Advanced network (Azure CNI) support for the AKS provider

[waynz0r]

Is your feature request related to a problem? Please describe.

Currently Pipeline supports only basic networking model for AKS which uses kubenet. We should support the CNI based model too for better AKS networking and also to be able to use CNI plugins for the cluster asl well.

Additional context

In AKS, you can deploy a cluster that uses one of the following two network models:

• Kubenet networking - The network resources are typically created and configured as the AKS cluster is deployed.
• Azure Container Networking Interface (CNI) networking - The AKS cluster is connected to existing virtual network resources and configurations.

Basic networking with kubenet

The kubenet networking option is the default configuration for AKS cluster creation. With kubenet, nodes get an IP address from the Azure virtual network subnet. Pods receive an IP address from a logically different address space to the Azure virtual network subnet of the nodes. Network address translation (NAT) is then configured so that the pods can reach resources on the Azure virtual network. The source IP address of the traffic is NAT'd to the node's primary IP address.

Advanced networking with Azure CNI

With Azure CNI, every pod gets an IP address from the subnet and can be accessed directly. These IP addresses must be unique across your network space, and must be planned in advance. Each node has a configuration parameter for the maximum number of pods that it supports. The equivalent number of IP addresses per node are then reserved up front for that node. This approach requires more planning, and often leads to IP address exhaustion or the need to rebuild clusters in a larger subnet as your application demands grow.