Azure

What is Azure Arc Management and Governance?

What is Azure Arc Management and Governance? A look at this great new single control plane to manage your Azure and on-premises environments

One of the major announcements coming from Microsoft’s Ignite conference was the introduction of Azure Arc. This announcement is especially interesting to those that are looking to consolidate management, governance, and security of their Windows, Linux, and Kubernetes workloads across their environments. These environments can span across on-premises, edge, and cloud environments. In this post, let’s dive into the topic What is Azure Arc Management and Governance and see how this new solution can benefit your hybrid environment.

What is Azure Arc Management and Governance?

Azure Resource Manager is the mechanism used to provision and manage resources in your Azure subscription. While many customers love the functionality and abilities they get from Azure Resource Manager in their Azure environments, up until now, this construct has only been available in the Azure environment.

So, what is Azure Arc management and governance? Azure Arc extends Azure Resource Manager outside of the Azure environment. Essentially, this gives you one control plane for managing all resources, both inside Azure and outside.

Azure Arc is an umbrella for three different services:

  • Azure Arc for Servers
  • Azure Arc for Kubernetes
  • Azure Arc for Data Services

This is a powerful announcement since it will allow customers who are already used to and familiar with using the Azure Resource Manager in their Azure environments to extend this functionality down to on-premises environments wherever they may live.

There are many great benefits to this, but first and foremost, this allows a single pane of glass for management. What about compliance? It will allow you to extend compliance policies as well as monitoring compliance for your on-premises resources inside of your Azure environment.

The Azure policy page allows you to easily create guest configuration policies. This is like the next-generation of Group Policy. It doesn’t require servers to be domain joined. Most settings can be audited within the Azure policy page. You can then easily see which resources are compliant and those that are not compliant.

Whether in Azure or not, you have a consolidated view of the servers and which ones are not compliant, etc. And more importantly, you are able to manage the servers wherever they may be located, regardless of the environment, or the underlying technology. Keep in mind as well, this includes Windows Server, Linux, and Kubernetes no matter if they are running on-premise, in any public cloud, etc.

What Problem Does Azure Arc Solve?

What is the problem statement or needs that Azure Arc is addressing? Customer environments are becoming extremely complex and intricate. There are hundreds to thousands of applications, diverse infrastructure components. This can include multiple hypervisors, edge environments, containers, and even now, multi-cloud environments and multi-cloud solutions.

Todays-environments-have-much-sprawl-between-infrastructure-and-applications
Today’s environments have much sprawl between infrastructure and applications (Image courtesy of Microsoft)
  • Customers have lacked the tools to govern, secure, and maintain these diverse environments across the board.
  • Azure Arc allows you to run Azure data services anywhere. This allwos running cloud innovation running on any Kubernetes environment, cloud billing model, and scalability in seconds.
  • Azure Arc allows effectively extending the Azure control plan and plugging your resources into it. This allows you managing it as you would any other resource inside Azure.

Azure Arc allows:

  • Adopting cloud practices on-premises. If you are using Kubernetes or virtual machines, you can put the governance and policies of the cloud in place so developers can innovate.
  • Azure Arc helps to ensure your architecture is secured no matter where or what it is.

Azure Arc Use Cases

There are three use cases that Azure Arc helps to unlock for customer environments:

  • Organize and govern across environments – Get Kubernetes clusters and servers that are sprawling across clouds, datacenters and edge under control by centrally organizing and governing from a single tool
  • At-scale Kubernetes app management – Deploy and manage Kubernetes applications at scale across environments using DevOps techniques. Ensure that applications are deployed and configured consistently from source control, at scale
  • Run data services anywhere – Deploy and manage data services where you need it from latency or compliance reasons. Always use the most current technology and semalessly manage and secure your data assets across on-premises, clouds and edge.

Currently the Servers piece is available for public preview. However, you can also request to have access to the Kubernetes and Data Service solutions as they become available.

Azure Arc Solutions

With legacy tools, customers have treated the different types of environments as individual and standalone environments with their own sets of management tools and disaggregated visibility.

Azure Arc breaks down these barriers that have long existed with managing your resources across on-premises environments and hybrid clouds.

Azure-Arc-services-and-management-to-any-infrastructure
Azure Arc services and management to any infrastructure (Image courtesy of Microsoft)

Azure Arc solutions:

  • Asset organization and inventory with a unified view in the Azure Portal
  • Universal governance anywhere through Azure Policy
  • Built-in server compliance rules
  • Central compliance view across all servers
  • Server owners can view and remediate to meet their compliance
  • MSPs can implement governance for their customer’s environments
Cloud-native-governance-across-all-resources-whether-in-cloud-or-on-premises
Cloud-native governance across all resources whether in cloud or on-premises (Image courtesy of Microsoft)

How Do You Get On-Premises Servers Into Azure Arc?

Microsoft has really thought about the workflow required to get your on-premises resources into Azure Arc. To onboard your servers that may exist on-premises, Azure Arc has a simple wizard-ized workflow that allows generating a script that can be ran on your on-premises resources to onboard the devices into your Azure Arc environment.

Login to your Azure environment and simply search for “Arc” and you will see the Azure Arc blade presented in the search results. Click this and you will be taken to the landing page for Azure Arc.

Click Manage servers.

Manage-your-servers-in-Azure-Arc
Manage your servers in Azure Arc

This will bring you to two boxes to either generate an interactive script or add machines at scale.

Generate-the-interactive-script-to-run-on-your-servers-for-Azure-Arc-onboarding
Generate the interactive script to run on your servers for Azure Arc onboarding

Selecting the interactive script, this brings you to the wizard to create the script. This is a five-step process that takes you through selecting your subscription, resource group, region, operating system, proxy server, tags, and then reviewing and generating the script.

Azure-Arc-interactive-script-generator-to-onboard-servers-into-Azure-Arc
Generate the interactive script to run on your servers for Azure Arc onboarding

Wrapping Up

What is Azure Arc management and governance? This is a great new solution available from Microsoft in their Azure platform that many are calling a game changer. Having the ability to have a single control plane in one location that can manage and control compliance across your environments no matter what technology they live on or in is powerful. Can you imagine managing your VMware vSphere VMs, EC2 instances, Azure VMs, on-premises Kubernetes clusters, and Hyper-V VMs in your Azure Arc blade logged into Azure? That is super cool.

Azure Arc Resources:

Subscribe to VirtualizationHowto via Email ๐Ÿ””

Enter your email address to subscribe to this blog and receive notifications of new posts by email.



Brandon Lee

Brandon Lee is the Senior Writer, Engineer and owner at Virtualizationhowto.com, and a 7-time VMware vExpert, with over two decades of experience in Information Technology. Having worked for numerous Fortune 500 companies as well as in various industries, He has extensive experience in various IT segments and is a strong advocate for open source technologies. Brandon holds many industry certifications, loves the outdoors and spending time with family. Also, he goes through the effort of testing and troubleshooting issues, so you don't have to.

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.