 Hi, everybody. How are you doing? My name is Tom Hall and I'm hosting this brand new series from the Rock to the Cloud. In this series of videos, we're going to be talking to some amazing people from around the Microsoft ecosystem, talking about everything to do with Windows Server. Every episode, I'm going to meet a special guest and they can help me explain a few things about some of our technology that quite frankly, I probably don't understand and I'm pretty sure some of you don't too, but I know you're interested and I know you're excited. If you have any questions during the episode or if there's anything you want to know, please drop the comments in below. Okay, so today we're going to be talking about something pretty big, something pretty exciting and that's Azure Arc. Now, there's been a lot of buzz around this, so we really need somebody clever and smart who knows what they're doing to come and talk about this. So for the next 30 minutes, I'm going to be catching up with Thomas Moira, although I probably said that wrong. Thomas, how do you say your name? What do we say again? Hi, Tom. Great to be here. Well, you call it Moira, but you almost had it there, so we were very close. Moira. Thomas Moira. That's okay. That's my dyslexic ability of reading names there. So Thomas Moira and Thomas, you're actually a bit of a legend apparently in the industry inside Germany. So we've reached out across the continent to find and personally knows the most about this sort of subject that we can get our hands on for our audience today. So we're very excited to have you. So if you wouldn't mind telling us a little bit more about it because I've obviously picked you up a little bit, saying that you're probably the best person in Europe to talk about this, but in your own opinion, is your own intro of yourself? So first of all, you set the bar very, very high. During your interview, I get very blushed. I'm probably red on camera right now, but yeah. So my name is Thomas Maurer. I work as a cloud advocate in our Azure engineering teams and I'm part of a global team. And what we do on a very high level is actually we create and deliver content such as, for example, this video, as well as like, for example, docs, learn articles, blogs, we speak at conferences and all that good stuff. And again, it can be many, many different things. We also write little tools that might help you working with technology. But the other big part, which probably a lot of people don't see is we get a lot of feedback. So we try to get feedback from our customers to understand what is working, what is not working, how can we make our products more like better and make you, our customers, more successful with that. And so this is a very big part of our job too and actually like helping customers to, again, to be more successful with the stuff we do. And as you can see, that's probably why I'm here. I obviously did a lot of work on Windows Server or with the Windows Server. And now especially like over the last couple of years with Azure and especially hybrid and multi-cloud technology such as Azure Arc and Azure Stack. Yeah, yeah. Well, I mean, we've obviously got the right person because that intro, I think, covers it all off. So let's jump into the topic today, Thomas. Let's talk about Azure Arc, yeah? Let's go. Okay, so before we talk about Azure Arc, what is it all about? What problem are Microsoft trying to solve? What is the challenge for the customers that Microsoft are trying to solve with this product? Because again, there's loads of products out there that Microsoft have got. How is this any different to any other products? And, you know, there's a lot of buzz around it, but what are Microsoft trying to solve for? Yeah, so I mean, if you're watching this video, this is probably not something really new to you, right? But what we see is that customer environments get increasingly complex, right? So that is a lot of like things added, like which add complexity for the IT departments but also for developers, especially like with movements to the cloud and also with new technology and bringing all that together. And that is what we try to address, right? And there are multiple reasons. We try to have a look at what are actually the reasons for it. And there are multiples of those, but three I want to highlight are like the first one is really that IT needs to manage hundreds, if not thousands of different applications, right? And these can be very modern applications written on like past services in Azure, server-less technologies, containerized stuff. But then we also have this huge amount of traditional applications running on servers, some of them virtual and some of them even physical, right? And guess what? Those servers, they're not just going away and so we need to actually find a way to actually help IT departments and developers and IT administrators to actually manage all of these systems. The other part is what we also see is when we speak about management, we also have very diverse infrastructure when we look at customers. Some customers run their own data centers. They have stuff at some service providers. They run, they have edge locations like branch offices, retail stores and so on. And last but not least, we see customers obviously also adopting in some sort of multi-cloud environments as well. This sometimes is the strategy where they actually want to have multiple cloud providers and sometimes it's just like the history of it, right? Probably some department already started with a cloud provider, but then there was a general decision that Azure would be the best cloud provider for the company, which by the way is often very, very true, but