What managed AKS taught us about the real barriers to container adoption — and what still rings true today
A Note on This Post
This piece was originally published on the Rackspace Developer Blog in May 2019, when I was leading product and partner marketing for Rackspace's Azure managed services portfolio. I'm republishing it here because the core challenges it describes including operational complexity, security readiness, and the gap between Kubernetes capability and enterprise production reality, haven't gone away. If anything, they've intensified as organizations now layer AI workloads on top of container infrastructure. The post has been lightly edited for context.
Making Kubernetes Enterprise-Ready on Azure
As a Microsoft Azure Expert Managed Service Provider, Rackspace was focused on delivering high-value services for customers actively running cloud-native applications and for those looking to modernize existing applications to take advantage of the performance, availability, and cost savings that a container-based microservices architecture can deliver.
Introduction
At the time, Rackspace's Fanatical Support for Azure offering was evolving rapidly, and one of the most significant enhancements was a managed services capability designed to help customers remove the difficulty of architecting, deploying, and operating Kubernetes at scale.
The challenge wasn't Kubernetes itself — it was everything around it. Choosing the right solution. Deploying it securely. Operating it reliably without building a dedicated platform engineering team. That's where a managed AKS offering could create real leverage.
We developed a set of management capabilities for Azure Kubernetes Service (AKS) that allowed customers to accelerate their Kubernetes journey and align their digital transformation and container strategies across the full lifecycle, from application through production deployment.
Adopting newer technologies into production environments presents significant challenges for organizations of all sizes. Making AKS production-ready in a specific application environment requires deep Kubernetes skill sets, broad Azure experience, and around-the-clock operations capabilities that most enterprise teams prefer not to build entirely in-house.
Beyond setup, customers needed help meeting specific security requirements including setting network policies, configuring Azure role-based access controls, and achieving the compliance and regulatory posture their environments demanded.
The AKS Offering: Key Capabilities
The managed AKS offering covered the following areas:
Architectural design and infrastructure deployment — Dedicated Azure and Kubernetes experts designed solutions to meet developer and application requirements, optimizing workload placement, node sizing, network infrastructure, and security configuration.
High availability and auto-repair — Solutions included region pairs, multi-cluster configurations with Azure Traffic Manager, geo-replication of container images, and proactive support for self-healing clusters and node auto-repair.
Multi-cluster management — Multi-tenancy core components and logical isolation via namespaces, supporting both development and production workloads across teams with a microservices architecture approach.
Monitoring, alerting, and operations management — Container workload performance monitoring via memory and processor metrics across controllers, nodes, and containers — with capacity planning visibility under average and peak load conditions.
Zero-downtime cluster upgrades — Orchestrated upgrades for both Kubernetes master and agent components, safely cordoning and draining each AKS node without interruption to existing services.
Role-based access control and SSO with Azure Active Directory — Integration with AD using RBAC and pod identities, providing secure and auditable access management.
Application modernization for containers — Professional services capabilities to help transform legacy applications into microservices architectures suited for the AKS platform.
Comprehensive security for container images and infrastructure — Trusted registries, automated builds on base image updates, pod identities, digital key vaults, and credential exposure controls.
24x7x365 support — Continuous cloud operations coverage for customers who needed production-grade reliability without staffing it internally.
Looking Back: What This Still Tells Us
Reading this some seven years later, what strikes me most is how little the fundamental tension has changed. While Kubernetes and container technologies have matured and the related tooling has also improved. Yet most enterprise teams still face the same core tradeoff: the platform can do more than their team has capacity to operate well.
That problem has now migrated upward in the stack so to speak. Today the conversation is less about container orchestration and more about AI infrastructure such as where to run inference workloads, how to govern model access, how to keep environments cost-efficient and auditable. The pattern is quite similar with powerful capability, significant operational complexity, real risk if the architecture and security foundations aren't right.
What the managed AKS project taught me is that the most valuable thing a partner can do isn't just technical. It's translating what the platform can do into a clear, opinionated architecture that fits the customer's actual constraints. That translation work is still undervalued, and still hard to find.
David Lucky is the principal consultant of CloudScale Advisory, a strategic GTM advisory practice focused on cloud, AI, and enterprise technology. He previously held senior product marketing and alliance leadership roles at Rackspace, Effectual, and Centrilogic.