AKS Cluster

To create an AKS cluster refer to Microsoft's online manual - Azure Kubernetes Service (AKS). Although Microsoft manuals are always up-to-date, the recommended choice to make before creating the cluster is as follows:

Kubernetes version: 1.34
The network model:
- Azure Kubenet (supported by AppViewX).
- Azure CNI (Recommended for optimal performance).
Managed identity: System assigned managed identity.
Enable Kubernetes RBAC.
Agent nodepool: Three nodes of Machine type D2sv4 with Auto Scaling disabled. Add taint to agent nodepool as CriticalAddonsOnly=true:NoSchedule to disable scheduling of application pods to the agent nodepool.
Note: The taint CriticalAddonsOnly=true:NoSchedule prevents the application pods from being scheduled on system node pools.
User nodepool:
- appnodepool: Three nodes of type Da8sv4 with Auto Scaling disabled
- mongonodepool: Three nodes of type Da8sv4 with Auto Scaling disabled. Add label mongo=true and taint designatedMongo=true:NoSchedule to the nodepool (to be performed while creating the cluster).
Note: A minimum of 3 availability zone are needed during cluster creation to support the single AZ failover.
Select multi zones for the Agent nodepool and the User Nodepool.

Note: The number of nodes mentioned here are applicable for managing up-to 25K certs. This number will vary if there are more certificates to manage.