Standardize DevOps practices across hybrid and multicloud environments
Published Sep 29 2021 05:23 AM 8,006 Views

In this video, I had the chance to speak with Jason Hansen (Principal Program Manager at Microsoft) about how you can use Azure Arc to standardize DevOps practices across hybrid and multicloud environments.



Configurations and GitOps with Azure Arc-enabled Kubernetes

In relation to Kubernetes, GitOps is the practice of declaring the desired state of Kubernetes cluster configurations (deployments, namespaces, etc.) in a Git repository. This declaration is followed by a polling and pull-based deployment of these cluster configurations using an operator. The Git repository can contain:

  • YAML-format manifests describing any valid Kubernetes resources, including Namespaces, ConfigMaps, Deployments, DaemonSets, etc.
  • Helm charts for deploying applications.

Flux, a popular open-source tool in the GitOps space, can be deployed on the Kubernetes cluster to ease the flow of configurations from a Git repository to a Kubernetes cluster. Flux supports the deployment of its operator at both the cluster and namespace scopes. A flux operator deployed with namespace scope can only deploy Kubernetes objects within that specific namespace. The ability to choose between cluster or namespace scope helps you achieve multi-tenant deployment patterns on the same Kubernetes cluster.


Azure Arc GitOpsAzure Arc GitOps


What is Azure Arc-enabled Kubernetes?

With Azure Arc-enabled Kubernetes, you can attach and configure Kubernetes clusters located either inside or outside Azure. When you connect a Kubernetes cluster to Azure Arc, it will:

  • Appear in the Azure portal with an Azure Resource Manager ID and a managed identity.
  • Be placed in an Azure subscription and resource group.
  • Receive tags just like any other Azure resource.

To connect a Kubernetes cluster to Azure, the cluster administrator needs to deploy agents. These agents:

  • Run in the azure-arc Kubernetes namespace as standard Kubernetes deployments.
  • Handle connectivity to Azure.
  • Collect Azure Arc logs and metrics.
  • Watch for configuration requests.

Azure Arc-enabled Kubernetes supports industry-standard SSL to secure data in transit. Also, data at rest is stored encrypted in an Azure Cosmos DB database to ensure data confidentiality.

Supported Kubernetes distributions

Azure Arc-enabled Kubernetes works with any Cloud Native Computing Foundation (CNCF) certified Kubernetes clusters. The Azure Arc team has worked with key industry partners to validate conformance of their Kubernetes distributions with Azure Arc-enabled Kubernetes.

Supported scenarios

Azure Arc-enabled Kubernetes supports the following scenarios:

  • Connect Kubernetes running outside of Azure for inventory, grouping, and tagging.

  • Deploy applications and apply configuration using GitOps-based configuration management.

  • View and monitor your clusters using Azure Monitor for containers.

  • Enforce threat protection using Azure Defender for Kubernetes.

  • Apply policy definitions using Azure Policy for Kubernetes.

  • Create custom locations as target locations for deploying Azure Arc-enabled Data Services, App Services on Azure Arc (including web, function, and logic apps) and Event Grid on Kubernetes.


1 Comment
Version history
Last update:
‎Sep 29 2021 05:20 AM
Updated by: