Skip to main content
Microsoft Azure
CHAPTER 10

Azure Kubernetes Service (AKS)

Updated: May 15, 2026
30 min read

# CHAPTER 10

Azure Kubernetes Service (AKS)

1. Introduction

Managing 50 Virtual Machines by hand is an operational nightmare. App Service is great, but it can be restrictive for highly complex microservice architectures. The modern cloud has embraced Container Orchestration. Google originally invented Kubernetes, but Microsoft has heavily adopted it, offering Azure Kubernetes Service (AKS). AKS is a highly robust, managed Kubernetes service designed to deploy, scale, and manage massive containerized applications. In this chapter, we will transition from monolithic apps to distributed orchestration.

2. Learning Objectives

By the end of this chapter, you will be able to:
  • Define Containerization and Container Orchestration.
  • Understand the benefits of a Managed Kubernetes Service.
  • Identify the Control Plane (managed by Azure) vs. Node Pools (managed by you).
  • Deploy an AKS cluster via the Azure Portal.
  • Understand core Kubernetes objects: Pods, Deployments, and Services.

3. Beginner-Friendly Explanation

Imagine running a delivery company.
  • Virtual Machines (The Old Way): You buy a massive delivery truck. Even if you only need to deliver a single shoebox, you have to drive the whole truck. It wastes gas and space.
  • Containers (Docker): You package the shoebox perfectly. It runs exactly the same anywhere.
  • Kubernetes (AKS): The ultimate logistics manager. You tell the manager: "I need 50 shoeboxes delivered constantly." The manager (AKS) automatically buys the exact number of trucks needed, loads the boxes perfectly, and if a truck breaks down on the highway, the manager instantly buys a new truck and moves the boxes for you automatically.

4. Why Use AKS? (The Managed Advantage)

A Kubernetes cluster has two main parts: The Brain (Control Plane/API Server) and The Muscle (Worker Nodes/Virtual Machines). If you build Kubernetes yourself on raw VMs, you have to manage the Brain. It is incredibly complex to keep it highly available and secure. With AKS, Microsoft manages the Brain for you, for FREE. They handle the backups, the security patches, and the high-availability of the Control Plane invisibly. You only pay for the Worker Nodes (the actual Azure VMs running your containers).

5. Node Pools

In AKS, you don't manage individual VMs. You create Node Pools. A Node Pool is a Virtual Machine Scale Set operating under the hood. You can mix and match! You can have a "System" Node Pool running Linux for your core backend, and a "User" Node Pool running Windows Server containers for legacy .NET applications, all inside the exact same AKS cluster.

6. The Core Objects: Pods, Deployments, and Services

  • Pod: The smallest unit in Kubernetes. It wraps your Docker container.
  • Deployment: The manager. You write a YAML file saying "I want 3 Pods running." The Deployment ensures 3 Pods are *always* running.
  • Service: The network door. Pod IPs change constantly. A Service provides a permanent IP address (and provisions an Azure Load Balancer automatically!) so users can reliably reach your Pods.

7. Mini Project: Deploy an AKS Cluster

Let's provision a massive orchestration engine.

Step-by-Step Tutorial:

  1. 1. In the Azure Portal, search for Kubernetes services.
  1. 2. Click + Create > Create a Kubernetes cluster.
  1. 3. Resource group: rg-aks-demo.
  1. 4. Cluster preset configuration: Choose Dev/Test (to keep the VM sizes small and cheap).
  1. 5. Kubernetes cluster name: my-first-aks-cluster.
  1. 6. Region: East US.
  1. 7. Node size: Click "Change size" and select a cheap VM like StandardB2s.
  1. 8. Node count: Scale it down to 1 (again, to save money during testing).
  1. 9. Click Review + create, then Create.
*(Wait 5-10 minutes. Azure is provisioning massive infrastructure behind the scenes!)*
  1. 10. Once the cluster is green, go to the resource. Click Connect at the top.
  1. 11. Azure gives you two CLI commands. Open the Cloud Shell >.
  1. 12. Paste the az aks get-credentials command. This downloads the security certificates to your Cloud Shell.
  1. 13. Run kubectl get nodes. You will see your Azure VM acting as a Kubernetes worker!
  1. 14. Run kubectl create deployment my-web-app --image=nginx to deploy a web server.
  1. 15. Run kubectl expose deployment my-web-app --type=LoadBalancer --port=80 to tell Azure to automatically build a Public Load Balancer and route traffic to your container!

8. Real-World Scenarios

A popular streaming service runs its backend on AKS. On Friday nights, traffic spikes by 1000%. Because they use Kubernetes, the Horizontal Pod Autoscaler (HPA) automatically detects the CPU strain and scales the backend from 10 Pods to 100 Pods. If the underlying Node Pool runs out of RAM, the Cluster Autoscaler automatically asks Azure to spin up more physical VMs to hold the Pods. On Monday morning, everything automatically shrinks back down to save money. Zero human intervention required.

9. Best Practices

  • Use Azure CNI Networking: When creating an AKS cluster, you choose a networking plugin (Kubenet vs. Azure CNI). For enterprise production, always use Azure CNI. It assigns every single Pod its own dedicated IP address from your Azure VNet, allowing Pods to communicate natively with on-premise servers and Azure SQL databases without complex routing tables.

10. Cost Optimization Tips

  • Spot Node Pools: Just like raw VMs, you can add a "Spot" Node Pool to your AKS cluster. If you have non-critical batch processing jobs running in containers, running them on Spot Nodes can reduce your AKS compute bill by up to 80%.

11. CLI Examples

To deploy an AKS cluster via the Azure CLI:
bash
12345 
az aks create \
    --resource-group rg-aks-demo \
    --name my-cli-aks-cluster \
    --node-count 1 \
    --generate-ssh-keys

12. Exercises

  1. 1. Explain the Shared Responsibility Model within AKS. Which components are managed by Microsoft, and which are managed by you?
  1. 2. Why is a Kubernetes "Service" required to expose a "Deployment" to the public internet?

13. FAQs

Q: Do I need to learn Docker before learning AKS? A: Yes! Kubernetes is the orchestrator; Docker is the packaging format. You must know how to build a Docker container before you can tell AKS to run it. (We cover this in the next chapter!).

14. Interview Questions

  • Q: Describe the architectural interplay between the Horizontal Pod Autoscaler (HPA) and the Cluster Autoscaler in ensuring an AKS application survives a massive, sudden traffic spike.
  • Q: Contrast the Kubenet networking plugin with the Azure CNI networking plugin in AKS. Why is Azure CNI heavily preferred in enterprise hybrid-cloud scenarios?

15. Summary

In Chapter 10, we elevated our infrastructure from static PaaS to dynamic, self-healing orchestration. We introduced Azure Kubernetes Service (AKS) as the industry standard for managing containerized microservices. We recognized the immense value of Azure managing the Control Plane for free, allowing us to focus solely on our Node Pools. Finally, utilizing Cloud Shell and kubectl, we successfully deployed, scaled, and publicly exposed a containerized application across a managed cluster.

16. Next Chapter Recommendation

We told AKS to pull the nginx image from the public internet. But what if we write our own custom Python or Node.js code? Where do we store our private images? Proceed to Chapter 11: Docker and Azure Container Services.

Finish this Chapter

Save your progress on your learning path and prepare for coding interview challenges.

Previous Chapter Azure App Service
Next Chapter Docker and Azure Container Services

Discussion

Join the discussion

Log in or create a free account to participate.

Sort: ·

Explore More

📖 Related Tutorials 5

Related Quizzes 6