Back to posts
March 20, 2023

Azure Arc: Extending Cloud Management Everywhere

azurehybrid-cloudkubernetesvmware

Your company runs a massive VMware datacenter. You have 5,000+ VMs, 15 years of institutional knowledge, and a team that knows VMware inside and out.

Then in came the rumor mill. Broadcom might acquire VMware.

Your team's reaction: "What happens to VMware? Is Broadcom going to raise licensing costs? Will VMware be integrated into Broadcom's product line? Will innovation slow down?"

You read speculation about changes to VMware licensing. Perpetual licenses are being phased out. Subscription-only model. Pricing increases are significant. Other products acquired by Broadcom saw significant price increases.

Your team starts looking at alternatives. Maybe it is time to modernize. Maybe Kubernetes is the future. Maybe it is time to move to the cloud.

But you have 15 years of on-premises infrastructure. You cannot just rip and replace. You need a bridge.

Azure Arc is that bridge.

Azure Arc is Microsoft's approach to hybrid and multi-cloud management. It extends Azure's control plane to resources running anywhere: on-premises datacenters, edge devices, or directly on the internet-connected devices at remote locations.

The core idea: Manage everything from Azure, regardless of where it runs.

For organizations concerned about VMware futures or looking to escape vendor lock-in, Azure Arc provides a path forward without forcing an immediate migration. You can keep your on-premises infrastructure running while gradually adopting cloud-native approaches.

This article covers what Azure Arc is, how it works, benefits and risks, the VMware situation and alternatives, adoption strategies, deployment challenges, best practices, and organizational benefits.

What Is Azure Arc?

Azure Arc is a set of technologies that extend Azure management and services to any infrastructure:

  • Azure Arc-enabled servers: Manage on-premises and multi-cloud VMs/physical servers as if they were native Azure resources
  • Azure Arc-enabled Kubernetes: Connect and manage Kubernetes clusters anywhere as if they were native AKS clusters
  • Azure Arc-enabled data services: Run Azure-managed SQL and PostgreSQL databases on any infrastructure
  • Azure Arc-enabled application services: Run Azure App Service, Functions, Logic Apps on any Kubernetes cluster

The key insight: Azure becomes the management layer, regardless of where compute actually runs.

How does it work?

Azure Arc uses a lightweight agent deployed on each resource:

  • For servers: The Azure Connected Machine agent (runs on Windows or Linux)
  • For Kubernetes: A set of agents installed on the cluster
  • For data services: Data controller deployed on Kubernetes cluster
  • For app services: App Service extensions deployed on Kubernetes cluster

Each agent establishes an outbound connection to Azure. Azure does not need to reach your on-premises infrastructure. Your infrastructure reaches out to Azure. This is important for security.

Example: Your datacenter has no inbound internet access. Just outbound. Azure Arc still works because agents initiate the connection.

What can you do with Arc?

Once a resource is connected to Arc, you can:

For servers:

  • Apply Azure Policies (enforce Windows updates, required security software)
  • Run monitoring (Azure Monitor, Defender for servers)
  • Apply role-based access control (Azure RBAC)
  • Execute scripts remotely
  • Manage patches
  • Inventory software
  • Track compliance

For Kubernetes:

  • Apply Azure Policy to cluster
  • Deploy via GitOps (Flux or Helm)
  • Monitor cluster (Azure Monitor)
  • Run Defender for Cloud scans
  • RBAC to control access
  • Deploy Azure services (SQL, PostgreSQL, etc)

For data services:

  • Run Azure SQL Managed Instance on your infrastructure
  • Run Azure PostgreSQL on your infrastructure
  • Automatic backups, high availability, scaling
  • Same management experience as cloud version

For app services:

  • Deploy Azure App Service on Kubernetes
  • Deploy Azure Functions on Kubernetes
  • Deploy Logic Apps on Kubernetes
  • Web apps, APIs, scheduled jobs all runnable on your cluster

Azure Arc vs. Traditional Hybrid Approaches

Organizations have traditionally handled hybrid environments through disconnected solutions:

Traditional approach

  • Azure: Use Azure Portal, Azure Monitor, Azure Policy
  • On-premises: Use VMware vCenter, System Center, third-party tools
  • Multi-cloud: Use AWS Console, Google Cloud Console
  • Result: Three different management interfaces, three different ways of thinking about infrastructure, hard to get unified view

Azure Arc approach

  • Azure: Use Azure Portal, Azure Monitor, Azure Policy
  • On-premises: Use Azure Portal, Azure Monitor, Azure Policy (same as Azure)
  • Multi-cloud: Use Azure Portal, Azure Monitor, Azure Policy (same as Azure)
  • Result: One management interface, one way of thinking, unified view across all infrastructure

The benefit is not just technical. It is organizational. Your operations team learns one system. Your automation uses one API. Your policies apply consistently everywhere.

VMware Context: Why This Matters Now

To understand why Azure Arc is gaining attention, you need to understand VMware. VMware has been the industry standard for datacenter virtualization for almost 20 years. Many departments, capabilities, workloads, and businesses run and depend on VMware. While many providers have alternatives, none have approached the market share and deployment scale of VMware in enterprise technology.

The gap: Need for alternatives

But simply abandoning VMware is not realistic for most organizations:

  • Existing investment: Millions of dollars in VMware infrastructure
  • Operational expertise: Teams know VMware deeply
  • Workload dependencies: Years of workloads tuned for VMware
  • Operational stability: "Do not touch running systems" mentality

So organizations needed:

  1. A path forward that acknowledges their VMware investment
  2. An alternative to VMware that does not require complete rip-and-replace
  3. Managed services to reduce operational burden
  4. Gradual migration capability (do not have to move everything at once)

Azure Arc addresses all four.

Benefits of Azure Arc

Azure Arc provides real benefits for organizations looking for hybrid approaches.

1. Unified management across environments

Single control plane for Azure, on-premises, and multi-cloud.

Benefit: Operations team learns one system. Automation written once works everywhere.

Cost savings: 20-30% reduction in management overhead.

Example: You have policy that "all servers must have Windows Defender enabled."

With Azure Arc:

  • Write policy once in Azure Policy
  • Apply to Azure VMs, on-premises VMs (via Arc), AWS VMs (via Arc)
  • Policy is enforced everywhere automatically

Without Arc:

  • Write policy in Azure Policy for Azure VMs
  • Write separate policy in VMware for on-premises VMs
  • Write separate script in AWS for AWS VMs
  • Manage three separate systems

2. Reduced VMware licensing costs

By deploying new workloads on Kubernetes (via Arc-enabled Kubernetes) instead of VMs, you reduce VMware licensing needs.

Example: 100 new application VMs planned. Typical cost: 100 licenses × $200/year = $20K/year.

Deployed on Kubernetes instead:

  • Kubernetes cluster on 10 physical servers
  • Cost: Kubernetes licensing (free or low cost) + hardware
  • Savings: $20K/year + ability to run more workloads on same hardware

3. Path to Kubernetes without rip-and-replace

You can gradually migrate from VMs to containers without forcing immediate change.

Phase 1: Stand up Kubernetes cluster on-premises, manage via Arc Phase 2: Deploy new applications on Kubernetes Phase 3: Gradually migrate existing applications to containers Phase 4: Eventually, deprecate VMware as applications move off

Timeline: 2-5 years instead of forced change now.

4. Data services without cloud lock-in

Run Azure SQL Managed Instance on-premises.

Same features as Azure (automated backups, high availability, scaling) but on your infrastructure.

Benefit: If you change your mind later, you can move to cloud without rewriting applications.

Your app talks to Azure SQL Managed Instance. Does not matter if that is running in Azure or on your datacenter.

5. Consistent security posture

Apply security policies and configurations consistently across all resources.

Example: Enforce MFA for all administrative access. Enable Defender for servers everywhere. Require specific firewall configurations.

Without Arc:

  • Security team configures Azure resources one way
  • Security team configures on-premises resources differently
  • Security team configures AWS resources yet another way
  • Inconsistent, gaps, hard to audit

With Arc:

  • Security team configures once
  • Applied consistently everywhere
  • Easy to audit and report

6. Operational flexibility

You can make decisions based on workload requirements, not infrastructure constraints.

Question: Should this workload run in Azure, on-premises, or on AWS?

