Panel: HCS on Azure with Microsoft
Aug 10, 2020
Kubernetes co-creator and Corporate Vice President at Microsoft, Brendan Burns, joins HashiConf to discuss HCS on Azure.
- Brendan BurnsKubernetes co-founder, Microsoft Azure
Rob Barnes: So now, we're moving on to one of my highly anticipated moments of this whole conference. We have a live Q & A discussion panel with the one, the only, the legend, Brendan Burns, the co-founder of the Kubernetes open source product. I can't believe I have this guy here with us. This is absolutely amazing. Thank you very much for joining us. I'm really happy you're here with us, and with that, I'm going to pass it over to Domi to kick us off.
Dominique Top: Amazing. Thank you so much. And Brendan, please thank you so much for joining us. Normally you would get a standing ovation and all that kind of stuff, but in this case you have to deal with me.
Brendan Burns: It's all right. It's all right. I can handle it.
Dominique Top: So let me kick off with the first question because we have limited time. So HCS is currently in public beta. Could you tell me a bit more about the story behind its creation and how Microsoft and HashiCorp came together to build this?
Brendan Burns: Sure. So, I think that one of the things that's always been really important to me is this idea that our cloud can't be successful unless we have partners who can be successful on Azure. And so a big part of what my team has been doing for a long time has been building infrastructure to try and make it easier for people to deliver services on top of Azure. And, I've known the HashiCorp folks for a really long time and really appreciated both the software that they've built, the great communities that they've built around their software.
Brendan Burns: And so it was just a natural fit to come together and help build a Consul service that can be used with the Azure community service or with Azure VMs and really deliver something that worked great for both our shared customers. So it was a really fantastic opportunity and I'm really grateful to them as well because they've helped us a lot too and given us a ton of feedback about what has worked well and what are areas that we could improve the service. So, it's just been a fantastic partnership, really happy with it.
Dominique Top: You know what I say, teamwork makes the dream work. So in the community, there is a lot of talk about the operational complexity with Kubernetes. Could you share with us your thoughts on how users may find ways to make that easier?
Brendan Burns: Yeah, I mean, I think we would always recommend people run a managed Kubernetes, it's just easier. Right? In fact, actually just over this last weekend, I thought to myself, "Oh, you know what?" I was running Debian 9. I have a cluster in my house and I was running Debian 9 on the cluster. And I thought, "Well, it's getting a little old. I guess I should upgrade to Debian 10," and eight hours later, my cluster was finally operational again. And I think that, that gives you an example of all the little things that can go wrong that you don't necessarily anticipate or expect to go wrong. And so when you're thinking about a managed service, whether it's for Kubernetes, as with the Azure community service or with the consult service on Azure, the great thing is you have people who their primary job is to help you with things like that, is to automatically take care of an upgrade for you and let you focus on building your applications.
Brendan Burns: So I think like any other, I mean really any piece of software, if you can get somebody else to take responsibility for it, that's probably the right thing to do so that you can focus on your core business application because I'm not going to sit down and write your business application for you. I can't do that. So, I think that's the great thing about the managed service, it takes away all that complexity for you. Lets you focus on the building of the application, which can be equally complicated, but of course is a task for the customer.
Dominique Top: Yeah, 100% agree. If it's for yourself at home, it's one thing to spend eight hours on, but if that means that you can't actually do the thing that you want to do in an operational environment at work, then yeah, it's just a lot to say for a managed services like that. Just to double check because I'm assuming there's going to be some questions from the audience. Rob, have we got anything for Mr. Burns?
Rob Barnes: Unfortunately nothing's come through, which is really, really strange to me, but I'm sure it will come through. If you do have any questions for Brendan or for anything related to HCS on Azure, please do get those questions in and I'll do my best to ask Brendan directly for you. Back to you Domi.
Dominique Top: Thank you. All right, so next question I would like to ask you is where do you think the future of Microsoft and HashiCorp working together, what does that look like in your opinion?
Brendan Burns: Well, I think we're going to continue. Obviously we're going to get the Consul service up to GA, but also collaborate around things like Terraform. We have a ton of people who use Terraform as their solution for managing their applications, especially in hybrid environments where you may be potentially managing things on premise as well as in the cloud. I'm really excited about Azure Arc, which is sort of our way of extending the Azure control plane to be able to manage devices that are not in Azure, but are on-premise, so be able to manage that Kubernetes cluster that's in my basement for example.
Brendan Burns: And of course, because it's the Azure control plane, you can use Terraform to manage that, so now I can potentially use Terraform or any other kind of tool to manage this cluster that's in my basement, so that's pretty cool. But as I said, it's always just been a really great partnership and a great collaboration. And so, I'm sure other stuff that the future will bring and I'm just excited to be able to hang out and work with people, to help our returning customers.
