Apr 19, 2022, Infrastructure

Azure Arc and Windows Admin Center – a complicated digital landscape

Rafał Mróz & Damian Dańczak
The old saying goes "don't put all your eggs in one basket". In today's digital world with advanced cloud delivery models it's easy to keep your digital resources in many of them. It's a common enterprise reality and in mission critical scenarios a welcome practice. Top 500 Fortune companies back this statement up by running their workloads both on premise and in the cloud - Azure alone boasts a 95% adoption rate within this group.

This approach seems great at first glance, but it has its drawbacks. Not only does it require a sizable IT staff with a broad skill set, but usually control and governance gets complicated with distinctive toolsets. What if you could avoid the pitfalls while reaping the benefits? This is where Microsoft steps into the game with their offering.

So, what exactly is Azure Arc?

Microsoft tried to answer the need for a centralized control plane with its new product. Azure Arc is managed from Azure Portal and allows to seamlessly extend resource management and security capabilities from Azure Cloud to on-premise, edge or multi cloud environments. Under the hood it’s a new set of hybrid cloud technologies aiming to deliver the true hybrid experience.

What does it aim for?

Businesses can manage their physical hosts, VMs and Kubernetes clusters. Arc brings Cloud Native applications such as AppService, SQL Managed Instance or PostgreSQL Hyperscale to your doorstep or to external clouds. With a few clicks of a mouse new Kubernetes pods or native apps can be run outside of Azure.

All of this can be achieved using a single, familiar toolset. Azure Portal is not the only available solution. There’s also Azure Powershell, Azure CLI or REST API. With such tools and a proper design automation can be brought to your hybrid installments.

What functionalities does it bring?

By default you can manage your assets after Arc registration. Its object projection in Azure allows for permission, policy and tag assignment. Other features are possible with the help of extensions. This opens a plethora of possibilities: from log correlation with Azure Monitor and Log Analytics, to software update and config management with Azure Automation and Desired State Config, to building entire hybrid environments using GitOps methodology with Flux and Helm Charts.

The possibilities seem limitless and Microsoft is well aware of that. Product history also seems to show it’s just the beginning of what’s to come. It started small in late 2019 with few capabilities in preview mode. Currently object management and some of the extensions already have production status, which is backed up by a solid Microsoft guarantee. There’s also a lot of new features already available in preview mode, so early adopters can extend their hybrid experience.

How much will it cost me?

The base control plane features are free according to Microsoft’s pricing brochure. If you want additional features you’ll have to calculate your costs for the extensions as well as Azure services usage. Don’t let that scare you away from using the service altogether, since you can start small and as always in the cloud pay as you go or as you grow.

The bright future?

The product is already impressive at its current stage of development and it gets bigger and better every month. The promise of a hybrid cloud seems ever so real and Azure Arc is definitely worth taking a close look. With Microsoft’s enterprise approach and its strong cloud investment Arc seems to be a worthy hybrid cloud management contender.

And what’s WAC?

Windows Admin Center (in short WAC) is a modern, centralized interface allowing us to manage all of Microsoft Windows resources from a single console. These registered resources can be ran anywhere: on-premise or in a cloud from any provider. It’s a management software targeted at a current hybrid cloud deployment model. It’s ready for use today while positioned as an administrative solution for the upcoming future.

How it works

WAC is considered a natural evolution of the familiar Windows tools such as Microsoft Management Console or Windows Server Manager. It’s a lightweight solution with an easy to use HTML5 web interface available through any modern browser. It brings functionalities such as:

  • Displaying resources and resource utilization

  • Certificate Management

  • Managing Devices

  • Event Viewer

  • File Explorer

  • Firewall Management

  • Managing Installed Apps

  • Configuring Local Users and Groups

  • Network Settings

  • Viewing/Ending Processes and Creating Process Dumps

  • Registry Editing

  • Managing Scheduled tasks

  • Managing Windows Services

  • Enabling/Disabling Roles and Features

  • Managing Hyper-V VMs and Virtual Switches

  • Managing Storage

  • Managing Storage Replica

  • Managing Windows Updates

  • Remote Desktop connection

  • Remote Procedure Calls and Powershell commands

At its current state the list of features is quite extensive and it’s far from over – it grows as the solution matures.

Any administrator using WAC has got an easier and better supervision over proper environment operation. Not only does it allow for management, but it also has monitoring capabilities built in. 

The solution is a “one stop shop” which makes it a great candidate for daily administrative tasks usage.

WAC is built with security in mind. Administrators can assign permissions which reflect organization status and needs. It’s a necessary functionality in a tool targeted at centralized administration. With the addition of High Availability clustering features this opens the door for broad enterprise adoption.

Installation and configuration

The installation and configuration process is reduced to bare minimum. All it takes is just download and run the installer, then follow the tried-and-proven “next-next” method. In a matter of minutes you’ve got ready to use an out of the box great experience. All it takes is connecting to your fresh installation at https://your.host.address.

"Overlay" for Windows Core governance

WAC is considered by some a missing administrative piece for Windows Server Core, since by design it lacks full GUI experience and most of the administrative tools.

When you register such a server to your WAC deployment you get the missing tools and features without actually installing them on Windows Core, which might pose additional security threats. In many cases WAC drastically speeds up routine administrative tasks like security event log analysis. 

Benefits vs price - Goliath not so intimidating

It’s best to put it bluntly – this great software comes free of charge if you’ve got a valid Windows Server or Windows 10 license. It seems “no such thing as a free meal” has no use in this case. Because of this I strongly encourage any administrator to give WAC a go. I really do hope Microsoft keeps investing in this great tool without putting a price tag on it.