Azure Kubernetes Service and Azure Container Registry Service on Azure Stack Hub
Published Jan 27 2022 06:25 PM 8,333 Views
Microsoft

There are bright spots in the middle of Seattle’s winter rains, one is the fact that the Public Preview availability of two new services is out and ready for customers to install and test. Customers can now install Azure Stack Hub’s 2108 Update with Hotfix 4 and then take full advantage of the following two services:

  • Azure Kubernetes Service (AKS)
  • Azure Container Registry Service (ACR)

For customers that already have invested in Azure Stack Hub, they can now take advantage of AKS and ACR directly from the Portal and CLI.

It simplifies deploying a managed Kubernetes cluster by automating the operational overhead and providing the functionality you need to maintain your clusters. When you deploy an AKS cluster, the Kubernetes control plane and all nodes are deployed and configured for you. The service will monitor the cluster’s infrastructure health, it will attempt to remediate issues and notify the Azure Stack Hub operator when your AKS clusters infra runs into problems. AKS enables you to manage the complete lifecycle of your Kubernetes clusters using the same User Interface, Command Line, API, and templates available in Azure AKS.

 

Azure Container Registry (ACR) on Azure Stack Hub allows users to store and retrieve OCI images, assign role-based access control (RBAC) permissions, and create webhooks.  Used in conjunction with AKS on Azure Stack Hub, it provides an easy way to locally store and deploy container images to your AKS Kubernetes clusters.

 

AKS Benefits

 

  • You can adopt AKS as your Kubernetes provider for both the cloud and the edge. This allows you to use the same lift-and-shift and application modernization strategies regardless of where your workloads need to run.
  • With AKS-HCI you can easily deploy Kubernetes clusters inside your edge facility and manage them together with your Azure clusters from the Azure control plane using Azure Arc.
  • If your edge facility has limited or no network connectivity, you can take advantage of AKS on Azure Stack Hub (ASH). AKS-ASH includes the AKS control plane to manage the lifecycle of your cluster from Azure. With its own instance of Azure Resource Manager (ARM) and the Azure Portal, Azure Stack Hub allows you to use the same CLI scripts and templates that you would use in Azure without requiring a connection back to the public cloud.
  • With Azure AKS, AKS-HCI, and AKS-ASH your cloud computing plans can include workloads running on the Cloud, hybrid, and disconnected Edge.

 

Comparing AKS on Hub with AKS on Azure and AKS Engine on Hub

 

AKS on ASH is a subset of the functionality you find in Azure AKS. This is because the two platforms differ on the available features and services:

Feature

AKS on Azure

AKS on Hub

AKS Engine on Hub

Create, Upgrade, Scale, Delete

Yes

Yes

Yes

AKS Managed VM Image

Yes

Yes

Yes

Ux, CLI, API, Template experience

Yes

Yes

No

Monitoring and Remediation of Control Plane

Yes

Yes

No

Cluster Metrics

Yes

Yes

No

Diagnostic settings

Yes

Yes

No

Kubernetes Control Plane Logs

Yes

Yes

Yes

Kubenetes and Azure CLI network plugins

Yes

Yes

Yes

CNCF-certified

Yes

Yes

Yes

Cluster auto-scaler

Yes

No

No

Multiple node pool management

Yes

No

No

Integrated AAD/ADFS Auth and RBAC

Yes (AAD)

No

No

Security Center Integration

Yes

No

No

Integrated Azure Monitoring (Insights, Logs, Metrics, Alerts)

Yes

No

No

ASH Operator Ux and PS experience

No

Yes

No

 

 

 

 

 

 

ACR Benefits & Feature Comparison to ACR in Azure

 

ACR on Hub enables fast local retrieval of container workloads. ACR on Azure Stack Hub handles private Docker container images as well as related content formats, such as Helm chartsOCI artifacts, and images built to the OCI image format specification.  A highlight of available benefits includes:

  • OCI artifact repository for adding Helm charts, Singularity support, and new OCI artifact-supported formats
  • Integrated security with Azure Active Directory (Azure AD) or ADFS/Graph authentication, role-based access control, Docker Content Trust, and virtual network integration
  • Connected & Disconnected Support for Azure Stack Hub deployments, enabling container workloads for customers of all internet connectivity types.

For a full list of features available on Azure Stack Hub and comparison to ACR on Azure, visit our ACR on Hub  Overview.

 

AKS Operator's Experience

 

The one item that you will not find in Azure AKS is the Hub Operator experience. On Hub customers must manage the available services, that includes AKS. The service comes with a specific UI to help you view the AKS service state, alerts, clusters, and images:  

 

WalterOliver_0-1643329106138.png

 

AKS Tenant Experience

 

If you are familiarized with Azure AKS you will see that on Hub the AKS tenant experience is a subset of Azure’s AKS. It provides the core functionality available in Azure so that you can manage the complete lifecycle of your Kubernetes clusters with ease.

 

WalterOliver_1-1643329106150.png

 

 

ACR Experiences

 

ACR on Azure Stack Hub provides the same UX and CLI experiences from Azure public but exposing only a subset of features which are available on Hub.  Additionally, ACR on Hub provides an experience for operators in the admin portal to enable and manage the container registry service.

 

ACR Operator Experience

Learn more about Operating ACR on Azure Stack Hub here: https://aka.ms/ash-acr-operator-docs

 

WalterOliver_2-1643329106161.png

 

ACR Tenant Experience

 

Learn more about using ACR on Azure Stack Hub here: https://aka.ms/ash-acr-docs

 

WalterOliver_3-1643329106167.png

 

Helpful Links

 

 

 

 

 

2 Comments
Version history
Last update:
‎Jan 28 2022 10:37 AM
Updated by: