News

Azure Kubernetes Service Supports Windows Server Containers, Private Clusters

Azure Kubernetes Service (AKS) now supports Windows containers.

Microsoft announced the general availability of that support this week for AKS, which provides serverless Kubernetes as an integrated continuous integration and continuous delivery (CI/CD) experience.

The support of production-grade Windows Server containers for AKS started as a preview almost a year ago. It opens up the ability for organizations to run Windows applications in containers, using AKS to address resource needs across clusters.

Containers are an OS virtualization approach, fostered by Docker, that brings microservices together into applications. One benefit of this approach is that applications can be run without conflicting with underlying hardware and software configurations. Containers get grouped into "pods," which are the basic operational units for Kubernetes, an open source container orchestration solution for clusters that was originally fostered by Google.

Azure Kubernetes
[Click on image for larger view.] Azure Kubernetes (source: Microsoft).

Microsoft offers a good rundown of Kubernetes basics in this "What is Kubernetes" overview.

AKS and Windows Server Containers
AKS is Microsoft's implementation of Kubernetes, which it manages for organizations as a service. AKS has been available to handle the resource needs of Linux containers for a while, but it now can handle the needs of Windows Server containers, as well.

It's taken a longer period of time for Microsoft to get there with AKS support for Windows Server containers. Microsoft needed to work out some kinks with its customers first before rollout, as described in this Windows Server team post.

AKS is an integrated product, having support in a number of Microsoft's enterprise services and tools. Notable solutions that can be used with AKS, per a Microsoft's overview document, include:

  • Azure Policy for implementing rules across clusters
  • Azure Security Center for threat detection and security management
  • Azure Advisor for operations and security recommendations
  • Azure Arc for deploying and managing Kubernetes-based applications
  • Azure Cosmos DB for low-latency database reads and writes
  • Azure Machine Learning for adding artificial intelligence capabilities

Additionally, advice on how to work with AKS has been built into the Visual Studio Code environment via a Kubernetes extension.

Other AKS GA Milestones
Microsoft announced some other AKS milestones on top of its added support for Windows Server containers.

AKS now includes managed identity support at the GA stage. The managed identity support adds security when working with other Azure services, such as "Azure Monitor for Containers, and Azure Policy, among others," and it helps reduce the frequency of having to rotate credentials.

AKS is now integrated with Azure Advisor at the GA stage. Azure Advisor can deliver "real-time personalized recommendations to optimize your AKS deployments," as well as show "industry best practices," Microsoft's announcement explained.

AKS now has an option to access the Private Link service at the GA stage. Private Link is used to "isolate your Kubernetes API server within your Azure virtual network, enabling fully private communication with the managed Kubernetes control plane hosted by AKS," according to Microsoft's announcement.

The Private Link service also seems to be called "private clusters" in Microsoft's main announcement, and it's also described as being at the GA stage.

"Private clusters ensure that customers can create and use managed Kubernetes that only exists inside their private network and never on the internet," stated Brendan Burns, corporate vice president for Azure Compute at Microsoft. "This network isolation provides security assurances that are especially important for regulated industries like finance and health care."

About the Author

Kurt Mackie is senior news producer for 1105 Media's Converge360 group.

Featured