Share via

Automate the onboarding and offboarding of servers to Azure Arc

MyAzQuery 171 Reputation points
2023-06-06T17:06:29.2333333+00:00

We have both linux and windows Servers. We want to Automate the onboarding and offboarding of servers to Azure Arc.

  1. So how can we automate the onboarding of existing or newly created onprem servers to Azure Arc. ?
  1. Similarly , is there a way to offboard servers from Azure Arc, whenever the server is decommisioned from onprem ?
Azure Arc
Azure Arc
A Microsoft cloud service that enables deployment of Azure services across hybrid and multicloud environments.
525 questions

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Luke Murray 11,436 Reputation points MVP Volunteer Moderator
    2023-06-07T00:39:36.5633333+00:00

    This is an 'it depends' answer - if you have Windows Servers - you can use Group Policy or another deployment tool to automate onboarding. You can also run the uninstall to remove the Arc functionality.

  2. AnuragSingh-MSFT 21,551 Reputation points Moderator
    2023-06-07T06:21:06.73+00:00

    @MyAzQuery , The answer provided by Luke above will help onboard the server as Azure Arc.

    Based on the offboard (disconnect) scenario mentioned in the question (after the machine is offboarded), it would also depend on the scenario. A simple high-level solution could be as given below (your requirement might be different however the steps below would give you an idea on how to approach it):

    1. Enable Azure Monitoring for all the Arc enabled servers - You can use builtin Azure Initiatives below to enable it for all the machines getting onboarded (this is a onetime setup). For details on assignment, see Create a policy assignment to identify non-compliant resources
      Deploy Windows Azure Monitor Agent with user-assigned managed identity-based auth and associate with Data Collection Rule
      Configure Linux machines to run Azure Monitor Agent and associate them to a Data Collection Rule
    2. Since the requirement here is to deboard the servers decommissioned in on-prem environment, there should be a way to understand if the server is decommissioned. The Azure Monitor Agent deployed in step 1 could help you with that. The machines heartbeat is a default telemetry collected for all machines monitored using Azure Monitor. You could create a log-based alert rule to see if the machine has not sent heartbeat to Azure Monitor in the last 1 day (or you could change this duration in the query). This alert can be used to trigger action groups - for example trigger an Azure Automation runbook. For details, see Action groups
    3. The Azure Automation runbook getting triggered by alert would have to contain the script to remove the specific Arc server from Azure. The following cmdlet would help you with that - Remove-AzConnectedMachine

    The steps mentioned above are very high-level steps with specific requirements and implementation details. I have summarized the flow to give you an idea of how to implement it. There may be a number of other ways in which it could be implemented, and it would depend on your requirements.

    I hope the information above will give you some directions to approach the requirement solution.

    If the answer did not help, please add more context/follow-up question for it, and we will help you out. Else, if the answer helped, please click Accept answer so that it can help others in the community looking for help on similar topics.

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.