This article has not been completed yet. However, it may already contain helpful Information and therefore it has been published at this stage.
Today I was given the task to deploy a Linux VM in Azure to evaluate the features of Azure Arc enabled servers.
- An Azure Tenant with Global Administrator Permissions
- An Azure Linux VM
First of all, make sure that there are no extensions on the VM.
The next step is to disable the Azure VM Guest Agent.
# Disable the Azure VM Guest Agent. current_hostname=$(hostname) sudo service walinuxagent stop sudo waagent -deprovision -force sudo rm -rf /var/lib/waagent sudo hostnamectl set-hostname $current_hostname
In a further step, specific external communication must be suppressed.
# Install ufw sudo apt-get update sudo apt-get install ufw
# Block access to the Azure IMDS endpoint. sudo ufw --force enable sudo ufw deny out from any to 169.254.169.254 sudo ufw default allow incoming
If you want more information about iptables or ufw, you can read another blogpost here.
In a final step, you can install the Azure Arc Agent and onboard the VM into Azure Arc. I have also written a post about it here.