so they need to like somehow still manage all of that. And again, you can imagine that adding a cloud provider adds some additional complexity. So adding multiple cloud providers obviously like doesn't make things easier. So we try to help actually manage all this stuff and make it easier. Yeah, and I suppose that you touched on a few things there and I think one of the things that, you know, we're having more of these discussions in the UK with more of our partners about hybrids, about multi-cloud. Like, you know, these are sort of massive buzz terms that are going around the industry, but like why are they important? Because obviously it sounds to me like it's actually just more complication. So, yeah, no, and this is a fair point, right? And I think when you probably speak to Microsoft salespeople very often, you probably just think, oh, well, it's all about the cloud. It's all about cloud. It's all about cloud, right? But that's not necessarily the case. I mean, obviously the cloud has a lot of advantages and can help you with a lot of things, but we know that our customers need to run also stuff on-prem. They want to run stuff on-prem. They want to run stuff in a hybrid environment. And I always quote Jason Sanders here who did the keynote directly after Satya at Ignite 2019 when we still had in-person conferences. And for those who don't know, Jason Sanders is actually the engineering lead of all the Azure services directly under Scott Guffrey. And he did what he said, basically, that was for me the most important part that someone so high obsessed is like, hybrid is going to be an end state for most of our customers and not just the in-between state until everything is moved to the cloud. So that means we actually need to help our customers in these hybrid environments, right? We want to actually deliver technologies which helps them to make their on-premises environment even better, right? And actually help them with that. And we don't just want to convince them, well, just move everything over. No, no, we also want to see there is a need. This can be data sovereignty reasons. This can be networking challenges. This can be just like trust things. So Azure is a great place to learn stuff, but there are reasons why you probably can't run it there. So we want to help you. So I just want to get this right in my head. So hybrid is actually whatever you want, whichever way you want it, a bit of on-prem, a bit of cloud, a bit of private cloud, mixed up in the way you need it. And that is then, you know, you could have multiple clouds. So you could have a other lesser-everable brand of cloud, AWS or something, rubbish like that. And then you could also then have Azure. You could have all of those things all working at the same time. That's then multi-cloud. And so then how is Azure helping with that? Yeah, so you can imagine now, now you end up in a situation where you run stuff in your own data center. You run stuff in Azure, you run stuff, maybe you're not a cloud provider. You run stuff at some edge locations. And for all these different places, where we often what we see is you have different management tools. You have one management tool to manage your stuff on-prem. You have one management tool to manage your stuff in Azure. Then also the other cloud provider provides some management stuff. And it's very tricky, right? And there's a lot of effort to actually use all of that. And it's, again, a lot of complexity. And so we're trying to say, well, our management tools and that a lot of customers tell us this, like our management tool in Azure are actually so good to manage resources at scale even. Why not just enable customers to actually be able to use the Azure portal and the Azure resource manager and the Azure management tools to manage resources which are running outside of Azure? And that is exactly what Azure Arc can do. Right. That sounds pretty amazing. Can you show us that, Thomas? Absolutely. Let's have a look and switch to the demo here. Cool. It's almost like we have that plan, Thomas. I don't know. Yeah, it looks very like a big coincidence here. And so here I am in the Azure portal, right? And what I can do here is, for example, I can go into the All Resources page. And what you can see here actually is all the Azure resources. Now, for those who are not that familiar with Azure or really haven't really played with Azure, everything in Azure is basically an object. Like we learned that very soon that in Azure what you need to do is you need to have the right tools to manage this. And you can see here, I have different names here, and then you can see here the types. So you have virtual machines are an object, disks are an object, network interfaces are an object, databases and so on. Basically, really everything is an object. And every object can then be grouped in a resource group. And it's part of an Azure subscription and it's basically joined to a location, right? And so you can then also go out and organize your things here. You can actually go out and say, well, okay, I want to list all my resources in a specific location or I want to list all my virtual machines and so on. Now, again, customer tools, this is great, but we want to actually, why can we not use this for resources which are outside of Azure? And that is what I want to quickly show you here. So here I can filter the types of resources I want to see. And what I'm going to show here is I'm going to select my Arc-enabled servers. So I already joined a couple of servers to Azure, like these servers, these Arc-enabled servers, these are systems, these can be Windows servers, these can be Linux servers which are running outside of Azure, right? So I'm