Azure Arc: Redmond's tool to wrangle services wherever they are – on-premises, cloud, your basement, in the pub...
Plus summary of everything else announced at Windows titan's Florida shindig
Ignite Microsoft has announced Azure Arc, which extends the Azure management portal to embrace services running on-premises or on other clouds.
“Extend Azure management and security to any infrastructure,” says the announcement, but this bold claim overstates what has been made available in preview.
There are currently two parts to Azure Arc. One is the ability to add Windows or Linux servers to the Azure Resource Manager, wherever they are running, including on-premises, or on other clouds such as Amazon Web Services (AWS) or Google Cloud Platform (GCP). This is agent based, so you can perform operations on the servers, via the Azure portal or scripting, but not on the hosting environment.
This means that you can deploy applications or manage patches and updates, but actions such as creating, deleting or resizing VMs are not available through Azure, according to Microsoft staff here at the tech goliath's Ignite conference in Florida, USA. That said, Azure Corporate VP Julia White said that “We’re working with VMware specifically to make sure there’s a good integration experience,” raising the possibility of a deeper integration. It is a major limitation though.
Azure Arc lets you extend Azure management to a hybrid or multi-cloud environment ... Source: Microsoft
You can also add Kubernetes (K8s) clusters. It is a similar story; you can use the K8s API to orchestrate containers but you cannot carry out infrastructure actions such as scaling the cluster.
This means that it is not equivalent to the management available for Azure Kubernetes Service (AKS). If the K8s open source community agrees a common API for scaling clusters, then Azure could in future use it, but Microsoft does not want to depend on third-party APIs.
The second part of Arc is the ability to deploy and manage Azure SQL database or Azure PostgreSQL on any K8s cluster, whether on premises or on other public clouds. In this case you do have the ability to do scaling, monitoring, updates, backups and diagnostics.
Currently no other Azure services are supported, but in future it might make sense to add further services such as Azure App Service, for running web applications, or Azure Functions for serverless applications.
Microsoft’s intent is to allow developers to use the Azure model but with more flexibility about where an application is deployed. “If you’ve written an application for Azure SQL database, for example, you can run that application in multiple places,” said White. She also said that scaling Azure data services could include bursting up to Azure itself when needed.
Microsoft welcomes ancient Project app to the 365 family, meaning bleak future for on-premREAD MORE
Another key aspect is security and compliance. You can apply Azure policies and role-based access control to Azure Arc services, subject only to the limitations mentioned above, that this applies to what can be done through server agents or through the K8s API. All the data security available through Azure SQL or PostgreSQL can be used.
“The core of Azure Arc is taking the capabilities of Azure Resource Manager and enabling that to stretch into a datacenter, into other clouds, and onto edge devices,” said White.
The billing model for Azure Arc has not yet been announced, though White indicated that it would follow a similar pattern to that for Azure Stack, where services are discounted versus Azure equivalents to allow for the fact that the customer is responsible for the infrastructure.
Azure Arc is perhaps an indication of Microsoft’s intention to extend the reach of its cloud model so that Microsoft platform resources look more like Azure resources wherever they happen to be running, and to extend the scope of subscription-based billing. In its current form though, it is a long distance away from the concept of managing multi-cloud environments via Azure. ®
Speaking of Microsoft Ignite... here's a quick summary of everything else noteworthy announced so far at this week's conference, which kicked off on Monday:
- Visual Studio Online is now available as a public preview – and preview 3 of Visual Studio 2019 version 16.4 and Visual Studio 2019 for Mac version 8.4 Preview 2 are also available for download. Furthermore, Visual Studio 2019 IDE features for connecting to cloud environments are in private preview: ask nicely for access.
- To provide folks with more powerful and interesting ways to query large amounts of data, Microsoft has rolled out something called Azure Synapse Analytics.
- A load of new features for Redmond's Power Platform were announced, including Virtual Agents aka a no-code or low-code framework for developing chat bots for support desks and the like. There's also an extra bunch of pre-built models in AI Builder. Microsoft Flow has been renamed to UI flows within Power Automate, which allows users to, you guessed it, automate tasks by recording and playing back desktop actions.
- And further along the lines of AI, Microsoft 365 is powering up something called Project Cortex, a machine-learning-based tool that reorganizes your data into piles of related stuff.
- For those concerned about security and authentication, the Windows giant has emitted a shed load of updates on this front, from an insider risk management tool to Azure Firewall Manager now in preview.
- Microsoft is teasing a new iOS and Android mobile Office app, and allowed Cortana to read out your emails from Outlook on Apple devices.
- We're told Yammer has been "completely redesigned," and Microsoft 365's Search has been improved. A release candidate for the Chromium-flavored Edge is available to download. Plus a wad of other bits and bytes: our vultures at Ignite will go into greater depth over the course of the week.