Azure Kubernetes Service Cheat Sheet

• An open-source tool for orchestrating and managing many container images and applications.
• Lets you deploy a managed Kubernetes cluster in Azure.

Features

• Uses clusters and pods to scale and deploy applications.
• Kubernetes can deploy more images of containers as needed.
• It supports horizontal scaling, self-healing, load balancing, and secret management.
• Automatic monitoring of application load to determine when to scale the number of containers used.

• Allows you to replicate container architectures.
• Use Kubernetes with supported Azure regions and on-premises installations using Azure Stack.
• The images used by AKS come from Azure Container Registry.
• Use Azure Advisor to optimize your Kubernetes deployments with real-time, personalized recommendations.

Components

• A control plane is a managed Azure resource. It is where the components run, including API server and cluster database (etcd).
  • kube-apiserver – allows communication for management tools (kubectl).
  • etcd – a key-value store within Kubernetes.
  • kube-scheduler – defines what nodes should run in the workload.
  • kube-controller-manager – it oversees the smaller controllers that handle node operations and replication of pods.
• Kubernetes runs an application in your instance using pods.
• A node is made up of several pods, and node pools are a group of nodes with the same configuration.
• Use a node selector to control where a pod should be placed.
• You can run at least 2 nodes in the default node pool to ensure your cluster operates reliably.
• Multi-container pods are placed on the same node and allow containers to share the related resources.
• You can specify maximum resource limits that prevent a given pod from consuming too much compute resources from the underlying node.
• A deployment determines the number of replicas (pods) to be created, but you must define a manifest file in YAML format first.
• With StatefulSets, you can maintain the application’s state within a single pod life cycle.
• The resources are logically grouped into a namespace, and a user may only interact with resources within their assigned namespaces.

Storage

• Persistent volumes are provided by Azure disk and file storage.
• Create a Kubernetes DataDisk resource using Azure Disk.
• Mount an SMB 3.0 share backed by an Azure Storage account to pods with Azure Files.
• Volumes that are defined and created as part of the pod lifecycle only exist until the pod is deleted.
• AKS has four initial storage classes:
  • default – uses Azure StandardSSD storage to create a Managed Disk.
  • managed-premium – uses Azure Premium storage to create Managed Disk.
  • azurefile – uses Azure Standard storage to create an Azure File Share.
  • azurefile-premium – uses Azure Premium storage to create an Azure File Share.
• If no StorageClass is specified for a persistent volume, the default StorageClass is used.

Security

• With Kubernetes RBAC, you can create roles to define permissions and then assign those roles to users with role bindings.
• You can limit network traffic between pods in your cluster with Kubernetes network policies.
• Dynamic rules enforcement across multiple clusters with Azure Policy.
• Azure AD-integrated AKS clusters can grant users or groups access to Kubernetes resources within a namespace or across the cluster.
• Secure communication paths between namespaces and nodes with Azure Private Link.

Azure Kubernetes Service Pricing

• You only pay for virtual machines, associated storage, and networking resources.
• There is no charge for cluster management.

Azure Kubernetes Service Versions

• Uses semantic versioning: [major].[minor].
• A user has 30 days from the version removal to upgrade into a supported patch and continue receiving support.
• Azure updates the cluster automatically if it has been out of support for more than 3 minor versions.
• Downgrading a version is not supported.

How to Create an Azure Kubernetes Service Cluster in the Azure Portal

Want to learn more about Azure? Watch the official Microsoft Azure YouTube channel’s video series called Azure Tips and Tricks.

Validate Your Knowledge

Question 1

Question Type: Single choice

Your company has an Azure Kubernetes Service (AKS) cluster and a Windows 10 workstation with Azure CLI installed.

You plan to use the kubectl client on Windows 10.

Which of the following commands should you run?

1. az aks install-cli
2. az aks nodepool
3. az aks create
4. az aks browse

For more Azure practice exam questions with detailed explanations, check out the Tutorials Dojo Portal:

Azure Kubernetes Service Cheat Sheet Resources:

https://docs.microsoft.com/en-us/azure/aks/intro-kubernetes
https://azure.microsoft.com/en-us/services/kubernetes-service/