We are excited to announce the General Availability of three new capabilities being enabled on AKS – Dapr , Azure Machine Learning and GitOps. These capabilities can be enabled on AKS clusters through a feature called cluster extensions.
Cluster extensions provide an at-scale mechanism to deploy, update and manage the lifecycle of services represented by extension instances running on your AKS clusters. With this capability, management of these services can be done through tools like the Azure CLI and the Azure SDKs. Let's use the rest of the blog to walk you through what each of these new capabilities enable.
What are AKS cluster extensions?
Cluster extensions provide an Azure Resource Manager (ARM) driven experience for installation and lifecycle management of Azure services and supported open-source projects on AKS clusters. Dapr, Azure ML and GitOps are the first set of extension offerings to be deployed and managed through cluster extensions on AKS. Cluster extensions provide users with a unified experience to install, update, and upgrade supported services. Users can install a specific version and upgrade supported service versions through manual upgrade or auto upgrade options.
# Install az k8s-extension create # Update az k8s-extension update # Delete az k8s-extension delete
Dapr cluster extension
The Distributed Application Runtime (Dapr) is a set of incrementally adoptable APIs that simplify the authoring of distributed, microservice-based applications. For example, Dapr provides capabilities for enabling application intercommunication, whether through messaging via pubsub or reliable and secure service-to-service calls. Dapr APIs, also referred to as building blocks, are built on best practice industry standards, that:
Seamlessly fit with your preferred language or framework
Are incrementally adoptable; you can use one, several, or all of the building blocks depending on your needs
The AKS Dapr extension provisions Dapr on your AKS cluster, eliminating the overhead of downloading any Dapr tooling and manually installing and managing the Dapr runtime on your AKS cluster. The extension offers a fully supported version of Dapr and integrates with all native Dapr configuration capabilities through simple command-line arguments.
The following command deploys the Dapr extension on an AKS cluster:
The Azure ML cluster extension for AKS is a machine learning operator that is deployed and managed on AKS using the cluster extension CLI. The Azure ML operator configures and attaches AKS clusters to Azure Machine Learning workspaces in order to train and manage machine learning models. Upon deploying the Azure ML cluster extension on AKS, the cluster can be attached as compute type to run training and inference models in your ML workspace.
The design for the Azure ML extension helps IT operators leverage native Kubernetes concepts such as namespaces, node selectors, and resources requests/limits for ML compute utilization and optimization. By letting the IT operator manage the Azure ML compute setup, the Azure ML extension creates a seamless experience for data science professionals who do not need to learn or use Kubernetes directly.
Azure Kubernetes Service clusters enables enterprises to run highly available ML and deep learning models with GPU compute.
The following command deploys the Azure ML extension on an AKS cluster:
Teams running modern, cloud-native applications need reliable, automated processes for managing Kubernetes cluster configuration and application lifecycle. GitOps is a technique for implementing continuous deployment for these applications and configurations and focuses on using tools and processes developers and cluster admins are familiar with, like Git and pull requests. GitOps enables infrastructure as code, where the state of the environment is declaratively described in Git repositories. Changes to the workload environment, such as an application update, happen via pull request to the Git repository, after which Flux, running in each cluster, automatically syncs the changes and applies them to the cluster. Flux also continuously assures that the cluster remains in the declared state. GitOps enables accurate change management and audit, as cluster state and all changes are fully visible in the Git repository. It also enhances cluster security, as developers and deployment tools don’t need direct access to clusters. In short, GitOps is the modern way to manage continuous deployment for modern workloads, and Azure GitOps with Flux brings this capability to you.
Azure uses open source CNCF Flux to enable GitOps in Azure Kubernetes Service (AKS) clusters. Azure provides simple install, automatic update, and health reporting to simplify your use of GitOps across one to thousands of clusters.
GitOps with Flux v2 is enabled as a cluster extension to your AKS clusters. The Flux extension installs the Flux controllers in the clusters.
After Flux is enabled, you can then create one or more GitOps configurations in each cluster which enable the connections to your Git repositories and the deployment of the resources defined in the repositories.
Azure GitOps with Flux v2 supports multi-tenancy. If you have multiple teams sharing clusters, you may have one Flux configuration pointing to the cluster admin team repository to lay down the baseline security configurations and management apps on each cluster at the cluster level; and then you may have one or more Flux configurations with namespace scoping which point to application team repositories to install the applications created by the various groups in your company.
Importantly, in Azure you can track the compliance state of the deployments in each cluster to assure that the clusters are in the state you declared in your Git repositories. This gives you the observability you need to assure healthy cluster state.
The extensions above allow users to use leading Azure services like machine learning and event-driven open-source projects like Dapr on AKS through an easy deployment model. Users can also use configuration management capabilities using AKS.