49990cdecc
merged NVM folder into private cluster folder |
||
|---|---|---|
| .devcontainer | ||
| .github | ||
| .vscode | ||
| Scenarios | ||
| materials | ||
| media | ||
| .gitignore | ||
| .gitmodules | ||
| .pre-commit-config.yaml | ||
| AKS-Landing-Zone-Accelerator.sln | ||
| CODE_OF_CONDUCT.md | ||
| CONTRIBUTING.md | ||
| LICENSE | ||
| README.md | ||
| SECURITY.md | ||
README.md
AKS Landing Zone Accelerator
Azure Landing Zone Accelerators are architectural guidance, reference architecture, reference implementations, and automation packaged to deploy workload platforms on Azure at Scale and aligned with industry-proven practices.
The AKS Landing Zone Accelerator represents the strategic design path and target technical state for an Azure Kubernetes Service (AKS) deployment. This solution provides an architectural approach and reference implementation to prepare subscriptions for a scalable Azure Kubernetes Service (AKS) cluster. For architectural guidance, check out the AKS landing zone accelerator in Microsoft Learn.
Below is a picture of what a golden state looks like, and open source software like flux and traefik integrate well within the AKS ecosystem.
The AKS Landing Zone Accelerator is only concerned with what gets deployed in the landing zone subscription highlighted by the red box in the picture above. It is assumed that an appropriate platform foundation is already setup which may or may not be the official ESLZ platform foundation. This means that policies and governance should already be in place or should be setup after this implementation and are not a part of the scope this reference implementation. The policies applied to management groups in the hierarchy above the subscription will trickle down to the AKS Landing Zone Accelerator landing zone subscription. Having a platform foundation is not mandatory, it just enhances it. The modularized approach used in this program allows the user to pick and choose whatever portion is useful to them. You don't have to use all the resources provided by this program.
AKS Landing Zone Accelerator Architecture Video
A video explaining the architecture used for AKS Landing Zone is available here: https://www.youtube.com/watch?v=vwGo9tZPngU&list=PLpbcUe4chE79sB7Jg7B4z3HytqUUEwcNE
Choosing a Deployment Model
The reference implementations are spread across two repositories that all build on top of the AKS baseline reference architecture and Azure Landing Zones.
- In this repository, we have sample Bicep and Terraform scripts to get you started quickly on AKS using best practices. To Deploy our AKS Secure Baseline Scenario, Check out AKS Secure Baseline. Use this repo if you would like step by step guidance on how to deploy secure and well architected AKS clusters using our scenario based model and/or you are new to AKS or IaC. This model promotes a separation of duties, modularized IaC so you can pick and choose components you want to build with your cluster and has implementations in ARM, Terraform and Bicep. It is the best starting point for people new to Azure or AKS.
- The AKS Construction Helper, a flexible templating approach using Bicep that enables multiple scenarios using a Web based tool. It provides tangible artifacts to quickly enable AKS deployments through CLI or in your CI/CD pipeline.
▶️ AKS Secure Baseline in a Private Cluster
▶️ Running Azure ML workloads on a private AKS cluster