azure kubernetes service...azure managed control plane docker pods docker pods docker pods docker...
TRANSCRIPT
Azure Kubernetes Service
Introduction
Resources Product deep dive
AKSOverview
Introduction
Topscenarios
Customer stories
Open source culture
Azure Container TechnologiesAzure Container Service (AKS)
Azure Container Instances (ACI)
Azure Container Registry
Open Service Broker API (OSBA)
Release Automation Tools
IaaS
PaaS
Azure services
SQL Database
Redis Cache
CosmosDB
And more!
Partner services
OpenShift
Pivotal Cloud Foundry
Docker Enterprise Edition
Mesosphere
DC/OS
Azure
Azure Container Registry (ACR)
OSBA
Batch
Azure Container Instances (ACI)
Azure Virtual Machines
Virtual Machine Scale Sets (VMSS)
Service Fabric
Virtual kubelet
App Service
Azure Container Service (AKS)
ACS Engine
Kubernetes: the industry leading orchestrator
Portable
Public, private, hybrid,
multi-cloud
Extensible
Modular, pluggable,
hookable, composable
Self-healing
Auto-placement, auto-restart,
auto-replication, auto-scaling
AKS Overview
Resources Product deep dive
AKSOverview
Introduction
Topscenarios
Customer stories
Open source culture
AKS: Simplify the deployment, management,
and operations of Kubernetes
Deploy and manage
Kubernetes with ease
Scale and run applications
with confidence
Secure your Kubernetes
environment
Accelerate containerized
application development
Work how you want with
open-source tools & APIs
Set up CI/CD in a
few clicks
1. Kubernetes users communicate
with API server and apply desired
state
2. Master nodes actively enforce
desired state on worker nodes
3. Worker nodes support
communication between
containers
Kubernetes 101
Kubernetes
control
API server
replication, namespace,
serviceaccounts, etc.
-controller-
manager -scheduler
etcd
Master node
Worker node
kubelet kube-proxy
Docker
Prod Prod
Containers Containers
Worker node
kubelet kube-proxy
Docker
Prod Prod
Containers Containers
Internet
4. Worker nodes support
communication from the Internet
Customer VMs
How managed Kubernetes on Azure works
• Automated upgrades, patches
• High reliability, availability
• Easy, secure cluster scaling
• Self-healing
• API server monitoring
• At no charge
Kubernetes
API endpoint
App/
workload
definitionUser
Azure managed control plane
Docker
Pods
Docker
Pods
Docker
Pods
Docker
Pods
Docker
Pods
Schedule pods over
private tunnel
From infrastructure to innovation
Responsibilities DIY with Kubernetes Managed Kubernetes on Azure
Containerization
Application iteration,
debugging
CI/CD
Cluster hosting
Cluster upgrade
Patching
Scaling
Monitoring and logging
Customer
Microsoft
Managed Kubernetes
empowers you to do more
Focus on your containers
and code, not the plumbing
of them
Azure Kubernetes momentum
10xKubernetes on Azure
usage grew 10x
5xKubernetes on Azure
customers grew 5x
Last 12 months
Deploy and manage Kubernetes with ease
Task The old way With Azure
Create a cluster Provision network and VMs
Install dozens of system components including etcd
Create and install certificates
Register agent nodes with control plane
az aks create
Upgrade a cluster Upgrade your master nodes
Cordon/drain and upgrade worker nodes individually
az aks upgrade
Scale a cluster Provision new VMs
Install system components
Register nodes with API server
az aks scale
Azure makes Kubernetes easy
Database tier
AKS production cluster
Source
code control
Helm
chart
Inner loop
Test
Debug
Azure
DevSpaces
AKS dev
cluster
Azure
Container
Registry
CI/CD
Azure Pipelines/
DevOps Project
Auto-build
Business tier
Web tier
Azure
Monitor
AKS: Simplify the deployment, management,
and operations of Kubernetes
Deploy and manage
Kubernetes with ease
Scale and run applications
with confidence
Secure your Kubernetes
environment
Accelerate containerized
application development
Work how you want with
open-source tools & APIs
Set up CI/CD in a
few clicks
Control access through AAD
and RBAC
Safeguard keys and
secrets with Key Vault
Secure network
communications with
VNET and CNI
Compliant Kubernetes
service with
certifications covering
SOC, HIPAA, and PCI
Azure Container Registry
1. Developer/CI system
