microsoft / azure_arc Goto Github PK

Description

Support for a lightweight Rancher k3s in VMware vSphere deployment with Arc connectivity using Terraform

Implementation Requirments

• Lightweight VM for fast provisioning
• Parameterize deployment using Terraform
• Azure Arc connectivity instructions
• Detailed README
• Reference in the main README

Description

Support for a lightweight MicroK8s deployment guide with Arc connectivity

Implementation Requirements

• Lightweight for fast provisioning
• Parameterize deployment wherever possible
• Azure Arc connectivity instructions
• Detailed README
• Clear screenshots
• Reference in the main README

Description

Support for a lightweight Ubuntu Server AWS EC2 instance deployment with Arc connectivity using Terraform

Implementation Requirments

• Lightweight VM for fast provisioning
• Parameterize deployment using Terraform
• Azure Arc connectivity instructions
• Detailed README
• Reference in the main README

Supporting Docs

Please refer to the supported Azure Arc supported OS

Is your feature request related to a problem? Please describe.
Use Azure Policies to create GitOps configuration on AKS Azure Arc connected cluster.

Describe the solution you'd like
Create documentation on how to use an Azure Policy to deploy GitOps configuration on AKS Azure Arc connected cluster in order to deploy a sample app.

Additional context
https://docs.microsoft.com/en-us/azure/governance/policy/concepts/policy-for-kubernetes#install-azure-policy-add-on-for-azure-arc-enabled-kubernetes

Description

Support for a lightweight Windows Server AWS EC2 instance deployment with Arc connectivity using Terraform

Implementation Requirments

• Lightweight VM for fast provisioning
• Parameterize deployment using Terraform
• Azure Arc connectivity instructions
• Detailed README
• Reference in the main README

Supporting Docs

Please refer to the supported Azure Arc supported OS

Description

Support for a lightweight Ubuntu Server GCP VM deployment with Arc connectivity using Terraform

Implementation Requirments

• Lightweight VM for fast provisioning
• Parameterize deployment using Terraform
• Azure Arc connectivity instructions
• Detailed README
• Reference in the main README

Supporting Docs

Please refer to the supported Azure Arc supported OS

Describe the bug
When deploying the ARM template, I get a specific error about the AgentPoolK8sVersionNotSupported: "Version 1.17.3 is not supported in this region. Please use [az aks get-versions] command to get the supported version list in this region. For more information, please check https://aka.ms/supported-version-list"

To Reproduce
Steps to reproduce the behavior:

1. Go to 'azure_arc/azure_arc_k8s_jumpstart/docs/'
2. Click on 'aks_arm_template.md'
3. Scroll down to 'Deployment'
4. Deploy the ARM template
5. See error:

{'additionalProperties': {}, 'code': 'InvalidTemplateDeployment', 'message': "The template deployment 'arcaksdemo01' is not valid according to the validation procedure. The tracking id is '*********-***-***-***-*********'. See inner errors for details.", 'target': None, 'details': [{'additionalProperties': {}, 'code': 'AgentPoolK8sVersionNotSupported', 'message': 'Provisioning of resource(s) for container service testinganotheraks in resource group Arc-K3s-Demos failed. Message: {\n "code": "AgentPoolK8sVersionNotSupported",\n "message": "Version 1.17.3 is not supported in this region. Please use [az aks get-versions] command to get the supported version list in this region. For more information, please check https://aka.ms/supported-version-list"\n }. Details: ', 'target': None, 'details': None, 'additionalInfo': None}], 'additionalInfo': None}

Expected behavior
A new AKS cluster in a new Azure Resource Group is created.

Screenshots

How to resolve error
To fix the bug, I went into the ARM template 'azuredeploy.json', scrolled down and found "kubernetesVersion" and changed the default value to a version available in the Azure region. I found available Kubernetes versions by running the command az aks get-versions -l <The region you are deploying to>

Agent onboarding fails with error "You must be root to execute /usr/bin/azcmagent"

Fix is to add sudo to onboarding line to each of the script templates.

