Azure Kubernetes Service ... Azure managed control plane Docker Pods Docker Pods Docker Pods Docker

download Azure Kubernetes Service ... Azure managed control plane Docker Pods Docker Pods Docker Pods Docker

of 28

  • date post

    30-Sep-2020
  • Category

    Documents

  • view

    5
  • download

    0

Embed Size (px)

Transcript of Azure Kubernetes Service ... Azure managed control plane Docker Pods Docker Pods Docker Pods Docker

  • Azure Kubernetes Service

  • Introduction

    Resources Product deep dive

    AKS Overview

    Introduction

    Top scenarios

    Customer stories

    Open source culture

  • Azure Container TechnologiesAzure Container Service (AKS)

    Azure Container Instances (ACI)

    Azure Container Registry

    Open Service Broker API (OSBA)

    Release Automation Tools

    Ia a S

    P a a S

    Azure services

    SQL Database

    Redis Cache

    CosmosDB

    And more!

    Partner services

    OpenShift

    Pivotal Cloud Foundry

    Docker Enterprise Edition

    Mesosphere

    DC/OS

    Azure

    Azure Container Registry (ACR)

    OSBA

    Batch

    Azure Container Instances (ACI)

    Azure Virtual Machines

    Virtual Machine Scale Sets (VMSS)

    Service Fabric

    Virtual kubelet

    App Service

    Azure Container Service (AKS)

    ACS Engine

  • Kubernetes: the industry leading orchestrator

    Portable

    Public, private, hybrid,

    multi-cloud

    Extensible

    Modular, pluggable,

    hookable, composable

    Self-healing

    Auto-placement, auto-restart,

    auto-replication, auto-scaling

  • AKS Overview

    Resources Product deep dive

    AKS Overview

    Introduction

    Top scenarios

    Customer stories

    Open source culture

  • AKS: Simplify the deployment, management,

    and operations of Kubernetes

    Deploy and manage

    Kubernetes with ease

    Scale and run applications

    with confidence

    Secure your Kubernetes

    environment

    Accelerate containerized

    application development

    Work how you want with

    open-source tools & APIs

    Set up CI/CD in a

    few clicks

  • 1. Kubernetes users communicate

    with API server and apply desired

    state

    2. Master nodes actively enforce

    desired state on worker nodes

    3. Worker nodes support

    communication between

    containers

    Kubernetes 101

    Kubernetes

    control

    API server

    replication, namespace,

    serviceaccounts, etc.

