Techmission

, , ,

Batch Update Azure Arc Machine extensions

felipe.sbarros

Accordingly to Microsoft documentation (Automatic extension upgrade for Azure Arc-enabled servers – Azure Arc | Microsoft Learn) “When a new version of a VM extension is published, it becomes available for installation and manual upgrade on Arc-enabled servers. For servers that already have the extension installed and automatic extension upgrade enabled, it may take 5 – 8 weeks for every server with that extension to get the automatic upgrade.

So let’s imagine the following scenario: you need to use Azure Monitoring to send alerts related to Windows services (for instance entering on a stopped state) but, by the time this article is being written, it requires the extension “Microsoft.Azure.ChangeTrackingAndInventory.ChangeTracking-Windows” at least on version 2.11.0.0 (Azure Automation Change Tracking and Inventory overview using Azure Monitoring Agent (Preview) | Microsoft Learn) but yours is 2.6.0.0. In this case you need to manually update each Azure Arc machine extension, which is not very practical if you have hundreds of Azure Arc machines. Or waiting that it eventually gets updated (NOT!).

As I have stumbled across that scenario, I’ve had to think how to batch upgrade the extensions without having suffering too much (HAHA!). So here it goes a little procedure I would like to share with you.

1st step is identifying the extensions to be upgraded. You can find it in Azure Arc – Server – Extensions pane. If you have updates available it will be displayed at the column Update available.

Click on the extension to have an overview of its properties. For the script you’ll need the values of type and the available version number.

With that information you need to run a script in cloud shell which will look for your Azure Arc machines in a target resource group where you store your Azure Arc Machines and, for each machine, it will update the specific extension to the target version. To run the cloud shell click on the link displaying a shell at the upper right corner of your dashboard and make sure it is set to Powershell.

The first line puts every machine found in the resource group into the variable $Machines

Then a For Each loop is called for every machine in the variable $Machines

The variable $target stocks the name or type of the desired extension as well its target version. In the example we are updating the Azure Monitor Windows Agent to version 1.16.0.0. You’ll need to change these two values accordingly to your needs.

The last line executes the update for the machine in your resource group targeting the extension and version, running as a job so you don’t have to worry waiting the script to finish.

$Machines = Get-AzConnectedMachine -ResourceGroupName YOUR-RESOURCE-GROUP
ForEach ($Machine in $Machines) { 
$target = @{"Microsoft.Azure.Monitor.AzureMonitorWindowsAgent" = @{"targetVersion"="1.16.0.0"}}
Update-AzConnectedExtension -MachineName $Machine.Name -ResourceGroupName $Machine.ResourceGroupName -ExtensionTarget $target -AsJob
}

This process takes time. And it can fail for some machines. I suggest repeating the process once is done to make sure every extensions gets up to date.

You can follow the process in the activity log or running Get-Job cmdlet in the shell.

About me

Over 20 years working with IT for multiple fields (logistics, Olympic games, oil and gas, insurance, pharmaceuticals, etc).

Sometimes find solutions on the internet can be challenging. That’s why I decided to create techmission.ca, where I’ll gather some solutions I have to apply on my environments as I receive my “missions” (that’s the way I name client’s requests).

Hope the solutions published here can help you guys as it helps me 🙂

Featured Posts

Follow Us

Categories