Azure Arc and Microsoft’s Multi-cloud Play: Overview


Azure Arc, the hybrid and multi-cloud platform was announced at the Ignite conference last year. Below listed is an analysis of Azure Arc along with features and key scenarios it enables for enterprise customers.

The platform Azure Arc is said to deliver 3 capabilities namely- managing VM’s outside Azure, management and registering Kubernetes clusters that are deployed within and out of Azure and the last one being- running managed data services based on Azure SQL and PostgreSQL IN Kubernetes cluster that are registered with Azure Arc.

Azure Arc for Servers – Bring your own machine to the cloud 

With Azure Arc for servers, you can connect Linux and Windows (physical and virtual) machines facilitated outside of Azure as an resource with Azure control plane.

Whenever an external machine is made to connect to Azure, it turns to become hybrid, connected machine, that’s taken as a resource in Azure. Each of the machine that’s connected has an Azure resource identifier- managed as a part of the resource group inside the subscription.

It’s quite easy to register a machine with Azure Arc. All you need to do is install the Azure Connected Machine Agent that’s available for both Windows and Linux OS. The Azure Control plane receives a heartbeat periodically indicating that it’s ready to accept configuration changes.

It’s deployed in a variety of OS environments including Ubuntu 16.04, Windows Server 2012 R2, Red Hat Enterprise Linux 7, SUSE Linux Enterprise Server 15 and Amazon Linux 2. 

The registered machines are actually listed within the same Azure resource group that has native Azure VMs running within the public cloud. Customers can apply labels to any VM within the resource group to incorporate or exclude them during a policy. Participating machines are often audited by an Azure Policy and an action are often taken supported the result.

For example, an enterprise IT team can impose a policy to make sure that each one Linux machines only have SSH-enabled accounts and disable those accounts that use passwords. This policy are going to be run on all the Linux machines belonging to a resource group regardless of their location.

The Connected Machine agent are often managed through Microsoft Update on a Windows machine and by manually upgrading the agent on the Linux machine.

Azure Arc-enabled Kubernetes – Bring your own Kubernetes cluster to the cloud

Similar to how VMs are often onboarded to Azure, Kubernetes clusters are often brought into the fold of Azure Arc.

Customers can easily attach Kubernetes clusters running anywhere outside of Azure to Azure Arc. This includes bare-metal clusters running on-premises, managed clusters like Amazon EKS and Google Kubernetes Engine, and enterprise PaaS offerings like Red Hat OpenShift and Tanzu Kubernetes Grid.

Similar to the Connected Machine agent pushed to a VM, Azure Arc deploys an agent under the azure-arc namespace. It does exactly what the VM agent does – await configuration requests. aside from that, the Arc agent running during a Kubernetes cluster can send telemetry to Azure Monitor. The telemetry includes inventory, Kubernetes events, container std{out; err} logs, and node, container, Kubelet, and GPU performance metrics.

Once the agent is deployed during a Kubernetes cluster, it can participate within the GitOps-based configuration management and policy updates.

For example, a cluster administrator can roll out a policy to stop privileged pods from running during a specific namespace.

Applications and configurations that impact all the clusters are often pushed via the GitOps model. GitOps encourages maintaining and versioning configuration along side the ASCII text file during a ASCII text file management system like GitHub or GitLab. A deployment agent within the Kubernetes cluster watches the changes made to the repository and immediately synchronizes the changes.

Microsoft is counting on Flux, an open source GitOps deployment tool which is currently a neighborhood of the Cloud Native Computing sandbox project.

With GitOps, cluster administrators can centrally manage a spread of mundane tasks like the creation of namespaces, RBAC, registry secrets and more.

Azure Arc-enabled Kubernetes ensures that the workloads match the specified state of the configuration by monitoring the drift and automatically applying the specified changes.

Azure Arc-enabled Kubernetes comes with three capabilities:

Global inventory management – you’ll onboard all the Kubernetes clusters regardless of their deployment location to manage them from one location.

Centralized workload management – With Azure Arc, it’s possible to roll out applications and configuration to many registered clusters with one plan to the ASCII text file repository.

Policy-driven cluster management – make sure that the cluster runs the policies by centrally governing and auditing the infrastructure.

Microsoft has partnered with Red Hat, SUSE, and Rancher to officially bring OpenShift, SUSE CaaS and Rancher Kubernetes Engine to Azure Arc.

Key takeaways

With Azure Arc, Microsoft has taken a special approach to hybrid and multi-cloud. It’s leveraging its strong public cloud footprint and enterprise presence to create a solid bridge between on-premises infrastructure and cloud.

Azure Arc’s simplicity and transparency will convince enterprises to adopt the platform. Unlike other hybrid environments, Azure Arc onboards VMs and Kubernetes clusters to public cloud with only one command.

Microsoft scores additional points for adopting the open source Flux project because the choice of GitOps tool for Azure Arc. It brings transparency to the platform while providing confidence to users.

Have more thoughts to add? Tell us in the comment’s section.

Leave a Reply

Your email address will not be published. Required fields are marked *