Hybrid capabilities with Azure services in Azure Local, version 23H2
Applies to: Azure Local, version 23H2
Your on-premises Azure Local solution integrates with Azure cloud via several cloud service components, such as Azure Local cloud service, Azure Arc, and other Azure hybrid services. This article describes the functionality provided by these cloud service components, and how they help provide hybrid capabilities to your Azure Local deployment.
Azure Local cloud service
The Azure Local cloud service in Azure is a key part of the Azure Local product offering. It includes standard Azure components, such as a resource provider in Azure Resource Manager and a UI extension in the Azure portal. These components enable access to Azure Local functionality via familiar Azure tools and UX, such as Azure portal, Azure PowerShell, and Azure CLI. The Azure Local cloud service also enables contextual navigation from an Azure Local resource to its Arc servers and Arc virtual machines (VMs).
The Azure Local cloud service extends the hybrid capabilities for Azure Local by enabling the following cloud-based functionalities:
Registration. To enable hybrid capabilities, you must register every Azure Local that you intend to connect with Azure Arc. For more information, see Register your machines and assign permissions for Azure Local, version 23H2 deployment.
Deployment and security. Azure Local supports cloud-based deployment through the Azure portal or an Azure Resource Manager deployment template. For more information, see Deploy Azure Local using the Azure portal and Deploy Azure Local via the Azure Resource Manager deployment template.
The Azure Local deployment follows a secure-by-default strategy, including a tailored security baseline, a security drift control mechanism, and default security features. Post-deployment, you can view the security settings for Azure Local via the Azure portal. For more information, see About security features.
Updates. You can keep your Azure Local solution up-to-date with security fixes and feature improvements. The latest updates are identified and applied from the cloud through the Azure Update Manager tool. For more information, see About updates for Azure Local, version 23H2.
Monitoring. You can perform basic monitoring of all Azure Local resources and confirm the deployment via the Azure portal. For more information, see Verify a successful deployment. Advanced monitoring utilizes Azure Monitor tools, such as Insights, Metrics, Logs, Workbooks, and Alerts. For information about monitoring Azure Local, see What is Azure Local monitoring?.
Observability and support. Azure Local observability feature collects telemetry and diagnostic data, which helps Microsoft in system analysis and issue resolution. Observability and remote support are integral to the Azure Local deployment process. For more information, see Azure Local observability and Get remote support for Azure Local.
Billing. The Azure Local cloud service sends usage data to Azure Commerce to calculate the monthly bill for the registered subscription. You can pay for Azure Local through your Azure subscription. For more information, see Azure Local billing and payment.
Licensing. An Azure Local requires cloud connectivity to keep its license up to date. The Azure Local cloud service validates proper registrations and distributes new licenses. To learn more about how licensing impacts functionality, see Azure Local FAQ - What happens if the 30-day limit is exceeded?
Azure verification for VMs makes it possible for supported Azure-exclusive workloads to work outside of the cloud. This feature is a built-in platform attestation service that is enabled by default on Azure Local. For more information, see Azure verification for VMs.
Diagnostics. Azure Local diagnostic data helps Microsoft detect, diagnose, and fix problems to restore service health and improve products. To collect diagnostic data for a registered and connected system, see Collect diagnostic logs for Azure Local. To collect diagnostics data in scenarios where observability components aren't deployed or during issues with the system registration process, see Perform standalone log collection.
Enhanced management. You can perform enhanced management of your Azure Local from Azure. This feature is enabled by the Managed Identity created for your Azure Local resource that serves as the identity for the various components of your system. For more information, see Enhanced management of Azure Local from Azure.
Azure Arc on Azure Local
Azure Arc simplifies governance and management by delivering a consistent management plane from Azure. To learn more about Azure Arc, see Azure Arc overview. For additional guidance regarding the different services Azure Arc offers, see Choosing the right Azure Arc service for machines.
Azure Local delivers hybrid value through the following Azure Arc technologies:
Arc machines. As part of the Azure Local deployment process, you must register every Azure Local that you intend to join with Azure Arc. For more information, see Register your machines and assign permissions for Azure Local, version 23H2 deployment
You can install, upgrade, and manage Azure Arc extensions on Azure Local to run hybrid services like monitoring and Windows Admin Center in the Azure portal. For more information, see Azure Arc extension management on Azure Local.
Arc VMs. Azure Arc VM management lets you provision and manage Windows and Linux VMs hosted in an on-premises Azure Local environment. Administrators can manage Arc VMs on their Azure Local by using Azure management tools, including Azure portal, Azure CLI, Azure PowerShell, and Azure Resource Manager (ARM) templates. For more information, see What is Azure Arc VM management?.
Azure Kubernetes Service (AKS) enabled by Arc. AKS on Azure Local, version 23H2 uses Azure Arc to create new Kubernetes clusters on Azure Local directly from Azure. It enables you to use familiar tools like the Azure portal, Azure CLI, and Azure Resource Manager templates to create and manage your Kubernetes clusters running on Azure Local. For more information, see What's new in AKS on Azure Local version 23H2.
Other Azure hybrid services
In addition to hybrid functionality provided through Azure Arc, you can enable the following Azure services for other hybrid capabilities on Azure Local:
Azure Backup. With Microsoft Azure Backup Server (MABS) v3 UR2, you can back up Azure Local host (System State/BMR) and virtual machines (VMs) running on your Azure Local. To learn more about Azure Backup, see Back up Azure Local virtual machines with MABS.
Azure Site Recovery. With Azure Site Recovery support, you can continuously replicate VMs from Azure Local to Azure, as well as fail over and fail back. To learn more about Azure Site Recovery, see Protect your Hyper-V Virtual Machines with Azure Site Recovery and Windows Admin Center.
Azure Update Manager. Azure Update Manager is an Azure service that allows you to apply, view, and manage updates for each of your Azure Local instances. You can view each Azure Local across your entire infrastructure, or in remote or branch offices and update at scale. For more information, see Use Azure Update Manager to update your Azure Local, version 23H2.