Azure Arc: Redmond's tool to wrangle services wherever they are – on-premises, cloud, your basement, in the pub...

Plus summary of everything else announced at Windows titan's Florida shindig

Ignite Microsoft has announced Azure Arc, which extends the Azure management portal to embrace services running on-premises or on other clouds.

“Extend Azure management and security to any infrastructure,” says the announcement, but this bold claim overstates what has been made available in preview.

There are currently two parts to Azure Arc. One is the ability to add Windows or Linux servers to the Azure Resource Manager, wherever they are running, including on-premises, or on other clouds such as Amazon Web Services (AWS) or Google Cloud Platform (GCP). This is agent based, so you can perform operations on the servers, via the Azure portal or scripting, but not on the hosting environment.

This means that you can deploy applications or manage patches and updates, but actions such as creating, deleting or resizing VMs are not available through Azure, according to Microsoft staff here at the tech goliath's Ignite conference in Florida, USA. That said, Azure Corporate VP Julia White said that “We’re working with VMware specifically to make sure there’s a good integration experience,” raising the possibility of a deeper integration. It is a major limitation though.

Azure Arc lets you extend Azure management to a hybrid or multi-cloud environment

Azure Arc lets you extend Azure management to a hybrid or multi-cloud environment ... Source: Microsoft

You can also add Kubernetes (K8s) clusters. It is a similar story; you can use the K8s API to orchestrate containers but you cannot carry out infrastructure actions such as scaling the cluster.

This means that it is not equivalent to the management available for Azure Kubernetes Service (AKS). If the K8s open source community agrees a common API for scaling clusters, then Azure could in future use it, but Microsoft does not want to depend on third-party APIs.

The second part of Arc is the ability to deploy and manage Azure SQL database or Azure PostgreSQL on any K8s cluster, whether on premises or on other public clouds. In this case you do have the ability to do scaling, monitoring, updates, backups and diagnostics.

Currently no other Azure services are supported, but in future it might make sense to add further services such as Azure App Service, for running web applications, or Azure Functions for serverless applications.

Microsoft’s intent is to allow developers to use the Azure model but with more flexibility about where an application is deployed. “If you’ve written an application for Azure SQL database, for example, you can run that application in multiple places,” said White. She also said that scaling Azure data services could include bursting up to Azure itself when needed.

The new Project integrates with Power BI for progress visualisation

Microsoft welcomes ancient Project app to the 365 family, meaning bleak future for on-prem


Another key aspect is security and compliance. You can apply Azure policies and role-based access control to Azure Arc services, subject only to the limitations mentioned above, that this applies to what can be done through server agents or through the K8s API. All the data security available through Azure SQL or PostgreSQL can be used.

“The core of Azure Arc is taking the capabilities of Azure Resource Manager and enabling that to stretch into a datacenter, into other clouds, and onto edge devices,” said White.

The billing model for Azure Arc has not yet been announced, though White indicated that it would follow a similar pattern to that for Azure Stack, where services are discounted versus Azure equivalents to allow for the fact that the customer is responsible for the infrastructure.

Azure Arc is perhaps an indication of Microsoft’s intention to extend the reach of its cloud model so that Microsoft platform resources look more like Azure resources wherever they happen to be running, and to extend the scope of subscription-based billing. In its current form though, it is a long distance away from the concept of managing multi-cloud environments via Azure. ®

Speaking of Microsoft Ignite... here's a quick summary of everything else noteworthy announced so far at this week's conference, which kicked off on Monday:

