SlideShare uma empresa Scribd logo

Azure Arc Overview from Microsoft

‱
‱
David J Rosenthal
David J Rosenthal

Azure Arc offers simplified management, faster app development, and consistent Azure services. Easily organize, govern, and secure Windows, Linux, SQL Server, and Kubernetes clusters across data centers, the edge, and multicloud environments right from Azure. Architect, design, and build cloud-native apps anywhere without sacrificing central visibility and control. Get Azure innovation and cloud benefits by deploying consistent Azure data, application, and machine learning services on any infrastructure. Gain central visibility, operations, and compliance Centrally manage a wide range of resources including Windows and Linux servers, SQL server, Kubernetes clusters, and Azure services. Establish central visibility in the Azure portal and enable multi-environment search with Azure Resource Graph. Meet governance and compliance standards for apps, infrastructure, and data with Azure Policy. Delegate access and manage security policies for resources using role-based access control (RBAC) and Azure Lighthouse. Organize and inventory assets through a variety of Azure scopes, such as management groups, subscriptions, resource groups, and tags. Learn more about hybrid and multicloud management in the Microsoft Cloud Adoption Framework for Azure.

Tecnologia
1 de 78
Baixar para ler offline
David J. Rosenthal VP & GM, Digital Business July 15, 2021
Customer environments and application requirements are evolving Azure Arc How to govern and operate across disparate environments? How to ensure security across the entire organization? How to best enable innovation and developer agility? How to meet regulatory requirements and overcome technical hurdles? 100’s–1,000’s of apps Diverse infrastructure Multi-Cloud
Azure Stack Azure IoT Azure Arc Azure services
Manage & Operate your infrastructure from the Azure control plane and run Azure services on your infrastructure Multi-cloud Datacenter Edge Azure Arc
Azure Arc Azure Arc enabled infrastructure Connect and operate hybrid resources as native Azure resources Azure Arc enabled services Deploy and run Azure services outside of Azure while still operating it from Azure Multi-cloud Datacenter Edge
Organize and govern across environments At-scale Kubernetes app management Run data services anywhere Azure Arc use cases
Azure is already trusted and proven by our customers. Azure Arc uses the same APIs and the same control plane as Azure, providing consistency across the hybrid infrastructure, which increases productivity and reduces risk.” With Azure Arc, we can centrally manage multiple edge locations and help our customers grow and expand across the continent, creating more jobs and economic opportunities along the way." For me, the main benefit is that my managers do not have to go to three different places to see the health of our database environment. I want to reinforce this over and over again because that’s what’s driving us.” Mike DeLuca Global Lead for Hybrid Calvin Karundu Software Engineer Kristina Melo SQL Database Administrator
Azure Arc
Customer challenges when hybrid Complexity “I need to have health visibility in a single pane of glass to all my existing and future infrastructure and applications.” Compliance “I need to manage security and incident management across my public cloud and datacenter assets.” Inconsistency “I want my on-prem skills to work in the cloud, and my cloud skills to work on-prem.” Regulation “Our DB layer must remain on-premises due to sensitive patient data and data availability needs.” Latency “We can’t take a dependency on the internet. If we lose connectivity, we still want to be able to access the data.” Legacy “Our older systems take too much maintenance. We want evergreen technology and to pay for it like a utility.” Multi-cloud Datacenter Edge
Azure Arc Azure Arc enabled infrastructure Azure Arc enabled services Connect and operate hybrid resources as native Azure resources Deploy and run Azure services outside of Azure while still operating it from Azure Multi-cloud Datacenter Edge Always current Get evergreen SQL and PostgreSQL Hyperscale on-premises with a cloud billing model Latency Deploy data services on-premises, close to your data sources with support for both disconnected and connected workloads Flexibility Reduce risk and adhere to regulatory requirements by deploying cloud services on-premises Consistency Simplify the way you work by consolidating tooling and using cloud-native technology and practices everywhere Compliance Reduce risk and cost by establishing a single governance frame for all your workloads without additional overhead or additional approval processes Visibility Bring distributed Windows, Linux, SQL and Kubernetes together a single plane of glass
Inventory, Organization, Governance Servers | Kubernetes Clusters | Databases | etc. Secure | Monitor | Protect | Automate | Develop Over 200 services Extensibility for new resources Control Resources Develop & operate Facilities Azure customers Tools and experiences Azure Regions
Azure Arc Azure Arc enabled infrastructure Azure Arc enabled services Multi-cloud Datacenter Edge Inventory, Organization, Governance Extensibility for new resources Control Resources Facilities Servers | Kubernetes Clusters | Databases | etc. Azure Regions Azure customers Tools and experiences Secure | Monitor | Protect | Automate | Develop Develop & operate
Azure Arc Bring Azure services and management to any infrastructure Get servers and Kubernetes clusters that are sprawling across clouds, datacenters and edge under control by centrally organizing and governing from a single place. Organize and govern across environments Multi-cloud Datacenter & hosted Deploy and manage Kubernetes applications at scale across environments using DevOps techniques, ensuring that applications are deployed and configured consistently from source control, at scale. At-scale Kubernetes app management Deploy and manage data services where you need it for latency or compliance requirements. Stay always current with evergreen SQL and seamlessly manage and secure your data assets across on- premises, clouds, and edge. Run data services anywhere
Azure Arc enabled infrastructure Bring on-premises and multi-cloud infrastructure to Azure with Azure Arc Azure Arc enabled servers Organize, inventory, and monitor Governance and Security Simplified role-based operations Physical, Virtual, Windows, Linux Now available Azure Arc enabled SQL Server Organize, inventory, and monitor Governance and Security Use with your existing SQL servers SQL on Windows or Linux servers Now in public preview Azure Arc enabled Kubernetes Organize, inventory, and monitor Governance and Security Monitoring and Policy GitOps-based zero-touch deploy OpenShift AKS on Azure Stack HCI Public preview AWS Linux 2
Customer scenario Organize & govern across environments Overview A large financial institution has sprawling server-based IT systems deployed in corporate datacenters, hosters, and multi-cloud. The sprawl is overwhelming, and it is impossible to manage and apply consistent governance across the environment and meet compliance needs Business requirements ‱ Manage a mix of bare metal, Windows and Linux servers across locations and disparate systems ‱ Enable IT to apply at scale governance and security policies across all servers ‱ Enable application owners to apply, audit and remediate compliance to meet their own requirements Multi-Cloud On-Premises / Hosted Datacenters
Customer scenario Organize & govern across environments Multi-Cloud On-Premises / Hosted Datacenters Key benefits from Azure Arc ‱ Asset organization and inventory with a unified view in the Azure Portal ‱ Universal governance anywhere through Azure Policy ‱ Centralized agent management – Monitoring, Security, Update Management and more ‱ Built-in server compliance rules ‱ Central compliance view across all servers ‱ Self-service remediation ‱ Integration with Azure Lighthouse Azure Management (Azure Resource Manager, Azure Policy, Azure Portal, API, CLI
) Azure Arc Azure Arc
Azure Arc enabled servers Bring on-premises and multi-cloud servers to Azure with Azure Arc Reach Organize and Inventory At scale searchable inventory Unify management experience Consistent VM extensions Integrate with Azure Lighthouse Governance and Security Built-in Azure policies Server security baselines Compliance across environments Centralized agent management – Monitoring, Security, Update Management Role-Based Operations Central IT to manage at-scale operations Workload owners manage based on their access
Azure Arc enabled servers Azure Arc enabled servers are auto-enrolled with additional Azure services Additional services Azure Policy Azure Defender Azure Sentinel Azure Monitor Change and inventory tracking Update management Azure Security Center Just turn them on when you want to use them AWS Linux 2
Azure Arc enabled servers The future of Microsoft Endpoint Configuration Manager (formerly SCCM) The Azure management services enabled by Azure Arc can replace much of the functionality of MECM, but we recommend a gradual transition based on the use case. In some cases, MECM cannot be replaced yet. On-Premises VMs MECM Azure Arc Capabilities Change and inventory tracking Update/patch management Security
Azure Arc enabled servers Co-management with Microsoft Endpoint Configuration Manager (MECM – formerly SCCM) Use case MECM Azure management service enabled by Azure Arc Software updates on Windows Server machines anywhere Software updates on Linux machines anywhere Software updates on your Windows clients (running say Windows 10) Software updates for on-premises systems which are behind an internet gateway Server inventory and information collection Run custom scripts on machines MECM tracks and applies software updates to Windows Server machines in your organization
Azure Arc enabled servers Co-management with Microsoft Endpoint Configuration Manager (MECM – formerly SCCM) Use case MECM Azure management service enabled by Azure Arc Create, manage and deploy applications on machines Manage OS upgrades Manage policies to mitigate malicious attacks and security vulnerabilities
Azure Arc enabled SQL Server Data management benefits for Azure Arc enabled servers Flexibility Management Governance and Security VMs and bare-metal servers On-premises and multi-cloud Searchable inventory SQL Assessment service Azure Policy Azure Defender No migration needed for existing SQL Servers
SQL Server Assessment
Customer scenario At-scale Kubernetes app management Overview A retailer with 100s of stores would like to move all in-store applications to containers running on a K8s clusters They are faced with the challenge of how to uniformly deploy, configure and manage their containerized applications across multiple locations Business requirements ‱ Bootstrap a new store to fully run with the applications and configuration that this store requires ‱ Enable IT to apply and monitor at scale governance across all stores ‱ Monitor the state of applications and configuration in all stores ‱ Integrate DevOps and Safe Deployment Practices for applications running in stores
Customer scenario At-scale Kubernetes app management Key benefits from Azure Arc ‱ Asset organization and inventory with a unified view in the Azure Portal across all locations ‱ GitOps-based model for deploying configuration as code to one or many clusters ‱ Application deployment and update at scale ‱ Source control based Safe Deployment Procedures when rolling new applications and configurations ‱ Developer tooling agnostic—use the tools they want Azure Management (Azure Resource Manager, Azure Policy, Azure Portal, API, CLI
)
Azure Arc enabled Kubernetes Connect, manage, and operate Kubernetes clusters and applications running anywhere using Azure Arc Now in Preview Configure Connect Govern and Secure Operate and Monitor AKS OpenShift kubeadm GKE EKS VMware Tanzu
Customer scenario Run Azure data services anywhere Overview An Energy company aims for an efficient and fully automated operation with AI everywhere Customer operates various production sites, as well as run utility transporting from extraction to retail distribution Massive data volume at the edge and need real-time insights Business requirements ‱ Leverage existing OEM hardware and any Kubernetes ‱ Automation at scale for IT control systems e.g., HA/DR, backup, CI/CD, DevOps ‱ Latest innovation automatically deployed from edge to cloud ‱ Consistent security and governance Azure data services Customer-managed services on any infrastructure Edge - real-time processing challenges Data aggregation Private Cloud - Enterprise business systems challenges Model updates Lots of manual effort for CI/CD, especially for data tier Variety of DB engines, with versions facing EOS, security siloes; no elastic scale Mix of containers and VMs on OEM hardware Custom code needed for streaming, data sync and AI Legacy, basic database with no AI built OEM edge servers/workstations Sensors Actuators
