Edit

Use VMware PowerCLI to scale onboarding VMware vSphere Windows Server virtual machines to Azure Arc

  • Article

This article provides guidance for using the provided VMware PowerCLI script so you can perform an automated scaled deployment of the Azure Arc-connected machine agent in multiple VMware vSphere virtual machines and as a result, onboarding these VMs as an Azure Arc-enabled servers.

This guide assumes you already have an exiting inventory of VMware virtual machines and will use the PowerCLI PowerShell module to automate the onboarding process of the VMs to Azure Arc.

Prerequisites

  1. Clone the Azure Arc Jumpstart repository.

    git clone https://github.com/microsoft/azure_arc.git

  2. Install or update Azure CLI to version 2.7 or higher. Use this command to check your current installed version:

    az --version

  3. Install VMware PowerCLI.

    Note

    This guide was tested with the latest version of PowerCLI as of date (12.0.0) but earlier versions are expected to work as well

    • Supported PowerShell versions: VMware PowerCLI 12.0.0 is compatible with the following PowerShell versions:

      • Windows PowerShell 5.1

      • PowerShell 7

      • Detailed installation instructions can be found in Install PowerCLI, but the easiest way is to use the VMware.PowerCLI module from the PowerShell gallery using the following command.

        Install-Module -Name VMware.PowerCLI

  4. To be able to read the VM inventory from vCenter as well as invoke a script on the VM OS-level, the following permissions are needed:

  5. Create an Azure service principal.

    To connect the VMware vSphere virtual machine to Azure Arc, an Azure service principal assigned with the Contributor role is required. To create it, sign in to your Azure account and run the following command. You can also run this command in Azure Cloud Shell.

    az login
az account set -s <Your Subscription ID>
az ad sp create-for-rbac -n "<Unique SP Name>" --role contributor --scopes "/subscriptions/<Your Subscription ID>"

    For example:

    az ad sp create-for-rbac -n "http://AzureArcServers" --role contributor --scopes "/subscriptions/00000000-0000-0000-0000-000000000000"

    The output should look like this:

    {
  "appId": "XXXXXXXXXXXXXXXXXXXXXXXXXXXX",
  "displayName": "http://AzureArcServers",
  "password": "XXXXXXXXXXXXXXXXXXXXXXXXXXXX",
  "tenant": "XXXXXXXXXXXXXXXXXXXXXXXXXXXX"
}

    Note

    We highly recommend that you scope the service principal to a specific Azure subscription and resource group.

Automation flow

Below you can find the automation flow for this scenario:

  1. The user edits the vars.ps1 PowerCLI script.

  2. The scale_deploy.ps1 script execution will initiate authentication against vCenter and will scan the targeted VM folder where Azure Arc candidate VMs are located and will copy both the vars.ps1 and the install_azure_arc_agent.ps1 PowerCLI scripts to VM Windows OS located in the azure-arc GitHub repository to each VM in that VM folder.

  3. The install-azure_arc_agent.ps1 PowerCLI script will run on the VM guest OS and will install the Azure Arc-connected machine agent in order to onboard the VM to Azure Arc.

Predeployment

To demonstrate the before and after for this scenario, the following screenshots show a dedicated, empty Azure resource group, a vCenter VM folder with candidate VMs and the Apps & features view in Windows showing no agent is installed.

Screenshot of an empty Azure resource group.

A screenshot of a vanilla VMware vSphere virtual machine without an Azure Arc agent.

Another screenshot of a vanilla VMware vSphere virtual machine without an Azure Arc agent.

Deployment

Before running the PowerCLI script, you must set the environment variables which will be used by the install_arc_agent.ps1 script. These variables are based on the Azure service principal you've just created, your Azure subscription and tenant, and your VMware vSphere credentials and data.

  1. Retrieve your Azure subscription ID and tenant ID using the az account list command

  2. Use the Azure service principal ID and password created in the prerequisites section:

    A screenshot of exporting environment variables.

  3. From the azure_arc_servers_jumpstart\vmware\scaled-deploy\powercli\windows folder, open PowerShell session as an administrator and run the scale-deploy.ps1 script.

    A screenshot of how to scale-deploy with a PowerShell script.

    A second screenshot of how to scale-deploy with a PowerShell script.

    A third screenshot of how to scale-deploy with a PowerShell script.

  4. Upon completion, the VM will have the Azure Arc-connected machine agent installed as well as the Azure resource group populated with the new Azure Arc-enabled servers.

    A screenshot of a machine with an Azure Arc agent installed.

    A screenshot of new Azure Arc-enabled servers in an Azure resource group.

    Another screenshot of new Azure Arc-enabled servers in an Azure resource group.