Skip to content

Latest commit

 

History

History
120 lines (71 loc) · 5.77 KB

vmware_scaled_powercli_linux.md

File metadata and controls

120 lines (71 loc) · 5.77 KB

Scaled Onboarding VMware vSphere Linux VMs to Azure Arc

The following README will guide you on how to use the provided VMware PowerCLI script so you can perform an automated scaled deployment of the "Azure Arc Connected Machine Agent" in multiple VMware vSphere virtual machines and as a result, onboarding these VMs as an Azure Arc enabled Servers.

This guide assumes you already have an exiting inventory of VMware Virtual Machines and will leverage the PowerCLI PowerShell module to automate the onboarding process of the VMs to Azure Arc.

Prerequisites

  • Clone this repo

    git clone https://github.com/microsoft/azure_arc.git

  • Install or update Azure CLI. Azure CLI should be running version 2.7 or later. Use az --version to check your current installed version.

  • Install VMware PowerCLI

    • Note: This guide was tested with the latest version of PowerCLI as of date (12.0.0) but earlier versions are expected to work as well

    • Supported PowerShell Versions - VMware PowerCLI 12.0.0 is compatible with the following PowerShell versions:

      • Windows PowerShell 5.1
      • PowerShell 7

    • Detailed installation instructions can be found here but the easiest way is to use the VMware.PowerCLI module from the PowerShell Gallery using the below command.

      Install-Module -Name VMware.PowerCLI

  • To be able to read the VM inventory from vCenter as well as invoke a script on the VM OS-level, the following permissions are needed:

  • Create Azure Service Principal (SP)

    To connect the VMware vSphere virtual machine to Azure Arc, an Azure Service Principal assigned with the "Contributor" role is required. To create it, login to your Azure account run the below command (this can also be done in Azure Cloud Shell).

    az login
az ad sp create-for-rbac -n "<Unique SP Name>" --role contributor

    For example:

    az ad sp create-for-rbac -n "http://AzureArcServers" --role contributor

    Output should look like this:

    {
"appId": "XXXXXXXXXXXXXXXXXXXXXXXXXXXX",
"displayName": "AzureArcServers",
"name": "http://AzureArcServers",
"password": "XXXXXXXXXXXXXXXXXXXXXXXXXXXX",
"tenant": "XXXXXXXXXXXXXXXXXXXXXXXXXXXX"
}

    Note: It is optional but highly recommended to scope the SP to a specific Azure subscription and Resource Group

  • Azure Arc enabled servers is leveraging the Microsoft.HybridCompute resource provider (RP). Using the bellow command, register the RP.

    az provider register --namespace 'Microsoft.HybridCompute'

Automation Flow

Below you can find the automation flow for this scenario:

  1. User edit the vars.ps1 PowerCLI script

  2. Upon execution of the scale_deploy.ps1 PowerShell script:

    • The script will auto-generate a vars.sh shell script with the user's Azure environment variables.

    • The script execution will initiate authentication against vCenter and will scan the targeted VM folder where Azure Arc candidate VMs are located and will copy both the auto-generated vars.sh and the install_arc_agent.sh shell scripts to VM Linux OS located in this folder to each VM in that VM folder.

  3. The install_arc_agent.sh shell script will run on the VM guest OS and will install the "Azure Arc Connected Machine Agent" in order to onboard the VM to Azure Arc

Pre-Deployment

To demonstrate the before & after for this scenario, the below screenshots shows a dedicated, empty Azure Resources Group, a vCenter VM folder with candidate VMs and the /var/opt/ directory showing no agent is installed.

Deployment

Before running the PowerCLI script, you must set the environment variables which will be used by the install_arc_agent.sh script. These variables are based on the Azure Service Principal you've just created, your Azure subscription and tenant, and your VMware vSphere credentials and data.

  • Retrieve your Azure Subscription ID and tenant ID using the az account list command

  • Use the Azure Service Principal ID and password created in the prerequisites section

  • Upon completion, the VM will have the "Azure Arc Connected Machine Agent" installed as well as the Azure Resource Group populated with the new Azure Arc enabled Servers.