Azure

Microsoft Azure Local: New Azure Stack HCI Replacement!

Microsoft Azure Local is the latest offering that enables organizations to run Azure services on-premises for enhanced security and compliance.
Brandon Lee1 hour agoLast Updated: November 21, 2024
5 minutes read
Azure local
Azure local

Lots of news coming out of Microsoft Ignite 2024. Microsoft has announced a new offering, Azure Local which is a new solution that is taking the place of Azure Stack HCI. It will continue the functionality of allowing organizations to deploy Azure cloud services at physical locations due to various reasons, whether they have requirements for keep data local, enhanced security needs, or compliance. Let’s take a closer look at what the solution is and how it works.

Table of contents

What is Azure Local?

First, what is it exactly? If you are familiar with Azure Stack HCI, it is very similar and is taking its place. It is a cloud-connected local infrastructure offering that allows organizations to run their compute, storage, and networking services, including their applications on-premises.

Below is an overview of the solution from Microsoft:

Azure local solution overview
Azure local solution overview

It makes use of Microsoft’s Azure arc solution that provides Azure cloud management of these resources that live on-premises or in edge locations. There are many hardware options and configurations that can be used with Azure Local and it benefits from updates, and other features that are enabled by Azure.

Note the following benefits below:

  1. Management – The benefit with Azure Local is customers can manage their infrastructure like it was a native Azure resource. These show up in the Azure portal and have APIs that can be used for deployment and updates, along with monitoring. These tools help to eliminate complicated on-premises tools and infrastructure for management.
  2. Deployment – Azure Arc is front and center with Azure Local. When the machines are connected in the on-premises environment with Azure Arc, then you can deploy the nodes with a simple process using Windows Admin Center. Clusters can be configured in terms of storage and networking and then applications can be deployed and scaled easily, even using Azure Resource Manager templates.
  3. Updates – You benefit from Azure Update manager that allows updating not only Windows, but also firmware packages and driver updates. With multi-node clusters, updates are not disruptive as these can be done in a rolling fashion.
  4. Monitoring – Azure Local integrates with Azure Monitor for comprehensive observability. It provides over 50 metrics, customizable dashboards, and alert rules. Users can track utilization and set up automated actions for hardware failures, ensuring proactive management.
  5. Application support – Microsoft has designed Azure Local for both traditional workloads (virtual machines), and modern workloads (running on Kubernetes).
    • VM Support: Companies have many options with VM HA and scalability, as well as integration with Azure Arc for benefits like Microsoft Defender for Servers and also using things like Azure Monitor.
    • Kubernetes Support: You can run the Azure Kubernetes Services (AKS) on Azure Local and this allows you to have the benefits of a modern, containerized infrastructure built for support of GitOps operations and Microsoft Defender for containers.

New features included in Azure Local

Let’s look at a few of the features discussed as part of the new Azure Local offering from Microsoft. Many of these are in Preview form, so keep that in mind.

Migration from VMware (Preview)

I think this one is big, especially at this point in time, and Microsoft knows this – migration from VMware. Broadcom has essentially killed any desire to stay on VMware, with price hikes, killing VMUG, souring the vExpert program, and too many other things to note.

The new tool includes a tool that will be a migration process from VMware. It will copy and convert VMDKs to Azure Local VMs. If Microsoft gets this tool right and makes it easy, it will definitely spell more trouble for VMware.

Low-Spec Hardware Options

I think this is also an important option that Azure Local doesn’t have astronomical hardware requirements. They are supporting hardware class options like micro, tower, and rugged hardware to give organizations what they need for edge environments and with simple networking setup.

Disconnected Operations (Preview)

This is another interesting option. Azure Local has what they call disconnected operations that allows managing the entire stack locally. With this option you have the same API to interact with and you dont’ have to connect the stack to Azure.

Network Security Groups (Preview)

You now have the option to use network security groups for traffic filtering. With this option, you can control network traffic in a granular way. This will help Azure Local customers improve security in their environments.

