If you’re like most organisations I speak to, the answer will be “several”, which logically leads to a second question. How are you managing them all? The answer is generally with different teams using different tools and consoles – one team for public cloud, a different team for on-premises infrastructure, and maybe another team managing developer environments. The point is that as organisations continue to distribute workloads across multiple clouds and on-premises, the complexity and cost of management increases, as does the security risk. This hybrid environment evolution has become a deliberate choice for enterprises though, which was nicely summed up by Satya Nadella, Microsoft CEO when he said, “The ability for customers to embrace both public cloud and local data centre, plus edge capability, is enabling customers to improve their IT agility and maximise efficiency.” In my previous blog, Extending cloud to the edge: The revitalised case for HCI , I talked about Azure Stack HCI and some of the use cases driving a renewed interest in hyper-converged edge computing. However, the key takeaway was that with Azure Arc-enabled HCI infrastructure, this on-premises equipment can be managed out of Azure just like any other Azure service or resource. In this blog post, I want to drill down further into the underlying enabler of this unified management capability – Azure Arc, and how this can help you centralise control of all your environments. Additionally, I will provide an overview of how clever integration by Dell of their OpenManage systems management toolset makes all the difference for control of the Azure Stack HCI solution.
As much as we’d sometimes love to throw out all the infrastructure and applications we’ve built, acquired, and inherited over years of business evolutions, personnel changes, and acquisitions, and start again with a new set of modernised applications; the reality is that more than often, we have to work with what we’ve got. We have legacy apps to maintain on Windows Server and Linux with on-premises infrastructure lifecycles to manage. VMs appearing like mushrooms after rain and a seemingly constant shift of workloads to different clouds (and sometimes back to on-premises) to support edge computing requirements. It’s complex, and as Microsoft recently stated, there are three key challenges that evolve out of this complex hybrid environment:
Complexity: You need to have health visibility in a single pane of glass to all existing and future infrastructure and applications.
Compliance: You need to manage security and incident management across public cloud and data centre assets.
Inconsistency: You want on-premises skills to work in the cloud; and cloud skills to work on-premises.
This is where Azure Arc comes in. Microsoft describes Azure Arc as “a bridge between Azure and non-Azure resources”, but I like to describe it as a unifying management layer for your different ‘clouds’ of applications and infrastructure. Regardless of which definition makes more sense to you, Azure Arc extends the Azure Portal and Azure Resource Manager to non-Azure resources and on-premises workloads. This means they all appear in Azure and can be managed like Azure resources, providing centralised visibility, management, security, and governance. What resources I hear you say? Today, this includes Azure Stack HCI clusters, Windows and Linux virtual servers, SQL services, and Kubernetes – on-premises as well as in other public clouds like AWS and Google Cloud. Azure Arc-enabled vSphere is also in preview. For virtual servers, this not only gives you a centralised view of all your servers but allows you to perform the following:
Govern: Azure Policy to audit or configure operating system settings at scale. Leverage built-in policy definitions for best practice configuration.
Protect: Microsoft Defender for Cloud, for threat detection, vulnerability management, and to proactively monitor for potential security threats. Sentinel to collect security-related events and correlate them with other data sources.
Configure: Update Management to manage operating system updates for your Windows and Linux servers. Azure Automation for frequent and time-consuming management tasks
Monitor: Monitor performance and discover application components to monitor processes and dependencies with other resources. Collect log data using Log Analytics.
When combined with Azure Stack HCI, Azure Arc allows you to use Azure VM images to deploy virtual servers, stop, start, resize, etc, all from the Azure portal. You can also leverage Azure Backup and Azure Site Recovery for cloud-based backup and disaster recovery. With Azure Arc-enabled data services, you can say goodbye to major version updates with an evergreen model of updates (agile and less disruptive). Updates can be controlled via policy, allowing you to stay up-to-date, but in control. You can scale databases up or down dynamically in much the same way as they do in Azure, giving you cloud-like elasticity (subject to the available capacity of your infrastructure, of course!). However, with Kubernetes, things get even more interesting. Not only can you govern, protect, configure, and monitor, but you can utilise Azure Arc to deploy:
What does this mean for developers? You can develop cloud-native apps and operate them anywhere whilst integrating Azure monitoring, security, and compliance into your DevOps toolkit.
