Searching in

Enter search term to find items
to navigate, to select, and to close

Azure Arc for Kubernetes: Unified Hybrid Cloud Management

Posted on by Nithin Mohan TK 3 min read

Azure Arc for Kubernetes extends Azure’s control plane to any conformant Kubernetes cluster – whether it’s running on-premises, in other clouds, or at the edge. After months of working with Arc in preview, I want to share practical insights on when and how to use it effectively.

What Azure Arc Actually Does

When you connect a Kubernetes cluster to Azure Arc, an agent runs in your cluster that maintains a connection to Azure. This enables:

flowchart TB
    subgraph Azure["Azure Control Plane"]
        ARM[Azure Resource Manager]
        POLICY[Azure Policy]
        MONITOR[Azure Monitor]
        GITOPS[GitOps Config]
    end
    
    subgraph OnPrem["On-Premises Data Center"]
        K1[Production K8s]
        A1[Arc Agent]
    end
    
    subgraph AWS["Amazon Web Services"]
        K2[EKS Cluster]
        A2[Arc Agent]
    end
    
    subgraph Edge["Edge Location"]
        K3[K3s Cluster]
        A3[Arc Agent]
    end
    
    ARM --> A1
    ARM --> A2
    ARM --> A3
    POLICY --> A1
    POLICY --> A2
    POLICY --> A3
    GITOPS --> A1
    GITOPS --> A2
    GITOPS --> A3
    
    style Azure fill:#E3F2FD,stroke:#1565C0,stroke-width:2px
    style ARM fill:#E8F5E9,stroke:#2E7D32
    style POLICY fill:#FFF3E0,stroke:#E65100

GitOps Configuration Management

One of Arc’s most powerful features is GitOps-based configuration management using Flux. You point Arc at a Git repository containing Kubernetes manifests, and it continuously syncs that configuration to your clusters.

# Connect a cluster to Azure Arc
az connectedk8s connect --name my-cluster --resource-group arc-rg

# Create a GitOps configuration
az k8s-configuration create \
  --name cluster-config \
  --cluster-name my-cluster \
  --resource-group arc-rg \
  --cluster-type connectedClusters \
  --scope cluster \
  --url https://github.com/myorg/k8s-config \
  --branch main \
  --enable-helm-operator

Every commit to your Git repo automatically applies to all connected clusters. This is infrastructure as code taken to its logical conclusion.

Azure Policy at Scale

Azure Policy for Kubernetes (powered by Gatekeeper/OPA) lets you enforce policies across all Arc-enabled clusters. Example policies:

  • All containers must come from approved registries
  • No privileged containers allowed in production namespaces
  • All pods must have resource limits defined
  • Ingress must use HTTPS

Policies are defined once in Azure and automatically applied to all connected clusters. Violations show up in Azure Security Center.

Monitoring Integration

Container Insights works with Arc-enabled clusters. You get the same monitoring experience – logs, metrics, and container health – regardless of where your cluster runs. This is huge for operations teams managing diverse environments.

When to Use Azure Arc

Arc makes sense when you have:

  • Multiple Kubernetes clusters you want to manage consistently
  • Regulatory requirements keeping workloads on-premises
  • Multi-cloud strategies with clusters in different providers
  • Edge/IoT scenarios with distributed clusters

Key Takeaways

  • Azure Arc provides a single control plane for Kubernetes clusters anywhere
  • GitOps enables declarative, Git-based configuration management
  • Azure Policy enforces governance across your entire fleet
  • Monitoring and security integrate with existing Azure tools

References

Discover more from C4: Container, Code, Cloud & Context

Subscribe to get the latest posts sent to your email.

Posted in Uncategorized
Tagged ,

Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.