Azure Kubernetes Service (AKS)

Home » Azure Cheat Sheets » Azure Compute Services » Azure Kubernetes Service (AKS)

Azure Kubernetes Service (AKS)

Last updated on July 3, 2023

Azure Kubernetes Service Cheat Sheet

  • An open-source tool for orchestrating and managing many container images and applications.
  • Lets you deploy a managed Kubernetes cluster in Azure.

Features

  • Uses clusters and pods to scale and deploy applications.
  • Kubernetes can deploy more images of containers as needed.
  • It supports horizontal scaling, self-healing, load balancing, and secret management.
  • Automatic monitoring of application load to determine when to scale the number of containers used.
  • Tutorials dojo strip
  • Allows you to replicate container architectures.
  • Use Kubernetes with supported Azure regions and on-premises installations using Azure Stack.
  • The images used by AKS come from Azure Container Registry.
  • Use Azure Advisor to optimize your Kubernetes deployments with real-time, personalized recommendations.

Components

  • A control plane is a managed Azure resource. It is where the components run, including API server and cluster database (etcd).
    • kube-apiserver – allows communication for management tools (kubectl).
    • etcd – a key-value store within Kubernetes.
    • kube-scheduler – defines what nodes should run in the workload.
    • kube-controller-manager – it oversees the smaller controllers that handle node operations and replication of pods.
  • Kubernetes runs an application in your instance using pods.
  • A node is made up of several pods, and node pools are a group of nodes with the same configuration.
  • Use a node selector to control where a pod should be placed.
  • You can run at least 2 nodes in the default node pool to ensure your cluster operates reliably.
  • Multi-container pods are placed on the same node and allow containers to share the related resources.
  • You can specify maximum resource limits that prevent a given pod from consuming too much compute resources from the underlying node.
  • A deployment determines the number of replicas (pods) to be created, but you must define a manifest file in YAML format first.
  • With StatefulSets, you can maintain the application’s state within a single pod life cycle.
  • The resources are logically grouped into a namespace, and a user may only interact with resources within their assigned namespaces.

Storage

  • Persistent volumes are provided by Azure disk and file storage.
  • Create a Kubernetes DataDisk resource using Azure Disk.
  • Mount an SMB 3.0 share backed by an Azure Storage account to pods with Azure Files.
  • Volumes that are defined and created as part of the pod lifecycle only exist until the pod is deleted.
  • AKS has four initial storage classes:
    • default – uses Azure StandardSSD storage to create a Managed Disk.
    • managed-premium – uses Azure Premium storage to create Managed Disk.
    • azurefile – uses Azure Standard storage to create an Azure File Share.
    • azurefile-premium – uses Azure Premium storage to create an Azure File Share.
  • If no StorageClass is specified for a persistent volume, the default StorageClass is used.

Security

  • With Kubernetes RBAC, you can create roles to define permissions and then assign those roles to users with role bindings.
  • You can limit network traffic between pods in your cluster with Kubernetes network policies.
  • Dynamic rules enforcement across multiple clusters with Azure Policy.
  • Azure AD-integrated AKS clusters can grant users or groups access to Kubernetes resources within a namespace or across the cluster.
  • Secure communication paths between namespaces and nodes with Azure Private Link.

Azure Kubernetes Service Pricing

  • You only pay for virtual machines, associated storage, and networking resources.
  • There is no charge for cluster management.

Azure Kubernetes Service Versions

  • Uses semantic versioning: [major].[minor].
  • A user has 30 days from the version removal to upgrade into a supported patch and continue receiving support.
  • Azure updates the cluster automatically if it has been out of support for more than 3 minor versions.
  • Downgrading a version is not supported.

How to Create an Azure Kubernetes Service Cluster in the Azure Portal

Want to learn more about Azure? Watch the official Microsoft Azure YouTube channel’s video series called Azure Tips and Tricks.

Validate Your Knowledge

Question 1

Question Type: Single choice

Your company has an Azure Kubernetes Service (AKS) cluster and a Windows 10 workstation with Azure CLI installed.