Without Arc:

  • Decision based on "where do we have capacity" or "what happens to be connected"

With Arc:

  • Decision based on "where is it cheapest to run?", "where does it perform best?", "what is closest to users?"
  • Flexibility to move if costs change or requirements change

7. Reduced operational burden

Managed services (SQL Managed Instance, PostgreSQL) reduce on-premises operational burden.

Instead of:

  • Provisioning database servers
  • Managing patches and updates
  • Managing backups
  • Monitoring performance
  • Scaling when needed

You get:

  • Automated provisioning
  • Automatic patches and updates
  • Automatic backups
  • Integrated monitoring
  • Automatic scaling

Cost savings: Database administrators time freed up (2-3 FTE roles reduced) = $300-400K/year savings.

Risks and Challenges of Azure Arc

Azure Arc is powerful but has real challenges.

Risk 1: Vendor lock-in to Microsoft

By standardizing on Azure Arc, you are standardizing on Microsoft services.

Azure Arc works with AWS and Google Cloud but it is optimized for Azure. If you want to use Azure services (SQL Managed Instance, PostgreSQL, App Service on Arc), you are using Microsoft technology.

Over time, you may become more dependent on Microsoft.

Mitigation:

  • Use Arc for management layer but keep applications portable
  • Avoid using proprietary Azure services if portability is important
  • Design apps to work on any Kubernetes cluster, not just Arc

Risk 2: Operational complexity

Arc adds complexity. You are now managing:

  • Your on-premises infrastructure (still)
  • Azure infrastructure (new)
  • Arc agents (new)
  • Different management interfaces for different environments (old VMs vs Arc-managed VMs)
  • Integration between environments (new)

Initially this can feel like you have more to manage, not less.

Mitigation:

  • Invest in training and automation
  • Gradually migrate workloads (do not try to manage everything through Arc immediately)
  • Standardize on infrastructure-as-code (Terraform, Bicep) to reduce manual management

Risk 3: Network and security complexity

Arc agents need outbound internet connectivity to Azure.

If your on-premises infrastructure is air-gapped (no internet), Arc does not work out of the box.

If your infrastructure has limited internet connectivity, Arc may be slow or unreliable.

Mitigation:

  • Ensure reliable internet connectivity for Arc agents
  • Use Azure Stack Edge or private endpoints for air-gapped environments
  • Plan for network redundancy

Risk 4: Not a complete VMware replacement

Arc is not a like-for-like replacement for VMware.

VMware is a hypervisor (runs VMs). Arc is a management layer (manages existing infrastructure).

You still need a hypervisor:

  • VMware (traditional)
  • Hyper-V (Windows hosts)
  • KVM (Linux hosts)
  • Or Kubernetes (completely different model)

Arc does not replace the hypervisor. It manages what the hypervisor is running.

Mitigation:

  • Understand that VMware replacement requires choosing alternative hypervisor
  • Arc helps you manage that alternative
  • Consider Kubernetes as hypervisor alternative (not traditional VM hypervisor)

Risk 5: Pricing model changes

Microsoft may change Arc pricing in the future.

Arc today is relatively low-cost (a few dollars per server per month). But Microsoft could raise prices.

Mitigation:

  • Include Arc pricing in long-term financial planning
  • Lock in pricing via Azure Hybrid Benefit discounts
  • Monitor pricing announcements

Arc-enabled Kubernetes: The Core Alternative to VMware

For organizations looking at VMware alternatives, Arc-enabled Kubernetes is the key story.

Instead of running VMs on VMware, run containers on Kubernetes.

Why Kubernetes instead of VMware?

