Ignite 2024: AKS enabled by Azure Arc - New Capabilities and Expanded Workload Support
Microsoft Ignite 2024 has been a showcase of innovation across the Azure ecosystem, bringing forward major advancements in AI, cloud-native applications, and hybrid cloud solutions. This year’s event featured key updates, including enhancements to AKS enabled by Azure Arc, which introduced new capabilities and expanded workload support. These updates reinforce the value and versatility that AKS enabled by Azure Arc brings to organizations looking to scale and optimize their operations. With these advancements, AKS Arc continues to support seamless management, increased scalability, and enhanced workload performance across diverse infrastructures. AKS Enabled by Azure Arc AKS enabled by Azure Arc brings the power of Azure’s managed Kubernetes service to any environment, providing consistent management and security across on-premises, edge, and multi-cloud deployments. It encompasses: AKS on Azure Local: A full-featured Kubernetes platform integrated with Azure Local for comprehensive container orchestration in hybrid setups. Notably, AKS on Azure Local has earned recognition as a leader in the 2024 Gartner Magic Quadrant for Distributed Hybrid Infrastructure, underscoring Microsoft's dedication to delivering comprehensive, enterprise-ready solutions for hybrid cloud deployments. AKS Edge Essentials: A lightweight version designed for edge computing, ensuring operational consistency on constrained hardware. AKS on Azure Local Disconnected Operations: It is now available on Azure Local Disconnected Operations. This latest addition to AKS enabled by Azure Arc portfolio is the support for fully disconnected scenario. It allows AKS enabled by Azure Arc to operate in air-gapped, isolated environments without the need for continuous Azure connectivity. It is crucial for organizations that require secure, self-sufficient Kubernetes operations in highly controlled or remote locations. With this support, businesses can maintain robust Kubernetes functionality while meeting stringent compliance and security standards. Key Features and Expanded Workload Support This year's Ignite announcements unveiled a series of public preview and GA features that enhance the capabilities of AKS enabled by Azure Arc. These advancements reflect our commitment to delivering robust, scalable solutions that meet the evolving needs of our customers. Below are the key highlights that showcase the enhanced capabilities of AKS enabled by Azure Arc: Edge Workload Azure IoT Operations - enabled by Azure Arc: Available on AKS Edge Essentials (AKS-EE) and AKS on Azure Local with public preview support. Azure IoT Operations in the management and scaling of IoT solutions. It provides robust support for deploying and overseeing IoT applications within Kubernetes environments, enhancing operational control and scalability. Organizations can leverage this tool to maintain seamless management of distributed IoT workloads, ensuring consistent performance and simplified scaling across diverse deployment scenarios. Azure Container Storage - enabled by Azure Arc: Available on both AKS Edge Essentials (AKS-EE) and AKS on Azure Local, this support enables seamless integration for persistent storage needs in Kubernetes environments. It provides scalable, reliable, and high-performance storage solutions that enhance data management and support stateful applications running in hybrid and edge deployments. This addition ensures that organizations can efficiently manage their containerized workloads with robust storage capabilities. Azure Key Vault Secret Store extension for Kubernetes: Now available as public preview on AKS Edge Essentials and AKS on Azure Local, this extension automatically synchronizes secrets from an Azure Key Vault to an AKS enabled by Azure Arc cluster for offline access, providing essential tools for proactive monitoring and policy enforcement. It offers advanced security and compliance capabilities tailored for robust governance and regulatory adherence, ensuring that organizations can maintain compliance with industry standards and best practices while safeguarding their infrastructure. Azure Monitor Pipeline: The Azure Monitor pipeline is a data ingestion solution designed to provide consistent, centralized data collection for Azure Monitor. Once deployed for AIO on AKS cluster enabled by Azure Arc, it enables at-scale telemetry data collection and routing at the edge. The pipeline can cache data locally, syncing with the cloud when connectivity is restored, and supports segmented networks where direct data transfer to the cloud isn’t possible. Built on OpenTelemetry Collector, the pipeline’s configuration includes data flows, cache properties, and destination rules defined in the DCR to ensure seamless data processing and transmission to the cloud. Arc Workload Identity Federation: Now available as public preview on AKS Edge Essentials and AKS on Azure Local, providing secure federated identity management to enhance security for customer workloads Arc Gateway: Now available as public preview for AKS Edge Essentials and AKS on Azure Local. Arc Gateway support on AKS enabled by Azure Arc enhances secure connectivity across hybrid