什麼是 Azure Stack HCI 上的 Azure Kubernetes Service?What is Azure Kubernetes Service on Azure Stack HCI?

適用于: AKS on Azure Stack HCI、Windows Server 2019 Datacenter 上的 AKS runtimeApplies to: AKS on Azure Stack HCI, AKS runtime on Windows Server 2019 Datacenter

Azure Stack HCI 上的 Azure Kubernetes Service 是內部部署的 Azure Kubernetes Service (AKS) ,可自動執行大規模的容器化應用程式。Azure Kubernetes Service on Azure Stack HCI is an on-premises implementation of Azure Kubernetes Service (AKS), which automates running containerized applications at scale. Azure Kubernetes Service 現已在 Azure Stack HCI 和 Windows Server 2019 Datacenter 推出預覽,可讓您在資料中心內開始裝載 Linux 和 Windows 容器的速度變得更快。Azure Kubernetes Service is now in preview on Azure Stack HCI and Windows Server 2019 Datacenter, making it quicker to get started hosting Linux and Windows containers in your datacenter.

若要開始使用 Azure Kubernetes Service 內部部署,請 註冊預覽 () 預覽期間不會有任何額外費用,然後 在 Azure Stack HCI 上設定 Azure Kubernetes ServiceTo get started with Azure Kubernetes Service on-premises, register for the preview (there's no added cost during the preview), then set up Azure Kubernetes Service on Azure Stack HCI. 若要改為使用 Azure Kubernetes Service 來協調您的雲端式容器,請參閱 Azure 中的 Azure Kubernetes ServiceTo instead use Azure Kubernetes Service to orchestrate your cloud-based containers, see Azure Kubernetes Service in Azure.

下列各節將討論在 Azure Stack HCI 上使用 Azure Kubernetes Service 的一些原因,然後回答一些有關此服務的常見問題,以及如何開始使用。The following sections discuss some of the reasons to use Azure Kubernetes Service on Azure Stack HCI, then answer some common questions about the service and how to get started. 如需容器的背景,請參閱 Windows 和容器 ,如需 Kubernetes 的背景,請參閱 Kubernetes 核心概念Kubernetes.ioFor a background on containers, see Windows and containers and for a background on Kubernetes, see Kubernetes core concepts or Kubernetes.io.

使用 AKS 自動化容器化應用程式的管理Use AKS to automate management of containerized applications

雖然您可以使用 Docker 和 Windows 手動管理數個容器,但應用程式通常會使用五個、十個或甚至數百個容器,也就是 Kubernetes 協調器所在的位置。While you can manage a few containers manually using Docker and Windows, apps often make use of five, ten, or even hundreds of containers, which is where the Kubernetes orchestrator comes in.

Kubernetes 是開放原始碼的協調器,可將大規模的容器管理自動化。Kubernetes is an open-source orchestrator for automating container management at scale. Azure Kubernetes Service 藉由提供在 Azure Stack HCI 上設定 Kubernetes 和基本附加元件的設定,以及建立 Kubernetes 叢集來裝載您的工作負載,以簡化內部部署 Kubernetes 部署。Azure Kubernetes Service simplifies on-premises Kubernetes deployment by providing wizards for setting up Kubernetes and essential add-ons on Azure Stack HCI, and for creating Kubernetes clusters to host your workloads.

以下是 Azure Kubernetes Service 的一些功能,並在 Azure Stack HCI 的預覽版本中提供:Here's some of the functionality provided by Azure Kubernetes Service while in preview on Azure Stack HCI:

  • 大規模部署容器化應用程式,以 Kubernetes 跨 Azure Stack HCI 叢集執行的叢集Deploy containerized apps at scale to Kubernetes clusters running across the Azure Stack HCI cluster
  • 部署及管理以 Linux 和 Windows 為基礎的容器化應用程式Deploy and manage both Linux and Windows-based containerized apps
  • 使用 Windows Admin Center 或 PowerShell 在 Azure Stack HCI 上部署 AKSDeploy AKS on Azure Stack HCI using Windows Admin Center or PowerShell
  • 藉由新增或移除 Kubernetes 叢集的節點來擴大或縮小Scale up or down by adding or removing nodes to the Kubernetes cluster
  • 管理 Kubernetes 叢集上的儲存體和網路Manage storage and networking on your Kubernetes cluster
  • 為您的 Kubernetes 部署提供自動更新Provide automatic updates for your Kubernetes deployment
  • 升級至最新的可用 Kubernetes 版本Upgrade to the latest available Kubernetes version
  • 透過 Azure Arc 使用熱門的 Azure 服務來 KubernetesUse the popular Azure services through Azure Arc for Kubernetes

