Lab 3: Advanced AKS Operations
🎓 Learning Objectives
- Set up Prometheus and Grafana for advanced metrics collection and visualization
- Troubleshoot common AKS issues using kubectl and Azure tools
- Implement security features including Pod Security Admission and Workload Identity
- Configure Service Principal RBAC with proper role bindings
- Implement and test horizontal pod autoscaling and cluster autoscaling
- Optimize cluster performance and resource utilization
- Implement KEDA for event-driven autoscaling
⏱ Estimated Duration
120 minutes
📝 Content Overview
Monitoring with Prometheus and Grafana
- Set up Azure Managed Prometheus and Grafana
- Integrate Prometheus metrics with Container Insights
- Use Prometheus Explorer and view live application logs
Troubleshooting AKS Issues
- Use common troubleshooting commands
- Diagnose and fix crashing pods
- Troubleshoot network policies and resource constraints
Security and Identity
- Implement Pod Security Admission
- Configure Service Account RBAC
- Set up Workload Identity with Azure AD
Scaling and Optimization
- Configure and test Horizontal Pod Autoscaler
- Implement Cluster Autoscaler for node scaling
- Use Vertical Pod Autoscaler for resource recommendations
- Set up KEDA for event-driven autoscaling
This lab builds on the infrastructure deployed in previous labs, using the same AKS cluster.
Environment Variables
Make sure that you have the required variables set up in your CLI session. If you have closed your CLI session since Lab 1, you may need to reinitialize them. The following variables should be set:
$YOUR_INITIALS="abc"
$INITIALS="$($YOUR_INITIALS)".ToLower()
$RESOURCE_GROUP="azure-$($INITIALS)-rg"
$LOCATION="westeurope"
$VM_SKU="standard_d4_v4"
$AKS_NAME="aks-$($INITIALS)"export YOUR_INITIALS="abc"
export INITIALS=$(echo "$YOUR_INITIALS" | tr '[:upper:]' '[:lower:]')
export RESOURCE_GROUP="azure-${INITIALS}-rg"
export LOCATION="westeurope"
export VM_SKU="standard_d4_v4"
export AKS_NAME="aks-${INITIALS}"