Kubernetes is:

  • Open source: No single vendor controls it. Multiple vendors support it.
  • Commodity: Many companies provide Kubernetes. Easy to switch.
  • Modern: Designed for containers, microservices, cloud-native applications
  • Developer-friendly: Developers can run same Kubernetes locally (laptop) and production (datacenter)
  • Cost-efficient: Better resource utilization than VMs

Example cost comparison:

VMware approach:

  • 1000 VMs for applications
  • Each VM needs ~100GB memory reserved (even if not using all)
  • 100TB total memory needed
  • 10 physical servers × 10TB memory = 10 physical servers
  • Cost: 1000 VMware licenses (~$200K/year) + hardware + support

Kubernetes approach:

  • 1000 containerized applications
  • Containers share memory more efficiently
  • Average container uses 500MB memory
  • 500GB total memory needed
  • 5 physical servers × 100GB memory = 5 physical servers
  • Cost: Kubernetes licensing (free) + hardware + support
  • Savings: 50% fewer servers, no VMware licensing, more efficient resource use

Arc-enabled Kubernetes: Management layer

Stand up Kubernetes cluster on-premises:

# Create Kubernetes cluster (using K3s, AKS Engine, or existing cluster)
# This runs on your on-premises servers or hardware

# Connect cluster to Azure Arc
az connectedk8s connect --name my-cluster --resource-group my-rg --location eastus

Once connected:

  • Cluster appears in Azure Portal
  • You can deploy applications via GitOps (Flux)
  • You can apply Azure Policy to cluster
  • You can monitor with Azure Monitor
  • You can run Azure data services (SQL, PostgreSQL) on cluster
  • You can run Azure App Service on cluster

Example: Deploy application via GitOps

# Create GitOps configuration
az k8s-configuration flux create --resource-group my-rg --cluster-name my-cluster \
  --name cluster-config --namespace cluster-config \
  --repository-url https://github.com/mycompany/apps \
  --branch main

Now, whenever your Git repository changes, Flux automatically updates the Kubernetes cluster. No manual deployment.

Adoption Process: From VMware to Arc and Kubernetes

Migrating from VMware to Kubernetes via Arc is a journey, not a one-time event.

Phase 1: Assessment (Month 1-2)

Step 1: Inventory current infrastructure

  • How many VMs do you have?
  • What do they run?
  • What are the dependencies?
  • What is the utilization (CPU, memory, disk)?

Use VMware tools (vCenter) to collect data.

Step 2: Categorize workloads

  • Lift-and-shift: Applications that can be containerized with minimal changes
  • Refactor: Applications that need some changes to run in containers
  • Rewrite: Applications that would be better as new microservices
  • Keep on VMs: Applications that truly cannot run in containers (legacy, specialized hardware requirements)

Typically:

  • 30-40% can lift-and-shift
  • 30-40% need refactoring
  • 10-20% need rewrite
  • 10-20% stay on VMs

Step 3: Evaluate cost implications

  • Current VMware costs (licenses, hardware, support)
  • Projected Kubernetes costs (hardware, management, tooling)
  • Projected savings from deprecating VMware

Build financial model.

Example:

Scenario VMware Kubernetes Savings
License costs/year $200K $0 $200K
Hardware/year $150K $100K $50K
Support/year $50K $50K $0
Total/year $400K $150K $250K
5-year total $2M $750K $1.25M

Phase 2: Pilot (Month 3-6)

Step 4: Build Kubernetes cluster

Start with one small cluster on-premises:

  • 3-5 physical servers
  • Run Kubernetes (K3s, kubeadm, or vendor-provided)
  • ~10-20 applications as initial workload

Step 5: Connect to Azure Arc

az connectedk8s connect --name pilot-cluster --resource-group pilot-rg

Step 6: Deploy pilot applications

Containerize 10-20 applications. Deploy to pilot cluster.

Measure:

  • How long does containerization take?
  • What issues do you encounter?
  • How does resource utilization compare to VMs?
  • How do teams feel about Kubernetes?

Step 7: Set up management and monitoring

  • Configure Arc to manage cluster
  • Set up Azure Monitor for cluster monitoring
  • Set up GitOps for deployments
  • Set up backup and disaster recovery

Step 8: Run for 2-3 months

Keep pilot running in parallel with existing VMware infrastructure. Do not deprecate VMware yet.

Measure:

  • Stability of Kubernetes cluster
  • Application performance vs VMs
  • Team productivity
  • Any unexpected issues

Phase 3: Expansion (Month 7-18)

Step 9: Build additional clusters

Once pilot is stable, build more clusters:

  • Production cluster (3-5 servers)
  • Non-prod cluster (2-3 servers)
  • Potentially regional clusters if distributed team

Connect each to Arc.

