AzureTipsAndTricks/blog/tip294.md

6.3 KiB

type title excerpt tags share date
post Tip 294 - 5 Things you didn't know about Azure Kubernetes Service Learn about 5 Things you didn't know about Azure Kubernetes Service
Kubernetes
Containers
true 2020-11-11 02:00:00

::: tip

🔥 The FREE Azure Developer Guide eBook is available here.

💡 Learn more : Azure Kubernetes Service documentation.

📺 Watch the video : 5 Things you didn't know about Azure Kubernetes Service.

:::

5 Things you didn't know about Azure Kubernetes Service

Azure Kubernetes Service

Containers are a great way to make sure that what you develop locally works exactly the same everywhere, including in the cloud. When your application consists out of multiple containers, you'll need an orchestrator to help containers communicate with each other, deploy and update them and keep them up and running. Azure Kubernetes Service provides such a container orchestrator and takes care of the heavy lifting for you.

In this post, you'll read 5 things that you didn't know about Azure Kubernetes Service.

Prerequisites

If you want to follow along, you'll need the following:

  • An Azure subscription (If you don't have an Azure subscription, create a free account before you begin)

1. Use managed identities in Azure Kubernetes Service

Azure Kubernetes Service needs an identity to create resources like load balancers and managed disks in Azure. You can create an Identity with a Service Principal or a Managed Identity. In both cases, AKS can create the Identity automatically for you. And if you use a Managed Identity, you don't have to manage the identity, as Managed Identities rotate their credential automatically every 46 days by default, which is something that you need to do yourself when you use a Service Principal.

(Use Managed Identities during AKS creation)

2. Deployment Center for Azure Kubernetes Service

Automatic deployments make your life easier. They help create consistency between deployments, so that you can deploy more often and automatically, whenever you check in code. You can set up automatic deployments to your Azure Kubernetes Service from the Deployment Center menu. Here, you can couple a source control repository to the deployment process, and have it use a Docker file that will deploy your application in containers on AKS. This process is created in Azure DevOps Pipelines and the Deployment Center feature of AKS makes it easy for you to set this up.

(Deployment Center for Azure Kubernetes Service)

3. Azure Policy for Azure Kubernetes Service

Azure Policy allows you to create rules for services and other Azure resources and have those rules checked constantly for compliance. For Azure Kubernetes Service, you can create policies that help to get and keep the AKS cluster secure and healthy. For instance, you can create a policy for AKS that enforces HTTPS on inbound (ingress) connections. When you create this policy from the Definitions menu in Azure Policies, each AKS cluster in your subscription, or other scope that you assign it to, will be checked constantly for compliance with this policy and tells you if any cluster needs work. Setting policies like this enables you to make sure that all your Azure resources comply to the level of security, administration, performance and health that you set.

(Policies for Azure Kubernetes Service in the Azure portal)

You can monitor your Azure Kubernetes cluster with Azure Monitor for Containers. This gives you performance visibility by collecting memory and processor metrics from controllers, nodes, and containers and also monitors container logs. And within you AKS cluster, when you go to the Insights menu, you can see alerts that Azure Monitor recommends for AKS. These are very useful alerts that will let you know when something is wrong or something of interest happens.

(Recommended alerts in the Azure portal)

5. Connect Azure Container Registry to Azure Kubernetes Service

You can store container images in Azure Container Registry (ACR) and easily deploy them to Azure Kubernetes Service if your ACR is connected to your AKS. You can connect these at any time and also when you create your AKS cluster. In the Integrations tab of the creation wizard, pick an ACR or create a new one and it will be connected to your AKS so that you can easily deploy containers from ACR to AKS.

(Connect to Azure Container Registry during AKS creation)

Conclusion

Azure Kubernetes Service provides a container orchestrator for you that does the heavy lifting of managing multi-container applications. And now, you know a little bit more about it. Go and check it out!