Oleksiy Mark - Fotolia
See if Azure Arc fits in your hybrid and multi-cloud strategy
Azure Arc is central to Microsoft's hybrid cloud strategy. Discover how it compares to competing services from AWS and Google and see where it might be headed next.
Public cloud providers want a place in your company's private data center, and they continue to churn out services to secure their spot.
Microsoft, which has a long history on premises, was ahead of the curve on the hybrid cloud trend, but it's no longer alone in this IT space. AWS, Google and other competitors have since joined the fray with capabilities that emphasize public cloud-centric deployment models deployed on premises.
To address this expanding and ever-changing demand for hybrid and multi-cloud support, Microsoft developed Azure Arc. The service is still partially in preview, but you can expect it to be a major part of Microsoft's cloud strategy in the years ahead.
Here's what you need to know about Azure Arc, where it's headed and how it might fit in your cloud strategy.
What is Azure Arc and why would my company use it?
Azure Arc is a management tool that treats all assets as cloud resources -- whether they're on Microsoft's public cloud or elsewhere.
The core of this service is Azure Resource Manager. IT teams use Azure's deployment and management service to create, organize, deploy and manage resources in Microsoft's public cloud, whether requests come from the Azure Portal, SDKs or APIs. Azure Arc uses Azure Resource Manager as an extensible framework that works on premises, in other clouds or at edge locations.
Through this centralized control plane, IT teams utilize the same configuration management, security, compliance, governance and policies across all assets -- this includes common CRUD (Create, Read, Update and Delete) policies and role-based access management. IT teams can also use Arc to expand the use of newer constructs, such as infrastructure as code and GitOps, beyond Microsoft's public cloud.
What are the primary ways to use Azure Arc?
There are three subsets of Azure Arc:
- Azure Arc enabled servers
- Azure Arc enabled Kubernetes
- Azure Data Services on Azure Arc
IT teams can use Azure Arc enabled servers to manage Windows or Linux machines hosted on a corporate network or other public clouds. Machines are given an ID as part of a resource group and are treated as another resource in Azure. To utilize this subset of Arc, you need to install an Azure Connected Machine agent on each machine and install the Log Analytics agent for functionality around policies, monitoring, configuration and more.
Azure Arc enabled Kubernetes works with clusters inside Azure or elsewhere. An attached cluster will be accessible in the Azure portal, and it will be given a resource ID. Similar to the server variant, Azure Arc enabled Kubernetes supports tagging, configuration management, monitoring and setting policies. It works with any Cloud Native Computing Foundation-certified cluster, including Azure Kubernetes Service (AKS), Google Kubernetes Engine (GKE), Amazon Elastic Kubernetes Service (EKS) and Red Hat OpenShift.
Azure Data Services on Azure Arc supports Azure SQL Database and Azure Database for PostgreSQL, which can be run on AWS, Google Cloud Platform (GCP) or inside a private data center. The data services subset could be attractive to companies that want to use Microsoft's cloud-based tools outside Azure, said Sanjeev Mohan, a Gartner analyst.
Mohan used the example of an enterprise that runs SQL Server in its data center and has data that can't move off premises. That system typically gets upgraded every two years, but with Azure Data Services, the enterprise can eliminate those biennial headaches by using a managed version that addresses backups, security, patching and upgrades.
"You can get all the elasticity and scalability and DR -- you get all the PaaS benefits while keeping your data on premises," Mohan said.
Doesn't Microsoft already have a hybrid cloud service?
Yes, it has a few, actually. Its most notable hybrid cloud service is Azure Stack, which was first announced in 2015 but wasn't generally available until over two years later. At the time, the service was seen by IT pros as a steppingstone to public cloud adoption for Windows shops who were still averse to ditching their data centers. However, it morphed into more of a niche service that complements the public cloud and its shortcomings. It comes in three flavors:
- Azure Stack Edge is an appliance you manage in the cloud. It's designed for machine learning and other compute tasks at edge locations. It's also used for IoT and data transfers.
- Azure Stack HCI is designed for enterprises that want to switch their on-premises assets into hyper-converged infrastructure. It's also used in remote branches.
- Azure Stack Hub is the rebranded version of the original Azure Stack. This private cloud can be run, connected to, or semi-disconnected from the Azure public cloud. It provides the same interface as Azure with many of the same tools, enabling workloads to move back and forth as needed. Azure Stack Hub runs on Microsoft-approved hardware from integration partners -- such as Dell EMC and Hewlett Packard Enterprise.
Microsoft's relatively early start on hybrid cloud makes sense, when looking at the cloud market. Historically, its main rivals, AWS and Google, never had on-premises relationships with customers. Microsoft, on the other hand, had been selling on-premises software for decades. And while it made a major transition to the cloud in recent years, it's in no position to ditch such a fundamental component of its business.
Microsoft has adapted some of its most popular legacy offerings to the cloud, including Active Directory, Office, SQL Server and Visual Studio. It has also added newer services that work across Microsoft cloud boundaries, such as Azure DevOps and Azure Security Center.
So why does Microsoft need yet another hybrid cloud offering?
Azure Stack was built when most enterprise cloud adoption largely followed the "lift and shift" approach to migration, treating platforms like AWS and Azure as an undifferentiated hosting environment. But a business-as-usual approach doesn't always make sense in the cloud -- it calls for a different type of agile, scalable strategy to building and managing applications.
