Virtual Azure Community Day: Azure Kubernetes Service Basics

Nico Meisenzahl
Nico MeisenzahlCloud Solution Architect | Head of DevOps Consulting & Operations
Azure Kubernetes Service Basics Nico Meisenzahl, white duck @nmeisenzahl
Nico Meisenzahl • Senior Cloud & DevOps Consultant at white duck • Microsoft MVP, Docker Community Leader & GitLab Hero • loves Kubernetes, DevOps and Cloud © white duck GmbH 2020 Phone: +49 8031 230159 0 Email: nico.meisenzahl@whiteduck.de Twitter: @nmeisenzahl LinkedIn: https://www.linkedin.com/in/nicomeisenzahl Blog: https://meisenzahl.org
Agenda • why Kubernetes? • how Kubernetes works • container services on Azure • demo © white duck GmbH 2020
WHY KUBERNETES? © white duck GmbH 2020
Where containers can help • isolation • dependencies • scalability • immutability © white duck GmbH 2020
But … • containers itself are not production-ready • we need to manage, scale and monitor them • examples • scaling container workload across multiple nodes • service discovery and load balancing • self-healing of applications • secret, configuration and storage management © white duck GmbH 2020
What is Kubernetes? Kubernetes is an open source system for automating deployment, scaling, and management of containerized applications using a declarative approach. © white duck GmbH 2020
Declarative and self healing • Me: „I would like to run 3 instances of my app.“ • K8s: „Ok, I will run 3 instances and ensure they are always up.“ • K8s: „Oh, one instance died. Let me start another one instead.“ © white duck GmbH 2020
Kubernetes facts • greek for helmsman/captain • introduced by Google in June 2014 • hosted by Cloud Native Computing Foundation (CNCF) – Microsoft, IBM, RedHat and Docker joined the project six weeks after the first release • third container management tool build by Google – Borg – Omega • Kubernetes is the container orchestration tool © white duck GmbH 2020
HOW KUBERNETES WORKS © white duck GmbH 2020
Big picture © white duck GmbH 2020
A pod © white duck GmbH 2020
A deployment © white duck GmbH 2020
ClusterIP service © white duck GmbH 2020
NodePort service © white duck GmbH 2020
LoadBalancer service © white duck GmbH 2020
Ingress © white duck GmbH 2020
Resource manifests • are defined in YAML or JSON using a declarative approach • needs to be passed to the API server • are verified and processed by the API server © white duck GmbH 2020
Working with Kubernetes • kubectl • CLI for Windows, MacOS & Linux • get/create/delete resources • get API resources/details • attach to containers • “port-forward” functionality • extendable (Plugins) • Dashboard • Helm, Kustomize, … © white duck GmbH 2020
CONTAINER SERVICES ON AZURE © white duck GmbH 2020
Azure Container Registry (ACR) • fully managed container registry • scalable • integrated security • Azure AD • role-based access • supports container builds à no need to build them locally • supports OCI which allows to also store Helm charts • pricing based on service tier and usage (storage, build-time) • integrates with Azure DevOps © white duck GmbH 2020
Container Image scanning © white duck GmbH 2020
Geo-replication © white duck GmbH 2020
Azure Container Instances (ACI) • abstracts everything except your container • Linux, Windows & GPU workload • can be used for • event-driven applications • data processing jobs • can be integrated with AKS via virtual nodes • fast scaling • isolated compute • pay as you go pricing (CPU, memory) © white duck GmbH 2020
Azure Kubernetes Service (AKS) • fully managed Kubernetes Cluster • scalable and secure by default • runs Linux, Windows and GPU workload • end-to-end developer experience • Azure Dev Spaces, VS Code integration • pricing is based on compute (VM size of worker nodes) • free-of-charge master nodes © white duck GmbH 2020
AKS integrates with • Azure Monitor for monitoring • Azure Policies for governance • Azure Files & Azure Disks for persistent storage • Azure AD for authentication and authorization • Azure Virtual Network for advanced networking • Azure Application Gateway for application ingress security • Azure Key Vault for secret management • Azure DevOps for CI/CD • Azure Portal for easy administration • … © white duck GmbH 2020
RBAC via Azure AD © white duck GmbH 2020
Cluster Autoscaler & virtual node © white duck GmbH 2020
Private Cluster support © white duck GmbH 2020 • expose API Server via Private Link into an internal subnet • expose Services into an internal subnet using internal Load Balancer • access PaaS Services via Private Link Endpoints • Container Registry • Storage Services
Azure Monitor (Container Insights) © white duck GmbH 2020
Governance © white duck GmbH 2020
Azure Key Vault integration © white duck GmbH 2020
AAD Pod Identity © white duck GmbH 2020 Node Managed Identity Managed Service Identity
DEMO © white duck GmbH 2020
Questions? Slides: https://www.slideshare.net/nmeisenzahl Nico Meisenzahl (Senior Cloud & DevOps Consultant) Phone: +49 8031 230159 0 Email: nico.meisenzahl@whiteduck.de Twitter: @nmeisenzahl LinkedIn: https://www.linkedin.com/in/nicomeisenzahl Blog: https://meisenzahl.org © white duck GmbH 2020
Virtual Azure Community Day: Azure Kubernetes Service Basics
1 of 36

Virtual Azure Community Day: Azure Kubernetes Service Basics

Download to read offline
Technology

Containerized applications have become an essential part of our everyday life. Learn everything about Kubernetes and how you can run it in the Azure Cloud. In this talk, Nico will explain how Kubernetes work and how it can help to run Containers in production. You will learn everything about Azure Kubernetes Service, Azure Container Registry and Azure Container Instances. Get to know the basics as well as the best practices that you can implement straight away!