environments, reducing required firewall rules and improving security for customer deployments. Azure AI Video Indexer - enabled by Azure Arc: Supported on AKS Edge Essentials and AKS on Azure Local. Arc-enabled Video Indexer enables comprehensive AI-powered video analysis, including transcription, facial recognition, and object detection. It allows organizations to deploy sophisticated video processing solutions within hybrid and edge environments, ensuring efficient local data processing with improved security and minimal latency. MetalLB - Azure Arc Extension: Now supported on AKS Edge Essentials and AKS on Azure Local, MetalLB ensures efficient load balancing capabilities. This addition enhances network resilience and optimizes traffic distribution within Kubernetes environments. Comprehensive AI and Machine Learning Capabilities GPUs for AI Workloads: Now AKS enabled by Azure Arc supports a range of GPUs tailored for AI and machine learning workloads with GPU Partitioning) and GPU Passthrough Virtualization support. These options enable robust performance for resource-intensive AI and machine learning workloads, allowing for efficient use of GPU resources to run complex models and data processing tasks. Arc-enabled Azure Machine Learning: Support on AKS on Azure Local, AML capabilities for running sophisticated AI models. Businesses can leverage Azure’s powerful machine learning tools seamlessly across different environments, enabling them to develop, deploy, and manage machine learning models effectively on-premises and at the edge. Arc-enabled Video Indexer: It extends Azure's advanced video analytics capabilities to AKS enabled by Azure Arc. Organizations can now process and analyze video content in real-time, harnessing Azure's robust video AI tools to enhance video-based insights and operations. This support provides businesses with greater flexibility to conduct video analysis seamlessly in remote or hybrid environments Kubernetes AI Toolchain Orchestrator (Kaito + LoRA + QLoRA): Fully validated and support for fine-tuning and optimizing AI models, Kaito, LoRA and QLoRA are designed for edge deployments such as AKS on Azure Local. This combination enhances the ability to run and refine AI applications effectively in edge environments, ensuring performance and flexibility. Flyte Integration: Now supported on AKS on Azure Local, Flyte offers a scalable orchestration platform for managing machine learning workflows. This capability enables teams to build, execute, and manage complex AI pipelines efficiently, enhancing productivity and simplifying the workflow management process. Enhanced Infrastructure and Operations Management Infrastructure as Code (IaC) with Terraform: Now supported on AKS on Azure Local for both Connected and Air-gapped scenario, providing streamlined deployment capabilities through code. This support enables teams to automate and manage their Kubernetes infrastructure at scale more efficiently with Terraform. Anti-affinity, Pod CIDR, Taints/Labels: Available on AKS on Azure Local, these features provide enhanced infrastructure capabilities by allowing refined workload placement and advanced network configuration. Anti-affinity rules help distribute pods across different nodes to avoid single points of failure, while Pod CIDR simplifies network management by allocating IP ranges to pods. Taints and labels offer greater control over node selection, ensuring that specific workloads run on designated nodes and enhancing the overall efficiency and reliability of Kubernetes operations. Optimized Windows Node Pool Management: AKS enabled by Azure Arc now includes the capability to enable and disable Windows node pools for clusters. This enhancement helps prevent unnecessary binary downloads, benefiting customers with low-speed or limited internet connection. It optimizes resource usage, reduces bandwidth consumption, and enhances overall deployment efficiency, making it ideal for environments with network constraints. Kubernetes Development AKS-WSL: With AKS-WSL, developers can set up a local environment that mimics the experience of working with AKS. This makes it easier for developers to write, debug, and test Kubernetes applications locally before deploying them to a full AKS cluster. AKS-WSL VSCode Extension: The Visual Studio Code extension for AKS-WSL allows developers to write, debug, and deploy Kubernetes applications locally, streamlining development workflows. This setup improves productivity by providing efficient tools and capabilities, making it easier to develop, test, and refine Kubernetes workloads directly from a local machine. Arc Jumpstart: Supported AKS Edge Essentials and AKS on Azure Local. Arc Jumpstart simplifies deployment initiation, providing developers with a streamlined way to set up and start working with Kubernetes environments quickly. It makes it easier for teams to evaluate and experiment with AKS enabled by Azure Arc, offering pre-configured scenarios and comprehensive guidance. By reducing complexity and setup time, Arc Jumpstart enhances the developer experience, facilitating faster prototyping and smoother onboarding for new projects in hybrid and edge settings. Conclusion Microsoft Ignite 2024 has underscored the continued evolution of AKS enabled by Azure Arc, bringing more comprehensive, scalable, and secure solutions to diverse environments. These advancements support organizations in running cloud-native applications anywhere, enhancing operational efficiency and innovation. We welcome your feedback (aksarcfeedback@microsoft.com) and look forward to ongoing collaboration as we continue to evolve AKS enabled by Azure Arc.Introducing Azure Local: cloud infrastructure for distributed locations enabled by Azure Arc