Describe the solution you'd like
Documentation on how to deploy & managed Azure SQL Managed Instance Arc resource on Azure Kubernetes Service (AKS)

Describe alternatives you've considered
N/A

Additional context
https://docs.microsoft.com/en-us/azure/azure-sql/managed-instance/quickstart-content-reference-guide

rename https://github.com/likamrat/azure_arc/tree/master/azure_arc_k8s_jumpstart/azure

Description

Create Helm-based Azure Arc GitOps flow for AKS

Implementation Requirements

• Parameterize deployment wherever possible
• Detailed README & instructions
• Reference in the main README

Supporting Docs

https://docs.microsoft.com/en-us/azure/azure-arc/kubernetes/use-gitops-with-helm

https://github.com/likamrat/azure_arc/blob/master/azure_arc_k8s_jumpstart/docs/onboard_k8s.md

Issues:

• When creating RG: only specific Locations work

Connected cluster resource creation is supported only in the following locations: eastus, westeurope, eastus2euap. Use the --location flag to specify one of these locations.

Recommendations:

• az ad sp create-for-rbac generates string with quotes in it which can cause script to fail. Might be worth noting. I thought it used to generate a GUID for the password.
• Don’t use separate script for install. Makes assumptions about OS, packager (e.g. Linux, snap)
  • Recommend listing prereqs instead like you did for Provider

Scenario to demonstrate update management support for Linux servers projected in Azure via Azure Arc

Will include documentation to help new Arc users understand how to deploy and configure Update Management on an Ubuntu server hosted outside of Azure.

Placing resources in resource groups by cloud provider will avoid requiring users who are running multiple Terraform plans from having to deal with terraform import to update current tfstate with existing resources.

Description

Support for a lightweight AKS cluster deployment with Arc connectivity using Terraform

Implementation Requirments

• Lightweight cluster for fast provisioning
• Parameterize deployment using Terraform
• Azure Arc connectivity instructions
• Detailed README
• Clean screenshots
• Reference in the main README

Description

Support for a lightweight Windows Server GCP VM deployment with Arc connectivity using Terraform

Implementation Requirments

• Lightweight VM for fast provisioning
• Parameterize deployment using Terraform
• Azure Arc connectivity instructions
• Detailed README
• Reference in the main README

Supporting Docs

Please refer to the supported Azure Arc supported OS

Description

Create basic Azure Arc GitOps flow for GKE

Implementation Requirements

• Parameterize deployment wherever possible
• Detailed README & instructions
• Reference in the main README

Supporting Docs

https://docs.microsoft.com/en-us/azure/azure-arc/kubernetes/use-gitops-connected-cluster

Description

Support for a lightweight Amazon Linux 2 Server AWS EC2 instance deployment with Arc connectivity using Terraform

Implementation Requirements

• Lightweight VM for fast provisioning
• Parameterize deployment using Terraform
• Azure Arc connectivity instructions
• Detailed README
• Reference in the main README

Supporting Docs

Please refer to the supported Azure Arc supported OS

Description

Support for a lightweight GKE k8s cluster deployment with Arc connectivity using Terraform

Implementation Requirments

• Lightweight cluster for fast provisioning
• Parameterize deployment using Terraform
• Azure Arc connectivity instructions
• Detailed README
• Reference in the main README

Description

Support for a lightweight EKS k8s cluster deployment with Arc connectivity using Terraform

Implementation Requirments

• Lightweight cluster for fast provisioning
• Parameterize deployment using Terraform
• Azure Arc connectivity instructions
• Detailed README
• Reference in the main README

Description

Support for a lightweight Ubuntu Server VMware vSphere deployment with Arc connectivity using Terraform

Implementation Requirments

• Lightweight VM for fast provisioning
• Parameterize deployment using Terraform
• Azure Arc connectivity instructions
• Detailed README
• Reference in the main README

Supporting Docs

Please refer to the supported Azure Arc supported OS

Description

Create basic Azure Arc GitOps flow for AKS

Implementation Requirements

• Parameterize deployment wherever possible
• Detailed README & instructions
• Reference in the main README

Supporting Docs

https://docs.microsoft.com/en-us/azure/azure-arc/kubernetes/use-gitops-connected-cluster

Description

Support for a lightweight kind deployment guide with Arc connectivity

Implementation Requirements

• Lightweight for fast provisioning
• Parameterize deployment wherever possible
• Azure Arc connectivity instructions
• Detailed README
• Clear screenshots
• Reference in the main README

Is your feature request related to a problem? Please describe.
Prometheus can be used to collect metrics of applications deployed within the cluster. Azure Monitor can be used to collect metrics of the Azure control plan in relation to Arc for K8s resource. There needs to be a way to synthesis both these metrics collector to visualize on a single pane of glass.

