Table of Contents

Azure Storage for AKS

By default, an Azure Disk is created and used by AKS when you create a persistent volume (PV). The Azure Disks comes in two different performance tiers: Premium and Standard, and enables durable and secure disk storage for Azure Virtual Machines.

Azure Files is an alternative storage solution, provided by Azure Storage Services. It offers a fully managed file shares in the cloud that are accessible anywhere through SMB. Shared storage supports applications requiring a file system interface and file system semantics.

Storage Classes

Kubernetes uses a concept called “Storage Classes” to control the dynamic provisioning of storage. An AKS cluster can use two types of storage classes:

  • The default Azure Disk storage class: azure-disk
  • Azure File storage class: azure-file

You can define characteristics such as reclaim policy, volume binding mode, allow volume expansion, and more for your storage classes.

Azure Disk Storage on AKS

The default azure-disk storage class makes use of Azure managed disks. It offers high-performance, highly durable block storage for AKS workloads.

Here’s an example of a Persistent Volume Claim (PVC) using azure-disk.

kind: PersistentVolumeClaim
apiVersion: v1
metadata:
name: azure-managed-disk
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 5Gi
storageClassName: default

In this YAML file, the PVC implementation is requesting a disk of size 5Gi. The access mode is set to ReadWriteOnce, meaning that the volume can be mounted as read/write by a single node. The storageClassName “default” refers to the Azure Disk Storage class.

Azure File Storage on AKS

Azure Files allows you to mount a file share in the cloud into an AKS pod. This is particularly useful if you have multiple pods that need to access the same files.

Here’s an example of a Persistent Volume Claim (PVC) using azure-file.

kind: PersistentVolumeClaim
apiVersion: v1
metadata:
name: azure-file
spec:
accessModes:
- ReadWriteMany
resources:
requests:
storage: 5Gi
storageClassName: azurefile

In this YAML file, the PVC implementation is requesting a file share of size 5Gi. The access mode is set to ReadWriteMany, meaning that the volume can be mounted as read/write by many nodes. The storageClassName “azurefile” refers to the Azure File Storage class.

Summary

Knowing how to configure storage for Azure Kubernetes Service becomes critical as your apps require storage that can be accessed by multiple pods or require disk performance. Using Azure Disk Storage or Azure File Storage can fulfil these requirements depending upon your application necessities. Always remember to choose your storage solution based on the nature of your workloads to ensure optimal performance.

Practice Test

True or False: Azure Kubernetes Service (AKS) automates a number of critical tasks such as Kubernetes version upgrades, security patching, and cluster scaling.

  • True
  • False

Answer: True.

Explanation: AKS streamlines Kubernetes management by automating and simplifying a number of critical tasks.

Azure Kubernetes Service uses Azure Files and Azure Disks for its storage. True or False?

  • True
  • False

Answer: True.

Explanation: AKS uses both Azure Disks and Azure Files as underlying storage solutions.

In AKS, multiple pods can’t share the same Azure Disk. True or False?

  • True
  • False

Answer: True.

Explanation: Azure Disks are designed as a single-pod mount, so multiple pods can’t share the same Azure Disk.

Which of the following storage classes are supported by AKS?

  • A. Standard HDD
  • B. Premium SSD
  • C. Ultra Disk
  • D. All of the above

Answer: D. All of the above

Explanation: AKS supports Standard HDD, Premium SSD, and Ultra Disk storage classes for persistent volumes.

In AKS, each node can have a maximum of how many attached Azure Disks?

  • A. 256
  • B. 16
  • C. 32
  • D. 64

Answer: C. 32

Explanation: Each node in an AKS cluster can have a maximum of 32 Azure Disks attached.

True or False: Azure Blob Storage can be directly mounted in AKS.

  • True
  • False

Answer: False.

Explanation: Azure Blob Storage cannot be directly mounted in AKS. Instead, it’s accessed via API or SDK.

Socket.io is an example of a stateful application that can run on AKS. True or False?

  • True
  • False

Answer: False.

Explanation: Socket.io is a library for real-time web applications. It’s not an example of a stateful application.

Persistent volumes in AKS provide fault-tolerance. True or False?

  • True
  • False

Answer: True.

Explanation: Persistent volumes provide fault-tolerance by outliving any one pod in AKS.

Which of the following does the AKS PersistentVolumeClaim manifest NOT specify?

  • A. Storage class
  • B. Storage size
  • C. Access mode
  • D. Node size

Answer: D. Node size

Explanation: The PersistentVolumeClaim manifest in AKS doesn’t specify node size. It specifies storage class, size, and access mode.