Customer scenario Run Azure data services anywhere Key benefits from Azure Arc ‱ Any infrastructure, any K8s ‱ Always on the latest, no end-of-support with evergreen SQL in Azure SQL DB ‱ Elastic scale on-premises with PostgreSQL Hyperscale ‱ Azure SQL Database Edge with built-in AI for real-time edge analytics ‱ Automation at scale with unified management of all data & AI assets ‱ Market leading security & governance consistently deployed everywhere Edge - real-time processing challenges Data aggregation Private Cloud - Enterprise business systems challenges Model updates Lots of manual effort for CI/CD, especially for data tier Variety of DB engines, with versions facing EOS, security siloes; no elastic scale Mix of containers and VMs on OEM hardware Custom code needed for streaming, data sync and AI Legacy, basic database with no AI built OEM edge servers/workstations Sensors Actuators K8s management Azure Policy Azure Role-based control Azure Security Center Azure Arc enabled data services
Elastic scale Always current Unified management Azure Arc enabled data services Bring Azure data services to on-premises, multi-cloud, and edge with Azure Arc Disconnected support PREVIEW
Azure Arc Integration Azure Arc Data Controller Future Analytics Engines PostgreSQL Hyperscale Any Kubernetes Cluster Azure Arc enabled data services Architecture azdata CLI Azure SQL Managed Instance Future data services Any Infrastructure collectd fluentbit collectd fluentbit Kubernetes API API Backup Monitoring & logs HA/DR Azure Arc Integration Scaling Patching & Updates Provisioning AKS OpenShift kubeadm GKE EKS VMware Tanzu AKS on Azure Stack HCI Azure Data Studio Azure Arc Extension Data/Azure Admin Azure Portal Azure CLI Identity Azure RBAC & Policy Advanced Data Security Deployments & Config Resource Inventory Logs & Telemetry Backup Retention Consumption
Which SQL Database deployment do I need? Azure Arc enabled SQL Managed Instance Azure infrastructure Managed Instance Single Database Elastic Pools Full instance More control Just a single SQL DB Shared pool of resources for multiple SQL DBs What do I need? Any infrastructure Any Kubernetes Cluster Who do I want to manage the SQL instance? Where will the SQL DB be deployed? Microsoft I will Outside of Azure
Which PostgreSQL Database deployment do I need? Azure Arc enabled PostgreSQL Hyperscale Azure infrastructure Azure Database for PostgreSQL Azure Database for PostgreSQL Hyperscale (Citus) Just a single server Superior scale for multi-tenant apps & real-time analytics apps What do I need? Any infrastructure Any Kubernetes Cluster Who do I want to manage the PostgreSQL instance? Where will the PostgreSQL DB be deployed? Microsoft I will Outside of Azure
Management capabilities comparison by deployment model Built-in Capabilities Deployment Model Customer Infrastructure Azure SQL Server / PostgreSQL Azure Arc enabled databases Azure PaaS databases Database security features Elastic / “Limitless” scalability Limited by the capacity of customer infrastructure Automatic HA/DR Customer responsible for underlying HW/K8s availability Auto upgrade, patching Auto backup-restore Monitoring Compliance certifications Customer responsible for compliance certification Customer responsible for compliance certification 90+ certifications Data sovereignty Azure regions not available in all countries yet Customer control Pre-defined HW options No control over HW/OS Fully managed by Microsoft Customer-managed Customer-managed using software provided by Microsoft Guaranteed availability SLA Customer-managed Customer-managed using software provided by Microsoft
Azure is already trusted and proven by our customers. Azure Arc uses the same APIs and the same control plane as Azure, providing consistency across the hybrid infrastructure, which increases productivity and reduces risk.” Mike DeLuca Global Lead for Hybrid Avanade
For me, the main benefit is that my managers do not have to go to three different places to see the health of our database environment. I want to reinforce this over and over again because that’s what’s driving us.” Kristina Melo SQL Database Administrator Ferguson
With Azure Arc, we can centrally manage multiple edge locations and help our customers grow and expand across the continent, creating more jobs and economic opportunities along the way.” Calvin Karundu Software engineer Africa’s Talking
Azure Arc is the key enabling technology for us to deliver software as a service to the edge within our customers' local on- premises networks.” Thomas Gossler Chief Architect for Teamplay Siemens
“Ford welcomed the opportunity to participate in the private preview of Azure Arc enabled data services. We are always looking at new and different tools to improve delivery speed of database services to our customers with on- premise metered consumption and self- service.” Ford Motor Company
With Azure Arc we are able to distribute solutions and workloads across multiple clouds and data centers to support our clients that would have otherwise been bound to a data center.” Aram Lauxtermann Director, Cloud KPMG
We are excited to see Microsoft bringing Azure data services and management to any infrastructure. Through our partnership with Microsoft we hope to deliver a true “as-a-service” experience across environments to help manage both the databases and the underlying infrastructure and offer a consistent experience across on premises and the cloud.” Erik Vogel VP, Customer Success Hybrid Cloud Software and Services Hewlett Packard Enterprise
Azure Arc enabled servers pricing Customers servers and clusters No additional cost Control plane functionality: Tagging, management groups, activity logs, templates, Resource Graph, RBAC
Azure Arc enabled servers pricing Additional services No additional cost Customers servers and clusters Azure Policy—guest configuration Azure Monitor Azure Security Center Azure Defender—standard Azure Sentinel Backup Log Analytics Service Map Application Insights Network Watcher Azure Sentinel Config and Change Management Control plane functionality: Tagging, management groups, activity logs, templates, Resource Graph, RBAC
Razor Technology delivers value with Azure Arc Base VM management experiences extended on- premises Complex IT management services extended on-premises Comprehensive VM management experiences extended on- premises Azure Policy, Azure Update Management Azure Policy, Azure Security Center, Azure Sentinel, Azure Monitor, Azure Update Management VM management, At-scale Kubernetes app management, data services anywhere
Pricing for Arc enabled Kubernetes and data services Both Azure Arc enabled Kubernetes and Azure Arc enabled data services are in preview. We will announce pricing details closer to GA.
Azure Arc roadmap General availability ‱ Azure Arc enabled servers Public preview ‱ Azure Arc enabled SQL Server ‱ Azure Arc enabled Kubernetes ‱ Azure Arc enabled data services ‱ Azure SQL Managed Instance ‱ Azure PostgreSQL Hyperscale General availability ‱ Azure Arc enabled SQL Server ‱ Azure Arc enabled Kubernetes ‱ Azure Arc enabled data services ‱ Azure SQL Managed Instance ‱ Azure PostgreSQL Hyperscale
What do we hear from customers? “I need to manage security and incident management across my public cloud and datacenter assets through policy enforcement and automation.” “As a Managed Service Provider, I need to operate and govern my customer’s Azure ,on-premises and other clouds environments.” “I want my on-premises servers to have strong integration with Azure and tools like Security Center and Sentinel.” “As a DevOps Engineer, I would like for all my applications in our existing and future production Kubernetes clusters, to be deployed with same versioning and with no configuration drift.” “As an SRE (Site Reliability Engineer), I need to have health visibility in single pane of glass fashion to all my existing and future Kubernetes clusters, infrastructure and applications.” “We use SQL Server to integrate with our mission critical application platform, but the DB layer must remain on- premises due to sensitive patient data and data availability needs.”
Management Services Monitoring | Update | Containers | Backup | Security Center | More
 Access and Security RBAC | MSPs | Subscriptions Organization and Inventory Search | Index | Groups | Tags Environments and Automation Templates | Extensions Governance and Compliance Logs | Policy | Blueprints Azure Resource Manager (ARM) Azure Resources Azure Customer Tools and Experiences Marketplace Portal PowerShell SDK CLI API Ecosystem Azure Arc Azure Data Studio Kubernetes Tools Server Admin Tools Existing Tools Multi-Cloud On–Premises / Hosted Services Customer Environments
Azure Arc Architecture Azure Arc Components Resource specific tools Azure Resource Manager (ARM) Management Interfaces Azure Portal Azure CLI Azure SDK Identity RBAC Policy Index Groups Etc. Azure Arc Data Resource Provider (RP) Container Registry Azure Arc K8s Resource Provider (RP) Azure Arc Server Resource Provider (RP) Customer locations (on-premises/clouds) Azure data services Kubernetes Cluster Azure Arc Data Agent Servers Linux Windows Server Azure Arc Server Agent Azure Data Studio K8s Native Tools Cluster provisioning​ Cluster upgrade and patch management​ Cluster lifecycle management​ Cluster monitoring Server Admin Tools Azure PaaS Control GitOps Manager Azure Arc K8s Agent Azure Arc Data Controller
GitOps – Definition & Principles Git as the source of truth for a system Git as the single place where we operate (create, change, and delete) All changes are observable https://www.weave.works/technologies/gitops/ System state described declaratively State declaration versioned in source control Approved changes are applied automatically Agents enforce desired state
Azure Arc enabled Kubernetes GitOps Flow Arc Connected Kubernetes Cluster GitOps Configurations git Repository Flux Operator + Helm Operator Application Changes git merge Flux pickup changes Application V1 (Desired State) Google Kubernetes Engine (GKE) Elastic Kubernetes Service (EKS) Rancher K3s Azure Kubernetes Service on HCI 1 2 3 4 Application Deployment 5 6 7 Application V2 (New Desired State) Application Rolling Update 8 Any Kubernetes, any Infrastructure
The Azure Arc Jumpstart GitHub Repository 1. Provide a “zero to hero” scenarios for multiple environments and deployment type using as much automation as possible 2. Create a ”supermarket” experience by being able to take “off the shelf” scenarios and implement it 3. Meeting Azure Arc customers where they are https://aka.ms/AzureArcJumpstart
Get started https://aka.ms/Azure-Arc https://aka.ms/Azure-Arc-Kubernetes https://aka.ms/hybrid-data-services Learn more https://aka.ms/AzureArcJumpstart https://aka.ms/AzureArcDocs https://aka.ms/AzureArcLearn Azure Arc Any Infrastructure, Any Cloud
Azure Arc enabled servers Connectivity Options Azure VNET Azure Arc enabled Server Azure Arc Service Endpoint Public Endpoint Private Endpoint Service tag Private Link Azure Express Route & Site-to-Site VPN Internet Proxy 1. Direct connection (Internet) 2. Connection via Proxy (Internet) 3. Service tag (S2S VPN/ER) 4. Private Link (S2S VPN/ER) - Private Preview
On-premises/other clouds Azure AD Hybrid Identity Service Azure Resource Manager (ARM) Log Analytics Workspace Hybrid Instance Metadata Service Azure Automation Azure Monitoring Azure Security Center Azure Sentinel HTTPS/443 Hybrid Compute Resource Provider Azure Arc enabled servers architecture Linux OS Extension Manager Log Analytics Agent Custom Script DSC Microsoft Dependency Agent /opt/GC_Ext/downloads /var/lib/waagent/<extension> Guest Configuration /var/lib/GuestConfig Azure Arc Connected Machine Agent /var/opt/azcmagent/ /var/opt/azcmagent/tokens Guest Configuration Resource Provider System Administrator
On-premises/other clouds Azure AD Hybrid Identity Service Azure Resource Manager (ARM) Log Analytics Workspace Hybrid Instance Metadata Service System Administrator Azure Automation Azure Monitoring Azure Security Center Azure Sentinel Hybrid Compute Resource Provider Azure Arc enabled servers architecture Windows OS Extension Manager Log Analytics Agent Custom Script DSC Microsoft Dependency Agent %SystemDrive%AzureConnectedMachineAgentExtensionServicedownloads %SystemDrive%PackagesPlugins<extension>> Guest Configuration %SystemDrive%Program FilesArcConnectedMachineAgentExtensionServiceGC %ProgramData%GuestConfig Azure Arc Connected Machine Agent %ProgramFiles%AzureConnectedMachineAgent %ProgramData%AzureConnectedMachineAgent %ProgramData%AzureConnectedMachineAgentTokens %ProgramData%AzureConnectedMachineAgentConfig Guest Configuration Resource Provider HTTPS/443