Today at Microsoft Ignite 2024 we're introducing Azure Local,cloud-connected infrastructure that can be deployed at your physical locations and under your operational control. With Azure Local, you can run the foundational Azure compute, networking, storage, and application services locally on hardware from your preferred vendor, providing flexibility to meet your requirements and budget.Introducing Jumpstart Gems
Today, the Jumpstart team is thrilled to share some exciting news! The "Architecture Posters Diagrams Bundle (APD Bundle)" has officially been rebranded as "Jumpstart Gems". While the name has changed, our commitment to providing high-quality, informative, and pleasing architecture diagrams that you all love remains the same. Jumpstart Gems reflects what the Jumpstart program really represents: curated, indispensable, resources that help you uncover the “gems” of knowledge in the adaptive cloud product ecosystem. What’s New? As we roll out the new branding, you may start noticing website updates reflecting the Jumpstart Gems name. But that is just the beginning - we have enhancements in the works to make the Gems even more valuable and engaging 🤩. Stay tuned for updates! Introducing Jumpstart community badge for Gems! With the recent announcement of Jumpstart Badges, we are excited to recognize the incredible efforts of those who have also contributed to Jumpstart Gems. If you have worked with the Arc Jumpstart team to help create any diagrams or posters, you are eligible for our new Jumpstart Gems Badge - "Treasure Hunter" Thank You for Being Part of the Journey The transformation from Architecture Posters Diagrams Bundle to Jumpstart Gems marks an exciting milestone in our journey together. Whether you are a long-time user of these resources or a new contributor, we are grateful for your support and enthusiasm.Announcing General Availability: Windows Server Management enabled by Azure Arc
Windows Server Management enabled by Azure Arc offers customers with Windows Server licenses that have active Software Assurances or Windows Server licenses that are active subscription licenses the following key benefits: Azure Update Manager Azure Change Tracking and Inventory Azure Machine Configuration Windows Admin Center in Azure for Arc Remote Support Network HUD Best Practices Assessment Azure Site Recovery (Configuration Only) Upon attestation, customers receive access to the following at no additional cost beyond associated networking, compute, storage, and log ingestion charges. These same capabilities are also available for customers enrolled in Windows Server 2025 Pay as you Go licensing enabled by Azure Arc. Learn more atWindows Server Management enabled by Azure Arc - Azure Arc | Microsoft Learn or watch Video: Free Azure Services for Non-Azure Windows Servers Covered by SA Powered by Azure Arc! To get started, connect your servers to Azure Arc, attest for these benefits, and deploy management services as you modernize to Azure's AI-enabled set of server management capabilities across your hybrid, multi-cloud, and edge infrastructure!Extending Azure's AI Platform with an adaptive cloud approach
Ignite 2024 is here, and nothing is more top of mind for customers than the potential to transform their businesses with AI wherever they operate. Today, we are excited to announce the preview of two new Arc-enabled services that extend the power of Azure’s AI platform to on-premises and edge environments. Sign up to join the previews here! An adaptive cloud approach to AI The goal of Azure’s adaptive cloud approach is to extend just enough Azure to customers’ distributed environments. For many of these customers, valuable data is generated and stored locally, outside of the hyperscale cloud, whether due to regulation, latency, business continuity, or simply the large volume of data being generated in real time. AI inferencing can only occur where the data exists. So, while the cloud has become the environment of choice for training models, we see a tremendous need to extend inferencing services beyond the cloud to enable complete cloud-to-edge AI scenarios. Search on-premises data with generative AI Over the past couple of years, generative AI has come to the forefront of AI innovation. Language models give any user the ability to interact with large, complex data sets in natural language. Public tools like ChatGPT are great for queries about general knowledge, but they can’t answer questions about private enterprise data on which they were not trained. Retrieval Augmented Generation, or "RAG", helps address this need by augmenting language models with private data. Cloud services like Azure AI Search and Azure AI Foundry simplify how customers can use RAG to ground language models in their enterprise