Announcing the extensions public preview for Azure Arc enabled servers

Published Jun 25 2020 09:00 AM 1,414 Views
Microsoft

Hello! Welcome to the first of many blog posts to come in the new Azure Arc space in the Microsoft Tech Community. The Arc engineering teams and experts will post information about product updates, technical insights, and interesting use cases for the family of Azure Arc products here.

 

To kick things off, we're excited to announce the public preview of extensions, update management, inventory and change tracking, and Azure Monitor for Azure Arc enabled servers! 

 

Azure Arc enabled servers

If you're not familiar with Azure Arc enabled servers, head on over to our docs or watch the Ignite 2019 overview session to get caught up. Our goal is to bring the best of Azure to your server workloads running on-premises or in another cloud. We do this by projecting these servers into Azure Resource Manager so they can be managed and governed just like an Azure virtual machine running in a Microsoft datacenter. You'll see your off-Azure machines in the Azure Portal and can use standard Azure role-based access controls to give the server admins the permissions they need to manage their own servers without getting access to others.  All your servers in one place -- Windows and Linux, on-premises and multi-cloud, physical and virtual. That's Azure Arc.

 

Okay, that's enough for now -- you really should watch the Ignite video to see how Azure Arc is redefining hybrid management. Or, if you prefer to read, you can learn how Azure Arc enabled servers are transforming the way Microsoft manages its own on-premises servers.

 

Extensions

As soon as you onboard a server to Azure Arc, you can start organizing and inventorying your assets with tags and the Azure Resource Graph. And any Azure Policies that are assigned to your server will start to evaluate and report back to the Azure Policy portal. But what about making changes to the machine from Azure? That's where extensions come in. Extensions are a means of delivering agents, scripts, and configurations to your machines -- all orchestrated using the Azure Portal or API. They've been around for years on Azure VMs, and we're excited to bring the same functionality on-premises with Azure Arc.

 

We're launching support for 3 popular extensions today with the extensions public preview:

 

  1. Log Analytics Agent extension - downloads, installs, and configures the Log Analytics agent so that you can start monitoring your on-premises machines with Azure Monitor, Azure Security Center, Azure Sentinel and more.
  2. PowerShell DSC extension - deploys a PowerShell DSC configuration to your machine to apply software changes and, optionally, automatically correct drifts from that state.
  3. Custom Script extension - runs a script (PowerShell, bash, Python, etc.) on your machine.

 

A common question that comes up is "what's the difference between installing the Log Analytics agent myself versus using the extension?" It really comes down to the delivery vehicle. The agent itself is the same. But deploying it with the Azure Arc extension means you can install it on your on-premises machines right from the Azure Portal or API. You don't have to log on to the server to configure the software or deploy it with another on-premises configuration management tool. The extension also takes care of configuring the agent with the connection info for your Log Analytics workspace. Finally, with Azure Policy, you can even audit machines that do not have the Log Analytics agent installed and automatically deploy the extension to them .

 

Ready to try extensions out yourself? We've updated our docs to help you get started with extensions on your Azure Arc enabled servers.

 

Azure Monitor for Arc enabled servers

Support for extensions on Arc enabled servers also allows you to start using Azure Monitor insights on these machines. Azure Monitor uses the dependency extension to collect and analyze performance and network connections on your machine so that you can review resource usage over time and identify relationships between your on-premises servers based on network traffic. You can get started with Azure Monitor insights by going to the new "Insights" tab on your Arc machine in the Azure Portal and clicking "Enable". Check out the Azure Monitor docs for more information about these capabilities.

 

Update management, inventory and change tracking

If your Azure Arc enabled server is also enrolled in Azure Automation's software inventory tracking feature or Azure Update Management, you can now access this information directly from the Arc machine view in the Azure Portal. This makes it easy for a server admin to see all the information related to their server in one spot, without having to go to each individual management service. 

