS has its own Azure AD identity, used to generate and control Azure resources for Kubernetes deployments. In addition to these mechanisms, Microsoft recommends using Azure AD to establish user authentication in client applications that use the Kubernetes cluster.
  • Azure Container Registry (ACR)—used to store your organization’s Docker images and use them to deploy containers to the cluster. ACR can also leverage authentication by Azure AD. Another option is to store Docker images in a third party registry, like DockerHub.
  • Azure Pipelines—part of the Azure DevOps service, and can help you automate the build/test/deployment cycle. Alternatively, you can use a third-party CI/CD solution like Jenkins.
  • Helm—the Kubernetes package manager. You can use it to combine Kubernetes objects into a package for easier distribution and versioning.
  • Azure Monitor—collects and stores logs from Azure services that interact with your Kubernetes cluster, including AKS controllers, nodes, and containers. You can use this data to monitor applications, configure alerts and dashboards, and analyze the root causes of errors.

Related content: Improving Kubernetes Performance on Azure with Azure NetApp Files

Kubernetes on Azure: Tools and Services

Azure Kubernetes Service

The Azure Kubernetes Service (AKS) facilitates the deployment of managed Kubernetes clusters in Azure. AKS offloads critical tasks from developers and administrators, such as health monitoring and maintenance.

When running on AKS, you only need to manage agent nodes, and pay only for agent nodes. There is no charge for Kubernetes master nodes—these are configured and deployed automatically. You can configure other features, including Azure AD integration, advanced networking, and monitoring.

You can use the Azure CLI, or the Azure Portal, to create AKS clusters. Another option is to use infrastructure as code (IaC) solutions like Azure Resource Manager templates or TerraForm.

Azure Container Instances

Containers are becoming the preferred means of packaging, deploying and managing cloud applications. Azure Container Instances provide a convenient way to manage containers in Azure, without managing virtual machines. Container instances start in seconds, because they have much less overhead than Azure VMs.

You can import images of Linux or Windows containers from DockerHub, your personal Azure Container Registry, or any other Docker registry. Azure Container Instances has a cache of popular images of base operating systems, helping you deploy custom images faster.

Azure Service Fabric

Service Fabric offers a distributed platform that lets you package and deploy microservices applications composed of containers. Service Fabric addresses many of the major challenges of cloud native development.

Azure Service Fabric focuses on building stateful services. You can take advantage of the service framework programming model, or run containerized services with stateful requirements, using the language or code of your choice. You can also create Service Fabric clusters on local Linux machines, Windows Server, or other public cloud platforms.

Service Fabric is used to power many core Microsoft services, including Microsoft Power BI, Azure SQL Database, Cosmos DB, Dynamics 365, and Skype.

Azure Container Registry

Azure Container Registry (ACR) is a privately hosted Docker registry service, built on the open source Docker Registry 2.0. Create and manage Azure container registries to store and manage your organization’s private Docker images.

You can also use ACR Tasks to build containers on demand from images, automate your builds according to events like commits to your source code repository, or updates to base images.  

Azure Dev Spaces

The Azure Dev Spaces service provides a fast, iterative Kubernetes development environment for teams using AKS. Azure Dev Spaces allows you to troubleshoot and test all application components in AKS, without needing to set up development machines or setting up dependencies.

With Azure Dev Spaces you can automatically generate Docker and Kubernetes artifacts for a project, making it easy to add new and existing Kubernetes applications to a development effort.

Kubernetes in Azure with NetApp Azure NetApp Files

Azure NetApp Files is a Microsoft Azure file storage service built on NetApp technology, giving you the file capabilities in Azure even your core business applications require.

Get enterprise-grade data management and storage to Azure so you can manage your workloads and applications with ease, and move all of your file-based applications to the cloud.

Azure NetApp Files solves availability and performance challenges for enterprises that want to move mission-critical applications to the cloud, including workloads like HPC, SAP, Linux, Oracle and SQL Server workloads, Windows Virtual Desktop, and more.

In particular, Azure NetApp Files allows you to migrate more applications to Azure–even your business-critical workloads–with extreme file throughput with sub-millisecond response times.

Learn More About Kubernetes in Azure

Read more in our series of guides about Kubernetes in Azure.

Azure Kubernetes Cluster: Deploy Your First Cluster on Azure
Kubernetes clusters contain resources, including one pode or more. These pods serve specific functions or share certain data—they have unique roles. To deploy Kubernetes clusters in the Azure cloud you can use Azure Kubernetes Service (AKS). Learn how to do this in this article, which guides you through the steps and practices of deploying and securing Azure Kubernetes clusters.

Read more: Azure Kubernetes Cluster: Deploy Your First Cluster on Azure

Out-of-This-World Kubernetes Performance on Azure with Azure NetApp Files
Kubernetes can be overly complex when deploying enterprise-grade operations in production. To provide a high level of performance, ,Microsoft partnered with NetApp to introduce a new service: Azure NetApp Files (ANF). This article explains how to easily achieve ultra-low latency and high performance.

Read more: Out-of-This-World Kubernetes Performance on Azure with Azure NetApp Files

Address Persistent Storage Woes in Azure Kubernetes Service
Azure Kubernetes Service (AKS) enables you to deploy, configure, and manage Kubernetes on the Azure platform. You get a wide range of functionalities that simplify migrations of on-premise workloads to Azure, as well as control for easy management. To ensure stability for data access, you can use Azure NetApp Files (ANF) as a storage layer. Learn how to achieve persistence with this first-party service, which is powered by NetApp and managed by Microsoft.

Read more: Address Persistent Storage Woes in Azure Kubernetes Service

-