Networking Considerations for Kubernetes

Developers and architects must consider three levels of networking when creating and managing a Kubernetes cluster, including Azure Kubernetes Service (AKS). The illustration depicts an AKS control plane (configured and managed by the Azure portal) and three cluster VMs (sometimes called worker nodes). Choices made for AKS networking can affect scalability, manageability, and cost.

When designing and configuring AKS networking, architects should consider:

1. Service level. Kubernetes exposes services typically in the form of URLs to clients, in this case, https://www.example.com. Production services will almost always have static IP addresses that resolve to the AKS control plane, which then executes logic (for example, routing, load balancing) to determine the correct handling of the request. A Kubernetes cluster may host many such services. An ingress controller is typically used for these purposes.

2. Cluster level. The Kubernetes cluster may contain tens or even hundreds of physical nodes (or VMs); each is assigned an IP address (usually from a pool managed by the control plane).