To AKS or not to AKS?10.05
That’s the question, of course. But what is AKS? Microsoft’s Azure Kubernetes Service (AKS) is a popular managed Kubernetes service that offers a range of features to help organizations deploy and manage containerised applications in the cloud. However, as with any technology, it’s important to carefully consider whether AKS is the right fit for your organisation’s specific needs and requirements.
In this blog post, we’ll list some scenarios we encountered at CloudFuel where AKS might (not) shine when compared to some common alternatives like Azure Container Apps (ACA), Azure Container Instances or Azure Web Apps for Containers. Be sure to also check out our other blog ‘Accelerate Your Cloud Native Journey with Azure Kubernetes Service’, where we talk about the capabilities and common alternatives.
When AKS shines
When deciding whether to use AKS or not, it’s important to consider your organisation’s specific needs and requirements. Though the ultimate decision boils down to a complex weighing of different requirements, here are some factors to consider:
- In general, when your organisation needs to use more than a dozen microservices, the added control provided by AKS becomes more interesting.
- When you require configuration options for memory or CPU intensive applications, AKS offers a wider range of hardware options compared to other platforms like ACA. However, keep in mind that available options can change over time, as ACA recently announced additional hardware options in public preview.
- Similarly, when it comes to GPU-intensive workloads, AKS offers a wider range of hardware options compared to other platforms like ACA.
- AKS is a good option for organisations that require support for Windows-based images, making it ideal for companies with specific Windows-based application requirements.
- Use AKS when you work with GitOps, as it provides plug-in support for ArgoCD and Flux is built-in with AKS.
- When you want to take advantage of AKS’s open service mesh. Service meshes provide capabilities like traffic management, resiliency, policy, security, strong identity, and observability to your workloads. Your application is decoupled from these operational capabilities, while the service mesh moves them out of the application layer and down to the infrastructure layer.
- When you need to configure and manage application gateways for your Kubernetes clusters, AKS can save you time and effort with its built-in Azure Application Gateway Ingress Controller (AGIC). AGIC can automatically configure the application gateway based on your cluster’s requirements, although in some cases you may prefer to manually configure the gateway to have more control over its settings.
- Certain applications, like Drupal, require POSIX permissions in order to function properly. Higher level solutions like ACA do not offer this kind of access.
- When you operate in a very GDPR/privacy-sensitive environment, AKS supports “confidential computing”, ensuring not even the processor has unencrypted access to the data it is operating on.
- When your organization has several development teams, and you want to restrict access with Azure AD and RBAC, AKS makes it easier to manage infrastructure.
When Alternatives are Preferable
We at CloudFuel believe it is important to understand both the advantages and limitations of any technology. While AKS offers many benefits, it may not always be the best fit for every use case. Here are a few scenarios where it may be better to consider alternative solutions.
- While AKS offers many configuration options, ACA has a more streamlined and simplified approach to container orchestration, making it easier for developers to work with and reducing the need for infrastructure support. Streamlined solutions like ACA put infrastructure management in the hands of Azure, instead of your developers.
- If you require revision tools for blue-green and/or canary deployments. AKS supports this, but it requires quite some effort to set up. With ACA (revisions) or Web App for Containers (slots), these deployment schemes are supported out of the box.
- If your organization solely uses Linux-based container images, it may be preferable to consider other container orchestration solutions as they also support Linux images and may have a more simplified approach to container orchestration compared to AKS.
- For smaller organizations with limited IT resources, AKS may be too complex to manage. In this case, a simpler solution like Azure Container Instances or Azure Web Apps for Containers may be a better fit.
- Additionally, if your workloads are less complex, you may not need the additional features and capabilities provided by AKS. In this case, a simpler container orchestration solution like Azure Container Instances or Azure Web Apps for Containers may be more suitable for your needs.
- If you don’t require Azure Defender for Containers, which provides security monitoring and threat detection for your containers, then AKS may not be necessary for your use case. In this case, you could consider using a simpler solution like Azure Container Instances or Azure Web Apps for Containers.
- If you’re looking for an attractive pricing model, AKS may not be the best choice. While AKS offers a lot of powerful features, it can be more expensive than other container orchestration solutions like Azure Container Instances or Azure Web Apps for Containers.
- Finally, if you want to work serverless and pay for usage on a consumption-based pricing model, then AKS may not be the best choice for you.
These factors mentioned are just a few specific examples of scenarios where AKS might or might not be the optimal fit for your organisation. Ultimately, the decision to use AKS depends on a complex set of requirements, including technical needs, business objectives, and available resources. It’s important to thoroughly evaluate your organization’s specific needs and requirements to determine whether AKS is the right choice.
Consulting with experts such as CloudFuel can also help ensure that you make the best decision for your organisation. So, let’s get in touch!