    -controller-

    manager -scheduler

    etcd

    Master node

    Worker node

    kubelet kube-proxy

    Docker

    Prod Prod

    Containers Containers

    Worker node

    kubelet kube-proxy

    Docker

    Prod Prod

    Containers Containers

    Internet

    4. Worker nodes support

    communication from the Internet

  • Customer VMs

    How managed Kubernetes on Azure works

    • Automated upgrades, patches

    • High reliability, availability

    • Easy, secure cluster scaling

    • Self-healing

    • API server monitoring

    • At no charge

    Kubernetes

    API endpoint

    App/

    workload

    definitionUser

    Azure managed control plane

    Docker

    Pods

    Docker

    Pods

    Docker

    Pods

    Docker

    Pods

    Docker

    Pods

    Schedule pods over

    private tunnel

  • From infrastructure to innovation

    Responsibilities DIY with Kubernetes Managed Kubernetes on Azure

    Containerization

    Application iteration,

    debugging

    CI/CD

    Cluster hosting

    Cluster upgrade

    Patching

    Scaling

    Monitoring and logging

    Customer

    Microsoft

    Managed Kubernetes

    empowers you to do more

    Focus on your containers

    and code, not the plumbing

    of them

  • Azure Kubernetes momentum

    10x Kubernetes on Azure

    usage grew 10x

    5x Kubernetes on Azure

    customers grew 5x

    Last 12 months

  • Deploy and manage Kubernetes with ease

    Task The old way With Azure

    Create a cluster Provision network and VMs

    Install dozens of system components including etcd

    Create and install certificates

    Register agent nodes with control plane

    az aks create

    Upgrade a cluster Upgrade your master nodes

    Cordon/drain and upgrade worker nodes individually

    az aks upgrade

    Scale a cluster Provision new VMs

    Install system components

    Register nodes with API server

    az aks scale

    Azure makes Kubernetes easy

  • Database tier

    AKS production cluster

    Source

    code control

    Helm

    chart

    Inner loop

    Test

    Debug

    Azure

    DevSpaces

    AKS dev

    cluster

    Azure

    Container

    Registry

    CI/CD

    Azure Pipelines/

    DevOps Project

    Auto-build

    Business tier

    Web tier

    Azure

    Monitor

  • AKS: Simplify the deployment, management,

    and operations of Kubernetes

    Deploy and manage

    Kubernetes with ease

    Scale and run applications

    with confidence

    Secure your Kubernetes

    environment

    Accelerate containerized

    application development

    Work how you want with

    open-source tools & APIs

    Set up CI/CD in a

    few clicks

  • Control access through AAD

    and RBAC

    Safeguard keys and

    secrets with Key Vault

    Secure network

    communications with

    VNET and CNI

    Compliant Kubernetes

    service with

    certifications covering

    SOC, HIPAA, and PCI

  • Azure Container Registry

    1. Developer/CI system

    builds container image

    2. Image pushed to Azure

    Container Registry

    3. Azure Container Registry

    quarantines image until

    scanning passes

    Azure Container registry

    4. Azure Container Registry

    scans content leveraging Aqua,

    Twistlock

    5. Azure Container Registry

    publishes the image to the

    repository

    Developer

    Container

    image

    Fails Aqua and Twistlock

    container security

    Passes

    Repository

  • Secure network communications with VNET and CNI

    AKS subnet

    Backend

    services subnet

    Azure VNet A

    On-premises

    infrastructure

    Enterprise

    system

    Other peered VNets

    VNet B

    VNet peering

    Azure

    Express

    Route

    AKS cluster SQL Server

    1. Uses Azure subnet for both your

    containers and cluster VMs

    2. Allows for connectivity to existing

    Azure services, Express Route to

    on-premises infrastructure or

    other peered VNets

    AKS VNet integration works

    seamlessly with your existing

    network infrastructure

  • Identity and access management through AAD and RBAC

    1. The client application

    authenticates to the AAD token

    issuance endpoint and requests

    an access token

    2. The AAD token issuance

    endpoint issues the access token

    Azure delivers a streamlined identity

    and access management solution

    with Azure Active Directory (AAD)

    and Azure Container Services (AKS)

    AKS

    Azure Active

    Directory

    Client

    application

    Token

    Token

    3. The access token is used to

    authenticate to the secured

    resource

    4. Data from the secured resource is

    returned to the web application

  • Scale and run with confidence

    Built-in

    auto scaling

    Global

    data center

    Geo-replicated

    container registry

    Elastically burst

    using ACI

    Browser

    Traffic

    manager

    Geo-replicated

    container registry

    AKS clusters

    ACI connector

    Azure Container Instances

    Pod Pod

    Pod Pod

    Pod Pod

  • Top scenarios

    Resources Product deep dive

    AKS Overview

    Introduction

    Top scenarios

    Customer stories

    Open source culture

  • Performance

    Low latency

    processing

    Machine learning

    Portability

    Build once, run

    anywhere

    IoT

    Agility

    Faster application

    development

    Microservices

    Top scenarios for Kubernetes on Azure

    Cost saving

    without refactoring

    your app

    Lift and shift to containers

  • Open source culture

    Resources Product deep dive

    AKS Overview

    Introduction

    Top scenarios

    Customer stories

    Open source culture

  • AKS: Simplify the deployment, management,

    and operations of Kubernetes

    Deploy and manage

    Kubernetes with ease

    Scale and run applications

    with confidence

    Secure your Kubernetes

    environment

    Accelerate containerized

    application development

    Work how you want with

    open-source tools & APIs

    Set up CI/CD in a

    few clicks

  • Development DevOps Monitoring Networking Storage Security

    Take advantage of

    services and