A quick introduction to AKS

A quick introduction to AKS
Alessandro Melchiori - @amelchiori
CodicePlastico

What are microservices
service - oriented architecture
composed of loosely coupled elements
that have bounded context
Adrian Cockcroft
“
”

Adrian Cockcroft
“
”
Services talk with each other over the network

Adrian Cockcroft
“
”
You can update the services
independently;
updating one service doesn’t require
changing any other service

Adrian Cockcroft
“
”Self-contained; you can update the code without knowing
anything about the internals of other microservices

Kubernetes
Greek for “Helmsman” < the person who steers a ship

K8s
Greek for “Helmsman” < the person who steers a ship

● Born in Google
● Donated to CNCF in 2014
● Open source (Apache 2.0)
● v1.0 July 2015
● Written in Go/Golang
● Code is on GitHub (where otherwise?)
K8s: some infos

Kubernetes is a cluster technology.
It means that you will see a cluster of computers
as one entity. You will not deploy an application
on a speciﬁc computer, but somewhere in the
cluster
What’s Kubernetes (k8s)

K8s 101 - Nodes
Each computer in the cluster is called a node.
Eventually, the nodes will host your applications.
The nodes can be spread throughout the world in
different data centers

K8s 101 - Pods
Pods are the smallest unit you will eventually
deploy to the cluster.
A single Pod can hold multiple containers.

K8s 101 - Deployments
Deployments are requirements you give to
Kubernetes regarding your applications (Pods)

K8s 101 - Services
Services are an abstract way to expose an
application running on a set of Pods as a
network service.

Declarative model
& Desired state

Management techniques
The kubectl command-line tool supports several different ways to create and manage
Kubernetes objects:
● Imperative commands
● Imperative object conﬁguration
● Declarative object conﬁguration

Imperative commands
The simplest way to get started or to run a one-off task in a cluster.
kubectl run nginx --image nginx

Imperative commands
PRO:
● Commands are simple, easy to learn
and easy to remember.
● Commands require only a single step
to make changes to the cluster
CONS:
● Commands do not integrate with change
review processes.
● Commands do not provide an audit trail
associated with changes.

Imperative object configuration
In imperative object configuration, the kubectl command specifies the operation
(create, replace, etc.), optional flags and at least one file name.
The file specified must contain a full definition of the object in YAML or JSON format.
kubectl create -f nginx.yaml

Imperative object configuration
PRO:
● Object configuration can be stored in
a source control system such as Git
(vs. imperative commands)
● It’s simpler and easier to understand
(vs. declarative object configuration)
CONS:
● Object configuration requires basic
understanding of the object schema
(vs. imparative commands)
● It works best on files, not directories
● Updates to live objects must be reflected
in configuration files, or they will be lost
during the next replacement

Declarative object configuration
Using declarative object configuration, a user operates on object configuration files stored
locally, however the user does not define the operations to be taken on the files.
Create, update, and delete operations are automatically detected per-object by kubectl.
kubectl apply -f configs/

Declarative object configuration
PRO:
● Changes made directly to live objects
are retained, even if they are not merged
back into the configuration files
● It has better support for operating
on directories and automatically
detecting operation types per-object
CONS:
● Declarative object configuration is harder
to debug

Kubernetes cluster architecture
A Kubernetes cluster is divided into two components:

A Kubernetes cluster is divided into two components:
Control plane nodes provide the core Kubernetes
services and orchestration of application
workloads

A Kubernetes cluster is divided into two components: Nodes run your application workloads.

Control plane
When you create an AKS cluster, a control plane
is automatically created and conﬁgured.
This control plane is provided as a managed
Azure resource abstracted from the user.
There's no cost for the control plane, only the
nodes that are part of the AKS cluster.

Nodes and node pools
To run your applications and
supporting services, you need a
Kubernetes node.
An AKS cluster has one or more nodes,
which is an Azure virtual machine (VM)
that runs the Kubernetes node
components and container runtime

Nodes resource reservation
Node resources are utilized by AKS to make the
node function as part of your cluster.
This can create a discrepancy between your
node's total resources and the resources
allocatable when used in AKS.
Don’t Forget!