 

Conclusion

We're excited to launch these new features in public preview today and hope you'll try them out on your machines. This is just the beginning -- we've got plenty more Azure integrations in the pipeline, so stay tuned for more Azure Arc news!

 

Ryan Puffer

Program Manager for Azure Arc enabled servers

 

 

%3CLINGO-SUB%20id%3D%22lingo-sub-1485205%22%20slang%3D%22en-US%22%3EAnnouncing%20the%20extensions%20public%20preview%20for%20Azure%20Arc%20enabled%20servers%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1485205%22%20slang%3D%22en-US%22%3E%3CP%3EHello!%20Welcome%20to%20the%20first%20of%20many%20blog%20posts%20to%20come%20in%20the%20new%20Azure%20Arc%20space%20in%20the%20Microsoft%20Tech%20Community.%20The%20Arc%20engineering%20teams%20and%20experts%20will%20post%20information%20about%20product%20updates%2C%20technical%20insights%2C%20and%20interesting%20use%20cases%20for%20the%20family%20of%20Azure%20Arc%20products%20here.%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3ETo%20kick%20things%20off%2C%20we're%20excited%20to%20announce%20the%20public%20preview%20of%20extensions%2C%20update%20management%2C%20inventory%20and%20change%20tracking%2C%20and%20Azure%20Monitor%20for%20Azure%20Arc%20enabled%20servers!%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CH3%20id%3D%22toc-hId-1175755705%22%20id%3D%22toc-hId-1175755705%22%3EAzure%20Arc%20enabled%20servers%3C%2FH3%3E%0A%3CP%3EIf%20you're%20not%20familiar%20with%20Azure%20Arc%20enabled%20servers%2C%20%3CA%20href%3D%22https%3A%2F%2Faka.ms%2Farc%2Fserver%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3Ehead%20on%20over%20to%20our%20docs%3C%2FA%3E%20or%20watch%20the%20%3CA%20href%3D%22https%3A%2F%2Fyoutu.be%2F0l9bhd22DgE%22%20target%3D%22_blank%22%20rel%3D%22noopener%20nofollow%20noreferrer%22%3EIgnite%202019%20overview%20session%3C%2FA%3E%26nbsp%3Bto%20get%20caught%20up.%20Our%20goal%20is%20to%20bring%20the%20best%20of%20Azure%20to%20your%20server%20workloads%20running%20on-premises%20or%20in%20another%20cloud.%20We%20do%20this%20by%20projecting%20these%20servers%20into%20Azure%20Resource%20Manager%20so%20they%20can%20be%20managed%20and%20governed%20just%20like%20an%20Azure%20virtual%20machine%20running%20in%20a%20Microsoft%20datacenter.%20You'll%20see%20your%20off-Azure%20machines%20in%20the%20Azure%20Portal%20and%20can%20use%20standard%20Azure%20role-based%20access%20controls%20to%20give%20the%20server%20admins%20the%20permissions%20they%20need%20to%20manage%20their%20own%20servers%20without%20getting%20access%20to%20others.%26nbsp%3B%20All%20your%20servers%20in%20one%20place%20--%20Windows%20and%20Linux%2C%20on-premises%20and%20multi-cloud%2C%20physical%20and%20virtual.%20That's%20Azure%20Arc.%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%20data-unlink%3D%22true%22%3EOkay%2C%20that's%20enough%20for%20now%20--%20you%20really%20should%20watch%20the%20Ignite%20video%20to%20see%20how%20Azure%20Arc%20is%20redefining%20hybrid%20management.%20Or%2C%20if%20you%20prefer%20to%20read%2C%20you%20can%20learn%20how%20Azure%20Arc%20enabled%20servers%20are%20%3CA%20href%3D%22https%3A%2F%2Fwww.microsoft.com%2Fitshowcase%2Fblog%2Fmicrosoft-extends-azure-management-to-the-private-cloud-with-azure-arc%2F%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3Etransforming%20the%20way%20Microsoft%20manages%20its%20own%20on-premises%20servers%3C%2FA%3E.