I know this is a phrase that gets over-used, but this evolution of Azure is a bit of a game changer. Yes, you do need to be invested in Azure at some level to realise the benefits of Azure Arc and Azure Stack HCI, but for those that are, Azure Arc allows you to reduce the number of management toolsets you need to run whilst obtaining a centralised point of visibility to your resources, management, governance, and security for servers across your environment. That’s a big deal! It means fewer tools for your team to learn how to use, along with reduced complexity and operational costs. When you also add in zero-touch compliance and configuration with the ability to leverage best practice built-in policy definitions – while also automating deployment, configuration, and updates – it’s something every Azure organisation should be exploring. It also allows you to improve your security posture by leveraging best-in-class security, but I’ll explore that topic in a future blog.
The Azure Arc story is compelling; however, it doesn’t take away the fundamental differences between managing on-premises infrastructure and cloud infrastructure. You still need to manage your BIOS and firmware updates, support contracts, warranties, equipment refreshes, financing etc., which all require hardware lifecycle management which can differ by vendor. With the release of Azure Arc-enabled Azure Stack HCI, Microsoft has made it easier for hardware vendors to validate their products to work with Azure and take advantage of hybrid management, while also adding their own differentiators. A vendor worth calling out in this space is Dell Technologies, who have focused on adding advanced lifecycle management capabilities with its Azure Stack HCI offerings. Dell Azure Stack HCI is provided as an integrated system (rather than just validated hardware nodes) – meaning that Azure Stack HCI OS comes pre-installed with support for full stack driver and firmware updated via Windows Admin Center. They also offer a single point of contact for implementation and support services. However, while services running on Azure Stack HCI may seem like their Azure equivalents, managing the underlying nodes that form the Azure Stack HCI infrastructure can be challenging. To address this, Dell Open Manage is integrated with Windows Admin Center to create a plug-in for simplifying the management of Dell Azure Stack HCI infrastructure. This brings the operational capabilities of a turnkey solution, simplifying and consolidating into a single toolset what would otherwise require several complex management steps and processes that would have to be run on each node – and for operational management at scale, Dell has an integration for hardware policy in Azure Arc.
Integrating Dell OpenManage, you can:
• Perform automated on-premises cluster creation and expansion
• Provide a centralised view of hardware and firmware
• Monitor the health of the Azure Stack HCI clusters
• Enforce policies across locations, and remediate any drift from the defined policies in the event of non-compliance
• Link and launch bare metal access console.
Their update policy capability is a case in point. The Dell Azure Stack HCI offering supports 1-click (or scheduled) cluster-aware updating, orchestrating updates to OS, BIOS, firmware, and drivers whilst avoiding interruption to workloads. So, from deployment, through to updates of the hardware, Azure Stack OS, virtual services, Kubernetes, and Arc-enabled services, you are covered!
For example, with the Dell OpenManage integration, a 4-Node Azure Stack HCI cluster takes just a few minutes to query the online catalogue and complete the local inventory on all cluster nodes to understand the compliance delta. It then downloads the updates to each node, runs pre- and post-installation scripts via Cluster Aware Updating (CAU), and completes the update process to bring a 4-Node Azure Stack HCI solution up to a fully tested/validated configuration – with no downtime or impact to the business, operations, applications or workloads.
If you have twenty, forty or even sixty nodes with a plethora of drivers, firmware and BIOS software versions to manage – then Dell Azure Stack HCI with OpenManage integration is the solution you need, delivering more than just enormous time savings. How much time savings? Dell estimates for a four-node cluster this can save you 97% of time in front of a screen and reduce your maintenance window by 40%.
Azure Arc brings a management unification layer to your disparate infrastructure environments while also extending Azure capabilities to non-Azure resources across other cloud services and on-premises infrastructure. With Azure Stack HCI, you get edge computing capabilities that can look and operate like any other Azure VM.
Dell OpenManage delivers advanced lifecycle management with powerful capabilities due to its integration with Microsoft Windows Admin Centre and Azure Arc, significantly reducing the time and effort required to manage and maintain Azure Stack HCI.
These capabilities are redefining the definition of hybrid cloud and powering IT agility. As Microsoft’s largest Australian business partner with the highest level of competency across the Microsoft ecosystem, and a Dell Titanium Solutions Provider Partner, Data#3 is uniquely positioned to help our customers navigate this new hybrid reality. To learn more, book an assessment workshop with Data#3 today.