簡化設定 KubernetesSimplify setting up Kubernetes

Azure Kubernetes Service 可簡化在 Azure Stack HCI 和 Windows Server 2019 Datacenter 上設定 Kubernetes 的程式,並包含下列功能:Azure Kubernetes Service simplifies the process of setting up Kubernetes on Azure Stack HCI and Windows Server 2019 Datacenter, and includes the following features:

  • 設定 Kubernetes 及其相依性的 Windows Admin Center wizard (例如 kubeadm、kubelet、kubectl 和 pod 網路附加元件) A Windows Admin Center wizard for setting up Kubernetes and its dependencies (such as kubeadm, kubelet, kubectl, and a pod network add-on)
  • 用於建立 Kubernetes 叢集來執行容器化應用程式的 Windows Admin Center wizardA Windows Admin Center wizard for creating Kubernetes clusters to run your containerized applications
  • 適用于設定 Kubernetes 和建立 Kubernetes 叢集的 PowerShell Cmdlet,以防您編寫主機設定和 Kubernetes 叢集建立的腳本PowerShell cmdlets for setting up Kubernetes and creating Kubernetes clusters, in case you'd rather script the host setup and Kubernetes cluster creation

使用內部部署工具或 Azure Arc 來查看和管理 KubernetesView and manage Kubernetes using on-premises tools or Azure Arc

一旦您設定了內部部署 Azure Kubernetes Service 並建立 Kubernetes 叢集,我們會提供幾種方式來管理和監視您的 Kubernetes 基礎結構:Once you've set up Azure Kubernetes Service on-premises and created a Kubernetes cluster, we provide a couple ways to manage and monitor your Kubernetes infrastructure:

  • 使用 Kubectl 和 Kubernetes 儀表板之類的熱門工具進行內部部署 -使用開放原始碼的 web 型介面,將應用程式部署到 Kubernetes 叢集、管理叢集資源、疑難排解和查看執行中的應用程式。On-premises using popular tools like Kubectl and Kubernetes dashboard - Use an open-source, web-based interface to deploy applications to a Kubernetes cluster, manage cluster resources, troubleshoot, and view running applications.

  • 在 Azure 入口網站使用 Azure Arc 使用 Azure Arc 來管理在雲端和內部部署環境的 Kubernetes 叢集上部署的應用程式。In the Azure portal using Azure Arc - Use Azure Arc to manage applications deployed on top of Kubernetes clusters across your cloud and on-premises environments.
    Azure Arc 也可讓您使用其他 Azure 服務來管理 Kubernetes 叢集,包括:Azure Arc also enables you to manage your Kubernetes clusters with other Azure services including:

    • Azure 監視器Azure Monitor
    • Azure 原則Azure Policy
    • 角色型存取控制Role-Based Access Control

執行 Linux 和 Windows 容器Run Linux and Windows containers

Azure Kubernetes Service 完全支援以 Linux 為基礎和以 Windows 為基礎的容器。Azure Kubernetes Service fully supports both Linux-based and Windows-based containers. 當您在 Azure Stack HCI 上建立 Kubernetes 叢集時,您可以選擇是否要建立節點集區 (相同 Kubernetes 叢集節點的群組,) 執行 Linux 容器、Windows 容器或兩者。When you create a Kubernetes cluster on Azure Stack HCI, you can choose whether to create node pools (groups of identical Kubernetes cluster nodes) to run Linux containers, Windows containers, or both.

Azure Kubernetes Service 會建立 Linux 和 Windows 節點,如此您就不需要直接管理 Linux 或 Windows 作業系統。Azure Kubernetes Service creates the Linux and Windows nodes so that you don't have to directly manage the Linux or Windows operating systems.