data. Today, we are announcing the preview of a new service that brings generative AI and RAG to your data at the edge. Within minutes, customers can deploy an Arc extension that contains everything needed to start asking questions about their on-premises data, including: Popular small and large language models running locally with support for both CPU and GPU hardware A turnkey data ingestion and RAG pipeline that keeps all data completely local, with RBAC controls to prevent unauthorized access An out-of-the-box prompt engineering and evaluation tool to find the best settings for a particular dataset Azure-consistent APIs to integrate into business applications, as well as apre-packaged UI to get started quickly This service is available now in gated private preview for customers running Azure Local infrastructure, and we plan to make it available on other Arc-enabled infrastructure platforms in the near future. Sign up here! Deploy curated open-source AI models via Azure Arc Another great thing about Azure’s AI platform is that it provides a catalog of curated AI models that are ready to deploy and provide consistent inferencing endpoints that can be integrated directly into customer applications. This not only makes deployment easy, but customers can also be confident that the models are secure and validated These same needs exist on the edge as well, which is why we are now making a set of curated models deployable directly from the Azure Portal. These models have been selected, packaged, and tested specifically for edge deployments, and are currently available on Azure Local infrastructure. Phi-3.5 Mini (3.8 billion parameter language model) Mistral 7B (7.3 billion parameter language model) MMDetection YOLO (object detection) OpenAI Whisper Large (speech to text) Google T5 Base (translation) Models can be deployed from a familiar Azure Portal wizard to an Arc AKS cluster running on premises. All available models today can be run on just a CPU. Phi-3.5 and Mistral 7B also have GPU versions available for better performance. Once complete, the deployment can be managed directly in Azure ML Studio, and an inferencing endpoint is available on your local network. Wrap up Sign up now to join either of the previews at the link below or stop by and visit us in person in the Azure Arc and Azure Local Expert Meet Up station in the Azure Infrastructure neighborhood at Ignite. We’re excited to get these new capabilities into our customers’ hands and hear from you how it’s going. Sign up to join the previews here
New capabilities to aid Migration and Hybrid Cloud Management
When we support customers looking to modernize their IT estate, our vision is to empower businesses to seamlessly manage and migrate their on-premises and cloud environments with efficiency and insight. To help customers with their migration and hybrid cloud journey, we have been working to bridge the gap between on-premises and cloud environments by providing consistent management experiences for both. This week at Ignite, we are excited to announce the public preview of two capabilities as part of customer’s migration journey that bring us closer to this vision: "Business Case for Arc" and "Enabling Arc” capabilities. With these new capabilities in Azure Migrate, customers can now visualize the value of Azure Arc for their on-premises estates throughout their migration journey, making informed decisions with confidence. Customers in their migration journey can now check if their on-premises machine is already Arc enabled, and if not, get the value/savings of using Arc while their resource remains on-premises and leverage the Arc capabilities based on the same. Envision the Benefits of Azure Arc and Azure Management with Business case for Arc The Azure Migrate business case enables customers to create a detailed comparison of the Total Cost of Ownership (TCO) for their on-premises estate versus the TCO on Azure, along with a year-on-year cash flow analysis as they transition their workloads to Azure. With this new capability, customers can now visualize the added value of Azure Arc for their on-premises estates throughout their migration journey. Customers , in addition to getting the TCO of migrating all their resources to Azure, can now compare their estimated current on-premises TCO with the estimated TCO of their on-premises estate with Azure Arc, visualize the cost savings and other benefits of using Azure security (Microsoft Defender for Cloud) and management tools (Azure Monitor and Azure Update Manager) via Azure Arc for their on-premises servers, and see the licensing benefits of Extended Security Updates (ESUs) enabled by Azure Arc, as well as SQL Pay-As-You-Go via Azure Arc-enabled SQL Server. For those not planning to migrate their entire estate or on a long migration journey, they can compare their current on-premises TCO with the combined Azure and Azure Arc TCO in the final planned state to help plan better. Customers can edit the assumptions for Azure and on-premises costs and download the business case report using the export option to share with other stakeholders. Enable Arc: Onboarding to Arc to leverage Azure Management Services The Azure Migrate inventory now integrates with Azure Arc, allowing customers to identify which of their discovered machines are already Arc-enabled and onboard those that are not, directly from the Azure Migrate portal. This integration provides a seamless experience, offering enhanced control and visibility over the migration process while managing the remaining on-premises inventory. Next Steps and Actions Get started here and generate a business case: https://learn.microsoft.com/en-us/azure/migrate/how-to-build-a-business-caseIgnite 2024: Azure AI Video Indexer Enhances Multi-Modal Video Summarization
We are thrilled to introduce the Multi Modal Video Summarization, an enhancement to our previouslyintroduced textual video summarization for recorded video and audio files. This new feature allows customers to obtain concise textual summaries of their videos by identifying key frames and processing them through a GenAI engine using Azure OpenAI or Phi3.5 model. By leveraging the Key frames as an input in addition to the audio and visual insights computed by Azure Video Indexer, prompts are generated to assist the language model in creating a comprehensive video summary. This multi modal approach, ensuring a more accurate and contextually rich summary, suitable for more use cases and scenarios. This feature is available both in the cloud, powered by Azure OpenAI, and on the Edge, as part of VI enabled by ARC, utilizing the latest Phi3.5 visual model that can be configured to run with GPUs for improved performance. Summary of a short video that had no audio, by applying key frames extraction as part of the Textual Summary using GPT4V. The Power of Keyframes By incorporating Video Indexer’s keyframe extraction technology, which captures key moments in the video, and combining them with other audio insights from the video indexer engine such as transcripts, special sounds like alarms or applause, and visual signals including Optical Character Recognition (OCR), object detection, labels, and more, the Multi-Modal video summarization can leverage these signals more effectively and process them using language models like Phi3.5 or GPT4 Visual that receive a textual prompt as well as visual input. This comprehensive approach, of providing the language model rich prompt based on visual and audio insights along with the actual keyframes, ensures that the summaries that are generated are more accurate, contextually rich and relevant to more use cases and industries. Consider the scenario of summarizing long security camera footage with no audio. Relying solely on audio signals and visual insights might miss critical events captured in the video. With our new multi modal keyframe-based summarization, the model can identify and highlight significant moments, such as when individuals enter restricted areas or when a suspicious behavior occurs. By obtaining these summaries, security analysts can quickly review hours of footage, identifying critical events without needing to watch the entire video. This saves precious time and enhances the effectiveness of security monitoring. GPUs at the edge: Enhance Azure AI Video Indexer enabled by Arc with integration with SLM through Phi3.5 The Multi Modal Textual Summarization on Edge has been upgraded to use the Phi-3.5-mini-instruct model. This model, with its 128k context size and modest hardware requirements, now supports image processing essential for the newly introduced keyframe processing. This model can run on GPUs, enhancing it performance. On average, the runtime on A100 is 14.5% of the video duration, and this can be even lower for some videos. Creating an Azure AI Video Indexer Arc extension and configuring GPU to run Textual Video Summarization. How to make it available in my Azure AI Video Indexer account? Use Textual Video Summarization in Your Public Cloud Environment: If you already have an existing Azure Video Indexer account, follow these steps to use the video summarization: Create an Azure Open AI resource in your subscription. Connect your Azure Open AI resource to your Video Indexer resource in the Azure Portal. Go to Azure Video Indexer portal, select a video and choose “Generate summary”. For detailed instructions on how to set up this integration, click here . Please note that this feature is not available in Video Indexer trial accounts or on legacy accounts which uses Azure Media services. Leverage this opportunity also to remove your dependency on Azure Media services by following these instructions. Use Textual Video Summarization in Your Edge Environment, enabled by Arc: If your edge appliances are integrated with the Azure Platform via Azure Arc, here’s how to activate the feature: Register for Video Indexer (VI) enabled by Arc using this form. Rest assured, we are dedicated to activating the Azure AI Video Indexer Arc-enabled extension in your Video Indexer account within 30 days of your request. Once activated, create an Azure AI Video Indexer service extension by adhering to these guidelines. Go to the Azure Video Indexer portal, select a video under your extension, and click “Generate Summary”. For detailed instructions on how to set use the feature click here or watch the demo. Our Video-to-text API (aka Prompt Content API) now also supports Llama2, Phi3, Phi3.5, GPT4O and GPT4OMini Our Video-to-Text