Microsoft has given its Azure Local on-prem cloud a major makeover to make it fit for duty powering large-scale sovereign infrastructure.
The first role Microsoft assigned to Azure Local was as an on-prem option that uses the same hypervisor as the Azure Cloud, plus the Azure Kubernetes Service and software-defined storage. The product scaled to clusters of 16 nodes. Users manage it with Azure Arc, Microsoft’s cloudy tool for managing resources that run in the Redmondian cloud, on-prem, or out on the edge. Microsoft told The Register the product is suited to those who feel some workloads aren’t suitable to run in the cloud but want to use Arc for all their management needs.
On Monday, Microsoft announced a more ambitious role for Azure Local: powering sovereign datacenters that encompass thousands of servers.
A blog post explains how that’s possible: Azure Local servers can now access fiber channel storage area networks, and users can scale compute and storage capacity independently.
A Microsoft spokesperson told us the beefed-up Azure Local can also use customers’ existing networks to connect clusters.
“Enhancements in fault domain modeling, infrastructure pools, and multi-rack networking allow deployments to expand from hundreds to thousands of nodes without requiring a fundamental architectural change, while maintaining availability and resiliency for mission-critical workloads,” the spokesperson told The Register.
At this point, readers may well be wondering exactly what makes Azure Local suitable for sovereign infrastructure.
For starters, the product is no longer dependent on Arc for management, as a local control plane is now available – and it keeps the Azure look and feel. Another addition to Azure Local is a tool called Local Identity with Key Vault that allows users to manage their own cryptographic keys – even for air-gapped devices.
The Register hears different definitions of “sovereign” infrastructure every week, but the core of it is always ensuring data never leaves a user’s preferred jurisdiction and making sure the legal framework under which infrastructure operates isn’t subject to extra-territorial interventions (or at least allegedly lawful interventions, as distinct from illegal intrusions).
By offering a local management plane, Azure Local can ease the common concern that merely touching a cloud operated by a US-based company creates risk, while Key Vault will satisfy users who don’t want their cloud providers getting anywhere near their keys.
Independent scaling of compute and storage isn’t novel. VMware has offered it for years and Nutanix started supporting external storage last year. Both companies also offer sovereign clouds, by packaging their stacks so service providers can offer either dedicated rigs or multitenant infrastructure backed by guarantees of immutable isolation.
The refresh for Azure Local therefore gets Microsoft into the sovereign game.
The sovereign-infrastructure-ready version of Azure Local dropped with version 12.2604.1003.209 which Redmond delivered last week.
The new release also added features that all users might appreciate, even those who use Azure Local as vanilla hyperconverged and/or hybrid cloud infrastructure.
Microsoft’s senior cloud solution architect Jan Egil pointed to faster deployments, support for GPUs, and what he described as “More control over updates and deployment workflows” thanks to “pre-deployment domain join and configurable update settings.” ®
Source: The register