Azure Kubernetes Service (AKS): Managed Kubernetes

Azure Kubernetes Service (AKS) simplifies deploying a managed Kubernetes cluster in Azure by offloading the operational overhead to Azure. As a hosted Kubernetes service, Azure handles critical tasks like health monitoring and maintenance. You only manage and maintain the agent nodes.

What is Azure Kubernetes Service?

Azure Kubernetes Service is a fully managed Kubernetes service that lets development and operations teams deploy and scale containerized applications without deep container orchestration expertise.

Microsoft provides and maintains the Kubernetes control plane at no charge. This includes the API server, scheduler, controller manager, and etcd data store. You pay only for the compute resources of the worker nodes that run your actual workloads.

AKS integrates natively with Microsoft Entra ID, Azure Monitor, Azure Policy, Azure Container Registry, and many other services. For companies with GDPR requirements, AKS is available in European Azure regions and meets all relevant compliance standards for operation in Germany and the EU.

Since 2025, two operating models are available. AKS Standard gives you full manual control over every cluster aspect. AKS Automatic (generally available since October 2025) delivers production-ready clusters that automatically handle node provisioning via Karpenter (Node Auto-Provisioning), scaling, upgrades, networking, and security defaults. A pod readiness SLA guarantees that 99.9% of qualifying pods are ready within 5 minutes.

Core Features

• Managed control plane: Azure runs and patches the API server, scheduler, controller manager, and etcd for free. You manage only the agent nodes.
• AKS Automatic: Production-ready clusters with managed system node pools, hardened security defaults, automatic upgrades, and node auto-repair out of the box.
• Elastic scaling: Node Auto-Provisioning (Karpenter), Cluster Autoscaler, Horizontal and Vertical Pod Autoscaler, and KEDA for event-driven scaling.
• Flexible networking: Azure CNI Overlay, Azure CNI powered by Cilium (eBPF data plane, L3-L7 network policies, Hubble observability), kubenet, and bring-your-own CNI.
• Enterprise security: Microsoft Entra ID and Azure RBAC, Workload Identity, Azure Policy, Deployment Safeguards, Defender for Containers, and private clusters.
• AI/ML ready: The KAITO operator deploys open models (Phi-4, Mistral, Qwen, DeepSeek, Falcon, Llama) on right-sized GPU nodes with vLLM and OpenAI-compatible APIs.

AKS vs. Azure Container Apps

When choosing between AKS and Azure Container Apps, the question is often about the right level of abstraction.

Choose AKS for existing Kubernetes workloads, full control over networking, storage, and security, complex microservices with a service mesh, hybrid or multi-cloud strategies, Windows container requirements, or a long-term Kubernetes strategy. Choose Container Apps for fast deployment without cluster management, event-driven workloads, true serverless pricing, and teams without Kubernetes expertise.

Typical Use Cases

• Microservices architectures: Orchestrate distributed applications with service discovery, load balancing, and rolling updates. Service meshes like Istio or Linkerd add traffic management, circuit breaking, and mTLS between services.
• CI/CD pipelines with containerized applications: AKS integrates with Azure DevOps and GitHub Actions. GitOps tools such as Flux or Argo CD automate declarative deployments, while Helm and Kustomize template deployments across environments.
• Machine learning model deployment: KAITO deploys open LLMs on right-sized GPU node pools with vLLM, while Azure Machine Learning enables end-to-end MLOps.
• Batch processing and scheduled jobs: Kubernetes CronJobs and Jobs handle periodic data processing, with KEDA scaling based on queue length (for example Azure Service Bus).
• Multi-cloud and hybrid deployments with Azure Arc: Connect AKS clusters with on-premises or other cloud Kubernetes clusters (AWS EKS, Google GKE), enforcing policies and monitoring centrally from Azure.

Benefits

• Lower operational overhead: Azure manages the control plane, node repair, and patching, so teams focus on applications instead of infrastructure.
• Predictable cost model: No control plane charge, plus Spot node pools, autoscaling, and Azure Hybrid Benefit to optimize spend.
• Reliability by design: A 99.95% API server SLA with Availability Zones, plus the AKS Automatic pod readiness SLA for predictable scaling.
• Reduced upgrade frequency: Long-Term Support extends maintenance to 24 months per version, halving the cadence of major upgrades.
• EU data sovereignty: Deploy in European regions with comprehensive compliance certifications for GDPR-aligned operations.

Frequently Asked Questions about Azure Kubernetes Service

Is the Kubernetes control plane free?

Yes, Azure manages the control plane at no charge. You pay only for the virtual machines (nodes) that run your applications, plus a cluster management fee on the Standard and Premium tiers.

What is AKS Automatic?

AKS Automatic is a production-ready cluster mode (generally available since October 2025) that fully automates node provisioning, scaling, upgrades, networking, and security defaults. Clusters use the Standard tier, Node Auto-Provisioning (Karpenter), and Azure CNI Overlay powered by Cilium. A pod readiness SLA guarantees that 99.9% of qualifying pods are ready within 5 minutes.

Which Kubernetes versions does AKS support?

AKS provides 12 months of community support per GA version. On the Premium tier, Long-Term Support (LTS) extends maintenance to 24 months per version (from Kubernetes 1.27 onward), so you only plan major upgrades every two years instead of annually.

How do I run AI models on AKS?

With the Kubernetes AI Toolchain Operator (KAITO) you deploy open models such as Phi-4, Mistral, Qwen, DeepSeek, Falcon, or Llama directly on AKS. KAITO automatically provisions right-sized GPU nodes, uses vLLM as the inference engine, and exposes OpenAI-compatible APIs.

What SLA does AKS offer?

The Free tier provides best-effort uptime with no SLA. The Standard and Premium tiers guarantee 99.9% availability of the Kubernetes API server, or 99.95% with Availability Zones. AKS Automatic adds a pod readiness SLA on top of the uptime SLA.

Can I use AKS in hybrid cloud scenarios?

Yes. Through Azure Arc-enabled Kubernetes you can manage on-premises and other cloud Kubernetes clusters alongside AKS, enforcing policies and monitoring centrally from Azure.

Can I run AKS in compliance with GDPR?

Yes. By using European Azure regions (West Europe, North Europe, Germany West Central, France Central, Switzerland North, Sweden Central) and the right configuration, you can meet GDPR requirements. Microsoft provides comprehensive compliance certifications and data processing agreements.

AKS vs. Alternatives from Other Cloud Providers

Azure Kubernetes Service competes with comparable managed Kubernetes services from other providers:

• AWS: Amazon EKS (Elastic Kubernetes Service)
• STACKIT: STACKIT Kubernetes Engine (SKE)
• Google Cloud: Google Kubernetes Engine (GKE)

While functionality is often similar, the services differ in pricing models, regional availability, and integration ecosystem. Azure stands out for enterprise customers on the Microsoft stack, with Microsoft Entra ID integration and hybrid cloud scenarios via Azure Arc. AWS EKS offers the deepest AWS integration and the widest choice of instance types. Google GKE is often a technical frontrunner and offers an Autopilot mode for fully managed clusters. STACKIT SKE focuses on GDPR compliance with German data centers and sovereignty.

Integration with innFactory

As a Microsoft Azure Partner, innFactory supports you in integrating and optimizing Azure Kubernetes Service (AKS). We help with architecture, migration, operations, and cost optimization.

Contact us for a non-binding consultation on Azure Kubernetes Service (AKS) and Microsoft Azure.