Azure Arc resource bridge maintenance operations

To keep your Azure Arc resource bridge deployment online and operational, you need to perform maintenance operations such as updating credentials, monitoring upgrades, and ensuring the appliance VM is online.

Important

Arc resource bridge can't be offline for longer than 90 days. After 90 days, the security key within the appliance expires and can't be recovered. As a best practice, create a resource health alert in the Azure portal so that you're notified if an Arc resource bridge becomes unavailable.

Prerequisites

To maintain the on-premises appliance VM, the appliance configuration files generated during deployment need to be saved in a secure location and made available on the management machine.

The management machine used to perform maintenance operations must meet all of the Arc resource bridge requirements.

The following sections describe common maintenance tasks for Arc resource bridge.

Update credentials in the appliance VM

Arc resource bridge consists of an on-premises appliance VM. The appliance VM stores credentials (for example, a user account for VMware vCenter) that are used to access the control plane of the on-premises infrastructure to view and manage on-premises resources. The credentials used by Arc resource bridge are the same ones provided during deployment of the resource bridge, which gives the resource bridge visibility to on-premises resources for guest management in Azure.

If the credentials change, the credentials stored in the Arc resource bridge must be updated with the update-infracredentials command. This command must be run from a management machine, and it requires a kubeconfig file.

You can test if the credentials within the appliance VM are valid by going to the Azure portal and performing an action on an Arc-enabled Private Cloud VM. If you receive an error, then it is possible that the credentials need to be updated.

For more information on maintaining credentials for Arc-enabled VMware, see Update the vSphere account credentials. For Arc-enabled SCVMM, see Update the SCVMM account credentials.

Troubleshoot Arc resource bridge

If you experience problems with the appliance VM, the appliance configuration files can help with troubleshooting. You can include these files when you open an Azure support request.

You might want to collect logs, which requires you to pass credentials to the on-premises control center:

• For VMware vSphere, use the username and password provided to Arc resource bridge at deployment.
• For Azure Local, see Collect logs.

Delete Arc resource bridge

You might need to delete Arc resource bridge due to deployment failures, or when the resource bridge is no longer needed. To do so, you need the appliance configuration files.

Use the az arcappliance delete command to delete the Arc resource bridge. This command deletes the on-premises appliance VM, along with the Azure resource and underlying components across the two environments.

Create resource health alerts

You can create a resource health alert rule in the Azure portal to monitor the state of your Arc resource bridge. Follow these steps to create an alert that notifies you if an Arc resource bridge becomes unavailable.

1. In the Azure portal, navigate to Service Health.

2. In the service menu, under RESOURCE HEALTH, select Resource health.

3. Select Add resource health alert.

   

4. Select the Scope tab and complete the following:

   1. Select the subscription and resource group(s) that contains your Arc resource bridge resources.
   2. For resource type, select Microsoft.ResourceConnector/appliances.
   3. For resource, select the resource bridge resources that you want to include. To include new resource bridges in your selected scope, check Include all future resources.

5. Select Next: Condition to continue. In the Condition tab, set the following conditions:

   • Event status: Active
   • Current resource status: Unavailable
   • Previous resource status: Available

6. Select one or more Reason type values for your alert:

   • Platform Initiated : Alerts you when a resource becomes unavailable due to platform issues.
   • Unknown: Alerts you when a resource becomes unavailable, but the reason isn't known.
   • User Initiated: Alerts you when a resource becomes unavailable due to an action taken by a user.

7. Select Next: Actions to continue. In the Actions tab, if you want to receive an email when the alert is triggered, select Use quick actions (preview) and complete the following:

   1. Enter an Action group name and Display name
   2. Check the Email box and enter an email address.
   3. Select Save.

8. Select Next: Details to continue. In the Details tab:

   1. Select the resource group and region in which to create the alert rule.
   2. Enter a name for your alert rule, and a description if desired.

9. Select Review + create, then select Create.

For more information about resource health alert rule options, see Create or edit an activity log, service health, or resource health alert rule.

Next steps

• Learn about upgrading Arc resource bridge.
• Review the Azure Arc resource bridge overview to understand more about requirements and technical details.
• Learn about system requirements for Azure Arc resource bridge.