Azure Arc enabled servers Connected Machine Agent Azure Arc Connected Server (On-Premises, AWS EC2, etc.) Azure Arc Connected Machine Agent Hybrid Instance Metadata Service (HIMDS) Handles managed identity and communication with Azure AD Guest Configuration Provides In-Guest Policy and Guest Configuration functionality, such as assessing whether the machine complies with required policies Extension Manager Manages VM extensions, including install, uninstall, and upgrade Log Analytics (MMAExtension) Update Management Parameters passed to the Agent: ‱ Subscription ID ‱ Location ‱ Resource Group ‱ Proxy (optional) ‱ Azure Service Principal Azure AD Log Analytics Workspace HTTPS/443 HTTPS/443 Azure Resource Manager (ARM) Hybrid Compute Resource Provider Azure Portal Az CLI Azure SDK REST API Azure Admin Authentication & Authorization Guest Config Resource Provider HTTPS/443
Azure Arc enabled server Azure Arc enabled servers Azure Key Vault Integration Azure Key Vault (AKV) User Certificates Public Key Infrastructure (PKI) Hybrid Compute Resource Provider Extension Service Azure AD AKV is configured with Azure Managed Identity for allowing the Azure Arc enabled server to access certificates System / Security Administrator AKV extension is deployed on the Azure Arc enabled server AKV Extension Background Service Certificates URIs are used as parameters and syncs based on user-defined time intervals AKV Extension background service request for a Managed Identity token in order to retrieve certificates AKV Extension background service retrieve AKV certificates based on interval specified in the extension configuration Cert Store The certificates and private keys are stored in the local certificate store (Windows) or as files in a directory (Linux) App/Service (i.e. Web Server) The AKV agent will then sync down the new certificate and private key automatically at its next sync interval Upon renewal time, the certificates are renewed only in AKV (renewed PKI certs can be uploaded as well) 2a Admin deploy Azure Key Vault 1a 1b 2b 3a 3b 6 5 4 App/Service consumes local cert store certificate (as well rebind upon renewal)
Azure Arc enabled Kubernetes Onboarding Azure AD On-Premises/Cloud Provider Kubernetes Cluster API Server etcd Save state/ Onboarding private key in k8s datastore 3b Cluster Metadata Operator Fetch cluster metadata and update custom resource 6a Resource Sync Operator Cluster Identity Operator Save the Azure Identity Certificate 5c Push cluster metadata (uses Managed Identity to authenticate eastus.dp.kubernetesconfiguration.com) 6b Azure Arc enabled Kubernetes Data Plane Service Hybrid Identity Service Watch for updates in cluster metadata custom resource 6c Fetch connectedCluster Managed Identity certificate (uses onboarding private key to authenticate eus.his.azure.com) 5a Microsoft.Kubernetes Resource Provider (RP) Update cluster metadata 6d Send identity metadata 4 Managed Identity Service Fetch the identity certificate 5b Create Service Principal in AAD 3f Azure Resource Manager (ARM) PUT connectedCluster resource along with Managed Identity metadata 3g Create Managed Identity 3e Azure CLI Uses Helm to deploy Arc enabled k8s agents with onboarding private key K8s Cluster Admin 3a az connectedk8s connect 1 PUT resource Microsoft.Kubernetes/connectedClusters with public key (management.azure.com) Azure Container Registry 3d Pull agent images 3c Fetch Helm chart 2
On-Premises/Cloud Provider Kubernetes Cluster Helm Release obj-x obj-y obj-z helmreleases CR release-a gitconfigs CR config-a Flux Operator Flux-Helm Operator controller- manager Watch gitconfig CRs Flux-logs agent Flux events sent to upstream service Create or update Flux Operator or Flux-Helm Operator 1 7 8 11 Config Agent Collect Status from Flux 12 Create gitconfigs CR 6 Namespace Git Repository YAML Files Helm Releases CRs Flux-Helm Operator watches helmreleases CRs, pulls Helm chart and creates Helm release 10 Flux watches Git repo, creates k8s resources based on raw YAML and helmreleases CRs 9 Azure Arc enabled Kubernetes Dataplane Service GET Pending sourceControlConfiguration resources (uses Managed Identity to authenticate) 5 POST status for the Flux agents to be retrieved with resource GET 13 Microsoft.KubernetesConfiguration Resource Provider (RP) Azure Resource Manager (ARM) Store sourceControlConfiguration resource 4 PUT sourceControlConfiguration resource 3 PUT resource Microsoft.Kubernetes/connectedClusters/clusterName/providers/Microsoft.KubernetesConfiguration/sourceControlConfigurations/configName (uses ARM Extension Resource pattern) az k8sconfiguration create 2 Azure Arc enabled Kubernetes GitOps Configuration Azure CLI K8s Cluster Admin
Azure Arc enabled Kubernetes Cluster Azure AD Entity (User Account/Service Principal) API Server Guard TokenAccessReview, SubjectAccessReview allowed/denied kubectl get pods If allowed, return list of pods allowed/denied checkAccess Owner Role assignment in Azure Azure Arc enabled Kubernetes AAD enabled RBAC
Azure Arc enabled Kubernetes Cluster Connect Kubernetes Cluster Microsoft.Kubernetes Resource Provider (RP) listClusterUserCredentials Cluster Connect Endpoint Dataplane Service Hybrid Connections Azure Resource Manager (ARM) Azure AD Entity (User Account/Service Principal) kubectl get pods clusterconnect-agent API Server Customer Firewall heartbeat Customer Location (On-Premises/Cloud Provider)
Azure Arc enabled Kubernetes Azure Monitor Azure Arc enabled Kubernetes Cluster node-1 pod-a pod-b pod-c pod-d oms-agent Collect metrics and logs node-2 pod-a pod-b pod-c pod-d oms-agent Collect metrics and logs node-n pod-a pod-b pod-c pod-d oms-agent Collect metrics and logs Azure Monitor for containers Workbooks Log Analytics Alerts Send metrics and logs
Azure Arc enabled Kubernetes Cluster Calling entity API Server azure-policy-addon Fetch policy definitions & assignments & Report compliance Azure Policy Service Azure Arc enabled Kubernetes Azure Policy (Gatekeeper) Gatekeeper OPA deploy create watch AdmissionReview request AdmissionReview response allowed: false kubectl apply –f privileged.yaml Denied Pod Deployment Service Ingress CRD Config PolicyTemplate CRD PolicyInstance CRD
Azure Arc enabled Kubernetes Cluster extension (Private Preview) On-Premises/Cloud Provider Kubernetes Cluster obj-x obj-y obj-z extensionconfigs CR extension Helm Release extension-manager Watch extensionconfig CRs 1 8 Config Agent Collect Status 11 Create extensionconfig CR 7 Namespace Azure Arc enabled Kubernetes Data Plane Service GET Pending extension resources (uses Managed Identity to authenticate) 5 POST extension status 12 Microsoft.KubernetesConfiguration Resource Provider (RP) Azure Resource Manager (ARM) Store extension resource 4 PUT extension resource 3 PUT resource Microsoft.Kubernetes/connectedClusters/clusterName/providers/Microsoft.KubernetesConfiguration/extensions/extensionName (uses ARM Extension Resource pattern) az k8s-extension create 2 Azure CLI K8s Cluster Admin Azure Container Registry or Microsoft Container Registry GET version 6 9 Fetch Helm chart stored as OCI artifact 10 Install helm chart
Any Kubernetes Cluster Azure Arc enabled Data Services Endpoints Azure Arc Data Control Plane Azure Arc Data Controller Metrics & Logs UI Azure Arc enabled data services Azure PostgreSQL Hyperscale Azure SQL Managed Instance azdata CLI Browser Azure Data Studio PostgreSQL tools & drivers Azure Data Studio SQL tools & drivers HTTPS HTTPS TCP TCP Azure Arc Data Control Plane azdata CLI Kubernetes tools HTTPS Kubernetes API
Azure Arc Contoso MSP Tenant Powered by Azure Lighthouse Access Management Portal & Dashboarding Policy & Governance Monitoring Logging & Analytics Cost Management Security Patch Management BC/DR MSP 3rd Party Solutions Integration Service Health & Support Fourth Coffee Azure Tenant Fourth Coffee On-Premises Datacenter Fourth Coffee Multi-Cloud Workloads Parnell Aerospace Azure Tenant Parnell Aerospace On-Premises Datacenter Parnell Aerospace Multi-Cloud Workloads Bare-Metal Servers Windows & Linux Servers Kubernetes Bare-Metal / VM Azure Arc Data Controller Azure Arc PostgreSQL Hyperscale Azure Arc SQL Server Azure Arc SQL Managed Instance Fabrikam On-Premises Datacenter AWS EC2 GCP Instance Google Kubernetes Engine (GKE) Elastic Kubernetes Service (EKS) Azure Arc PostgreSQL Hyperscale Azure Arc SQL Server Azure Arc SQL Managed Instance Fabrikam Multi-Cloud Workloads Fabrikam Azure Tenant Cosmos DB Functions Data Services Kubernetes Service Virtual Machines Storage Network App Services Azure Arc enabled infrastructure & services Azure Arc Data Controller
Azure Arc Bare-Metal Servers Windows & Linux Servers Kubernetes Bare-Metal / VM Azure Arc Data Controller Azure Arc PostgreSQL Hyperscale Azure Arc SQL Server Azure Arc SQL Managed Instance Fabrikam On-Premises Datacenter AWS EC2 GCP Instance Google Kubernetes Engine (GKE) Elastic Kubernetes Service (EKS) Azure Arc PostgreSQL Hyperscale Azure Arc SQL Server Azure Arc SQL Managed Instance Fabrikam Multi-Cloud Workloads Fabrikam Azure Tenant Cosmos DB Functions Data Services Kubernetes Service Virtual Machines Storage Network App Services Azure Arc enabled infrastructure & services Azure Arc Data Controller
Resources aka.ms/arc-introvideo Introducing Azure Arc aka.ms/azurearcpricing Azure Arc pricing page aka.ms/arc-techcommunity Deep dives on Azure Arc, best practices and more aka.ms/arc-customerstories Learn how other customers are implementing Azure Arc https://aka.ms/arc-feedback Public Q&A forum AzureArcContact@microsoft.com Ask to be added to a common Teams site and monthly call with engineering aka.ms/arc-blog Azure Arc: Extending Azure management to any infrastructure aka.ms/arc-k8svideo Kubernetes—Managing K8 clusters outside of Azure with Azure Arc aka.ms/arc-serversvideo Server management—Organize all your servers outside of Azure with Azure Arc aka.ms/arc-serversdocs Documentation for Azure Arc enabled servers aka.ms/arc-k8sdocs Documentation for Azure Arc enabled Kubernetes aka.ms/AzureArcJumpstart Azure Arc "Jumpstart" GitHub repository aka.ms/arc-datablog Blog – Run Azure data services on-premises, at the edge, and multi-cloud with Azure Arc aka.ms/arc-data-mechanicsvideo Demos on Azure Arc enabled data services, including SQL and PostgreSQL Hyperscale aka.ms/arc-data-ignitevideo Ignite 2020 session—Bring Azure data services to on-premises, multi-cloud and edge aka.ms/arc-datadocs Documentation for Azure Arc enabled data services Azure Arc all up overview Azure Arc enabled Kubernetes & servers Azure Arc enabled data services
866.797.3282 | Razor-tech.com David Rosenthal VP & General Manager Digital Business @DavidJRosenthalSlideShare
© Copyright Microsoft Corporation. All rights reserved. Appendix
Azure Arc enabled servers pricing Example 1 Scenario 1: A customer onboards 50 Windows (or Linux) servers that are running on-premises to Azure with Azure Arc and tags these servers in Azure, applies RBAC, organizes these servers into management groups and queries properties with Azure Resource Graph. In addition, the customer also applies a set of common Azure Policy Guest Configurations across all these servers. The applicable cost components are: Component Cost Connectivity to Azure Arc, Tagging, RBAC, Management Groups and Azure Resource Graph $0 Azure Policy Guest Configurations $6/server/month (Unlimited policies) For more details on Azure Arc pricing visit our pricing page: https://aka.ms/azurearcpricing
Azure Arc enabled servers pricing Example 2 Scenario 2: A customer onboards 50 Windows (or Linux) servers that are running on-premises to Azure with Azure Arc and tags these servers in Azure, applies RBAC, organizes these servers into management groups and queries properties with Azure Resource Graph. The customer also applies a set of common Azure Policy Guest Configurations across all these servers. In addition, the customer deploys the Log Analytics agent extension to monitor the on-premises servers (Azure Monitor). The applicable cost components are: Component Cost Connectivity to Azure Arc, Tagging, RBAC, Management Groups and Azure Resource Graph Azure Policy Guest Configurations (Unlimited policies) Azure Monitor Same Azure Monitor pricing that is applicable to Azure VMs (Refer to the Azure Monitor Pricing page to learn more) For more details on Azure Arc pricing visit our pricing page: https://aka.ms/azurearcpricing

