Azure Arc: Extending Azure management to any infrastructure

Posted on 5 November, 2019

Partner Director, Azure Management

If you are like many of our customers, you run a mix of applications in your on-premises datacenters, in the cloud and at the edge. We have been on a journey over the last few years to bring you hybrid innovations to meet you where you are. We have invested in individual connected management services such as Azure Monitor and Azure Backup. We have also delivered a consistent platform through Azure Stack Hub, ensuring that investments made in Azure can be used in disconnected environments.

Many enterprises still face a sprawl of resources spread across multiple datacenters, clouds, and edge locations. Our customers tell us that they are looking for a cloud-native control plane to inventory, organize, and enforce policies for their IT resources wherever they are, from a central place.

At Microsoft Ignite this week, we're taking another major step forward with our hybrid technology. We are announcing Azure Arc, a set of technologies that extends the control plane of Azure out to on-premises, multi-cloud environments and edge. Azure Arc enables customers to have a central, unified, and self-service approach to manage their Windows and Linux Servers, Kubernetes clusters, and Azure data services wherever they are. Azure Arc also extends adoption of cloud practices like DevOps and Azure security across on-premises, multi-cloud, and edge. In addition to extending the control plane for management, Azure Arc enables customers to run Azure data services anywhere.

Extend Azure management across your environments

Hundreds of millions of Azure resources are organized, governed, and secured daily by customers using Azure Resource Manager. Azure Resource Manager is the control plane in Azure that provides robust deployment, management, and governance capabilities with Azure Cloud Shell, Azure portal, API, role-based access control (RBAC) and Azure Policy for all Azure resources.

A key aspect of Azure Arc is the work we’ve done to extend Azure Resource Manager beyond Azure so that customers have a central and unified approach to manage Windows and Linux Servers, Kubernetes clusters and Azure data services at scale across on-premises, multi-cloud, and edge.

Azure Resource Manager and Azure Arc graphic

Azure Arc extends Azure management across on-premises, multi-cloud, and edge

Using Azure Arc to govern across environments

To illustrate the above scenarios of Azure Arc, let's take a look at a large financial organization that has sprawling server-based IT systems and Kubernetes clusters deployed in datacenters, private, and public clouds. The sprawl creates difficulty to have visibility across their environment and makes it harder to manage, govern and meet compliance requirements.

With Azure Arc, they can manage servers and Kubernetes clusters to get the following benefits:

  • Asset organization and inventory of Windows and Linux Servers, Kubernetes clusters and Azure services with a unified view in the Azure portal and API
  • Universal governance of customer resources through Azure Policy
  • Standardized role-based access control (RBAC) across systems and different types of resources
  • Enable application owners to apply and audit their applications to meet compliance requirements
  • Ability to measure and remediate compliance at scale and down to the individual application, server, or cluster

Adopting cloud practices on-premises

Azure provides cloud DevOps and cloud-native configuration management at scale for all Azure resources. Such cloud practices are optimized for developers that need immediate and programmatic access to resources to create new cloud-native applications. Azure Arc extends these capabilities to any infrastructure across on-premises, multi-cloud, and edge environments. Developers can build containerized apps with the tools of their choice and IT teams can use configuration as code to ensure that the apps are deployed, configured, and governed uniformly using GitOps-based configuration management across on-premises, multi-cloud, and edge.

Screenshot of OnPrem Configuration management

Adopt cloud practices like config management at scale

Deploy to and manage multiple locations at scale

To illustrate the above scenario of Azure Arc, let's take a look at a retailer with 100s of stores that would like to move all in-store applications to containers running on a Kubernetes clusters. They are faced with the challenge of how to uniformly deploy, configure, and manage their containerized applications across multiple locations.

Image of Azure Resource Manager and Azure Arc text with globeWith Azure Arc, IT and development teams can manage the app in existing stores, and quickly light up a new location by automating error-prone and procedural tasks. Additionally, they get the following benefits:

  • At scale configuration and deployment based on Azure subscriptions, resource groups, and tags
  • GitOps-based model for deploying configuration-as-code to one or many clusters
  • Application deployment and update at scale
  • Source control based safe deployment practices when rolling out new applications and configurations
  • Freedom for developers to use the tools they are familiar with

Implement Azure security anywhere

We know the importance of security and compliance to businesses, so we brought our leadership in cloud security to on-premises, multi-cloud and edge with Azure Arc. We built Azure Arc to bring capabilities and practices such as RBAC, Azure activity log for auditing actions, Azure Lighthouse for secure delegated management and enforcement of security policies through Azure Policy.

Screenshot of RBAC check access

Get started

We will be sharing more updates on Azure Arc at Microsoft Ignite this week. To learn more about Azure Arc, visit the Azure Arc page.

If you're at Microsoft Ignite this week, please attend the following sessions to learn more:
BRK 2208 Introduction to Azure Arc on Tuesday, Nov 05 at 11:45 am ET
BRK 3327 Azure Arc: Extend Management and Governance on Wednesday, Nov 06 at 1:00 PM ET

You can get started right away by previewing management of Windows and Linux servers across on-premises, multi-cloud, and edge right away. Join the preview to get started with managing Windows and Linux Servers anywhere using Azure Arc.

Sign up for more information on Azure data services anywhere enabled by Azure Arc, and management of Kubernetes clusters by Azure Arc.


Azure. Invent with purpose.