Figure 57.    Azure arc

Most organizations house traditional infrastructure like rack and stack environments running applications, databases, and server infrastructure that has been growing over the years. These environments still play an important role in the day-to-day business to provide services. There may also be one or more cloud environments like Microsoft Azure and AWS that are becoming more important to provide infrastructure and services that can scale globally across the operational landscape. Edge computing devices are gaining prominence in the connected world, and which must be managed remotely. Today, it can become a complex chore to control and govern these many environments that spread across data centers, multiple clouds, and the edge. More overhead tasks accumulate as IT administrators struggle to learn and operate various management tools.

Azure Arc, one of the breakthrough developments of Microsoft Azure services, allows users to centrally manage multiple environments across on-premises, edge, and multicloud from a single pane of glass. We can think of it like a management plane that can absorb any kind of resource to be managed under one view. Users will be able to extend their Azure management to any infrastructure, adopt cloud practices on premises, and run data and application services anywhere.

Azure Arc enables organizations to:

• Manage entire IT assets with a unified view, by projecting existing non-Azure, on premises, edge devices and other cloud resources into Azure Resource Manager.
• Manage servers, Kubernetes clusters, and databases and make them appear as though they are running in Azure.
• Regardless of the location of resources, use familiar Azure services and management capabilities.
• Along with traditional ITOps, use DevOps practices to support new cloud native patterns.

The following diagram unwraps the management ecosystem supports the Dell EMC Integrated System for Microsoft Azure Stack HCI.

Figure 58.    Managing Azure Stack HCI at scale

First, we have the Windows Admin Center with Dell OpenManage Integration extension which is the edge/local always available management console. There could be one or more instances of WAC running per physical site in the data center environment intended to manage different fleets of servers. There shall always be IT administrative tasks such as full-stack life cycle management, and more, which can run from WAC for all systems to remain up to date.

As more Azure Stack HCI clusters are deployed, there is a must manage the environment at scale in a more efficient way. Azure Resource Manager, that is, the Azure control plane, is ideally suited to this task. Because Azure Stack HCI is designed to operate as a service in Azure, one can easily integrate it with other Azure management and governance services. In short, the bridge between Azure Resource Manager and infrastructure from other hyper-scaler cloud platforms and on-premises environments is Azure Arc.

Azure arc-enabled infrastructure

Azure Arc-enabled infrastructure is simply bringing on-premises and multi-cloud infrastructure to Azure. It consists of three things:

• Servers - Azure Arc-enabled servers
• Databases - Azure Arc-enabled SQL server 
• Kubernetes - Azure Arc-enabled Kubernetes

Azure Arc-enabled servers

Azure Arc-enabled servers enables users to manage Windows and Linux machines running on either physical servers or VMs hosted outside Azure. This management experience is designed to be consistent with how you manage native Azure virtual machines. Each hybrid machine connected to Azure becomes a managed resource in Azure, is assigned a Resource ID, and made a part of the resource group. These hybrid machines can now benefit from standard Azure constructs, such as Azure Policy and applying tags.

Azure arc-enabled SQL server

Database instances of SQL server can be now managed from Azure using the Azure Arc-enabled SQL server. It extends Azure services to SQL Server instances hosted outside of Azure, in data centers, on the edge, or in a multi-cloud environment. The running SQL server instances should be registered to Azure Arc to enable Azure services.

Azure arc-enabled kubernetes

With Azure Arc-enabled Kubernetes, Kubernetes clusters located either inside or outside Azure can be attached and configured. When a Kubernetes cluster is connected to Azure Arc, it will:

• Appear in the Azure portal with an Azure Resource Manager ID and a managed identity.
• Be placed in an Azure subscription and resource group.
• Receive tags just like any other Azure resource.

Once Kubernetes clusters managed by Azure Resource Manage are onboarded into Azure Arc, IT administrators can automate creating the same configuration across all Azure Arc-enabled Kubernetes clusters. This helps to standardize the configuration of Kubernetes, at-scale across the enterprise. Azure policy shall then be used to standardize baseline configurations to be applied across the entire inventory of Azure Arc-enabled Kubernetes clusters. Through Azure Role-Based Access Control (RBAC), Kubernetes clusters can be integrated with Azure Active Directory (Azure AD) to provide role-based assignments in Azure to control authorized Connect Kubernetes running outside of Azure for inventory, grouping, and tagging.

Azure Arc-enabled Kubernetes supports the following scenarios for the connected clusters:

• Connect Kubernetes running outside of Azure for inventory, grouping, and tagging.
• Deploy applications and apply configuration using GitOps-based configuration management.
• View and monitor your clusters using Azure Monitor for containers.
• Enforce threat protection using Microsoft Defender for Kubernetes.
• Apply policy definitions using Azure Policy for Kubernetes.
• Use Azure Active Directory for authentication and authorization checks on your cluster.
• Securely access your Kubernetes cluster from anywhere without opening inbound port on firewall using Cluster Connect.
• Deploy Open Service Mesh on top of your cluster for observability and policy enforcement on service-to-service interactions.
• Deploy machine learning workloads using Azure Machine Learning for Kubernetes clusters.
• Create custom locations as target locations for deploying Azure Arc-enabled Data Services (SQL Managed Instances, PostgreSQL Hyperscale.), App Services on Azure Arc (including web, function, and logic apps) and Event Grid on Kubernetes.

For more detailed information on Azure Arc-enabled Kubernetes, see Microsoft Azure Arc-enabled Kubernetes documentation.

Azure Arc-enabled services

Azure Arc-enabled services are merely running Azure services from anywhere. It consists of two things:

• Azure Arc-enabled data services
• Azure Arc-enabled application services

Azure Arc-enabled data services

Azure Arc makes it possible to run Azure data services on-premises, at the edge, and in public clouds using Kubernetes and the infrastructure of choice. Currently, the following Azure Arc-enabled data services are available:

• SQL Managed Instance
• PostgreSQL Hyperscale (preview)

Note: Azure SQL offers several different deployment and management options across IaaS and PaaS for the SQL Server engine hosted on Azure. While Azure Arc-enabled SQL Managed Instance provides the cloud Platform-as-a-Service benefits, SQL Server on Azure Arc-enabled servers provide capabilities such as SQL Server in Azure Virtual Machines.

Azure Arc-enabled application service

Azure Arc-enabled application service lets App Service, Azure Functions, and Azure Logic Apps run on an Azure Arc-enabled Kubernetes cluster. The Kubernetes cluster can be on-premises or hosted in a third-party cloud. This approach lets app developers take advantage of the features of App Service and lets their IT administrators maintain corporate compliance by hosting the App Service apps on internal infrastructure. It also lets other IT operators safeguard their prior investments in other cloud providers by running App Service on existing Kubernetes clusters.

For more detailed information about Azure Arc, see the Microsoft Azure Arc documentation.