This is a continuation of a series of articles on hosting solutions and services on Azure public cloud with the most recent discussion on Multitenancy here This article continues to discuss Azure Arc enabled servers, their sizing guidance and operational considerations when increasing the numbers but discusses troubleshooting the resource bridge.

The resource bridge is designed to host other Azure Arc services. It supports VM self-servicing and management from Azure, for virtualized Windows and Linux virtual machines hosted in on-premises environment. It comes with a management Kubernetes cluster that requires no user management. In this sense, it is a virtual appliance.

Issues encountered with the Azure Arc resource bridge can be diverse but the techniques to mitigate them typically involve the following:

Logs can be collected for further investigation, and this is probably the foremost resolution techniques. The collection is done with the az arcappliance logs command which must be run from the client machine from which the Azure arc resource bridge was deployed. The path to the kubeconfig must be provided.

These cli commands for Azure Arc Resource Bridge are best not to be specified via the remote PowerShell because that can lead to extraneous issues. For example, there might be an EOF error when using the logs command. When such an error occurs, it is most likely that the logs command is running in an interactive mode and prompts the user for parameters. It can be avoided by using the remote desktop protocol or a console session to sign directly into the node and running the command locally.  Avoiding the prompt by pre-populating the values is also possible.

If an arc resource bridge deployment fails, subsequent deployments may fail due to residual cached folders remaining on the machine. These previous deployment failures can be prevented from interference by running the az arcappliance delete command after a failed deployment. If the failed deployment is not successfully removed, folders can be deleted manually but it is best to follow it up with the delete command again.

Another common error is the token refresh error. It manifests with the error message that the refresh token has expired or is invalid due to sign-in frequency checks by conditional access. These errors occur because when we sign in to Azure, the token has a maximum lifetime and after exceeding that period, it must be refreshed. The az login command can help with this.

Networking issues manifest when the resource bridge is unreachable. The resource bridge runs a Kubernetes cluster and its control plane requires a static ip address which is specified in the infra.yaml file. Rebooting an Azure arc resource bridge or VM can trigger an IP address change, resulting in failing services but rebooting the Azure arc resource bridge VM should help recover its IP address.