保護您的容器基礎結構Secure your container infrastructure

Azure Kubernetes Service 包含一些功能,可協助保護您的容器基礎結構:Azure Kubernetes Service includes a number of features to help secure your container infrastructure:

  • 背景 工作節點的以程式為基礎的隔離-每個 Kubernetes 叢集都是在其專屬的專用虛擬機器集合上執行,讓租使用者可以共用相同的實體基礎結構。Hypervisor-based isolation for worker nodes - Each Kubernetes cluster runs on its own dedicated and isolated set of virtual machines so tenants can share the same physical infrastructure.
  • 適用于背景工作節點的 microsoft 維護 linux 和 windows 映射 -背景工作節點會執行 microsoft 所建立的 Linux 和 windows 虛擬機器映射,以遵循安全性最佳作法。Microsoft-maintained Linux and Windows images for worker nodes - Worker nodes run Linux and Windows virtual machine images created by Microsoft to adhere to security best practices. Microsoft 也會以最新的安全性更新每月重新整理這些映射。Microsoft also refreshes these images monthly with the latest security updates.

安全性是 Azure Stack HCI 上 Azure Kubernetes Service 預覽版本的現行投資區域,因此請持續關注。Security is an ongoing area of investment for the Azure Kubernetes Service preview release on Azure Stack HCI, so stay tuned.

我可以在哪裡執行 Azure Kubernetes Service?Where can I run Azure Kubernetes Service?

Azure Kubernetes Service 適用于下列平臺:Azure Kubernetes Service is available on the following platforms:

  • 在 azure 雲端中透過 azure 中的 Azure Kubernetes ServiceIn the Azure cloud via Azure Kubernetes Service in Azure
  • 透過 Azure Stack HCI 的內部部署 Azure Kubernetes Service (本文的內容) On-premises via Azure Kubernetes Service on Azure Stack HCI (what this article is all about)
  • 透過 Windows Server 上的 Azure Kubernetes Service 執行時間進行內部部署 (本文也適用于 Windows Server 上的 AKSr) On-premises via Azure Kubernetes Service runtime on Windows Server (this article also applies to AKSr on Windows Server)
  • 在 Azure Stack Hub 上使用 AKS 引擎的 Azure Stack Hub 環境中的內部部署。On-premises in an Azure Stack Hub environment using the AKS engine on Azure Stack Hub.

Kubernetes 在 Azure Stack HCI 上的運作方式為何?How does Kubernetes work on Azure Stack HCI?

在 Azure Stack HCI 上執行時,Azure Kubernetes Service 的運作方式,與在 Azure 雲端中使用時稍有不同:Azure Kubernetes Service works a little differently when run on Azure Stack HCI than when using it in the Azure cloud:

  • Azure 中的 Kubernetes 服務是一項託管服務,其中許多 Kubernetes 管理基礎結構 (控制平面) 由您管理。The Kubernetes service in Azure is a hosted service where much of the Kubernetes management infrastructure (control plane) is managed for you. 控制平面和您的容器化應用程式都是在 Azure 虛擬機器中執行。Both the control plane and your containerized applications run in Azure virtual machines.
  • 使用 Azure Stack HCI 上的 Azure Kubernetes Service 時,您會直接在 Azure Stack HCI 叢集上設定服務,讓您掌控控制平面,以便說話。With Azure Kubernetes Service on Azure Stack HCI, you set up the service directly on your Azure Stack HCI cluster, putting you in control of the control plane, so to speak. 控制平面、容器化應用程式和 Azure Kubernetes Service 本身全都是在超融合式叢集所裝載的虛擬機器中執行。The control plane, your containerized applications, and Azure Kubernetes Service itself all run in virtual machines hosted by your hyperconverged cluster.

一旦 Azure Kubernetes Service 設定在您的 Azure Stack HCI 叢集上,其運作方式類似于裝載的 Azure Kubernetes Service:您可以使用此服務來建立 Kubernetes 叢集,以執行容器化應用程式。Once Azure Kubernetes Service is set up on your Azure Stack HCI cluster, it works similarly to the hosted Azure Kubernetes Service: you use the service to create Kubernetes clusters that run your containerized applications. 這些 Kubernetes 叢集是作為背景工作角色節點的 Vm 群組,可執行您的應用程式容器。These Kubernetes clusters are groups of VMs that act as worker nodes, running your application containers. Kubernetes 叢集也包含控制平面,其包含用來協調應用程式容器的 Kubernetes 系統服務。The Kubernetes cluster also contains a control plane, which consists of Kubernetes system services used to orchestrate the application containers.

