Azure Kubernetes Service (AKS) is a managed container orchestration service, based on the open source Kubernetes system, which is available on the Microsoft Azure public cloud. An organization can use AKS to deploy, scale and manage Docker containers and container-based applications across a cluster of container hosts.
AKS became generally available in June 2018.
AKS features and benefits
The primary benefits of AKS are flexibility, automation and reduced management overhead for administrators and developers. For example, AKS automatically configures all Kubernetes masters and nodes during the deployment process, and handles a range of other tasks, including Azure Active Directory integration, connections to monitoring services and configuring advanced networking features, such as HTTP application routing.
Since AKS is a managed service, Microsoft handles all Kubernetes upgrades for the service, as new versions become available. Users can decide whether and when to upgrade the Kubernetes version in their own AKS cluster to reduce the possibility of accidental workload disruption.
In addition, AKS nodes can scale up or down to accommodate fluctuations in resource demands. For additional processing power, AKS also supports node pools enabled by graphics processing units (GPUs). This can be vital for compute-intensive workloads, such as scientific applications.
Users can access AKS via an AKS management portal, an AKS command-line interface (CLI), or using templates through tools such as Azure Resource Manager. The service also integrates with the Azure Container Registry (ACR) for Docker image storage, and supports the use of persistent data with Azure Disks.
AKS use cases
AKS usage is typically limited to container-based application deployment and management, but there are numerous use cases for the service within that scope.
For example, an organization could use AKS to automate and streamline the migration of applications into containers: first, it could move the application into a container, register the container with ACR, and then use AKS to launch the container into a preconfigured environment. Similarly, AKS can deploy, scale, and manage diverse groups of containers, which helps with the launch and operation of microservices-based applications.
AKS usage can complement agile software development paradigms, such as continuous integration (CI), continuous delivery/continuous deployment (CD) and DevOps. For example, a developer could place a new container build into a repository, such as GitHub, move those builds into ACR, and then rely on AKS to launch the workload into operational containers.
Other uses for AKS involve the Internet of Things (IoT). The service, for instance, could help ensure adequate compute resources to process data from thousands, or even millions, of discrete IoT devices. Similarly, AKS can help ensure adequate compute for big data tasks, such as model training in machine learning (ML) environments.
In general, AKS is most frequently used by software developers and IT operations staff.
AKS security, monitoring and compliance
AKS supports role based access control (RBAC) through Azure Active Directory (AD), which enables an administrator to tailor Kubernetes access to AD identity and group associations. Admins can monitor container health using processor and memory metrics collected from containers, Kubernetes nodes and other points in the infrastructure. Container logs are also collected and stored for more detailed analytics and troubleshooting. Monitoring data is available through the AKS management portal, AKS CLI and application programming interfaces (APIs).
AKS meets the regulatory requirements of System and Organization Controls (SOC) and is compliant with major regulatory bodies including ISO, HIPAA and HITRUST. Finally, AKS is certified as Kubernetes conformant by the Cloud Native Computing Foundation (CNCF), which oversees open source Kubernetes.
AKS vs. ACS
Prior to the release of AKS, Microsoft offered Azure Container Service (ACS), which supported numerous open source container orchestration platforms, including Docker Swarm and Mesosphere's DC/OS, as well as Kuberenetes. With AKS, the focus is exclusively on the use of Kubernetes. ACS users with a focus on Kubernetes can potentially migrate from ACS to AKS.
However, AKS poses numerous differences that a user must address before a migration from ACS. For example, AKS uses managed disks, so a user must convert unmanaged disks to managed disks before assigning them to AKS nodes. Similarly, a user must convert any persistent storage volumes or customized storage class objects associated with Azure disks to managed disks.
In addition, stateful applications can be impacted by downtime and data loss during a migration from ACS to AKS, so developers and application owners should perform detailed due diligence before making the move.
AKS availability and costs
AKS is a free Azure service, so there is no charge for Kubernetes cluster management. AKS users are, however, billed for the underlying compute, storage, networking and other cloud resources consumed by the containers that comprise the application running within the Kubernetes cluster.
AKS is currently available in the following Microsoft Azure regions: East US, East US 2, Central US, West US, West US 2, Canada East, Canada Central, North Europe, West Europe, UK South, Southeast Asia, Australia East and Japan East regions. Other regions may be added in the future.