Azure Arc – Extending Microsoft Cloud Services To Data Center And Mainstream Cloud Platforms

Announced in November 2019 at the Ignite conference, Azure Arc has become the cornerstone of Microsoft’s hybrid and multi-cloud strategy.  Network pixabay With Arc, customers can bring existing infrastructure running on-premises or other public cloud environments into Azure’s fold. Once registered, they can manage virtual machines and Kubernetes clusters deployed […]

Announced in November 2019 at the Ignite conference, Azure Arc has become the cornerstone of Microsoft’s hybrid and multi-cloud strategy. 

With Arc, customers can bring existing infrastructure running on-premises or other public cloud environments into Azure’s fold. Once registered, they can manage virtual machines and Kubernetes clusters deployed in Azure, on-premises environments and even non-Azure cloud platforms. 

One of Arc’s key capabilities is running a subset of Azure data services in Kubernetes clusters registered with Arc. Branded as Azure Arc enabled data services, the service supports running Azure SQL Managed Instance and Azure PostgreSQL Hyperscale in on-premises data centers, multi-cloud and the edge. 

At Ignite 2020, Microsoft has announced updates to Azure Arc that include the general availability of Azure Arc enabled servers and the public preview of Azure Arc enabled data services.

According to Microsoft, Azure Arc simplifies governance and management by delivering a consistent multi-cloud and on-premises management platform. Azure Arc enables customers to manage the entire environment, with a single pane of glass, by projecting existing resources into Azure Resource Manager. Customers can manage virtual machines, Kubernetes clusters, and databases as if they are running in Azure. 

Compared to other hybrid and multi-cloud services available in the market, Azure Arc is unique. It addresses the scenarios involving both legacy virtual machines and modern Kubernetes clusters. It’s also the first offering to run managed databases in hybrid and multi-cloud environments. 

Azure Arc has three components – Arc enabled servers, Arc enabled Kubernetes clusters and Azure Arc enabled data services.  Let’s take a closer look at these components.

Azure Arc Enabled Servers

Through Azure Arc enabled servers, customers can register existing Linux and Windows servers running in virtual or bare-metal environments with the Azure control plane. The servers could be running inside an enterprise data center or IaaS environments such as Amazon EC2 or Google Compute Engine. 

Once registered, customers get a unified view of all the servers running in Azure, data center and multi-cloud environments. They can manage all the servers irrespective of their deployment target and location. 

When a new server is registered, Azure Arc pushes an agent into it, acting as the bridge between the machine and the Azure control plane. This agent continually communicates with the cloud sending the health of the machine. Customers can track the configuration through centralized inventory and audit logs. This integration also enables performance monitoring of remote servers registered with Arc. 

With all the servers under one roof, customers can create and apply policies that are automatically propagated to all the registered servers. By including non-Azure servers for threat detection, customers can proactively monitor for potential security threats using Azure Security Center.

Azure Policy guest configuration offers the ability to define and audit compliance configuration of servers such as password policy, encryption protocols and members of the admin group.  

In summary, Azure Arc enables monitoring of all the servers and managing them through centralized policy definitions. 

Azure Arc enabled servers feature is generally available. If a server is configured for policy management, Microsoft charges USD 6 per each registered server. Billing is based on the number of servers registered with the service and have one or more guest policy configurations assigned to them.

Azure Arc Enabled Kubernetes Clusters

Similar to the way servers are registered and managed through Arc, Kubernetes clusters may be attached to Arc. With this, customers can gain visibility and control of multiple Kubernetes clusters deployed in different environments. 

Azure Arc enabled Kubernetes service works with any Cloud Native Computing Foundation (CNCF) conformant distribution. Microsoft has tested Arc with some of the popular Kubernetes distributions, including RedHat OpenShift 4.3, Rancher RKE 1.0.8, Canonical Charmed Kubernetes 1.18 and AKS Engine running on Azure Stack Hub. 

By registering Kubernetes clusters with Arc, customers get three advantages – centralized inventory management, observability and consistent application/configuration deployment.

When a Kubernetes cluster is registered with Azure Arc, an agent is deployed, which sends the logs and metrics to the cloud, which can be seen analyzed in the Azure Monitoring service. The agent also listens for configuration requests targeting the cluster. 

Azure Arc enabled Kubernetes service uses an emerging trend called GitOps to maintain the desired state of application and configuration. Operators store application and configuration definitions in a YAML file or Helm chart in a Git repository accessible to the cluster. The GitOps agent deployed by Arc is pointed to the Git repository, which continually monitors for commits. When a new commit is made to the repo, the agent automatically applies the latest version of the manifests to the cluster. The agent also ensures that the desired state of application and configuration has not deviated from the current definition available in the Git repository. 

Azure Arc enabled Kubernetes service controls the Kubernetes cluster sprawl experienced by enterprise DevOps teams. By registering the clusters with Arc, enterprise IT can enforce compliance, security, and standard configuration policy. 

This service is still in the preview, with no pricing details available. 

Azure Arc Enabled Data Services

Azure Arc enabled data services component brings the managed data services such as  SQL managed instance and PostgreSQL Hyperscale to hybrid and multi-cloud environments based on Kubernetes clusters.

Since they are managed services, they receive periodic updates, patches, and new features from Microsoft. With this, On-premises databases can stay up to date while ensuring that customers maintain control. Because Azure Arc enabled data services are a subscription service, customers will no longer face end-of-support situations databases.

PostgreSQL Hyperscale deployed as a part of Arc delivers a Postgres database engine running in Kubernetes clusters in on-premises, at the edge and in public clouds. It supports self-service provisioning, elastic scale, unified management and disconnected scenarios. 

Azure Arc enabled SQL Managed Instance has near 100% compatibility with the latest SQL Server database engine. It allows existing SQL Server customers to lift and shift applications to Azure Arc data services with minimal application and database changes while maintaining data sovereignty. 

By running containerized instances of managed databases, Microsoft is leveraging Kubernetes infrastructure running in diverse environments. 

Currently, Azure Arc enabled data services is in preview mode with no pricing details announced. 

Apart from running the managed instance of SQL and Postgres databases, Arc also supports connecting existing SQL Server instances running in Windows or Linux machines to Arc. This capability is an extension of Azure Arc enabled servers feature targeting Microsoft SQL Server database machines. 

In the coming months, Microsoft is expected to announce the general availability of Arc enabled Kubernetes clusters service and Azure Arc enabled data services. Eventually, it may bring additional managed services to Arc, allowing the customers to run a subset of Azure services in hybrid and multi-cloud environments.

Next Post

DBM's Lao withdraws application in Ombudsman to avoid 'senseless' speculations

© DBM website DBM Usec Lloyd Christopher Lao Budget Undersecretary Lloyd Christopher Lao on Monday said he has already withdrawn his application for the Overall Deputy Ombudsman position. “Ang personal kong ambisyon kailanman ay hindi po mangingibabaw sa interest ng bayan at ng pamahalaan. Para manatili ang integridad ng JBC […]