In February Come Cloud With Us is hosting a Kubernetes panel with some of the industry’s BEST Kubernetes experts. I am honored and humbled to be one of the panelists. This panel consists of K8s experts from Dell, Google, Microsoft, Intercept, United Wholesale Mortgage, and Admincontrol. This is a global panel with panelists and hosts from the United States, Norway, United Kingdom, and Canada. Several of the panelists are also authors, Microsoft MVP’s and CNCF Ambassadors.
Here is a breakdown of the hosts and the panelists:
The panel will discuss Kubernetes and answer attendee questions. This will be a virtual event. This will be an event that you DON’T want to miss! Mark your calendars for the event on Thursday, February 16, 2023 4:00PM-5:30PM CST!
I am kicking off the new year as a guest on the “AzureTalks” podcast by Rolf Schutten. Rolf is a Microsoft MVP based out of the Netherlands. The AzureTalks podcast is a free-form conversation with experts and advocates around the industry discussing various topics on Azure, its services, and integration points with Azure. Some of the topics also get into strategy career, personal development, and more. You can listen to podcast episodes on Google Podcasts, Spotify, and YouTube. You can find the website for this podcast here: www.azuretalks.com
The episode I am a guest on is #004 titled “Containerize apps to AKS with Azure Draft, and Hybrid with Azure Arc“.
In this episode, we discuss how developers can utilize Azure Draft to streamline taking their non-containerized app from code to running on AKS. Azure Draft takes you through the entire process from creating the container, the files needed to run on Kubernetes manifests, Helm charts, or Kustomize, pushing up to an Azure Container Registry, and deploying to AKS.
We also dive into GitHub, GitOps, the differences between push and pull methods with continuous deployment, and even we even touched on hybrid cloud strategies and what role Azure Arc plays in this space. Listen to the audio version of the podcast episode here:
I recently was a guest on Michael Levan‘s Kubernetes Unpacked Podcast on the Packet Pushers network.
This is Kubernetes Unpacked episode #014 it is titled: “Using GitOps And AKS To Build And Deploy Applications“
Michael and I talked about using GitOps and Azure Kubernetes Service (AKS) to automate the building and deployment of applications. We also chat about an entire architecture incorporating AKS, GitHub Actions, Azure Container Registry, GitHub, and ArgoCD along with how it all comes together to make a useful stack. Check out the podcast below.
I will be speaking at Tech Summit Nigeria 2022. This event is to be held in Lagos, Nigeria at the Microsoft ADC center. It is an event for Cloud & Mixed- Reality professionals & enthusiasts. The website for the is https://www.techsummitnigeria.com.
My session title is: “K8s is complex! Simplify its Deployment & Configuration“.
The abstract is: Understanding Kubernetes is complex. Designing its architecture is complex. Deploying it is complex. And Configuring it is complex. K8s in general are complex. Spend less time on getting your Kubernetes up and running and more time running your containerized apps!
In this session, Steve Buchanan will take you on a journey utilizing a tool named the AKS Construction Helper that can simplify your AKS Deployment & Configurations.
***Update***
It was a fun session with an engaged audience! Here are some pictures from the session.
If you missed my session you can watch the replay here:
One of the top concerns I see from companies when architecting AKS is running out of IP addresses. This is commonly known as IP exhaustion. This concern would come up when selecting the network model for AKS specifically with Azure CNI.
Companies would lean towards Azure CNI at first but quickly opt for Kubenet. Azure CNI provides benefits on Azure. It has deeper integration between Kubernetes and Azure networking. With Azure CNI you don’t have to manually configure routing for traffic to flow from pods to other resources on Azure VNets. Pods get full network connectivity and can be reached via their private IP address. Supports Virtual Nodes (Azure Container Instances), it supports either Azure or Calico Network Policies and Windows containers. Azure CNI does however require more IP address space. The traditional Azure CNI assigns an IP address to every Pod from a subnet reserved for pods or pre-reserved set of IPs on every node. This method can lead to exhausting available IPs.