builds container image
2. Image pushed to Azure
Container Registry
3. Azure Container Registry
quarantines image until
scanning passes
Azure Container registry
4. Azure Container Registry
scans content leveraging Aqua,
Twistlock
5. Azure Container Registry
publishes the image to the
repository
Developer
Container
image
Fails Aqua and Twistlock
container security
Passes
Repository
Secure network communications with VNET and CNI
AKS subnet
Backend
services subnet
Azure VNet A
On-premises
infrastructure
Enterprise
system
Other peered VNets
VNet B
VNet peering
Azure
Express
Route
AKS cluster SQL Server
1. Uses Azure subnet for both your
containers and cluster VMs
2. Allows for connectivity to existing
Azure services, Express Route to
on-premises infrastructure or
other peered VNets
AKS VNet integration works
seamlessly with your existing
network infrastructure
Identity and access management through AAD and RBAC
1. The client application
authenticates to the AAD token
issuance endpoint and requests
an access token
2. The AAD token issuance
endpoint issues the access token
Azure delivers a streamlined identity
and access management solution
with Azure Active Directory (AAD)
and Azure Container Services (AKS)
AKS
Azure Active
Directory
Client
application
Token
Token
3. The access token is used to
authenticate to the secured
resource
4. Data from the secured resource is
returned to the web application
Scale and run with confidence
Built-in
auto scaling
Global
data center
Geo-replicated
container registry
Elastically burst
using ACI
Browser
Traffic
manager
Geo-replicated
container registry
AKS clusters
ACI connector
Azure Container Instances
Pod Pod
Pod Pod
Pod Pod
Top scenarios
Resources Product deep dive
AKSOverview
Introduction
Topscenarios
Customer stories
Open source culture
Performance
Low latency
processing
Machine learning
Portability
Build once, run
anywhere
IoT
Agility
Faster application
development
Microservices
Top scenarios for Kubernetes on Azure
Cost saving
without refactoring
your app
Lift and shift to containers
Open source culture
Resources Product deep dive
AKSOverview
Introduction
Topscenarios
Customer stories
Open source culture
AKS: Simplify the deployment, management,
and operations of Kubernetes
Deploy and manage
Kubernetes with ease
Scale and run applications
with confidence
Secure your Kubernetes
environment
Accelerate containerized
application development
Work how you want with
open-source tools & APIs
Set up CI/CD in a
few clicks
Development DevOps Monitoring Networking Storage Security
Take advantage of
services and tools
in the Kubernetes
ecosystem
…or…
Leverage growing
Azure support
RBAC
VS Code
Azure
DevOps
ARM
Azure Monitor Azure VNET Azure Storage
Azure Container Registry
AAD
Key Vault
Work how you want with opensource tools and APIs
• Easily connect to SLA-backed
Azure services with OSBA
Work how you want with opensource tools and APIs
OSBA
Azure services
AKS
ACS Engine
SQL
Database
Event
Hubs
Redis
Cache
MySQL
Database
Cosmos
DB
PosgreSQL
Database
Service
Bus
Azure
Storage
Azure is
a strong
platform for
Open Source
“Microsoft Joins Cloud Native Computing Foundation as Platinum Member”
Linux VMs are
growing at ~2
times Windows
VMs today
Microsoft
announced
GitHub
acquisition
1 in 3 VMs on
Azure are Linux
~60% of 3rd
party Azure
Marketplace
images are
open source Partnerships
Azure + open source momentum
#2 overall
individual
contributor to
Kubernetes
(Brendan Burns)
#4 overall individual
contributor to Docker
(John Howard)
#1-3 overall
individual
contributors to
Helm
70 Microsoft
employees have
made
contributions to
Kubernetes
Microsoft contributes open source containers
Resources
Resources Product deep dive
AKSOverview
Introduction
Topscenarios
Customer stories
Open source culture
• Azure Kubernetes Service (AKS)
• Containers on Azure pitch deck
• Smart Hotel 360 Demo
• Documentation resources
• Ebook for distributed systems
• Distributed system HoL
• AKS HoL
Sign up for a free Azure account
Hone your skills with Azure training
Check out the Azure container videos page
Get the code from GitHub
AKS resources