Step 10: Migrate applications systematically

Migrate applications in waves:

  • Wave 1 (Month 7-9): 20% of applications (highest priority for new arch, lowest complexity)
  • Wave 2 (Month 10-12): 30% of applications
  • Wave 3 (Month 13-18): 30% of applications
  • Remainder: May stay on VMs or get special handling

For each application:

  • Containerize (build Docker image)
  • Test in pilot cluster
  • Deploy to production cluster
  • Monitor for 2-4 weeks
  • Deprecate VM

Step 11: Deprecate VMware licenses

As you migrate workloads off VMware:

  • Each quarter, count how many VMs you are still using
  • Reduce VMware license count accordingly
  • Calculate quarterly savings

Timeline:

  • Q1: 900 VMs on VMware, 100 on Kubernetes, save ~$5K (reduce 100 licenses)
  • Q2: 700 VMs on VMware, 300 on Kubernetes, save ~$40K (reduce 200 licenses)
  • Q3: 400 VMs on VMware, 600 on Kubernetes, save ~$60K (reduce 200 licenses)
  • Q4: 200 VMs on VMware, 800 on Kubernetes, save ~$40K (reduce 200 licenses)

Total Year 1 savings: ~$145K (actually more because you reduce hardware over time)

Phase 4: Optimization and Closure (Month 19-24)

Step 12: Optimize Kubernetes infrastructure

  • Auto-scaling policies
  • Resource requests and limits
  • Cost optimization (reserved instances, spot instances)
  • Multi-region if applicable

Step 13: Decommission VMware

  • Move last 5-10% of VMs to Kubernetes (or to cloud if better fit)
  • Deprecate VMware licenses completely
  • Decommission VMware infrastructure
  • Reallocate VMware team

Step 14: Full integration with Azure

  • Run Azure data services (SQL Managed Instance, PostgreSQL) on Kubernetes clusters
  • Deploy Azure services (App Service, Functions) on Kubernetes
  • Integrate with Azure DevOps for full CI/CD pipeline

Potential Deployment Issues and Solutions

Migrating from VMware to Kubernetes via Arc is not simple. Real challenges emerge.

Issue 1: Stateful applications are difficult to containerize

Problem: Your legacy application stores state on local disk. Docker images are ephemeral. If container dies, data is lost.

Solution:

  • Use persistent volumes (local storage, networked storage)
  • For databases: Use Azure Arc-managed data services (SQL Managed Instance, PostgreSQL)
  • For file storage: Use shared storage (NFS, SMB)

Example: Persistent volume for application logs

apiVersion: v1
kind: PersistentVolume
metadata:
  name: app-storage
spec:
  capacity:
    storage: 10Gi
  accessModes:
    - ReadWriteOnce
  hostPath:
    path: "/data/app-logs"
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: app-logs-pvc
spec:
  accessModes:
    - ReadWriteOnce
  resources:
    requests:
      storage: 10Gi

Issue 2: Legacy applications have network dependencies

Problem: Application expects to be on specific network IP. Application has hardcoded DNS names that resolve to specific server.

Solution:

  • Use Kubernetes DNS naming (service discovery)
  • Use headless services if application requires specific hostname
  • Update application configuration for dynamic service discovery

Example: Service discovery in Kubernetes

apiVersion: v1
kind: Service
metadata:
  name: legacy-app
spec:
  selector:
    app: legacy-app
  ports:
  - protocol: TCP
    port: 8080
    targetPort: 8080

Application can now access service via legacy-app:8080 (or legacy-app.default.svc.cluster.local). Does not matter which pod is running it.

Issue 3: Storage performance requirements

Problem: Your application was tuned to run on SAN storage (fast). Now on Kubernetes with local storage (slower).

Solution:

  • Evaluate storage options (local SSD, networked SSD, cloud-connected storage)
  • Benchmark application performance with different storage
  • If performance is critical, use Azure Stack Hub or similar for managed storage
  • Consider moving database to Azure Arc-managed SQL instance (optimized for performance)

Issue 4: Licensing changes for applications

Problem: Your application has license that is tied to specific hardware. Or VM-based licensing.

