Azure Azure Arc

Azure Back to School 2022: Let’s take a look at Azure Arc-enabled VMware vSphere


Azure Back to School, is a great community initiative, setup by Dwayne Natwick and Derek Smith. And just like the last years during the whole month of September, a mix of video contributions and blog posts, all about different Azure topics, will be shared by community people from all over the world. This is truly what community is all about, sharing knowledge and helping people learning new things and improving their skillset.

You can find all other videos and blog posts at https://azurebacktoschool.github.io/

Or you can keep an eye on Twitter for the hashtag #AzureBacktoSchool to stay up to date.

In my video contribution and in this blog post I will take a look at Azure Arc- enabled VMware vSphere.


What is Azure Arc-enabled VMware vSphere?

Like some of you will already know, Azure Arc allows you to onboard a wide variety of non-Azure resources, running on-premises, on other clouds or at the edgeinto Azure. By projecting your existing non-Azure resources into Azure Resource Manager, it foresees a centralized management platform. Which makes it easier to increase securitygovernance, and the compliance posture on all your resources living outside of Azure, and this from one single-pane-of-glass.

And these days with Azure Arc-enabled VMware vSphere, which was announced during Microsoft Ignite in November 2021 and at the time of writing is in public preview, you can also extend those governance and management capabilities to your VMware vSphere infrastructure.

It not only allows you to view and manage as well as create/modify/register/delete/start/stop/resize your VMware virtual machines (VM).

It also allows you to browse your other VMware vSphere resources, like your templates, networks and even storage. Next to that, by enabling guest management you can also apply your Azure governance strategies through the use of Azure Policy, Update Management, Monitoring, etc. on your VMware VMs.

To accomplish this the Azure Arc-enabled VMware vSphere feature relies on an Azure Arc resource bridge (also in preview) which is deployed in your targeted VMware environment, and which connects your VMware vCenter instance to Azure Arc. After that connection is made this virtual appliance, which is a packaged VM with a built-in Kubernetes management cluster, will act as the access-point for Azure Arc to get and manage any data from your vCenter instance.

To get you started, I will describe further in this blog post what the required prerequisites (Azure and VMware vCenter) are whenever you want to start with using Azure Arc-enabled VMware vSphere in your environment. Next to that I will also show you how you can already prepare and download the resource bridge onboarding script. In a later blog post I will then go through the rest of the setup and configuration.

If you are interested, you can also read my other Arc related blog posts: Azure Arc: Using tags with Azure Arc-enabled servers, Azure Arc: Keep an eye on the value of the Datacenter physical location tag when onboarding Azure Arc-enabled servers and Azure Tip: List all your Azure Arc-enabled servers together with your IaaS VMs in the Azure Portal


Azure prerequisites

You can already complete some steps which will speed up the overall Azure Arc onboarding and configuration process, but which can also help you to better keep your Azure environment under control.

First of all, you can foresee an Azure Arc child management group underneath your landing zones management group with a dedicated Azure subscription used only for Azure Arc purposes.

Next to those you can also foresee a dedicated resource group(s) for your Arc-enabled VMware vSphere and other Arc resources.


By applying all of the above you can beter control, organize and manage all Arc related resources and apply your preferred Azure Role-Based Access Control (Azure RBAC), security and Azure Policy strategy on them.

Then you can also register the required Microsoft.ConnectedVMwarevSphere resource and other Azure Arc required resource providers in advance by running the following cmdlets in Azure Cloud Shell or through Windows Terminal.

Keep in mind that this registration can take up to 10 minutes and that you definitely select the right subscription before running these cmdlets.

## ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

# Register Microsoft.ConnectedVMwarevSphere resource provider
Register-AzResourceProvider -ProviderNamespace Microsoft.ConnectedVMwarevSphere  | Out-Null

# Register Microsoft.HybridCompute resource provider
Register-AzResourceProvider -ProviderNamespace Microsoft.HybridCompute  | Out-Null

# Register Microsoft.HybridConnectivity resource provider
Register-AzResourceProvider -ProviderNamespace Microsoft.HybridConnectivity  | Out-Null

# Register Microsoft.GuestConfiguration resource provider
Register-AzResourceProvider -ProviderNamespace Microsoft.GuestConfiguration  | Out-Null

## ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------






If you want, you can also use and customize my Azure Arc: Azure PowerShell prerequisites configuration script, which already automates the configuration process of most Azure Arc prerequisites.


VMware vCenter prerequisites

Important to know is that at the moment Azure Arc- enabled VMware vSphere only works with vCenter Server version 6.7 or 7.

Next to that you need to validate if the vSphere account(s) you which to use for the deployment and ongoing operations have the appropriate permissions:

  • Read all inventory
  • Deploy and update VMs to all the resource pools, networks, and VM templates that you want to use with Azure Arc.

You can find an exact list of all required permissions over here

You also require a resource pool which can be used by the resource bridge, and which has at least:

  • 4 vCPUs
  • 16 GB RAM
  • 100 GB of free disk space




Prepare and download the resource bridge onboarding script

Logon to the Azure Portal and type in “arc” in the Global search bar. Then click on Azure Arc.



On the Azure Arc page, click on Overview and select Infrastructure. Scroll down to the Platform section and select Add under VMware vSphere (preview).



Then select Create a new resource bridge, and then click on Next: Basics >.


On the Basics page provide a name for your resource bridge (example: rb-prd-myh-vsphere-01). Then specify a subscription and resource group. And on the Region field select an Azure region (currently during preview the only supported Azure regions are East US and West Europe).

Also provide a name for the custom location (example: vcs-Antwerp) and for your vCenter Server (example: vm-myh-vcs-01) like it will be used in Azure. Then click on Next: Tags >.



Then select or type in all your required physical location and custom tags. When done click on Next: Download and run script >.


In the next screen download the PowerShell-based (Windows) or the Azure CLI-based (Linux) version of the onboarding script by clicking on Download script.


If required, copy the downloaded script to your admin workstation, Privileged Access Workstation (PAW) or even jump server which has direct or proxied access to the vCenter Server where the resource bridge will be deployed.


This concludes this blog post. But before closing off, I just wanted to say that I am really happy to be a part of the Azure Back to School event and I hope that you enjoy all the shared content.

And if you have any questions or comments regarding my video or this blog post, feel free to contact me through my Twitter handle @wmatthyssen

Happy watching and reading!


0 comments on “Azure Back to School 2022: Let’s take a look at Azure Arc-enabled VMware vSphere

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: