Azure Back to School 2023: Let’s take a look at Azure Arc-enabled System Center Virtual Machine Manager : wmatthyssen
by: wmatthyssen
blow post content copied from Wim Matthyssen
click here to view original post
Azure Back to School is a wonderful community initiative set up by Dwayne Natwick and Derek Smith. As in previous years, throughout the entire month of September, community members from around the globe will be sharing a blend of video contributions, live sessions, and blog posts covering various Azure subjects. This is truly what community is all about: sharing knowledge, helping people learn new things, and improving their skillset.
You can find all other videos and blog posts at https://azurebacktoschool.github.io/
Next to that, you can also stay updated by following the hashtag #AzureBacktoSchool on Twitter or LinkedIn.
In my blog post, I’ll look into what Azure-Arc enabled System Center Virtual Machine Manager (SCVMM) is and walk you through the steps to connect your SCVMM management server to Azure Arc.
What is Azure Arc-enabled System Center Virtual Machine Manager?
As some of you might be aware, Azure Arc offers the capability to bring aboard a diverse range of non-Azure resources. These resources could be operating on-premises, within other cloud environments, or at the edge, and Azure Arc allows you to seamlessly integrate them into Azure.
And by extending your current non-Azure resources into Azure Resource Manager (ARM), you establish a unified management platform. This simplifies the process of enhancing security, governance, and compliance measures across all your resources beyond the borders of Azure, all through a single, comprehensive interface.
These days, you can also enhance your governance and management capabilities for your Hyper-V infrastructure with Azure Arc-enabled SCVMM, currently in public preview.
This feature not only lets you view and manage your Hyper-V virtual machines (VMs) managed by SCVMM from Azure, but it also enables you to perform various actions such as creating, modifying, pausing, deleting, starting, stopping, and resizing VMs.
Furthermore, it provides you with the capability of browsing your SCVMM resources, including templates, VM networks, and even storage.
To achieve this, the Azure Arc-enabled SCVMM feature relies on an Azure Arc resource bridge (also in preview). This resource bridge is deployed within your designated SCVMM environment and connects your SCVMM instance to Azure Arc. Once this connection is made, the virtual appliance, which includes a built-in Kubernetes management cluster, serves as the access point for Azure Arc to get and manage any data from your SCVMM management server.
To get you started, in this blog post, I’ll delve into the essential prerequisites (both Azure and SCVMM) needed when you’re ready to deploy Azure Arc-enabled SCVMM in your environment. Additionally, I’ll guide you through the process of preparing, downloading, and configuring the resource bridge to connect your SCVMM management server with Azure.
If you are interested, you can also read my other Arc related blog posts: Azure Arc: Using tags with Azure Arc-enabled servers, Azure Arc: Keep an eye on the value of the Datacenter physical location tag when onboarding Azure Arc-enabled servers and Azure Tip: List all your Azure Arc-enabled servers together with your IaaS VMs in the Azure Portal
Azure prerequisites
You can already take some steps to speed up the overall Azure Arc onboarding and configuration process, which can also help you keep your Azure environment under control.
To start, consider setting up an Azure Arc child management group underneath your landing zones management group and allocating a dedicated (or more) Azure subscription(s) exclusively for your Azure Arc purposes.
Additionally, it’s a good idea to plan for dedicated resource groups for your Arc-enabled SCVMM and other Arc resources. Ensure that you have the Owner/Contributor role assigned within this dedicated resource group before you start the SCVMM Arc onboarding.
By implementing the steps outlined above, you gain better control, organization, and management over all your Arc-related resources. You can also apply your chosen Azure Role-Based Access Control (Azure RBAC), security measures, and Azure Policy strategy to them.
Following that, you should pre-register the necessary resources, including “Microsoft.ConnectedVMwarevSphere” and other Azure Arc-required resource providers, by executing the provided cmdlets either in Azure Cloud Shell or via Windows Terminal.
Please be aware that this registration process may take up to 10 minutes, and it’s crucial to ensure you’ve selected the correct subscription before running these cmdlets.
## ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
# Register Microsoft.HybridCompute resource provider
Register-AzResourceProvider -ProviderNamespace Microsoft.HybridCompute | Out-Null
# Register Microsoft.HybridConnectivity resource provider
Register-AzResourceProvider -ProviderNamespace Microsoft.HybridConnectivity | Out-Null
# Register Microsoft.GuestConfiguration resource provider
Register-AzResourceProvider -ProviderNamespace Microsoft.GuestConfiguration | Out-Null
# Register Microsoft.ScVmm resource provider
Register-AzResourceProvider -ProviderNamespace Microsoft.ScVmm | Out-Null
## ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
SCVMM prerequisites
It’s essential to note that currently, Azure Arc-enabled SCVMM is compatible with an SCVMM management server running version 2016 or later.
To successfully deploy the Arc Resource Bridge VM and perform various other operations, you will also need an SCVMM admin account with full administrative privileges over all objects managed by SCVMM.
This user should be part of the local administrator group on the SCVMM server. It’s recommended to utilize a VMMAdmins security group to grant these privileges to all users who require them.