API, also known as the Prompt Content API , now supports additional models: Llama2, Phi3, Phi3.5, GPT-4O, and GPT-4O Mini. This enhancement provides greater flexibility when converting video content to text, opening up more opportunities for Azure Video Indexer customers. Users can gather information from Azure Video Indexer in a prompt format that can be customized by selecting the model name and adjusting the prompt style. The “Summarized” style is ideal for tasks like video summaries, naming videos, and describing main events, while the “Full” style is more suited for Q&A, RAG, and search use cases. To learn more about this API, click Here. Read More About the introduced features Video Summarization Demo Video Summarization: Public feature documentation Video Summarization on Edge with Phi Transparency note Prompt content: Video-to-text API About Azure AI Video Indexer Use Azure AI Video Indexer website to access product website Visit Azure AI Video Indexer Developer Portal to learn about our APIs Search the Azure Video Indexer GitHub repository Review our product documentation. Get to know the recent features using Azure AI Video Indexer release notes Use Stack overflow community for technical questions. To report an issue with Azure AI Video Indexer, go to Azure portal Help + support. Create a new support request. Your request will be tracked within SLA. For any other question, contact our support distribution list at visupport@microsoft.comSpeed Innovation with Arc-enabled Kubernetes Applications
As our annual Ignite conference begins in Chicago, I am delighted to share the latest in our effort to empower our customers to rapidly build and scale applications across boundaries: Azure Container Storage, Azure Key Vault Secret Store, Arc Gateway, Azure Monitor Pipeline, Workload Identity Federation, new options for AI workloadswith AKS Arc, and the launch of our Azure Arc ISV partner program. In addition, we just published a white paper with more details. In today’s quickly evolving business environment, speed and agility in software innovation are crucial for companies to compete. Organizations of all shapes and sizes need to rapidly build (or buy), deploy, and operate secure, resilient applications to stay competitive. Cloud computing has revolutionized how companies do this with modern, cloud native practices. But many applications don’t just run in the cloud, they run across the vast, distributed landscape that defines customer environments today. Coles, an Australian supermarket retailer, needed to streamline their development and update process for the applications their customers depend on whether they are in-store, online or engaged in a hybrid experience using their mobile app. Emirates Global Aluminium needed to optimize production, support advanced AI and automation solutions, enhance cost savings by applying intelligence at the edge, and optimize processing for massive amounts of real-time readings from sensors, machinery, and production lines. Delivering on the needs of organizations like Coles and Emirates Global Aluminum requires specific technologies that help teams reduce complexity and increase release velocity across the application development lifecycle. I like to think of these in three groups, representing areas of investment for us today and moving forward. As customers invest in applications to fuel their business, many of these solutions come from the broad ecosystem of independent software vendors (ISVs). We are taking an ecosystem approach, helping ISVs to develop and market modern, Arc-enabled applications. This is why I am very excited to announce our Azure Arc ISV partner program and our first set of Arc-enabled applications in the Azure Marketplace. Below is a full list of the announcements we are making for this space at Ignite: Announcements New capabilities for the development of enterprise-class Kubernetes applications Azure Container Storage: At the edge, customers experience multiple challenges with data: sharing, resiliency, storage capacity, space management, and cloud connection, among others. We are proud to announce Azure Container Storage enabled by Azure Arc (ACSA), a first-party Kubernetes native Arc extension designed to solve these customer edge storage needs. ACSA offers high availability and fault tolerance for Kubernetes clusters ReadWriteMany persistent volumes that can be provisioned as Kubernetes native Persistent Volume Claims (PVCs). Available configuration options include keeping data local or transferring it to Azure storage services, such as Blob, ADLSgen2 and OneLake Fabric. ACSA is suitable for production workloads and is available as a standard component of the Azure IoT Operations GA release. Azure Key Vault Secret Store: Customers need the confidence and scalability that comes with unified secrets management in the cloud, while maintaining disconnection-resilience for operational activities at the edge. To help them with this, the Azure Key Vault Secret Store Extension for Arc-enabled Kubernetes automatically synchronizes secrets from an Azure Key Vault to a Kubernetes cluster for offline access. This means customers can use Azure Key Vault to store, maintain, and rotate secrets, even when running a Kubernetes cluster in