Azure Arc is a powerful tool that allows me to extend Azure management and services to resources outside of the Azure cloud. In this article, I will guide you step-by-step on how to integrate your server with Azure Arc, enabling centralized management, enhanced security, and seamless hybrid cloud capabilities. Whether you’re a seasoned Azure user or just getting started, join me as I unlock the potential of Azure Arc and take our server management to new heights.
What’s Azure Arc on Servers?
Azure Arc-enabled servers allow you to control and manage both Windows and Linux servers, whether they are physical machines or virtual machines, even if they are not hosted in the Azure cloud. These servers could be on your company’s network or hosted by another cloud provider. In Azure Arc, these servers are referred to as “hybrid machines.” Managing hybrid machines in Azure Arc is similar to managing regular Azure virtual machines. You can use familiar tools like Azure Policy and apply tags to ensure consistent management across your entire infrastructure.
To connect hybrid machines to Azure, you install the Azure Connected Machine agent on each machine.
This agent doesn’t replace the Azure Log Analytics agent / Azure Monitor Agent. The Log Analytics agent or Azure Monitor Agent for Windows and Linux is required in order to:
- Proactively monitor the OS and workloads running on the machine
- Manage it using Automation runbooks or solutions like Update Management
- Use other Azure services like Microsoft Defender for Cloud
Azure Arc Dashboard is where you Manage, Monitor & Deploy the Azure Arc Enabled Services.
Setting up the Azure Arc
- Sign in to the Azure Portal and Search for Arc and Click on Azure Arc
- In the Azure Arc Dashboard click on Infrastructure and click Add on Server
There are few Onboarding Services available here
- In this Blog we will install it on Single Physical Server that’s running on prem.
The first page shows you the information of What needs to be done. Click Next
- In Resource details
- Assign a Subscription and Resource Group
- Select the Region
- In this Blog we will be deploying in our Windows Server, So lets select Windows. (Please use Linux if its Linux Distros)
- We can use tagging for Azure Arc Enabled Servers.
- Now you can Download and Run the Script in the Windows Server
- Second Step
Executing the Script in Windows Sever
The Script
try {
$env:SUBSCRIPTION_ID = "0a169d87-4f69-4977-a3c9-e5a95e876e4f";
$env:RESOURCE_GROUP = "JD-Training2";
$env:TENANT_ID = "00dddf0e-6e1e-41c8-b48a-2e84ce893f7c";
$env:LOCATION = "eastus";
$env:AUTH_TYPE = "token";
$env:CORRELATION_ID = "d0de21d1-35de-4058-af75-bac57099b6d8";
$env:CLOUD = "AzureCloud";
[Net.ServicePointManager]::SecurityProtocol = [Net.ServicePointManager]::SecurityProtocol -bor 3072;
Invoke-WebRequest -UseBasicParsing -Uri "https://aka.ms/azcmagent-windows" -TimeoutSec 30 -OutFile "$env:TEMP\install_windows_azcmagent.ps1";
& "$env:TEMP\install_windows_azcmagent.ps1";
if ($LASTEXITCODE -ne 0) { exit 1; }
& "$env:ProgramW6432\AzureConnectedMachineAgent\azcmagent.exe" connect --resource-group "$env:RESOURCE_GROUP" --tenant-id "$env:TENANT_ID" --location "$env:LOCATION" --subscription-id "$env:SUBSCRIPTION_ID" --cloud "$env:CLOUD" --tags "Datacenter=JD" --correlation-id "$env:CORRELATION_ID";
}
catch {
$logBody = @{subscriptionId="$env:SUBSCRIPTION_ID";resourceGroup="$env:RESOURCE_GROUP";tenantId="$env:TENANT_ID";location="$env:LOCATION";correlationId="$env:CORRELATION_ID";authType="$env:AUTH_TYPE";operation="onboarding";messageType=$_.FullyQualifiedErrorId;message="$_";};
Invoke-WebRequest -UseBasicParsing -Uri "https://gbl.his.arc.azure.com/log" -Method "PUT" -Body ($logBody | ConvertTo-Json) | out-null;
Write-Host -ForegroundColor red $_.Exception;
}
- Executing the Script in Windows Server
You have to Sign In to Authenticate
- Navigate to Azure Arc Dashboard and Click on Servers to Check the Connected Device.
To verify the Process running:
Get-Process himds
To verify the Azure Arc Agent Use the Following Command:
azcmagent showManage and configure servers
After you onboard a server computer, you can use Azure Arc to manage and configure that device. The following table describes some of these capabilities:
| Option | Description |
|---|---|
| Overview | Information about the server, including status, location, subscription, computer name, operating system, and tags. |
| Activity log | You can review a list of activities that were performed on the server and who performed them. |
| Access control | You can review and manage access to Azure resources for users, groups, service principals, and managed identities at this scope by creating role assignments. |
| Tags | Tags are name/value pairs that enable you to categorize resources. |
| Policies | You can add, configure, and remove policies for the server. |
| Update Management | This option enables you to maintain consistent control and compliance of the server. |
| Change Tracking and Inventory | You can review change tracking and inventory configuration for the server. Change Tracking and Inventory helps enable consistent control and compliance of your resources. |
| Insights | You can use Azure Monitor to review host CPU, disk, and the online/offline state of your Azure Arc-enabled servers. |
| Logs | You can run queries on logs to gather information about the server. |
| Extensions | You can add and remove extensions for the server. Extensions are small apps that provide post-deployment configuration and automation tasks on servers. For example, Contoso could use an extension if a server needs new software, or if IT staff need to run a script on a server. |
Click on the Connected Device. Which will Display the Information of the Server.
With Azure Arc-enabled servers, you can deploy extensions to Windows and Linux servers that aren’t hosted on Azure, which can help simplify management of those computers.
Summary
In conclusion, Azure Arc is a valuable tool for extending Azure management and services to resources beyond the Azure cloud. By following the steps outlined in this blog, you can successfully integrate your servers with Azure Arc, enabling centralized management, enhanced security, and the advantages of hybrid cloud capabilities. With Azure Arc, you can efficiently control and monitor both Windows and Linux servers, regardless of their physical or virtual nature and their hosting location. By leveraging familiar Azure tools like Azure Policy and tags, you can maintain consistency in managing your infrastructure. Whether you’re an experienced Azure user or just starting out, Azure Arc opens up new possibilities for optimizing your server management. So take the leap, follow the instructions provided, and unlock the full potential of Azure Arc for your server environment.
