Skip to main content

AKS Architecture - High-Level Workflow

High-Level AKS Workflow

  1. User/DevOps Engineer interaction

    • You use kubectl, Azure CLI, Terraform, or the Azure Portal to submit a request (e.g., deploy a pod, scale replicas, expose a service).

    • The request goes to the Kubernetes API Server (running in the AKS control plane).

  1. Control Plane Processing

    • API Server validates the request and stores the desired state in etcd (the cluster database).

    • Scheduler checks for available resources (CPU, memory, taints, affinities) across worker nodes and decides where to place the pod.

    • Controller Manager ensures the cluster continuously matches the desired state.

    • Example: If you ask for 5 replicas but only 3 exist, it will create 2 more.

  1. Worker Node Execution

    • The Kubelet on the chosen worker node receives instructions from the API server.

    • Container Runtime (containerd) pulls the required container image (from ACR, Docker Hub, etc.) and runs the container inside a pod.

    • Kube-proxy updates networking rules so the pod can communicate with other pods and services.

  1. Networking & Service Exposure

    • If the pod is only internal, it gets a private IP (from Azure CNI or Kubenet).

    • If exposed outside the cluster:

      • Service of type LoadBalancer → Azure automatically provisions an Azure Load Balancer with a public IP.

      • Ingress Controller (like NGINX or App Gateway) handles advanced routing, SSL, domains, etc.

  1. Storage & Data

    • If the pod needs persistent data, it mounts a Persistent Volume Claim (PVC).

    • This PVC is dynamically backed by Azure Disk (single pod) or Azure Files (shared).

  1. Security & Identity

    • Pods can use Managed Identities to access Azure services (Key Vault, Storage, SQL).

    • RBAC + Azure AD ensures only authorized users can perform actions.

    • Network Policies control which pods/services can talk to each other.

  1. Monitoring & Feedback Loop

    • Metrics and logs are sent to Azure Monitor / Container Insights.

    • Autoscaler or DevOps engineers can act based on health and performance:

      • Horizontal Pod Autoscaler (HPA) → scales pods up/down.

      • Cluster Autoscaler → adds/removes worker nodes.



Labels:

Comments

Post a Comment

Popular posts from this blog

AKS Architecture Overview

 AKS is a managed Kubernetes service in Azure where Microsoft manages the control plane and you (the customer) manage the worker nodes and workloads . At a high level, it consists of: Control Plane (Master Components) – managed by Azure. Worker Nodes (Agent Nodes) – managed by you (inside your subscription). Supporting Azure Resources – networking, storage, monitoring, identity, etc. 🔹 1. Control Plane (Managed by Azure) This is the brain of the cluster, hosted and managed by Azure. You don’t pay directly for the control plane; it’s included in the service. Key components: API Server – entry point for kubectl, Azure CLI, and Azure portal requests. etcd – distributed key-value store to keep cluster state (pods, secrets, config, etc.). Scheduler – places pods on the right worker nodes based on resources/constraints. Controller Manager – ensures the desired state matches actual state (e.g., replicas). Cloud Controller Manager – integrates Kub...
Post a Comment
Read more

Top 20 Docker FAQS

  Top 20 Docker Interview FAQs What is Docker, and how is it different from a virtual machine? Explain the architecture of Docker (Client, Daemon, Images, Containers, Registries). What is the difference between a Docker image and a Docker container? How do you create a Docker image? What are best practices for writing a Dockerfile? What is the difference between CMD and ENTRYPOINT in a Dockerfile? What are Docker volumes, and how do they differ from bind mounts? How do you persist data in Docker containers? What is the difference between Docker Compose and Docker Swarm? How does Docker handle networking? Explain different network drivers (bridge, host, overlay). How do you share environment variables and secrets in Docker containers securely? What are multi-stage builds in Docker, and why are they useful? How do you optimize the size of a Docker image? What happens when you run docker run internally? How do you troubleshoot a failing Docke...
Post a Comment
Read more