AKS Concepts: Difference between revisions

From NovaOrdis Knowledge Base
Jump to navigation Jump to search
Line 36: Line 36:
==Egress==
==Egress==
https://docs.microsoft.com/en-us/azure/aks/egress
https://docs.microsoft.com/en-us/azure/aks/egress
==Private Cluster==
{{External|https://docs.microsoft.com/en-us/azure/aks/private-clusters}}
A private cluster uses an internal IP address to ensure that network traffic between the API server and node pools remains on a private network only.


=Storage=
=Storage=

Revision as of 20:55, 31 March 2021

External

Internal

Node

Nodes are Azure virtual machines.

Node Pool

Nodes of the same configuration are grouped together into node pools.

Access and Identity

https://docs.microsoft.com/en-us/azure/aks/concepts-identity

Security

https://docs.microsoft.com/en-us/azure/aks/concepts-security

Authentication

Cluster Infrastructure Authentication

The cluster infrastructure authentication is used by AKS to manage cloud resources attached to the cluster. It can be service principal or system-assigned managed identity.

Service Principal

https://docs.microsoft.com/en-us/azure/aks/kubernetes-service-principal

System-Assigned Managed Identity

https://docs.microsoft.com/en-us/azure/aks/use-managed-identity

Networking

https://docs.microsoft.com/en-us/azure/aks/concepts-network

HTTP Application Routing

https://docs.microsoft.com/en-us/azure/aks/http-application-routing

HTTP application routing is a solution to access applications that are deployed in an AKS cluster, and consists in the automatic configuration of an ingress controller in the AKS cluster. As applications are deployed, the solution also creates publicly accessible DNS names for application endpoints.

When the add-on is enabled, it creates a DNS Zone in the subscription.

The HTTP application routing is designed to let you quickly create an ingress controller and access your applications. It is not currently designed for use in a production environment. For production-ready ingress deployments that include multiple replicas and TLS support, see HTTPS Ingress Controller.

HTTPS Ingress Controller

https://docs.microsoft.com/en-us/azure/aks/ingress-tls

Ingress Controller

https://docs.microsoft.com/en-us/azure/application-gateway/ingress-controller-overview

Egress

https://docs.microsoft.com/en-us/azure/aks/egress

Private Cluster

https://docs.microsoft.com/en-us/azure/aks/private-clusters

A private cluster uses an internal IP address to ensure that network traffic between the API server and node pools remains on a private network only.

Storage

https://docs.microsoft.com/en-us/azure/aks/concepts-storage

Scaling

https://docs.microsoft.com/en-us/azure/aks/concepts-scale