  • Visual Studio Online is now available as a public preview – and preview 3 of Visual Studio 2019 version 16.4 and Visual Studio 2019 for Mac version 8.4 Preview 2 are also available for download. Furthermore, Visual Studio 2019 IDE features for connecting to cloud environments are in private preview: ask nicely for access.
  • To provide folks with more powerful and interesting ways to query large amounts of data, Microsoft has rolled out something called Azure Synapse Analytics.
  • A load of new features for Redmond's Power Platform were announced, including Virtual Agents aka a no-code or low-code framework for developing chat bots for support desks and the like. There's also an extra bunch of pre-built models in AI Builder. Microsoft Flow has been renamed to UI flows within Power Automate, which allows users to, you guessed it, automate tasks by recording and playing back desktop actions.
  • And further along the lines of AI, Microsoft 365 is powering up something called Project Cortex, a machine-learning-based tool that reorganizes your data into piles of related stuff.
  • For those concerned about security and authentication, the Windows giant has emitted a shed load of updates on this front, from an insider risk management tool to Azure Firewall Manager now in preview.
  • Microsoft is teasing a new iOS and Android mobile Office app, and allowed Cortana to read out your emails from Outlook on Apple devices.
  • We're told Yammer has been "completely redesigned," and Microsoft 365's Search has been improved. A release candidate for the Chromium-flavored Edge is available to download. Plus a wad of other bits and bytes: our vultures at Ignite will go into greater depth over the course of the week.

Similar topics

Other stories you might like

  • Battlefield 2042: Please don't be the death knell of the franchise, please don't be the death knell of the franchise

    Another terrible launch, but DICE is already working on improvements

    The RPG Greetings, traveller, and welcome back to The Register Plays Games, our monthly gaming column. Since the last edition on New World, we hit level cap and the "endgame". Around this time, item duping exploits became rife and every attempt Amazon Games made to fix it just broke something else. The post-level 60 "watermark" system for gear drops is also infuriating and tedious, but not something we were able to address in the column. So bear these things in mind if you were ever tempted. On that note, it's time to look at another newly released shit show – Battlefield 2042.

    I wanted to love Battlefield 2042, I really did. After the bum note of the first-person shooter (FPS) franchise's return to Second World War theatres with Battlefield V (2018), I stupidly assumed the next entry from EA-owned Swedish developer DICE would be a return to form. I was wrong.

    The multiplayer military FPS market is dominated by two forces: Activision's Call of Duty (COD) series and EA's Battlefield. Fans of each franchise are loyal to the point of zealotry with little crossover between player bases. Here's where I stand: COD jumped the shark with Modern Warfare 2 in 2009. It's flip-flopped from WW2 to present-day combat and back again, tried sci-fi, and even the Battle Royale trend with the free-to-play Call of Duty: Warzone (2020), which has been thoroughly ruined by hackers and developer inaction.

    Continue reading
  • American diplomats' iPhones reportedly compromised by NSO Group intrusion software

    Reuters claims nine State Department employees outside the US had their devices hacked

    The Apple iPhones of at least nine US State Department officials were compromised by an unidentified entity using NSO Group's Pegasus spyware, according to a report published Friday by Reuters.

    NSO Group in an email to The Register said it has blocked an unnamed customers' access to its system upon receiving an inquiry about the incident but has yet to confirm whether its software was involved.

    "Once the inquiry was received, and before any investigation under our compliance policy, we have decided to immediately terminate relevant customers’ access to the system, due to the severity of the allegations," an NSO spokesperson told The Register in an email. "To this point, we haven’t received any information nor the phone numbers, nor any indication that NSO’s tools were used in this case."

    Continue reading
  • Utility biz Delta-Montrose Electric Association loses billing capability and two decades of records after cyber attack

    All together now - R, A, N, S, O...

    A US utility company based in Colorado was hit by a ransomware attack in November that wiped out two decades' worth of records and knocked out billing systems that won't be restored until next week at the earliest.

    The attack was detailed by the Delta-Montrose Electric Association (DMEA) in a post on its website explaining that current customers won't be penalised for being unable to pay their bills because of the incident.

    "We are a victim of a malicious cyber security attack. In the middle of an investigation, that is as far as I’m willing to go," DMEA chief exec Alyssa Clemsen Roberts told a public board meeting, as reported by a local paper.

    Continue reading

Biting the hand that feeds IT © 1998–2021