How to Evaluate Azure Arc-enabled servers on an Azure virtual machine (Linux)

This article has not been completed yet. However, it may already contain helpful Information and therefore it has been published at this stage.

Today I was given the task to deploy a Linux VM in Azure to evaluate the features of Azure Arc enabled servers.

Prerequesites

An Azure Tenant with Global Administrator Permissions
An Azure Linux VM

First of all, make sure that there are no extensions on the VM.

The next step is to disable the Azure VM Guest Agent.

# Disable the Azure VM Guest Agent.
current_hostname=$(hostname)
sudo service walinuxagent stop
sudo waagent -deprovision -force
sudo rm -rf /var/lib/waagent
sudo hostnamectl set-hostname $current_hostname

In a further step, specific external communication must be suppressed.

# Install ufw
sudo apt-get update
sudo apt-get install ufw

# Block access to the Azure IMDS endpoint.
sudo ufw --force enable
sudo ufw deny out from any to 169.254.169.254
sudo ufw default allow incoming

If you want more information about iptables or ufw, you can read another blogpost here.

https://it-infrastructure.solutions/setting-up-iptables/

In a final step, you can install the Azure Arc Agent and onboard the VM into Azure Arc. I have also written a post about it here.

https://it-infrastructure.solutions/onboarding-azure-arc-linux-ubuntu/

References:

How to evaluate Azure Arc-enabled servers with an Azure VM - Azure Arc

Learn how to evaluate Azure Arc-enabled servers using an Azure virtual machine.

johnmarcoMicrosoft Docs

https://it-infrastructure.solutions/onboarding-azure-arc-linux-ubuntu/

Thomas Bründl

Kusto Detective Agency (Part 5) - Challenge 4: Ready to Play

Kusto Detective Agency (Part 4) - Challenge 3: Bank robbery

Creating a Azure Linux VM via Azure CLI