The alternative to Azure CNI with AKS is Kubenet. A lot of companies opt for Kubenet to avoid IP Exhaustion as it conserves IP address space. Kubenet assigns private IP addresses to pods. It does not have routing to Azure networking. In order to route from pods to Azure VNets you need to manually configure and manage user-defined routes (UDRs). With Kubenet a simple /24 IP CIDR range is able to support up to 251 nodes in an AKS cluster. This would give you support IPs for up to 27,610 pods (at 110 pods per node).
With Azure CNI the same /24 IP CIDR range would be able to support up to 8 nodes in the cluster supporting up to 240 pods (default max of 30 pods per node w/Azure CNI. Allocation of 31 IP address; 1 for the node + 30 for Pods.).
Here is a side by side breakdown of Kubenet and Azure CNI:
Area
Kubenet
Azure CNI
Capacity using ‘/24’ address range
251 nodes / 27,610 pods (110 pods / node)
8 nodes / 240 pods (30 pods / node)
Max nodes per cluster
400 (UDR max)
1,000 (or more)
Network policy
Calico
Calico, Azure
Pod IPs
NAT’ed / UDR /
Subnet-assigned
Latency
Slightly greater (NAT hop)
Best
Virtual nodes
No
Yes
Windows containers
No
Yes
Support
Calico community support
Supported by Azure support and the Engineering team
Out of the Box Logging
/var/log/calico inside the container
Rules added/deleted in IPTables are logged on every host under /var/log/azure-npm.log
Conclusion
Best w/limited IP space Most pod comms within cluster UDR management is acceptable
Available IP space Most pod coms outside cluster No need to manage UDR Need advanced features
As you can see you can get a lot more pods on Kubenet and you will burn through a lot more IP’s with Azure CNI. One would think when using Azure CNI to just assign a large CIDR for the subnets like /16 instead of /24. This would work however most IT teams in the enterprise that are connecting AKS to existing networks don’t have that option based on the existing IP design and are stuck working with smaller IP address ranges they can use.
Microsoft has built a solution to the IP exhaustion problem. The solution is Azure CNI Overlay. Azure CNI Overlay for AKS has been around for a while but was recently released into public preview on 9/4/22. Azure CNI Overlay for AKS helps us avoid IP exhaustion with our AKS clusters. It does this by assigning using a private /24 IP CIDR range and assigning IPs from this for pods on every node.
After designing and architecting AKS the next step is to deploy your cluster/s. It is ideal to build your AKS deployments out as code.
This means taking your Azure infrastructure & AKS cluster/s design and scripting them as IaC (Infrastructure as Code). Scripting the AKS deployment vs manually deploying gives you documentation as code, standardization, & a templatized deployment for repeatability. You can deploy this code as is, place it in a pipeline for ease of deployment, in inner-source, or in a service catalog for access by multiple teams.
Microsoft has built a tool named the AKS Construction helper to accelerate building out your IaC for AKS. This tool is not as well-known as it should be. I wanted to blog about this tool to share this great resource that will save you tons of time. The AKS Construction helper was originally launched by Keith Howling of Microsoft. The core contributors to this tool have been Gordon Byers and Keith Howling with contributions from others as well.
The AKS Construction helper unifies guidance provided by the AKS Secure Baseline, Well Architected Framework, Cloud Adoption Framework, and Enterprise-Scale. It also is part of the official AKS Landing Zone Accelerator (Enterprise Scale). The AKS Construction helper lets you configure your AKS deployment using wizard/form style selections. After you complete your selections the tool gives you IaC code that you can copy to perform the AKS Deployment/s. You can get code for Az CLI, a Github Actions workflow, Terraform, or a Parameters file that can be used with an ARM Template.
Let’s go ahead and take a tour of the tool.
The tool lets you select Operations Principles or Enterprise-Scale path for configuring the options.
This helps narrow down the overall design requirements of your AKS deployment.
