This presentation is about the AKS components as listed below.
- Control plane
- Different types of control planes & OS types
- Node pools
- Node
- Pod
- Resource reservation
- Node selectors
- Namespaces
- StatefulSets and DaemonSets
- Terraform deployment and Azure Portal demonstration
Youtube video for this slide: https://youtu.be/yOsrai6id9I
GitHub repo for these slides: https://github.com/ParisaMousavi/enterprise-aks
WordPress post: https://multi-cloud-solutions.com/2022/11/30/azure-kubernetes-service-aks-with-terraform-deployment/
3. Control plane
• AKS Control plane
• Kubernetes Cluster Control Plane contains the services for orchestration the cluster e.g., for api server, scheduler, etc.
• It’s a single tenant
• With a dedicated API Server
• Interaction with control plane through Kubernetes API such as kubectl
• AKS Control plane types
• Single node (the common one for dev/test)
• Multiple nodes (the common one for prod + high availability (HA))
https://learn.microsoft.com/en-us/azure/aks/concepts-clusters-workloads
4. Node pool
• AKS must have at least one node pool, which is a system node pool.
• System node pool is for the control plane or core services.
• System node pool is Linux-based.
• System node pool must have at least one node.
• For the workloads, the user node pool must be used.
• User node pool can be Windows-based or Linux-based OS.
• A user node pool contains only the nodes of the same OS & size.
• User node pool can have even zero node. (for the cost optimization purposes)
5. Kubernetes node components
https://learn.microsoft.com/en-us/azure/aks/concepts-clusters-workloads#nodes-and-node-pools
• Kubelet -> The Kubernetes agent that processes the orchestration requests from
the control plane along with scheduling and running the requested containers
• Kube-proxy -> Handles virtual networking on each node. The proxy routes network
traffic and manages IP addressing for services and pods
• Container runtime -> Allows containerized applications to run and interact with
additional resources, such as the virtual network and storage
8. Node selectors
Node selectors -> in multiple node pools we may need to specify the node pool for the Kubernetes
Scheduler e.g., ingress controllers shouldn't run on Windows Server nodes
https://learn.microsoft.com/en-us/azure/aks/concepts-clusters-workloads#node-selectors
Watch in Terraform
Demo:
look at win and ubuntu
node pool
9. Pods
• Pods typically have a 1:1 mapping with a container.
• In advanced scenarios, a pod may contain multiple containers.
• Multi-container pods are scheduled together on the same node, and allow containers to share related
resources
https://learn.microsoft.com/en-us/azure/aks/concepts-clusters-workloads#pods
Watch in Terraform
Demo
10. StatefulSets and DaemonSets
Deployment controller
• StatefulSets -> maintain the state of applications beyond an individual pod lifecycle
• DaemonSets -> ensure a running instance on each node, early in the Kubernetes bootstrap process
If using the Virtual Nodes add-on, DaemonSets will not create pods on the virtual node
https://learn.microsoft.com/en-us/azure/aks/concepts-clusters-workloads
11. Namespaces
Namespaces
• Default -> pods and deployments are created by default when none is provided. In smaller
environments, you can deploy applications directly into the default namespace without creating
additional logical separations
• kube-system -> core resources exist, such as network features like DNS and proxy, or the Kubernetes
dashboard. You typically don't deploy your own applications into this namespace
• kube-public -> Typically not used, but can be used for resources to be visible across the whole cluster,
and can be viewed by any user
https://learn.microsoft.com/en-us/azure/aks/concepts-clusters-workloads
Watch in Terraform
Demo
12. AKS / Kubernetes wording
Kubernetes manifest file defines a cluster's desired state, such as which container
images to run
internal service which is accessible only internal / inside the cluster e.g., Redis
instance
external service Which is accessible from public internet e.g., for frontend
Talk about:
Based on the scenario select an appropriate vm size, Disk type SSD / HDD, Scale out number, consider the appropriate ip space for the network
VM images can be Ubuntu Linux or windows server 2019
You can use the Azure Reservation as well
Talk about:
To maintain node performance and functionality, AKS reserves resources on each node. As a node grows larger in resources, the resource reservation grows due to a higher need for management of user-deployed pods
Talk about:
To maintain node performance and functionality, AKS reserves resources on each node. As a node grows larger in resources, the resource reservation grows due to a higher need for management of user-deployed pods
Talk about
When you create a pod, you can define resource requests to request a certain amount of CPU or memory resources
You can also specify maximum resource limits to prevent a pod from consuming too much compute resource from the underlying node
Best practice is to include resource limits for all pods to help the Kubernetes Scheduler identify necessary, permitted resources