Dominique Top: Amazing. The feeling is mutual. So you mentioned a few things about your home lab. What else do you have in your home lab?
Brendan Burns: What else do I have? Well, I have a bunch of like sensors. I kind of have a bunch of these... It turns out I hadn't done Arduino for a long time, but you can buy these wifi enabled Arduino chips for like eight bucks. They're incredibly cheap and attach to temperature and humidity and all that kind of thing. So I kind of went nuts with that and have a bunch of those sensors plugged in around the house and outside and have the control for the wifi network is running on that cluster too and things like that. So, I mean, it's hobby for sure. There weren't a lot of customers who... When I had eight hour downtime, there weren't a lot of customers who were upset at me. Fortunately the wifi was still working, so the rest of my family was not upset at me, but it's a good way to kind of keep your hand in.
Dominique Top: Yeah. Cool. Well, I hope it's not just a lockdown hobby. I think we finally got some questions in, so throwing it back to Rob to ask you some audience questions.
Rob Barnes: Thank you very much. Again, just like London buses, wait for ages and loads come through at the same time. So the first question is, is the variety of Consul in HCS the FL slash open source version or does it include Consul Enterprise features? I think that's a really good question.
Brendan Burns: I'm pretty sure that you can bring your Enterprise subscription to the Consul service. I think most of what we focus on from the Azure perspective is sort of delivering the infrastructure that helps it be delivered. The HashiCorp team are the ones who are sort of responsible for bringing the service and the characteristics of the software.
Rob Barnes: Yeah, that makes perfect sense. Obviously the different layers, it's like the shared responsibility model essentially.
Brendan Burns: Yeah, exactly.
Rob Barnes: Sort of translating that, so yeah. It makes perfect sense. Okay. So we have another question which is, where can I find guidance on Consul on AKS? So I don't think this is specifically about HCS as a managed service. I think it's more about turning their own Consul to AKS.
Brendan Burns: I mean obviously AKS is just Kubernetes, so any instructions you find out there about how to run Consul and Kubernetes will work on AKS? I do know however that in the Consul docs, there's some great docs about how to hook up a Consul connect with AKS as a service mesh. And as we're talking about earlier, although obviously you can run Consul on top of the AKS, there's a lot of good reasons for running it as a managed service as well. So if you... Yeah definitely, if you're going down that route, it's always easier I think to click a couple things or run a command on the command line and have a managed service running for you, but obviously any instructions you can find too. And I know there are some out there on HashiCorp's site about how to run Consul on Kubernetes, so those will work with AKS.
Rob Barnes: Brilliant. Yeah, I have to agree with that. If you can sort of shut away the complexity and make that someone else's responsibility, ultimately your life will always be a lot easier going forward, so I definitely agree with that.
Brendan Burns: Yeah. Yeah.
Rob Barnes: Okay, so we have another question. This is a newbie question and there's an apology in there, but you don't need to be sorry. I'm brand new to Consul and have a Kubernetes / Vault background. Why should I use Consul and why should I use it on Azure?
Brendan Burns: Well, I mean, obviously Consul on Azure is a part of building a broader application on Azure. So we think we have a really great cloud platform. I don't think you would necessarily just run Consul. I think you're going to run or use our cognitive services, use our Kubernetes service, use our database services as a environment in which you build your application. Consul is really great for sort of integrating different services together with authentication that service discovery. So an example would be, let's say you have a database and it's maybe even an on-premises database, but you want to build a cloud native application in Kubernetes. You want that to be secure. You want to be able to transit network traffic across in a secure way from an in the cloud Kubernetes cluster to on-premise database where staying on-premises for legacy reasons or whatever.
Brendan Burns: The Consul service is fantastic at doing that sort of thing. It's a really great way to sort of bridge between services implemented in different environments or inside the same Kubernetes environment if you need TLS security or anything else that a service mesh can provide for you. So I think that's why you would look at it in general, and then obviously we believe that Azure is a great platform for building applications and pulling together not just Consul, but all of the other kinds of services that are available on Azure.
Rob Barnes: Amazing. Thank you very much, and we have one last question from the audience. Any ideas, if there are plans for Nomad in Azure too as a managed service?
Brendan Burns: We don't have any current plans, but of course, one of the reasons why we built this general platform is to enable people to deliver whatever software they want, right? So we don't necessarily put up rules about what can be run as part of our managed applications platform. And we have a lot of customers who come along and deliver their applications through that manage applications platform. And so if it turns out there's the customer desire there, we always listen to the customer and if it makes sense to do, obviously we enjoy the partnership and so it'd be a fun thing to do.
Rob Barnes: Amazing. Thank you very much. With that, I'm going to throw it back to my co-host, Domi.