Network security groups with azure local
Network security groups with azure local

Trusted Launch (Preview)

The Trusted Launch feature is a protection against things like rootkits, boot kits, and other malware. It uses technologies like SEcure Boot and vTPM (virtual Trusted Platform Module), and encryption technology like BitLocker.

Bitlocker turned on by default
Bitlocker turned on by default

With Trusted Launch, Azure Local VMs gain enhanced protection against rootkits and boot kits. Features like Secure Boot, virtual Trusted Platform Module (vTPM), and BitLocker integration ensure robust security.

Azure Local enforces certain security defaults and uses the Secured Core Server technologies to do this:

Security defaults with azure local
Security defaults with azure local

Below, you see a screenshot of launching a VM with trusted launch, enabling vTPM by default.

Enabling trusted launch for a virtual machine
Enabling trusted launch for a virtual machine

Automatic 100% on the Azure security score with Azure Local

One of the neat things about Azure Local is that it automatically allows you to achieve a 100% on the security score in Azure.

Scoring 100 percent in the azure security score
Scoring 100 percent in the azure security score

Azure Services you can run on Azure Local

There are several services that are mentioned that can run on top of the new Azure Local configuration. These include the following:

  • Azure Virtual Desktop: With this, you can have desktops and apps located closer to users for much lower latency experiences
  • Azure SQL Managed Instance: You can run Azure SQL managed instances on Azure Local
  • Azure IoT Operations: Run your IoT workloads in distributed configurations
  • Azure AI Capabilities (Preview): It allows you to have on-premises AI search with advanced language models for private data that uses AI and doesn’t depend on cloud connections

How do you get Azure Local?

  1. Existing Azure Stack HCI users: Azure Stack HCI admins can get Azure Local in a seamless way by applying the latest updates
  2. New Deployments: Azure Local is now GA with version 2411 and Microsoft considers it ready for production use
  3. Evaluation: You can use Azure Arc Jumpstart as a virtual sandbox for exploring Azure Local

You can download Azure Arc Jumpstart here: Azure Arc Jumpstart.

Wrapping up

It seems that Azure Local has some great new features that will take Azure Stack HCI to the next level. I think it is a smart thing for Microsoft to drop the Azure “Stack” part of the name and just go with Azure Local, since this is more than just HCI and more about running Azure services locally, which includes VMs, containers, and applications.

I do think more organizations will be exploring solutions like this with the VMware implosion by Broadcom. Time will tell, but Microsoft has just had a slow uptake on many of these types of offerings, but thinking the timing may now be right.

You can take a look at the official Azure Local blog here: Introducing Azure Local, cloud infrastructure for distributed locations enabled by Azure Arc or take a look at the Microsoft Learn page: Azure Local | Microsoft Azure.

Brandon Lee1 hour agoLast Updated: November 21, 2024
5 minutes read

Subscribe to VirtualizationHowto via Email ๐Ÿ””

Enter your email address to subscribe to this blog and receive notifications of new posts by email.



Photo of Brandon Lee

Brandon Lee

Brandon Lee is the Senior Writer, Engineer and owner at Virtualizationhowto.com, and a 7-time VMware vExpert, with over two decades of experience in Information Technology. Having worked for numerous Fortune 500 companies as well as in various industries, He has extensive experience in various IT segments and is a strong advocate for open source technologies. Brandon holds many industry certifications, loves the outdoors and spending time with family. Also, he goes through the effort of testing and troubleshooting issues, so you don't have to.

Related Articles

Create-the-Azure-Virtual-Network-Gateway

Configure Meraki to Azure Site to Site VPN

August 10, 2017
Installing-and-Connecting-PowerShell-Az-Module-with-Microsoft-Azure

Installing and Connecting PowerShell Az Module with Microsoft Azure

March 29, 2019
Creating an Azure Bastion host subnet

How to Access Azure VM from outside

February 24, 2022
Configure-Azure-Site-Recovery-Configuration-Server-for-VMware-Replication

Configure Azure Site Recovery Configuration Server for VMware Replication

August 2, 2019

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

© Copyright 2024, All Rights Reserved  | VirtualizationHowto.com