Most organizations today are using hybrid infrastructure. While fully leveraging workloads and services that make sense in cloud environments, many still run workloads on-premises for several reasons, including compliance or performance. It can leave organizations with disparate tools for managing, monitoring, and configuring resources in the cloud vs. on-premises environments. Azure Arc is a solution from Microsoft that helps to solve these challenges. Microsoft now officially supports Azure Arc for VMware vSphere.
The challenges of cloud vs. on-premises management
Management is one of the challenges businesses face as they migrate workloads and services to the public cloud. When resources are migrated to public cloud environments, companies must now know and maintain multiple sets of tools, management GUIs, APIs, and tooling.
Many love the flexibility and wealth of management capabilities offered by cloud environments that are accessible from anywhere. However, each public cloud provider has its own tools and management capabilities, further adding to this management problem. In addition, it has meant that businesses considering consuming multi-cloud resources must invest even further in new skills and solutions.
What is Azure Arc?
To begin, what is Azure Arc? Azure Arc is a solution that allows organizations to extend the Azure control plane to an on-premises environment or even other clouds for hybrid and multi-cloud management. Azure’s actions and tasks are carried out using the Azure Resource Manager (ARM). It bridges the gap between cloud and on-premises environments, streamlining and unifying management across all environments.
Azure Resource Manager
Azure Resource Manager is the management layer in Microsoft Azure used to deploy and manage services. It provides the capabilities needed to create, update, and delete resources. If you wonder when you communicate with Azure Resource Manager, it is any time you interact with the Azure Portal, Azure APIs, tools, SDKs, etc.
What are the benefits of Azure Resource Manager, and what does it allow you to do?
- You can use ARM templates to manage and provision your infrastructure in a declarative way
- Manage your Azure resources as a group of objects instead of individually
- It provides a development lifecycle allowing confidence in your resources that these are in a consistent state
- Define the dependencies between resources, allowing these to be deployed and provisioned in the correct order
- Implement Role-Based Access Control (Azure RBAC) to bolster the idea of least-privileged access
- Apply tags to resources which allows adding metadata to resources in your subscription
- Streamline billing using ARM by viewing costs for a group of resources sharing the same tag
Native Azure resources via agents
With Azure Arc, you can make external objects and infrastructure appear as native Azure objects, regardless of where these are located. Typically, Azure Arc uses an agent-based approach. For example, with Arc-enabled Windows Servers, a lightweight Azure Arc agent is installed that connects the server with the Azure environment.
Azure Arc-enabled VMware vSphere
Many organizations are using VMware vSphere on-premises to run their business-critical virtual machines. With the VMware Azure Arc-enabled VMware vSphere Preview, Azure Arc can now extend Azure governance and management capabilities to VMware vSphere environments. It brings the natural benefit of unified management and visibility from a single management and control plane.
Arc-enabled VMware vSphere capabilities
What are the capabilities of Arc-enabled VMware vSphere? Note the following:
- You can perform virtual machine lifecycle operations directly from Azure with the built-in Azure RBAC policies providing governance guardrails
- It enables developers and DevOps teams to have a self-service approach for virtual machine operations without needing to enlist VI admins for these operations
- It allows browsing VMware vSphere resources, including virtual machines, virtual networks, VM templates, and storage. Discovered resources in the VMware vSphere environment can then be onboarded to Azure.
- You can extend monitoring and governance operations using the Azure Arc agent installed in guest virtual machines
To enable the management of VMware vSphere environments using Azure Arc, Microsoft has what is called an Azure Arc “resource bridge.” The resource bridge is a virtual appliance that runs in your VMware vSphere environment. First, the resource bridge appliance connects to your vCenter Server. Then, it connects to Microsoft Azure and creates the management and governance bridge used for managing your VMware vSphere environment from Azure.
Many will find this approach desirable as there are no agents or additional software components to install in vCenter to create the Arc-enabled management link. VMware vCenter Server remains untouched, and the bridge creates the typical virtual appliance integration with vCenter Server that is characteristic of other vCenter Server integrations.
Getting started with Azure Arc-enabled VMware vSphere
Arc-enabled VMware vSphere Prerequisites
Note the following requirements for creating the integration with VMware vSphere and Azure Arc
- An Azure subscription is required
- You will need a resource group with a user that has the Owner, Contributor, or Azure Arc VMware Private Clouds Onboarding role for onboarding
Azure Arc Resource Bridge
- The only requirement for the Azure Arc resource bridge used to connect to the vCenter Server is an IP address for network connectivity
- It will need to be able to connect to Microsoft Azure
- The following versions of vCenter Server are supported: 6.7 or 7
- Internet access is required, and it must also be possible for the virtual machines on this network to communicate with the vCenter Server on TCP port 443
- You will need three free static IP addresses. If using DHCP, the IP addresses must be outside the DHCP range
- A cluster or resource pool with a minimum capacity of 16 GB of RAM and four vCPUs
- 100 GB of free disk space on a vSphere datastore, available through the resource pool or cluster
Arc-enabled VMware vSphere limitations
Microsoft does not recommend that you Arc-enable a vCenter Server instance with more than 9,500 virtual machines. VMware vCenter Server instances with more than this number of virtual machines as part of its inventory are not recommended for Arc-enablement. However, this may be a Preview limitation only and could be removed once the solution transitions to general availability.
Arc-enabled VMware vSphere FAQs
What is Azure Arc? Azure Arc is a solution from Microsoft that extends the Azure control plane to on-premises and multi-cloud environments. Using Azure Resource Manager, organizations can standardize Azure’s controls and management capabilities to manage their entire infrastructure estate.
What is Azure Resource Manager? Azure Resource Manager is the underlying control plane of Azure. It is used with any Azure interaction, including the Azure Portal, SDKs, command line, API calls, and others.
What is Azure Arc-enabled VMware vSphere? It is a Preview solution from Microsoft allowing businesses to extend Arc-enabled management to VMware vSphere. Using a Resource Bridge, the on-premises vCenter Server is connected to the Azure control plane without any additional installation of components on the vCenter Server itself. It allows for performing lifecycle management and other tasks in the VMware vSphere environment.
Microsoft’s Azure Arc solution is a robust and powerful solution allowing organizations to extend the management, visibility, and capabilities of the Azure control plane to on-premises and cloud environments. Microsoft continues to expand the features and capabilities of Azure Arc. The Azure Arc-enabled VMware vSphere solution allows businesses to manage their vSphere environments using existing Azure RBAC, policies, workflows, and tooling. You can learn more about the Arc-enabled VMware vSphere solution here: What is Azure Arc-enabled VMware vSphere (preview)? – Azure Arc | Microsoft Learn