Nico Meisenzahl
Nico MeisenzahlCloud Solution Architect | Head of DevOps Consulting & Operations

Recommended

Global Azure Virtual: Container & Kubernetes on Azure by
Global Azure Virtual: Container & Kubernetes on AzureGlobal Azure Virtual: Container & Kubernetes on Azure
Global Azure Virtual: Container & Kubernetes on AzureNico Meisenzahl
109 views36 slides
Docker Rosenheim Meetup: Policy & Governance for Kubernetes by
Docker Rosenheim Meetup: Policy & Governance for KubernetesDocker Rosenheim Meetup: Policy & Governance for Kubernetes
Docker Rosenheim Meetup: Policy & Governance for KubernetesNico Meisenzahl
98 views25 slides
The Future of Workflow Automation Is Now - Hassle-Free ARM Template Deploymen... by
The Future of Workflow Automation Is Now - Hassle-Free ARM Template Deploymen...The Future of Workflow Automation Is Now - Hassle-Free ARM Template Deploymen...
The Future of Workflow Automation Is Now - Hassle-Free ARM Template Deploymen...Nico Meisenzahl
115 views14 slides
DevOpsCon London: How containerized Pipelines can boost your CI/CD by
DevOpsCon London: How containerized Pipelines can boost your CI/CDDevOpsCon London: How containerized Pipelines can boost your CI/CD
DevOpsCon London: How containerized Pipelines can boost your CI/CDNico Meisenzahl
221 views20 slides
DevOps Gathering - How Containerized Pipelines Can Boost Your CI/CD by
DevOps Gathering - How Containerized Pipelines Can Boost Your CI/CDDevOps Gathering - How Containerized Pipelines Can Boost Your CI/CD
DevOps Gathering - How Containerized Pipelines Can Boost Your CI/CDNico Meisenzahl
380 views16 slides
AzDevCom2021 - Bicep vs Terraform by
AzDevCom2021 - Bicep vs TerraformAzDevCom2021 - Bicep vs Terraform
AzDevCom2021 - Bicep vs TerraformPhilip Welz
252 views35 slides

More Related Content

What's hot

Cloud Native Day: Cloud-native Anwendungsentwicklung im Jahr 2021 by
Cloud Native Day: Cloud-native Anwendungsentwicklung im Jahr 2021Cloud Native Day: Cloud-native Anwendungsentwicklung im Jahr 2021
Cloud Native Day: Cloud-native Anwendungsentwicklung im Jahr 2021Nico Meisenzahl
145 views23 slides
DevOpsCon Berlin: Helm vs Operators – Do I Need to Decide? by
DevOpsCon Berlin: Helm vs Operators – Do I Need to Decide?DevOpsCon Berlin: Helm vs Operators – Do I Need to Decide?
DevOpsCon Berlin: Helm vs Operators – Do I Need to Decide?Nico Meisenzahl
113 views23 slides
Azure Zürich User Group: Azure Kubernetes Service – more than just a managed ... by
Azure Zürich User Group: Azure Kubernetes Service – more than just a managed ...Azure Zürich User Group: Azure Kubernetes Service – more than just a managed ...
Azure Zürich User Group: Azure Kubernetes Service – more than just a managed ...Nico Meisenzahl
94 views47 slides
Virtual GitLab Meetup: How Containerized Pipelines and Kubernetes Can Boost Y... by
Virtual GitLab Meetup: How Containerized Pipelines and Kubernetes Can Boost Y...Virtual GitLab Meetup: How Containerized Pipelines and Kubernetes Can Boost Y...
Virtual GitLab Meetup: How Containerized Pipelines and Kubernetes Can Boost Y...Nico Meisenzahl
206 views18 slides
All Things Cloud Native Meetup: Azure Kubernetes Service Basics by
All Things Cloud Native Meetup: Azure Kubernetes Service BasicsAll Things Cloud Native Meetup: Azure Kubernetes Service Basics
All Things Cloud Native Meetup: Azure Kubernetes Service BasicsNico Meisenzahl
91 views36 slides
Azure Meetup Hamburg: Production-Ready Terraform Deployments on Azure by
Azure Meetup Hamburg: Production-Ready Terraform Deployments on AzureAzure Meetup Hamburg: Production-Ready Terraform Deployments on Azure
Azure Meetup Hamburg: Production-Ready Terraform Deployments on AzureNico Meisenzahl
288 views33 slides

What's hot(20)

