|
| 1 | +--- |
| 2 | +title: Support matrix for Azure Arc-enabled System Center Virtual Machine Manager |
| 3 | +description: Learn about the support matrix for Arc-enabled System Center Virtual Machine Manager. |
| 4 | +ms.topic: how-to |
| 5 | +ms.service: azure-arc |
| 6 | +ms.subservice: azure-arc-scvmm |
| 7 | +author: PriskeyJeronika-MS |
| 8 | +ms.author: v-gjeronika |
| 9 | +manager: jsuri |
| 10 | +ms.date: 07/10/2024 |
| 11 | +keywords: "VMM, Arc, Azure" |
| 12 | + |
| 13 | +# Customer intent: As a VI admin, I want to understand the support matrix for System Center Virtual Machine Manager. |
| 14 | +--- |
| 15 | + |
| 16 | +# Support matrix for Azure Arc-enabled System Center Virtual Machine Manager |
| 17 | + |
| 18 | +This article documents the prerequisites and support requirements for using [Azure Arc-enabled System Center Virtual Machine Manager (SCVMM)](overview.md) to manage your SCVMM managed on-premises VMs through Azure Arc. |
| 19 | + |
| 20 | +To use Arc-enabled SCVMM, you must deploy an Azure Arc Resource Bridge in your SCVMM managed environment. The Resource Bridge provides an ongoing connection between your SCVMM management server and Azure. Once you've connected your SCVMM management server to Azure, components on the Resource Bridge discover your SCVMM management server inventory. You can [enable them in Azure](enable-scvmm-inventory-resources.md) and start performing virtual hardware and guest OS operations on them using Azure Arc. |
| 21 | + |
| 22 | +## System Center Virtual Machine Manager requirements |
| 23 | + |
| 24 | +The following requirements must be met in order to use Arc-enabled SCVMM. |
| 25 | + |
| 26 | +### Supported SCVMM versions |
| 27 | + |
| 28 | +Azure Arc-enabled SCVMM works with VMM 2019 and 2022 versions and supports SCVMM management servers with a maximum of 15,000 VMs. |
| 29 | + |
| 30 | +> [!NOTE] |
| 31 | +> If VMM server is running on Windows Server 2016 machine, ensure that [Open SSH package](https://github.com/PowerShell/Win32-OpenSSH/releases) is installed. |
| 32 | +> If you deploy an older version of appliance (version lesser than 0.2.25), Arc operation fails with the error *Appliance cluster is not deployed with AAD authentication*. To fix this issue, download the latest version of the onboarding script and deploy the Resource Bridge again. |
| 33 | +> Azure Arc Resource Bridge deployment using private link is currently not supported. |
| 34 | +
|
| 35 | +| **Requirement** | **Details** | |
| 36 | +| --- | --- | |
| 37 | +| **Azure** | An Azure subscription <br/><br/> A resource group in the above subscription where you have the *Owner/Contributor* role. | |
| 38 | +| **SCVMM** | You need an SCVMM management server running version 2019 or later.<br/><br/> A private cloud or a host group with a minimum free capacity of 32 GB of RAM, 4 vCPUs with 100 GB of free disk space. <br/><br/> A VM network with internet access, directly or through proxy. Appliance VM will be deployed using this VM network.<br/><br/> Only Static IP allocation is supported and VMM Static IP Pool is required. Follow [these steps](/system-center/vmm/network-pool?view=sc-vmm-2022&preserve-view=true) to create a VMM Static IP Pool and ensure that the Static IP Pool has at least four IP addresses. If your SCVMM server is behind a firewall, all IPs in this IP Pool and the Control Plane IP should be allowed to communicate through WinRM ports. The default WinRM ports are 5985 and 5986. <br/><br/> Dynamic IP allocation using DHCP isn't supported. <br/><br/> A library share with write permission for the SCVMM admin account through which Resource Bridge deployment is going to be performed. | |