Solution:

  • Contact vendor about container licensing
  • Many vendors have updated licensing for containers
  • Some applications may have perpetual license that can be reused
  • Some may need subscription-based licensing

Issue 5: Operational complexity during transition

Problem: You now have to manage both VMware infrastructure and Kubernetes infrastructure in parallel for 12-18 months.

This is complex. More to monitor. More potential for issues.

Solution:

  • Invest in monitoring and alerting (use Azure Monitor for both)
  • Automate operational tasks (use infrastructure-as-code)
  • Hire or train team on Kubernetes (do not wait until you need it)
  • Document everything
  • Have runbooks for common issues

Issue 6: Team skills are VMware-based

Problem: Your operations and development teams are expert in VMware. Kubernetes is foreign.

Solution:

  • Start training 6-12 months before pilot
  • Hire Kubernetes engineers for core team
  • Partner with vendor (Microsoft, others) for training
  • Start small with pilot to give team safe space to learn

Issue 7: Backup and disaster recovery complexity

Problem: VMware backup is straightforward (backup VM, restore VM). Kubernetes backup is more complex (stateless apps, stateful data, configuration).

Solution:

  • Use Velero for Kubernetes backup and disaster recovery
  • Integrate with Azure Backup for managed backups
  • Test restore process regularly
  • Have disaster recovery plan for different failure scenarios

Example: Velero backup

# Install Velero
velero install --provider azure --bucket velero --secret-file ./credentials-velero

# Create daily backup schedule
velero schedule create daily --schedule="0 2 * * *"

# Restore from backup if needed
velero restore create --from-schedule daily

Issue 8: Compliance and audit requirements

Problem: Your infrastructure is subject to regulatory requirements (HIPAA, PCI-DSS, FedRAMP). Does Kubernetes on-premises meet requirements? Does Azure Arc?

Solution:

  • Work with compliance and security teams early
  • Use Azure Arc Compliance Scanner to verify policies
  • Document compliance controls
  • Audit regularly
  • Some regulated environments may need to stay on traditional VMs (Arc provides option to keep VMs)

Best Practices for Azure Arc Adoption

1. Start with clear vision

Why are you adopting Azure Arc? Is it to escape VMware? Is it to modernize? Is it to reduce costs?

Be explicit about goals.

Goals should drive decisions about:

  • Which workloads migrate first
  • What timeline is acceptable
  • What success looks like

2. Pilot before production

Do not deploy Arc to production infrastructure immediately.

Start with small test cluster. Learn. Then expand.

Pilot de-risks the migration.

3. Invest in training early

Kubernetes is different from VMs. Your team needs to learn it.

Start training 6-12 months before production deployment.

4. Standardize on infrastructure-as-code

Instead of manual infrastructure management, use Terraform or Bicep.

Benefits:

  • Reproducible (same code produces same infrastructure every time)
  • Versionable (track changes in Git)
  • Automatable (deploy via CI/CD pipeline)

Example: Terraform to create Arc-enabled cluster

resource "azurerm_kubernetes_cluster_extension" "example" {
  cluster_id = azurerm_kubernetes_cluster.example.id
  name       = "my-arc-extension"
  extension_type = "Microsoft.Data.Services"
  # ... configuration ...
}

5. Implement monitoring and alerting from day one

Do not wait to set up monitoring. Do it during pilot.

Monitor:

  • Arc agent health (is it connected to Azure?)
  • Kubernetes cluster health (are nodes healthy?)
  • Application performance (CPU, memory, disk)
  • Network connectivity (latency to Azure, failures)

Set up alerts for critical issues.

6. Plan for security from the start

Arc extends Azure management to on-premises. This has security implications.

Plan:

  • How are Arc agents authenticated?
  • How do you control who can manage resources via Arc?
  • How do you audit changes?
  • What is your incident response plan?

Use:

  • Azure RBAC to control access
  • Azure Policy to enforce security standards
  • Azure Defender to monitor for security threats
  • Audit logs to track all changes

7. Communicate with stakeholders

Migrating from VMware is organizational change, not just technical change.

Communicate with:

  • Operations teams (change in how they manage infrastructure)
  • Development teams (change in how apps run)
  • Finance (change in costs)
  • Security (change in how infrastructure is secured)
  • Executives (timeline, investments, benefits)

Frame migration as opportunity, not crisis.