Cloud Native Day: Cloud-native Anwendungsentwicklung im Jahr 2021 by Nico Meisenzahl
Cloud Native Day: Cloud-native Anwendungsentwicklung im Jahr 2021Cloud Native Day: Cloud-native Anwendungsentwicklung im Jahr 2021
Cloud Native Day: Cloud-native Anwendungsentwicklung im Jahr 2021
Nico Meisenzahl145 views
DevOpsCon Berlin: Helm vs Operators – Do I Need to Decide? by Nico Meisenzahl
DevOpsCon Berlin: Helm vs Operators – Do I Need to Decide?DevOpsCon Berlin: Helm vs Operators – Do I Need to Decide?
DevOpsCon Berlin: Helm vs Operators – Do I Need to Decide?
Nico Meisenzahl113 views
Azure Zürich User Group: Azure Kubernetes Service – more than just a managed ... by Nico Meisenzahl
Azure Zürich User Group: Azure Kubernetes Service – more than just a managed ...Azure Zürich User Group: Azure Kubernetes Service – more than just a managed ...
Azure Zürich User Group: Azure Kubernetes Service – more than just a managed ...
Nico Meisenzahl94 views
Virtual GitLab Meetup: How Containerized Pipelines and Kubernetes Can Boost Y... by Nico Meisenzahl
Virtual GitLab Meetup: How Containerized Pipelines and Kubernetes Can Boost Y...Virtual GitLab Meetup: How Containerized Pipelines and Kubernetes Can Boost Y...
Virtual GitLab Meetup: How Containerized Pipelines and Kubernetes Can Boost Y...
Nico Meisenzahl206 views
All Things Cloud Native Meetup: Azure Kubernetes Service Basics by Nico Meisenzahl
All Things Cloud Native Meetup: Azure Kubernetes Service BasicsAll Things Cloud Native Meetup: Azure Kubernetes Service Basics
All Things Cloud Native Meetup: Azure Kubernetes Service Basics
Nico Meisenzahl91 views
Azure Meetup Hamburg: Production-Ready Terraform Deployments on Azure by Nico Meisenzahl
Azure Meetup Hamburg: Production-Ready Terraform Deployments on AzureAzure Meetup Hamburg: Production-Ready Terraform Deployments on Azure
Azure Meetup Hamburg: Production-Ready Terraform Deployments on Azure
Nico Meisenzahl288 views
Global Azure Bootcamp: Container, Docker & Kubernetes Basics by Nico Meisenzahl
Global Azure Bootcamp: Container, Docker & Kubernetes BasicsGlobal Azure Bootcamp: Container, Docker & Kubernetes Basics
Global Azure Bootcamp: Container, Docker & Kubernetes Basics
Nico Meisenzahl867 views
Event sourcing your React-Redux applications by Maurice De Beijer [MVP]
Event sourcing your React-Redux applicationsEvent sourcing your React-Redux applications
Event sourcing your React-Redux applications
Maurice De Beijer [MVP]796 views
Journey from on prem to the cloud with kubernetes by LibbySchulze
Journey from on prem to the cloud with kubernetesJourney from on prem to the cloud with kubernetes
Journey from on prem to the cloud with kubernetes
LibbySchulze115 views
Distributed Storage in the Cloud by All Things Open
Distributed Storage in the CloudDistributed Storage in the Cloud
Distributed Storage in the Cloud
All Things Open122 views
GitLab Commit: Enhance your Compliance with Policy-Based CI/CD by Nico Meisenzahl
GitLab Commit: Enhance your Compliance with Policy-Based CI/CDGitLab Commit: Enhance your Compliance with Policy-Based CI/CD
GitLab Commit: Enhance your Compliance with Policy-Based CI/CD
Nico Meisenzahl588 views
Managing add-ons across clusters by LibbySchulze
Managing add-ons across clustersManaging add-ons across clusters
Managing add-ons across clusters
LibbySchulze72 views
Publishing containerized micro services with Azure API management by Jorge Arteiro
Publishing containerized micro services with Azure API managementPublishing containerized micro services with Azure API management
Publishing containerized micro services with Azure API management
Jorge Arteiro615 views
Automate your development and operation processes! by Nico Meisenzahl
Automate your development and operation processes!Automate your development and operation processes!
Automate your development and operation processes!
Nico Meisenzahl339 views
Building Resilient Cloud Native Apps in GKE by Jerry Jalava
Building Resilient Cloud Native Apps in GKEBuilding Resilient Cloud Native Apps in GKE
Building Resilient Cloud Native Apps in GKE
Jerry Jalava517 views
Going Serverless with Kubeless In Google Container Engine (GKE) by Bitnami
Going Serverless with Kubeless In Google Container Engine (GKE)Going Serverless with Kubeless In Google Container Engine (GKE)
Going Serverless with Kubeless In Google Container Engine (GKE)
Bitnami1.1K views
Running Azure PaaS Anywhere using Kubernetes by Jorge Arteiro
Running Azure PaaS Anywhere using KubernetesRunning Azure PaaS Anywhere using Kubernetes
Running Azure PaaS Anywhere using Kubernetes
Jorge Arteiro81 views
Manage your kubernetes cluster with cluster api, azure and git ops by Jorge Arteiro
Manage your kubernetes cluster with cluster api, azure and git opsManage your kubernetes cluster with cluster api, azure and git ops
Manage your kubernetes cluster with cluster api, azure and git ops
Jorge Arteiro197 views
Building Cloud Native Applications Using Azure Kubernetes Service by Dennis Moon
Building Cloud Native Applications Using Azure Kubernetes ServiceBuilding Cloud Native Applications Using Azure Kubernetes Service
Building Cloud Native Applications Using Azure Kubernetes Service
Dennis Moon123 views
Take the Fastest Path to Node.Js Application Development with Bitnami & AWS L... by Bitnami
Take the Fastest Path to Node.Js Application Development with Bitnami & AWS L...Take the Fastest Path to Node.Js Application Development with Bitnami & AWS L...
Take the Fastest Path to Node.Js Application Development with Bitnami & AWS L...
Bitnami1.7K views

Similar to Virtual Azure Community Day: Azure Kubernetes Service Basics

Azure Service Operator - Provision Your Resources in a Cloud-Native Way by
Azure Service Operator - Provision Your Resources in a Cloud-Native WayAzure Service Operator - Provision Your Resources in a Cloud-Native Way
Azure Service Operator - Provision Your Resources in a Cloud-Native WayNico Meisenzahl
224 views12 slides
AzDevCom 2022 - YAMLize your infrastructure with the Azure Service Operator a... by
AzDevCom 2022 - YAMLize your infrastructure with the Azure Service Operator a...AzDevCom 2022 - YAMLize your infrastructure with the Azure Service Operator a...
AzDevCom 2022 - YAMLize your infrastructure with the Azure Service Operator a...Philip Welz
30 views22 slides
GitLab Remote Meetup: Enhance Your Kubernetes CI/CD Pipelines with GitLab & O... by
GitLab Remote Meetup: Enhance Your Kubernetes CI/CD Pipelines with GitLab & O...GitLab Remote Meetup: Enhance Your Kubernetes CI/CD Pipelines with GitLab & O...
GitLab Remote Meetup: Enhance Your Kubernetes CI/CD Pipelines with GitLab & O...Cloud Native Rosenheim Meetup
55 views19 slides
GitLab Remote Meetup: Enhance Your Kubernetes CI/CD Pipelines with GitLab & ... by
GitLab Remote Meetup: Enhance Your Kubernetes CI/CD Pipelines with GitLab & ...GitLab Remote Meetup: Enhance Your Kubernetes CI/CD Pipelines with GitLab & ...
GitLab Remote Meetup: Enhance Your Kubernetes CI/CD Pipelines with GitLab & ...Nico Meisenzahl
156 views19 slides
GitLab London Meetup: How Containerized Pipelines and Kubernetes Can Boost Yo... by
GitLab London Meetup: How Containerized Pipelines and Kubernetes Can Boost Yo...GitLab London Meetup: How Containerized Pipelines and Kubernetes Can Boost Yo...
GitLab London Meetup: How Containerized Pipelines and Kubernetes Can Boost Yo...Nico Meisenzahl
138 views18 slides
Effiziente CI/CD-Pipelines – mit den richtigen Tools klappt das by
Effiziente CI/CD-Pipelines – mit den richtigen Tools klappt dasEffiziente CI/CD-Pipelines – mit den richtigen Tools klappt das
Effiziente CI/CD-Pipelines – mit den richtigen Tools klappt dasNico Meisenzahl
48 views23 slides