Recomendados

Azure Migrate
Azure MigrateAzure Migrate
Azure MigrateMustafa
 
Migrate to Microsoft Azure with Confidence
Migrate to Microsoft Azure with ConfidenceMigrate to Microsoft Azure with Confidence
Migrate to Microsoft Azure with ConfidenceDavid J Rosenthal
 
Microsoft Azure Technical Overview
Microsoft Azure Technical OverviewMicrosoft Azure Technical Overview
Microsoft Azure Technical Overviewgjuljo
 
Azure: PaaS or IaaS
Azure: PaaS or IaaSAzure: PaaS or IaaS
Azure: PaaS or IaaSShahed Chowdhuri
 
Azure governance v4.0
Azure governance v4.0Azure governance v4.0
Azure governance v4.0Marcos Oikawa
 
On-premise to Microsoft Azure Cloud Migration.
On-premise to Microsoft Azure Cloud Migration. On-premise to Microsoft Azure Cloud Migration.
On-premise to Microsoft Azure Cloud Migration.Emtec Inc.
 
Microsoft Azure Security Overview
Microsoft Azure Security OverviewMicrosoft Azure Security Overview
Microsoft Azure Security OverviewAlert Logic
 
Azure migration
Azure migrationAzure migration
Azure migrationArnon Rotem-Gal-Oz
 

Recomendados

Azure Migrate
Azure MigrateAzure Migrate
Azure MigrateMustafa
 
Migrate to Microsoft Azure with Confidence
Migrate to Microsoft Azure with ConfidenceMigrate to Microsoft Azure with Confidence
Migrate to Microsoft Azure with ConfidenceDavid J Rosenthal
 
Microsoft Azure Technical Overview
Microsoft Azure Technical OverviewMicrosoft Azure Technical Overview
Microsoft Azure Technical Overviewgjuljo
 
Azure: PaaS or IaaS
Azure: PaaS or IaaSAzure: PaaS or IaaS
Azure: PaaS or IaaSShahed Chowdhuri
 
Azure governance v4.0
Azure governance v4.0Azure governance v4.0
Azure governance v4.0Marcos Oikawa
 
On-premise to Microsoft Azure Cloud Migration.
On-premise to Microsoft Azure Cloud Migration. On-premise to Microsoft Azure Cloud Migration.
On-premise to Microsoft Azure Cloud Migration.Emtec Inc.
 
Microsoft Azure Security Overview
Microsoft Azure Security OverviewMicrosoft Azure Security Overview
Microsoft Azure Security OverviewAlert Logic
 
Azure migration
Azure migrationAzure migration
Azure migrationArnon Rotem-Gal-Oz
 
Azure Stack Fundamentals
Azure Stack FundamentalsAzure Stack Fundamentals
Azure Stack FundamentalsCenk Ersoy
 
Azure 101
Azure 101Azure 101
Azure 101Korry Lavoie
 
Azure Migration Program Pitch Deck
Azure Migration Program Pitch DeckAzure Migration Program Pitch Deck
Azure Migration Program Pitch DeckNicholas Vossburg
 
Azure Hybid
Azure HybidAzure Hybid
Azure HybidThomas Treml
 
Massive Lift & Shift Migrations to Microsoft Azure with the Microsoft Migrati...
Massive Lift & Shift Migrations to Microsoft Azure with the Microsoft Migrati...Massive Lift & Shift Migrations to Microsoft Azure with the Microsoft Migrati...
Massive Lift & Shift Migrations to Microsoft Azure with the Microsoft Migrati...Morgan Simonsen
 
Azure Migration Program Overview
Azure Migration Program OverviewAzure Migration Program Overview
Azure Migration Program OverviewNicholas Vossburg
 
CAF presentation 09 16-2020
CAF presentation 09 16-2020CAF presentation 09 16-2020
CAF presentation 09 16-2020Michael Nichols
 
Azure Arc - Managing Hybrid and Multi-Cloud Platforms
Azure Arc - Managing Hybrid and Multi-Cloud PlatformsAzure Arc - Managing Hybrid and Multi-Cloud Platforms
Azure Arc - Managing Hybrid and Multi-Cloud PlatformsWinWire Technologies Inc
 
Building an Enterprise-Grade Azure Governance Model
Building an Enterprise-Grade Azure Governance ModelBuilding an Enterprise-Grade Azure Governance Model
Building an Enterprise-Grade Azure Governance ModelKarl Ots
 
Azure Application Modernization
Azure Application ModernizationAzure Application Modernization
Azure Application ModernizationKarina Matos
 
Azure stack all you need to know
Azure stack all you need to knowAzure stack all you need to know
Azure stack all you need to knowSusantha Silva
 
An Overview of Best Practices for Large Scale Migrations - AWS Transformation...
An Overview of Best Practices for Large Scale Migrations - AWS Transformation...An Overview of Best Practices for Large Scale Migrations - AWS Transformation...
An Overview of Best Practices for Large Scale Migrations - AWS Transformation...Amazon Web Services
 
infrastructure as code
infrastructure as codeinfrastructure as code
infrastructure as codeAmazon Web Services
 
Azure SQL Database
Azure SQL Database Azure SQL Database
Azure SQL Database nj-azure
 
Azure Arc by K.Narisorn // Azure Multi-Cloud
Azure Arc by K.Narisorn // Azure Multi-CloudAzure Arc by K.Narisorn // Azure Multi-Cloud
Azure Arc by K.Narisorn // Azure Multi-CloudKumton Suttiraksiri
 
Azure subscription management with EA and CSP
Azure subscription management with EA and CSPAzure subscription management with EA and CSP
Azure subscription management with EA and CSPDaichi Isami
 
Azure Cloud Governance
Azure Cloud GovernanceAzure Cloud Governance
Azure Cloud GovernanceJonathan Wade
 
Azure Stack Overview
Azure Stack OverviewAzure Stack Overview
Azure Stack OverviewPT Datacomm Diangraha
 
Azure WAF
Azure WAFAzure WAF
Azure WAFCheah Eng Soon
 
Overview of Azure Arc enabled Kubernetes
Overview of Azure Arc enabled KubernetesOverview of Azure Arc enabled Kubernetes
Overview of Azure Arc enabled KubernetesPieter de Bruin
 
2-ARC.pdf
2-ARC.pdf2-ARC.pdf
2-ARC.pdfssuserceb53e
 
Introducing Azure Arc
Introducing Azure ArcIntroducing Azure Arc
Introducing Azure ArcMohamed Wali
 

Mais conteĂșdo relacionado

Mais procurados

Azure Stack Fundamentals
Azure Stack FundamentalsAzure Stack Fundamentals
Azure Stack FundamentalsCenk Ersoy
 
Azure Migration Program Pitch Deck
Azure Migration Program Pitch DeckAzure Migration Program Pitch Deck
Azure Migration Program Pitch DeckNicholas Vossburg
 
Massive Lift & Shift Migrations to Microsoft Azure with the Microsoft Migrati...
Massive Lift & Shift Migrations to Microsoft Azure with the Microsoft Migrati...Massive Lift & Shift Migrations to Microsoft Azure with the Microsoft Migrati...
Massive Lift & Shift Migrations to Microsoft Azure with the Microsoft Migrati...Morgan Simonsen
 
Azure Migration Program Overview
Azure Migration Program OverviewAzure Migration Program Overview
Azure Migration Program OverviewNicholas Vossburg
 
CAF presentation 09 16-2020
CAF presentation 09 16-2020CAF presentation 09 16-2020
CAF presentation 09 16-2020Michael Nichols
 
Azure Arc - Managing Hybrid and Multi-Cloud Platforms
Azure Arc - Managing Hybrid and Multi-Cloud PlatformsAzure Arc - Managing Hybrid and Multi-Cloud Platforms
Azure Arc - Managing Hybrid and Multi-Cloud PlatformsWinWire Technologies Inc
 
Building an Enterprise-Grade Azure Governance Model
Building an Enterprise-Grade Azure Governance ModelBuilding an Enterprise-Grade Azure Governance Model
Building an Enterprise-Grade Azure Governance ModelKarl Ots
 
Azure Application Modernization
Azure Application ModernizationAzure Application Modernization
Azure Application ModernizationKarina Matos
 
Azure stack all you need to know
Azure stack all you need to knowAzure stack all you need to know
Azure stack all you need to knowSusantha Silva
 
An Overview of Best Practices for Large Scale Migrations - AWS Transformation...
An Overview of Best Practices for Large Scale Migrations - AWS Transformation...An Overview of Best Practices for Large Scale Migrations - AWS Transformation...
An Overview of Best Practices for Large Scale Migrations - AWS Transformation...Amazon Web Services
 
Azure SQL Database
Azure SQL Database Azure SQL Database
Azure SQL Database nj-azure
 
Azure Arc by K.Narisorn // Azure Multi-Cloud
Azure Arc by K.Narisorn // Azure Multi-CloudAzure Arc by K.Narisorn // Azure Multi-Cloud
Azure Arc by K.Narisorn // Azure Multi-CloudKumton Suttiraksiri
 
Azure subscription management with EA and CSP
Azure subscription management with EA and CSPAzure subscription management with EA and CSP
Azure subscription management with EA and CSPDaichi Isami
 
Azure Cloud Governance
Azure Cloud GovernanceAzure Cloud Governance
Azure Cloud GovernanceJonathan Wade
 
Overview of Azure Arc enabled Kubernetes
Overview of Azure Arc enabled KubernetesOverview of Azure Arc enabled Kubernetes
Overview of Azure Arc enabled KubernetesPieter de Bruin
 

Mais procurados (20)

Azure Stack Fundamentals
Azure Stack FundamentalsAzure Stack Fundamentals
Azure Stack Fundamentals
 
Azure 101
Azure 101Azure 101
Azure 101
 
Azure Migration Program Pitch Deck
Azure Migration Program Pitch DeckAzure Migration Program Pitch Deck
Azure Migration Program Pitch Deck
 
Azure Hybid
Azure HybidAzure Hybid
Azure Hybid
 
Massive Lift & Shift Migrations to Microsoft Azure with the Microsoft Migrati...
Massive Lift & Shift Migrations to Microsoft Azure with the Microsoft Migrati...Massive Lift & Shift Migrations to Microsoft Azure with the Microsoft Migrati...
Massive Lift & Shift Migrations to Microsoft Azure with the Microsoft Migrati...
 
Azure Migration Program Overview
Azure Migration Program OverviewAzure Migration Program Overview
Azure Migration Program Overview
 
CAF presentation 09 16-2020
CAF presentation 09 16-2020CAF presentation 09 16-2020
CAF presentation 09 16-2020
 
Azure Arc - Managing Hybrid and Multi-Cloud Platforms
Azure Arc - Managing Hybrid and Multi-Cloud PlatformsAzure Arc - Managing Hybrid and Multi-Cloud Platforms
Azure Arc - Managing Hybrid and Multi-Cloud Platforms
 
Building an Enterprise-Grade Azure Governance Model
Building an Enterprise-Grade Azure Governance ModelBuilding an Enterprise-Grade Azure Governance Model
Building an Enterprise-Grade Azure Governance Model
 
Azure Application Modernization
Azure Application ModernizationAzure Application Modernization
Azure Application Modernization
 
Azure stack all you need to know
Azure stack all you need to knowAzure stack all you need to know
Azure stack all you need to know
 
An Overview of Best Practices for Large Scale Migrations - AWS Transformation...
An Overview of Best Practices for Large Scale Migrations - AWS Transformation...An Overview of Best Practices for Large Scale Migrations - AWS Transformation...
An Overview of Best Practices for Large Scale Migrations - AWS Transformation...
 
infrastructure as code
infrastructure as codeinfrastructure as code
infrastructure as code
 
Azure SQL Database
Azure SQL Database Azure SQL Database
Azure SQL Database
 
Azure Arc by K.Narisorn // Azure Multi-Cloud
Azure Arc by K.Narisorn // Azure Multi-CloudAzure Arc by K.Narisorn // Azure Multi-Cloud
Azure Arc by K.Narisorn // Azure Multi-Cloud
 
Azure subscription management with EA and CSP
Azure subscription management with EA and CSPAzure subscription management with EA and CSP
Azure subscription management with EA and CSP
 
Azure Cloud Governance
Azure Cloud GovernanceAzure Cloud Governance
Azure Cloud Governance
 
Azure Stack Overview
Azure Stack OverviewAzure Stack Overview
Azure Stack Overview
 
Azure WAF
Azure WAFAzure WAF
Azure WAF
 
Overview of Azure Arc enabled Kubernetes
Overview of Azure Arc enabled KubernetesOverview of Azure Arc enabled Kubernetes
Overview of Azure Arc enabled Kubernetes
 

Semelhante a Azure Arc Overview from Microsoft

Introducing Azure Arc
Introducing Azure ArcIntroducing Azure Arc
Introducing Azure ArcMohamed Wali
 
Innovation anywhere with microsoft azure arc
Innovation anywhere with microsoft azure arcInnovation anywhere with microsoft azure arc
Innovation anywhere with microsoft azure arcGoviccaSihombing
 
Azure vm introduction
Azure vm introductionAzure vm introduction
Azure vm introductionLalit Rawat
 
Innovation morning agenda+azure arc
Innovation morning agenda+azure arcInnovation morning agenda+azure arc
Innovation morning agenda+azure arcClaudia Angelelli
 
Healthcare Roadshow 2016
Healthcare Roadshow 2016Healthcare Roadshow 2016
Healthcare Roadshow 2016Marcel Zehner
 
