Post

AKS Guide

AKS Guide

AKS Guide

AKS Guide

Getting Started

⚙️ Cluster Configuration & Node Management

  • Node Pools and Node Configuration
  • Default Workloads
  • System vs User Node Pools
  • Virtual Nodes (with Azure Container Instances)
  • GPU and Spot Node Pools
  • Scaling AKS Clusters (Manual & Auto-scaling)

Networking

  • AKS Networking Models (Kubenet vs Azure CNI)
  • BYO VNet and Subnet Planning
  • Network Policies and Traffic Control
  • DNS and CoreDNS Customization
  • Ingress Controllers (NGINX, Traefik)
  • Gateway API in AKS
  • App Gateway Ingress Controller (AGIC)
  • Load Balancers (Internal/External)
  • Private AKS Clusters and Azure Private Link

Security & Identity

  • Azure Entra ID Integration for AKS
  • Role-Based Access Control (RBAC)
  • Pod Identity (Azure Workload Identity)
  • Secrets Management (Azure Key Vault CSI Driver)
  • Network Security Groups (NSG) and Firewall Rules
  • Securing API Server Access (Authorized IP ranges, Private API)
  • Azure Policy for AKS
  • Defender for Containers & Security Posture Management

Monitoring, Logging & Troubleshooting

  • Monitoring with Azure Monitor and Container Insights
  • Log Analytics Integration
  • Troubleshooting Common AKS Issues
  • Diagnostic Settings & Alerts
  • Using kubectl-debug, kured, and kubetail

DevOps & CI/CD

  • AKS with Azure DevOps/GitHub Actions
  • Helm in AKS
  • GitOps with Flux or Argo CD
  • Kustomize for AKS Deployments
  • Canary & Blue/Green Deployments in AKS

Container Registry & Image Management

  • Integration with Azure Container Registry (ACR)
  • ACR Tasks and Image Automation
  • Image Scanning (Microsoft Defender or 3rd Party Tools)
  • Using Private Registries with AKS

Storage

  • Persistent Volumes and Persistent Volume Claims
  • Azure Disks vs Azure Files in AKS
  • CSI Drivers (Azure Disk, Azure File)
  • Ephemeral Storage in AKS

Maintenance & Upgrades

  • AKS Versioning and Release Cadence
  • Cluster and Node Pool Upgrades
  • Planned vs Unplanned Maintenance
  • Cluster Auto-upgrade Strategy

☁️ Availability & Resilience

  • High Availability Design for AKS
  • Zone Redundant Node Pools
  • Multi-region AKS Strategy
  • Backup and Restore Strategies (Velero)

Integrations & Ecosystem

  • Service Mesh (Istio, Linkerd, Open Service Mesh)
  • Dapr on AKS
  • Azure Arc for AKS
  • Integration with Azure Services (Key Vault, App Gateway, Log Analytics)
This post is licensed under CC BY 4.0 by the author.