Similar to Virtual Azure Community Day: Azure Kubernetes Service Basics(20)

Azure Service Operator - Provision Your Resources in a Cloud-Native Way by Nico Meisenzahl
Azure Service Operator - Provision Your Resources in a Cloud-Native WayAzure Service Operator - Provision Your Resources in a Cloud-Native Way
Azure Service Operator - Provision Your Resources in a Cloud-Native Way
Nico Meisenzahl224 views
AzDevCom 2022 - YAMLize your infrastructure with the Azure Service Operator a... by Philip Welz
AzDevCom 2022 - YAMLize your infrastructure with the Azure Service Operator a...AzDevCom 2022 - YAMLize your infrastructure with the Azure Service Operator a...
AzDevCom 2022 - YAMLize your infrastructure with the Azure Service Operator a...
Philip Welz30 views
GitLab Remote Meetup: Enhance Your Kubernetes CI/CD Pipelines with GitLab & O... by Cloud Native Rosenheim Meetup
GitLab Remote Meetup: Enhance Your Kubernetes CI/CD Pipelines with GitLab & O...GitLab Remote Meetup: Enhance Your Kubernetes CI/CD Pipelines with GitLab & O...
GitLab Remote Meetup: Enhance Your Kubernetes CI/CD Pipelines with GitLab & O...
Cloud Native Rosenheim Meetup55 views
GitLab Remote Meetup: Enhance Your Kubernetes CI/CD Pipelines with GitLab & ... by Nico Meisenzahl
GitLab Remote Meetup: Enhance Your Kubernetes CI/CD Pipelines with GitLab & ...GitLab Remote Meetup: Enhance Your Kubernetes CI/CD Pipelines with GitLab & ...
GitLab Remote Meetup: Enhance Your Kubernetes CI/CD Pipelines with GitLab & ...
Nico Meisenzahl156 views
GitLab London Meetup: How Containerized Pipelines and Kubernetes Can Boost Yo... by Nico Meisenzahl
GitLab London Meetup: How Containerized Pipelines and Kubernetes Can Boost Yo...GitLab London Meetup: How Containerized Pipelines and Kubernetes Can Boost Yo...
GitLab London Meetup: How Containerized Pipelines and Kubernetes Can Boost Yo...
Nico Meisenzahl138 views
Effiziente CI/CD-Pipelines – mit den richtigen Tools klappt das by Nico Meisenzahl
Effiziente CI/CD-Pipelines – mit den richtigen Tools klappt dasEffiziente CI/CD-Pipelines – mit den richtigen Tools klappt das
Effiziente CI/CD-Pipelines – mit den richtigen Tools klappt das
Nico Meisenzahl48 views
Festive Tech Calendar: Festive time with AKS networking by Nico Meisenzahl
Festive Tech Calendar: Festive time with AKS networkingFestive Tech Calendar: Festive time with AKS networking
Festive Tech Calendar: Festive time with AKS networking
Nico Meisenzahl23 views
How to Prevent Your Kubernetes Cluster From Being Hacked by Nico Meisenzahl
How to Prevent Your Kubernetes Cluster From Being HackedHow to Prevent Your Kubernetes Cluster From Being Hacked
How to Prevent Your Kubernetes Cluster From Being Hacked
Nico Meisenzahl54 views
Microsoft Partners - Application Autoscaling Made Easy With Kubernetes Event-... by Tom Kerkhove
Microsoft Partners - Application Autoscaling Made Easy With Kubernetes Event-...Microsoft Partners - Application Autoscaling Made Easy With Kubernetes Event-...
Microsoft Partners - Application Autoscaling Made Easy With Kubernetes Event-...
Tom Kerkhove97 views
KCD Munich 2022: How to Prevent Your Kubernetes Cluster From Being Hacked by Nico Meisenzahl
KCD Munich 2022: How to Prevent Your Kubernetes Cluster From Being HackedKCD Munich 2022: How to Prevent Your Kubernetes Cluster From Being Hacked
KCD Munich 2022: How to Prevent Your Kubernetes Cluster From Being Hacked
Nico Meisenzahl53 views
NDC London 2021 - Application Autoscaling Made Easy With Kubernetes Event-Dri... by Tom Kerkhove
NDC London 2021 - Application Autoscaling Made Easy With Kubernetes Event-Dri...NDC London 2021 - Application Autoscaling Made Easy With Kubernetes Event-Dri...
NDC London 2021 - Application Autoscaling Made Easy With Kubernetes Event-Dri...
Tom Kerkhove86 views
Open service broker API with Azure Kubernetes Services by Jorge Arteiro
Open service broker API with Azure Kubernetes ServicesOpen service broker API with Azure Kubernetes Services
Open service broker API with Azure Kubernetes Services
Jorge Arteiro380 views
Deep dive into Kubernetes on Azure by Jorge Arteiro
Deep dive into Kubernetes on AzureDeep dive into Kubernetes on Azure
Deep dive into Kubernetes on Azure
Jorge Arteiro431 views
Google Cloud Fundamentals by CloudZone by Idan Tohami
Google Cloud Fundamentals by CloudZoneGoogle Cloud Fundamentals by CloudZone
Google Cloud Fundamentals by CloudZone
Idan Tohami2.3K views
Why kubernetes by Jorge Arteiro
Why kubernetesWhy kubernetes
Why kubernetes
Jorge Arteiro227 views
Develop Azure compute solutions Part - 2 by AzureEzy1
Develop Azure compute solutions Part - 2Develop Azure compute solutions Part - 2
Develop Azure compute solutions Part - 2
AzureEzy1296 views
AKS Azure Kubernetes Services Workshop Jorge Arteiro by Jorge Arteiro
AKS Azure Kubernetes Services Workshop Jorge ArteiroAKS Azure Kubernetes Services Workshop Jorge Arteiro
AKS Azure Kubernetes Services Workshop Jorge Arteiro
Jorge Arteiro92 views
Achieving DevSecOps Outcomes with Tanzu Advanced - Spanish by VMware Tanzu
Achieving DevSecOps Outcomes with Tanzu Advanced - SpanishAchieving DevSecOps Outcomes with Tanzu Advanced - Spanish
Achieving DevSecOps Outcomes with Tanzu Advanced - Spanish
VMware Tanzu170 views
Technical Capabilities of the kitsune framework by Ronak Samantray
Technical Capabilities of the kitsune frameworkTechnical Capabilities of the kitsune framework
Technical Capabilities of the kitsune framework
Ronak Samantray647 views
Making sense of containers, docker and Kubernetes on Azure. by Nills Franssens
Making sense of containers, docker and Kubernetes on Azure.Making sense of containers, docker and Kubernetes on Azure.
Making sense of containers, docker and Kubernetes on Azure.
Nills Franssens527 views