Describe the solution you'd like
Create documentation on how to enable Prometheus, Grafana and Azure Monitor within an Arc for K8s enabled cluster. Also create documentation demoing a scenarios where a sample app emits metrics to Prometheus and Grafana visualizes metrics collected by Prometheus as well as metrics collected by Azure Monitor of Arc for K8s Azure resource.

Implementation Requirements
Helm template to deploy Prometheus Operator + Configuration
Helm template to deploy Grafana + Configuration
K8sconfiguration to push helm template to Arc for K8s clusters
K8sconfiguration to deploy an App that uses deployed Prometheus and Grafana along with Azure monitor to demo functionality

Describe alternatives you've considered
N/A

Additional context
N/A

Description

Support for a lightweight EKS k8s cluster deployment with Arc connectivity using ARM template

Implementation Requirments

• Lightweight cluster for fast provisioning
• Parameterize deployment using Terraform
• Azure Arc connectivity instructions
• Detailed README
• Clean screenshots
• Reference in the main README

Is your feature request related to a problem? Please describe.
Use Azure Policies to onboard Azure Arc enabled VMs on Azure Services such as Monitoring, Sentinel, Security Center, etc as first class citizens in Azure.

Describe the solution you'd like
Create documentation on how to use an Azure Policy to deploy the MMA to Azure Arc connected VMs. Automating the onboarding on non-Azure VMs both Linux and Windows.

Describe alternatives you've considered
Using Azure CLI to assign the policy and remmediation task. The policy will be an initiative "Enable Azure Monitor"

Additional context
N/A

Is your feature request related to a problem? Please describe.
Users access the API using kubectl, client libraries, or by making REST requests. Both human users and Kubernetes service accounts can be authorized for API access. How do I restrict/manage that once the K8s cluster is a registered Arc cluster.

A clear and concise description of what you want to happen.
Documentation to illustrate how this can be enabled and a demo scenario that showcases this happening.

Describe alternatives you've considered
Can this be done via an AAD integrated cluster? If so then that can be an alternative if the K8s identities are managed by AAD and the enforcing agent against K8s API is Azure RBAC policy on AAD identities.

Implementation Requirements
Template/script that sets up remote Arc for K8s cluster to adhere to this requirement.
Sample App to illustrate RBAC enforcing functionality.
Template/script to deploy sample app and its configuration.

Additional context
Add any other context or screenshots about the feature request here.

Describe the solution you'd like
Documentation on how to deploy a "Ready to Go" Azure Arc Data Services environment with EKS using Terraform

Describe alternatives you've considered
N/A

Additional context
N/A

This repo will be migrated to the Microsoft GitHub organization

Is your feature request related to a problem? Please describe.
Run scripts on remote, non-Azure VMs from the portal, both for Linux and Windows servers.

Describe the solution you'd like
Create documentation on how to use an ARM template to run a custom script to Azure Arc connected VMs. In Linux change the MOTD file and for Windows deploy additional software.

Describe alternatives you've considered
ARM template to define the resource and Azure CLI for the deployment.

Additional context
N/A

Is your feature request related to a problem? Please describe.
Use Azure Policies to create GitOps configuration on GKE Azure Arc connected cluster.

Describe the solution you'd like
Create documentation on how to use an Azure Policy to deploy GitOps configuration on GKE Azure Arc connected cluster in order to deploy a sample app.

Additional context
https://docs.microsoft.com/en-us/azure/governance/policy/concepts/policy-for-kubernetes#install-azure-policy-add-on-for-azure-arc-enabled-kubernetes

Describe the solution you'd like
Documentation on how to deploy a "Ready to Go" Azure Arc Data Services environment with EKS using Terraform

Describe alternatives you've considered
N/A

Additional context
N/A

Is your feature request related to a problem? Please describe.
No, it is not.

Describe the solution you'd like
This describes how to deploy a "Ready-to-Go" environment with PostgreSQL Hyperscale server group deployed on Azure Arc

Describe alternatives you've considered
Not applicable to this feature

Additional context
The environment for this scenario is the Azure Kubernetes Service

Describe the solution you'd like
Documentation on how to deploy a "Ready to Go" Azure Arc Data Services environment with Azure Ubuntu VM & Kubeadm

Describe alternatives you've considered
N/A

Additional context
N/A

Is your feature request related to a problem? Please describe.
Show the process of onboarding VMs on Azure Arc using Ansible

Describe the solution you'd like
Provide a playbook and a description on how to automate the onboarding of VMs on Azure Arc

Describe alternatives you've considered
One playbook and multiple tasks to be agnostic of the operating system. Make sure that for Linux it is agnostic of the distro

Additional context
NA

Is your feature request related to a problem? Please describe.
Add scenario for Azure Sentinel on Azure Arc enabled Servers

Describe the solution you'd like
Describe the onboarding experience of Azure Arc enabled Servers on Azure Sentinel, and showcase if there are any specific scenarios

Describe alternatives you've considered
None

Additional context
None

Change to "Install or upgrade Azure CLI to the latest version" in all relevant README

Description

Create guide for Azure Monitor for containers with Azure Arc GKE connected cluster

Implementation Requirements

• Parameterize deployment wherever possible
• Detailed README & instructions
• Reference in the main README

Supporting Docs

https://docs.microsoft.com/en-us/azure/azure-arc/kubernetes/deploy-azure-monitor-for-containers

Description

Support for a lightweight Windows Server VMware vSphere deployment with Arc connectivity using Terraform

Implementation Requirments

• Lightweight VM for fast provisioning
• Parameterize deployment using Terraform
• Azure Arc connectivity instructions
• Detailed README
• Reference in the main README

Supporting Docs

Please refer to the supported Azure Arc supported OS

Is your feature request related to a problem? Please describe.
Onboard Azure Arc enabled VMs on Azure Services such as Monitoring, Sentinel, Security Center, etc as first class citizens in Azure.

Describe the solution you'd like
Create documentation on how to use an ARM template to deploy the MMA to Azure Arc connected VMs. Automating the onboarding on non-Azure VMs both Linux and Windows.

Describe alternatives you've considered
ARM template to define the resource and Azure CLI for the deployment.

Additional context
N/A

Description

Support for a lightweight Minikube deployment guide with Arc connectivity

Implementation Requirements

• Lightweight for fast provisioning
• Parameterize deployment wherever possible
• Azure Arc connectivity instructions
• Detailed README
• Clear screenshots
• Reference in the main README

Description

Create Helm-based Azure Arc GitOps flow for GKE

Implementation Requirements

• Parameterize deployment wherever possible
• Detailed README & instructions
• Reference in the main README

Supporting Docs

https://docs.microsoft.com/en-us/azure/azure-arc/kubernetes/use-gitops-with-helm

Description

Support for a lightweight Azure Red Hat OpenShift cluster deployment with Arc connectivity using Azure ARM template

Implementation Requirments

• Lightweight cluster for fast provisioning
• Parameterize deployment using ARM template
• Azure Arc connectivity instructions
• Detailed README
• Reference in the main README

MMAExtension will fail to deploy without python-ctypes.

Is your feature request related to a problem? Please describe.
No

Describe the solution you'd like
The aks_arm_template.md instructions currently use a service principal. I'd like to see instructions using Managed Identity instead.

Describe alternatives you've considered
n/a

Additional context
MI is simpler to use.

Description

Support for onboarding Log Analytics agent (MMA extension) for Linux VMs projected in Azure from AWS/GCP

Implementation Requirements

• Onboard Linux VMs with Log analytics agent using az cli
• Detailed README
• Clear screenshots
• Reference in the main README

Description

Create guide for Azure Monitor for containers with Azure Arc AKS connected cluster

Implementation Requirements

• Parameterize deployment wherever possible
• Detailed README & instructions
• Reference in the main README

Supporting Docs

https://docs.microsoft.com/en-us/azure/azure-arc/kubernetes/deploy-azure-monitor-for-containers

Is your feature request related to a problem? Please describe.
Automate and describe the onboarding of Azure Arc connected machines on Azure Security Center

Describe the solution you'd like
Create documentation on how to enable Azure Security Center within an Azure Arc connected machine. Also create documentation demoing a scenario enabled by Azure Security Center

Describe alternatives you've considered
ARM template
leverage already existing scenarios

Additional context
N/A

Describe the solution you'd like
Documentation on how to deploy a "Ready to Go" Azure Arc Data Services environment with Azure Kubernetes Service (AKS)

Describe alternatives you've considered
N/A

Additional context
N/A

Description

Support for tagging projected resources

Implementation Requirements

• Create tag taxonomy example using "functional" approach as documented here - https://docs.microsoft.com/en-us/azure/cloud-adoption-framework/decision-guides/resource-tagging/
• Apply tags to resources projected in Azure from AWS and GCP
• Detailed README
• Clear screenshots
• Reference in the main README