This blog is a transcript of the session “Azure Arc and why it matters” presented by Mikkel Hegnhoj, Principal Program Manager at Microsoft.
It gives a detailed overview of how Azure Arc deals with the management of hybrid cloud and on-premise environments.
Introduction to Azure Arc
Application requirements today are evolving in a very rapid pace. Diverse frameworks/languages are used to build an application like .NET, Java, Go, etc. A variety of infrastructure is also used to host applications like VMs, Containers, Serverless architectures, etc. Also, multi-cloud support is a critical need of the day. Tens or even thousands of apps may also need to be maintained to achieve crucial business needs.
Azure Arc helps in governing and operating across disparate environments. It also plays a critical role in ensuring security guidelines are in place when operating across various environments.
Azure Stack gives an integrated hardware-software set up that you can use to deploy in your own data center. Another side is the IoT devices typically outside of environments, say in a moving vehicle.
Azure Arc acts as a bridge between these two extremes. You don’t need a specific set of hardware or deployment set up. It helps you run applications and services in any data center, across any cloud. Azure Management capabilities are brought into all these data centers.
Extend cloud to on-premise
It provides some key benefits such as
- Extension of Azure Management capabilities across environments
- Adopt cloud practices on-premises and
- Implement Azure security anywhere
ARM with and without Azure Arc
With Azure Arc, all the layers of the ARM and Management services are made available outside Azure in the same unified plane. All the tools and capabilities of ARM are brought in too.
Flavors of Azure Arc
Currently all the above are in preview. Azure Arc comes in different flavors targeting either a physical or virtual machine, Kubernetes apps, or data services.
Azure Arc Enabled Kubernetes capabilities
While AKS (Azure Kubernetes Services) is Microsoft’s Kubernetes engine for the Azure cloud, Kubernetes can be used to orchestrate clusters in on-premise environments. Azure Arc provides a way to manage Kubernetes clusters deployed across environments from the portal. Source control features and policy management for your organization is also streamlined across the clusters no matter where they run.
Let us see how we can integrate a Kubernetes cluster to Azure Arc.
Step 1: Before starting on Azure Arc, you need to register for it as explained here. In the Azure portal, just search for Azure Arc and can get it into it.
As you can see in the above screenshot, Azure Arc would display AKS as well as Azure Arc Enabled Kubernetes.
You can register a Kubernetes cluster with Azure Arc by providing a Resource Group and Cluster Name.
When you run the script in a Kubernetes cluster running outside of Azure, it would get attached to the Azure Arc cluster. You can download the script as a power shell or a shell script format.
Exploring Azure Arc configuration and Settings
We can apply policies like native Azure services.
App insights features are also made available for the Azure Arc Enabled Kubernetes cluster running outside of Azure.
GitOps can be used to describe system state, declare new states, and have agents enforce the Desired state configuration. Flux, which is a GitOps operator for Kubernetes is used under the hood.
Let us look at how the flow would look like using GitOps.
GitOps is an infrastructure-as-code CI/CD offering. You can create app manifests describing the configuration of the clusters. Once push code to CI, it would build the container images based on the new configuration and push the images to the registry. Once the pull request gets approved, the app update is triggered. The flux agent makes sure that all nodes in the cluster move the updated desired state.
We can see from the above figure how the Flux agent reads the updated code after approved Pull Request, pulls the application images from either docker or Azure Container Registry, evaluates any updates in the app manifests, and contacts the Kubernetes API to bring the clusters to the updated state. It eliminates the need for manually using the kubectl commands to contact the Kubernetes pods.
This opens a lot of opportunities where we can perform multi-tenant setups. We can configure GitOps to manage multiple Kubernetes clusters.
In this blog post, we discussed the various advantages Azure Arc provides across the environments. We also saw the different flavors of Azure Arc and took a deep look at Azure Arc for Kubernetes. Finally, we also saw how GitOps helps in the desired state configuration. The GA date of Azure Arc is not known yet according to the speaker, but it is sure to be available very soon. Stay tuned!!