The next section of the AKS Construction helper is to fine-tune your AKS deployment. This gives you the chance to tweak things like the cluster name, K8s version, resource group, region, to be created, IP and Cider, initial RBAC, SLA, autoscaling, upgrade configuration, cluster networking, add ons such as an ingress controller (App Gateway, NGINX, etc), monitoring such as Azure Monitor, Azure policy, service mesh, secret storage, Keda, GitOps with Flux, and even has a few options to deploy some sample apps. This is done across 5 tabs in the Fine tine and Deploy section.
After you have set all of the configurations for your cluster there is code available for you to copy on the Deploy tab. Again you have options for Az CLI, a Github Actions workflow, Terraform scripts or an ARM Template Parameters file. Running the deployment code will deploy your AKS cluster exactly how you have it configured in the AKS Construction helper tool.
What if you are not ready to deploy your AKS Clusters now but you do not want to lose your configuration? The tool has you covered. At the end of the Deploy Cluster code you can click the link as shown in the screenshot to get a URL for your configuration.
You can access this URL at any time to pick up where you left off with your AKS deployment configuration.
That brings us to the end of this blog post. Stop wasting time, head over to the tool, and start using this for all of your AKS Deployments. Here are the links for the tool:
I am very excited to be a part of a new Microsoft Azure Hybrid Cloud Study Hall series. This is a free fourteen-part weekly series that starts in April running through June.
In this study hall, you will learn how you can manage your on-premises, edge, and multi-cloud resources, and how you can deploy Azure services anywhere with Azure Arc and Azure Stack.
In this series, each session covers working with hybrid cloud resources using Azure services and hybrid cloud technologies. In these sessions we will:
Answer your questions live
Walk-through how to configure hybrid cloud resources
Walk-through how to deploy hybrid cloud resources
Walk-through how to manage hybrid cloud resources
In these sessions, together with you, we will work through Microsoft Learn modules focused on Azure Arc and Azure Stack HCI.
We have a solid lineup of speakers from Microsoft and the community! And I will be co-delivering two sessions myself.
Some of the speakers and moderators
Check out this video Microsoft marketing made where I talk about the sessions:
I was a guest on Tech Talk with Kazeem again! The topic of discussion was Azure Arc Enabled Kubernetes for Beginners.
@KazeemCanTeach & @buchatech
@buchatech Azure Arc K8s book with O’Reilly
In the discussion with me and Microsoft MVP Kazeem Adegboyega, we talked about Azure Stack, AKS, Azure Arc: K8s, and GitOps! We talked about each technology and when to use them for what purpose and more.
I am giving a talk for the Data on Kubernetes Community (DoKC) Community next week. They are a user group like community that focuses on how to build and operate data-centric applications on Kubernetes. Be sure to check them out! The DoK website is: https://dok.community.
My talk is titled: “Running Stateful Apps in Kubernetes Made Simple“
ABSTRACT OF THE TALK
Eventually, the time will come to run a stateful app in Kubernetes. This can be a scary thing adding more moving parts to a Kubernetes cluster and deploying as well as managing your app on Kubernetes when it requires state.
In this talk, Steve Buchanan will take you through a journey of understanding how storage works in Kubernetes, how to Persistent state with pods, what storage options are available with Azure Kubernetes Service, best practices, and a demo of deploying a stateful app to AKS.
In the demo, I will show how to deploy stateful Worpress & Jenkins workloads on Azure Kubernetes Service using the GitOps model with Argo CD.
KEY TAKE-AWAYS FROM THE TALK
Overview of Storage in Kubernetes covering Storage Classes, Persistent Volumes, & Persistent Volume Claims. Overview of Azure Storage, Best Practices to running stateful apps in Kubernetes.
This was a fun podcast with Jez Ward, and Dave Chapman of Cloudreach. They run a podcast called Cloudbusting. On the podcast they focus on transformation, leadership, ways of working and emerging technology they explore the significant impact that cloud is having on people and businesses.
On this podcast episode, we set out to answer very important questions such as what are Jucy Lucy’s?, what are root Canals like today? oh, and yeah we also spend some time talking about what Containers, Kubernetes, & GitOps are and how they fit in the cloud.