| 39 | +| **SCVMM accounts** | An SCVMM admin account that can perform all administrative actions on all objects that VMM manages. <br/><br/> The user should be part of local administrator account in the SCVMM server. If the SCVMM server is installed in a High Availability configuration, the user should be a part of the local administrator accounts in all the SCVMM cluster nodes. <br/><br/>This will be used for the ongoing operation of Azure Arc-enabled SCVMM and the deployment of the Arc Resource Bridge VM. | |
| 40 | +| **Workstation** | The workstation will be used to run the helper script. Ensure you have [64-bit Azure CLI installed](/cli/azure/install-azure-cli) on the workstation.<br/><br/> When you execute the script from a Linux machine, the deployment takes a bit longer and you might experience performance issues. | |
| 41 | + |
| 42 | +### Resource Bridge networking requirements |
| 43 | + |
| 44 | +The following firewall URL exceptions are required for the Azure Arc Resource Bridge VM: |
| 45 | + |
| 46 | +[!INCLUDE [network-requirements](../resource-bridge/includes/network-requirements.md)] |
| 47 | + |
| 48 | +>[!Note] |
| 49 | +> To configure SSL proxy and to view the exclusion list for no proxy, see [Additional network requirements](../resource-bridge/network-requirements.md#azure-arc-resource-bridge-network-requirements). |
| 50 | +
|
| 51 | +In addition, SCVMM requires the following exception: |
| 52 | + |
| 53 | +| **Service** | **Port** | **URL** | **Direction** | **Notes**| |
| 54 | +| --- | --- | --- | --- | --- | |
| 55 | +| SCVMM Management Server | 443 | URL of the SCVMM management server. | Appliance VM IP and control plane endpoint need outbound connection. | Used by the SCVMM server to communicate with the Appliance VM and the control plane. | |
| 56 | +| WinRM | WinRM Port numbers (Default: 5985 and 5986). | URL of the WinRM service. | IPs in the IP Pool used by the Appliance VM and control plane need connection with the VMM server. | Used by the SCVMM server to communicate with the Appliance VM. | |
| 57 | + |
| 58 | +Generally, connectivity requirements include these principles: |
| 59 | + |
| 60 | +- All connections are TCP unless otherwise specified. |
| 61 | +- All HTTP connections use HTTPS and SSL/TLS with officially signed and verifiable certificates. |
| 62 | +- All connections are outbound unless otherwise specified. |
| 63 | + |
| 64 | +To use a proxy, verify that the agents and the machine performing the onboarding process meet the network requirements in this article. For a complete list of network requirements for Azure Arc features and Azure Arc-enabled services, see [Azure Arc network requirements (Consolidated)](../network-requirements-consolidated.md). |
| 65 | + |
| 66 | +### Azure role/permission requirements |
| 67 | + |
| 68 | +The minimum Azure roles required for operations related to Arc-enabled SCVMM are as follows: |
| 69 | + |
| 70 | +| **Operation** | **Minimum role required** | **Scope** | |
| 71 | +| --- | --- | --- | |
| 72 | +| Onboarding your SCVMM Management Server to Arc | Azure Arc SCVMM Private Clouds Onboarding | On the subscription or resource group into which you want to onboard | |
| 73 | +| Administering Arc-enabled SCVMM | Azure Arc SCVMM Administrator | On the subscription or resource group where SCVMM management server resource is created | |
| 74 | +| VM Provisioning | Azure Arc SCVMM Private Cloud User | On the subscription or resource group that contains the SCVMM cloud, datastore, and virtual network resources, or on the resources themselves | |
| 75 | +| VM Provisioning | Azure Arc SCVMM VM Contributor | On the subscription or resource group where you want to provision VMs | |
| 76 | +| VM Operations | Azure Arc SCVMM VM Contributor | On the subscription or resource group that contains the VM, or on the VM itself | |
| 77 | + |
| 78 | +Any roles with higher permissions on the same scope, such as Owner or Contributor, will also allow you to perform the operations listed above. |
| 79 | + |
| 80 | +### Azure connected machine agent (Guest Management) requirements |
| 81 | + |
| 82 | +Ensure the following before you install Arc agents at scale for SCVMM VMs: |