Furthermore, make sure you have an SCVMM private cloud configured with a minimum of 16 GB of RAM, 4 vCPUs, and at least 100 GB of available disk space.
Additionally, ensure that your VM network has internet access, either directly or through a proxy.
If you plan to allocate dynamic IP addresses to appliance VMs, a DHCP server is required. Alternatively, if you prefer static IP allocation, you’ll need a VMM static IP pool.
Prepare and download the resource bridge onboarding script
Logon to the Azure Portal and enter “arc” into the global search bar, then select “Azure Arc” from the search results.
On the Azure Arc page, navigate to the “Overview” section and choose “Infrastructure“, then scroll down to the “Platform” section and click on “Add” beneath “System Center VMM (preview).”
On the “Connect SCVMM management server to Azure” page, opt for “Create a new resource bridge“, and proceed by clicking “Next: Basics >.”
On the “Basics” page, give your resource bridge a name (e.g., rb-prd-myh-scvmm-01), select a subscription and resource group, and choose an Azure region (please note that during the preview, only East US, East US 2, North Europe, West Europe, and West US 2 are supported regions).
Additionally, name your custom location (e.g., scvmm-Antwerp) and your SCVMM management server (e.g., swpvmm021), ensuring they align with their usage in Azure. Once done, click on “Next: Tags >.”
Next, either select from the available options or manually input all the necessary physical location and custom tags. Once you’ve completed this step, proceed by clicking on “Next: Download and run script >.”
On the following page, if needed, register your subscription with the required resource providers before proceeding to connect your SCVMM management server to Azure. Simply click on “Register” to initiate the process, and please be aware that this may take a few minutes to complete.
Afterward, you can download the onboarding script in either the PowerShell-based version for Windows or the Azure CLI-based version for Linux by clicking on the “Download script” option.
If you get a security warning that states “…ps1 could harm your device,” simply click on “Keep.”
If necessary, copy the downloaded script to your SCVMM management server or admin workstation, Privileged Access Workstation (PAW), or designated jump server that has direct or proxied access to the SCVMM management server where the resource bridge will be deployed.
Run the onboarding script
On the server or workstation where you copied the onboarding script, open a new PowerShell window and check whether Azure CLI is already successfully installed* by running the following command:
az --version
*If Azure CLI is not yet installed, you can follow the instructions to install it on a Windows device over here.
If Azure CLI is already installed, go to the folder where you’ve placed the PowerShell script, and execute the following command to enable the script to run, as it’s an unsigned script:
Set-ExecutionPolicy -Scope Process -ExecutionPolicy Bypass
Then run the script. Keep in mind that the script execution may take up to half an hour, during which you’ll be prompted for various details, as illustrated and explained in the screenshots below.
Input: Is the current workstation behind a proxy?
Input: Confirm login to Azure cli?
Input: Please enter SCVMM Server FQDN(Role name in case of HAVMM) or IP address.
Input: Please enter the SCVMM server port (The default is 8100).
Input: Please enter SCVMM Administrator Username (domain\username).
Input: Please enter SCVMM Administrator Password.
Input: Deploy resource bridge as a Highly Available virtual machine?
Input: Please enter the SCVMM cloud.
Input: Do you want to configure the Appliance VM with Dynamic IP (from DHCP or third-party IP assignment tool) or Static IP (from VMM IP Pool)? Enter ‘Y’ for Dynamic IP or Enter ‘N’ for Static IP (Y/N).
Input: Please enter the SCVMM VM network.
Input: Please enter SCVMM Static IP Pool.
Input: Please enter Static MAC address (Press enter to assign MAC from Default VMM MAC Pool).
Input: Please enter SCVMM library share (Ensure VMM Server has to write access on the selected Library Share).
Input: Please provide the Appliance VM control plane IP.
Input: Do you want to configure Appliance proxy settings?
After completing the entry of all the necessary details, the setup will initiate the download of the image and begin the preparations for deploying the Azure Arc Resource Bridge VM.
In the final step, which involves connecting to the SCVMM management server, you’ll be asked to provide some SCVMM management server details, like the FQDN or IP address, the server port number (default: 8100), your SCVMM management server username, and the corresponding password.
These credentials will come into play when you carry out SCVMM operations via the Azure portal. While it’s possible to use the same credentials you provided for the Arc resource bridge earlier, it’s strongly recommend utilizing a dedicated admin account for this purpose.
Once the connection is successfully established, your SCVMM will be onboarded to Azure Arc.
Conclusion
That wraps up this blog post. But before closing off, I want to express my excitement about being a part of the Azure Back to School event, and I sincerely hope you find all the shared content very useful and learningful.
If you have any questions or comments about my blog post, don’t hesitate to reach out to me via my Twitter handle (@wmatthyssen) or leave a comment, and I’ll be more than happy to assist.
Enjoy your reading and watching!
September 04, 2023 at 06:00AM
Click here for more details...
=============================
The original post is available in Wim Matthyssen by wmatthyssen
this post has been published as it is through automation. Automation script brings all the top bloggers post under a single umbrella.
The purpose of this blog, Follow the top Salesforce bloggers and collect all blogs in a single place through automation.
============================
Post a Comment