Hybrid Dev, Compute & Management Updates with Azure Arc

Create new workloads and bring them into production anytime, anywhere.

Run what you need, where you need it.

Already using Windows Admin Center to manage your servers?

Watch our video here.

Video Transcript:

- Coming up, we’ll take a closer look at updates for building and running your hybrid workloads on Azure with Azure Arc. Including updates to Kubernetes development that make it easy to leverage Azure services and target hybrid infrastructure for deployment, how you can now run business critical data workloads using Azure SQL Managed Instance on-premises, manage your hybrid infrastructure automatically, wherever it’s running with Azure Automanage, and directly interact with your servers on-premises and across clouds with the new Azure Portal-integrated Windows Admin Center. So today for most of us, hybrid architecture is just a fact of life. There will always be some combination of on-premises infrastructure, along with edge locations like branch offices or even devices running on the edge with IoT. You might also be using services across multiple public clouds, and although it can lead to more complexity, hybrid architectures are often needed to achieve compliance, data sovereignty and to solve for latency. The good news is that now you can build your apps and workloads to run anywhere and get the benefits of Azure services using Azure Arc. Which, if you’re new to it, it serves as a bridge to unify management across your data centers, edge compute, and across other clouds. Common services and tools provide a foundation for consistency in the development, operations and security of both your new and existing applications. And beyond management, it extends core Azure services to your new or existing hardware on-premises and to other clouds. And, to remove silos, it provides a unified control plane for a full end-to-end view over everything you have running to eliminate management overhead. This gives you freedom as a developer to create new workloads in the Azure cloud, using cloud-native tools and then bring into production what you build, including core Azure services to on-premise infrastructure or even to other clouds when you need to. All of this helps erase the need for specialized expertise, tools, and processes and workloads that were once developed in different locations, using different technology stacks and different management tools. And today I’ll give you a quick tour of newly Arc-enabled services and infrastructure so that you can build your own cloud-native apps and workloads to run what you need, where you need it. I’ll start with a few updates we’re making to the integrated tool set as you build cloud-native apps on Kubernetes, wherever you need your containers to run. So let me show you what’s possible. I’m in the Azure Portal and you can see we have four different Arc-enabled Kubernetes clusters. The first one is using Cluster API. The second is Rancher K3S and the last two run Azure Kubernetes Service. All of these are running on-premises. Not only can we manage these different Kubernetes distributions with Azure Arc, but then using extensions we can also take advantage of other Azure services and related services like GitHub. In fact, here, you can see, I have Open Service Mesh GitOps and other Azure extensions configured. For example, this extension for “flux” running on Cluster API Kubernetes ensures that it’s always up to date with any committed changes in my GitHub repo. And I’ll navigate to this one for Open Service Mesh. And this extension allows me to easily manage traffic between different app versions. One of the biggest advantages of container architectures is that you can seamlessly roll out updates to your apps without any downtime. So let’s give it a try using two extensions with our Arc-enabled cluster. Here, you can see I have two versions of our bookstore app. Version one is currently receiving all of the traffic. Now let’s test out our extensions and version two of our app by moving over to GitHub. I’ll change the backend weight here, so that version one will receive 75% of the traffic, and version two will get 25%. Now I just need to commit the changes and that’s it. If I hop back to my live traffic view you’ll see that version two is now handling the traffic as it ramps toward 25%. So as a developer, you can unlock services like these and more, on your Arc-enabled Kubernetes clusters wherever they’re running. And in addition to containers using Azure Arc, you can now provision and manage Arc enabled VMs in Virtual Machine Manager environments, in addition to VMware vSphere infrastructure. So you’ll have visibility and management over your Arc-enabled on-premises VMs right from the Azure Portal. Moving on now to data you can run Azure SQL Managed Instance Business Critical on your hardware anywhere you need to store and transact your data. The Business Critical tier is built for mission critical workloads requiring the most demanding performance, high availability and security. Here, you’re seeing my Azure Arc SQL managed instances located on my on-premises data centers. I’ll click into this 001 instance. And you’ll see that the service tier is configured as Business Critical. And in my case, there are three replicas and built-in high availability. Azure Arc provisions this automatically, using the number of replicas and compute you selected as you created it. Automation also extends to Upgrade Management and keeping the instance up to date. Even though in this case, it’s running on-premises, just like a PaaS database, updates and upgrades are managed by the service. Now let’s take a look at what’s behind the High Availability Architecture. Everything is running in Kubernetes. I’ll run a simple command to get pods and you’ll see our three replicas and our high availability orchestrator. Another advantage with this is that because the SQL Managed Instance is in Azure Arc, as a developer, you can connect to it like any other managed instances running in Azure. And because it’s also on-premises, you’ve got that flexibility to read from or write to it on the local network. And of course, Azure Arc brings the Azure control plane to all of your connected infrastructure and services. And we’ve shown how this unifies policy management in previous shows on Mechanics. So today, I’ll highlight a few of the recent updates. First, Microsoft Defender for Cloud helps you manage your security posture and workload protections for all of your Azure on-premises and multi-cloud resources with actionable insights and recommendations to ensure your resources are compliant. Then to action those recommendations and more, Azure Automanage builds on this as a unified solution to simplify management. It lets you automate operations. best practice configuration and apply consistent policies across management services to all of your Windows servers and Linux virtual machines. You can enable Automanage from the Azure portal. Let me show you a few highlights of the controls that are behind these default policies. What you’re seeing here are the service categories with the best practice settings that get configured. Using custom profiles, you can build your own tailored settings. In fact, here’s one we created earlier just to show a few of the controls, such as backup policies anti-malware, insights monitoring, and update management. And from here, I’ll navigate to the machines tab. And this is where you can assign your Automanage profile. Notice these are machines located in Azure, as well as Arc enabled servers outside of Azure. I’ll go ahead and select my servers and then choose review and create, and then confirm. And that’s it. Now all of my Automanage policy settings get applied. Additionally, with policy definitions, like this one you can set up automatic enrollment as new machines are onboarded by Azure Arc. Oh, and one more thing. If you’re using the Windows Admin Center to manage your Windows servers, you can now do this right from within the Azure portal, for both Azure hosted and Arc-enabled VMs. This lets you directly monitor and interact with core operating system functions and even remotely manage your servers over PowerShell and RDP. Here I am in the Azure Portal, looking at an on-premises Arc-enabled Windows server. Notice the new option on the left for Windows Admin Center. Let’s set this server up for remote management. I’ll keep the usual defaults for listening port and hit install. And note, I don’t need a VPN, public IP, or direct connection to securely access the server. Once it’s ready, I just need to connect. Then once I’m in, I have access to all of my Windows Admin Center controls and performance monitors. I can look at my certificate status, interact with it directly via PowerShell and even access the server using Remote Desktop, all from the browser and the Azure portal. So those are a few highlights of how hybrid development and management across Azure, on-premises, edge and multi-cloud services and infrastructure are enabled through Azure Arc. This helps you by bringing massive scale, flexibility, tooling and cloud-native experiences to run anywhere while getting the full benefits of the cloud-native Azure services. To try everything out for yourself, check it out at aka.ms/AzureArc and start a trial. And our Azure Arc Jumpstart also lets you get quickly up and running with Azure Arc scenarios. You can find that one at aka.ms/ArcJumpstart. And of course, keep checking back to Microsoft Mechanics for all of the latest updates and be sure to subscribe if you haven’t already. And as always thank you for watching.



Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store