going to select these. And next to it, I want to see, for example, my Azure virtual machines. So if I apply this filter, it will now show me all of my servers running in Azure and outside of Azure in a single view, right? So this is, you can see here, if I zoom in here, the blue ones are actually the Azure virtual machines and then you have the Azure Arc servers. You can see here my domain controller, my file servers, my Hyper-V server. These are all now connected to Azure and they show up as an object here. And you can also see that they are joined to an Azure resource group. They're part of a subscription. They basically look like an Azure resource and that's not because they just look like it. They now are becoming an Azure resource. They're still running on-premises in my own data center, in my case, underneath my desk here. But they're now represented in Azure, right? And I can do some cool things here now. I can add, for example, like other filters. So what I can do here is something we have packing. That's so simple, Thomas. Yep. Very simple things to do. I can, for example, here, then go and use something like we call tags. Tags is a great way of like tagging your resources and then organize them. So what I did is basically have a cost center tag and then I want to see all my servers, let's say from cost center 1002, and I can apply this and now it shows me all my servers which belong to a specific cost center. And you can see here is a mix of servers running in Azure and servers running outside of Azure, right? So very easy stuff to do. You can now use the Azure control plane to get that visibility and organize your resources. Doesn't matter wherever they are running. So what you're saying is, is that Azure Arc helps our customers manage everything that is either Microsoft-owned or, in fact, non-Microsoft-owned or managed by Azure and put it all into like one place, one kind of bucket. Exactly. But you're calling it Azure Resource Manager. Exactly, exactly. This is now, I can now add here my systems, right? I just showed you now servers. So most of them I showed you here, these are actually Windows servers, right? I added. But again, we also support Linux servers. They can be virtual or physical. They can run in your own data center. They can run in your branch office. They can run at another cloud provider. We also support, by the way, Kubernetes clusters, data services and much, much more, which we can add. Now you might think, Thomas, this is great. Now we get the visibility, but I actually need to do something with it, right? And so what I quickly want to show you is a thing called Azure policy. And this is especially for people who are interested into like making like configuration management, making sure that the systems are configured securely and compliant with the company policy. Now, again, if you're not familiar with Azure policy, Azure policy basically allows us to manage our Azure environment. Now the cloud obviously promise speed and agility. So everyone could go out and just deploy new virtual machines in a couple of seconds. But if you are responsible to manage that environment, you kind of like need to have some policies in place which says, okay, not every developer or IT professional can just go out and deploy a large Azure VM with hundreds of cores, terabytes of memory, and they drain your credit cards in like couple of seconds, right? You actually wanna have some policies in place and that is what Azure policy can do. Now, another part of Azure policy is that we can actually go out and check if the operating systems of Azure virtual machines are configured in a compliant state and in a secure state. And with Azure Arc now, we can do this now for resources which are outside of Azure. So let me quickly show you this. What I would do usually, I would go to assignments and I would create a new assignment. Now, again, I gonna jump through that really, really quickly because most of the stuff is probably not that interesting at the beginning. But what you can do here is you can see here, I do a scope for all my resources in my Azure subscription and then I'm gonna select the definition. And we provide you with a ton of built-in definitions here. So you can see here, we have different definitions. This can also be like things like UK official and UK NHS, right? So like this goes then out and does an environment check based on this. And we have much, much more of these industry certifications here if I scroll down. But we also have some which do just technical things like enable the Azure monitoring for VMs and stuff like that. So in my case, what I wanna do is a very simple one as well but a very important one, like audit my machines with insecure password settings. So I wanna actually see if I have any machine servers in my environment, not just in Azure, but also like on-prem to see if they have insecure password settings. Now think about this as like group policies on steroids, right? This is actually gonna help me. These servers don't need to be domain joined they don't need to be in the same domain. I just get the only thing they need to have is the Azure Arc agent installed and they're gonna show you how later how that works. But so I select that and now on the next page which is new now, you can see here if you worked with this before you can see here now I can actually go in and say well also include my Arc connected servers. So again, meaning servers which are not part of Azure or not running in Azure. So I can go through and actually run through this but this will then take a while until this goes out and checks all my servers. And so like in a good cooking show I already put my air fish. Let me