Securing your Azure Kubernetes Service (AKS) cluster begins with a solid network foundation. In this lesson, we’ll examine the main networking options in AKS—including CNI plugins and network policies—and how they shape your cluster’s security posture.Documentation Index
Fetch the complete documentation index at: https://notes.kodekloud.com/llms.txt
Use this file to discover all available pages before exploring further.
Lesson Agenda
- Virtual networks, subnets, Network Security Groups (NSGs), and User-Defined Routes (UDRs)
- Kubernetes CNI vs. Azure CNI
- Network policies in AKS
Part 1: Virtual Networks, Subnets, NSGs, and UDRs
| Component | Description |
|---|---|
| Virtual Network (VNet) | Provides an isolated, private network for your AKS cluster. |
| Subnet | Segments a VNet into smaller address spaces for different workloads. |
| Network Security Group (NSG) | Applies inbound/outbound traffic rules at the subnet or network interface level. |
| User-Defined Route (UDR) | Overrides Azure’s default system routes to direct traffic through custom appliances or firewalls. |
Links and References
- Azure Virtual Network Concepts
- AKS Networking Overview
- Network Security Groups Overview
- User-Defined Routes in Azure