Also, Azure Stack requires on-premises servers that adhere to strict guidelines around hardware and data center infrastructure. As a result, an enterprise wouldn't be able to repurpose existing servers or spare capacity on premises as an extension of the Azure public cloud.
While Azure Stack has its place for certain businesses, it doesn't address the many complexities IT teams face with today's hybrid and multi-cloud scenarios. There are architectural choices, such as VMs, containers and Kubernetes, serverless, databases, OSes and programming languages, to name a few. Then, there's the diversity of environments, including public clouds, private data centers, branch offices, and edge and IoT deployments.
What's pushing public cloud providers into the hybrid cloud market?
Public cloud providers are all about hybrid cloud these days. Large enterprises aren't willing -- or able -- to move all of their workloads to one cloud. Some data needs to stay on premises for regulatory purposes, while other apps, especially ones with predictable loads, are perfectly fine staying right where they are.
This doesn't mean enterprises are abandoning the public cloud. In fact, cloud adoption has skyrocketed. But continuing down both tracks -- public cloud and on premises -- creates real challenges. IT teams must work in and manage incongruent environments. The problem is compounded by newer development models and the fact that most enterprises are operating in multiple public clouds.
Third parties have tried to fill the void, but that adds yet another layer and another vendor. Microsoft is betting its customers want to focus their hybrid and multi-cloud efforts around a single preferred cloud provider, since the business is so heavily invested in that platform already.
Microsoft opted to use the Azure Resource Manager paradigms, but other control planes, like ServiceNow and VMware, can write down to Azure Arc as needed. Part of the rationale for using Azure Resource Manager as the control plane was the rate of change in the market higher up the stack.
"At the core compute cloud platform, I've always held very strongly that you don't want to layer or abstract over those clouds," said Jeremy Winter, director of Azure Management at Microsoft. "You'll never be able to keep up."
How does Microsoft's hybrid and multi-cloud strategy compare to what AWS and Google are doing?
Market leader AWS was famously opposed to the concept of hybrid clouds -- until it wasn't. After years of highlighting customers that were all-in on AWS, Amazon began to add tools and services to help enterprises tether on-premises data centers to its cloud. AWS took a major step to support hybrid with VMware Cloud on AWS, and it finally made the leap to being an on-premises vendor with the release of AWS Outposts.
Outposts is akin to Azure Stack, except it's fully managed by AWS and uses proprietary hardware that's inaccessible to the user. AWS also has a portable appliance called Snowball Edge, which is the equivalent to Azure Stack Edge.
Although AWS doesn't have a service like Azure Arc, Google does. Google is a distant third in the cloud market, and it's betting its Anthos service will be a differentiator. There are many parallels between Arc and Anthos, though Kubernetes plays a slightly different role for each.
A team of Google developers created Kubernetes, and Google has increasingly put the container orchestration platform at the core of its cloud strategy. To run Anthos, you need to use GKE, whether you're deploying to Google Cloud or on premises. You can control clusters in Microsoft AKS and Amazon EKS with Anthos, though there's limited functionality. Google supports VMs and bare metal on premises, but it has framed Anthos around app modernization, and containerization of legacy apps is part of that approach.
Conversely, Microsoft is giving equal weight to traditional servers, which, again, makes sense given its install base.
"We need to bet on really being where the customer is at this time," Winter said. "There are VMs [and] databases on premises and you can't just go shift everything to the Kubernetes world."
Gartner's Mohan used the example of an enterprise that's running Red Hat OpenShift on premises. To use Anthos, administrators would need to migrate those workloads to Google's Kubernetes engine.
"Azure Arc seems to be a little more open that way because I don't have to have GKE, but they're all trying to achieve the same goal," he said.
Anthos doesn't currently support databases outside GCP the same way Arc does with Azure Data Services, but Google has extended some of its cloud-based analytics tools on premises. Anthos users can perform SQL queries across environments with BigQuery Omni, and Google is adding AI capabilities on-premises, starting with Speech-to-Text On-Prem.
When will Azure Arc be available?
Currently, Azure Arc enabled servers is generally available. Azure Arc enabled Kubernetes and Azure Arc for Data Management are in preview.
What other services and features will be added to Azure Arc in the future?
Microsoft won't stop with just what's currently available or in public preview, but don't expect a flood of additions in the near future, either.
Microsoft has publicly said other Azure data services will eventually be added. Mohan said he sees great potential for extending Cosmos DB to on-premises devices, such as assembly line machinery or other IoT devices that produce time-series data. Currently, that data would have to be sent back to Azure for Cosmos DB to process it.
Another move that would make sense is a refresh of Azure Stack. Microsoft is reportedly working on a version of Azure Stack that's closer to AWS Outposts. Microsoft would manage the appliance and supply the hardware. This would make sense, as Azure Stack would then act as a true extension of the Azure public cloud, rather than a private cloud that integrates with Azure.
Winter said he also sees a need around developer services and apps delivered through Azure Arc, but none of those components will be coming anytime soon -- nor would he comment on any long-term plans for Azure Stack integrations. Instead, Winter said the focus is on the quality of these initial three releases of Arc. Then, his team plans to learn from that experience and incrementally add more from there.