Releasing Kubernetes apps offer in Microsoft Cloud Marketplace for AKS ( Azure Kubernetes Services)

 

We are excited to announce the release of Kubernetes apps offer in Microsoft Cloud Marketplace in public preview at Ignite 2022. Kubernetes apps is a new marketplace offer that allows partners to create, publish, and manage commercial Kubernetes solutions in marketplace with click-through deployments to Azure Kubernetes service and flexible billing models. Kubernetes customers require a rich ecosystem of first-party and third-party solutions to build robust enterprise solutions. By building an exclusive marketplace offer type for Kubernetes, we aim to provide a rich catalog of partner and open-source Kubernetes solutions which customers can deploy to their AKS clusters through an easy one-click option with integrated Azure billing. Customer Dev/IT teams can procure their Kubernetes solution with speed from trusted procurement channels of Microsoft Cloud Marketplace while accruing towards Microsoft Azure consumption commitment.

 

To find Kubernetes apps offer in Azure Marketplace portal, search for “kubernetesapps” word in the Search bar.  

 

Demo : https://www.youtube.com/watch?v=kHkQPD-RqiI 

 

Quotes from our launch partners

Tetrate

“For customers migrating and modernizing their enterprise applications to Azure Kubernetes Services, Istio service mesh helps them easily implement zero-trust security, resiliency and accelerate application delivery without changing their application code," said Saptak Sen, VP, Alliance and Integration, Tetrate. "Azure Container Marketplace for Kubernetes Applications has made it very simple and efficient to offer Tetrate Istio Subscription, a FIPS verified and supported enterprise Istio to our customers, with its automated flow for fast publishing and the safety-net of security scanning”

 

Cognosys

"While Cognosys being world's largest publisher, builds Kubernetes apps across multiple cloud platforms, Microsoft's latest launch of fully automated publishing pipeline has raised the bar among other competing platforms by providing not only a seamless experience with various tools including ready to use Build Container image as well as a Azure Pipeline but also the amount of extensive efforts shows up in their detailed documentation provided to the publisher. 

With Microsoft's proactive visualization of common teething issues and providing an intuitive interface, we can see our customers being greatly benefitted by this seamless deployment experience to their AKS clusters .

Kudos to the team on yet another customer centric milestone and a job well executed." - Vasanti Patil, CTO

 

Trilio 

"It has been a great team collaboration starting from the CED program to onboard ISV to the Partner Center, becoming beta users for the KubernetesApps feature on the Azure Marketplace ecosystem, and helping during the Public preview offer creation. It is a very quick and hassle-free experience to host, manage TrilioVault for Kubernetes on Azure Marketplace and deploy on the AKS cluster directly through the marketplace. As an ISV, the effort to learn the technology is very minimal and it has provided the best end-to-end experience to our users while deploying, licensing, and operating the product on the AKS cluster." - Bhagirath Hapse, Product Manager, Partner Ecosystem, Trilio

 

AKS customer 

Through Kubernetes apps offer, our goal is to provide seamless deployment experience by enabling easy one clicks deployments to AKS clusters. At present, users type “kubernetesapps” in Azure Marketplace portal search bar to find active published Kubernetes solutions in marketplace.

 

 

To deploy any of the solution onto your AKS cluster, just select the solution to see detailed information about the offer. Note the pricing or billing information and if agree, click Create. I have selected our sample voting app here

 

Upon clicking Create, provide the necessary information to deploy the solution on AKS cluster. In sample voting app, we ask for a subscription, resource group, and an option to create new cluster or select an existing AKS cluster

Click “Review + Create” for validation. After validation, click Create to simply deploy the solution to the AKS cluster. 

Upon successful deployment, go to your selected AKS cluster and find azure vote services in “Services and Ingresses” under Kubernetes resources in Azure portal

Browser Azure Vote app !