More from Nico Meisenzahl

Cloud-Native & Sustainability: How and Why to Build Sustainable Workloads by
Cloud-Native & Sustainability: How and Why to Build Sustainable WorkloadsCloud-Native & Sustainability: How and Why to Build Sustainable Workloads
Cloud-Native & Sustainability: How and Why to Build Sustainable WorkloadsNico Meisenzahl
51 views50 slides
Container Day Security: How to Prevent Your Kubernetes Cluster From Being Hacked by
Container Day Security: How to Prevent Your Kubernetes Cluster From Being HackedContainer Day Security: How to Prevent Your Kubernetes Cluster From Being Hacked
Container Day Security: How to Prevent Your Kubernetes Cluster From Being HackedNico Meisenzahl
30 views14 slides
ContainerConf 2022: Hijack Kubernetes by
ContainerConf 2022: Hijack KubernetesContainerConf 2022: Hijack Kubernetes
ContainerConf 2022: Hijack KubernetesNico Meisenzahl
59 views24 slides
ContainerConf 2022: Kubernetes is awesome - but... by
ContainerConf 2022: Kubernetes is awesome - but...ContainerConf 2022: Kubernetes is awesome - but...
ContainerConf 2022: Kubernetes is awesome - but...Nico Meisenzahl
195 views29 slides
KCD Munich 2022: Hijack a Kubernetes Cluster - a Walkthrough by
KCD Munich 2022: Hijack a Kubernetes Cluster - a WalkthroughKCD Munich 2022: Hijack a Kubernetes Cluster - a Walkthrough
KCD Munich 2022: Hijack a Kubernetes Cluster - a WalkthroughNico Meisenzahl
15 views15 slides
Cloud Love Conference: Kubernetes is awesome, but... by
Cloud Love Conference: Kubernetes is awesome, but...Cloud Love Conference: Kubernetes is awesome, but...
Cloud Love Conference: Kubernetes is awesome, but...Nico Meisenzahl
11 views29 slides

More from Nico Meisenzahl(18)