MSFT MAIW Data Mod - Session 1 Deck_Why Migrate your databases to Azure_Sept ...
MSFT MAIW Data Mod - Session 1 Deck_Why Migrate your databases to Azure_Sept ...MSFT MAIW Data Mod - Session 1 Deck_Why Migrate your databases to Azure_Sept ...
MSFT MAIW Data Mod - Session 1 Deck_Why Migrate your databases to Azure_Sept ...ssuser01a66e
 
Cloud for Kubernetes : Session4
Cloud for Kubernetes : Session4Cloud for Kubernetes : Session4
Cloud for Kubernetes : Session4WhaTap Labs
 
XCloudLabs- AWS Overview
XCloudLabs- AWS Overview XCloudLabs- AWS Overview
XCloudLabs- AWS Overview sangam biradar
 
Hashicorp Vault - OPEN Public Sector
Hashicorp Vault - OPEN Public SectorHashicorp Vault - OPEN Public Sector
Hashicorp Vault - OPEN Public SectorKangaroot
 
Azure SQL Managed Instance infographic.pdf
Azure SQL Managed Instance infographic.pdfAzure SQL Managed Instance infographic.pdf
Azure SQL Managed Instance infographic.pdfALI ANWAR, OCPÂź
 
Azure bootcamp (1)
Azure bootcamp (1)Azure bootcamp (1)
Azure bootcamp (1)AmnaHussain26
 
Secure hybrid workload with azure
Secure hybrid workload with azureSecure hybrid workload with azure
Secure hybrid workload with azureMohit Chhabra
 
Azure Fundamentals Part 2
Azure Fundamentals Part 2Azure Fundamentals Part 2
Azure Fundamentals Part 2CCG
 
Building Hybrid Cloud Apps with Azure and Azure stack
Building Hybrid Cloud Apps with Azure and Azure stackBuilding Hybrid Cloud Apps with Azure and Azure stack
Building Hybrid Cloud Apps with Azure and Azure stackWinWire Technologies Inc
 
AWS Summit 2013 | Singapore - Security & Compliance and Integrated Security w...
AWS Summit 2013 | Singapore - Security & Compliance and Integrated Security w...AWS Summit 2013 | Singapore - Security & Compliance and Integrated Security w...
AWS Summit 2013 | Singapore - Security & Compliance and Integrated Security w...Amazon Web Services
 
Azure Infrastructure Migration | Inovar Consulting
Azure Infrastructure Migration | Inovar ConsultingAzure Infrastructure Migration | Inovar Consulting
Azure Infrastructure Migration | Inovar ConsultingInovar Tech
 
Azure intelligent edge solutions overview
Azure intelligent edge solutions overviewAzure intelligent edge solutions overview
Azure intelligent edge solutions overviewCenk Ersoy
 
Build modern and intelligent applications using Azure Database for PostgreSQL
Build modern and intelligent applications using Azure Database for PostgreSQLBuild modern and intelligent applications using Azure Database for PostgreSQL
Build modern and intelligent applications using Azure Database for PostgreSQLMicrosoft Tech Community
 

Semelhante a Azure Arc Overview from Microsoft (20)

2-ARC.pdf
2-ARC.pdf2-ARC.pdf
2-ARC.pdf
 
Introducing Azure Arc
Introducing Azure ArcIntroducing Azure Arc
Introducing Azure Arc
 
Azure Arc on AIS Cloud X
Azure Arc on AIS Cloud XAzure Arc on AIS Cloud X
Azure Arc on AIS Cloud X
 
Innovation anywhere with microsoft azure arc
Innovation anywhere with microsoft azure arcInnovation anywhere with microsoft azure arc
Innovation anywhere with microsoft azure arc
 
Azure vm introduction
Azure vm introductionAzure vm introduction
Azure vm introduction
 
Innovation morning agenda+azure arc
Innovation morning agenda+azure arcInnovation morning agenda+azure arc
Innovation morning agenda+azure arc
 
Healthcare Roadshow 2016
Healthcare Roadshow 2016Healthcare Roadshow 2016
Healthcare Roadshow 2016
 
MSFT MAIW Data Mod - Session 1 Deck_Why Migrate your databases to Azure_Sept ...
MSFT MAIW Data Mod - Session 1 Deck_Why Migrate your databases to Azure_Sept ...MSFT MAIW Data Mod - Session 1 Deck_Why Migrate your databases to Azure_Sept ...
MSFT MAIW Data Mod - Session 1 Deck_Why Migrate your databases to Azure_Sept ...
 
Cloud for Kubernetes : Session4
Cloud for Kubernetes : Session4Cloud for Kubernetes : Session4
Cloud for Kubernetes : Session4
 
XCloudLabs- AWS Overview
XCloudLabs- AWS Overview XCloudLabs- AWS Overview
XCloudLabs- AWS Overview
 
Hashicorp Vault - OPEN Public Sector
Hashicorp Vault - OPEN Public SectorHashicorp Vault - OPEN Public Sector
Hashicorp Vault - OPEN Public Sector
 
Azure SQL Managed Instance infographic.pdf
Azure SQL Managed Instance infographic.pdfAzure SQL Managed Instance infographic.pdf
Azure SQL Managed Instance infographic.pdf
 
Azure bootcamp (1)
Azure bootcamp (1)Azure bootcamp (1)
Azure bootcamp (1)
 
Secure hybrid workload with azure
Secure hybrid workload with azureSecure hybrid workload with azure
Secure hybrid workload with azure
 
Azure Fundamentals Part 2
Azure Fundamentals Part 2Azure Fundamentals Part 2
Azure Fundamentals Part 2
 
Building Hybrid Cloud Apps with Azure and Azure stack
Building Hybrid Cloud Apps with Azure and Azure stackBuilding Hybrid Cloud Apps with Azure and Azure stack
Building Hybrid Cloud Apps with Azure and Azure stack
 
AWS Summit 2013 | Singapore - Security & Compliance and Integrated Security w...
AWS Summit 2013 | Singapore - Security & Compliance and Integrated Security w...AWS Summit 2013 | Singapore - Security & Compliance and Integrated Security w...
AWS Summit 2013 | Singapore - Security & Compliance and Integrated Security w...
 
Azure Infrastructure Migration | Inovar Consulting
Azure Infrastructure Migration | Inovar ConsultingAzure Infrastructure Migration | Inovar Consulting
Azure Infrastructure Migration | Inovar Consulting
 
Azure intelligent edge solutions overview
Azure intelligent edge solutions overviewAzure intelligent edge solutions overview
Azure intelligent edge solutions overview
 
Build modern and intelligent applications using Azure Database for PostgreSQL
Build modern and intelligent applications using Azure Database for PostgreSQLBuild modern and intelligent applications using Azure Database for PostgreSQL
Build modern and intelligent applications using Azure Database for PostgreSQL
 

Mais de David J Rosenthal

Microsoft Teams Phone - Calling Made Simple
Microsoft Teams Phone - Calling Made SimpleMicrosoft Teams Phone - Calling Made Simple
Microsoft Teams Phone - Calling Made SimpleDavid J Rosenthal
 
Whats New in Microsoft Teams Calling November 2021
Whats New in Microsoft Teams Calling November 2021Whats New in Microsoft Teams Calling November 2021
Whats New in Microsoft Teams Calling November 2021David J Rosenthal
 
Whats New in Microsoft Teams Hybrid Meetings November 2021
Whats New in Microsoft Teams Hybrid Meetings November 2021Whats New in Microsoft Teams Hybrid Meetings November 2021
Whats New in Microsoft Teams Hybrid Meetings November 2021David J Rosenthal
 
Viva Connections from Microsoft
Viva Connections from MicrosoftViva Connections from Microsoft
Viva Connections from MicrosoftDavid J Rosenthal
 
Protect your hybrid workforce across the attack chain
Protect your hybrid workforce across the attack chainProtect your hybrid workforce across the attack chain
Protect your hybrid workforce across the attack chainDavid J Rosenthal
 
Microsoft Viva Introduction
Microsoft Viva IntroductionMicrosoft Viva Introduction
Microsoft Viva IntroductionDavid J Rosenthal
 
Microsoft Viva Learning
Microsoft Viva LearningMicrosoft Viva Learning
Microsoft Viva LearningDavid J Rosenthal
 
A Secure Journey to Cloud with Microsoft 365
A Secure Journey to Cloud with Microsoft 365A Secure Journey to Cloud with Microsoft 365
A Secure Journey to Cloud with Microsoft 365David J Rosenthal
 
Microsoft Windows Server 2022 Overview
Microsoft Windows Server 2022 OverviewMicrosoft Windows Server 2022 Overview
Microsoft Windows Server 2022 OverviewDavid J Rosenthal
 
Windows365 Hybrid Windows for a Hybrid World
Windows365 Hybrid Windows for a Hybrid WorldWindows365 Hybrid Windows for a Hybrid World
Windows365 Hybrid Windows for a Hybrid WorldDavid J Rosenthal
 
Windows 11 for the Enterprise
Windows 11 for the EnterpriseWindows 11 for the Enterprise
Windows 11 for the EnterpriseDavid J Rosenthal
 
Microsoft Scheduler for M365 - Personal Digital Assistant
Microsoft Scheduler for M365 - Personal Digital AssistantMicrosoft Scheduler for M365 - Personal Digital Assistant
Microsoft Scheduler for M365 - Personal Digital AssistantDavid J Rosenthal
 
What is New in Teams Meetings and Meeting Rooms July 2021
What is New in Teams Meetings and Meeting Rooms July 2021What is New in Teams Meetings and Meeting Rooms July 2021
What is New in Teams Meetings and Meeting Rooms July 2021David J Rosenthal
 
Modernize Java Apps on Microsoft Azure
Modernize Java Apps on Microsoft AzureModernize Java Apps on Microsoft Azure
Modernize Java Apps on Microsoft AzureDavid J Rosenthal
 
Microsoft Defender and Azure Sentinel
Microsoft Defender and Azure SentinelMicrosoft Defender and Azure Sentinel
Microsoft Defender and Azure SentinelDavid J Rosenthal
 
Microsoft Azure Active Directory
Microsoft Azure Active DirectoryMicrosoft Azure Active Directory
Microsoft Azure Active DirectoryDavid J Rosenthal
 
Nintex Worflow Overview
Nintex Worflow OverviewNintex Worflow Overview
Nintex Worflow OverviewDavid J Rosenthal
 
Microsoft Power BI Overview
Microsoft Power BI OverviewMicrosoft Power BI Overview
Microsoft Power BI OverviewDavid J Rosenthal
 
Better Meetings with Microsoft Teams
Better Meetings with Microsoft TeamsBetter Meetings with Microsoft Teams
Better Meetings with Microsoft TeamsDavid J Rosenthal
 

Mais de David J Rosenthal (20)

Microsoft Teams Phone - Calling Made Simple
Microsoft Teams Phone - Calling Made SimpleMicrosoft Teams Phone - Calling Made Simple
Microsoft Teams Phone - Calling Made Simple
 
Whats New in Microsoft Teams Calling November 2021
Whats New in Microsoft Teams Calling November 2021Whats New in Microsoft Teams Calling November 2021
Whats New in Microsoft Teams Calling November 2021
 
Whats New in Microsoft Teams Hybrid Meetings November 2021
Whats New in Microsoft Teams Hybrid Meetings November 2021Whats New in Microsoft Teams Hybrid Meetings November 2021
Whats New in Microsoft Teams Hybrid Meetings November 2021
 
Viva Connections from Microsoft
Viva Connections from MicrosoftViva Connections from Microsoft
Viva Connections from Microsoft
 
Protect your hybrid workforce across the attack chain
Protect your hybrid workforce across the attack chainProtect your hybrid workforce across the attack chain
Protect your hybrid workforce across the attack chain
 
Microsoft Viva Introduction
Microsoft Viva IntroductionMicrosoft Viva Introduction
Microsoft Viva Introduction
 
Microsoft Viva Learning
Microsoft Viva LearningMicrosoft Viva Learning
Microsoft Viva Learning
 
Microsoft Viva Topics
Microsoft Viva TopicsMicrosoft Viva Topics
Microsoft Viva Topics
 
A Secure Journey to Cloud with Microsoft 365
A Secure Journey to Cloud with Microsoft 365A Secure Journey to Cloud with Microsoft 365
A Secure Journey to Cloud with Microsoft 365
 
Microsoft Windows Server 2022 Overview
Microsoft Windows Server 2022 OverviewMicrosoft Windows Server 2022 Overview
Microsoft Windows Server 2022 Overview
 
Windows365 Hybrid Windows for a Hybrid World
Windows365 Hybrid Windows for a Hybrid WorldWindows365 Hybrid Windows for a Hybrid World
Windows365 Hybrid Windows for a Hybrid World
 
