Running Azure Local in Disconnected Mode: A Game-Changer for Edge Computing

    Imagine running Azure services in a remote oil rig, a secure government facility, or a manufacturing site with no reliable internet connection. Sounds challenging, right? With Azure Local's Disconnected Operations (Preview), Microsoft is making it possible to bring the power of Azure to environments where cloud connectivity isn’t an option. In this blog post, we’ll dive into what disconnected operations for Azure Local is, why it matters, and how it can transform the way organizations manage workloads in isolated or secure environments. Let’s explore!

What Are Disconnected Operations for Azure Local?Azure Local, powered by Azure Arc, is a distributed infrastructure solution that lets you run virtual machines (VMs), containers, and select Azure services on-premises or at the edge. The Disconnected Operations feature takes this a step further by enabling the deployment and management of Azure Local instances without a connection to the Azure public cloud. This means you can build, deploy, and manage VMs and containerized applications using a local control plane, all while maintaining a familiar Azure portal and CLI experience.This feature, currently in preview, is designed for scenarios where connectivity is limited, security is paramount, or data sovereignty is a must. It’s like having a mini Azure data center right where you need it—no internet required!Why Use Disconnected Operations?Disconnected operations open up a world of possibilities for industries and scenarios where staying offline is critical. Here are some key use cases:

• Data Sovereignty and Compliance: Sectors like government, healthcare, and finance often face strict regulations requiring data to stay within organizational or geographic boundaries. Disconnected operations ensure that both data and control remain local, helping meet compliance requirements.
• Remote or Isolated Locations: Think oil rigs, mining operations, or remote research stations. These locations often lack stable internet access. With disconnected operations, you can still leverage Azure Arc-enabled services to run workloads seamlessly.
• Enhanced Security: For industries with stringent security needs, operating offline reduces the attack surface by eliminating exposure to external networks. It’s a critical advantage for high-security environments like defense or critical infrastructure.

Whether it’s keeping sensitive data on-site or powering mission-critical applications in remote areas, disconnected operations make Azure Local a versatile solution for edge computing.Supported Services in Disconnected ModeDisconnected operations for Azure Local support a robust set of services, ensuring you can manage your infrastructure and workloads effectively. Here’s what’s included:

• Azure Portal: Enjoy a familiar Azure portal experience tailored for disconnected environments.
• Azure Resource Manager (ARM): Manage subscriptions, resource groups, ARM templates, and use the Azure CLI.
• Role-Based Access Control (RBAC): Implement fine-grained access control for subscriptions and resource groups.
• Managed Identity: Use system-assigned managed identities for supported resource types.
• Arc-enabled Servers and VMs: Manage VM guests and set up Windows or Linux VMs on Azure Local.
• Arc-enabled Kubernetes: Connect and manage Kubernetes clusters for unified configuration.
• Azure Kubernetes Service (AKS): Deploy and manage AKS clusters on Azure Local.
• Container Registry: Store and retrieve container images and artifacts.
• Key Vault: Securely store and access secrets.
• Policy Enforcement: Enforce compliance standards when creating new resources.

These services allow you to maintain a consistent Azure experience, even in fully disconnected environments.Prerequisites for Disconnected OperationsBefore diving into disconnected operations, you’ll need to ensure your setup meets specific requirements. Here’s a quick checklist:Hardware RequirementsDisconnected operations require a virtual appliance that runs on Azure Local instances, which means planning for extra capacity. Each node in your cluster needs:

• Minimum 3 nodes for redundancy.
• 64 GB memory per node.
• 24 physical cores per node.
• 2 TB SSD/NVMe storage per node (plus a 480 GB SSD/NVMe boot drive).
• Network: Supports both switchless (for three-node clusters) and switched configurations.

You’ll also need to account for additional capacity for VM or AKS workloads, so plan your hardware accordingly.Integration RequirementsTo deploy disconnected operations, integrate with existing datacenter assets:

• Identity: Use Active Directory Federation Service (ADFS) on Windows Server 2022 for authentication and LDAP for group membership synchronization.
• Public Key Infrastructure (PKI): Support for private or public PKIs, with Active Directory Certificate Services (ADCS) validated as a private PKI solution.
• Network Time Protocol (NTP): Optional local or public time server for system clock synchronization.
• Domain Name System (DNS): Required for resolving Azure Local endpoints and configuring ingress IPs.

Access RequirementsEnsure you have permissions to:

• Create service accounts with read access for LDAP integration.
• Manage DNS records or zones.
• Create and export certificates for secure endpoints.
• Configure firewall settings if a local firewall is in place.

Preview ParticipationSince this feature is in preview, you’ll need:

• An enterprise agreement with Microsoft (typically three years).
• A valid business need for disconnected operations (e.g., regulatory or connectivity constraints).
• Validated Azure Local hardware from the Azure Local catalog.

To join the preview, submit a form and await approval, which typically takes up to 10 business days. If approved, you’ll receive instructions to acquire and deploy the feature.Getting Started with Disconnected OperationsReady to bring Azure Local to your disconnected environment? Here’s how to get started:

1. Verify Prerequisites: Ensure your hardware, integration, and access requirements are met.
2. Submit for Preview Access: Complete the preview participation form and wait for Microsoft’s approval.
3. Deploy the Virtual Appliance: Use the provided instructions to set up the disconnected operations virtual appliance on your Azure Local instance.
4. Configure Services: Leverage the Azure portal or CLI to manage VMs, Kubernetes clusters, and other supported services.
5. Monitor and Manage: Use Azure Policy and other tools to enforce compliance and manage resources at scale.

For detailed deployment steps, check out Microsoft’s guide on Deploy Disconnected Operations for Azure Local (Preview).Why This Matters for the Future of Edge ComputingDisconnected operations for Azure Local are a game-changer for organizations operating in challenging environments. By bringing Azure’s powerful management tools and services to disconnected scenarios, Microsoft is empowering industries to innovate without compromising on security, compliance, or connectivity limitations. Whether you’re in a remote location or a highly regulated industry, this feature ensures you can harness the full potential of Azure Arc-enabled services anywhere.As this feature is still in preview, now’s the perfect time to explore its capabilities and provide feedback to shape its future. If you’re ready to take your edge computing strategy to the next level, Azure Local’s disconnected operations could be the key to unlocking new possibilities.

---

Ready to try it out? Visit the Azure Local documentation to learn more and start your journey with disconnected operations. Let us know in the comments how you’re using Azure Local in your organization and if you are looking for subject matter experts to help you along the way contact us at Acuutech: Acuutech | Cloud Solutions