Azure Arc enabled Kubernetes: Hybrid and Multi-Cloud

by Thorsten Hans

Slide 1

Slide 1 text

Azure Arc enabled Kubernetes Hybrid und Multi-Cloud Thorsten Hans @ThorstenHans Consultant

Slide 2

Slide 2 text

Consultant @ Thinktecture #Azure #Kubernetes #CloudNative #Terraform [email protected] thinktecture.com thorsten-hans.com @ThorstenHans Thorsten Hans

Slide 3

Slide 3 text

• Azure Arc jump start • Azure Arc enabled Kubernetes • Onboarding • Inventory • Monitoring • Governance • GitOps • Possibilities, Potentials and Alternatives Agenda

Slide 4

Slide 4 text

• Azure Arc jump start • Azure Arc enabled Kubernetes • Onboarding • Inventory • Monitoring • Governance • GitOps • Possibilities, Potentials and Alternatives Agenda

Slide 5

Slide 5 text

Introduction • Announced during Microsoft Ignite 2019 • Control Plane for • Multi-Cloud • Multi-Edge • Overall infrastructures (hybrid) • Use Azure capabilities anywhere • Integrate existing compute Azure Arc jump start

Slide 6

Slide 6 text

Introduction Azure Arc jump start

Slide 7

Slide 7 text

Introduction • Current Azure Arc service offerings • Azure Arc enabled servers • Azure Arc enabled Kubernetes • Azure Arc data services* • Azure Arc enabled SQL Server* * Currently in Preview Azure Arc jump start

Slide 8

Slide 8 text

• Azure Arc jump start • Azure Arc enabled Kubernetes • Onboarding • Inventory • Monitoring • Governance • GitOps • Possibilities, Potentials and Alternatives Agenda

Slide 9

Slide 9 text

Introduction • Integrate “external” Kubernetes clusters • Agents deployed to the external cluster will communicate with Azure services • Outbound connections • Transport encryption using SSL • Acquired data is encrypted at REST in an Azure Cosmos DB instance Azure Arc eneabled Kubernetes

Slide 10

Slide 10 text

Onboarding • Check supported Kubernetes distros • Check -> Supported Kubernetes distros • Currently available not available in all Azure regions • Check -> Supported Regions Azure Arc eneabled Kubernetes

Slide 11

Slide 11 text

Demo Azure Arc enabled Kubernetes Onboarding

Slide 12

Slide 12 text

Inventory • Seamless integration in Azure Portal / Azure CLI / Azure PoSh Modules • Support for Tagging • Integration with plain old Azure Resource Groups • Accessible via Azure Resource Graph Azure Arc eneabled Kubernetes

Slide 13

Slide 13 text

Demo Azure Arc enabled Kubernetes Inventory

Slide 14

Slide 14 text

Monitoring • Ship logs from external cluster to Azure Monitor • Azure Monitor for containers • Displays metrics about Nodes, System Pods and User Pods • Get performance insights from entire clusters • STDOUT / STDERR from all containers (except those in kube-system) will be forwarded to Azure Monitor and underlying Log Analytics Workspace • Optionally, Prometheus metrics scraping can be configured Azure Arc eneabled Kubernetes

Slide 15

Slide 15 text

Demo Azure Arc enabled Kubernetes Monitoring

Slide 16

Slide 16 text

Governance • Azure Arc enabled Kubernetes is based on Gatekeeper 3 (an admission controller for Open Policy Agent) • Azure Policies can be configured in Azure Portal and will be enforced in the cluster by Gatekeeper • Microsoft provides pre-defined Policies for Kubernetes workloads / environments Azure Arc eneabled Kubernetes

Slide 17

Slide 17 text

Demo Azure Arc enabled Kubernetes Governance

Slide 18

Slide 18 text

Application Deployment with GitOps • CD for custom workloads with GitOps • Havent heard of GitOps yet? • What Is GitOps (weave.works) • Is GitOps the next big thing in DevOps? | Atlassian Git Tutorial • Currently relying on Flux v1 Azure Arc eneabled Kubernetes

Slide 19

Slide 19 text

• Azure Arc jump start • Azure Arc enabled Kubernetes • Onboarding • Inventory • Monitoring • Governance • GitOps • Possibilities, Potentials and Alternatives Agenda

Slide 20

Slide 20 text

Vision • Azure Arc enabled Kubernetes could become the unique administrative interface for multi- cloud and edge deployments • A deep integration with Azure Policies, Azure Security Center and Azure Sentinel will help to govern and harden external Kubernetes workloads • Help customers on their transition from private data-centers to the public cloud Possibilities, Potentials and Alternatives

Slide 21

Slide 21 text

Alternatives • Rancher • Vendor agnostic, open source offering to manage, govern and secure different Kubernetes workloads • AWS Outposts • Amazon’s competitor to Azure Arc enabled Kubernetes • Google Anthos • Google’s competitor to Azure Arc enabled Kubernetes Possibilities, Potentials and Alternatives

Slide 22

Slide 22 text

• Azure Arc jump start • Azure Arc enabled Kubernetes • Possibilities, Potentials and Alternatives Agenda

Slide 23

Slide 23 text

All samples are on GitHub thinktecture/arc-enabled-k8s-webinar-april-2021

Slide 24

Slide 24 text

Q&A If you have further questions: shoot me a mail at [email protected] / [email protected] or tweet at @ThorstenHans