| 83 | + |
| 84 | +- The Resource Bridge must be in a running state. |
| 85 | +- The SCVMM management server must be in a connected state. |
| 86 | +- The user account must have permissions listed in Azure Arc-enabled SCVMM Administrator role. |
| 87 | +- All the target machines are: |
| 88 | + - Powered on and the resource bridge has network connectivity to the host running the VM. |
| 89 | + - Running a [supported operating system](/azure/azure-arc/servers/prerequisites#supported-operating-systems). |
| 90 | + - Able to connect through the firewall to communicate over the Internet and [these URLs](/azure/azure-arc/servers/network-requirements?tabs=azure-cloud#urls) aren't blocked. |
| 91 | + |
| 92 | +### Supported SCVMM versions |
| 93 | + |
| 94 | +Azure Arc-enabled SCVMM supports direct installation of Arc agents in VMs managed by: |
| 95 | + |
| 96 | +- SCVMM 2022 UR1 or later versions of SCVMM server or console |
| 97 | +- SCVMM 2019 UR5 or later versions of SCVMM server or console |
| 98 | + |
| 99 | +For VMs managed by other SCVMM versions, [install Arc agents through the script](install-arc-agents-using-script.md). |
| 100 | + |
| 101 | +>[!Important] |
| 102 | +>We recommend maintaining the SCVMM management server and the SCVMM console in the same Long-Term Servicing Channel (LTSC) and Update Rollup (UR) version. |
| 103 | +
|
| 104 | +### Supported operating systems |
| 105 | + |
| 106 | +Azure Arc-enabled SCVMM supports direct installation of Arc agents in VMs running Windows Server 2022, 2019, 2016, 2012R2, Windows 10, and Windows 11 operating systems. For other Windows and Linux operating systems, [install Arc agents through the script](install-arc-agents-using-script.md). |
| 107 | + |
| 108 | +### Software requirements |
| 109 | + |
| 110 | +Windows operating systems: |
| 111 | + |
| 112 | +* Microsoft recommends running the latest version, [Windows Management Framework 5.1](https://www.microsoft.com/download/details.aspx?id=54616). |
| 113 | + |
| 114 | +Linux operating systems: |
| 115 | + |
| 116 | +* systemd |
| 117 | +* wget (to download the installation script) |
| 118 | +* openssl |
| 119 | +* gnupg (Debian-based systems, only) |
| 120 | + |
| 121 | +### Networking requirements |
| 122 | + |
| 123 | +The following firewall URL exceptions are required for the Azure Arc agents: |
| 124 | + |
| 125 | +| **URL** | **Description** | |
| 126 | +| --- | --- | |
| 127 | +| `aka.ms` | Used to resolve the download script during installation | |
| 128 | +| `packages.microsoft.com` | Used to download the Linux installation package | |
| 129 | +| `download.microsoft.com` | Used to download the Windows installation package | |
| 130 | +| `login.windows.net` | Microsoft Entra ID | |
| 131 | +| `login.microsoftonline.com` | Microsoft Entra ID | |
| 132 | +| `pas.windows.net` | Microsoft Entra ID | |
| 133 | +| `management.azure.com` | Azure Resource Manager - to create or delete the Arc server resource | |
| 134 | +| `*.his.arc.azure.com` | Metadata and hybrid identity services | |
| 135 | +| `*.guestconfiguration.azure.com` | Extension management and guest configuration services | |
| 136 | +| `guestnotificationservice.azure.com`, `*.guestnotificationservice.azure.com` | Notification service for extension and connectivity scenarios | |
| 137 | +| `azgn*.servicebus.windows.net` | Notification service for extension and connectivity scenarios | |
| 138 | +| `*.servicebus.windows.net` | For Windows Admin Center and SSH scenarios | |
| 139 | +| `*.blob.core.windows.net` | Download source for Azure Arc-enabled servers extensions | |
| 140 | +| `dc.services.visualstudio.com` | Agent telemetry | |
| 141 | + |
| 142 | +## Next steps |
| 143 | + |
| 144 | +[Connect your System Center Virtual Machine Manager management server to Azure Arc](quickstart-connect-system-center-virtual-machine-manager-to-arc.md). |
0 commit comments