guess one you made earlier Thomas. Exactly, exactly. So I prepared something earlier and you can actually go to you can actually go to the compliance view and what you can see here is first of all, I do a very bad job when it comes to compliance. That's number one and the second thing here is you can see here I have a couple of policies here which I'm not compliant to which are assigned to my environment by either by me or by the people who are managing my stuff and you can also have a couple of them which are compliant but on the top here you can see here the server policy to audit machines within secure password settings. So this is the policy I just showed you and you see I'm not compliant not with a single machine even and if I scroll down you can see here all the policies and you can actually figure out what it checks some of them do like maximum password age which needs to be restricted and stuff like that or where should the passwords be stored and you can see here all the stuff here but more interestingly I obviously now for my environment want to know which resources are not compliant. So if I click on non-compliant resources you can now see that I have my Azure virtual machines as well as my on-prem service here next to each other. So you can see here dark names but if I scroll over here you can see here that I have Microsoft compute virtual machines these are the Azure VMs and then we have Microsoft hybrid compute machines which are basically servers running in your own data center outside of Azure. And so I can actually see now okay look all these servers are not really compliant so I could reach out to the owner of that server the administrator of that server or if I'm that I would obviously go out and go out and fix that right. So that was basically the first first demo I wanted to show you here. Wow so that is that is pretty damn cool. And I didn't realize it was so powerful that you can do so many things across so many you know different different planes right parallel all at the same time all at the same place and like these like that's that's blown me away raise most of you. And so how do we add a server into Azure Arc? I mean that you know I mean like we've got the platform I've got my virtual machines running I've got you know five locations each one's got a server how do I go about doing that? Yep absolutely so as you said like I showed you in the first demo now it was really about okay I already have a couple of servers added right and the way I'm doing this I can show you that in our next demo here. So if you want to try this out and basically I highly encourage you to try this out there's ways you can create I will also talk about that if you haven't really played with Azure you can create a free Azure subscription and then Azure Arc the base settings that I will talk about this they're even free right so you don't even pay for any of that as soon as you don't like at one point I will show you more management technologies and for them you will then actually pay but to join this like all the things I showed you with like the sorting I like sort and actually use text this is free so what you would do you would go to the search here and you would basically just search for Azure Arc and if you then go to the Azure Arc page here I call it the or we call it the Azure Arc Center so this is the piece where you actually manage everything which comes in outside from Azure right so this is actually Azure Arc actually bridges the resources which are running outside of Azure I hope you see what I did there but so what you have here is again different management technologies and I spoke about this again you can manage different things here we have servers Kubernetes clusters SQL servers even Azure Stack HCI we have all the things there as well but you ask me how to add a server so what I go is I click on servers and you can see here here are all the machines I already added now this is not your home basically this is my home here my location but to add a new one I would just simply go to click on add and it's actually very simple so what is happening is we download an agent we install that agent and then we register that agent to our Azure environment and that's it now to make this easier we have two wizards here which can help you actually adding these servers one is really sorry wait sorry well I'm gonna stop you there right so Microsoft has not just got one wizard working for them they've got two wizards like they've got two Gandalfs working at Microsoft not just one why do we need two wizards why do we need two wizards at Microsoft? it's very simple so the first one the first wizard is very good in adding single servers right so what happens is actually that you generate the script which downloads the agent installs the agent and then registers that server now the difference here is when you register that server you need to log in with your Azure credentials right that makes sense however you can imagine that this is not really a good way of doing it if you add multiple servers right and so with this we can use a service principle and that's basically just a an ID basically you can use which has the only like the only access it has is actually to add or the only permission it has is to actually add servers to Azure now I just want to quickly show you what that means right so we're going to see what Gandalf can do right perfect exactly so first if you start at wizard we will see actually like okay the prerequisites again very simple by the way that's actually perfect for actually telling you what you actually need to have so you need to have outgoing internet well not internet traffic but traffic to some of the Azure APIs