Azure Arc-enabled Servers
Author: Ronald Fung
Creation Date: May 11, 2023
Next Modified Date: May 11, 2024
A. Introduction
Azure Arc-enabled servers lets you manage Windows and Linux physical servers and virtual machines hosted outside of Azure, on your corporate network, or other cloud provider. For the purposes of Azure Arc, these machines hosted outside of Azure are considered hybrid machines. The management of hybrid machines in Azure Arc is designed to be consistent with how you manage native Azure virtual machines, using standard Azure constructs such as Azure Policy and applying tags. (For additional information about hybrid environments, see [What is a hybrid cloud?[(https://azure.microsoft.com/resources/cloud-computing-dictionary/what-is-hybrid-cloud-computing)])
When a hybrid machine is connected to Azure, it becomes a connected machine and is treated as a resource in Azure. Each connected machine has a Resource ID enabling the machine to be included in a resource group.
To connect hybrid machines to Azure, you install the Azure Connected Machine agent on each machine. This agent doesn’t replace the Azure Log Analytics agent / Azure Monitor Agent. The Log Analytics agent or Azure Monitor Agent for Windows and Linux is required in order to:
Proactively monitor the OS and workloads running on the machine
Manage it using Automation runbooks or solutions like Update Management
Use other Azure services like Microsoft Defender for Cloud
You can install the Connected Machine agent manually, or on multiple machines at scale, using the deployment method that works best for your scenario.
B. How is it used at Seagen
As a biopharma research company using Microsoft Azure, you can use Azure Arc-enabled servers to manage your servers across multiple environments, including on-premises, multi-cloud, and edge. Here are some ways you can use Azure Arc-enabled servers:
Centralized management: Azure Arc-enabled servers allows you to manage your servers from a single control plane in Azure. This can help you to simplify management, reduce complexity, and improve visibility across multiple environments.
Consistent deployment: Azure Arc-enabled servers allows you to deploy and manage your servers consistently across all environments, including on-premises, multi-cloud, and edge. This can help you to reduce the risk of configuration errors and ensure consistency across your deployments.
Security: Azure Arc-enabled servers provides security features such as Azure Security Center integration, Azure Policy integration, and Azure Defender integration. This can help you to secure your servers and ensure compliance with regulatory requirements.
Monitoring and troubleshooting: Azure Arc-enabled servers provides monitoring and troubleshooting features such as Azure Monitor integration, log analytics, and automation capabilities. This can help you to detect and diagnose issues in your server deployments and improve your overall application performance.
Integration with Azure services: Azure Arc-enabled servers integrates with other Azure services such as Azure Backup, Azure Site Recovery, and Azure Automation. This can help you to streamline your workflows and improve your overall disaster recovery and business continuity capabilities.
Overall, Azure Arc-enabled servers can help your biopharma research company to manage your servers across multiple environments, including on-premises, multi-cloud, and edge. With centralized management, consistent deployment, security, monitoring and troubleshooting, and integration with Azure services, Azure Arc-enabled servers can help you to simplify management, reduce complexity, and improve visibility across your server deployments.
C. Features
When you connect your machine to Azure Arc-enabled servers, you can perform many operational functions, just as you would with native Azure virtual machines. Below are some of the key supported actions for connected machines.
Govern
:Assign Azure Policy guest configurations to audit settings inside the machine. To understand the cost of using Azure Policy Guest Configuration policies with Arc-enabled servers, see Azure Policy pricing guide.
Protect
:Protect non-Azure servers with Microsoft Defender for Endpoint, included through Microsoft Defender for Cloud, for threat detection, for vulnerability management, and to proactively monitor for potential security threats. Microsoft Defender for Cloud presents the alerts and remediation suggestions from the threats detected.
Use Microsoft Sentinel to collect security-related events and correlate them with other data sources.
Configure
:Use Azure Automation for frequent and time-consuming management tasks using PowerShell and Python runbooks. Assess configuration changes for installed software, Microsoft services, Windows registry and files, and Linux daemons using Change Tracking and Inventory
Use Update Management to manage operating system updates for your Windows and Linux servers. Automate onboarding and configuration of a set of Azure services when you use Azure Automanage (preview).