 

 

Partner Benefits

Partners interested in contacting the team for Kubernetes offer enrollment or have any questions, please fill out the form 

 

For our partners, Kubernetes apps offer provides the following benefits

• Easy and reusable packaging, Ci/CD integration – Partners can use their existing helm chart packaging to create bundle for Kubernetes apps offer. The following artifacts need to be produced and bundled using CNAB bundling. CNAB bundling is a cloud agnostic format for packaging distributed applications.
  1. HELM Charts
  2. ARM Template - ARM templates are JSON files to automate Azure infrastructure provision and configuration. Sample ARM template
  3. UI definition file – Defines the interface for user inputs in Azure portal before solution deployment to AKS clusters. Example: Partners can specify a dropdown list to pick AKS cluster to deploy to in UI definition file. 
  4. Manifest File - The package manifest is a yaml file that describes the package and its contents and tells the packaging tool where to locate the dependent artifacts.

             Once the artifacts are present, download the CNAB packaging tool and run the commands to generate CNAB bundle.  Upload the package to your Azure Container registry. Detailed instruction here.

 

• Easy offer creation and publishing within 48 hours: This is a great advantage to our partners. Partners need NOT go through a tedious manual or semi-automated process and wait several weeks for publishing their offer in marketplace. Easy click-through offer workflow interface with out of box validation allows partners to create and correct an offer within minutes. Once the offer is submitted, end-to-end automation from security/vulnerability certification to backend publishing workflow publishes an offer within 48 hours of submitting given no vulnerabilities detected. 
  •  To create Kubernetes apps offer, Partner selects Azure Container offer and pick Kubernetes apps offer option setting as shown here in Azure partner center. Ensure to select the Kubernetes apps subcategory in the category properties of the offer and add “Kubernetes apps” in the offer description for appropriate categorization.  Provide the Azure container registry location for your CNAB bundle and select pricing options to complete your offer.
  • For transactable offer, partners can pick from two pricing options
    • Per Core - Provide the price for one CPU core and we’ll increment the pricing based on the size of the hardware used by your application
    • Per every core in cluster – Total number of cores within the cluster. You provide the price for one CPU core, and we’ll increment the pricing based on the size of the hardware in the cluster

That’s yet, submit your offer and system publishes the offer within 48 hours of submitting given security and validation pass.

 

• Automated Security Scanning:  For customer safety, all artifacts produced by partners are scanned and checked for malware and vulnerabilities before publishing an offer. Offers are blocked in case of malware/vulnerability detection and partners are provided with vulnerability reports for correction. After fixing vulnerabilities, partners resubmit the offer to trigger the same workflow until an offer passes security certification.
  1. Marketplace Container Certification uses MS Defender for cloud, which scans images in ACR for vulnerabilities based on CVSS v3 score (Common Vulnerability Scoring System). All container products with vulnerabilities with CVSS v3 score greater than or equal to 7 are blocked. There may be rare instances where specific CVE IDs with even lower scores are blocked by certification. Certification tries to provide remediation steps for each vulnerability so publishers can fix them.
  2. You can also use MS Defender or open source/paid software such as Aqua Security, Qualys Container Security, Clair, Twist Lock for scanning your images before publishing. You must remove at least high and critical vulnerabilities to ensure high rate of passing. These tools are just examples of the tools available for scanning online. ISVs are free to choose any other tool, which is the right fit for them (even if it is not part of the list here) as long as it identifies vulnerabilities.
• Selling through the customer pre-approved procurement channel of Microsoft cloud marketplace eliminates delays in creating new channel with customers.
• Increase discoverability with curated catalog of Kubernetes solutions.
• Enjoy the benefits of GTM and co-sell through Marketplace.

 

Partner Flow: 

To create Kubernetes apps offer, start by creating a new offer of type Azure Container in Azure Partner Center. 

Upon selecting Azure Container offer, Select Kubernetes apps option as shown below in "Offer Setup" segment. Additionally, select "Kubernetes App" sub-category in "Properties" segment as below

 

For correct categorization of your offer to Kubernetes apps offer, add the following statement in the description of your offer. Please fill out the offer details with the accuracy and the information required for your customers to understand the offer. 

 

 

Other key steps are to upload your package and pick the pricing model for the offer in "Plan Overview" segment. 

 

Submit your package for review. We will notify you once your offer is published.  

 

Resources 

Partner enrollment: Fill out the form and the product team will get in touch with you- https://forms.office.com/r/71SiWSkSMe 

Kubernetes apps offer documentation : 

Create offer 

Deploy Kubernetes apps offer from Marketplace

Prepare artifacts for offer

 

Find out more about our other cloud-native Ignite 2022 announcements here.