GitHub Copilot for Azure: How It Helps AKS Admins

TL;DR

GitHub Copilot for Azure is now in public preview. I was given early access and have been using it for a few months already. It has surprised me in many ways and disappointed me in others.

When it comes to Azure Kubernetes Service (AKS) administrative tasks, the extension clearly earns “navigator” title; but don’t rely on it to take action in the same way a pilot would depend on a “copilot” (at least not yet).

This article includes a summary of things that exceeded expectations, met expectations, and left me wanting more when it comes to AKS administrative tasks. Give it a review to see how it may inspire you with better prompts or to perform other actions.

What worked well?

Summarize trade-offs between AKS and a self-managed Kubernetes cluster
Explain motivations to use service-mesh
Create AKS cluster for development
Describe quota adjustments required to deploy an AKS cluster in your subscription
Locate a sample application to deploy to AKS cluster
Create Helm Chart from collection of YAML Manifests

What did not work so well?

Adjust CPU quotas to deploy an AKS cluster
Deploy the sample application
Analyze health of a service running on my AKS cluster
Enable Istio service mesh on the cluster
Generate kubeconfig to connect to my cluster

What is GitHub Copilot for Azure anayways?

This extension to GitHub Copilot allows you to perform a range of Azure activities, directly within VS Code

Learn – Chat with expert assistants tuned on Azure topics, training, and documentation.
Deploy – Update and create resources; locate and provision solution accelerators.
Review – Query your Azure resources using plain English.
Diagnose – Navigate and interpret logs to understand the problem.

How to Setup The Extension

For full details on how to get yourself going with this extension, and even execute some of these prompts, see my article GitHub Copilot for Azure: The End-to-End Setup Process

(Not So) Hypothetical Scenarios

I’ve been using this extension for a lot of different things in recent months. It’s helpful, but you still need to know what you want to do and perform a lot of the actions yourself.

Exploring Topics

The GitHub Copilot for Azure extension does a good job explaining Kubernetes concepts, AKS specific things, and reiterating best-practice guidance. This is a huge help when you’re completely new or if you are well-versed, but just can’t find the right words.

@azure How does the management and maintenance differ between AKS and a self-managed Kubernetes cluster?

Great explanation!

@azure What are the motivators of service mesh and why would I enable it on my AKS cluster?

Another good answer and helpful links to additional reference material.

@azure What are the specific prerequisites for deploying an AKS cluster in the eastus2 region?

Provides general guidance, but nothing particularly actionable or tactful.

Deploy Something to Get Hands-On

At this point, I wanted to go from discussion and theory to get something actually running.

@azure create an AKS cluster

This launched a nice experience to deploy an basic AKS cluster using the AKS extension for VSCode. Unfortunately, the process failed due to CPU quota restrictions (a common problem I was hoping the prompt about pre-requisites would have made clear).

@azure I am receiving the below error when deploying and AKS cluster. Which quotas do I need to increase?

Invalid template: BadRequest: Preflight validation check for resource(s) for container service copilot made this in resource group aks-rg failed. Message: AKS Automatic could not find a suitable VM size. The subscription may not have the required quota of '16' vCPUs, may have restrictions, or location 'eastus2' may not support three availability zones for the following VM sizes: 'standard_d4pds_v5,standard_d4lds_v5,standard_d4ads_v5,standard_d4ds_v5,standard_d4d_v5,standard_d4d_v4,standard_ds3_v2,standard_ds12_v2'.

Quotas can be confusing. The concept is easy to understand, but when you get into the details about the different SKU families and regions, it can be daunting. The response was pretty vague, so I decided to press the issue further…

@azure what quota setting do these VM skus belong to?

standard_d4pds_v5
standard_d4lds_v5
standard_d4ads_v5
standard_d4ds_v5
standard_d4d_v5
standard_d4d_v4
standard_ds3_v2
standard_ds12_v2

The response reiterated the vCPUs and memory for each of those models, but it wasn’t quite what I was hoping for.

@azure increase cpu quota in the eastus2 region for standard_d4ds_v5?

Building on the response from the prior question, I was expecting the extension to actually submit the quota increase request for me. Unfortunately, I was provided with a CLI command I could run to examine the quotas and link to external documents that provided instructions on how to navigate the quota increase process. I then made the quota increases myself and decided to give the extension another chance to prove itself.

@azure does my subscription meet the prerequisites for deploying and AKS cluster to eastus2 region?

Disappointing response here. Basically I was told there was no existing AKS cluster in the subscription. Well I knew that! This whole journey started because I wanted to create a cluster.

When all was said and done, I relaunched the AKS Extension in VSCode and worked through the wizard to create my cluster.

@azure Can you find a sample app that consist of multiple micro-services to deploy to AKS?

Copilot located the example Azure-Samples/aks-store-demo: Sample microservices app for AKS demos, tutorials, and experiments and provided azd commands for me to run to easily initialize workspace.

The “human in the loop” strategy that is popular with AI Assistants would have prompted me to confirm action and then proceeded. In this case, no such prompt so I used the “Insert into Terminal” feature to run the recommended commands myself.

Once the workspace was initialized with the sample application…

@azure deploy this app to Azure

Not the response I was hoping for. I was given links to different online instructions for deploying the application…but I noticed a template spec yaml and opened that in my editor.

@azure deploy this manifest to my aks cluster

This worked out well. It launched wizard and I deployed aks-store-quickstart.yaml

Examining Health of Deployed Services

With the services defined in the manifest now deployed, I wanted to see what kind of help Copilot could provide for diagnosing problems.

@azure how is the health of the order-service on my aks cluster named copilot?

This resulting in some recommended kubectl commands. No execution of those commands and no interpretation of the results. Very helpful for those unfamiliar with kubectl.

A major benefit of AKS is you can examine the cluster configuration through the Azure portal (assuming the cluster management plane is exposed to the internet). That is much more user friendly than kubectl from the command line and I would have expected a “head-nod” to these capabilities…but no mention.

Let’s Setup Service Mesh

With the AKS cluster running and a sample collection of services deployed, I wanted to take advantage of the benefits that “service mesh” promised during my prior testing.

@azure enable istio on my aks cluster named “copilot”

This returned instructions how install Istio, but did not take an action or prompt me to confirm action. I was actually surprised that the response did not reference the Istio add-on for AKS: Deploy Istio-based service mesh add-on for Azure Kubernetes Service – Azure Kubernetes Service | Microsoft Learn

Regardless, I decided to proceed with the instructions provided (which basically explained how to deploy Istio via Helm charts).

First things first…I need to connect to the cluster.

@azure generate kubeconfig connecting to my AKS cluster named “copilot”

At this point, I was not disappointed. My expectations for Copilot to take action where minimal. The response provided az cli command to run (and it worked flawlessly)

az aks get-credentials --resource-group aks-rg --name copilot

Then I completed the Istio deployment sequence previously described without problems.

Phone a Friend

An engineer on the team was having trouble managing a complex suite of services in their cluster (YAML manifest overload). Not deeply familiar with Helm syntax myself, I decided to see how Copilot could help.

Convert these yaml manifest files into a helm chart

I was very pleased with the results! This is definitely a scenario to keep in mind and save hours of work. The content was automatically generated, placed in my editors, and I saved the files in my workspace.

Of course, we tested it out and things ran….helm deploy with success.