Now, when Elastisys managed Kubernetes platform is available on Azure, many may wonder how it differs from Azure Kubernetes Service (AKS)?
In this blog post, we explain the benefits of running your applications on top of Elastisys managed Kubernetes platform on Azure compared to the default AKS deployment.
In short, using Elastisys managed Kubernetes platform on Azure will provide you with a Kubernetes platform, which is:
- fully managed,
- production-ready,
- security-hardened,
- multi-cloud and open-source by design, and
- operated by a team of certified Kubernetes administrators.
Fully managed Kubernetes platform
Managed Kubernetes services come in various flavors, differing in the division of responsibilities between the Kubernetes provider and the customer. Depending on where the line is drawn, you will have to manage more or less components that are not directly related to your core business and competencies.
The Azure platform manages the Kubernetes control plane, but you are still fully responsible for administering all worker node components. This includes their configuration and regular upgrades. Unfortunately, this means you need to get involved in repeatable tasks that lie outside of your core business.
Production-grade Kubernetes platform
Kubernetes itself is just a base on which one can create a production-grade platform for hosting containerized applications. Multiple building blocks need to be added in order to provide functionalities such as observability, continuous delivery, security, and disaster recovery.
When using AKS, you only get the pure Kubernetes base, and need to compose the platform yourself. This task involves evaluating and integrating many components, requiring skills of an Azure or Cloud Native Solution Architect.
See our Container Platforms: Why and How? for more details on this.
Security-hardened configuration of the whole Kubernetes platform
Unfortunately, Kubernetes is not secure by default, nor by itself. A significant effort has to be put into securing the cluster itself, as well as, adding necessary security stack components.
When running on AKS, Azure will only ensure the security of the components they manage, namely the underlying cloud infrastructure, Kubernetes control plane, and selected add-ons. It will be your responsibility to secure the worker nodes, all the settings you can adjust on the cluster, add-ons and other platform component levels, as well as your application itself. This means you will need to become an expert in all of those technologies outside your core business to configure them according to best practices.
See our Free Guides: How to Security-Harden Kubernetes Against Unknown Unknowns and How to Operate a Secure Kubernetes Platform to learn more.
Multi-cloud solution using widely-adopted, best industry standards and open-source projects
Cloud agnosticity and open source are critical components of business continuity planning. Combined, they enable you to stay independent of any particular cloud infrastructure or service provider.
When running on AKS, it is tempting to default to Azure-specific products when compiling your platform. However, the risk is that you may easily end up locked-in on Azure Cloud. This will become troublesome and costly, if for any reason, you need to run your application on another cloud or on-prem in the future.
For more details, check our blog post on How open source benefits business continuity. Also visit this page with links to our open source GitHub repositories.
Team of Kubernetes platform administrators
Seasoned engineers with Kubernetes administration experience are in high demand nowadays. It is hard to recruit them and even harder to retain.
When running on AKS, you need to provide not only application developers who develop and troubleshoot your application, but also Kubernetes administrators who maintain the components of the Kubernetes platform outside of Azure’s responsibility. Even worse, your business continuity strongly depends on those in-house engineers who are not directly contributing to your competitive advantage.
See our Responsibility Model for detailed information.
Summary
Here we summarize the key differences between Elastisys managed Kubernetes platform on Azure and Azure Kubernetes Service (AKS).
In summary, Elastisys managed Kubernetes platform on Azure:
- provides you with a fully managed Kubernetes and not only managed control plane,
- gives you a production-ready solution and not only a base to build your own platform,
- is security-hardened on all levels and even provides application safeguards for you to follow, so you don’t need to find out how to secure platform components by yourself,
- is multi-cloud and open-source by design, so you avoid being locked-in in a single cloud,
- is operated by a team of certified Kubernetes administrators, so you don’t need to hire your own Kubernetes admins.
If you want us to manage your Kubernetes platform, get in touch. And if you want to read more about Elastisys and our fully managed Kubernetes platform, click here.
Azure marketplace listing coming soon!
Blog post by Jakub Krzywda
I’m Jakub, Cloud Native Training Manager at Elastisys, the Linux Foundation Authorized Instructor and Kubestronaut. I am helping organizations to securely adopt cloud native technologies and DevOps best practices. Follow me on LinkedIn, where I educate on Kubernetes, Cloud Native and DevOps.
Want more information about Elastisys and our fully managed Kubernetes platform?