and you can find a list of these APIs right here on port 443 so all the communication is going outside and it's encrypted and then you need to obviously have local admin rights to install that agent that is basically it what you need the next thing you can actually go and you can then select the Azure subscription you want to join it to you would have your resource group for example where you would organize your arch enabled servers or your applications in and then you would select the closest Azure region so for many of you it's probably right now UK South so this is only the region where the agent connects to right where the APIs are hosted I could also select here now whatever I want I could select that US one as well but for me West Europe is the closest one to my systems I can also select if it's a Windows server or Linux and if it's behind the proxy I could also configure that the next one is we could use the tags those are the tags I basically showed you also with the cost center we already give you a couple of them to help you organize but you can also define your custom tags and you can also obviously do that later on and then at the end you get basically that script which you then can copy and download and then run on your machine and again this will just basically download the installer the Windows world this is an MSI file then install that and then the last one is running that command now let me quickly switch to my machine here so this server in terms of time I already installed that system that server like the agent on it but what happens is on that server called app zero one I now have a process running this is actually the process from the Azure arc or agent or the Azure connected machine agent right and that does the whole communication now from that machine that makes it show up now I get also a management tool here called the Azure connected machine agent and if I hit that you can see here of different options here available on that machine again can do a couple of different things but most importantly what I can do is I can actually show some information now here and this takes a second and then you can see here some Azure related information I can see what resource name now that server has I can see in which resource group it's joined which Azure subscription which Azure tenant which VM ID this server has and if all the services services are running now again this is this is pretty cool here to manage that now what happens after install that you can see here that server shows up here and if I go to that server you can see here now this is how it looks like when it's connected and this is now how it looks like in the Azure portal brilliant and so once you've got a server on board it to Azure what can you do with it like great I've got it there yep as you can yeah I mean I I completely get it there is obviously much we must more than Thomas just showed us right like showing that up doing some policy stuff this is all great but I obviously need I as a Windows server administrator I probably need to do more than just have a look at servers right all day so as you can see it looks like an Azure resource you can see here to different tags you can also see here some additional information I can also see that this server is joined to a local domain again it doesn't need to be but it can you can see here on the left side I can do some role based access control for example so I could now in the Azure only give permission to people who actually need to manage that server and not like to everyone and then I get a couple of awesome things here the first thing I want to show you a security center so I enabled security center so I get Azure Defender for Windows server and that means I also get information about how the system is not configured securely so I have a couple of recommendations here and we also give them basically a priority how fast you should take care of it so for example in this scenario we see that I did not have all my system updates installed and I should probably do that to make sure everything is okay Thomas seriously right you're your own compliant and you're not up to date but this is I'm a horrible I mean I'm really a horrible admin but again Azure Arc and the Azure Kotoba is obviously here to help me to get that visibility and to see like hey Thomas you do actually a bad chop so let's better go out and fix this right so what do we actually have to fix this what we also have is a thing and I need to see if we have that available here is called Azure monitor so I can not only like get these security recommendations I also get a monitoring view here so the first thing I want to show you here is the map view this basically lists my server here in the middle and it shows me to which endpoints or other service this service connecting so I get this awesome IP addresses on that specific for example local ports here as well I can see here that it connects to some like internal service as well and then obviously I get the simple performance monitoring well it's not that simple but like the things you need right you need to know if there's enough disk space how is your CPU utilization your memory utilization you get all that information directly here and you can even configure alerts here and again think about this for a moment over all your service doesn't matter where they're running right and you can control it from Azure like in a single control plane you also have legally simple some believe me simple yep the only installing the agent clicking on enable and that's it basically is there's no like magic and you'll need to install anything I don't like in terms of like I need to set up a monitoring tool or