Cloud-Native & Sustainability: How and Why to Build Sustainable Workloads by Nico Meisenzahl
Cloud-Native & Sustainability: How and Why to Build Sustainable WorkloadsCloud-Native & Sustainability: How and Why to Build Sustainable Workloads
Cloud-Native & Sustainability: How and Why to Build Sustainable Workloads
Nico Meisenzahl51 views
Container Day Security: How to Prevent Your Kubernetes Cluster From Being Hacked by Nico Meisenzahl
Container Day Security: How to Prevent Your Kubernetes Cluster From Being HackedContainer Day Security: How to Prevent Your Kubernetes Cluster From Being Hacked
Container Day Security: How to Prevent Your Kubernetes Cluster From Being Hacked
Nico Meisenzahl30 views
ContainerConf 2022: Hijack Kubernetes by Nico Meisenzahl
ContainerConf 2022: Hijack KubernetesContainerConf 2022: Hijack Kubernetes
ContainerConf 2022: Hijack Kubernetes
Nico Meisenzahl59 views
ContainerConf 2022: Kubernetes is awesome - but... by Nico Meisenzahl
ContainerConf 2022: Kubernetes is awesome - but...ContainerConf 2022: Kubernetes is awesome - but...
ContainerConf 2022: Kubernetes is awesome - but...
Nico Meisenzahl195 views
KCD Munich 2022: Hijack a Kubernetes Cluster - a Walkthrough by Nico Meisenzahl
KCD Munich 2022: Hijack a Kubernetes Cluster - a WalkthroughKCD Munich 2022: Hijack a Kubernetes Cluster - a Walkthrough
KCD Munich 2022: Hijack a Kubernetes Cluster - a Walkthrough
Nico Meisenzahl15 views
Cloud Love Conference: Kubernetes is awesome, but... by Nico Meisenzahl
Cloud Love Conference: Kubernetes is awesome, but...Cloud Love Conference: Kubernetes is awesome, but...
Cloud Love Conference: Kubernetes is awesome, but...
Nico Meisenzahl11 views
Container Days: Hijack a Kubernetes Cluster - a Walkthrough by Nico Meisenzahl
Container Days: Hijack a Kubernetes Cluster - a WalkthroughContainer Days: Hijack a Kubernetes Cluster - a Walkthrough
Container Days: Hijack a Kubernetes Cluster - a Walkthrough
Nico Meisenzahl16 views
Hijack a Kubernetes Cluster - a Walkthrough by Nico Meisenzahl
Hijack a Kubernetes Cluster - a WalkthroughHijack a Kubernetes Cluster - a Walkthrough
Hijack a Kubernetes Cluster - a Walkthrough
Nico Meisenzahl70 views
Hijack a Kubernetes Cluster - a Walkthrough by Nico Meisenzahl
Hijack a Kubernetes Cluster - a WalkthroughHijack a Kubernetes Cluster - a Walkthrough
Hijack a Kubernetes Cluster - a Walkthrough
Nico Meisenzahl126 views
azdevcom - Hijack a Kubernetes Cluster by Nico Meisenzahl
azdevcom - Hijack a Kubernetes Clusterazdevcom - Hijack a Kubernetes Cluster
azdevcom - Hijack a Kubernetes Cluster
Nico Meisenzahl138 views
Continuous Lifecycle: Enhance Your Compliance and Governance With Policy-Base... by Nico Meisenzahl
Continuous Lifecycle: Enhance Your Compliance and Governance With Policy-Base...Continuous Lifecycle: Enhance Your Compliance and Governance With Policy-Base...
Continuous Lifecycle: Enhance Your Compliance and Governance With Policy-Base...
Nico Meisenzahl164 views
Continuous Lifecycle: Hijack Kubernetes by Nico Meisenzahl
Continuous Lifecycle: Hijack KubernetesContinuous Lifecycle: Hijack Kubernetes
Continuous Lifecycle: Hijack Kubernetes
Nico Meisenzahl53 views
Hijack a Kubernetes Cluster - a Walkthrough by Nico Meisenzahl
Hijack a Kubernetes Cluster - a WalkthroughHijack a Kubernetes Cluster - a Walkthrough
Hijack a Kubernetes Cluster - a Walkthrough
Nico Meisenzahl102 views
Microsoft DevOps Forum 2021 – DevOps & Security by Nico Meisenzahl
Microsoft DevOps Forum 2021 – DevOps & Security Microsoft DevOps Forum 2021 – DevOps & Security
Microsoft DevOps Forum 2021 – DevOps & Security
Nico Meisenzahl248 views
GitLab Commit DevOps: How GitLab Can Save your Kubernetes environment from Be... by Nico Meisenzahl
GitLab Commit DevOps: How GitLab Can Save your Kubernetes environment from Be...GitLab Commit DevOps: How GitLab Can Save your Kubernetes environment from Be...
GitLab Commit DevOps: How GitLab Can Save your Kubernetes environment from Be...
Nico Meisenzahl87 views
GitHub Actions 101 by Nico Meisenzahl
GitHub Actions 101GitHub Actions 101
GitHub Actions 101
Nico Meisenzahl112 views
Azure Saturday Hamburg: Containerize Your .NET Microservice - the Right Way! by Nico Meisenzahl
Azure Saturday Hamburg: Containerize Your .NET Microservice - the Right Way!Azure Saturday Hamburg: Containerize Your .NET Microservice - the Right Way!
Azure Saturday Hamburg: Containerize Your .NET Microservice - the Right Way!
Nico Meisenzahl249 views
Die Evolution von Container Image Builds by Nico Meisenzahl
Die Evolution von Container Image BuildsDie Evolution von Container Image Builds
Die Evolution von Container Image Builds
Nico Meisenzahl223 views

Recently uploaded

Confidence in CloudStack - Aron Wagner, Nathan Gleason - Americ by
Confidence in CloudStack - Aron Wagner, Nathan Gleason - AmericConfidence in CloudStack - Aron Wagner, Nathan Gleason - Americ
Confidence in CloudStack - Aron Wagner, Nathan Gleason - AmericShapeBlue
41 views9 slides
Setting Up Your First CloudStack Environment with Beginners Challenges - MD R... by
Setting Up Your First CloudStack Environment with Beginners Challenges - MD R...Setting Up Your First CloudStack Environment with Beginners Challenges - MD R...
Setting Up Your First CloudStack Environment with Beginners Challenges - MD R...ShapeBlue
54 views15 slides
Import Export Virtual Machine for KVM Hypervisor - Ayush Pandey - University ... by
Import Export Virtual Machine for KVM Hypervisor - Ayush Pandey - University ...Import Export Virtual Machine for KVM Hypervisor - Ayush Pandey - University ...
Import Export Virtual Machine for KVM Hypervisor - Ayush Pandey - University ...ShapeBlue
34 views17 slides
Backup and Disaster Recovery with CloudStack and StorPool - Workshop - Venko ... by
Backup and Disaster Recovery with CloudStack and StorPool - Workshop - Venko ...Backup and Disaster Recovery with CloudStack and StorPool - Workshop - Venko ...
Backup and Disaster Recovery with CloudStack and StorPool - Workshop - Venko ...ShapeBlue
77 views12 slides
TrustArc Webinar - Managing Online Tracking Technology Vendors_ A Checklist f... by
TrustArc Webinar - Managing Online Tracking Technology Vendors_ A Checklist f...TrustArc Webinar - Managing Online Tracking Technology Vendors_ A Checklist f...
TrustArc Webinar - Managing Online Tracking Technology Vendors_ A Checklist f...TrustArc
77 views29 slides
Live Demo Showcase: Unveiling Dell PowerFlex’s IaaS Capabilities with Apache ... by
Live Demo Showcase: Unveiling Dell PowerFlex’s IaaS Capabilities with Apache ...Live Demo Showcase: Unveiling Dell PowerFlex’s IaaS Capabilities with Apache ...
Live Demo Showcase: Unveiling Dell PowerFlex’s IaaS Capabilities with Apache ...ShapeBlue
35 views10 slides

Recently uploaded(20)