%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CH3%20id%3D%22toc-hId--631698758%22%20id%3D%22toc-hId--631698758%22%3EExtensions%3C%2FH3%3E%0A%3CP%3EAs%20soon%20as%20you%20onboard%20a%20server%20to%20Azure%20Arc%2C%20you%20can%20start%20organizing%20and%20inventorying%20your%20assets%20with%20tags%20and%20the%20Azure%20Resource%20Graph.%20And%20any%20Azure%20Policies%20that%20are%20assigned%20to%20your%20server%20will%20start%20to%20evaluate%20and%20report%20back%20to%20the%20Azure%20Policy%20portal.%20But%20what%20about%20making%20changes%20to%20the%20machine%20from%20Azure%3F%20That's%20where%20extensions%20come%20in.%20Extensions%20are%20a%20means%20of%20delivering%20agents%2C%20scripts%2C%20and%20configurations%20to%20your%20machines%20--%20all%20orchestrated%20using%20the%20Azure%20Portal%20or%20API.%20%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fazure%2Fvirtual-machines%2Fextensions%2Foverview%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3EThey've%20been%20around%20for%20years%20on%20Azure%20VMs%3C%2FA%3E%2C%20and%20we're%20excited%20to%20bring%20the%20same%20functionality%20on-premises%20with%20Azure%20Arc.%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EWe're%20launching%20support%20for%203%20popular%20extensions%20today%20with%20the%20extensions%20public%20preview%3A%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3COL%3E%0A%3CLI%3E%3CSTRONG%3ELog%20Analytics%20Agent%20extension%26nbsp%3B%3C%2FSTRONG%3E-%20downloads%2C%20installs%2C%20and%20configures%20the%20Log%20Analytics%20agent%20so%20that%20you%20can%20start%20monitoring%20your%20on-premises%20machines%20with%20Azure%20Monitor%2C%20Azure%20Security%20Center%2C%20Azure%20Sentinel%20and%20more.%3C%2FLI%3E%0A%3CLI%3E%3CSTRONG%3EPowerShell%20DSC%20extension%3C%2FSTRONG%3E%20-%20deploys%20a%20PowerShell%20DSC%20configuration%20to%20your%20machine%20to%20apply%20software%20changes%20and%2C%20optionally%2C%20automatically%20correct%20drifts%20from%20that%20state.%3C%2FLI%3E%0A%3CLI%3E%3CSTRONG%3ECustom%20Script%20extension%26nbsp%3B%3C%2FSTRONG%3E-%20runs%20a%20script%20(PowerShell%2C%20bash%2C%20Python%2C%20etc.)%20on%20your%20machine.%3C%2FLI%3E%0A%3C%2FOL%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%20data-unlink%3D%22true%22%3EA%20common%20question%20that%20comes%20up%20is%20%22what's%20the%20difference%20between%20installing%20the%20Log%20Analytics%20agent%20myself%20versus%20using%20the%20extension%3F%22%20It%20really%20comes%20down%20to%20the%20delivery%20vehicle.%20The%20agent%20itself%20is%20the%20same.%20But%20deploying%20it%20with%20the%20Azure%20Arc%20extension%20means%20you%20can%20install%20it%20on%20your%20on-premises%20machines%20right%20from%20the%20Azure%20Portal%20or%20API.%20You%20don't%20have%20to%20log%20on%20to%20the%20server%20to%20configure%20the%20software%20or%20deploy%20it%20with%20another%20on-premises%20configuration%20management%20tool.%20The%20extension%20also%20takes%20care%20of%20configuring%20the%20agent%20with%20the%20connection%20info%20for%20your%20Log%20Analytics%20workspace.%20Finally%2C%20with%20Azure%20Policy%2C%20you%20can%20even%20%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fazure%2Fazure-monitor%2Finsights%2Fvminsights-enable-at-scale-policy%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3Eaudit%20machines%20that%20do%20not%20have%20the%20Log%20Analytics%20agent%20installed%3C%2FA%3E%20and%20automatically%20deploy%20the%20extension%20to%20them%26nbsp%3B.