Networking Fundamentals in AKS
AKS networking is Azure VNet-native. Understand the three networking models, IP planning, DNS, and why Cilium is the only network policy engine worth using.
CNI Options: Which One to Pick
Stop deliberating. Use Azure CNI Overlay with Cilium. Here is why, and the rare cases where you should deviate.
Ingress and Load Balancing
Use App Routing for standard workloads. Use AGC for enterprise WAF. Do not self-manage NGINX unless you have exotic requirements.
Ingress comparison
Head-to-head comparison of NGINX (App Routing), Application Gateway for Containers, self-managed NGINX, and Gateway API for AKS ingress.
Service Mesh: Do You Need One?
You probably do not need a service mesh. Start without one. Here is how to decide, and what to use if you genuinely need it.
Private Clusters
Every production cluster should be private or at minimum have authorized IP ranges. A public API server in production is negligent.