Public preview – Azure Arc-enabled VMware vSphere – Part 1

Overview

Manage your VMware Datacenter through Azure Cloud tools

Announced in private preview stage during the Microsoft Ignite on November 2021, the Azure Arc integration with VMware vSphere is now available in public preview since March 31th, 2022.

The feature, still in development process, is now labeled Azure Arc-enabled VMware vSphere, and provides a unified governance and management solution for lifecycle and guest OS operations of VMware VMs through Azure Arc.

As Azure VMware Solutions private clouds relies on a standardized VMware SDDC, you can also use Azure Arc-enabled VMware vSphere to operate your AVS-based workloads.

How it works ?

Azure Arc-enabled VMware vSphere relies on a Resource Bridge appliance deployed in the target environment (or in a VMware environment with network access to the target one). This bridge will act a the access-point for Azure Arc to get and manage data from vCenter APIs.

As of now, the Resource Bridge requires an outbound connectivity to Internet (specifically to to Azure APIs over HTTPS(443)) and can only be deployed on a VMware environment.

The Azure Arc Resource Bridge act as a gateway for Azure Arc to access and manage VMware based workloads.

When the appliance is fully deployed and reports to the Azure Arc APIs, you can browse the inventory and enable some VMware components to be accessible as Azure objects. Azure-Enabled resources from the VMware environment will be attached to:

  • A custom location representing your VMware Datacenter in Azure
  • A resource group to provide ability to organize your resources and to apply RBAC (Role-Based Access Control) strategy

Benefits

As for Azure Arc, the main goal of Azure Arc-enabled VMware vSphere is to extend Azure governance and management capabilities on non-Azure environments. In this case to a VMware vSphere infrastructure.

This provides a consistent management experience across Azure and VMware vSphere infrastructure like:

  • VMware virtual machine (VM) lifecycle operations: create/register, start/stop, resize, and delete.
  • Apply RBAC strategy to provide users and application teams to self-serve VM operations.
  • Apply Azure governance strategies across Azure and VMware VMs by enabling guest management (Azure Policies, Update Management, Monitoring etc.).
  • Use Azure Resource Manager based API to manage VMware workload (ARM or Bicep templates, Azure APIs and CLI tools).

Resource Bridge Deployment

Disclaimer: This walkthrough deployment process is not a substitution of the Microsoft Documentation about Azure Arc-enabled VMware vSphere. This blog post will not receive major updates to synchronize with the development status of Azure Arc-enabled VMware vSphere feature and only reflect the process at a specific moment in time.

Pre-requisites

In order to have access to all Azure Arc-enabled VMware vSphere features, I had to register the following Azure resources providers to my subscription:

  • Microsoft.ConnectedVMwarevSphere
  • Microsoft.HybridCompute
  • Microsoft.GuestConfiguration

I used Azure CLI:

1export AZURE_SUBSCRIPTION_ID='********-****-****-****-************'
2az provider register --wait --subscription "${AZURE_SUBSCRIPTION_ID}" --namespace Microsoft.ConnectedVMwarevSphere
3az provider register --wait --subscription "${AZURE_SUBSCRIPTION_ID}" --namespace Microsoft.HybridCompute
4az provider register --wait --subscription "${AZURE_SUBSCRIPTION_ID}" --namespace Microsoft.GuestConfiguration

Resource requirements

The Resource Bridge appliance requires the following resources assignment:

  • 4 vCPU
  • 16GB RAM
  • 100GB free disk space

Create the vCenter Resource Bridge

From Azure portal, select the Azure Arc product then:

  1. VMware vCenters (preview)
  2. (+) Add

Resource Bridge creation from Azure UI – step 1

You will be requested to:

  1. Attach the Resource Bridge to a subscription, a resource-group and a region (only East US and West Europe are available by now).
  2. Provide a name for a custom location

The custom location will represent, in Azure, the location of your vCenter deployment.

  1. Provide a name for the vCenter in Azure

Resource Bridge creation from Azure UI – step 2

In the next screen of the wizard, you can attach tags to your new resource. In the third step, you are invited to download a PowerShell-based (Windows) or Azure CLI-based (Linux) version of a script.

If your subscription is not registered with all the required resource providers, a Register button will appear.

Resource Bridge creation from Azure UI – step 3

The downloaded script needs to be run from a workstation or jump server with direct or proxyfied access to the vCenter where the resource bridge will be deployed.

The last wizard step provide an insight on the resource bridge deployment status, but does not affect the resource creation.

Resource Bridge creation from Azure UI – step 4

(Windows) Powershell script

Azure PowerShell module is required.

If you choose the PowerShell (Windows) version of the script:

1Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Scope CurrentUser
2Install-Module -Name Az -Scope CurrentUser -Repository PSGallery
3Connect-AzAccount
4./resource-bridge-onboarding-script.ps1

(Linux) Azure CLI script

Azure CLI is required.

If you choose the PowerShell (Windows) version of the script:

1az login
2bash resource-bridge-onboarding-script.sh

Running the deployment script

The deployment script will ask for a set of information in order do deploy and configure the resource bridge appliance.

  • Proxy settings for the current workstation
  • Target vCenter FQDN, username, password
  • VM deployment details:
    • VMware logical-datacenter
    • Network
    • ResourcePool
    • Datastore
    • VM Folder
    • Appliance IP settings

Resource Bridge creation from Azure UI – step 5
Resource Bridge creation from Azure UI – step 6

The script will run for about 15 minutes to download, deploy and configure the Resource Bridge appliance. When fully deployed, the verification step of the UI wizard will display a green check to validate that both Azure API and the appliance are communicating together.

Upcoming

In the upcoming posts, we will cover the functional capabilities of having VMware resources managed through Azure, from UI or with automation tools.

Credits

Title photo by Joseph Barrientos on Unsplash