What is Azure Kubernetes Service? Probably makes sense to tell you what Kubernetes is first. As Kubernetes states themselves “also known as K8s, is an open-source system for automating deployment, scaling, and management of containerized applications.” If you want to dig into the depths then head over to Andrew – http://www.dbafromthecold.com
You have the ability to run these on-premises (complex) or in a cloud service, like AWS or Azure. Hence AKS – Azure Kubernetes Service which helps reduce the complexity and operational overhead of managing Kubernetes by offloading much of that responsibility to Microsoft. You may be wondering how does containers relate to this? It was something on my mind when I first entered into this technology. Remember that containers is the next step beyond traditional virtualisation, you can run SQL Server Linux in containers, as an example. I then look at AKS as the “management” layer of the container solution, carrying out tasks such as scheduling, scaling, health, load balancing and host management.
You can create this using different methods which includes, the portal, Azure CLI, Azure PowerShell, ARM templates and even terraform.
So, why I am talking about this. This is because ultimately – down the line we will be deploying SQL server to AKS based on my SQL image hosted in my private repo within Azure Container Registry from my last post which has SQL Server 2017 Linux installed.
This is the architecture from https://docs.microsoft.com/en-us/azure/aks/concepts-clusters-workloads#deployments-and-yaml-manifests
This shows you what / where Microsoft manages to what you will manage. In the next post we create a Kubernetes cluster in Azure.
Creating Azure Kubernetes Service
No messing about here, navigate to the Azure portal and search for Kubernetes and click add.
Cluster name and region is self-explanatory. For the availability Zones, its really cool that you have the option to set this between 1-3, for a production scenario you will want to leave this at 3 for that extra layer of resilience. If you forgot what an availability zone is then this is a unique physical location within a region. Each zone is made up of one or more datacentres equipped with independent power, cooling, and networking.
I leave the Kubernetes version to the default, but you can always change this. You can view the changelogs to see the differences – https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/README.md
The node size and count here is the required size of the virtual machines that will form the nodes in the cluster.
By default, the system will create a system node pool, these node pools serve the primary purpose of hosting critical system pods such as CoreDNS and tunnelfront. You can create a user pool to run your apps. For this example, I will be running everything on the system pool, you don’t have to do this, but for costings and demo purposes I will.
I tick the virtual node option, which enables network communication between pods that run in Azure Container Instances (ACI) and the AKS cluster. To provide this communication, a virtual network subnet is created and delegated permissions are assigned.
Authentication I leave everything default, you will probably want Azure AD integration here though.
I am then going to link this to my ACR – Azure Container Registry – you need to use managed Identity here and not service principal as shown above.
From a networking perspective, there is a lot to think about – it is a good idea to study the following:
Once all config has been setup – validations should pass then click create.
This will form the base for upcoming posts.