Windows 11 for the Enterprise
Windows 11 for the EnterpriseWindows 11 for the Enterprise
Windows 11 for the Enterprise
 
Microsoft Scheduler for M365 - Personal Digital Assistant
Microsoft Scheduler for M365 - Personal Digital AssistantMicrosoft Scheduler for M365 - Personal Digital Assistant
Microsoft Scheduler for M365 - Personal Digital Assistant
 
What is New in Teams Meetings and Meeting Rooms July 2021
What is New in Teams Meetings and Meeting Rooms July 2021What is New in Teams Meetings and Meeting Rooms July 2021
What is New in Teams Meetings and Meeting Rooms July 2021
 
Modernize Java Apps on Microsoft Azure
Modernize Java Apps on Microsoft AzureModernize Java Apps on Microsoft Azure
Modernize Java Apps on Microsoft Azure
 
Microsoft Defender and Azure Sentinel
Microsoft Defender and Azure SentinelMicrosoft Defender and Azure Sentinel
Microsoft Defender and Azure Sentinel
 
Microsoft Azure Active Directory
Microsoft Azure Active DirectoryMicrosoft Azure Active Directory
Microsoft Azure Active Directory
 
Nintex Worflow Overview
Nintex Worflow OverviewNintex Worflow Overview
Nintex Worflow Overview
 
Microsoft Power BI Overview
Microsoft Power BI OverviewMicrosoft Power BI Overview
Microsoft Power BI Overview
 
Better Meetings with Microsoft Teams
Better Meetings with Microsoft TeamsBetter Meetings with Microsoft Teams
Better Meetings with Microsoft Teams
 

Último

Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsJoaquim Jorge
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?Antenna Manufacturer Coco
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CVKhem
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUK Journal
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 

Último (20)

Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 

Azure Arc Overview from Microsoft

  • 1. David J. Rosenthal VP & GM, Digital Business July 15, 2021
  • 2. Customer environments and application requirements are evolving Azure Arc How to govern and operate across disparate environments? How to ensure security across the entire organization? How to best enable innovation and developer agility? How to meet regulatory requirements and overcome technical hurdles? 100’s–1,000’s of apps Diverse infrastructure Multi-Cloud
  • 3. Azure Stack Azure IoT Azure Arc Azure services
  • 4. Manage & Operate your infrastructure from the Azure control plane and run Azure services on your infrastructure Multi-cloud Datacenter Edge Azure Arc
  • 5. Azure Arc Azure Arc enabled infrastructure Connect and operate hybrid resources as native Azure resources Azure Arc enabled services Deploy and run Azure services outside of Azure while still operating it from Azure Multi-cloud Datacenter Edge
  • 6. Organize and govern across environments At-scale Kubernetes app management Run data services anywhere Azure Arc use cases
  • 7. Azure is already trusted and proven by our customers. Azure Arc uses the same APIs and the same control plane as Azure, providing consistency across the hybrid infrastructure, which increases productivity and reduces risk.” With Azure Arc, we can centrally manage multiple edge locations and help our customers grow and expand across the continent, creating more jobs and economic opportunities along the way." For me, the main benefit is that my managers do not have to go to three different places to see the health of our database environment. I want to reinforce this over and over again because that’s what’s driving us.” Mike DeLuca Global Lead for Hybrid Calvin Karundu Software Engineer Kristina Melo SQL Database Administrator
  • 9. Customer challenges when hybrid Complexity “I need to have health visibility in a single pane of glass to all my existing and future infrastructure and applications.” Compliance “I need to manage security and incident management across my public cloud and datacenter assets.” Inconsistency “I want my on-prem skills to work in the cloud, and my cloud skills to work on-prem.” Regulation “Our DB layer must remain on-premises due to sensitive patient data and data availability needs.” Latency “We can’t take a dependency on the internet. If we lose connectivity, we still want to be able to access the data.” Legacy “Our older systems take too much maintenance. We want evergreen technology and to pay for it like a utility.” Multi-cloud Datacenter Edge
  • 10. Azure Arc Azure Arc enabled infrastructure Azure Arc enabled services Connect and operate hybrid resources as native Azure resources Deploy and run Azure services outside of Azure while still operating it from Azure Multi-cloud Datacenter Edge Always current Get evergreen SQL and PostgreSQL Hyperscale on-premises with a cloud billing model Latency Deploy data services on-premises, close to your data sources with support for both disconnected and connected workloads Flexibility Reduce risk and adhere to regulatory requirements by deploying cloud services on-premises Consistency Simplify the way you work by consolidating tooling and using cloud-native technology and practices everywhere Compliance Reduce risk and cost by establishing a single governance frame for all your workloads without additional overhead or additional approval processes Visibility Bring distributed Windows, Linux, SQL and Kubernetes together a single plane of glass
  • 11. Inventory, Organization, Governance Servers | Kubernetes Clusters | Databases | etc. Secure | Monitor | Protect | Automate | Develop Over 200 services Extensibility for new resources Control Resources Develop & operate Facilities Azure customers Tools and experiences Azure Regions
  • 12. Azure Arc Azure Arc enabled infrastructure Azure Arc enabled services Multi-cloud Datacenter Edge Inventory, Organization, Governance Extensibility for new resources Control Resources Facilities Servers | Kubernetes Clusters | Databases | etc. Azure Regions Azure customers Tools and experiences Secure | Monitor | Protect | Automate | Develop Develop & operate
  • 13. Azure Arc Bring Azure services and management to any infrastructure Get servers and Kubernetes clusters that are sprawling across clouds, datacenters and edge under control by centrally organizing and governing from a single place. Organize and govern across environments Multi-cloud Datacenter & hosted Deploy and manage Kubernetes applications at scale across environments using DevOps techniques, ensuring that applications are deployed and configured consistently from source control, at scale. At-scale Kubernetes app management Deploy and manage data services where you need it for latency or compliance requirements. Stay always current with evergreen SQL and seamlessly manage and secure your data assets across on- premises, clouds, and edge. Run data services anywhere
  • 14. Azure Arc enabled infrastructure Bring on-premises and multi-cloud infrastructure to Azure with Azure Arc Azure Arc enabled servers Organize, inventory, and monitor Governance and Security Simplified role-based operations Physical, Virtual, Windows, Linux Now available Azure Arc enabled SQL Server Organize, inventory, and monitor Governance and Security Use with your existing SQL servers SQL on Windows or Linux servers Now in public preview Azure Arc enabled Kubernetes Organize, inventory, and monitor Governance and Security Monitoring and Policy GitOps-based zero-touch deploy OpenShift AKS on Azure Stack HCI Public preview AWS Linux 2
  • 15. Customer scenario Organize & govern across environments Overview A large financial institution has sprawling server-based IT systems deployed in corporate datacenters, hosters, and multi-cloud. The sprawl is overwhelming, and it is impossible to manage and apply consistent governance across the environment and meet compliance needs Business requirements ‱ Manage a mix of bare metal, Windows and Linux servers across locations and disparate systems ‱ Enable IT to apply at scale governance and security policies across all servers ‱ Enable application owners to apply, audit and remediate compliance to meet their own requirements Multi-Cloud On-Premises / Hosted Datacenters
  • 16. Customer scenario Organize & govern across environments Multi-Cloud On-Premises / Hosted Datacenters Key benefits from Azure Arc ‱ Asset organization and inventory with a unified view in the Azure Portal ‱ Universal governance anywhere through Azure Policy ‱ Centralized agent management – Monitoring, Security, Update Management and more ‱ Built-in server compliance rules ‱ Central compliance view across all servers ‱ Self-service remediation ‱ Integration with Azure Lighthouse Azure Management (Azure Resource Manager, Azure Policy, Azure Portal, API, CLI
) Azure Arc Azure Arc
  • 17.
  • 18.
  • 19.
  • 20. Azure Arc enabled servers Bring on-premises and multi-cloud servers to Azure with Azure Arc Reach Organize and Inventory At scale searchable inventory Unify management experience Consistent VM extensions Integrate with Azure Lighthouse Governance and Security Built-in Azure policies Server security baselines Compliance across environments Centralized agent management – Monitoring, Security, Update Management Role-Based Operations Central IT to manage at-scale operations Workload owners manage based on their access
  • 21. Azure Arc enabled servers Azure Arc enabled servers are auto-enrolled with additional Azure services Additional services Azure Policy Azure Defender Azure Sentinel Azure Monitor Change and inventory tracking Update management Azure Security Center Just turn them on when you want to use them AWS Linux 2
  • 22. Azure Arc enabled servers The future of Microsoft Endpoint Configuration Manager (formerly SCCM) The Azure management services enabled by Azure Arc can replace much of the functionality of MECM, but we recommend a gradual transition based on the use case. In some cases, MECM cannot be replaced yet. On-Premises VMs MECM Azure Arc Capabilities Change and inventory tracking Update/patch management Security
  • 23. Azure Arc enabled servers Co-management with Microsoft Endpoint Configuration Manager (MECM – formerly SCCM) Use case MECM Azure management service enabled by Azure Arc Software updates on Windows Server machines anywhere Software updates on Linux machines anywhere Software updates on your Windows clients (running say Windows 10) Software updates for on-premises systems which are behind an internet gateway Server inventory and information collection Run custom scripts on machines MECM tracks and applies software updates to Windows Server machines in your organization
  • 24. Azure Arc enabled servers Co-management with Microsoft Endpoint Configuration Manager (MECM – formerly SCCM) Use case MECM Azure management service enabled by Azure Arc Create, manage and deploy applications on machines Manage OS upgrades Manage policies to mitigate malicious attacks and security vulnerabilities
  • 25. Azure Arc enabled SQL Server Data management benefits for Azure Arc enabled servers Flexibility Management Governance and Security VMs and bare-metal servers On-premises and multi-cloud Searchable inventory SQL Assessment service Azure Policy Azure Defender No migration needed for existing SQL Servers
  • 26.
  • 28. Customer scenario At-scale Kubernetes app management Overview A retailer with 100s of stores would like to move all in-store applications to containers running on a K8s clusters They are faced with the challenge of how to uniformly deploy, configure and manage their containerized applications across multiple locations Business requirements ‱ Bootstrap a new store to fully run with the applications and configuration that this store requires ‱ Enable IT to apply and monitor at scale governance across all stores ‱ Monitor the state of applications and configuration in all stores ‱ Integrate DevOps and Safe Deployment Practices for applications running in stores
  • 29. Customer scenario At-scale Kubernetes app management Key benefits from Azure Arc ‱ Asset organization and inventory with a unified view in the Azure Portal across all locations ‱ GitOps-based model for deploying configuration as code to one or many clusters ‱ Application deployment and update at scale ‱ Source control based Safe Deployment Procedures when rolling new applications and configurations ‱ Developer tooling agnostic—use the tools they want Azure Management (Azure Resource Manager, Azure Policy, Azure Portal, API, CLI
)
  • 30.
  • 31.
  • 32. Azure Arc enabled Kubernetes Connect, manage, and operate Kubernetes clusters and applications running anywhere using Azure Arc Now in Preview Configure Connect Govern and Secure Operate and Monitor AKS OpenShift kubeadm GKE EKS VMware Tanzu
  • 33. Customer scenario Run Azure data services anywhere Overview An Energy company aims for an efficient and fully automated operation with AI everywhere Customer operates various production sites, as well as run utility transporting from extraction to retail distribution Massive data volume at the edge and need real-time insights Business requirements ‱ Leverage existing OEM hardware and any Kubernetes ‱ Automation at scale for IT control systems e.g., HA/DR, backup, CI/CD, DevOps ‱ Latest innovation automatically deployed from edge to cloud ‱ Consistent security and governance Azure data services Customer-managed services on any infrastructure Edge - real-time processing challenges Data aggregation Private Cloud - Enterprise business systems challenges Model updates Lots of manual effort for CI/CD, especially for data tier Variety of DB engines, with versions facing EOS, security siloes; no elastic scale Mix of containers and VMs on OEM hardware Custom code needed for streaming, data sync and AI Legacy, basic database with no AI built OEM edge servers/workstations Sensors Actuators
  • 34. Customer scenario Run Azure data services anywhere Key benefits from Azure Arc ‱ Any infrastructure, any K8s ‱ Always on the latest, no end-of-support with evergreen SQL in Azure SQL DB ‱ Elastic scale on-premises with PostgreSQL Hyperscale ‱ Azure SQL Database Edge with built-in AI for real-time edge analytics ‱ Automation at scale with unified management of all data & AI assets ‱ Market leading security & governance consistently deployed everywhere Edge - real-time processing challenges Data aggregation Private Cloud - Enterprise business systems challenges Model updates Lots of manual effort for CI/CD, especially for data tier Variety of DB engines, with versions facing EOS, security siloes; no elastic scale Mix of containers and VMs on OEM hardware Custom code needed for streaming, data sync and AI Legacy, basic database with no AI built OEM edge servers/workstations Sensors Actuators K8s management Azure Policy Azure Role-based control Azure Security Center Azure Arc enabled data services
  • 35. Elastic scale Always current Unified management Azure Arc enabled data services Bring Azure data services to on-premises, multi-cloud, and edge with Azure Arc Disconnected support PREVIEW
  • 36. Azure Arc Integration Azure Arc Data Controller Future Analytics Engines PostgreSQL Hyperscale Any Kubernetes Cluster Azure Arc enabled data services Architecture azdata CLI Azure SQL Managed Instance Future data services Any Infrastructure collectd fluentbit collectd fluentbit Kubernetes API API Backup Monitoring & logs HA/DR Azure Arc Integration Scaling Patching & Updates Provisioning AKS OpenShift kubeadm GKE EKS VMware Tanzu AKS on Azure Stack HCI Azure Data Studio Azure Arc Extension Data/Azure Admin Azure Portal Azure CLI Identity Azure RBAC & Policy Advanced Data Security Deployments & Config Resource Inventory Logs & Telemetry Backup Retention Consumption
  • 37. Which SQL Database deployment do I need? Azure Arc enabled SQL Managed Instance Azure infrastructure Managed Instance Single Database Elastic Pools Full instance More control Just a single SQL DB Shared pool of resources for multiple SQL DBs What do I need? Any infrastructure Any Kubernetes Cluster Who do I want to manage the SQL instance? Where will the SQL DB be deployed? Microsoft I will Outside of Azure
  • 38. Which PostgreSQL Database deployment do I need? Azure Arc enabled PostgreSQL Hyperscale Azure infrastructure Azure Database for PostgreSQL Azure Database for PostgreSQL Hyperscale (Citus) Just a single server Superior scale for multi-tenant apps & real-time analytics apps What do I need? Any infrastructure Any Kubernetes Cluster Who do I want to manage the PostgreSQL instance? Where will the PostgreSQL DB be deployed? Microsoft I will Outside of Azure
  • 39. Management capabilities comparison by deployment model Built-in Capabilities Deployment Model Customer Infrastructure Azure SQL Server / PostgreSQL Azure Arc enabled databases Azure PaaS databases Database security features Elastic / “Limitless” scalability Limited by the capacity of customer infrastructure Automatic HA/DR Customer responsible for underlying HW/K8s availability Auto upgrade, patching Auto backup-restore Monitoring Compliance certifications Customer responsible for compliance certification Customer responsible for compliance certification 90+ certifications Data sovereignty Azure regions not available in all countries yet Customer control Pre-defined HW options No control over HW/OS Fully managed by Microsoft Customer-managed Customer-managed using software provided by Microsoft Guaranteed availability SLA Customer-managed Customer-managed using software provided by Microsoft
  • 40. Azure is already trusted and proven by our customers. Azure Arc uses the same APIs and the same control plane as Azure, providing consistency across the hybrid infrastructure, which increases productivity and reduces risk.” Mike DeLuca Global Lead for Hybrid Avanade
  • 41. For me, the main benefit is that my managers do not have to go to three different places to see the health of our database environment. I want to reinforce this over and over again because that’s what’s driving us.” Kristina Melo SQL Database Administrator Ferguson
  • 42. With Azure Arc, we can centrally manage multiple edge locations and help our customers grow and expand across the continent, creating more jobs and economic opportunities along the way.” Calvin Karundu Software engineer Africa’s Talking
  • 43. Azure Arc is the key enabling technology for us to deliver software as a service to the edge within our customers' local on- premises networks.” Thomas Gossler Chief Architect for Teamplay Siemens
  • 44. “Ford welcomed the opportunity to participate in the private preview of Azure Arc enabled data services. We are always looking at new and different tools to improve delivery speed of database services to our customers with on- premise metered consumption and self- service.” Ford Motor Company
  • 45. With Azure Arc we are able to distribute solutions and workloads across multiple clouds and data centers to support our clients that would have otherwise been bound to a data center.” Aram Lauxtermann Director, Cloud KPMG
  • 46. We are excited to see Microsoft bringing Azure data services and management to any infrastructure. Through our partnership with Microsoft we hope to deliver a true “as-a-service” experience across environments to help manage both the databases and the underlying infrastructure and offer a consistent experience across on premises and the cloud.” Erik Vogel VP, Customer Success Hybrid Cloud Software and Services Hewlett Packard Enterprise
  • 47. Azure Arc enabled servers pricing Customers servers and clusters No additional cost Control plane functionality: Tagging, management groups, activity logs, templates, Resource Graph, RBAC
  • 48. Azure Arc enabled servers pricing Additional services No additional cost Customers servers and clusters Azure Policy—guest configuration Azure Monitor Azure Security Center Azure Defender—standard Azure Sentinel Backup Log Analytics Service Map Application Insights Network Watcher Azure Sentinel Config and Change Management Control plane functionality: Tagging, management groups, activity logs, templates, Resource Graph, RBAC
  • 49. Razor Technology delivers value with Azure Arc Base VM management experiences extended on- premises Complex IT management services extended on-premises Comprehensive VM management experiences extended on- premises Azure Policy, Azure Update Management Azure Policy, Azure Security Center, Azure Sentinel, Azure Monitor, Azure Update Management VM management, At-scale Kubernetes app management, data services anywhere
