Last week at KubeCon + CloudNativeCon Europe 2022, we announced the general availability of the Open Service Mesh (OSM) extension for Arc-enabled clusters, Kubernetes secrets encryption with keys stored in Azure Key Vault, and more.
At Microsoft Build, we are announcing several enhancements to the developer and operator experiences for Azure Kubernetes Service (AKS).
When developers approach building applications that run on top of Kubernetes, they need to learn many infrastructure concepts, like containerization, Kubernetes manifests, and ingresses, which significantly increases their cognitive overload. As we’re building Azure Kubernetes Service (AKS), we want it to be a destination for all developers with the best getting started experience on Kubernetes, whether it is their first-time trying Kubernetes, or launching an application quickly for testing purposes.
We are excited to bring an initial set of capabilities to Azure Kubernetes Service (AKS) to enable developers to start from source code, and get a non-containerized application deployed on a Kubernetes cluster with secure web application routing out of the box in minutes while supporting a variety of ways to scale the application.
To address getting from code-to-container-to cloud, we’ve released version 2 of Draft, the open-source project that streamlines Kubernetes development. Draft makes it easier for developers to get started building apps that run on Kubernetes by taking a non-containerized application and generating the Dockerfile, Kubernetes manifests, Helm charts, Kustomize configuration, and other artifacts associated with a containerized application. Draft can also generate a GitHub Actions workflow file to quickly build and deploy applications onto any Kubernetes cluster.
We’re integrating the Draft experience into AKS. Developers will be able to use Draft with AKS using the Azure Command Line Interface (CLI), Visual Studio Code, and later through the Azure portal, to get from source code to a container image that is stored in an Azure Container Registry along with a GitHub Actions workflow to deploy the resulting application to an AKS cluster using a few commands:
git clone https://github.com/myrepo/ContosoAir az aks draft create --destination ./ContosoAir az aks draft generate-flow --destination ./ContosoAir git push
One of the most common activities that come after deploying a web application is DNS configuration and certificate management. We’re happy to announce the public preview of the web application routing add-on on AKS, the easiest way to get your web application up and running in Kubernetes, securely, while reducing the complexity of managing an ingress controller, certificate management, and DNS configuration. The add-on provides a managed ingress controller based on nginx and integrates out of the box with Open Service Mesh (OSM) to secure intra-cluster communications using mutual TLS.
Cloud-native applications may have several components that require different scale metrics. Kubernetes enables applications to scale through processor and memory utilization, however, this may be insufficient. Kubernetes-based Event-driven Autoscaling (KEDA) is a popular open-source project to handle autoscaling. KEDA allows developers to set scale rules declaratively based on several metrics including Azure Storage Queue, Azure Service Bus, and over 50 scalers.
The KEDA AKS extension provides a way to enable KEDA on AKS clusters. By enabling the KEDA add-on using the Azure CLI, the add-on provides a fully supported installation of KEDA that is integrated with AKS. With the KEDA AKS extension enabled, deployments can be scaled down to 0 pods, decreasing consumption when not needed. When new requests arrive, KEDA activates the deployment to respond to incoming traffic.
AKS is constantly evolving to ensure cluster operators get a streamlined experience while managing their Kubernetes environments. Here is a summary of a series of updates that address such requirements across networking, cluster operations management, and performance optimizations.
Finally, to deliver the best experience and performance when running business critical stateful workloads on AKS, we are introducing replica mounts on Azure Disk persistent volumes which automatically pre-creates replica attachments to ensure that your volume will be rapidly available when your pods failover between cluster nodes. Replica mounts are tightly integrated with Kubernetes, to optimize pod placement, and maximize uptime for stateful applications. Along with replica mounts, the latest version of the Azure Disk Container Storage Interface (CSI) driver provides the ability to fine tune performance and increased reliability at scale. If you are interested in participating in the preview, you can get started by requesting access.
Hybrid and multicloud is a prevalent state in many organizations today and this approach is critical to business success. With Azure Arc-enabled Kubernetes, we are extending the Azure platform so you can build Kubernetes apps and run them consistently across datacenters, edge and multicloud environments.
We’re excited to bring several new capabilities to Azure Arc-enabled Kubernetes to help developers simplify deployment across these multiple locations.
The Open Service Mesh extension is now generally available for Azure Arc-enabled Kubernetes clusters. This allows users to uniformly manage, secure, and get out-of-the-box observability features for highly dynamic microservice environments. The extension is lightweight and can be configured Service Mesh Interface APIs and works by injecting Envoy proxy as a sidecar to each application instance. This service mesh provides some of the core features like mTLS traffic encryption between microservices, traffic splitting, access control policies, observability for application performance and much more.
Today, we announced the general availability of Azure Key Vault secrets provider on Arc-enabled Kubernetes clusters. It allows workloads on Arc clusters to access keys, secrets, certificates stored in an Azure Key Vault. Using a centralized secrets store instead of creating Kubernetes secrets locally on the cluster strengthens the security profile of applications. Based on the key rotation frequency enabled for Azure Key Vault, users can customize the polling interval for this extension, the default being 2 minutes. With this extension, you could have multiple teams scoped to namespaces limit the access to their keys or secrets to just their namespaces. At present, the identity mode supported for Arc clusters is Service Principal. Support for workload identity is in the roadmap. Learn more about AKV secrets provider for Arc clusters.
Today, we are announcing the general availability of GitOps with Flux v2 in Azure Kubernetes Services and Azure Arc-enabled Kuber.... With this release, Azure supports GitOps configuration and workload management for your entire cloud and hybrid Kubernetes estate – clusters in AKS and clusters on-premises or in other public clouds. Flux v2 is a major update bringing a Kubernetes-native architecture, observability, and multi-tenancy among other improvements. With a single tool and process, you can manage your modern applications in Kubernetes everywhere.
Following our release a few months ago of the new landing zone accelerator for Azure Arc-enabled servers, today, we’re launching the Azure Arc-enabled Kubernetes landing zone accelerator within the Azure Cloud Adoption Framework. The landing zone accelerator provides best practices, guidance, and automated reference implementations so that customers can get started with their deployments quickly and easily. Learn more about the Azure Arc-enabled Kubernetes landing zone accelerator.
With the growing number of Azure Arc customers and with Azure Arc-enabled Kubernetes being the foundation for other Azure Arc services such as data services, machine learning, and app services, and integrated as part of our new Azure Arc-enabled Kubernetes landing zone accelerator, it was obvious to us that we needed to develop battle-tested automation to provide our customers a way to get hands-on with the Azure Arc-enabled Kubernetes set of capabilities and features.
Since we released Jumpstart ArcBox 2.0 and the new ITPro flavor back in January, the number of positive responses and customer adoption has been awesome. The new ArcBox modular design allows us to bring new flavors easily and today, we are excited to share the newest flavor - ArcBox for DevOps!
We are excited to see what you’ll build. Learn more about these updates and more through the following resources.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.