Azure Arc enabled Kubernetes: Hybrid und Multi-Cloud

Azure Arc enabled Kubernetes Hybrid und Multi-Cloud Thorsten Hans @ThorstenHans
Consultant

Consultant @ Thinktecture #Azure #Kubernetes #CloudNative #Terraform [email protected] thinktecture.com thorsten-hans.com
@ThorstenHans Thorsten Hans

• Azure Arc jump start • Azure Arc enabled Kubernetes
• Onboarding • Inventory • Monitoring • Governance • GitOps • Possibilities, Potentials and Alternatives Agenda

Introduction • Announced during Microsoft Ignite 2019 • Control Plane
for • Multi-Cloud • Multi-Edge • Overall infrastructures (hybrid) • Use Azure capabilities anywhere • Integrate existing compute Azure Arc jump start

Introduction Azure Arc jump start

Introduction • Current Azure Arc service offerings • Azure Arc
enabled servers • Azure Arc enabled Kubernetes* • Azure Arc data services* • Azure Arc enabled SQL Server* * Currently in Preview Azure Arc jump start

Introduction • Integrate “external” Kubernetes clusters • Agents deployed to
the external cluster will communicate with Azure services • Outbound connections • Transport encryption using SSL • Acquired data is encrypted at REST in an Azure Cosmos DB instance Azure Arc eneabled Kubernetes

Onboarding • Check supported Kubernetes distros • Check -> Supported
Kubernetes distros • Currently available in East US and West Europe • Check -> Supported Regions Azure Arc eneabled Kubernetes

Demo Azure Arc enabled Kubernetes Onboarding

Inventory • Seamless integration in Azure Portal / Azure CLI
/ Azure PoSh Modules • Support for Tagging • Integration with plain old Azure Resource Groups • Accessible via Azure Resource Graph Azure Arc eneabled Kubernetes

Demo Azure Arc enabled Kubernetes Inventory

Monitoring • Ship logs from external cluster to Azure Monitor
• Azure Monitor for containers • Displays metrics about Nodes, System Pods and User Pods • Get performance insights from entire clusters • STDOUT / STDERR from all containers (except those in kube-system) will be forwarded to Azure Monitor and underlying Log Analytics Workspace • Optionally, Prometheus metrics scraping can be configured Azure Arc eneabled Kubernetes

Demo Azure Arc enabled Kubernetes Monitoring

Governance • Azure Arc enabled Kubernetes is based on Gatekeeper
3 (an admission controller for Open Policy Agent) • Azure Policies can be configured in Azure Portal and will be enforced in the cluster by Gatekeeper • Microsoft provides pre-defined Policies for Kubernetes workloads / environments Azure Arc eneabled Kubernetes

Demo Azure Arc enabled Kubernetes Governance

Application Deployment with GitOps • CD for custom workloads with
GitOps • Havent heard of GitOps yet? • What Is GitOps (weave.works) • Is GitOps the next big thing in DevOps? | Atlassian Git Tutorial • Currently relying on Flux v1 Azure Arc eneabled Kubernetes

Vision • Azure Arc enabled Kubernetes could become the unique
administrative interface for multi- cloud and edge deployments • A deep integration with Azure Policies, Azure Security Center and Azure Sentinel will help to govern and harden external Kubernetes workloads • Help customers on their transition from private data-centers to the public cloud Possibilities, Potentials and Alternatives

Alternatives • Rancher • Vendor agnostic, open source offering to
manage, govern and secure different Kubernetes workloads • AWS Outposts • Amazon’s competitor to Azure Arc enabled Kubernetes • Google Anthos • Google’s competitor to Azure Arc enabled Kubernetes Possibilities, Potentials and Alternatives

• Possibilities, Potentials and Alternatives Agenda

All samples are on GitHub thinktecture/arc-enabled-k8s-webinar-january-2021

Q&A If you have further questions: shoot me a mail
at [email protected] / [email protected] or tweet at @ThorstenHans

Azure Arc enabled Kubernetes: Hybrid und Multi-...

Azure Arc enabled Kubernetes: Hybrid und Multi-Cloud

Thorsten Hans

More Decks by Thorsten Hans

Other Decks in Technology

Featured

Transcript