What is Azure Arc Management and Governance?
One of the major announcements coming from Microsoft’s Ignite conference was the introduction of Azure Arc. This announcement is especially interesting to those that are looking to consolidate management, governance, and security of their Windows, Linux, and Kubernetes workloads across their environments. These environments can span across on-premises, edge, and cloud environments. In this post, let’s dive into the topic What is Azure Arc Management and Governance and see how this new solution can benefit your hybrid environment.
What is Azure Arc Management and Governance?
Azure Resource Manager is the mechanism used to provision and manage resources in your Azure subscription. While many customers love the functionality and abilities they get from Azure Resource Manager in their Azure environments, up until now, this construct has only been available in the Azure environment.
So, what is Azure Arc management and governance? Azure Arc extends Azure Resource Manager outside of the Azure environment. Essentially, this gives you one control plane for managing all resources, both inside Azure and outside.
Azure Arc is an umbrella for three different services:
- Azure Arc for Servers
- Azure Arc for Kubernetes
- Azure Arc for Data Services
This is a powerful announcement since it will allow customers who are already used to and familiar with using the Azure Resource Manager in their Azure environments to extend this functionality down to on-premises environments wherever they may live.
There are many great benefits to this, but first and foremost, this allows a single pane of glass for management. What about compliance? It will allow you to extend compliance policies as well as monitoring compliance for your on-premises resources inside of your Azure environment.
The Azure policy page allows you to easily create guest configuration policies. This is like the next-generation of Group Policy. It doesn’t require servers to be domain joined. Most settings can be audited within the Azure policy page. You can then easily see which resources are compliant and those that are not compliant.
Whether in Azure or not, you have a consolidated view of the servers and which ones are not compliant, etc. And more importantly, you are able to manage the servers wherever they may be located, regardless of the environment, or the underlying technology. Keep in mind as well, this includes Windows Server, Linux, and Kubernetes no matter if they are running on-premise, in any public cloud, etc.
What Problem Does Azure Arc Solve?
What is the problem statement or needs that Azure Arc is addressing? Customer environments are becoming extremely complex and intricate. There are hundreds to thousands of applications, diverse infrastructure components. This can include multiple hypervisors, edge environments, containers, and even now, multi-cloud environments and multi-cloud solutions.
- Customers have lacked the tools to govern, secure, and maintain these diverse environments across the board.
- Azure Arc allows you to run Azure data services anywhere. This allwos running cloud innovation running on any Kubernetes environment, cloud billing model, and scalability in seconds.
- Azure Arc allows effectively extending the Azure control plan and plugging your resources into it. This allows you managing it as you would any other resource inside Azure.
Azure Arc allows:
- Adopting cloud practices on-premises. If you are using Kubernetes or virtual machines, you can put the governance and policies of the cloud in place so developers can innovate.
- Azure Arc helps to ensure your architecture is secured no matter where or what it is.
Azure Arc Use Cases
There are three use cases that Azure Arc helps to unlock for customer environments:
- Organize and govern across environments – Get Kubernetes clusters and servers that are sprawling across clouds, datacenters and edge under control by centrally organizing and governing from a single tool
- At-scale Kubernetes app management – Deploy and manage Kubernetes applications at scale across environments using DevOps techniques. Ensure that applications are deployed and configured consistently from source control, at scale
- Run data services anywhere – Deploy and manage data services where you need it from latency or compliance reasons. Always use the most current technology and semalessly manage and secure your data assets across on-premises, clouds and edge.
Currently the Servers piece is available for public preview. However, you can also request to have access to the Kubernetes and Data Service solutions as they become available.
Azure Arc Solutions
With legacy tools, customers have treated the different types of environments as individual and standalone environments with their own sets of management tools and disaggregated visibility.
Azure Arc breaks down these barriers that have long existed with managing your resources across on-premises environments and hybrid clouds.
Azure Arc solutions:
- Asset organization and inventory with a unified view in the Azure Portal
- Universal governance anywhere through Azure Policy
- Built-in server compliance rules
- Central compliance view across all servers
- Server owners can view and remediate to meet their compliance
- MSPs can implement governance for their customer’s environments
How Do You Get On-Premises Servers Into Azure Arc?
Microsoft has really thought about the workflow required to get your on-premises resources into Azure Arc. To onboard your servers that may exist on-premises, Azure Arc has a simple wizard-ized workflow that allows generating a script that can be ran on your on-premises resources to onboard the devices into your Azure Arc environment.
Login to your Azure environment and simply search for “Arc” and you will see the Azure Arc blade presented in the search results. Click this and you will be taken to the landing page for Azure Arc.
Click Manage servers.
This will bring you to two boxes to either generate an interactive script or add machines at scale.
Selecting the interactive script, this brings you to the wizard to create the script. This is a five-step process that takes you through selecting your subscription, resource group, region, operating system, proxy server, tags, and then reviewing and generating the script.
Wrapping Up
What is Azure Arc management and governance? This is a great new solution available from Microsoft in their Azure platform that many are calling a game changer. Having the ability to have a single control plane in one location that can manage and control compliance across your environments no matter what technology they live on or in is powerful. Can you imagine managing your VMware vSphere VMs, EC2 instances, Azure VMs, on-premises Kubernetes clusters, and Hyper-V VMs in your Azure Arc blade logged into Azure? That is super cool.
Azure Arc Resources:
- Manage your servers with Azure Arc: https://Aka.ms/hybridmgmt
- Website: https://aka.ms/Azure-Arc-Info
- Blog: https://azure.microsoft.com/en-us/blog/azure-arc-extending-azure-management-to-any-infrastructure/
- Stay notified about Azure Arc: https://aka.ms/Azure-Arc