In this blog we are going to look at Arc Enabled VMs where you can deploy and manage VMs on your on-premises Azure Stack HCI Clusters, directly from Azure.
You can do what now?
Yes, that’s right, you can use the Azure Portal to deploy and control VMs on your local infrastructure clusters. This functionality is at the heart of Microsoft’s plan to enable a consistent deployment and management experience from Azure.
What does it mean for me?
If you’re already invested in Azure or are planning to move to Azure in future, then this could offer a lot more flexibility by opening up a consistent architecture to bring common tooling to manage your Servers and Applications.
People need more options than cloud only
Not too long ago there was a lot of hype and a push to move everything to the cloud. I think it’s fair to say that this was a bit of a ‘blinkered’ view and there are some genuine reasons why resources are needed to be kept on-premises, for example latency, data sovereignty and security. I won’t discuss these reasons in this blog, as the point here is that previously if you wanted to keep resources on-premises then that meant a second set of tooling for deployment, management and monitoring compared with the resources you had in the cloud and that caused additional overheads and challenges to operate and maintain.
Microsoft’s answer – Azure Arc
Azure Arc is a bridge that extends the Azure platform to help you build applications and services with the flexibility to run across datacenters, at the edge, and in multicloud environments.
Please see the following link for more information directly from Microsoft:
https://azure.microsoft.com/en-us/products/azure-arc/#product-overview
With Azure Arc, you can onboard Windows and Linux Servers into your Azure tenant, no matter where they run. This can be physical, virtual, on AWS, GCP, on-premises, etc. Azure Arc works by installing an agent on the local server and configuring it to communicate with your Azure environment. For more information, please follow this link:
https://learn.microsoft.com/en-us/azure/azure-arc/servers/onboard-portal
The main aim of Azure Arc is to be able to bring all of your resources, no matter where they are running, into the same management plane. This is massively important and beneficial as it can help you end server sprawl, ensure resources are patched and secured, ensure policies are applied to comply with your governance requirements, and perhaps most importantly control access to your resources. Having this management in one place is something we should all be aspiring to!
But how does this work with Azure Stack HCI?
Azure Stack HCI servers are Arc enabled out of the box. This means that when you register a new Cluster to Azure, the cluster nodes will be automatically onboarded to Azure without the need to perform the steps int he previous section.
If you then want to Arc Enable the VMs individually running on the Azure Stack HCI clusters, using Arc for Servers, you can onboard them as per these steps above.
Great, but how is that different from Arc Enabled VMs?
As alluded to at the beginning of this blog, Arc enabled VMs on Azure Stack HCI enables you to use the Azure Portal as the Control plane for VMs running on your on-premises clusters. Once configured you will be able to deploy VMs to you on-premises clusters directly from the Port or via ARM Templates. You can then control those VMs (e.g. start, stop, add, remove, change settings) and eventually be able to configure access to them in the same way as you would configure access to any other Azure Resource. using Arc for Servers, on the other hand, is when you onboard the guest OS directly in Azure by interacting with the guest OS itself.
To get Arc Enabled VMs working requires the deployment of the ‘Resource Bridge’ to your Azure Stack HCI Cluster.
The Resource Bridge
The resource bridge is a packaged virtual machine, which hosts a management Kubernetes cluster that requires no user management. This virtual appliance delivers the following benefits:
- Enables VM self-servicing from Azure without having to create and manage a Kubernetes cluster.
- Fully supported by Microsoft, including updates to core components.
- Designed to recover from software failures.
- Supports deployment to any private cloud hosted on Hyper-V or VMware from the Azure portal or using the Azure Command-Line Interface (CLI).
All management operations are performed from Azure, so no local configuration is required on the appliance.
Please follow this link for more information on the Resource Bridge:
https://learn.microsoft.com/en-us/azure/azure-arc/resource-bridge/overview