8. Plan for multiple iterations

You will not get everything right the first time.

Plan to:

  • Run pilot for 3 months and then decide if it is production-ready
  • Migrate workloads in waves (learn from each wave)
  • Refine processes and tooling after each phase
  • Adjust timeline based on learnings

9. Keep VMware as fallback

Until you are confident with Kubernetes, keep VMware running.

Do not deprecate licenses until you are sure you do not need them.

Migration timeline:

  • Months 1-6: Pilot (VMware still primary)
  • Months 7-12: Gradually shift to Kubernetes (VMware still running as fallback)
  • Months 13-18: Most workloads on Kubernetes (VMware used for edge cases)
  • Months 19-24: Deprecate VMware

10. Partner with vendors for support

Do not try to migrate alone.

Partner with:

  • Microsoft (for Azure Arc and Kubernetes support)
  • Container vendors (Docker, Rancher, etc)
  • Consulting companies (migration expertise)
  • Training companies (Kubernetes education)

Investment: $500K-1M for consulting and training is justified by savings and reduced risk.

Best Practices for Arc Operations

1. Enable auto-updates for Arc agents

Arc agents regularly receive updates. Enable auto-updates so you get security patches automatically.

az connectedk8s update --name my-cluster --resource-group my-rg --auto-upgrade true

2. Use Azure Policy for compliance

Once resources are Arc-enabled, use Azure Policy to enforce compliance standards.

Example: Enforce Windows updates

Effect: DeployIfNotExists
Condition: If type == Microsoft.HybridCompute/machines and OS == Windows
Action: Deploy guest configuration assignment to enforce Windows updates

3. Monitor Arc agent connectivity

Arc agents need to maintain connection to Azure. Monitor:

  • Is agent connected?
  • When was last check-in?
  • Are there network connectivity issues?

Use:

# Check Arc agent status
az connectedmachine show --name my-server --resource-group my-rg --query 'status'

4. Use Azure Monitor for unified monitoring

Send all logs and metrics to Azure Monitor. Create dashboards showing:

  • Arc agent health
  • Resource utilization (CPU, memory, disk)
  • Application performance
  • Network connectivity

5. Implement Role-Based Access Control (RBAC)

Control who can manage Arc resources.

Example: Only infrastructure team can manage Arc resources

az role assignment create --assignee <user-principal-id> --role "Azure Arc Scoped Administrator" \
  --scope /subscriptions/<subscription>/resourceGroups/<rg>/providers/Microsoft.HybridCompute/machines/<machine>

Organizational Benefits of Azure Arc

When implemented well, Azure Arc provides significant organizational benefits.

1. Reduced infrastructure costs

Cost reductions from:

  • Elimination of VMware licensing (savings: $200-500K/year for large organizations)
  • More efficient resource utilization with containers (fewer physical servers needed)
  • Reduced need for specialized infrastructure expertise (Kubernetes is commodity)

5-year savings: $1-2.5M for organization with 1000+ VMs.

2. Increased operational flexibility

You can run workloads where it makes most sense:

  • Run cost-sensitive workloads on-premises
  • Run performance-critical workloads in cloud with premium hardware
  • Run user-facing workloads close to users (on-premises, regional edge, public cloud)

Flexibility enables better decisions.

3. Reduced vendor lock-in

Kubernetes is open source. Azure Arc manages it but does not own it.

You can:

  • Move from Arc to other Kubernetes management solutions if you want
  • Use non-Azure Kubernetes management (Rancher, others)
  • Run Kubernetes without any cloud management if you decide to

This reduces risk of being locked into Microsoft.

4. Faster application deployment

Containers and Kubernetes enable:

  • Faster build and deployment (minutes instead of hours)
  • More efficient resource utilization (more apps per server)
  • Easier rollback (just deploy previous image)
  • Better isolation (container fails, does not affect other apps)

Result: Development velocity increased by 30-50%.

