This article shows how to conceptualize, architect, build, and deploy an application that uses projects from the Cloud Native Computing Foundation (CNCF) after you deploy Azure Kubernetes Service (AKS). The architecture describes the CNCF Projects App on GitHub. The setup instructions in the repo provide steps for deploying the architecture.
Architecture
Download a Visio file of this architecture.
The workload is a simple web application that employees can use to submit and view expense reports. When an employee submits an expense report, the employee's manager receives an email.
Workflow
Application flow
1. The employee accesses a web app via NGINX Ingress to submit expenses.
2. The web app calls an API app to retrieve the employee's manager.
3. The web app pushes a message that's generated for the creation of the expense report to a Knative broker.
4. The expense report is saved in MySQL.
5. Knative triggers the Email Dispatcher function with the expense message as the payload.
6. Email Dispatcher creates a SendGrid message.
7. SendGrid sends an email to the retrieved manager for review.
DevOps flow
a. Developers write or update the code in Visual Studio Code.
b. Developers push the code to GitHub from their local workspace in Visual Studio Code.
c. GitHub Webhook triggers Tekton pipelines which clones the GitHub code.
d. Pipelines build and push and the container images to a Harbor registry.
e. Tekton deploys the web app, API app, and Email Dispatcher applications.
f. Prometheus captures application metrics.
g. Engineers monitor metrics on a Grafana Dashboard.
h. DevOps engineers monitor the Grafana Dashboard.
Infrastructure
i. AKS cluster based on the infrastructure presented in the AKS baseline.
ii. Rook Ceph used for cluster storage.
iii. Linkerd service mesh.
iv. Jaeger for overall application tracing on the Kubernetes cluster.
Cluster operations
You might find it beneficial to manage clusters and cluster bootstrapping by using GitOps management. Flux is a popular GitOps operator. It's often paired with GitHub Actions to enable validation on updated manifests and Helm charts.
Components
Azure
- Azure Kubernetes Service (AKS). Provides the managed cluster infrastructure.
Open-source software
- Kubernetes. CNCF. Automates deployment, scaling, and management of containerized applications.
- Flux. CNCF. GitOps provider for infrastructure delivery.
- Rook. CNCF. Provides storage management for the clusters.
- Harbor. CNCF. Container Registry for the images.
- Linkerd. CNCF. Service mesh that integrates with OpenFaaS, NGINX, Prometheus, and Jaeger.
- Prometheus. CNCF. Captures application metrics.
- Jaeger. CNCF. Provides overall application tracking on the Kubernetes cluster.
- Knative. CNCF. Used to build serverless and Event Driven application. Deploys the Email Dispatcher function.
- MySQL. Database that stores the expense reports.
- NGINX. Kubernetes ingress controller that employees use to access the web app to submit expense reports.
- Tekton. Continuous Delivery Foundation project that's used for continuous integration / continuous deployment (CI/CD). Deploys the web app, API app, and Email Dispatcher applications.
- Grafana. Dashboard for application metrics.
- SendGrid. External email service that sends mail to the manager for expense report review.
- GitHub. Code repository. Tekton pipelines use GitHub code.
- .NET Core. Used for the web front end and the web API.
- Flux. Provides GitOps management.
Alternatives
This project uses CNCF graduated and incubated projects. There could be multiple alternatives for the services used. See the CNCF website for alternatives. Here are some resources that describe some of them:
- Comparison of service mesh options
- Function as a service (serverless) alternatives
- Vitess: sharded MySQL on Kubernetes
- Monitoring your microservices by using Zipkin and OpenTracing
- GitOps with a developer-centric experience
You can consider various Azure services as alternatives. For example, Web Application Routing, Azure Container Registry, Azure Container Storage, Azure Monitor, Azure Monitor managed service for Prometheus, Azure Managed Grafana.
Microsoft also supports open-source software projects as Managed Addons/Derived projects in AKS, including NGINX, Istio, Prometheus, Grafana and OpenEBS.
Scenario details
You can deploy this architecture on any Kubernetes cluster, not just AKS. It provides one example of the flexibility of the AKS platform. AKS makes it simple to deploy a managed Kubernetes cluster in Azure.
After you review this article, you'll have a good understanding of how to deploy a typical application that's made up mostly of CNCF projects.
Potential use cases
These other uses cases have similar design patterns:
- Creating a CI/CD pipeline for container-based workloads
- Using GitOps for AKS
Considerations
These considerations implement the pillars of the Azure Well-Architected Framework, which is a set of guiding tenets that can be used to improve the quality of a workload. For more information, see Microsoft Azure Well-Architected Framework.
- For the Kubernetes cluster, you need at least a 3-node user-node pool with virtual machine (VM) SKU DS2_v2 or larger.
- Volumes that use Azure managed disks can't be attached across zones. They must be located in the same zone.
- Rook installation can take between 20 and 25 minutes. Be sure the Ceph cluster is completely provisioned before you move on to the next step.
- The Jaeger setup takes about 5 minutes.
- It takes about 12 minutes for Linkerd to appear in the dashboard.
Cost optimization
Cost optimization is about looking at ways to reduce unnecessary expenses and improve operational efficiencies. For more information, see Overview of the cost optimization pillar.
You can use the Azure pricing calculator to estimate costs. Following are some pricing considerations for running this project in Azure. A negligible bandwidth cost applies.
Virtual Machine Scale Sets
VMs that are used in Azure Virtual Machine Scale Sets for the AKS cluster incur a charge. For more information, see Virtual Machine Scale Sets pricing.
Storage
Storage costs apply for each data disk that's required by the Rook installation. For this 3-node AKS cluster, the Rook configuration uses two data disks per node: a 1-GB disk and a 200-GB disk. For more information, see Storage cost pricing.
Load balancer
The load balancer that's associated with this AKS cluster incurs a charge. For more information, see Load Balancer pricing.
Virtual network
The virtual network that's used by the AKS cluster incurs a charge. For more information, see Virtual Network pricing.
Deploy this scenario
Deploy this scenario from the Azure/cloud-native-app GitHub repo. Follow the setup instructions in the provided sequence to deploy the CNCF Projects App in your environment.
This repo is a community project. It accepts and approves pull requests (PRs) for enhancements and modifications from the community.