Kubernetes has become the de facto standard for container orchestration, and Azure Kubernetes Service (AKS) simplifies its deployment in the cloud. Combining AKS with Azure DevOps enables seamless CI/CD pipelines, automating deployments, scaling, and monitoring containerized applications.
This guide provides a step-by-step, professional walkthrough for integrating AKS with Azure DevOps, covering:
Table of Contents
Whether you’re a DevOps engineer, cloud architect, or developer, this guide will help you automate Kubernetes deployments efficiently.
1. Prerequisites
Before integrating AKS with Azure DevOps, ensure you have:
✅ Azure Subscription (with Contributor access)
✅ Azure DevOps Organization & Project
✅ Dockerized Application (with a Dockerfile)
✅ kubectl & Azure CLI Installed
2. Setting Up Azure Kubernetes Service (AKS)
2.1 Creating an AKS Cluster
- Log in to Azure Portal → Create Resource → Kubernetes Service.
- Configure:
- Cluster name (e.g.,
prod-aks-cluster) - Region (e.g., East US)
- Node size (Standard_D2s_v3 recommended for testing)
- Node count (Start with 2-3 nodes)
- Click Review + Create → Deploy.
2.2 Connecting to AKS via kubectl
- Open Azure Cloud Shell (or local terminal with Azure CLI).
- Run:
az aks get-credentials --resource-group <ResourceGroup> --name <AKS-Cluster-Name>- Verify connection:
kubectl get nodes(Should list your AKS worker nodes.)
3. Configuring Azure DevOps for AKS
3.1 Setting Up a Service Connection
- In Azure DevOps → Project Settings → Service Connections.
- Click New Service Connection → Azure Resource Manager.
- Choose:
- Authentication method (Service Principal recommended)
- Subscription (Select your AKS subscription)
- Resource Group (Where AKS is deployed)
- Name it (e.g.,
AKS-Prod-Connection) → Save.
3.2 Storing Kubernetes Secrets in Azure Key Vault
- Create an Azure Key Vault:
az keyvault create --name "my-k8s-secrets" --resource-group "my-resource-group"- Add Secrets (e.g., Database connection strings):
az keyvault secret set --vault-name "my-k8s-secrets" --name "DB-Password" --value "P@ssw0rd123"- Grant Azure DevOps Access:
- Go to Key Vault → Access Policies → Add Access Policy.
- Select Azure DevOps Service Principal.
- Assign Get & List permissions.
4. Building CI/CD Pipelines for AKS
4.1 CI Pipeline: Building & Pushing Docker Images
- Create a new Pipeline → Azure Repos Git.
- Use YAML (or classic editor) and configure:
trigger:
- main
variables:
dockerRegistryServiceConnection: 'Azure-Container-Registry-Service-Connection'
imageRepository: 'my-app'
dockerfilePath: '**/Dockerfile'
tag: '$(Build.BuildId)'
stages:
- stage: Build
jobs:
- job: BuildAndPush
pool:
vmImage: 'ubuntu-latest'
steps:
- task: Docker@2
inputs:
command: buildAndPush
repository: $(imageRepository)
dockerfile: $(dockerfilePath)
containerRegistry: $(dockerRegistryServiceConnection)
tags: $(tag)4.2 CD Pipeline: Deploying to AKS
- Create a Release Pipeline → Empty Job.
- Add Artifact (Docker image from CI pipeline).
- Add Stages (Dev → QA → Prod).
- Deploy Using kubectl or Helm: Option 1: kubectl Deployment
- task: KubernetesManifest@0
inputs:
action: 'deploy'
namespace: 'default'
manifests: 'manifests/deployment.yml'
imagePullSecrets: 'my-registry-secret'#### Option 2: Helm Deployment (Recommended)
- task: HelmDeploy@0
inputs:
connectionType: 'Azure Resource Manager'
azureSubscription: 'AKS-Prod-Connection'
azureResourceGroup: 'my-resource-group'
kubernetesCluster: 'prod-aks-cluster'
command: 'upgrade'
chartType: 'FilePath'
chartPath: 'charts/my-app'
releaseName: 'my-app-release'5. Advanced AKS + Azure DevOps Integrations
5.1 Blue-Green Deployments
- Use Helm hooks or Flagger for traffic shifting.
- Define two AKS namespaces (blue & green).
5.2 Monitoring with Azure Monitor & Prometheus
- Enable Azure Monitor for Containers.
- Deploy Prometheus + Grafana for custom metrics.
5.3 Auto-Scaling (Horizontal Pod Autoscaler)
- Configure HPA in deployment YAML:
apiVersion: autoscaling/v2
kind: HorizontalPodAutoscaler
metadata:
name: my-app-hpa
spec:
scaleTargetRef:
apiVersion: apps/v1
kind: Deployment
name: my-app
minReplicas: 2
maxReplicas: 10
metrics:
- type: Resource
resource:
name: cpu
target:
type: Utilization
averageUtilization: 506. Best Practices for AKS + Azure DevOps
✅ Use Helm for Templating (Avoid hardcoding values).
✅ Enable RBAC (Limit cluster access via Azure AD).
✅ Scan Images for Vulnerabilities (Use Azure Container Registry + Trivy).
✅ Implement Canary Deployments (Reduce risk with gradual rollouts).
✅ Backup AKS Configs (Use Velero for disaster recovery).
Conclusion
Integrating AKS with Azure DevOps provides a scalable, automated, and secure way to deploy containerized applications. By following this guide, you can:
🚀 Automate CI/CD pipelines for Kubernetes
🔒 Secure deployments with Azure Key Vault & RBAC
📊 Monitor performance with Azure Monitor & Prometheus
🔄 Implement advanced deployment strategies (Blue-Green, Canary)
Next Steps
- Explore GitOps with FluxCD & Azure DevOps.
- Set up multi-cluster Kubernetes deployments.
- Optimize costs with AKS Spot Instances.
