The complexity of IT environments is constantly expanding to the point of having reality with applications based on different technologies, active on heterogeneous infrastructures and perhaps using solutions in different public clouds. The need greatly felt by customers is to be able to adopt a solution that, in a centralized way, invent it, organize and enforce control policies on their IT resources wherever they are. Microsoft's response to this need is Azure Arc, the solution involving different technologies with the aim of developing new hybrid scenarios, where Azure services and management principles are extended to any infrastructure. This article lists new features that were recently introduced to extend the management capacity of hybrid environments.
The servers enabled for the Azure Arc solution can already benefit from various features related to Azure Resource Manager such as Tags, Policies and RBAC, as well as some features related to Azure Management.
Thanks to the new update that was recently announced you can use new extensions, calls Azure Arc Extensions, to expand functionality and further extend Azure management and governance practices to different environments. This allows to adopt more and more typically cloud solutions, as DevOps techniques (infrastructure as code), even for on-premises environments.
Azure Arc Extensions
The Azure Arc Extensions are applications that allow you to make configurations and perform post-deployment automation tasks. These extensions can be run directly from the Azure command line, PowerShell or Azure portal.
The following Azure Arc Extensions are currently available and can be deployed on Azure Arc-enabled servers.
Custom Script Extensions for Windows and Linux Systems
With this extension, you can perform post-provisioning tasks of the machine to perform customizations of your environment. By adding this extension, you can download custom scripts, for example from Azure Storage, and run them directly on the machine.
When deploying the Custom Script Extension, you can add the file that contains the script to run and optionally add its parameters. For Linux Systems, this is a shell script (.sh), while for Windows is a Powershell script (.ps1).
Desired State Configuration extension on Windows and Ubuntu systems (DSCForLinux)
Desired State Configuration (DSC) is a management platform that you can use to manage your IT and development infrastructure with a view to "configuration as code".
DSC for Windows provides new Windows PowerShell cmdlets and resources that you can use to declaratively specify how you want to configure your software environment. It also provides a useful tool for maintaining and managing existing configurations. This extension works like the extension for virtual machines in Azure, but it is designed to be deployed on Azure Arc-enabled servers.
The extension DSCForLinux allows you to install the OMI agent and DSC agent on Azure Arc-enabled Ubuntu systems. The DSC extension allows you to perform the following actions:
- Register the VM with an Azure Automation account to extract (Pull) configurations (Register ExtensionAction).
- Deploy MOF configurations (Push ExtensionAction).
- Apply the MOF meta configuration to the VM to configure a pull server to extract the node configuration (Pull ExtensionAction).
- Install custom DSC modules (Install ExtensionAction).
- Remove custom DSC modules (Remove ExtensionAction).
OMS Agent for Linux – Microsoft Monitoring Agent
The installation of this agent allows you to collect the monitor data from the guest operating system and the application workloads of the systems and send them to a Log Analytics workspace. This agent is used by several Azure management solutions, including Azure Monitor, Azure Security Center, and Azure Sentinel. Although today it is possible to monitor non-Azure VMs even without Azure Arc, the use of this extension allows you to automatically detect and manage agents in VMs. Once integrated, Azure Arc-enabled servers will fit perfectly into existing Azure portal views along with virtual machines in Azure and Azure scale sets.
After you deploy the Azure Arc agent on the systems, you can install the Microsoft Monitoring Agent (MMA) using this extension, simply by adding the Log Analytics workspace ID and its key.
Thanks to the availability of these new extensions, Azure Arc-enabled servers also have features such as Update Management, Inventory, Change Tracking and Monitor.
The Update Management solution allows you to have an overall visibility into update compliance for both Windows and Linux systems. The search panel can quickly identify missed updates and provide the ability to schedule deployments for update installation within a specific maintenance window.
This feature allows you to retrieve inventory information relating to: installed software, files, Windows Registry keys, Windows Services and Linux Daemons.
Change Tracking feature allows you to track system changes to Daemons, File, Registry, software and services on Windows . This feature can be very useful to diagnose specific problems and to enable alerts against unexpected changes.
Thanks to the availability of these new extensions, you can take advantage of greater functionality, in governance and management typical of Azure, also for hybrid cloud environments. This is an important evolution of this solution, at the moment still in preview, which is soon destined to be further enriched with important new features.