Tag: Arc

Azure Arc enabled SQL Server

How to add an Azure Arc enabled SQL Server

A couple of months ago Microsoft announced a new Hybrid Cloud feature called Azure Arc enabled SQL Server. Azure Arc enabled SQL Server allows you to manage your global inventory of SQL servers, protect SQL Server instances with Azure Security Center or periodically assess and tune the health of your SQL Server configurations. In this blog post, we will cover how you can add SQL Server to Azure Management using Azure Arc.

Azure Arc enabled SQL Server Architecture

Azure Arc enabled SQL Server Architecture

Prerequisites

Before you add an Azure Arc enabled SQL Server, you need to prepare the following prerequisites:

  • A virtual or physical machine running SQL Server. The machine hosting SQL Server must be connected to the internet directly or via a proxy server. Running one of the following operating systems:
    • Windows Server 2012 R2 and higher
    • Ubuntu 16.04 and 18.04 (x64)
    • CentOS Linux 7 (x64)
    • SUSE Linux Enterprise Server (SLES) 15 (x64)
  • The Connected Machine agent communicates outbound securely to Azure Arc over TCP port 443. If the machine connects through a firewall or a HTTP proxy server to communicate over the Internet, review the network configuration requirements for the Connected Machine agent.
  • A user account with permissions (An user account with local admin rights.
  • Azure PowerShell installed on the computer executing the onboarding script.
  • You need to have the “Microsoft.AzureData” provider namespace registered. You can run the following Azure PowerShell command to do that: “Register-AzResourceProvider -ProviderNamespace Microsoft.AzureData”. You can run that command in Azure Cloud Shell.

To learn more about the prerequisites, check out the following Microsoft Docs page.



Azure Arc Center - Azure Portal

Check out the new Azure Arc Center – Azure Portal

During the Microsoft Ignite 2020 virtual conference, Azure Arc got a couple of enhancements and announcements. For example, Azure Arc enabled servers is now generally available and Azure Arc and Azure Arc enabled data services is now in public preview. If you want to learn more what Azure Hybrid announcements we had at Microsoft Ignite 2020, check out (Corporate Vice President, Microsoft Azure) blog post. One of the enhancements which I find super helpful, but didn’t get a special mention, is the new Azure Arc Center blade in the Azure Portal.

All Azure Arc Resources

All Azure Arc Resources

In the Azure Arc Center, you can now find an overview of all your hybrid cloud resources and services you can use together with Azure Arc. These include different Azure Arc enabled services like:

You cannot just get an overview of different Azure Arc services, but also find an easy way to onboard, connect, and register new hybrid resources. To open the Azure Arc Center Blade, navigate to Azure Arc in the Azure Portal.

I hope this was helpful if you have any questions feel free to leave a comment.



Filter for Azure VMs and Azure Arc Machines

Inventory for Azure Arc enabled Servers

Azure Arc for Servers allows you to manage servers running in your on-premises location, at the edge, or in a multi-cloud environment directly from the Azure portal. There are many features available to manage these hybrid Azure Arc enabled servers, like Log Analytics or Azure Arc Machine extensions. However, one of the basic features of Azure Arc enabled Servers, is that you can now get an inventory and overview of all your servers. This allows you to see and manage your Azure Arc enabled servers next to your Azure resources.

Inventory for Azure Arc enabled Servers and Azure VMs

Inventory for Azure Arc enabled Servers and Azure VMs.

You can see that your Azure Arc enabled servers show up as Azure resources. You can use the filter to limit the view to only Azure virtual machines (VMs), and Azure Arc enabled servers.



Create Custom Script Extension for Windows - Azure Arc

How to Run Custom Scripts on Azure Arc Enabled Servers

With the latest update for Azure Arc for Servers, you are now able to deploy and use extensions with your Azure Arc enabled servers. With the Custom Script extension, you can run scripts on Azure Arc enabled servers and works similar to the custom script extension for Azure virtual machines (VMs). There is an extension for Windows and Linux servers, which is a tool that can be used to launch and execute machine customization tasks post configuration automatically.

When this Extension is added to an Azure Arc machine, it can download PowerShell and shell scripts and files from Azure storage and launch a script on the machine, which in turn can download additional software components. Custom Script Extension for Linux and Windows – Azure Arc tasks can also be automated using the Azure PowerShell cmdlets and Azure Cross-Platform Command-Line Interface (Azure CLI).

Introducing Azure Arc
For customers who want to simplify complex and distributed environments across on-premises, edge and multicloud, Azure Arc enables deployment of Azure services anywhere and extends Azure management to any infrastructure.
Learn more about Azure Arc here.

How to run Custom Scripts on Azure Arc enabled servers

To run a custom script on an Azure Arc enabled server, you can simply deploy the Custom Script Extension. You open the server you want to run the custom script in the Azure Arc server overview. Navigate to Extensions and click on Add, and select the Custom Script Extension for Windows – Azure Arc or on Linux the Custom Script Extension for Linux – Azure Arc.

Add Custom Script Extension

Add Custom Script Extension

Now you can select the PowerShell or shell script you want to run on that machine, as well as adding some optional arguments for that script.

Create Custom Script Extension for Windows - Azure Arc

Create Custom Script Extension for Windows – Azure Arc

After that, it will take a couple of minutes to run the script on the machine.

Conclusion

The Custom Script Extensions for Linux and Windows can be used to launch and execute machine customization tasks post configuration automatically.

You can learn more about how Azure Arc provides you with cloud-native management technologies for your hybrid cloud environment here, and you can find the documentation for Azure Arc enabled servers on Microsoft Docs.

If you have any questions or comments, feel free to leave a comment below.



Azure Arc Servers Log Analytics

Azure Log Analytics for Azure Arc Enabled Servers

In this blog post, we are going to have a quick look at how you can access Azure Log Analytics data using Azure Arc for Servers. The Azure Log Analytics agent was developed for management across virtual machines in any cloud, on-premises machines, and those monitored by System Center Operations Manager. The Windows and Linux agents send collected data from different sources to your Log Analytics workspace in Azure Monitor, as well as any unique logs or metrics as defined in a monitoring solution. When you want to access these logs and run queries against these logs, you will need to have access to the Azure Log Analytics workspace. However, in many cases, you don’t want everyone having access to the full workspace. Azure Arc for Servers provides RBAC access to log data collected by the Log Analytics agent, stored in the Log Analytics workspace the machine is registered.

Introducing Azure Arc
For customers who want to simplify complex and distributed environments across on-premises, edge and multicloud, Azure Arc enables deployment of Azure services anywhere and extends Azure management to any infrastructure.
Learn more about Azure Arc here.

How to enable Log Analytics for Azure Arc Enabled Servers

To enable log collection, you will need to install the Microsoft Monitoring Agent (MMA) on your Azure Arc enabled server. You can do this manually for Windows and Linux machines, or you can use the new extension for Azure Arc enabled servers. If you already have the MMA agent installed, you can start using logs in Azure Arc immediately.

Create Microsoft Monitoring Agent - Azure Arc

Create Microsoft Monitoring Agent – Azure Arc

After you have installed the agent, it can take a couple of minutes until the log data shows up in the Azure Log Analytics workspace. After the logs are collected in the workspace, you can access them with Azure Arc.

Azure Arc Servers Log Analytics

Azure Arc Servers Log Analytics

Now you can run queries using the Keyword Query Language (KQL) as you would in the Azure Log Analytics workspace, but limited to the logs for that specific server.

Conclusion

With Azure Arc for Servers, we can use role-based access controls to logs from a specific server running on-prem or at another cloud provider, without having access to all the logs in the log analytics workspace.