anything it's just there and we obviously update like add more features to Azure monitor and do all the other Azure service pretty regularly yeah another part is obviously sometimes you need to deal with locks so what we have here is for example with lock analytics we can actually send all the system locks of a server to Azure to a lock analytics workspace and then I can for example run here a query and now I can run the performance query here and you can see here down here I get all this performance or go too deep into this but we also can have the security locks and all that like basically all the event locks whatever I want to enable I can I can actually put this in and get all that information directly shown here now speaking of that I can also obviously want to see what else is going on so I can enable change tracking for my server so what I have here is I can see all the changes happening to my server so you can see here if if some services changed if there were some changes made to the system I can see that I can also get a software inventory of that system so I see all for example in this case like there's not much software on that server but all the updates installed and I could go and search for something if I I want to look if something is installed like a specific type of software I could browse to do you need a do you need a new license Thomas we can we can help you out with that maybe we can study a new license I would be happy to have some sort of software I could install but but you could actually see that like what what is going on on that system right and then and you saw here on the left side I can also go and have a policy view here where I now see all the policies again just assigned to this server I don't see all the policies I just see the ones which are assigned to me now and I can see here well I'm not compliant with to and again the same thing as a show before but the other big thing that means obviously to do is update management right this is like something which regularly comes up and you can see here I'm also as I said before security center already told me you are doing a bad job you have updates that you need to install now if you click on update management you can see here all the missing updates I can see some of them are just defender definitions which I don't care so much but there's for example the arc agent even all the other windows updates as well and now what I can do to fix this is actually schedule an update deployment I would give that the name let's call that server doesn't really matter it's just for me to recognize it already detected that this is a Windows server I can configure the maintenance window I can say well reboot if required that sounds like a good option but I can also say always reboot if I want to or never and then I go out into scheduling part which would mean the next five to ten minutes it would basically update that server and obviously after that rebooted if needed however since we are in the middle of a demo here it's probably not a good idea so let's schedule this for later so I can schedule this and what you can also see here I can make that even a recurring task so actually I can say well I want this server to be updated every Tuesday night for example like whatever I want to or every every I can do that and then I can do some other stuff here I can basically say which update classifications should be installed which updates should be included excluded I can even run some post and prescripts here and at the end I review it and create that task and that would then basically go out and patch that server to the configured time now you probably say well Thomas I have 100 servers I don't want to do that per server right so yes so machines and that directly takes you to our Azure automation count account with the update management solution and here you basically get all the update all the systems here running in Azure running outside of Azure and you can see here if they're compliant and not compliant and here I could then also go and update the systems and the difference here is I could have the exact same options I can also schedule it make it recurring past but I can now select so I can set inside like okay let's do let's do group one of all the servers like the main controller one file server one and all that on Tuesday night and then I can create a second group of servers on like the main controller two and stuff like that on first day nights and so I make sure that like if something goes wrong I still have all the other servers available and again I can set same so this so simple because it's just basically like setting up a group policy you know on so it's just simple of it and so me dying there and this then concentrate so much there that I forgot to breathe that's so exciting your demo was Thomas the you said the Azure up is not just about supporting service but there's other services that it can do and it's not just servers it's not just cloud service not just the it's not just on-prem but you mentioned that it can do other things what yeah absolutely so again you can what we we distinguish a little bit between like Azure Arc-enabled infrastructure so that means like joining existing infrastructure again this can be service Linux servers Windows servers physical virtual doesn't matter where they're running we have Kubernetes clusters and again this doesn't mean that it's only a Microsoft flavor to be discussed you just said that like it was just like you just flashed through that just give us down and you know some people might not know what you're about absolutely so Kubernetes clusters basically the orchestrated to like organize your containerized apps right