AKS-HCI can be installed using PowerShell or Windows Admin Center. We used Windows Admin Center in the lab for ASHCLUSTER. We verified that we met all the requirements in the Quickstart: Set up Azure Kubernetes Service on Azure Stack HCI using Windows Admin Center documentation before stepping through the setup. The automated deployment of AKS-HCI using Windows Admin Center removed all the complexity of a typical Kubernetes deployment using predefined configurations from Microsoft. The deployment process involved the creation of two types of clusters:
Figure 7. Azure Kubernetes Service host configuration
The following figure shows how the Azure Kubernetes Service tool appears in Windows Admin Center after the deployment is complete.
Figure 8. Successful deployment of AKS-HCI host VM
Figure 9. Workload cluster configuration
The following figure shows how the Azure Kubernetes tool appears in Windows Admin Center after the workload cluster is successfully deployed.
Note: Azure Arc-enabled Kubernetes agents were installed automatically as part of the deployment using Windows Admin Center.
Figure 10. Successful deployment of AKS-HCI workload cluster
The following figure presents the logical architecture of the initial setup in the lab before any other resources were deployed.
Figure 11. AKS-HCI architecture deployed in the lab
The following table summarizes all the configuration details about the initially deployed environment.
Table 4. AKS-HCI configuration details
AKS-HCI Configuration Name | Value |
AKS-HCI core version | AKS-HCI-2108 (1.0.3.10901) |
AKS-HCI core Kubernetes version | 1.20.7 |
Workload cluster Kubernetes version | 1.21.2 |
Workload cluster control plane node count | 1 |
Worker node count | 2 |
Worker node operating system | Linux |
Worker node VM size | Standard_D32s_v3 (32 vCPUs, 128 GB RAM) |
The following figure shows the service host and workload clusters appearing in the Azure Arc-enabled Kubernetes blade in the Azure portal.
Figure 12. AKS-HCI management and workload clusters in Azure Arc
The following table lists the primary tools that we used to perform the deployment, life cycle management, and monitoring of the AKS-HCI layer.
Note: For some of the tools listed – especially helm, Azure CLI, and the Azure CLI extensions – we always verified that we were using the latest version that was available.
Table 5. Tools used at AKS-HCI layer
Tool | Purpose | Version |
Azure Arc-enabled Kubernetes | Provides rich monitoring, GitOps-based configuration management, policy enforcement, and a target for Azure Arc-enabled data services. | 1.3.8 |
PowerShell | Performed various operational tasks in AKS-HCI. (AksHci module v1.1.0) | 5.1 or Core |
kubectl | Used for various management and maintenance activities in Kubernetes. | 1.21.2 |
helm | Used to install software built for Kubernetes. | 3.6.3 |
Azure CLI (including required extensions) | Used to interact with Azure Arc-enabled Kubernetes resources. The following extensions were also installed: k8s-extension (v0.6.1), connectedk8s (v1.1.7), k8s-configuration (v1.0.0). | 2.27.0 |
Azure portal | Used to interact with Azure Arc-enabled Kubernetes resources. | N/A |
Azure Monitor Container Insights | Used for monitoring performance and capacity in the Kubernetes environment through the Azure portal. | 2.8.2 |
We used Azure Arc-enabled Kubernetes to integrate with other Azure services like Azure Monitor Container Insights. This provided us with workload cluster processor, memory, and storage performance data. We used the metrics at the AKS-HCI layer combined with data that was captured from the Azure Arc-enabled SQL Managed Instances to get a holistic view into the overall responsiveness of the SQL databases during the load testing. To set up integration with Azure Monitor Container Insights we checked the prerequisites and installed a new extension to the workload cluster. We already had created a Log Analytics workspace. We had the correct permissions assigned to the Azure subscription and workspace.
We issued the following Azure CLI commands to install the azuremonitor-containers extension:
# Authenticate to Azure interactively
az login
# Switch to the subscription hosting the Log Analytics workspace
az account set -s <subscription ID>
# Obtain the Log Analytics workspace ID
az resource list --resource-type Microsoft.OperationalInsights/workspaces -o json
# Create extension instance
az k8s-extension create --name azuremonitor-containers --cluster-name aks-lab-workloads-1 --resource-group AksHciResources-rg --cluster-type connectedClusters --extension-type Microsoft.AzureMonitor.Containers --configuration-settings logAnalyticsWorkspaceResourceID="<workspace ID>"
# Verify installState shows Installed for new extension
az k8s-extension show -c aks-lab-workloads-1 --cluster-type connectedClusters -n azuremonitor-containers -g AksHciResources-rg
The following figure shows the aks-lab-workloads-1 cluster appearing in Azure Monitor after we installed the extension.
Figure 13. Workload cluster in Azure Monitor Container Insights
There was also the option to use open-source software to perform monitoring and logging on-premises. Prometheus is an open-source application used for monitoring and alerting of containerized workloads. Prometheus can be deployed during initial creation of the workload cluster or deployed on an existing workload cluster using a single PowerShell command. Grafana is another tool for visualizing metrics, logs, and other data in a wide variety of formats. Microsoft provides guidance on installing Grafana with AKS-HCI and configuring it to use Prometheus as the data source using a helm chart.
For on-premises logging, AKS-HCI uses a solution that is based on Elasticsearch, Fluent Bit, and Kibana (EFK). You can find the details for setting up the solution in the AKS-HCI-Apps GitHub repository. We used Azure Monitor Container Insights for monitoring the aks-lab-workloads-1 cluster in the lab. The commands that we ran to install the open-source tools are listed in Appendix A: On-premises monitoring set-up commands.
Note: For the EFK installation, we ran the required command in PowerShell 5.1 and not PowerShell Core, as we experienced failures when using Core.