Azure Kubernetes Service Case Study
Today’s world of always-on applications and APIs have availability and reliability requirements that would have been required of only a handful of mission critical services around the globe only a few decades ago. Likewise, the potential for rapid, viral growth of a service means that every application has to be built to scale nearly instantly in response to user demand. These constraints and requirements mean that almost every application that is built — whether it is a consumer mobile app or a back‐end payments application — needs to be a distributed system.
Kubernetes has become the leading standard in container orchestration. Since its inception in 2014, it has gained tremendous popularity. It has been adopted by start-ups as well as major enterprises, and the major public cloud vendors all offer a managed Kubernetes service.
Kubernetes is used by start-ups and large enterprises alike. Microsoft is one of the largest contributors to the open source project, and it offers a managed service to run Kubernetes clusters at scale.
Azure Kubernetes Service (AKS) simplifies deploying a managed Kubernetes cluster in Azure by offloading the operational overhead to Azure. As a hosted Kubernetes service, Azure handles critical tasks, like health monitoring and maintenance. Since Kubernetes masters are managed by Azure, you only manage and maintain the agent nodes. Thus, AKS is free; you only pay for the agent nodes within your clusters, not for the masters.
You can create an AKS cluster using:
- The Azure CLI
- The Azure portal
- Azure PowerShell
- Using template-driven deployment options, like Azure Resource Manager templates and Terraform
When you deploy an AKS cluster, the Kubernetes master and all nodes are deployed and configured for you. Advanced networking, Azure Active Directory (Azure AD) integration, monitoring, and other features can be configured during the deployment process.
Azure Kubernetes Service Benefits
Azure Kubernetes Service is currently competing with both Amazon Elastic Kubernetes Service (EKS) and Google Kubernetes Engine (GKE). It offers numerous features such as creating, managing, scaling, and monitoring Azure Kubernetes Clusters, which is attractive for users of Microsoft Azure. The following are some benefits offered by AKS:
- Efficient resource utilization: The fully managed AKS offers easy deployment and management of containerized applications with efficient resource utilization that elastically provisions additional resources without the headache of managing the Kubernetes infrastructure.
- Faster application development: Developers spent most of the time on bug-fixing. AKS reduces the debugging time while handling patching, auto-upgrades, and self-healing and simplifies the container orchestration. It definitely saves a lot of time and developers will focus on developing their apps while remaining more productive.
- Security and compliance: Cybersecurity is one of the most important aspects of modern applications and businesses. AKS integrates with Azure Active Directory (AD) and offers on-demand access to the users to greatly reduce threats and risks. AKS is also completely compliant with the standards and regulatory requirements such as System and Organization Controls (SOC), HIPAA, ISO, and PCI DSS.
- Quicker development and integration: Azure Kubernetes Service (AKS) supports auto-upgrades, monitoring, and scaling and helps in minimizing the infrastructure maintenance that leads to comparatively faster development and integration. It also supports provisioning additional compute resources in Serverless Kubernetes within seconds without worrying about managing the Kubernetes infrastructure.
Azure Kubernetes Service Features
Microsoft Azure offers Azure Kubernetes Service that simplifies managed Kubernetes cluster deployment in the public cloud environment and also manages health and monitoring of managed Kubernetes service. Customers can create AKS clusters using the Azure portal or Azure CLI and can manage the agent nodes.
A template-based deployment using Terraform and Resource Manager templates can also be chosen to deploy the AKS cluster that manages the auto-configuration of master and worker nodes of the Kubernetes cluster. Some additional features such as advanced networking, monitoring, and Azure AD integration can also be configured. Let’s take a look into the features that Azure Kubernetes Service (AKS) offers:
Open-source environment with enterprise commitment
Microsoft has inducted the number of employees in last couple of years to make Kubernetes easier for the businesses and developers to use and participate in open-source projects and became the third giant contributor to make Kubernetes more business-oriented, cloud-native, and accessible by bringing the best practices and advanced learning with diverse customers and users to the Kubernetes community.
Nodes and clusters
In AKS, apps and supporting services are run on Kubernetes nodes and the AKS cluster is a combination of one or more than one node. And, these AKS nodes are run on Azure Virtual Machines. Nodes that are configured with the same configuration are grouped together called node pool. Nodes in the Kubernetes cluster are scaled-up and scaled-down according to the resources are required in the cluster. So, nodes, clusters, and node pools are the most prominent components of your Azure Kubernetes environment.