%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EReady%20to%20try%20extensions%20out%20yourself%3F%20We've%20updated%20our%20docs%20to%20help%20you%20%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fazure%2Fazure-arc%2Fservers%2Fmanage-vm-extensions%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3Eget%20started%20with%20extensions%20on%20your%20Azure%20Arc%20enabled%20servers%3C%2FA%3E.%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CH3%20id%3D%22toc-hId-1855814075%22%20id%3D%22toc-hId-1855814075%22%3EAzure%20Monitor%20for%20Arc%20enabled%20servers%3C%2FH3%3E%0A%3CP%3ESupport%20for%20extensions%20on%20Arc%20enabled%20servers%20also%20allows%20you%20to%20start%20using%20Azure%20Monitor%20insights%20on%20these%20machines.%20Azure%20Monitor%20uses%20the%20dependency%20extension%20to%20collect%20and%20analyze%20performance%20and%20network%20connections%20on%20your%20machine%20so%20that%20you%20can%20review%20resource%20usage%20over%20time%20and%20identify%20relationships%20between%20your%20on-premises%20servers%20based%20on%20network%20traffic.%20You%20can%20get%20started%20with%20Azure%20Monitor%20insights%20by%20going%20to%20the%20new%20%22Insights%22%20tab%20on%20your%20Arc%20machine%20in%20the%20Azure%20Portal%20and%20clicking%20%22Enable%22.%20Check%20out%20the%20%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fazure%2Fazure-monitor%2Finsights%2Fvminsights-overview%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3EAzure%20Monitor%20docs%3C%2FA%3E%20for%20more%20information%20about%20these%20capabilities.%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CH3%20id%3D%22toc-hId-48359612%22%20id%3D%22toc-hId-48359612%22%3EUpdate%20management%2C%20inventory%20and%20change%20tracking%3C%2FH3%3E%0A%3CP%3EIf%20your%20Azure%20Arc%20enabled%20server%20is%20also%20enrolled%20in%20Azure%20Automation's%20software%20inventory%20tracking%20feature%20or%20Azure%20Update%20Management%2C%20you%20can%20now%20access%20this%20information%20directly%20from%20the%20Arc%20machine%20view%20in%20the%20Azure%20Portal.%20This%20makes%20it%20easy%20for%20a%20server%20admin%20to%20see%20all%20the%20information%20related%20to%20their%20server%20in%20one%20spot%2C%20without%20having%20to%20go%20to%20each%20individual%20management%20service.%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CH3%20id%3D%22toc-hId--1759094851%22%20id%3D%22toc-hId--1759094851%22%3EConclusion%3C%2FH3%3E%0A%3CP%3EWe're%20excited%20to%20launch%20these%20new%20features%20in%20public%20preview%20today%20and%20hope%20you'll%20try%20them%20out%20on%20your%20machines.%20This%20is%20just%20the%20beginning%20--%20we've%20got%20plenty%20more%20Azure%20integrations%20in%20the%20pipeline%2C%20so%20stay%20tuned%20for%20more%20Azure%20Arc%20news!%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%3CEM%3ERyan%20Puffer%3C%2FEM%3E%3C%2FP%3E%0A%3CP%3E%3CEM%3EProgram%20Manager%20for%20Azure%20Arc%20enabled%20servers%3C%2FEM%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-TEASER%20id%3D%22lingo-teaser-1485205%22%20slang%3D%22en-US%22%3E%3CP%3EAzure%20Arc%20now%20supports%20VM%20extensions%2C%20making%20it%20easy%20to%20configure%20your%20on-premises%20machines%20directly%20from%20Azure.%3C%2FP%3E%3C%2FLINGO-TEASER%3E%3CLINGO-LABS%20id%3D%22lingo-labs-1485205%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EServers%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E
Version history
Last update:
‎Jun 24 2020 08:00 AM
Updated by: