Extensions management for Azure Arc-enabled Kubernetes
This article contains key design considerations and best practices for managing extensions of Azure Arc-enabled Kubernetes deployments.
Before you read this article, be sure you understand governance principles and review Enterprise-scale for AKS so you understand the relevant concepts for using Azure landing zones in a container environment.
Architecture
You can think of extensions for Azure Arc-enabled Kubernetes as being split into two categories: extensions for Azure Arc-enabled infrastructure services and extensions for Azure Arc-enabled services. This distinction isn't explicit in individual extension names.
Keep these two categories in mind as you design your deployment of Azure Arc-enabled Kubernetes. For example, think of the Microsoft Defender for Cloud extension as an extension for Azure Arc-enabled infrastructure services, but consider the Azure App Service for Azure Arc extension as an Azure Arc-enabled services extension.
The following diagram illustrates overall integration for extensions for Azure Arc-enabled Kubernetes clusters.
Design considerations
Extension Installation
- Extensions provide extra capability to Azure Arc-enabled Kubernetes clusters. Consider your specific use case along with the following factors as you decide how to use Azure Arc-enabled Kubernetes extensions:
- Review which extensions are currently available.
- Review which extensions are built on top of Helm.
- Extensions provide extra capability to Azure Arc-enabled Kubernetes clusters. Consider your specific use case along with the following factors as you decide how to use Azure Arc-enabled Kubernetes extensions:
Update extensions
- Consider how to ensure extensions stay up-to-date over the lifespan of your cluster.
Design recommendations
Extension installation
- Standardize the way extensions are installed, whether through the Portal, Azure Policy, CLI, ARM templates, or another mechanism. Verify that extensions have been properly installed after every installation.
Update extensions
- Extensions must be periodically updated. Use the
--auto-upgrade-minor-versionflag to automatically upgrade minor versions of extensions, as described in Usage of Cluster Extensions. Refer to each extension's documentation to learn which settings can be configured during creation and update.
- Extensions must be periodically updated. Use the
Next steps
For more information about your hybrid and multicloud cloud journey, see the following articles.
- Review the prerequisites for Azure Arc-enabled Kubernetes.
- Review the validated Kubernetes distributions for Azure Arc-enabled Kubernetes.
- Learn how to Manage hybrid and multicloud environments.
- Learn how to Connect an existing Kubernetes cluster to Azure Arc.
- Review Cluster extensions to learn about Azure Arc-enabled cluster extension architecture.
- Learn how to Deploy and manage Azure Arc-enabled Kubernetes cluster extensions.
- Experience Azure Arc-enabled Kubernetes automated scenarios with Azure Arc Jumpstart.
- Learn about Azure Arc via the Azure Arc learning path.
- See Frequently Asked Questions - Azure Arc-enabled to find answers to most common questions.