Role-based access control (RBAC)
AKS easily integrates with Azure Active Directory (AD) to provide role-based access, security, and monitoring of Kubernetes architecture on the basis of identity and group membership. You can also monitor the performance of your AKS and the apps.
Integration of development tools
Another important feature of AKS is the development tools such as Helm and Draft are seamlessly integrated with AKS where Azure Dev Spaces can provide a quicker and iterative Kubernetes development experience to the developers. Containers can be run and debugged directly in Azure Kubernetes environment with less stress on the configuration.
AKS also offers support for Docker image format and can also integrate with Azure Container Registry (ACR) to provide private storage for Docker images. And, regular compliance with the industry standards such as System and Organization Controls (SOC), Payment Card Industry Data Security Standard (PCI DSS), Health Insurance Portability and Accountability Act (HIPAA), and ISO make AKS more reliable across various business.
Running any workload in Azure Kubernetes Service
You can orchestrate any type of workload running in the AKS environment. You can move .NET apps to Windows Server containers, modernize Java apps in Linux containers, or run microservices in Azure Kubernetes Service. AKS will run any type of workload in the cluster environment.
Removes complexities
AKS removes your implementation, installation, maintenance, and security complexities in Azure cloud architecture. It also reduces substantial costs where no per-cluster charges are being imposed on you.
Azure Kubernetes Service Use Cases
- Migration of existing applications: You can easily migrate existing apps to containers and run them with Azure Kubernetes Service. You can also control access via Azure AD integration and SLA-based Azure Services like Azure Database using Open Service Broker for Azure (OSBA).
- Simplifying the configuration and management of microservices-based Apps: You can also simplify the development and management of microservices-based apps as well as streamline load balancing, horizontal scaling, self-healing, and secret management with AKS.
- Bringing DevOps and Kubernetes together: AKS is also a reliable resource to bring Kubernetes and DevOps together for securing DevOps implementation with Kubernetes. Bringing both together, it improves the security and speed of the development process with Continuous Integration and Continuous Delivery (CI/CD) with dynamic policy controls.
- Ease of scaling: AKS can also be applied in many other use cases such as ease of scaling by using Azure Container Instances (ACI) and AKS. By doing this, you can use AKS virtual node to provision pods inside Azure Container Instance (ACI) that start within a few seconds and enables AKS to run with required resources. If your AKS cluster is run out of resources, if will scale-out additional pods automatically without any additional servers to manage in the Kubernetes environment.
- Data streaming: AKS can also be used to ingest and process real-time data streams with data points via sensors and perform quick analysis.
Azure Kubernetes Service Pricing
AKS is a free container service where nothing will be charged for Kubernetes cluster management. You’ll have to pay only for the cloud resources such as VMs, storage, and network resources you consume makes it the most cost-effective container orchestration service in the market. Microsoft Azure introduced the Container Services calculator to calculate the estimated cost of the consumed or required resources.
For this, all you need to create a free account, deploy and manage your Kubernetes environment while building microservices apps, deploying Kubernetes cluster, monitoring, and managing Kubernetes environment.
AKS vs. ACS
Prior to the release of AKS, Microsoft offered Azure Container Service (ACS), which supported numerous open-source container orchestration platforms, including Docker Swarm and Mesosphere’s DC/OS, as well as Kubernetes. With AKS, the focus is exclusively on the use of Kubernetes. ACS users with a focus on Kubernetes can potentially migrate from ACS to AKS.
However, AKS poses numerous differences that a user must address before migration from ACS. For example, AKS uses managed disks, so a user must convert unmanaged disks to managed disks before assigning them to AKS nodes. Similarly, a user must convert any persistent storage volumes or customized storage class objects associated with Azure disks to managed disks.
In addition, stateful applications can be impacted by downtime and data loss during migration from ACS to AKS, so developers and application owners should perform detailed due diligence before making the move.
Siemens Healthineers moves more computing to the cloud to support value-based care development
Helping millions of patients benefit from better care? All in a day’s work for worldwide healthcare technology company Siemens Healthineers. Siemens Healthineers is leading the digitalization of healthcare with its Digital Ecosystem, which helps health providers and solution developers bring more value to the delivery of care, ultimately improving the quality of insights derived from healthcare data. Siemens Healthineers uses Microsoft Azure to make solutions more accessible, and it uses Azure Kubernetes Service (AKS) and other tools for a fast, efficient, and competitive development pipeline.