以下有幾個簡化的圖表,顯示在 Azure 和 Azure Stack HCI 中執行時,Azure Kubernetes Service 的架構比較。Here are a couple simplified diagrams showing how the architectures of Azure Kubernetes Service compare when run in Azure and in Azure Stack HCI.

Azure 中託管的 Azure Kubernetes Service 架構,顯示平臺服務和大部分的控制平面如何由 Azure 管理,而執行容器化應用程式的 Kubernetes 叢集則由客戶管理。

Azure Stack HCI 上的 Azure Kubernetes Service 架構,顯示所有專案在 Azure Stack HCI 叢集上的執行方式,包括 Azure Kubernetes Service 平臺、控制平面,以及執行容器化應用程式的 Kubernetes 叢集。

開始使用的必要條件What you need to get started

下列各節摘要說明在 Azure Stack HCI 上執行 Azure Kubernetes Service 所需的內容。The following sections summarize what you need to run Azure Kubernetes Service on Azure Stack HCI. 如需完整的詳細資訊,請參閱 Azure Stack HCI 上安裝 Azure Kubernetes ServiceFor complete details, see Before you install Azure Kubernetes Service on Azure Stack HCI.

在您的 Windows Admin Center 系統上On your Windows Admin Center system

執行 Windows Admin Center 閘道的電腦具有下列需求:Your machine running the Windows Admin Center gateway has the following requirements:

  • 已向 Azure 註冊Registered with Azure
  • 在與 Azure Stack HCI 或 Windows Server 2019 Datacenter 叢集相同的網域中In the same domain as the Azure Stack HCI or Windows Server 2019 Datacenter cluster

在裝載 Azure Kubernetes Service 的 Azure Stack HCI 叢集或 Windows Server 2019 Datacenter 容錯移轉叢集上On the Azure Stack HCI cluster or Windows Server 2019 Datacenter failover cluster that hosts Azure Kubernetes Service

Azure Stack HCI 叢集或 Windows Server 2019 Datacenter 容錯移轉叢集有下列需求:The Azure Stack HCI cluster or Windows Server 2019 Datacenter failover cluster has the following requirements:

  • 此預覽版本的叢集中最多可有四部伺服器A maximum of four servers in the cluster for this preview release
  • 適用于 Azure Kubernetes Service 的存放集區中有 1 TB 的可用容量1 TB of available capacity in the storage pool for Azure Kubernetes Service
  • 至少有 30 GB 的可用記憶體可供執行 Azure Kubernetes Service VmAt least 30 GB of available memory for running Azure Kubernetes Service VMs
  • 叢集中的所有伺服器都必須在此預覽版本中使用 EN-US 區域和語言選擇All servers in the cluster must use the EN-US region and language selection for this preview release

如需一般 Azure Stack HCI 系統需求,請參閱 Azure Stack HCI 系統需求For general Azure Stack HCI system requirements, see Azure Stack HCI system requirements.

Azure Stack HCI 的網路設定The network configuration for Azure Stack HCI

連線到 Azure Stack HCI 或 Windows Server 2019 Datacenter 叢集上 Vm 的網路需要可用的專用 IPv4 位址範圍,以供 Azure Stack HCI 或 Windows Server 2019 Datacenter 叢集上的 Vm Azure Kubernetes Service 和存取。The network connected to VMs on the Azure Stack HCI or Windows Server 2019 Datacenter cluster requires a dedicated scope of IPv4 addresses available for Azure Kubernetes Service and accessible by VMs on the Azure Stack HCI or Windows Server 2019 Datacenter cluster. 如需網路需求的詳細資訊,請造訪 AKS Azure Stack HCI 系統需求For more information on networking requirements, visit AKS on Azure Stack HCI system requirements.

下一步Next steps

若要開始在 Azure Stack HCI 上使用 Azure Kubernetes Service,請參閱下列文章:To get started with Azure Kubernetes Service on Azure Stack HCI, see the following articles: