Azure Kubernetes Service (AKS) has these main components:

Control Plane (managed by Azure)

• API Server – entry point for all Kubernetes commands and REST requests
• etcd – distributed key-value store that holds the cluster state and configuration
• Scheduler – assigns pods to nodes based on resource availability
• Controller Manager – maintains desired cluster state (handles node, pod, and endpoint controllers)

Data Plane (managed by you)

• Nodes – VMs that run your workloads; grouped into node pools
• Kubelet – agent on each node that ensures containers are running as instructed
• Kube-proxy – handles network routing and load balancing across pods
• Container Runtime – runs containers (AKS uses containerd by default)

Networking

• Virtual Network (VNet) – connects nodes and pods; supports kubenet and Azure CNI
• Load Balancer – exposes services externally
• DNS – CoreDNS for internal service discovery
• Ingress Controller – manages external HTTP/S routing into the cluster

Storage

• Persistent Volumes (PV) – backed by Azure Disks or Azure Files
• Storage Classes – define dynamic provisioning policies

Identity & Security

• Azure Active Directory (Entra ID) integration – for RBAC and authentication
• Managed Identity – allows AKS to interact with other Azure services securely
• Azure Key Vault – secrets management via the Secrets Store CSI driver

Monitoring & Management

• Azure Monitor / Container Insights – metrics, logs, and diagnostics
• Cluster Autoscaler – automatically scales nodes based on demand
• Horizontal Pod Autoscaler (HPA) – scales pods based on CPU/memory usage