Announcing General Availability for GitOps with Flux v2 in Azure
This blog has been co-authored by Chris Sanders, Senior Program Manager, Azure Arc at Microsoft. GitOps capabilities have been an integral part of Azure Kubernetes Service (AKS) since its preview in December 2021 and Azure Arc-enabled Kubernetes since it’s launch at Ignite in 2021. Today, we are pleased to announce the General Availability of GitOps with Flux v2 in Azure Kubernetes Service (AKS) and Azure Arc-enabled Kubernetes (Arc K8s). With this release, Azure supports GitOps configuration and workload management for your entire cloud and hybrid Kubernetes estate – clusters in AKS and clusters on-premises or in other public clouds. Flux v2 is a major update bringing a Kubernetes-native architecture, observability, and multi-tenancy among other improvements. With a single tool and process, you can manage your modern applications in Kubernetes everywhere. Deploy modern applications in your cloud and hybrid environments Teams running modern, cloud-native applications need reliable, automated processes for managing Kubernetes cluster configuration and application lifecycle. GitOps is a technique for implementing continuous deployment for these applications and configurations and focuses on using tools and processes developers and cluster admins are familiar with, like Git and pull requests. GitOps enables infrastructure as code, where the state of the environment is declaratively described in Git repositories. Changes to the workload environment, such as an application update, happen via pull request to the Git repository, after which Flux, running in each cluster, automatically syncs the changes and applies them to the cluster. Flux also continuously assures that the cluster remains in the declared state. GitOps enables accurate change management and audit, as cluster state and all changes are fully visible in the Git repository. It also enhances cluster security, as developers and deployment tools don’t need direct access to clusters. In short, GitOps is the modern way to manage continuous deployment for your containerized workloads, and Azure GitOps with Flux brings this capability to you. How does this work? Azure uses open source CNCF Flux to enable GitOps in Azure Kubernetes Service (AKS) or Azure Arc-enabled Kubernetes (Arc K8s) clusters. Azure provides simple install, automatic update, and health reporting to simplify your use of GitOps across one to thousands of clusters. In Azure, GitOps with Flux v2 is enabled as a cluster extension to your AKS or Arc K8s clusters. The Flux extension installs the Flux controllers in the clusters. After Flux is enabled, you can then create one or more GitOps configurations in each cluster which enable the connections to your Git repositories and the deployment of the resources defined in the repositories. Importantly, in Azure you can track the compliance state of the deployments in each cluster to assure that the clusters are in the state you declared in your Git repositories. This gives you the observability you need to assure healthy cluster state. GitOps extension for VS Code We also are happy to announce the release of the new GitOps extension for VS Code. You can manage GitOps with Flux in your AKS, Arc-enabled Kubernetes, or other Kubernetes clusters directly within the VS Code client. This can simplify the developer inner loop when working with clusters managed by GitOps Flux. Some key features are: View list of configured clusters and switch cluster context AKS, Arc K8s, and other clusters are identified View Flux controllers, state, and logs View sources (Git and Helm Repositories, Bucket) and workloads (Kustomization, Helm Release) Create Git Repository source and Kustomization workload on the cluster Reconcile Sources and Workloads on demand Load Kubernetes Object manifest .yaml configs in VS Code editor Pull Git Repository Source to user machine and open it in VS Code Links to GitOps, Flux, and Azure Kubernetes documents This is an open-source project, and your contributions are welcome to improve the GitOps extension. Open-Source Partnerships The work to integrate Flux in Azure GitOps, enhance Flux capabilities, and create the VS Code extension has been done in partnership with Weaveworks and the Flux maintainers. Microsoft is continuing to partner with Weaveworks and participate in advancing the Flux CNCF project and OpenGitOps. Next Steps We are excited for you to start using the new capabilities in GitOps with Flux v2 in Azure Kubernetes Service and Azure Arc-enabled Kubernetes. For details on how you can get started, please see these documents: GitOps in Azure conceptual overview Tutorial: Use GitOps with Flux v2 in Azure Arc-enabled Kubernetes or AKS clusters Leverage the Azure Arc Jumpstart to get started quickly with an AKS cluster Azure Architecture Center GitOps for AKS
Connecting services has never been so easy with Service Connector – now Generally Available
Today, we are announcing the general availability of Service Connector on Azure App Service and Azure Spring Apps. You can seamlessly connect your Azure App Service, Azure Spring Apps and Azure Container Apps (in preview) to database, storage, real-time messaging services with single-click or single-command experience in Service Connector. You also get the connection health status for different aspects of each connection. Service Connector abstracts away the complexity of service wiring and connection management, so you can focus on building your business logic and let Azure take care of the configurations between services. Over the past two years, we worked with many customers to learn how they run cloud native apps on Azure. Many of these apps use services such as App Service and talk to Azure database services, storage accounts, Azure messaging services, Key Vault, etc. After these services get provisioned, customers have to figure out how to wire them up. In addition, they must ensure they are connected to each other in a secure way, which involves identity/authentication configuration, firewall/VNET configuration and secret store configuration. Service Connector streamlines this journey, providing a unified experience to easily connect these cloud services. Create service connections in one-click/one command Service Connector makes it intuitive and seamless to connect your compute service to other target services. Once your compute service is provisioned, you can make the connection in one-click or one-command by using Azure Portal or CLI commands. Figure 1: Using Service Connector to connect App Service and Azure SQL Database Store secrets into Key Vault With Service Connector’s built-in Key Vault integration, storing secrets into your Key Vault is as simple as clicking a button – making your connection truly secure. Figure 2: Store access keys and secrets into your Key Vault during service connection creation. Consistent experience across compute platform Service Connector offers unified experience across the major compute services on Azure. No matter where you host your app on Azure, you can find the same portal entry point, CLI commands and Terraform support. Figure 3: Unified command line interface to create service connections. Monitor connection status and troubleshoot connection issues After connecting services together with either firewall rules or via VNet, you can use corresponding environment variables and secrets to interact with the target services with data plane SDKs. Often, the connection can be broken due to cloud environment drift. You can go back to your connection list and validate your connection health status. Service Connect checks all the nodes in your connection and helps troubleshoot connection issues. Figure 4: Connection health validation. Build your own apps with Azure services and connect them with Service Connector today With one click or one command, you can create a connection and start using it in your cloud application in a secure way and start monitoring the connection status. We’d love to hear you how you are using Service Connector in your apps. Resources Learn using Service Connector in App Service, Container Apps (Preview) and Spring Apps Learn more about storing access keys and secrets into Key Vault with Service Connector For feedback and questions, please email us.
