Azure Automanage and Azure Arc!
Join me as I look at using Azure Arc and Azure Automanage together to manage your server estate.
In June 2021 Microsoft announced a public preview of Azure Automanage for Azure Arc enabled servers! Which is an interesting concept.
Azure Automanage is a service that was announced at Microsoft Ignite 2020. It helps you to integrate certain Azure Management services to your Azure Virtual Machines (VM) without actually needing to know how to onboard the VMs to those services. These VMs can either be Linux or Windows Server.
With this new announcement it means that these servers can reside anywhere, they don't have to be Azure VMs, if they are Azure Arc enabled servers you are able to use the Azure Automanage best practices.
Best Practices
When you onboard an Azure VM or an Azure Arc enabled server to Azure Automanage certain best practice configurations will be applied to your VM. These best practice recommendations are part of the Cloud Adoption Framework.
Azure Automanage will help you on-board to the following services:
- Machines Insights Monitoring
- Azure Security Center
- Update Management
- Change Tracking & Inventory
- Azure Guest Configuration
- Azure Automation Account
- Log Analytics Workspace
What do I need to do?
So what do you need to do in order to get this all working?
The first step is to install the Azure Arc agent on your server. Azure Arc supports the following operating systems:
- Windows Server 2008 R2 SP1, Windows Server 2012 R2 and higher (including Server Core)
- Ubuntu 16.04, 18.04, and 20.04 LTS (x64)
- CentOS Linux 7 and 8 (x64)
- SUSE Linux Enterprise Server (SLES) 12 and 15 (x64)
- Red Hat Enterprise Linux (RHEL) 7 and 8 (x64)
- Amazon Linux 2 (x64)
- Oracle Linux 7
For details on how to install the Azure Arc agent on your server, please refer to a previous blog post that I wrote - Install Azure Arc onto your servers.
Enable Automanage
Now that you have an Azure Arc enabled on your servers it's time to set up Azure Automanage.
Navigate to the Azure Automanage blade within the Azure Portal and click on the Enable on existing machine button that will be available to you.
When you click on that you will be presented with several options. The first one is what machines you want to enable Automanage for. In this example I am going to select one of my on-prem servers that are connected through Azure Arc.
Once I've selected the machines I want to enable my next configuration item is what environment these machines are part of, Dev/Test or Production.
Azure Automanage will apply slightly different settings and management tasks depending on whether or not your machine lives in Dev/Test versus your Production environment. One example would there is no backup configured for your Dev/Test servers, this is only recommended for Production environments.
Note: There are several services within Azure Automanage that are not supported for Azure Arc machines. So this is definately something to be aware of when using Automanage with Arc.
I'm going to select Dev/Test as this is a lab server I am using and leave the rest of the configuration options as the defaults. You do have the option of tweaking things like when you want to run antimalware scans on your servers, but as this the Microsoft Antimalware option isn't available for Azure Arc connected servers this is not something I need to pay too much attention to.
It will take several minutes for the settings to be configured on your server, so maybe time for a coffee break! ☕
If you've had a coffee and want to see what the process is you can monitor the progress within the server Activity Log within the Azure Portal:
Once the configuration for Automanage has been applied to your server you can start to interact with some of the services that are now configured on your machine.
It may take some time for things to kick and fully start to report and show within the Azure portal but one of the first things that has started to report for me is that my server is missing some updates. And I can start to schedule deployments of updates to bring it up to date and keep it up to date.
Thoughts
I can see the real advantage of Azure Automanage for managed service providers to quickly enable a set of configuration preferences to customer environments quickly or small organisations who use Azure but don't necessarily have a dedicated IT team to help manage everything.
However, some of the limits where services are not supported when trying to use it with Azure Arc is a little disappointing. It will be really interesting to see how Automanage and Arc grow and become part of the Microsoft Hybrid story fully.