Confidence in CloudStack - Aron Wagner, Nathan Gleason - Americ by ShapeBlue
Confidence in CloudStack - Aron Wagner, Nathan Gleason - AmericConfidence in CloudStack - Aron Wagner, Nathan Gleason - Americ
Confidence in CloudStack - Aron Wagner, Nathan Gleason - Americ
ShapeBlue41 views
Setting Up Your First CloudStack Environment with Beginners Challenges - MD R... by ShapeBlue
Setting Up Your First CloudStack Environment with Beginners Challenges - MD R...Setting Up Your First CloudStack Environment with Beginners Challenges - MD R...
Setting Up Your First CloudStack Environment with Beginners Challenges - MD R...
ShapeBlue54 views
Import Export Virtual Machine for KVM Hypervisor - Ayush Pandey - University ... by ShapeBlue
Import Export Virtual Machine for KVM Hypervisor - Ayush Pandey - University ...Import Export Virtual Machine for KVM Hypervisor - Ayush Pandey - University ...
Import Export Virtual Machine for KVM Hypervisor - Ayush Pandey - University ...
ShapeBlue34 views
Backup and Disaster Recovery with CloudStack and StorPool - Workshop - Venko ... by ShapeBlue
Backup and Disaster Recovery with CloudStack and StorPool - Workshop - Venko ...Backup and Disaster Recovery with CloudStack and StorPool - Workshop - Venko ...
Backup and Disaster Recovery with CloudStack and StorPool - Workshop - Venko ...
ShapeBlue77 views
TrustArc Webinar - Managing Online Tracking Technology Vendors_ A Checklist f... by TrustArc
TrustArc Webinar - Managing Online Tracking Technology Vendors_ A Checklist f...TrustArc Webinar - Managing Online Tracking Technology Vendors_ A Checklist f...
TrustArc Webinar - Managing Online Tracking Technology Vendors_ A Checklist f...
TrustArc77 views
Live Demo Showcase: Unveiling Dell PowerFlex’s IaaS Capabilities with Apache ... by ShapeBlue
Live Demo Showcase: Unveiling Dell PowerFlex’s IaaS Capabilities with Apache ...Live Demo Showcase: Unveiling Dell PowerFlex’s IaaS Capabilities with Apache ...
Live Demo Showcase: Unveiling Dell PowerFlex’s IaaS Capabilities with Apache ...
ShapeBlue35 views
Business Analyst Series 2023 - Week 4 Session 7 by DianaGray10
Business Analyst Series 2023 - Week 4 Session 7Business Analyst Series 2023 - Week 4 Session 7
Business Analyst Series 2023 - Week 4 Session 7
DianaGray1080 views
Backroll, News and Demo - Pierre Charton, Matthias Dhellin, Ousmane Diarra - ... by ShapeBlue
Backroll, News and Demo - Pierre Charton, Matthias Dhellin, Ousmane Diarra - ...Backroll, News and Demo - Pierre Charton, Matthias Dhellin, Ousmane Diarra - ...
Backroll, News and Demo - Pierre Charton, Matthias Dhellin, Ousmane Diarra - ...
ShapeBlue83 views
How to Re-use Old Hardware with CloudStack. Saving Money and the Environment ... by ShapeBlue
How to Re-use Old Hardware with CloudStack. Saving Money and the Environment ...How to Re-use Old Hardware with CloudStack. Saving Money and the Environment ...
How to Re-use Old Hardware with CloudStack. Saving Money and the Environment ...
ShapeBlue65 views
Extending KVM Host HA for Non-NFS Storage - Alex Ivanov - StorPool by ShapeBlue
Extending KVM Host HA for Non-NFS Storage - Alex Ivanov - StorPoolExtending KVM Host HA for Non-NFS Storage - Alex Ivanov - StorPool
Extending KVM Host HA for Non-NFS Storage - Alex Ivanov - StorPool
ShapeBlue40 views
CloudStack Managed User Data and Demo - Harikrishna Patnala - ShapeBlue by ShapeBlue
CloudStack Managed User Data and Demo - Harikrishna Patnala - ShapeBlueCloudStack Managed User Data and Demo - Harikrishna Patnala - ShapeBlue
CloudStack Managed User Data and Demo - Harikrishna Patnala - ShapeBlue
ShapeBlue46 views
NTGapps NTG LowCode Platform by Mustafa Kuğu
NTGapps NTG LowCode Platform NTGapps NTG LowCode Platform
NTGapps NTG LowCode Platform
Mustafa Kuğu141 views
Automating a World-Class Technology Conference; Behind the Scenes of CiscoLive by Network Automation Forum
Automating a World-Class Technology Conference; Behind the Scenes of CiscoLiveAutomating a World-Class Technology Conference; Behind the Scenes of CiscoLive
Automating a World-Class Technology Conference; Behind the Scenes of CiscoLive
Network Automation Forum46 views
KVM Security Groups Under the Hood - Wido den Hollander - Your.Online by ShapeBlue
KVM Security Groups Under the Hood - Wido den Hollander - Your.OnlineKVM Security Groups Under the Hood - Wido den Hollander - Your.Online
KVM Security Groups Under the Hood - Wido den Hollander - Your.Online
ShapeBlue102 views
Developments to CloudStack’s SDN ecosystem: Integration with VMWare NSX 4 - P... by ShapeBlue
Developments to CloudStack’s SDN ecosystem: Integration with VMWare NSX 4 - P...Developments to CloudStack’s SDN ecosystem: Integration with VMWare NSX 4 - P...
Developments to CloudStack’s SDN ecosystem: Integration with VMWare NSX 4 - P...
ShapeBlue82 views
Network Source of Truth and Infrastructure as Code revisited by Network Automation Forum
Network Source of Truth and Infrastructure as Code revisitedNetwork Source of Truth and Infrastructure as Code revisited
Network Source of Truth and Infrastructure as Code revisited
Network Automation Forum42 views
State of the Union - Rohit Yadav - Apache CloudStack by ShapeBlue
State of the Union - Rohit Yadav - Apache CloudStackState of the Union - Rohit Yadav - Apache CloudStack
State of the Union - Rohit Yadav - Apache CloudStack
ShapeBlue145 views
CloudStack Object Storage - An Introduction - Vladimir Petrov - ShapeBlue by ShapeBlue
CloudStack Object Storage - An Introduction - Vladimir Petrov - ShapeBlueCloudStack Object Storage - An Introduction - Vladimir Petrov - ShapeBlue
CloudStack Object Storage - An Introduction - Vladimir Petrov - ShapeBlue
ShapeBlue46 views
Transitioning from VMware vCloud to Apache CloudStack: A Path to Profitabilit... by ShapeBlue
Transitioning from VMware vCloud to Apache CloudStack: A Path to Profitabilit...Transitioning from VMware vCloud to Apache CloudStack: A Path to Profitabilit...
Transitioning from VMware vCloud to Apache CloudStack: A Path to Profitabilit...
ShapeBlue57 views
The Power of Heat Decarbonisation Plans in the Built Environment by IES VE
The Power of Heat Decarbonisation Plans in the Built EnvironmentThe Power of Heat Decarbonisation Plans in the Built Environment
The Power of Heat Decarbonisation Plans in the Built Environment
IES VE57 views