5. Better security posture

Unified security policies via Arc:

  • Same security standards everywhere (Azure, on-premises, multi-cloud)
  • Easier to audit (all logs in one place)
  • Faster detection of security issues (automated scans)
  • Better compliance (policies enforced consistently)

6. Improved disaster recovery

Kubernetes and Arc enable:

  • Easier backup and restore (Velero)
  • Geographic distribution (multi-region clusters)
  • Automatic failover (Kubernetes reschedules failed containers)
  • Better recovery time objectives (RTO) and recovery point objectives (RPO)

7. Path forward from VMware dilemma

For organizations concerned about VMware licensing changes or feature direction:

  • Azure Arc provides viable alternative
  • Gradual migration path (not forced rip-and-replace)
  • Access to modern cloud-native capabilities
  • Option to choose best infrastructure for each workload

8. Competitive advantage

Organizations that modernize infrastructure:

  • Faster to deploy new features
  • More resilient infrastructure
  • Lower operational costs
  • More flexibility for new business requirements

Result: Competitive advantage vs organizations still locked into on-premises VMware.

Organizational Risks and Mitigation

Risk 1: Migration complexity

Migrating from VMware to Kubernetes is complex and can take 18-24 months.

Mitigation:

  • Plan 12 months before starting (assess, design, prepare)
  • Budget appropriately (migration is not free)
  • Have executive sponsorship and patience
  • Celebrate milestones to maintain momentum

Risk 2: Team churn during transition

Staff familiar with VMware may leave during Kubernetes transition (career risk, unfamiliar technology).

Mitigation:

  • Invest in training (show you value their existing skills)
  • Career paths for infrastructure engineers to learn Kubernetes
  • Partner with external experts during transition
  • Hire Kubernetes engineers gradually

Risk 3: Application compatibility issues

Some applications may not work well in containers or Kubernetes.

Mitigation:

  • Test applications thoroughly during pilot
  • Have plan B for problematic applications (keep on VMs, refactor, or rewrite)
  • Not all applications need to move (some can stay on traditional infrastructure)

Risk 4: Cost of Arc infrastructure

While Arc reduces overall costs, there are costs for:

  • Training and education
  • Consulting services
  • New tooling and platforms
  • Operational overhead during transition

Mitigation:

  • Budget separately for transformation costs
  • Measure ROI monthly to ensure you are on track
  • Adjust timeline if costs are higher than expected

Common Mistakes to Avoid

Mistake 1: Assuming it is just a "cloud" decision

Azure Arc is not just about moving to the cloud. It is about modernizing infrastructure architecture.

It requires rethinking how you operate infrastructure, not just where infrastructure runs.

Fix: Treat it as architectural transformation, not just location change.

Mistake 2: Trying to migrate everything at once

Organizations that try to migrate all workloads simultaneously fail.

Too much complexity. Too many unknowns.

Fix: Migrate in waves. Learn from each wave. Adjust approach.

Mistake 3: Not planning for team upskilling

Organizations that do not invest in team training during migration struggle.

Kubernetes teams without experience make mistakes, introduce security issues, or build solutions that do not scale.

Fix: Invest heavily in training. Hire experienced Kubernetes engineers. Partner with experts.

Mistake 4: Ignoring operational complexity

Organizations think Arc will simplify operations. Sometimes it initially adds complexity.

Running VMware + Kubernetes + Arc is more complex than VMware alone.

Fix: Plan for transition period with higher complexity. Invest in automation and tooling. Set expectations with leadership.

Mistake 5: Not measuring success

Organizations that do not measure progress cannot tell if migration is succeeding.

No visibility into costs, timelines, or business impact.

Fix: Establish baseline metrics before migration. Measure monthly. Report to stakeholders.

Wrapping Up

Azure Arc addresses a real need: hybrid infrastructure management for organizations that cannot immediately move to full cloud but recognize the need to modernize.

For organizations concerned about VMware licensing changes, Azure Arc provides a viable path forward. Not forced. Not requiring immediate change. But enabling gradual modernization with clear business benefits.

The path forward:

  1. Understand VMware situation and costs
  2. Evaluate Kubernetes as alternative
  3. Start with Arc pilot to learn
  4. Migrate workloads in waves
  5. Decommission VMware gradually
  6. Modernize operations and development practices

Timeline: 2-3 years. Cost: $500K-1.5M. Benefit: $1-2.5M in licensing costs alone, plus modernization benefits.

For many organizations still deeply invested in on-premises infrastructure, Azure Arc is the bridge to cloud-native future.