This article provides a comprehensive guide for installing Linux servers to Azure Arc, covering prerequisites, deployment instructions, and advanced topics such as hybrid connectivity methods, proxies, and private endpoints.
For those managing hybrid environments with Windows, don’t miss my complementary article on Installing Azure Arc Agent on Windows Server to achieve a unified management strategy.
Linux servers are at the heart of modern IT operations, supporting everything from applications to containerized workloads. By integrating Linux systems into Microsoft Azure, Azure Arc offers the following benefits:
A financial services company faced challenges managing Linux servers scattered across on-premises and AWS environments. By onboarding these servers as Azure Arc-enabled servers:
Before onboarding, confirm that your environment meets these requirements:
Azure Arc supports popular distributions, including:
For the most up-to-date compatibility, refer to the official Azure Arc documentation.
The following resource providers must be registered in your Azure subscription:
Microsoft.HybridCompute
Microsoft.GuestConfiguration
You can register these providers in the Azure Portal or via the Azure CLI:
az provider register --namespace Microsoft.HybridCompute
az provider register --namespace Microsoft.GuestConfiguration
It is also recommended to ensure your subscription has sufficient permissions, such as the Owner or Contributor role, for onboarding and managing Azure Arc-enabled servers.
Azure Arc supports three connectivity methods to suit different environments:
https://*.azure.com
https://*.microsoft.com
https://*.windows.net
Ensure you have sudo or root account permissions to install and configure the Azure Connected Machine Agent (CMA).
cat /etc/os-release
nslookup management.azure.com
Ensure DNS resolution works correctly by running the above command. Connectivity issues often stem from misconfigured DNS settings.
Keep the system up-to-date to ensure compatibility with Azure Arc:
sudo apt-get update && sudo apt-get upgrade # Ubuntu/Debian
sudo yum update # RHEL/CentOS
The Azure Connected Machine Agent (CMA) is critical for onboarding Linux servers to Azure Arc.
Azure provides .deb
and .rpm
packages for different Linux distributions. These can be downloaded from the Microsoft Download Center.
.deb
package using wget.bashCopy code wget https://aka.ms/azure-connected-machine-agent-linux.deb
bashCopy code sudo dpkg -i azure-connected-machine-agent-linux.deb
.rpm
package.bashCopy code wget https://aka.ms/azure-connected-machine-agent-linux.rpm
bashCopy code sudo rpm -ivh azure-connected-machine-agent-linux.rpm
bashCopy code
azcmagent show
Once the CMA is installed, connect your server to Azure Arc.
azcmagent connect --resource-group <ResourceGroupName> --tenant-id <TenantId> --location <AzureRegion> --subscription-id <SubscriptionId>
eastus
.azcmagent show
Your server should now appear in the Azure Portal under Machines > Azure Arc. Note that from Azure’s perspective, it doesn’t matter whether your servers run Microsoft Windows or Ubuntu Linux. That’s the point: Arc-enabled servers all share the same Microsoft Cloud Platform security, governance, and compliance goodness.
Azure Monitor provides detailed performance metrics, including CPU, memory, and disk utilization. To enable monitoring:
The Log Analytics Agent is essential for collecting advanced telemetry, such as performance metrics, system logs, and diagnostic data, from your Linux server. This agent integrates seamlessly with Azure Monitor, allowing you to gain deep insights into your system’s health and performance. To install the agent, download the onboarding script directly from the Microsoft GitHub repository:
wget https://raw.githubusercontent.com/Microsoft/OMS-Agent-for-Linux/master/installer/scripts/onboard_agent.sh
sudo sh onboard_agent.sh -w <WorkspaceID> -s <WorkspaceKey>
Replace <WorkspaceID> with the unique ID of your Log Analytics Workspace and <WorkspaceKey> with the primary or secondary key for your workspace. These values can be found in the Azure Portal under Log Analytics Workspaces > Agents Management. Once installed, the agent will begin sending telemetry data to Azure Monitor, enabling you to configure alerts, dashboards, and advanced reporting for your hybrid environment.
For environments without direct internet access, update the CMA settings with your proxy URL and proxy port:
/etc/azcmagent/config.json
file:
{
"proxy_url": "http://proxy.company.com",
"proxy_port": 8080
}
sudo systemctl restart azcmagent
Azure Private Link enables secure, private connectivity between your Linux server and Azure services, ensuring that all communication remains within your network. By routing traffic through a private IP space, Private Link eliminates the need for public IP addresses, greatly reducing your server’s exposure to Internet-based threats. This feature is especially valuable for organizations with strict compliance and data sovereignty requirements, as it keeps sensitive telemetry and management data within a controlled network boundary.
To implement a Private Endpoint, you need to create a private link in your Azure subscription and configure DNS settings to resolve Azure endpoints through the private IP address. This ensures seamless communication while maintaining isolation from public networks. Whether managing servers in a hybrid or multi-cloud environment, Private Link simplifies connectivity while providing an added layer of security.
For detailed instructions, refer to the Azure Private Link documentation.
Tags improve resource organization and cost tracking. Assign tags using the CLI:
az resource tag --tags Environment=Production Department=IT --ids <ResourceID>
In the Azure portal, navigate to the Tags blade to inspect and manage tagged resources, streamlining your inventory management process.
If the CMA installation fails, resolve dependency issues:
sudo apt-get install curl tar gzip # For Ubuntu/Debian
sudo yum install curl tar gzip # For RHEL/CentOS
curl -v https://management.azure.com
sudo journalctl -u azcmagent
You can always use the azcmagent connect
command to initiate a reconnection to Microsoft Azure. For example, you can see the process occurring in the following screen capture:
Azure Arc revolutionizes hybrid IT management by unifying Linux servers under a centralized control plane. From flexible connectivity methods like proxies and private endpoints to advanced monitoring with Azure Monitor, Azure Arc simplifies operations while ensuring compliance and cost efficiency.
Looking for Windows-specific guidance? Check out my companion article on Installing Azure Arc Agent on Windows Server for tips on onboarding Windows endpoints, ensuring consistency across your hybrid infrastructure.