Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Azure Arc enabled Kubernetes: Hybrid und Multi-Cloud

Azure Arc enabled Kubernetes: Hybrid und Multi-Cloud

Endlich alle unter einem Dach. Mit Azure Arc enabled Kubernetes können Kubernetes-Cluster in Azure verwaltet und überwacht werden, und dies unabhängig davon, in welcher Umgebung der Cluster betrieben wird. Azure Arc dient als zentrales und professionelles Cockpit für Ihre Kubernetes-Cluster die in Amazon AWS, Google Compute Cloud, Digital Ocean, oder in privaten Rechenzentren betrieben werden. In diesem Webinar zeigt Thorsten Hans welche Möglichkeiten und Potentiale Azure Arc enabled Kubernetes bietet. Anhand einer Beispielumgebung werden Sie sehen, wie Inventarisierung, Monitoring und Governance – unter Verwendung von Azure Policies und Open Policy Agent - auf externe Kubernetes-Cluster angewendet werden können.

6848c06ef647ab606c668cc5264c0fc9?s=128

Thorsten Hans

January 27, 2021
Tweet

Transcript

  1. Azure Arc enabled Kubernetes Hybrid und Multi-Cloud Thorsten Hans @ThorstenHans

    Consultant
  2. Consultant @ Thinktecture #Azure #Kubernetes #CloudNative #Terraform thorsten.hans@thinktecture.com thinktecture.com thorsten-hans.com

    @ThorstenHans Thorsten Hans
  3. • Azure Arc jump start • Azure Arc enabled Kubernetes

    • Onboarding • Inventory • Monitoring • Governance • GitOps • Possibilities, Potentials and Alternatives Agenda
  4. • Azure Arc jump start • Azure Arc enabled Kubernetes

    • Onboarding • Inventory • Monitoring • Governance • GitOps • Possibilities, Potentials and Alternatives Agenda
  5. Introduction • Announced during Microsoft Ignite 2019 • Control Plane

    for • Multi-Cloud • Multi-Edge • Overall infrastructures (hybrid) • Use Azure capabilities anywhere • Integrate existing compute Azure Arc jump start
  6. Introduction Azure Arc jump start

  7. Introduction • Current Azure Arc service offerings • Azure Arc

    enabled servers • Azure Arc enabled Kubernetes* • Azure Arc data services* • Azure Arc enabled SQL Server* * Currently in Preview Azure Arc jump start
  8. • Azure Arc jump start • Azure Arc enabled Kubernetes

    • Onboarding • Inventory • Monitoring • Governance • GitOps • Possibilities, Potentials and Alternatives Agenda
  9. Introduction • Integrate “external” Kubernetes clusters • Agents deployed to

    the external cluster will communicate with Azure services • Outbound connections • Transport encryption using SSL • Acquired data is encrypted at REST in an Azure Cosmos DB instance Azure Arc eneabled Kubernetes
  10. Onboarding • Check supported Kubernetes distros • Check -> Supported

    Kubernetes distros • Currently available in East US and West Europe • Check -> Supported Regions Azure Arc eneabled Kubernetes
  11. Demo Azure Arc enabled Kubernetes Onboarding

  12. Inventory • Seamless integration in Azure Portal / Azure CLI

    / Azure PoSh Modules • Support for Tagging • Integration with plain old Azure Resource Groups • Accessible via Azure Resource Graph Azure Arc eneabled Kubernetes
  13. Demo Azure Arc enabled Kubernetes Inventory

  14. Monitoring • Ship logs from external cluster to Azure Monitor

    • Azure Monitor for containers • Displays metrics about Nodes, System Pods and User Pods • Get performance insights from entire clusters • STDOUT / STDERR from all containers (except those in kube-system) will be forwarded to Azure Monitor and underlying Log Analytics Workspace • Optionally, Prometheus metrics scraping can be configured Azure Arc eneabled Kubernetes
  15. Demo Azure Arc enabled Kubernetes Monitoring

  16. Governance • Azure Arc enabled Kubernetes is based on Gatekeeper

    3 (an admission controller for Open Policy Agent) • Azure Policies can be configured in Azure Portal and will be enforced in the cluster by Gatekeeper • Microsoft provides pre-defined Policies for Kubernetes workloads / environments Azure Arc eneabled Kubernetes
  17. Demo Azure Arc enabled Kubernetes Governance

  18. Application Deployment with GitOps • CD for custom workloads with

    GitOps • Havent heard of GitOps yet? • What Is GitOps (weave.works) • Is GitOps the next big thing in DevOps? | Atlassian Git Tutorial • Currently relying on Flux v1 Azure Arc eneabled Kubernetes
  19. • Azure Arc jump start • Azure Arc enabled Kubernetes

    • Onboarding • Inventory • Monitoring • Governance • GitOps • Possibilities, Potentials and Alternatives Agenda
  20. Vision • Azure Arc enabled Kubernetes could become the unique

    administrative interface for multi- cloud and edge deployments • A deep integration with Azure Policies, Azure Security Center and Azure Sentinel will help to govern and harden external Kubernetes workloads • Help customers on their transition from private data-centers to the public cloud Possibilities, Potentials and Alternatives
  21. Alternatives • Rancher • Vendor agnostic, open source offering to

    manage, govern and secure different Kubernetes workloads • AWS Outposts • Amazon’s competitor to Azure Arc enabled Kubernetes • Google Anthos • Google’s competitor to Azure Arc enabled Kubernetes Possibilities, Potentials and Alternatives
  22. • Azure Arc jump start • Azure Arc enabled Kubernetes

    • Possibilities, Potentials and Alternatives Agenda
  23. All samples are on GitHub thinktecture/arc-enabled-k8s-webinar-january-2021

  24. Q&A If you have further questions: shoot me a mail

    at thorsten.hans@thinktecture.com / thorsten.hans@gmail.com or tweet at @ThorstenHans