Node pools
Nodes of the same conﬁguration are grouped together into
node pools.
A Kubernetes cluster contains one or more node pools
When you scale or upgrade an AKS cluster, the action is
performed against the default node pool.
You can also choose to scale or upgrade a speciﬁc node
pool.

AKS networking
To allow access to your applications, or for application components to communicate with each
other, Kubernetes provides an abstraction layer to virtual networking. Kubernetes nodes are
connected to a virtual network, and can provide inbound and outbound connectivity for pods.
The kube-proxy component runs on each node to provide these network features.
To simplify the network conﬁguration for application workloads, Kubernetes uses Services
to logically group a set of pods together and provide network connectivity.

AKS networking: Cluster IP
Creates an internal IP address for use within the AKS cluster.
Good for internal-only applications that support other workloads within the cluster.

AKS networking: NodePort
Creates a port mapping on the underlying node that allows the application to be accessed
directly with the node IP address and port.

AKS networking: Load balancer
Creates an Azure load balancer resource, conﬁgures an external IP address, and connects the
requested pods to the load balancer backend pool.

AKS networking: ingress controller
The LoadBalancer only works at layer 4 - the Service is unaware of the actual applications,
and can't make any additional routing considerations. Ingress controllers work at layer 7,
and can use more intelligent rules to distribute application traffic.

Azure Virtual Networks
In AKS, you can deploy a cluster that uses one of the following two network models:
● Kubenet networking - The network resources are typically created and conﬁgured
as the AKS cluster is deployed.
● Azure Container Networking Interface (CNI) networking - The AKS cluster is connected
to existing virtual network resources and conﬁgurations.

Storage options for AKS applications
The core concepts that provide storage
to your applications in AKS are:
● Volumes
● Persistent volumes
● Storage classes
● Persistent volume claims

AKS storage options
A volume represents a way to store, retrieve, and persist data across pods and through
the application lifecycle. Volumes that are deﬁned and created as part of the pod lifecycle
only exist until the pod is deleted.
You can manually create these data volumes to be assigned to pods directly,
or have Kubernetes automatically create them.

AKS storage options
Traditional volumes to store and retrieve data are created as Kubernetes resources backed by
Azure Storage. These data volumes can use Azure Disks or Azure Files:
- Azure Disks can be used to create a Kubernetes DataDisk resource.
Azure Disks are mounted as ReadWriteOnce, so are only available to a single pod. For
storage volumes that can be accessed by multiple pods simultaneously, use Azure Files.
- Azure Files can be used to mount an SMB 3.0 share backed by an Azure Storage account
to pods. Files let you share data across multiple nodes and pods.

Manually scale pods or nodes
kubectl scale --replicas=5 deployment/azure-vote-front
az aks scale `
--resource-group myResourceGroup `
--name myAKSCluster `
--node-count 3

Autoscale pods: HPA
Kubernetes uses the horizontal pod
autoscaler (HPA) to monitor the resource
demand and automatically scale
the number of replicas.
When you configure the horizontal pod
autoscaler, you define the minimum and
maximum number of replicas that can run.
You also define the metric to monitor and
base any scaling decisions on.

Cluster autoscaler
To respond to changing pod demands,
Kubernetes has a cluster autoscaler,
that adjusts the number of nodes based
on the requested compute resources
in the node pool.
Cluster autoscaler is typically used alongside
the horizontal pod autoscaler.

ACI integration
Virtual nodes are deployed to an additional subnet in the same virtual network as your AKS cluster.
This virtual network conﬁguration allows the traffic between ACI and AKS to be secured.

Kubernetes event-driven autoscale (KEDA)
KEDA is a single-purpose and lightweight
component that can be added into any
Kubernetes cluster.
KEDA works alongside standard Kubernetes
components like the horizontal pod autoscaler
and can extend functionality without
overwriting or duplication.

Microservice architecture
THE “GOOD”
● An application is sum of its components
● Better fault isolation
● Components can be spread across
multiple servers
THE “BAD”
● Many components, many moving parts
● Difficult to manage inter-communication
● Manual management can be difficult

ALESSANDRO MELCHIORI
Founder & Software developer @CodicePlastico
alessandro@codiceplastico.com
@amelchiori

A quick introduction to AKS

More Related Content

What's hot

Similar to A quick introduction to AKS

More from Alessandro Melchiori

Recently uploaded

A quick introduction to AKS