Different Ways To Manage Kubernetes On Azure

By Weaveworks
May 31, 2020

This quick tutorials gives you an overview on getting started with Microsoft's Azure Kubernetes Service - a fully managed service.

Related posts

Weave GitOps Assured & Accelerator on the Azure Marketplace

Kubernetes Security - A Complete Guide to Securing Your Containers

Weave GitOps Enterprise is now Available in the Azure Marketplace

What Is Kubernetes?

Kubernetes is a portable, extensible, open-source platform to manage containerized workloads and services which facilitates both declarative configuration and automation. It has a broad ecosystem, increasing rapidly. There is ample availability of Kubernetes infrastructure, support, and resources.

The word Kubernetes comes from Greek, which means helmsman or pilot. In 2014, Google open-sourced the Kubernetes project. Kubernetes blends Google's 15 years of experience running on-scale development workloads with best-of-breed innovations and group activities.

Containers are a perfect way to get your applications packaged and run. You need to monitor the containers running the applications in a production environment, and ensure that there is no downtime. For example, if a container goes down, it will need to start another container. Wouldn't it be better if a program controlled that behavior?

Now Kubernetes comes to the rescue! Kubernetes offers you the architecture to resiliently run distributed systems. For your application, it takes care of scaling and failover, offers deployment patterns, and more.

How To Manage Kubernetes On Azure

1. Azure Kubernetes Service (AKS)

The completely managed Azure Kubernetes Server (AKS) makes it easy to deploy and manage containerized applications. It provides Kubernetes serverless, automated continuous integration and continuous delivery (CI/CD) experience, and security and governance on an enterprise level. Join the engineering and operations teams on a single platform to confidently design, produce, and scale applications quickly. Azure DevOps helps by using the continuous build method to construct Docker images for faster deployments and reliability. One of the main benefits of using AKS is that you can create resources and infrastructure inside the Azure Kubernetes Cluster instead of building resources in the cloud.


2. Self-managed Kubernetes in Microsoft Azure

There are several ways to have Kubernetes deployed and controlled in Azure. The self-managed choice illustrates how to use aks-engine to install a cluster for networking with the Azur CNI plugin, and Calico for compliance of network policy. The benefit of this strategy is that on the worker nodes, pods are allocated IP addresses associated with Azure Network Interfaces. The IPs come from the pool of the VNET network and therefore do not require any NAT access resources outside the cluster of Kubernetes. There are, however, other solutions that may work better for your climate.

LAB: Creating An Azure Kubernetes Service (AKS) Cluster

AKS clusters can use Role-based Access Controls (RBAC) from Kubernetes. Such controls allow you to identify resource access based on user defined roles. Permissions are mixed when several functions are allocated to a user, and permissions may be scoped to either a single namespace or to the entire cluster. By default, when you build an AKS cluster the Azure CLI will automatically allow RBAC Build a cluster of AKS using creating az aks.

The following example generates a cluster in the resource group called myResourceGroup, named myAKSCluster. An Azure Active Directory service principal is automatically created to allow an AKS cluster to communicate with other Azure resources, although you did not specify one. Here, the right to pull images from the Azure Container Registry (ACR). Notice that you can use a managed identity for simpler management, rather than a company principal.

az aks create \
    --resource-group myResourceGroup \
    --name myAKSCluster \
    --node-count 2 \
    --generate-ssh-keys \

The deployment completes after a few minutes, and returns JSON-formatted information about the deployment of the AKS.

Step 1: Install The Kubernetes CLI

You use kubectl, the Kubernetes command-line client to connect to the Kubernetes cluster from your local computer.

If you are using the Azure Cloud Container, you already have kubectl enabled. Using the az aks build-cli command to build it locally, too:

az aks install-cli

Step 2: Connect To Cluster Using Kubectl

Using the az aks get-credentials command to configure kubectl to connect to your Kubernetes cluster. The following example gets credentials in the myResourceGroup for the AKS cluster called myAKSCluster:

az aks get-credentials --resource-group myResourceGroup --name myAKSCluster

To test the link to your cluster, run the command kubectl get nodes to return a list of the cluster nodes:

$ kubectl get nodes

NAME                       STATUS   ROLES   AGE   VERSION
aks-nodepool1-12345678-0   Ready    agent   32m   v1.14.8

Step 3: Upgrade Kubernetes in Azure Kubernetes Service

To test the Kubernetes releases are available for upgrade, use the az aks get-upgrades command before you upgrade a cluster:

az aks get-upgrades --resource-group myResourceGroup --name myAKSCluster --output table

The current version is 1.14.8 in the example below, and the available versions are shown under the column Upgrades.

Name     ResourceGroup    MasterVersion    NodePoolVersion    Upgrades
-------  ---------------  ---------------  -----------------  --------------
default  myResourceGroup  1.14.8           1.14.8             1.15.5, 1.15.7

Step 4: Upgrade A Cluster

The AKS nodes are carefully cordoned and drained to mitigate damage to running applications. The following steps are performed in that process:

  • The Kubernetes scheduler prevents the programming of additional pods on a node that needs to be updated.
  • On other nodes in the cluster the running pods on the node are scheduled.
  • A node is built, running the latest components from Kubernetes.
  • Once the new node is able to enter the cluster the Kubernetes scheduler begins running pods on it.
  • The old node is removed, and the cordon and drain cycle starts with the next node in the cluster.

To update the AKS cluster use the az aks update order. The following example upgrades the cluster to version 1.14.6 on Kubernetes.

az aks upgrade --resource-group myResourceGroup --name myAKSCluster --kubernetes-version 1.15.5

The simplified example output below shows the kubernetesVersion now reports 1.15.5:

  "agentPoolProfiles": [
      "count": 3,
      "maxPods": 110,
      "name": "nodepool1",
      "osType": "Linux",
      "storageProfile": "ManagedDisks",
      "vmSize": "Standard_DS1_v2",
  "dnsPrefix": "myAKSClust-myResourceGroup-19da35",
  "enableRbac": false,
  "fqdn": "myaksclust-myresourcegroup-19da35-bd54a4be.hcp.eastus.azmk8s.io",
  "id": "/subscriptions//resourcegroups/myResourceGroup/providers/Microsoft
  "kubernetesVersion": "1.15.5",
  "location": "eastus",
  "name": "myAKSCluster",
  "type": "Microsoft.ContainerService/ManagedClusters"

Step 5: Validate An Upgrade

Confirm that the upgrade has been successful using the command az aks display as follows:

az aks show --resource-group myResourceGroup --name myAKSCluster --output table

Step 6: Delete The Cluster

You may want the AKS cluster removed. Since the Kubernetes nodes run on Azure virtual machines (VMs), even though you don't use the cluster, they tend to incur charges. Using the delete command of the az group to uninstall the resource group, container service, and all related services.

az group delete --name myResourceGroup --yes --no-wait


  • To sum up ,Kubernetes is now an important part of the technology landscape and is likely to be a part of every cloud infrastructure for a long time to come.
  • regardless of whether you're just starting out on AKS, leveraging your Microsoft Enterprise Agreement to get better pricing and support on Azure, or trying to make migrating on-site applications to the cloud easier with EKS on Amazon, there's a certified Kubernetes hosting package that will satisfy your needs.

Related posts

Weave GitOps Assured & Accelerator on the Azure Marketplace

Kubernetes Security - A Complete Guide to Securing Your Containers

Weave GitOps Enterprise is now Available in the Azure Marketplace

Whitepaper: Accelerate Software Lifecycles Through DevOps Automation

We survey the entire landscape of automation from a cloud-native perspective and offer an adoption path for your organization.

Download your Copy