You can learn more about how Azure Arc provides you with cloud-native management technologies for your hybrid cloud environment here, and you can find the documentation for Azure Arc enabled servers on Microsoft Docs.

If you have any questions or comments, feel free to leave a comment below.



Azure Arc enabled SQL Server

Azure Arc enabled SQL Server Preview is now available

As you know, I do a lot of work on Hybrid Cloud topics like Azure Arc, which allows you to extend Azure management and Azure services to any infrastructure. I talk a lot about how you can use Microsoft Azure to manage your servers running on-premises or at other cloud providers, or how you can connect and manage Kubernetes clusters. The Azure Data services team at Microsoft Ignite 2019 also announced the private preview of Azure Arc Data services, which allow you to deploy services like Azure SQL on any infrastructure. This week they had another news to share, and it is the private preview of Azure Arc enabled SQL Server. With Azure Arc enabled SQL Server, you can use the Azure Portal to register and track the inventory of your SQL Server instances across on-premises, edge sites, and multi-cloud in a single view. You can also take advantage of Azure security services, such as Azure Security Center and Azure Sentinel.

Onboarding SQL Server to Azure Arc

Onboarding SQL Server to Azure Arc

The preview of Azure Arc enabled SQL Server Preview includes the following features:

  • Use the Azure Portal to register and track the inventory of your SQL Server instances across on-premises, edge sites, and multi-cloud in a single view.
  • Use Azure Security Center to produce a comprehensive report of vulnerabilities in SQL Servers and get advanced, real-time security alerts for threats to SQL Servers and the OS.
  • Investigate threats in SQL Servers using Azure Sentinel.
Azure Security Center assessment of on-premises SQL Server

Azure Security Center assessment of on-premises SQL Server

You can register any Windows or Linux based SQL Server to track your inventory. Azure Security Center’s advanced data security works on Windows-based SQL Server version 2012 or higher, running on physical or virtual machines and hosted on any infrastructure outside of Azure.

If you are interested in participating in this preview, check out the official blog post. If you have any questions, feel free to leave a comment.



Add Microsoft Monitoring Agent Extension

How to Add the Microsoft Monitoring Agent to Azure Arc Servers

To use some of the functionality with Azure Arc enabled servers, like Azure Update Management, Inventory, Change Tracking, Logs, and more, you will need to install the Microsoft Monitoring Agent (MMA). In this blog post, we are going to have a look at how you can install the Microsoft Monitoring Agent (MMA) on an Azure Arc enabled server using extensions.

Introducing Azure Arc
For customers who want to simplify complex and distributed environments across on-premises, edge and multicloud, Azure Arc enables deployment of Azure services anywhere and extends Azure management to any infrastructure.
Learn more about Azure Arc here.

You can learn more about the manual MMA setup on Microsoft Docs.

How to install the Microsoft Monitoring Agent on Azure Arc enabled servers

To install the Microsoft Monitoring Agent (MMA) you can use the new extension in Azure Arc. You open the server you want to install the MMA agent in the Azure Arc server overview. Navigate to Extensions and click on Add, and select the Microsoft Monitoring Agent – Azure Arc. This works for Windows and Linux servers.

Add Microsoft Monitoring Agent Extension

Add Microsoft Monitoring Agent Extension

Now you can enter the Azure Log Analytics workspace ID and the key. This will create a job and install the Microsoft Monitoring Agent on the server.

Create Microsoft Monitoring Agent - Azure Arc

Workspace ID and Key

After that, you can start using features like Azure Log Analytics, Inventory, Change Tracking, Update Management, and more. You can also do this manually for Windows and Linux machines.

Conclusion

Azure Arc for servers makes it super simple to deploy the Microsoft Monitoring Agent to servers running on-premises or at other cloud providers.

You can learn more about how Azure Arc provides you with cloud-native management technologies for your hybrid cloud environment here, and you can find the documentation for Azure Arc enabled servers on Microsoft Docs.

If you have any questions or comments, feel free to leave a comment below.