  • 50. Pricing for Arc enabled Kubernetes and data services Both Azure Arc enabled Kubernetes and Azure Arc enabled data services are in preview. We will announce pricing details closer to GA.
  • 51. Azure Arc roadmap General availability ‱ Azure Arc enabled servers Public preview ‱ Azure Arc enabled SQL Server ‱ Azure Arc enabled Kubernetes ‱ Azure Arc enabled data services ‱ Azure SQL Managed Instance ‱ Azure PostgreSQL Hyperscale General availability ‱ Azure Arc enabled SQL Server ‱ Azure Arc enabled Kubernetes ‱ Azure Arc enabled data services ‱ Azure SQL Managed Instance ‱ Azure PostgreSQL Hyperscale
  • 52. What do we hear from customers? “I need to manage security and incident management across my public cloud and datacenter assets through policy enforcement and automation.” “As a Managed Service Provider, I need to operate and govern my customer’s Azure ,on-premises and other clouds environments.” “I want my on-premises servers to have strong integration with Azure and tools like Security Center and Sentinel.” “As a DevOps Engineer, I would like for all my applications in our existing and future production Kubernetes clusters, to be deployed with same versioning and with no configuration drift.” “As an SRE (Site Reliability Engineer), I need to have health visibility in single pane of glass fashion to all my existing and future Kubernetes clusters, infrastructure and applications.” “We use SQL Server to integrate with our mission critical application platform, but the DB layer must remain on- premises due to sensitive patient data and data availability needs.”
  • 53. Management Services Monitoring | Update | Containers | Backup | Security Center | More
 Access and Security RBAC | MSPs | Subscriptions Organization and Inventory Search | Index | Groups | Tags Environments and Automation Templates | Extensions Governance and Compliance Logs | Policy | Blueprints Azure Resource Manager (ARM) Azure Resources Azure Customer Tools and Experiences Marketplace Portal PowerShell SDK CLI API Ecosystem Azure Arc Azure Data Studio Kubernetes Tools Server Admin Tools Existing Tools Multi-Cloud On–Premises / Hosted Services Customer Environments
  • 54. Azure Arc Architecture Azure Arc Components Resource specific tools Azure Resource Manager (ARM) Management Interfaces Azure Portal Azure CLI Azure SDK Identity RBAC Policy Index Groups Etc. Azure Arc Data Resource Provider (RP) Container Registry Azure Arc K8s Resource Provider (RP) Azure Arc Server Resource Provider (RP) Customer locations (on-premises/clouds) Azure data services Kubernetes Cluster Azure Arc Data Agent Servers Linux Windows Server Azure Arc Server Agent Azure Data Studio K8s Native Tools Cluster provisioning​ Cluster upgrade and patch management​ Cluster lifecycle management​ Cluster monitoring Server Admin Tools Azure PaaS Control GitOps Manager Azure Arc K8s Agent Azure Arc Data Controller
  • 55. GitOps – Definition & Principles Git as the source of truth for a system Git as the single place where we operate (create, change, and delete) All changes are observable https://www.weave.works/technologies/gitops/ System state described declaratively State declaration versioned in source control Approved changes are applied automatically Agents enforce desired state
  • 56. Azure Arc enabled Kubernetes GitOps Flow Arc Connected Kubernetes Cluster GitOps Configurations git Repository Flux Operator + Helm Operator Application Changes git merge Flux pickup changes Application V1 (Desired State) Google Kubernetes Engine (GKE) Elastic Kubernetes Service (EKS) Rancher K3s Azure Kubernetes Service on HCI 1 2 3 4 Application Deployment 5 6 7 Application V2 (New Desired State) Application Rolling Update 8 Any Kubernetes, any Infrastructure
  • 57. The Azure Arc Jumpstart GitHub Repository 1. Provide a “zero to hero” scenarios for multiple environments and deployment type using as much automation as possible 2. Create a ”supermarket” experience by being able to take “off the shelf” scenarios and implement it 3. Meeting Azure Arc customers where they are https://aka.ms/AzureArcJumpstart
  • 59. Azure Arc enabled servers Connectivity Options Azure VNET Azure Arc enabled Server Azure Arc Service Endpoint Public Endpoint Private Endpoint Service tag Private Link Azure Express Route & Site-to-Site VPN Internet Proxy 1. Direct connection (Internet) 2. Connection via Proxy (Internet) 3. Service tag (S2S VPN/ER) 4. Private Link (S2S VPN/ER) - Private Preview
  • 60. On-premises/other clouds Azure AD Hybrid Identity Service Azure Resource Manager (ARM) Log Analytics Workspace Hybrid Instance Metadata Service Azure Automation Azure Monitoring Azure Security Center Azure Sentinel HTTPS/443 Hybrid Compute Resource Provider Azure Arc enabled servers architecture Linux OS Extension Manager Log Analytics Agent Custom Script DSC Microsoft Dependency Agent /opt/GC_Ext/downloads /var/lib/waagent/<extension> Guest Configuration /var/lib/GuestConfig Azure Arc Connected Machine Agent /var/opt/azcmagent/ /var/opt/azcmagent/tokens Guest Configuration Resource Provider System Administrator
  • 61. On-premises/other clouds Azure AD Hybrid Identity Service Azure Resource Manager (ARM) Log Analytics Workspace Hybrid Instance Metadata Service System Administrator Azure Automation Azure Monitoring Azure Security Center Azure Sentinel Hybrid Compute Resource Provider Azure Arc enabled servers architecture Windows OS Extension Manager Log Analytics Agent Custom Script DSC Microsoft Dependency Agent %SystemDrive%AzureConnectedMachineAgentExtensionServicedownloads %SystemDrive%PackagesPlugins<extension>> Guest Configuration %SystemDrive%Program FilesArcConnectedMachineAgentExtensionServiceGC %ProgramData%GuestConfig Azure Arc Connected Machine Agent %ProgramFiles%AzureConnectedMachineAgent %ProgramData%AzureConnectedMachineAgent %ProgramData%AzureConnectedMachineAgentTokens %ProgramData%AzureConnectedMachineAgentConfig Guest Configuration Resource Provider HTTPS/443
  • 62. Azure Arc enabled servers Connected Machine Agent Azure Arc Connected Server (On-Premises, AWS EC2, etc.) Azure Arc Connected Machine Agent Hybrid Instance Metadata Service (HIMDS) Handles managed identity and communication with Azure AD Guest Configuration Provides In-Guest Policy and Guest Configuration functionality, such as assessing whether the machine complies with required policies Extension Manager Manages VM extensions, including install, uninstall, and upgrade Log Analytics (MMAExtension) Update Management Parameters passed to the Agent: ‱ Subscription ID ‱ Location ‱ Resource Group ‱ Proxy (optional) ‱ Azure Service Principal Azure AD Log Analytics Workspace HTTPS/443 HTTPS/443 Azure Resource Manager (ARM) Hybrid Compute Resource Provider Azure Portal Az CLI Azure SDK REST API Azure Admin Authentication & Authorization Guest Config Resource Provider HTTPS/443
  • 63. Azure Arc enabled server Azure Arc enabled servers Azure Key Vault Integration Azure Key Vault (AKV) User Certificates Public Key Infrastructure (PKI) Hybrid Compute Resource Provider Extension Service Azure AD AKV is configured with Azure Managed Identity for allowing the Azure Arc enabled server to access certificates System / Security Administrator AKV extension is deployed on the Azure Arc enabled server AKV Extension Background Service Certificates URIs are used as parameters and syncs based on user-defined time intervals AKV Extension background service request for a Managed Identity token in order to retrieve certificates AKV Extension background service retrieve AKV certificates based on interval specified in the extension configuration Cert Store The certificates and private keys are stored in the local certificate store (Windows) or as files in a directory (Linux) App/Service (i.e. Web Server) The AKV agent will then sync down the new certificate and private key automatically at its next sync interval Upon renewal time, the certificates are renewed only in AKV (renewed PKI certs can be uploaded as well) 2a Admin deploy Azure Key Vault 1a 1b 2b 3a 3b 6 5 4 App/Service consumes local cert store certificate (as well rebind upon renewal)
  • 64. Azure Arc enabled Kubernetes Onboarding Azure AD On-Premises/Cloud Provider Kubernetes Cluster API Server etcd Save state/ Onboarding private key in k8s datastore 3b Cluster Metadata Operator Fetch cluster metadata and update custom resource 6a Resource Sync Operator Cluster Identity Operator Save the Azure Identity Certificate 5c Push cluster metadata (uses Managed Identity to authenticate eastus.dp.kubernetesconfiguration.com) 6b Azure Arc enabled Kubernetes Data Plane Service Hybrid Identity Service Watch for updates in cluster metadata custom resource 6c Fetch connectedCluster Managed Identity certificate (uses onboarding private key to authenticate eus.his.azure.com) 5a Microsoft.Kubernetes Resource Provider (RP) Update cluster metadata 6d Send identity metadata 4 Managed Identity Service Fetch the identity certificate 5b Create Service Principal in AAD 3f Azure Resource Manager (ARM) PUT connectedCluster resource along with Managed Identity metadata 3g Create Managed Identity 3e Azure CLI Uses Helm to deploy Arc enabled k8s agents with onboarding private key K8s Cluster Admin 3a az connectedk8s connect 1 PUT resource Microsoft.Kubernetes/connectedClusters with public key (management.azure.com) Azure Container Registry 3d Pull agent images 3c Fetch Helm chart 2
  • 65. On-Premises/Cloud Provider Kubernetes Cluster Helm Release obj-x obj-y obj-z helmreleases CR release-a gitconfigs CR config-a Flux Operator Flux-Helm Operator controller- manager Watch gitconfig CRs Flux-logs agent Flux events sent to upstream service Create or update Flux Operator or Flux-Helm Operator 1 7 8 11 Config Agent Collect Status from Flux 12 Create gitconfigs CR 6 Namespace Git Repository YAML Files Helm Releases CRs Flux-Helm Operator watches helmreleases CRs, pulls Helm chart and creates Helm release 10 Flux watches Git repo, creates k8s resources based on raw YAML and helmreleases CRs 9 Azure Arc enabled Kubernetes Dataplane Service GET Pending sourceControlConfiguration resources (uses Managed Identity to authenticate) 5 POST status for the Flux agents to be retrieved with resource GET 13 Microsoft.KubernetesConfiguration Resource Provider (RP) Azure Resource Manager (ARM) Store sourceControlConfiguration resource 4 PUT sourceControlConfiguration resource 3 PUT resource Microsoft.Kubernetes/connectedClusters/clusterName/providers/Microsoft.KubernetesConfiguration/sourceControlConfigurations/configName (uses ARM Extension Resource pattern) az k8sconfiguration create 2 Azure Arc enabled Kubernetes GitOps Configuration Azure CLI K8s Cluster Admin
  • 66. Azure Arc enabled Kubernetes Cluster Azure AD Entity (User Account/Service Principal) API Server Guard TokenAccessReview, SubjectAccessReview allowed/denied kubectl get pods If allowed, return list of pods allowed/denied checkAccess Owner Role assignment in Azure Azure Arc enabled Kubernetes AAD enabled RBAC
  • 67. Azure Arc enabled Kubernetes Cluster Connect Kubernetes Cluster Microsoft.Kubernetes Resource Provider (RP) listClusterUserCredentials Cluster Connect Endpoint Dataplane Service Hybrid Connections Azure Resource Manager (ARM) Azure AD Entity (User Account/Service Principal) kubectl get pods clusterconnect-agent API Server Customer Firewall heartbeat Customer Location (On-Premises/Cloud Provider)
  • 68. Azure Arc enabled Kubernetes Azure Monitor Azure Arc enabled Kubernetes Cluster node-1 pod-a pod-b pod-c pod-d oms-agent Collect metrics and logs node-2 pod-a pod-b pod-c pod-d oms-agent Collect metrics and logs node-n pod-a pod-b pod-c pod-d oms-agent Collect metrics and logs Azure Monitor for containers Workbooks Log Analytics Alerts Send metrics and logs
  • 69. Azure Arc enabled Kubernetes Cluster Calling entity API Server azure-policy-addon Fetch policy definitions & assignments & Report compliance Azure Policy Service Azure Arc enabled Kubernetes Azure Policy (Gatekeeper) Gatekeeper OPA deploy create watch AdmissionReview request AdmissionReview response allowed: false kubectl apply –f privileged.yaml Denied Pod Deployment Service Ingress CRD Config PolicyTemplate CRD PolicyInstance CRD
  • 70. Azure Arc enabled Kubernetes Cluster extension (Private Preview) On-Premises/Cloud Provider Kubernetes Cluster obj-x obj-y obj-z extensionconfigs CR extension Helm Release extension-manager Watch extensionconfig CRs 1 8 Config Agent Collect Status 11 Create extensionconfig CR 7 Namespace Azure Arc enabled Kubernetes Data Plane Service GET Pending extension resources (uses Managed Identity to authenticate) 5 POST extension status 12 Microsoft.KubernetesConfiguration Resource Provider (RP) Azure Resource Manager (ARM) Store extension resource 4 PUT extension resource 3 PUT resource Microsoft.Kubernetes/connectedClusters/clusterName/providers/Microsoft.KubernetesConfiguration/extensions/extensionName (uses ARM Extension Resource pattern) az k8s-extension create 2 Azure CLI K8s Cluster Admin Azure Container Registry or Microsoft Container Registry GET version 6 9 Fetch Helm chart stored as OCI artifact 10 Install helm chart
  • 71. Any Kubernetes Cluster Azure Arc enabled Data Services Endpoints Azure Arc Data Control Plane Azure Arc Data Controller Metrics & Logs UI Azure Arc enabled data services Azure PostgreSQL Hyperscale Azure SQL Managed Instance azdata CLI Browser Azure Data Studio PostgreSQL tools & drivers Azure Data Studio SQL tools & drivers HTTPS HTTPS TCP TCP Azure Arc Data Control Plane azdata CLI Kubernetes tools HTTPS Kubernetes API
  • 72. Azure Arc Contoso MSP Tenant Powered by Azure Lighthouse Access Management Portal & Dashboarding Policy & Governance Monitoring Logging & Analytics Cost Management Security Patch Management BC/DR MSP 3rd Party Solutions Integration Service Health & Support Fourth Coffee Azure Tenant Fourth Coffee On-Premises Datacenter Fourth Coffee Multi-Cloud Workloads Parnell Aerospace Azure Tenant Parnell Aerospace On-Premises Datacenter Parnell Aerospace Multi-Cloud Workloads Bare-Metal Servers Windows & Linux Servers Kubernetes Bare-Metal / VM Azure Arc Data Controller Azure Arc PostgreSQL Hyperscale Azure Arc SQL Server Azure Arc SQL Managed Instance Fabrikam On-Premises Datacenter AWS EC2 GCP Instance Google Kubernetes Engine (GKE) Elastic Kubernetes Service (EKS) Azure Arc PostgreSQL Hyperscale Azure Arc SQL Server Azure Arc SQL Managed Instance Fabrikam Multi-Cloud Workloads Fabrikam Azure Tenant Cosmos DB Functions Data Services Kubernetes Service Virtual Machines Storage Network App Services Azure Arc enabled infrastructure & services Azure Arc Data Controller
  • 73. Azure Arc Bare-Metal Servers Windows & Linux Servers Kubernetes Bare-Metal / VM Azure Arc Data Controller Azure Arc PostgreSQL Hyperscale Azure Arc SQL Server Azure Arc SQL Managed Instance Fabrikam On-Premises Datacenter AWS EC2 GCP Instance Google Kubernetes Engine (GKE) Elastic Kubernetes Service (EKS) Azure Arc PostgreSQL Hyperscale Azure Arc SQL Server Azure Arc SQL Managed Instance Fabrikam Multi-Cloud Workloads Fabrikam Azure Tenant Cosmos DB Functions Data Services Kubernetes Service Virtual Machines Storage Network App Services Azure Arc enabled infrastructure & services Azure Arc Data Controller
  • 74. Resources aka.ms/arc-introvideo Introducing Azure Arc aka.ms/azurearcpricing Azure Arc pricing page aka.ms/arc-techcommunity Deep dives on Azure Arc, best practices and more aka.ms/arc-customerstories Learn how other customers are implementing Azure Arc https://aka.ms/arc-feedback Public Q&A forum AzureArcContact@microsoft.com Ask to be added to a common Teams site and monthly call with engineering aka.ms/arc-blog Azure Arc: Extending Azure management to any infrastructure aka.ms/arc-k8svideo Kubernetes—Managing K8 clusters outside of Azure with Azure Arc aka.ms/arc-serversvideo Server management—Organize all your servers outside of Azure with Azure Arc aka.ms/arc-serversdocs Documentation for Azure Arc enabled servers aka.ms/arc-k8sdocs Documentation for Azure Arc enabled Kubernetes aka.ms/AzureArcJumpstart Azure Arc "Jumpstart" GitHub repository aka.ms/arc-datablog Blog – Run Azure data services on-premises, at the edge, and multi-cloud with Azure Arc aka.ms/arc-data-mechanicsvideo Demos on Azure Arc enabled data services, including SQL and PostgreSQL Hyperscale aka.ms/arc-data-ignitevideo Ignite 2020 session—Bring Azure data services to on-premises, multi-cloud and edge aka.ms/arc-datadocs Documentation for Azure Arc enabled data services Azure Arc all up overview Azure Arc enabled Kubernetes & servers Azure Arc enabled data services
  • 75. 866.797.3282 | Razor-tech.com David Rosenthal VP & General Manager Digital Business @DavidJRosenthalSlideShare
  • 76. © Copyright Microsoft Corporation. All rights reserved. Appendix
  • 77. Azure Arc enabled servers pricing Example 1 Scenario 1: A customer onboards 50 Windows (or Linux) servers that are running on-premises to Azure with Azure Arc and tags these servers in Azure, applies RBAC, organizes these servers into management groups and queries properties with Azure Resource Graph. In addition, the customer also applies a set of common Azure Policy Guest Configurations across all these servers. The applicable cost components are: Component Cost Connectivity to Azure Arc, Tagging, RBAC, Management Groups and Azure Resource Graph $0 Azure Policy Guest Configurations $6/server/month (Unlimited policies) For more details on Azure Arc pricing visit our pricing page: https://aka.ms/azurearcpricing
  • 78. Azure Arc enabled servers pricing Example 2 Scenario 2: A customer onboards 50 Windows (or Linux) servers that are running on-premises to Azure with Azure Arc and tags these servers in Azure, applies RBAC, organizes these servers into management groups and queries properties with Azure Resource Graph. The customer also applies a set of common Azure Policy Guest Configurations across all these servers. In addition, the customer deploys the Log Analytics agent extension to monitor the on-premises servers (Azure Monitor). The applicable cost components are: Component Cost Connectivity to Azure Arc, Tagging, RBAC, Management Groups and Azure Resource Graph Azure Policy Guest Configurations (Unlimited policies) Azure Monitor Same Azure Monitor pricing that is applicable to Azure VMs (Refer to the Azure Monitor Pricing page to learn more) For more details on Azure Arc pricing visit our pricing page: https://aka.ms/azurearcpricing