Azure Arc for servers is a tool that can be used to add on-prem physical / virtual servers or servers running in other cloud providers to Azure, this allow these servers to be centrally organised and to be connected to Azure services like Azure policy or log analytics.
Azure Arc for servers is in public preview, so this should not be used on production system until there is a full release version. Currently the only support OS version’s are below.
- Windows Server 2012 R2 and newer
- Ubuntu 16.04 and 18.04
If there is a content filter or proxy, the URL’s in the below link will need to be white-listed all traffic will go over HTTPS (Port 443)
To add a server to Azure Arc, logon to the Azure portal.
Go to All services > Machines – Azure Arc
Click on create machine – Azure ArcThere are two options add machines using interactive script or add machines at scale. In this post we will be using the scripted method.
Select the subscription, resource group and region. When selecting the operating system we can chose between Windows or Linux. Windows will create a PowerShell script and Linux will create a Linux .sh script.
As this feature is currently preview it will ask you to register before completing the download. Once the registration is completed, we can either copy the command or click download to get a copy of the PowerShell script. Below is how the script should look the only difference would be the Azure specific setting like resource group, tenantid…Once the script has run and the connect command has completed it will request that we connect to the device login site https://Microsoft.com/devicelogin and put in the authentication code.
Once completed go back to the PowerShell windows that the script was run from and we should see successfully onboarded to Azure resource. After a few minutes the device should show in Azure Arc. We can now apply Azure policies .
There are some additional steps required to configure the servers to integrate with Azure log analytics.
First step is to install the MMA (Microsoft Monitoring Agent) agent, to download the agent go to Log Analytics workspace and select the require workspace > Advanced settings
Select the required connection source, then OS version. We will also need to take note of the workspace ID and Primary Key which will be used during the agent install to connect to the log workspace.
Go through the agent install.
Select Azure connect the agent to Azure Log Analytics (OMS).
To connect to Azure log analytics put in the workspace id and key.
Once the install has finished we can check the agent in control panel > All Control Panel Items > Microsoft monitoring agent.
We should now be able to query log from the server in Azure Arc for servers.