You plan to use the kubectl client on Windows 10.

AWS Exam Readiness Courses

Which of the following commands should you run?

  1. az aks install-cli
  2. az aks nodepool
  3. az aks create
  4. az aks browse

Correct Answer: 1

Azure Kubernetes Service (AKS) makes it simple to deploy a managed Kubernetes cluster in Azure. AKS reduces the complexity and operational overhead of managing Kubernetes by offloading much of that responsibility to Azure. As a hosted Kubernetes service, Azure handles critical tasks like health monitoring and maintenance for you. The Kubernetes masters are managed by Azure. You only manage and maintain the agent nodes.

To connect to the Kubernetes cluster from your local computer, you need to use kubectl (Kubernetes command-line client). But before you can use kubectl, you should first run the command az aks install-cli in the command-line interface. The kubectl allows you to deploy applications, inspect and manage cluster resources, and view logs.

Hence, the correct answers is: az aks install-cli.

The option that says: az aks nodepool is incorrect because this command only allows you to manage node pools in a Kubernetes cluster. It is stated in the scenario that you need to use the kubectl client. Therefore, you should first run the az aks install-cli command.

The option that says: az aks create is incorrect because this will just create a new managed Kubernetes cluster. Take note that in this scenario, you need to use the Kubernetes command-line client in Windows 10. In order for you to manage cluster resources, you should use the kubectl client.

The option that says: az aks browse is incorrect because it will simply show the dashboard of the Kubernetes cluster in your web browser. Instead of running the command az aks browse, you should run az aks install-cli to download and install the Kubernetes command-line tool.

References:
https://docs.microsoft.com/en-us/cli/azure/aks
https://docs.microsoft.com/en-us/azure/aks/intro-kubernetes

Note: This question was extracted from our AZ-104 Microsoft Azure Administrator Practice Exams.

For more Azure practice exam questions with detailed explanations, check out the Tutorials Dojo Portal:

Microsoft Azure Practice Exams Tutorials Dojo

Azure Kubernetes Service Cheat Sheet Resources:

https://docs.microsoft.com/en-us/azure/aks/intro-kubernetes
https://azure.microsoft.com/en-us/services/kubernetes-service/

Tutorials Dojo portal

Be Inspired and Mentored with Cloud Career Journeys!

Tutorials Dojo portal

Enroll Now – Our Azure Certification Exam Reviewers

azure reviewers tutorials dojo

Enroll Now – Our Google Cloud Certification Exam Reviewers

Tutorials Dojo Exam Study Guide eBooks

tutorials dojo study guide eBook

FREE AWS Exam Readiness Digital Courses

Subscribe to our YouTube Channel

Tutorials Dojo YouTube Channel

FREE Intro to Cloud Computing for Beginners

FREE AWS, Azure, GCP Practice Test Samplers

Recent Posts

Written by: Jon Bonso

Jon Bonso is the co-founder of Tutorials Dojo, an EdTech startup and an AWS Digital Training Partner that provides high-quality educational materials in the cloud computing space. He graduated from Mapúa Institute of Technology in 2007 with a bachelor's degree in Information Technology. Jon holds 10 AWS Certifications and is also an active AWS Community Builder since 2020.

AWS, Azure, and GCP Certifications are consistently among the top-paying IT certifications in the world, considering that most companies have now shifted to the cloud. Earn over $150,000 per year with an AWS, Azure, or GCP certification!

Follow us on LinkedIn, YouTube, Facebook, or join our Slack study group. More importantly, answer as many practice exams as you can to help increase your chances of passing your certification exams on your first try!

View Our AWS, Azure, and GCP Exam Reviewers Check out our FREE courses

Our Community

~98%
passing rate
Around 95-98% of our students pass the AWS Certification exams after training with our courses.
200k+
students
Over 200k enrollees choose Tutorials Dojo in preparing for their AWS Certification exams.
~4.8
ratings
Our courses are highly rated by our enrollees from all over the world.

What our students say about us?