Windows Azure Pack - Installing & Configuring Series.

Windows Azure Pack - Installing & Configuring Series.

  • Comments 45
  • Likes

After numerous requests from people we have talked to, we are now doing a blog post on how to install Windows Azure Pack and configuring the basic settings for IaaS and Databases Resource Providers.

In the following series of blog posts Shri from the Windows Azure Pack Product team and I will explain how you can:

Scenario:

Contoso Inc is a Service Provider offering IaaS Service like Virtual Machines and SQL Databases to its customers (tenants).

Contoso has a domain called Contoso.com and wants to deploy a Windows Azure Pack infrastructure which enables them to offer VM and Database services.

They want to setup a Proof of Concept to test the solution, the solution has a simplified setup from what it would look like it production, as it will be used to test general concepts.

The Proof of Concept environment will look like the following:

The Servers will be configured as follows:

Role Name Function

Active Directory

DC01.contoso.com

Active Directory, ADFS, Certificate Server

Windows Azure Pack

WAP01.contoso.com

Windows Azure Pack Express Install

Service Provider Foundation

SPF01.contoso.com

Service Provider Foundation

SQL Server

DB01.contoso.com

SQL Instance

Virtual Machine Manager

VMM01.contoso.com

Virtual Machine Manager 2012 R2 managing one Hyper-v host

This blog post will take you from Installing Windows Azure Pack all the way to deploying your first VM and Database in your Cloud.

This is not in any way replacing the TechNet documentation, but due to many requests of having a scenario based example we have taken the feedback and created this blog post.

The following links are the official documentation for Installing and configuring Windows Azure Pack.

In this blog post we will explain how to perform the following tasks;

  • Installing Windows Azure Pack
  • Configuring VMM and SPF
  • Configuring Windows Azure Pack
  • Login as a Tenant and provision a VM and SQL Database

Pre-requisites.

  • Virtual Machine Manager is installed and configured and:
    • Member of the Contoso.com domain.
    • One or more VMM Clouds created in VMM.
    • One or more VM Networks created in VMM.
  • Service Provider Foundation is installed using default install on the server specified above.
    • Running Windows Server 2012 R2
    • Database running on DB01
    • SPF IIS Web service running under a domain account
    • Member of the Contoso.com domain
  • SQL Server is installed running SQL 2012
    • With SQL Authentication enabled (Using SA)
    • Member of the Contoso.com domain

Disclaimer: This environment is meant for testing only. This should not be considered guidance for production use, as several decisions made in this blog post are not targeting a production environment.

Let's get started:

Installing Windows Azure Pack:

  1. Deploy a Windows Server 2012 R2 GUI server and join it to the domain.
  2. Install the following prerequisites:
  3. Disable Internet Explorer Enhanced Security.
    1. Install Microsoft Web Platform Installer 4.6 (can be downloaded from here if the WAP server has no Internet follow this blog post)
    2. In Windows Server 2012 R2, install the following software through Web Platform Installer, in this order:
      1. Enable Microsoft .NET Framework 3.5 SP 1 in Server Manager.
      2. .NET 4.5 Extended, with ASP.NET for Windows 8.
      3. IIS recommended configuration.
  4. Launch WEB PI Installer.
  5. Select Products from the top menu.
  6. Type: Windows Azure Pack in the search field in the left side.
  7. Click Add Windows Azure Pack: Portal and API Express.

    Figure 1: WAP Express installer in Web PI

  8. Click Install at the bottom of the WEB PI windows.
  9. Read the terms of use, Click I Accept.
  10. When the Wizard completes the installation, it will present a screen as the one described in the picture below asking to Continue. When clicking in the Continue button, an Internet Explorer Window will be launched.

    Figure 2: WAP Install screen in Web PI

    Figure 3: WAP Install screen in Web PI

  11. In the recently opened Internet Explorer page, copy the URL, and launch a new browser with administrative privileges. When the new browser is opened, paste the URL you obtained before (https://localhost:30101/).
  12. In the browser, if you are presented with warnings related to the certificate, click in continue. Then the Windows Azure Pack Setup will be displayed.

    Figure 4: WAP Install screen in Web PI

  13. In the Database Server page, provide the following information:
    1. Server Name: an instance that accepts SQL Authentication (for example db01.contoso.com).
    2. Authentication type: SQL authentication (Windows Authentication can also be used).
    3. Database server admin username: sa
    4. Password: ********
    5. Passphrase: ********
  14. Click on the arrow for next.

    Figure 5: Database Server setup in WAP install

  15. In the Customer Experience Improvement program select one option and click on Next.
  16. In the Features Setup page click on the  to finish the wizard.
  17. Once the setup has completed, click in the arrow button.