To dynamically create a PersistentVolume, a StorageClass object should be defined. True or False?

  • True
  • False

Answer: True.

Explanation: A StorageClass object should be defined for dynamic PersistentVolume creation. It defines the type of storage and provisioner to use.

Single Azure File Share can be mounted by multiple pods across multiple nodes. True or False?

  • True
  • False

Answer: True.

Explanation: Unlike Azure Disk, a single Azure File Share can be used by multiple pods across multiple nodes.

AKS data encryption is maintained at rest and during transit. True or False?

  • True
  • False

Answer: True.

Explanation: AKS maintains data encryption both at rest and during transit providing an extra layer of security.

What type of storage account should be used in production with AKS Azure File Share?

  • A. General-purpose v2
  • B. BlobStorage
  • C. General-purpose v1
  • D. None of the above

Answer: A. General-purpose v2

Explanation: Production scenarios with Azure Kubernetes Service (AKS) should use a StorageV2 (general-purpose v2) storage account.

Disk encryption in AKS uses Azure Disk Encryption. True or False?

  • True
  • False

Answer: False.

Explanation: Disk encryption in AKS uses Azure-managed disks and Azure disk encryption in not supported.

Dynamic volume provisioning in AKS uses Azure Disk Provisioner. True or False?

  • True
  • False

Answer: False.

Explanation: Dynamic volume provisioning in AKS uses a Kubernetes feature called Dynamic Volume Provisioning, not Azure Disk Provisioner.

Interview Questions

What is Azure Kubernetes Service (AKS)?

Azure Kubernetes Service (AKS) is a managed container orchestration service provided by Azure. It simplifies the deployment, scaling, and operations of containerized applications using Kubernetes, an open-source orchestration framework.

What storage options are available for AKS?

Azure offers different kinds of storage options for AKS such as Azure Disks, Azure Files, and blob storage.

How do you create an Azure disk for use with AKS?

You can create an Azure disk for AKS using the Azure CLI or the Azure Portal. The disk can then be added to your AKS cluster as a persistent volume.

What is the role of a StorageClass in AKS?

In AKS, a StorageClass is used to define how a volume should be dynamically provisioned. It allows you to specify details such as the type of storage to use, the replication factor, and other options.

What are Persistent Volumes (PV) and Persistent Volume Claims (PVC) in the context of AKS?

In AKS, Persistent Volumes (PV) are used for long-term storage, even when your applications or pods are not running. When your application needs to use the storage, it creates a Persistent Volume Claim (PVC), which allocates a specific amount of storage from the Persistent Volume.

How to mount Azure File share in AKS?

Azure File shares can be mounted in an AKS cluster using Kubernetes persistent volumes and volume claims. First, create a Kubernetes secret with the Azure Storage account name and account key, then define the persistent volume and finally, create a persistent volume claim to use the Azure File share.

How can you backup data in AKS?

You can backup data in AKS using Azure Backup. It provides a simple solution for backing up your applications and data, and it supports automatic backups and manual backups.

Can Azure Blob Storage be used for AKS volumes?

No, Azure Blob Storage is not designed to be used as a direct volume for AKS. Blob Storage is object storage and is not recommended to be used with applications that require a file system.

What are the main storage options for Azure Disks?

The main storage options for Azure Disks are Premium SSD, Standard SSD, and Standard HDD. They offer different performance and cost options to meet different storage needs.

What is the maximum size of a volume that can be created in AKS using Azure Disks?

The maximum size of a volume that can be created in AKS using Azure Disks is 32 TiB.

Can you encrypt data stored in AKS?

Yes, Azure Kubernetes Service (AKS) supports encryption at rest. The Azure Disk Encryption helps protect and safeguard your data to meet your organizational security and compliance commitments.

Is it possible to resize Azure Disks in AKS?

Yes, it is possible to resize Azure Disks in AKS. You can do so by using the Azure CLI or the Azure Portal. Note that when you increase the size of an Azure Disk, you can’t decrease it.

How can Azure NetApp Files be used with AKS?

Azure NetApp Files is a fully managed file storage service that can be used to provide high-performance storage for your AKS workloads. This type of storage is often used for workloads that require high IOPS and low latency.

What happens to the data in AKS when a container crashes?

If a container in AKS crashes, any data stored within it that is not in a persistent storage volume is lost. However, data in persistent volumes is preserved and can be accessed when the container restarts.

How can storage be secured in AKS?

Storage in AKS can be secured using a number of features provided by Azure, including Azure Disk Encryption, Role-Based Access Control (RBAC), and Azure Private Link to securely access your volumes on the Azure network.

Leave a Reply

Your email address will not be published. Required fields are marked *