Perform post-deployment configuration and automation tasks using supported Arc-enabled servers VM extensions for your non-Azure Windows or Linux machine.
Monitor
:Monitor operating system performance and discover application components to monitor processes and dependencies with other resources using VM insights.
Collect other log data, such as performance data and events, from the operating system or workloads running on the machine with the Log Analytics agent. This data is stored in a Log Analytics workspace.
D. Where implemented
E. How it is tested
Testing Azure Arc-enabled servers involves ensuring that the servers are functioning correctly, securely, and meeting the needs of all stakeholders involved in the project. Here are some steps to follow to test Azure Arc-enabled servers:
Define the scope and requirements: Define the scope of the project and the requirements of all stakeholders involved in the project. This will help ensure that Azure Arc-enabled servers are designed to meet the needs of all stakeholders.
Develop test cases: Develop test cases that cover all aspects of Azure Arc-enabled servers functionality, including deployment, management, and security. The test cases should be designed to meet the needs of the organization, including scalability and resilience.
Conduct unit testing: Test the individual components of Azure Arc-enabled servers to ensure that they are functioning correctly. This may involve using tools like PowerShell or Azure CLI for automated testing.
Conduct integration testing: Test Azure Arc-enabled servers in an integrated environment to ensure that they work correctly with other systems and applications. This may involve testing Azure Arc-enabled servers with different operating systems, browsers, and devices.
Conduct user acceptance testing: Test Azure Arc-enabled servers with end-users to ensure that they meet their needs and are easy to use. This may involve conducting surveys, interviews, or focus groups to gather feedback from users.
Automate testing: Automate testing of Azure Arc-enabled servers to ensure that they are functioning correctly and meeting the needs of all stakeholders. This may involve using tools like Azure DevOps to set up automated testing pipelines.
Monitor performance: Monitor the performance of Azure Arc-enabled servers in production to ensure that they are meeting the needs of all stakeholders. This may involve setting up monitoring tools, such as Azure Monitor, to track usage and identify performance issues.
Address issues: Address any issues that are identified during testing and make necessary changes to ensure that Azure Arc-enabled servers are functioning correctly and meeting the needs of all stakeholders.
By following these steps, you can ensure that Azure Arc-enabled servers are tested thoroughly and meet the needs of all stakeholders involved in the project. This can help improve the quality of Azure Arc-enabled servers and ensure that they function correctly in a production environment.
F. 2023 Roadmap
????
G. 2024 Roadmap
????
H. Known Issues
There are several known issues that can impact Azure Arc-enabled servers. Here are some of the most common issues to be aware of:
Configuration issues: Configuration issues can arise when setting up Azure Arc-enabled servers. It is important to ensure that all configurations are set up correctly to avoid issues with deployment, management, and security of the servers.
Performance issues: If the system is not properly sized, it can impact performance and availability, causing issues with the speed and reliability of the servers.
Integration issues: Integration issues can arise when integrating Azure Arc-enabled servers with other systems and applications. It is important to ensure that Azure Arc-enabled servers are designed to work seamlessly with other systems and applications to avoid integration issues.
Security issues: Security is a critical concern when it comes to Azure Arc-enabled servers. It is important to ensure that the servers are secured and that access to the servers is restricted to authorized personnel.
Accuracy issues: In some cases, Azure Arc-enabled servers may not be accurate or may not apply to a specific use case. It is important to review the servers carefully and validate them before taking action.
Reliability issues: Reliability issues can arise when Azure Arc-enabled servers are not functioning correctly or when the system experiences downtime. It is important to monitor the performance and reliability of Azure Arc-enabled servers to ensure that they are meeting the needs of the organization.
Compatibility issues: Azure Arc-enabled servers may not be compatible with all server environments or platforms. It is important to ensure that Azure Arc-enabled servers are compatible with the organization’s existing infrastructure before implementation.
Overall, Azure Arc-enabled servers require careful planning and management to ensure that they are functioning correctly and meeting the needs of all stakeholders involved in the project. By being aware of these known issues and taking steps to address them, you can improve the quality of Azure Arc-enabled servers and ensure the success of your project.
[x] Reviewed by Enterprise Architecture
[x] Reviewed by Application Development
[x] Reviewed by Data Architecture