and we see a lot of customers running this inside Azure but also outside of Azure in their own data centers and at other places as well and these need to be managed in a similar way as like for example service to right so we have tools like the monitoring part I showed you for servers we can also enable that specifically obviously you get some additional information about the containers and all Kubernetes specific things we can enable for example the security center parts you actually see if you're configured securely we can enable policies like I showed you with service to make sure that your communities cluster is configured in a compliant state and then something we can also do there and that's very important is app deployment and kind of like at scale right this is more for DevOps and developer people but if you for example need to update your containerized applications on a Kubernetes cluster or deploy them even you can now do that and configure that directly within the Azure portal from a technology like we call a GitOps so what you do is you check in your application code into a Git repository and you tell the Kubernetes clusters to regularly check that Git repository for changes and as soon as soon as soon as there's there's changes to the code like if you deploy an update to it yeah grabs that application and deploys it on the Kubernetes cluster now you would say well if I have one Kubernetes clusters why don't I do that directly or something but obviously if you have one at least you get this this CID CID CID pipeline which you can work on so everything is actually checked in and you have a nice history of what's happened and secondly think about it if you have hundreds of Kubernetes clusters running in different locations you can now go out and update these applications running on these Kubernetes clusters within within within seconds right and then so that that is pretty awesome as well then it's all about it's all about scale isn't it Thomas that's what you're saying it's all about scale it can be it's it's about scale absolutely as oh it scales very very very well with also with servers but I see already a lot of like small companies taking care taking advantage of this right if you have only a couple of servers for example running in your branch office or something like that that already can as rock can already help you giving that experience it's it's really a good mix it absolutely is about scale but you can also use it in very small environments like I talk to very small customers which do only a couple of like a handful of servers if you will but they're so happy that they now don't need a VPN to manage this they don't need to do like any fancy stuff they just log into the Azure portal and I can actually go out and deploy updates and other stuff directly from them yeah so right I've got it now right it's about scale if you want it or simplicity if you need it got it there we are I want to create like some buzz some buzz terms there so scale if you want it simplicity if you need it I love it as you are I'm sold and so where can people find out more information Thomas where like I mean obviously they haven't all got access to you so if they've got access should they need. So there are a couple of places where you can go so obviously the Microsoft Docs are a great place to actually learn about these technologies where we have all the documentation for Azure Arc for all this stuff we also have a Microsoft learn module so Microsoft learn for those who don't know it's a free learning platform with like videos with tax with with little questions for you to actually see if you understand it but also little sandboxes so if you don't have an Azure subscription and you don't want to sign up and you don't like for example you don't have a credit card available you don't want to sign up with your credit car you don't have to because there we give you a sandbox for a couple of hours a day where you can play with your Azure environment and again it's not just for Azure Arc it's also for other Azure technology it's also for even Microsoft 365 technology so for all these spaces as well and it also covers for example the Azure Arc enabled data services part and that one allows you to actually run Azure SQL outside in your in your data center and then last but not least I also want to highlight the Azure Arc Jump Start project so this is a very good place to go is Azure Arc Jump Start dot I O and if you want to try it out they build a lot of automation to build all these environments to onboard resources to like really check it out and actually without you or me investing a lot of time setting things up you can really quickly take advantage of all the automation they built to like if you want to do a presentation in your company if you want to do a POC in your company that is really really helpful sweet so I can't remember all of that but I did write most of it down but what we would do is we'll make sure that information is in the description of of this where we post so we've got that amazing resource because a there's a ton of free stuff and b you know people are going to need their own Thomas if they're going to if they're going to go and settle this stuff so Thomas amazing and so this is this is I really hate saying the fun bit but it's more the unknown bit so we've we've decided in our infinite wisdom that that we're going to have a a server meme review now a couple of colleagues of mine then the producers will get together and I've not seen this right so I actually don't know what's going to happen and apparently because I'm not a server architect or you know someone like yourself apparently I might get this but I think I think