Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Azure Arc enabled Kubernetes: Hybrid and Multi-Cloud

Azure Arc enabled Kubernetes: Hybrid and Multi-Cloud

Finally, one to rule them all: Azure Arc enabled Kubernetes allows you to manage and monitor Kubernetes clusters from different sources. Let Azure Arc act as a cockpit for all your Kubernetes clusters, no matter if they are running in AWS, Google Compute Cloud, Digital Ocean, or even a private data center.
Join this webinar with Thorsten Hans to understand the capabilities and see what can be achieved with Azure Arc enabled Kubernetes. With an example, you will dive into the topic and see how to use key features such as onboarding, inventory, monitoring, and Azure Policy powered governance to tame all your clusters.

Thorsten Hans

April 29, 2021
Tweet

More Decks by Thorsten Hans

Other Decks in Technology

Transcript

  1. • Azure Arc jump start • Azure Arc enabled Kubernetes

    • Onboarding • Inventory • Monitoring • Governance • GitOps • Possibilities, Potentials and Alternatives Agenda
  2. • Azure Arc jump start • Azure Arc enabled Kubernetes

    • Onboarding • Inventory • Monitoring • Governance • GitOps • Possibilities, Potentials and Alternatives Agenda
  3. Introduction • Announced during Microsoft Ignite 2019 • Control Plane

    for • Multi-Cloud • Multi-Edge • Overall infrastructures (hybrid) • Use Azure capabilities anywhere • Integrate existing compute Azure Arc jump start
  4. Introduction • Current Azure Arc service offerings • Azure Arc

    enabled servers • Azure Arc enabled Kubernetes • Azure Arc data services* • Azure Arc enabled SQL Server* * Currently in Preview Azure Arc jump start
  5. • Azure Arc jump start • Azure Arc enabled Kubernetes

    • Onboarding • Inventory • Monitoring • Governance • GitOps • Possibilities, Potentials and Alternatives Agenda
  6. Introduction • Integrate “external” Kubernetes clusters • Agents deployed to

    the external cluster will communicate with Azure services • Outbound connections • Transport encryption using SSL • Acquired data is encrypted at REST in an Azure Cosmos DB instance Azure Arc eneabled Kubernetes
  7. Onboarding • Check supported Kubernetes distros • Check -> Supported

    Kubernetes distros • Currently available not available in all Azure regions • Check -> Supported Regions Azure Arc eneabled Kubernetes
  8. Inventory • Seamless integration in Azure Portal / Azure CLI

    / Azure PoSh Modules • Support for Tagging • Integration with plain old Azure Resource Groups • Accessible via Azure Resource Graph Azure Arc eneabled Kubernetes
  9. Monitoring • Ship logs from external cluster to Azure Monitor

    • Azure Monitor for containers • Displays metrics about Nodes, System Pods and User Pods • Get performance insights from entire clusters • STDOUT / STDERR from all containers (except those in kube-system) will be forwarded to Azure Monitor and underlying Log Analytics Workspace • Optionally, Prometheus metrics scraping can be configured Azure Arc eneabled Kubernetes
  10. Governance • Azure Arc enabled Kubernetes is based on Gatekeeper

    3 (an admission controller for Open Policy Agent) • Azure Policies can be configured in Azure Portal and will be enforced in the cluster by Gatekeeper • Microsoft provides pre-defined Policies for Kubernetes workloads / environments Azure Arc eneabled Kubernetes
  11. Application Deployment with GitOps • CD for custom workloads with

    GitOps • Havent heard of GitOps yet? • What Is GitOps (weave.works) • Is GitOps the next big thing in DevOps? | Atlassian Git Tutorial • Currently relying on Flux v1 Azure Arc eneabled Kubernetes
  12. • Azure Arc jump start • Azure Arc enabled Kubernetes

    • Onboarding • Inventory • Monitoring • Governance • GitOps • Possibilities, Potentials and Alternatives Agenda
  13. Vision • Azure Arc enabled Kubernetes could become the unique

    administrative interface for multi- cloud and edge deployments • A deep integration with Azure Policies, Azure Security Center and Azure Sentinel will help to govern and harden external Kubernetes workloads • Help customers on their transition from private data-centers to the public cloud Possibilities, Potentials and Alternatives
  14. Alternatives • Rancher • Vendor agnostic, open source offering to

    manage, govern and secure different Kubernetes workloads • AWS Outposts • Amazon’s competitor to Azure Arc enabled Kubernetes • Google Anthos • Google’s competitor to Azure Arc enabled Kubernetes Possibilities, Potentials and Alternatives
  15. • Azure Arc jump start • Azure Arc enabled Kubernetes

    • Possibilities, Potentials and Alternatives Agenda