a semi-disconnected state. Synchronized secrets are stored in the cluster secret store, making them available as Kubernetes secrets to be used in all the usual ways—mounted as data volumes or exposed as environment variables to a container in a Pod. Azure Arc Gateway: Customers face challenges with complex network configurations and multiple endpoints, which can be difficult to manage and secure. The Azure Arc Gateway for Arc-enabled Kubernetes alleviates these issues by reducing the number of required endpoints for using Azure Arc, thereby streamlining the enterprise proxy configuration. This simplification makes it significantly easier for customers to set up their networks and leverage the full capabilities of Azure Arc. By centralizing network traffic through a single, unique endpoint, the Azure Arc Gateway not only enhances security by minimizing the attack surface but also improves operational efficiency by reducing the time and effort needed for network setup and maintenance. This centralized approach ensures that customers can manage their Kubernetes clusters more effectively, providing a seamless and consistent experience across diverse environments. Azure Monitor Pipeline: As enterprises scale their infrastructure and applications, the volume of observability data naturally increases, and it is challenging to collect telemetry from certain restricted environments. We are extending our Azure Monitor pipeline at the edge to enable customers to collect telemetry at scale from their edge environment and route to Azure Monitor for observability. With Azure Monitor pipeline at edge, customers can collect telemetry from the resources in segmented networks that do not have a line of sight to cloud. Additionally, the pipeline prevents data loss by caching the telemetry locally during intermittent connectivity periods and backfilling to the cloud, improving reliability and resiliency. Workload Identity Federation: Customers need both simplicity and strong security from their workload identity management, especially when their solutions run in or across distributed environments. Workload Identity Federation delivers this by allowing software workloads running on Kubernetes clusters to access Azure resources without using traditional application credentials like secrets or certificates, which pose security risks. Instead, you can configure a user-assigned managed identity or app registration in Microsoft Entra ID to trust tokens from an external identity provider (IdP) like Kubernetes. This authentication option eliminates the need for manual credential management and reduces the risk of credential leaks or expirations. Creating an ecosystem of Arc-enabled Kubernetes applications Azure Arc ISV partner program: Customers want the ability to utilize third-party (3P) software to build their enterprise applications on Kubernetes. Currently, customers have to run multiple scripts to install any third party application on an Arc-enabled Kubernetes cluster. We are excited to announce the launch of our Azure Arc ISV ecosystem, which enables Azure to be a one-stop-shop. Now customers can install an application that has been validated on Arc and enabled onto their cluster through the Azure portal. With the click of a button in the Azure portal, users can install MongoDB, Redis, CloudCasa, MinIO, and DataStax on their Arc-enabled Kubernetes cluster. This enables customers to develop using enterprise grade tools on top of Azure Arc. This program will enhance the developer ecosystemas we onboard more and more partners. Exciting new ways to engage and get started Join the Adaptive cloud community: Connect with professionals passionate about hybrid, multi-cloud, and edge technologies. This space is designed for those looking to engage with peers and Microsoft experts, explore the latest in Azure Arc, Azure Local, AKS, and IoT, and expand their knowledge through valuable resources and discussions. Whether you are just starting out or an industry professional, this community is the perfect platform to share insights, ask questions, and grow your skills in the evolving Adaptive cloud ecosystem. Learn more about ways to get involved on our Adaptive cloud GitHub. Join the Adaptive cloud Community LinkedIn Group Join the Adaptive cloud Community Teams Channel Visit Arc Jumpstart: Explore the resources available to help you learn what Azure Arc can do for you and your business. Recent additions include Jumpstart Drops, an opportunity to contribute to and use community contributions, and Jumpstart Agora Hypermarket an industry scenario bringing the power of the Adaptive cloud approach for retail to life. I hope you enjoy the week visiting or tuning into Microsoft Ignite. You can find a full listing of opportunities to learn more about our Adaptive cloud approach at Ignite here: aka.ms/AdaptiveCloudIgnite.
Announcing Public Preview of Workload Identity Federation for Azure Arc enabled Kubernetes clusters
Announcing the public preview of Workload Identity Federation support for Azure Arc-enabled Kubernetes clusters. This feature enhances security by allowing applications in Azure Arc enabled Kubernetes clusters to securely access Azure resources like Azure Key Vault and Azure Blob Storage without managing secrets.
