You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/aks/concepts-network.md
+17-9Lines changed: 17 additions & 9 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -24,19 +24,27 @@ This article introduces the core concepts that provide networking to your applic
24
24
*[Network policies](#network-policies)
25
25
26
26
## Kubernetes basics
27
+
Kubernetes employs a virtual networking layer to manage access within and between your applications or their components. This involves the following key aspects:
27
28
28
-
To allow access to your applications or between application components, Kubernetes provides an abstraction layer to virtual networking. Kubernetes nodes connect to a virtual network, providing inbound and outbound connectivity for pods. The *kube-proxy* component runs on each node to provide these network features.
29
+
-**Kubernetes nodes and virtual network**: Kubernetes nodes are connected to a virtual network. This setup enables pods (basic units of deployment in Kubernetes) to have both inbound and outbound connectivity.
29
30
30
-
In Kubernetes:
31
+
-**Kube-proxy component**: Running on each node, kube-proxy is responsible for providing the necessary network features.
31
32
32
-
**Services* logically group pods to allow for direct access on a specific port via an IP address or DNS name.
33
-
**ServiceTypes* allow you to specify what kind of Service you want.
34
-
* You can distribute traffic using a *load balancer*.
35
-
* Layer 7 routing of application traffic can also be achieved with *ingress controllers*.
36
-
* You can *control outbound (egress) traffic* for cluster nodes.
37
-
* Security and filtering of the network traffic for pods is possible with *network policies*.
33
+
Regarding specific Kubernetes functionalities:
38
34
39
-
The Azure platform also simplifies virtual networking for AKS clusters. When you create a Kubernetes load balancer, you also create and configure the underlying Azure load balancer resource. As you open network ports to pods, the corresponding Azure network security group rules are configured. For HTTP application routing, Azure can also configure *external DNS* as new Ingress routes are configured.
35
+
-**Services**: These are used to logically group pods, allowing direct access to them through a specific IP address or DNS name on a designated port.
36
+
-**Service types**: This feature lets you specify the kind of Service you wish to create.
37
+
-**Load balancer**: You can use a load balancer to distribute network traffic evenly across various resources.
38
+
-**Ingress controllers**: These facilitate Layer 7 routing, which is essential for directing application traffic.
39
+
-**Egress traffic control**: Kubernetes allows you to manage and control outbound traffic from cluster nodes.
40
+
-**Network policies**: These policies enable security measures and filtering for network traffic in pods.
41
+
42
+
In the context of the Azure platform:
43
+
44
+
- Azure streamlines virtual networking for AKS (Azure Kubernetes Service) clusters.
45
+
- Creating a Kubernetes load balancer on Azure simultaneously sets up the corresponding Azure load balancer resource.
46
+
- As you open network ports to pods, Azure automatically configures the necessary network security group rules.
47
+
- Azure can also manage external DNS configurations for HTTP application routing as new Ingress routes are established.
0 commit comments