Virtual Azure Community Day: Azure Kubernetes Service Basics

  • 1. Azure Kubernetes Service Basics Nico Meisenzahl, white duck @nmeisenzahl
  • 2. Nico Meisenzahl • Senior Cloud & DevOps Consultant at white duck • Microsoft MVP, Docker Community Leader & GitLab Hero • loves Kubernetes, DevOps and Cloud © white duck GmbH 2020 Phone: +49 8031 230159 0 Email: nico.meisenzahl@whiteduck.de Twitter: @nmeisenzahl LinkedIn: https://www.linkedin.com/in/nicomeisenzahl Blog: https://meisenzahl.org
  • 3. Agenda • why Kubernetes? • how Kubernetes works • container services on Azure • demo © white duck GmbH 2020
  • 4. WHY KUBERNETES? © white duck GmbH 2020
  • 5. Where containers can help • isolation • dependencies • scalability • immutability © white duck GmbH 2020
  • 6. But … • containers itself are not production-ready • we need to manage, scale and monitor them • examples • scaling container workload across multiple nodes • service discovery and load balancing • self-healing of applications • secret, configuration and storage management © white duck GmbH 2020
  • 7. What is Kubernetes? Kubernetes is an open source system for automating deployment, scaling, and management of containerized applications using a declarative approach. © white duck GmbH 2020
  • 8. Declarative and self healing • Me: „I would like to run 3 instances of my app.“ • K8s: „Ok, I will run 3 instances and ensure they are always up.“ • K8s: „Oh, one instance died. Let me start another one instead.“ © white duck GmbH 2020
  • 9. Kubernetes facts • greek for helmsman/captain • introduced by Google in June 2014 • hosted by Cloud Native Computing Foundation (CNCF) – Microsoft, IBM, RedHat and Docker joined the project six weeks after the first release • third container management tool build by Google – Borg – Omega • Kubernetes is the container orchestration tool © white duck GmbH 2020
  • 10. HOW KUBERNETES WORKS © white duck GmbH 2020
  • 11. Big picture © white duck GmbH 2020
  • 12. A pod © white duck GmbH 2020
  • 13. A deployment © white duck GmbH 2020
  • 14. ClusterIP service © white duck GmbH 2020
  • 15. NodePort service © white duck GmbH 2020
  • 18. Resource manifests • are defined in YAML or JSON using a declarative approach • needs to be passed to the API server • are verified and processed by the API server © white duck GmbH 2020
  • 19. Working with Kubernetes • kubectl • CLI for Windows, MacOS & Linux • get/create/delete resources • get API resources/details • attach to containers • “port-forward” functionality • extendable (Plugins) • Dashboard • Helm, Kustomize, … © white duck GmbH 2020
  • 20. CONTAINER SERVICES ON AZURE © white duck GmbH 2020
  • 21. Azure Container Registry (ACR) • fully managed container registry • scalable • integrated security • Azure AD • role-based access • supports container builds à no need to build them locally • supports OCI which allows to also store Helm charts • pricing based on service tier and usage (storage, build-time) • integrates with Azure DevOps © white duck GmbH 2020
  • 22. Container Image scanning © white duck GmbH 2020
  • 24. Azure Container Instances (ACI) • abstracts everything except your container • Linux, Windows & GPU workload • can be used for • event-driven applications • data processing jobs • can be integrated with AKS via virtual nodes • fast scaling • isolated compute • pay as you go pricing (CPU, memory) © white duck GmbH 2020
  • 25. Azure Kubernetes Service (AKS) • fully managed Kubernetes Cluster • scalable and secure by default • runs Linux, Windows and GPU workload • end-to-end developer experience • Azure Dev Spaces, VS Code integration • pricing is based on compute (VM size of worker nodes) • free-of-charge master nodes © white duck GmbH 2020
  • 26. AKS integrates with • Azure Monitor for monitoring • Azure Policies for governance • Azure Files & Azure Disks for persistent storage • Azure AD for authentication and authorization • Azure Virtual Network for advanced networking • Azure Application Gateway for application ingress security • Azure Key Vault for secret management • Azure DevOps for CI/CD • Azure Portal for easy administration • … © white duck GmbH 2020
  • 27. RBAC via Azure AD © white duck GmbH 2020
  • 28. Cluster Autoscaler & virtual node © white duck GmbH 2020
  • 29. Private Cluster support © white duck GmbH 2020 • expose API Server via Private Link into an internal subnet • expose Services into an internal subnet using internal Load Balancer • access PaaS Services via Private Link Endpoints • Container Registry • Storage Services
  • 30. Azure Monitor (Container Insights) © white duck GmbH 2020
  • 32. Azure Key Vault integration © white duck GmbH 2020
  • 33. AAD Pod Identity © white duck GmbH 2020 Node Managed Identity Managed Service Identity
  • 34. DEMO © white duck GmbH 2020
  • 35. Questions? Slides: https://www.slideshare.net/nmeisenzahl Nico Meisenzahl (Senior Cloud & DevOps Consultant) Phone: +49 8031 230159 0 Email: nico.meisenzahl@whiteduck.de Twitter: @nmeisenzahl LinkedIn: https://www.linkedin.com/in/nicomeisenzahl Blog: https://meisenzahl.org © white duck GmbH 2020