AKS Concepts

From NovaOrdis Knowledge Base
Revision as of 23:29, 31 March 2021 by Ovidiu (talk | contribs) (→‎Storage)
Jump to navigation Jump to search

External

Internal

Node

Nodes are Azure virtual machines.

Node Pool

Nodes of the same configuration are grouped together into node pools.

Access and Identity

https://docs.microsoft.com/en-us/azure/aks/concepts-identity

Security

https://docs.microsoft.com/en-us/azure/aks/concepts-security

Authentication

Cluster Infrastructure Authentication

The cluster infrastructure authentication is used by AKS to manage cloud resources attached to the cluster. It can be service principal or system-assigned managed identity.

Service Principal

https://docs.microsoft.com/en-us/azure/aks/kubernetes-service-principal

System-Assigned Managed Identity

https://docs.microsoft.com/en-us/azure/aks/use-managed-identity

Networking

https://docs.microsoft.com/en-us/azure/aks/concepts-network

HTTP Application Routing

https://docs.microsoft.com/en-us/azure/aks/http-application-routing

HTTP application routing is a solution to access applications that are deployed in an AKS cluster, and consists in the automatic configuration of an ingress controller in the AKS cluster. As applications are deployed, the solution also creates publicly accessible DNS names for application endpoints.

When the add-on is enabled, it creates a DNS Zone in the subscription.

The HTTP application routing is designed to let you quickly create an ingress controller and access your applications. It is not currently designed for use in a production environment. For production-ready ingress deployments that include multiple replicas and TLS support, see HTTPS Ingress Controller.

HTTPS Ingress Controller

https://docs.microsoft.com/en-us/azure/aks/ingress-tls

Ingress Controller

https://docs.microsoft.com/en-us/azure/application-gateway/ingress-controller-overview

Egress

https://docs.microsoft.com/en-us/azure/aks/egress

Private Cluster

https://docs.microsoft.com/en-us/azure/aks/private-clusters

A private cluster uses an internal IP address to ensure that network traffic between the API server and node pools remains on a private network only. The API server endpoint has no public IP address. To manage the API server, you'll need to use a VM that has access to the AKS cluster's Azure Virtual Network (VNet).

Storage

https://docs.microsoft.com/en-us/azure/aks/concepts-storage

Scaling

https://docs.microsoft.com/en-us/azure/aks/concepts-scale

Azure Container Registry