Edit

Install small form factor deployments of Azure Local on a machine (preview)

This article describes how to install small form factor deployments of Azure Local on supported hardware and extract the ownership vouchers required to connect your machine to Azure.

If you don't have access to physical hardware, you can test small form factor deployments of Azure Local in a Hyper-V virtual machine (VM). For more information, see Test small form factor deployments of Azure Local in a Hyper-V virtual machine.

Important

This feature is currently in PREVIEW. See the Supplemental Terms of Use for Microsoft Azure Previews for legal terms that apply to Azure features that are in beta, preview, or otherwise not yet released into general availability.

Prerequisites

Set up your subscription and make sure you have the following items.

Important

If your environment uses firewall restrictions, review Outbound connectivity before you start.

Hardware

Use one of these supported devices:

Note

Securing the Baseboard Management Controller (BMC) is essential to protect the integrity of your hardware and the systems running on it. You should always set a strong, unique password and replace any default credentials immediately. The BMC must also be kept off untrusted or public networks and placed instead on a restricted, dedicated management network with strict access controls. Because BMC implementations can vary across manufacturers, we recommend consulting your hardware vendor for their specific security guidance and best practices to ensure your environment is fully protected.

Software and tools

  • A Windows PC with internet access and a USB port
  • Rufus 4.12

Tip

Use only Rufus. Other USB creation tools can leave the drive in a read-only state, which can prevent ownership voucher extraction.

Additional equipment

  • A USB flash drive with at least 8 GB of capacity
  • A USB keyboard
  • An HDMI cable and monitor
  • A direct Ethernet connection with internet access

Download the ISO and Configurator App

Download the following artifacts from the Azure portal:

Download Description
Maintenance OS Installs the maintenance environment that remains on the device and supports lifecycle operations.
Configurator App Lets you connect to a device from Windows to diagnose issues, collect logs, and download ownership vouchers.

To download the files:

  1. In the Azure portal, select Azure Arc > Operations > Machine Provisioning (preview) > Get started > View downloads.

  2. In the Download and Install pane, review the terms, and select Download all.

    Screenshot of the Download and Install pane in the Azure portal.

  3. Wait for the downloads to complete. For the Configurator App, select Open or Save as if prompted by your browser.

    Note

    Make sure your browser allows multiple downloads. Each file downloads separately.

  4. Extract the downloaded archive to access the provision-os.iso file.

Create a bootable USB drive

  1. Connect the USB flash drive to your Windows PC.

  2. Open Run from the Start menu.

  3. Enter rufus, then select OK.

    Note

    If Rufus isn't installed, download it from Rufus.ie.

  4. In Rufus, configure the following settings:

    • Device: Your USB drive
    • Boot selection: The downloaded ISO file
    • Partition scheme: Default
    • File system: Default

    Screenshot of the USB preparation settings.

  5. Select START.

  6. If prompted, choose Write in ISO image mode.

    Screenshot of the USB preparation settings ISO prompt.

  7. Wait for the process to complete, and then safely eject the USB drive.

Prepare the physical device

  1. Ensure the device can access a network with internet connectivity.

  2. If you plan to assign static IP addresses later, reserve the required IPs on the network.

    Diagram of the device network.

  3. Connect the Ethernet cable to the device.

  4. Connect power and turn on the device.

Install the operating environment

Boot from the USB drive

  1. Connect a monitor and USB keyboard to the target machine.
  2. Insert the bootable USB drive.
  3. Connect the Ethernet cable.
  4. Power on the device.
  5. Repeatedly press the boot menu key:
    • ASUS NUC devices: F10
    • Lenovo devices: F12
  6. From the boot menu, select the USB drive (usually labeled with UEFI:).

Complete the installation

  1. Wait for the installer to start.
  2. Allow the installation to complete automatically.
  3. Don't sign in during the process.
  4. Wait for the message Status: [Succeeded] Maintenance environment setup completed successfully.
  5. Remove the USB drive after the installation finishes.

Note

Installation typically takes about five minutes and includes an automatic reboot.

Extract ownership vouchers

The ownership voucher is a .pem file that proves the identity of the machine when you connect the provisioned machine to Azure from the Azure portal. In the portal deployment flow, this file is generated during installation and then made available either on the USB drive or on the device, depending on whether a USB drive is present when the voucher is written.

Use the .pem file in the next step when you connect the provisioned machine from the Azure portal. Treat this file as required deployment material for that machine.

If the .pem file is lost before the machine is connected to Azure, you can't recreate or redownload the same voucher later. In that case, you must redeploy the operating system on the machine to generate a new ownership voucher.

By default, the ownership voucher is written to your USB drive, and the local file on the device is then deleted for security. In that case, obtain the voucher by copying it from the USB drive.

If no USB drive is present when the voucher is written, the voucher remains on the device. In that case, you can obtain it by downloading it with the Configurator App or by using SSH or SCP.

You can obtain the ownership voucher in one of the following ways:

  • Copy it from the USB drive
  • Download it by using the Configurator App
  • Download it by using SSH or SCP

Copy the voucher from the USB drive

Use this option for the default flow, where the voucher was written to the USB drive during installation.

  1. Insert the USB drive into your Windows PC.
  2. Open the vouchers folder.
  3. Open the folder named after the machine’s serial number.
  4. Copy the .pem file to a secure location.
  5. Repeat for each machine.

Tip

Store the .pem files in a secure, backed-up location. The .pem files are needed for connecting the machine to Azure.

Important

If you lose the .pem file before you connect the machine to Azure, you must redeploy the operating system on that machine to generate a new ownership voucher.

Review your installation

Before you continue, confirm that:

  • The bootable USB drive was created successfully.
  • Small form factor deployments of Azure Local are installed on the target machines.
  • The installation completion message appeared.
  • Ownership vouchers were extracted and stored securely.

Next steps

  • Last updated on