Azure Kubernetes Service

CICD Workflow for AKS

Summary

In this lesson, we explore the declarative approach to managing Kubernetes resources in Azure Kubernetes Service (AKS). By adopting declarative configurations, you define what your infrastructure should look like, and Kubernetes ensures the cluster’s actual state matches your desired state.

Azure Kubernetes Service supports two primary CI/CD workflow patterns:

Workflow TypeDescriptionTrigger Mechanism
Push-based workflowYou push code or configuration changes directly to a pipeline, which then builds and deploys artifacts.Manual git push or automated CI pipeline trigger
Pull-based workflow (GitOps)A Git repository serves as the single source of truth. A GitOps operator continuously reconciles your cluster with the repo.Operator polling or webhook-based syncing

Push-based Workflow

With a push-based approach, your CI server (Azure DevOps, GitHub Actions, etc.) listens for changes in your application repository. When you commit or merge code, the pipeline:

# Example GitHub Actions job for AKS deployment
jobs:
  deploy:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v2
      - name: Build Docker image
        run: docker build -t myregistry.azurecr.io/myapp:${{ github.sha }} .
      - name: Push to ACR
        run: docker push myregistry.azurecr.io/myapp:${{ github.sha }}
      - name: Deploy to AKS
        run: |
          kubectl set image deployment/myapp myapp=myregistry.azurecr.io/myapp:${{ github.sha }}
          kubectl rollout status deployment/myapp

Note

Push-based pipelines are straightforward and give you direct control over each deployment step. They work well if you prefer an explicit trigger model.

Pull-based Workflow (GitOps)

In a GitOps (pull-based) model, you store your Kubernetes manifests alongside application code or in a dedicated Git repo. A GitOps operator (Flux, Argo CD) watches the repo and applies changes automatically:

# Simplified Flux v2 GitRepository resource
apiVersion: source.toolkit.fluxcd.io/v1beta1
kind: GitRepository
metadata:
  name: aks-config
spec:
  interval: 1m
  url: https://github.com/contoso/aks-config
  branch: main
---
apiVersion: kustomize.toolkit.fluxcd.io/v1beta1
kind: Kustomization
metadata:
  name: apps
spec:
  path: ./apps/prod
  prune: true
  sourceRef:
    kind: GitRepository
    name: aks-config

Note

GitOps ensures that your cluster’s live state automatically converges with the declared Git state. This model enhances auditability, reversibility, and compliance.

Effective observability is critical for running production workloads on AKS. Azure provides:

  • Azure Monitor for Containers: Collects metrics, logs, and health data for nodes and pods.
  • Azure Log Analytics: Enables querying of container logs using Kusto Query Language (KQL).
  • Application Insights: Offers distributed tracing, exception tracking, and performance monitoring for your applications.
FeaturePurposeExample Query
Container CPU & Memory MetricsTrack resource utilization`InsightsMetrics
Pod Log CollectionAggregate stdout/stderr logs from containers`ContainerLog
Distributed TracingMonitor service-to-service callsView in Application Insights UI

Refer to the following resources for more details:

Watch Video

Watch video content

Previous
Pull Based Workflow GitOps