Using Azure Kubernetes Service puts us into a position to not only deploy our business logic in Docker containers, including the orchestration, but also … to easily manage the exposure and control and meter the access.
Thomas Gossler: Lead Architect, Digital Ecosystem Platform
Siemens Healthineers
Any time you interact with technology in a healthcare setting, there’s a good chance you will encounter a solution from Siemens Healthineers. The Erlangen, Germany–based company provides a broad portfolio of leading-edge, high-quality medical technology that touches the lives of approximately five million patients every day. Siemens Healthineers uses the data gathered from its 600,000 systems running worldwide to generate insights that help healthcare providers realize new opportunities to increase value and improve clinical, operational, and financial outcomes.
Digitalization is critical to technological progress in many industries, and healthcare is no exception. The healthcare industry needs ways to pull its data together, structure and analyze it, and draw conclusions that lead to improved ways of diagnosing patients and managing therapy. Siemens Healthineers is facilitating this transition with the Siemens Healthineers Digital Ecosystem.
“The Siemens Healthineers Digital Ecosystem is a platform where healthcare providers, payers, and software and services developers in the healthcare domain can come together to collaborate, gain insights from their data, and improve their core business areas,” says Carsten Spies, Head of Research and Development, Digital Ecosystem Platform, at Siemens Healthineers. “In my opinion, the healthcare industry is a little bit behind other industries in terms of digital transformation, so I think our Digital Ecosystem, and the technological advances we are making through our relationship with Microsoft, can prompt a big step forward in digitalization for the whole industry.”
Moving to the cloud for better applications while protecting patient health data
Providing solutions to a worldwide customer base can be complicated and of less value in regard to data-aggregation and analytics capabilities if systems need to be installed on-premises, so Siemens Healthineers relies on the cloud. “As a software development company, we see great value in cloud technology. With it, we can develop products for our customers that are accessible from anywhere, update products at any time in a seamless way for users, and provide a consistent user experience over a broad range of services,” says Spies.
But when it comes to healthcare information, deploying software in the cloud can be a tricky business because of specific security obligations. So, Siemens Healthineers thoroughly researched the options to ensure that its customers would be comfortable with its cloud platform. Ultimately, Siemens Healthineers selected Microsoft Azure. “Countries around the world consider patient health data sensitive personal information,” explains Thomas Gossler, Lead Architect, Digital Ecosystem Platform, at Siemens Healthineers. “There are differences in legislation and regulations, but everyone agrees that the data needs to be handled with care and a high level of technical security and privacy assurances. Microsoft has earned a large number of certifications for certain Azure regions, and this helps reassure our customers that a public cloud environment can be as secure as any other on-premises datacenter.”
Using Azure services to streamline development processes
With a solid, dependable cloud platform in place, Siemens Healthineers is focusing on speeding development and implementing a continuous delivery approach. The company not only provides its own software products, but it has also decided to encourage other developers to use its infrastructure to deliver solutions and services and bring even more value to customers. This requires rethinking the development processes.
“Stepping from the development of our own added-value services into becoming more of a platform provider makes it important for us to deconstruct into microservices,” says Thomas Friese, Vice President, Digital Ecosystem Platform, at Siemens Healthineers. “With a microservice-based architecture, internal and external developers can independently release microservices at any point in time, which makes development faster and enables a continuous delivery approach completely based on Azure. We have set an astonishing speed for product development.”
Siemens Healthineers has taken a containerized approach to application development, which means it uses virtualization at the application operating system level as opposed to launching virtual machines. The company deploys its distributed applications in Docker containers, orchestrates those containers using Kubernetes, and monitors and manages the environment with Azure Kubernetes Service (AKS). Siemens Healthineers chose AKS because developers can quickly and easily work with their applications with minimal operations and maintenance overhead — provisioning, upgrading, and scaling resources without taking applications offline. With AKS, Siemens Healthineers can comfortably scale out its Kubernetes environment and scale back again if it doesn’t need the compute power, creating very high-density deployments on a microservices level.
“Using Azure Kubernetes Service puts us into a position to not only deploy our business logic in Docker containers, including the orchestration,” says Gossler, “but also, through application gateway and API management, to easily manage the exposure and control and meter the access continuously.”
Managing a stable runtime environment with AKS helps Siemens Healthineers realize shorter release cycles and achieve its desired continuous delivery approach. Highly regulated environments like healthcare typically require many steps to go from development to public release, but implementing a continuous delivery pipeline has simplified the process and helped Siemens Healthineers achieve the speed it wants. And when rolling out new software, the company appreciates that it doesn’t have to worry about breaking its production environment, due to AKS upgrade and failure domains — new releases get deployed smoothly to customers with zero downtime. “With numerous competitors, big and small, entering the healthcare market, we need to accelerate delivery of improved functionality and new features to our customers to stay ahead of the competition,” says Gossler.
Siemens Healthineers relies on a serverless application model to expedite development, and as a result, developers have a very short path from coding to actual operation of their code. The Siemens Healthineers development team also adopted Azure Functions to make application management more efficient. “We see many workloads coming that run occasionally or need to be updated more often,” says Gossler. “We consider Azure Functions a very good mechanism to speed up those workloads and manage the functionality during our daily operations. We definitely plan to make a lot more use of Azure Functions over time.”
Making the best use of data and devices
Siemens Healthineers has brought in additional Azure capabilities that help deliver insights from data and offer the best possible tools for the healthcare industry. For example, the company has made great use of Azure Cosmos DB. “Azure Cosmos DB is an amazing technology,” says Gossler. “The biggest benefit for us is that we can have one database for anonymous data that is replicated worldwide into all regions that are relevant for us, in a consistency model that perfectly fits our needs. It’s key that Azure Cosmos DB is naturally built into the Azure core infrastructure, and we can build on its high availability and replication, offering software to all our customers at the same time.”
Siemens Healthineers is also investigating the use of Azure capabilities to manage on-premises devices whose functionality cannot be moved to the cloud. Software installations on these devices still need to be monitored and maintained by Siemens Healthineers. The company is looking at Azure IoT as a way to connect to on-premises devices and software with a cloud-based monitoring environment to stay ahead of any issues in the field and act quickly to resolve them when they occur.
“Prior mechanisms for connecting to devices in the field through remote desktop were slow and complex,” says Gossler. “But we’re hoping that with Azure IoT solution accelerators and serverless capabilities like edge computing, we can run functionality on edge devices in the field to simplify our data gathering and analysis — anonymizing data when necessary — and our operation of remote assistance workflows. This is an enabler for important analytic scenarios in the healthcare space.”
The new solutions the company is deploying are driving changes in the way that Siemens Healthineers deals with data. “Big data is a popular industry buzzword, but it’s not enough for data to just be big. It needs to become smart data,” says Spies. “With the Siemens Healthineers Digital Ecosystem, we are giving our customers much deeper insights into their data than were previously possible by helping healthcare providers, insurance companies, and software developers collaborate around healthcare data. I’m proud of working for this project — it really can change the healthcare industry.”
Delivering applications that optimize the business
The company’s use of Azure services has a direct impact on the development life cycle, but those improvements benefit the business side as well. Siemens Healthineers is reducing the total cost of ownership of its production workloads, creating more flexibility in the business models and pricing structure it can offer its customers.
“This is about economies of scale,” explains Gossler. “By operating the infrastructure at low cost and high availability, which we’re able to do with Azure, our customers benefit directly. And by incorporating technologies like Kubernetes, a well-known open-source environment, we are enabling partners to bring their own applications and software into our system so that together we can offer more and better solutions to our customers worldwide. We’ve been working with Azure for three-and-a-half years, and I’m reassured time and time again that Microsoft is able to provide us with the technology we need to keep moving forward. I‘m looking forward to continuing this relationship.”
Technical addendum:
While Siemens Healthineers relies heavily on Azure-related features, it also depends on other technologies — including open source — to make its digital ecosystem shine as both a development environment and a delivery platform for innovative functionality. Here are a few of the other key tools, with Gossler’s thoughts on the strengths each brings to the ecosystem.
Internal and external developers can independently release microservices at any point in time, which makes development faster and enables a continuous delivery approach completely based on Azure. We have set an astonishing speed for product development.
Thomas Friese: Vice President, Digital Ecosystem Platform
Siemens Healthineers
I think our Digital Ecosystem, and the technological advances we are making through our relationship with Microsoft, can prompt a big step forward in digitalization for the whole industry.
Carsten Spies: Head of Research and Development, Digital Ecosystem Platform
Siemens Healthineers
