Set Up AKS Cluster

Azure-native.

Overview

AKS is Azure’s managed Kubernetes service. Azure handles the control plane; the team owns node pools, networking, and workloads. The first cluster establishes the patterns: Terraform-managed, Azure CNI for pod networking, Workload Identity for pod auth, multiple node pools for system and workload separation.

• Azure-native integration. Tight integration with Azure AD, Azure Monitor, Azure Storage. Native auth and observability come along.
• Managed control plane. Azure runs the API server with multi-AZ resilience. Engineering time stays on workloads.
• Multiple node pools. System pool for cluster components, workload pools per workload class. Different VM types per pool.
• Azure CNI plus Workload Identity. Pods get VNet IPs natively; Azure AD-integrated pod identity replaces static credentials.

The approach

Three habits make a first AKS cluster production-ready: Terraform from day one, Azure CNI by default for the modern networking model, Workload Identity wired up so pods never see static credentials.

• Terraform-managed. AzureRM provider creates the cluster. Configuration in source control; drift caught at next plan.
• Azure CNI default. Pods get VNet IPs. Azure-native networking patterns work without translation.
• Workload Identity. Pods authenticate as Azure AD identities. Static credentials disappear.
• Multiple node pools plus documented topology. System pool plus workload pools; per-cluster the configuration documented for the next operator.

Why this compounds

Each cluster inherits the patterns of the first one. The team’s Azure Kubernetes fluency deepens; new clusters take days, not weeks; Azure-native integrations like Workload Identity and Azure Monitor fall into place naturally.

• Operational burden reduced. Azure handles the control plane. Engineering time stays on workloads.
• Azure integration is native. Auth, monitoring, storage all integrate cleanly. Glue code shrinks.
• Reusable patterns. Standard Terraform modules capture conventions across clusters.
• Year-one investment, year-two habit. First cluster is heavy lift. By the third, the template is settled.