apparently you're going to find this very funny so we'd love to know your thoughts on on these memes we'd love to get a rating and you know a comment from the audience as well but let's do a reaction to to a couple of memes so meme one let's see what happens I don't this is literally brand new we don't know if this is going to work so meme one what what at least this when you're working in a server of maintenance and you have to unplug and replug I mean some of us have even a situation I mean I get it like it's funny not not that extreme but yes so I I seen very I don't know if you can say but very bad things in my life and yes this these things sound look similar to this and well yeah yeah it's insane okay right okay so obviously if you if you've got means feel free to post them in the comment section but Thomas we can look and we can look at the second meme I think we just the I think we just get through this now what we really do with a server is them now Thomas that surely can't be you with all your uncompliance yeah I I think that could be me and looking at my compliance state absolutely yeah now this yeah sometimes I remember this times when I was working as a like system administrator right and we had so many different systems like different like hardware systems different rate controllers and stuff like that and things would obviously break all the time and then you need it to actually not like think okay how really hope that like sometimes you just like I reboot this and hopefully it comes back up right it's like that and I know I was waiting I actually remember like it was not a server it was not like it was like a web platform and I remember like something didn't work anymore and I remember like the CTO of the company and a couple of engineers and we were all sitting around like one computer and we said okay let's just reboot it but however the server was like in another country right it would have been hours away and we would make some remote hands gone so like everyone was waiting for it and someone pressed the button to reboot the system and we were like all okay hopefully it comes back up hopefully it comes back up please please please but and luckily like spoiler lord it did so everything went fine but cool okay and you've seen funny memes or you want to rate those memes and let us know appreciate that didn't know what was going to happen there but I think it worked out alright we were obviously praying to the meme gods and so before we before we wrap up Thomas let's just recap the points that we covered so you know what were the top two things with you you would say we covered in this episode so I think the most important takeaway here is really especially and and you never really worked with Azure before I think your takeaway can be that Azure technology is not just to run stuff in Azure but it can also be there to make your on-premises environment even better right it really wants we want to help you there we don't say well look it's just to move everything to Azure I mean of course there are some advantages if you do move things to Azure in some cases but we completely understand that you can move everything that you don't want to move everything Azure technologies like Azure Arc and all our management technologies can make things better for you that is number one and so the second one I would say is really about the different management technologies you have here you saw I went did a lot of demo here so actually doing update management directly from the Cloud making sure that everything is compliant getting all this information in one single place doing monitoring I think that admin or even a decision maker or whoever is in charge of that you probably want to have a look at this and try it out again some of the features are even free some of the features then custom some sort of money but I think it's really good place to actually have a look and see if Azure Arc can fill your need and make your life hopefully easier anything that we can make our life easier Thomas and I think that's the thing that I took from it it's it's that scale the scale if you want it and simplicity when you need it so that's my that's my marketing spiel version of what you said but yeah that it's it's phenomenal and Thomas thank you so much for your time today it's been really special and you know what I actually always love talking to people who who genuinely are experts because it makes such a difference to age to me and my understanding but also hopefully the audience and you know them understanding what technology is actually available for them because I think I think there's a big misconception that these things are a secret they're not a secret we just don't tell enough people about it and actually that's the thing that I've learned from you know as you're up today actually it just it's accessible and it allows people like you said to maximize that on-prem solution with that cloud and that ultimately is hybrid and that's what everyone's talking about so that you've in half an hour made that really really simple and shown us absolutely you know the simple and practice they say Thomas thank you so much the the classic bow I feel like I'll be doing that at the end of every episode so everybody thank you so much for watching this episode from the rock to the cloud keep your eye out for what's coming next we're going to have more exciting episodes coming soon and remember if you've got any thoughts or comments or you know you just simply want to get in touch make sure you drop a comment into the comments section and yeah hopefully you've learned as much as I have because certainly Thomas has blown my mind thanks a lot cheers everybody