  18. Sign out and Sign in from WAP01 (this needs to be done for the user to be registered correctly in WAP).
  19. Open a browser and go to: https://wap01:30091.

Validating the installation succeeded:

In order to verify that the installation succeeded do the following:

  1. Log on to the WAP Server as Administrator.
  2. Start IIS Management Console.
  3. Check that the following IIS WEB Sites are created:
  4. Logon on the SQL Server (SQL01) as SQL Administrator.
  5. Open SQL Management Studio on the SQL Server as SA.
  6. Check that the following Databases were successfully created:

Figure 6: Websites created after WAP Install

Figure 7: Databases created after WAP Install

Configuring VMM and SPF

In this section we want to configure the following:

  • Virtual Machine Manager (VMM) High Level Configuration
  • Service Provider Foundation High Level Configuration

Virtual Machine Manager (VMM) High Level Configuration

 

Things to configure in SCVMM are the following in high level steps.

  1. Logon to VMM Server as Administrator.
  2. Start the VMM Console.
  3. In the SCVMM console go to Fabric - Add Resources - Windows Server Computers in an AD Domain or Untrusted AD domain and add the Hyper-V host to VMM.

  4. Once hosts have been added, copy one or more syspreped vhds to the VMM Library (e.g. \\vmm01\MSSCVMMLibrary\VHDs).

  5. Now create one or more clouds in SCVMM (in this case we created two: Contoso and Fabrikam) and assign one or more logical networks to the cloud. Make sure you leave Capability Profiles unchecked.

  6. Under VM Networks, create a VM Network, a subnet and an IP Pool. Connect the VM Network to a logical network that was assigned to the cloud created earlier. (e.g. Contoso Tenant)

  7. Then create one or more hardware profiles (for example, small, medium and large).

  8. Create templates from the syspreped VHDs copied to the library (for example, Windows Server 2012 R2 Core and Windows Server 2012 R2 GUI).

    NOTE: - when creating the VM templates, in Hardware Profiles it's not necessary to select one, for our example we created medium, then click next, and make sure that you select Create a new Windows Operating System Customization Settings, and select the operating system (for example, Windows Server 2012 R2 Datacenter). If this is not selected, the VM will not show up in the Windows Azure Pack Portal.

  9. Select Settings.
  10. Add the user under which the SPF Web Service (Application Pool) account is running to the Administrators group.
    1. Click Security > User Roles.
    2. Click Administrators > Members.
    3. Click Add and select the user that SPF Web Service (Application Pool) is running with. (e.g contoso\!spf).

Service Provider Foundation High Level Configuration

Add a local user to SPF_ local groups

Things to configure in Service Provider Foundation are the following in high level steps.

  1. Logon to the SPF Server as Administrator.
  2. Start Computer Management.
  3. Select Local User and Groups.
  4. Create a user you want to use for SPF by right click Users > new user (e.g. spf)

    Note: This is not the same as the SPF Web Service (Application Pool). This is a local user on the SPF Server.

  5. Click on the user and select the "Member Of" tab.
  6. Make the user member of all Groups starting with SPF_,.

Verify that the SPF Web Service is running under the right user credentials

The way SPF executes commands against VMM will be in the context of the user under which the web service is running.

To verify that the SPF Web Service is running under the right service account do the following:

  1. Login to the SPF server as an administrator
  2. Start IIS Manager
  3. Expand SPF Server > Sites and verify that SPF shows in the list.
  4. Select Applications Pools under connection menu
  5. Verify that both the VMM and Provider Application Pools are running under the account (Identity) that is also a member of the VMM Administrators (e.g. contoso\!spf)

Configuring the Windows Azure Pack

In this section we want to configure the following:

  • Configuring VM Clouds Resource Provider in the Windows Azure Pack
  • Configure SQL Servers Resource Provider in the Windows Azure Pack
  • Configuring a plan in Windows Azure Pack
  • Configure an Admin Account and a subscription in the Windows Azure Pack

To do this we need to do the following:

Configuring VM Clouds Resource Provider in the Windows Azure Pack

  1. Logon to WAP Admin Portal as an administrator (e.g. https://wap01.contoso.com:30091)
  2. Finish the Intro tour and click Ok.
  3. In the main window Select VM Clouds
  4. In the VM Clouds Window select Register System Center Service Provider Foundation.
  5. Type the Service URL, Username and Password.

    Note: the User name and password is the user created locally on the SPF server and which was added to the SPF groups (e.g. SPF01\spf).

  6. Verify that the registration goes well.

  7. Register VMM: Go to VM Clouds - Clouds - Use an existing Virtual Machine Cloud Provider to Provision Virtual Machines, and provide the following info:
    1. Virtual machine manager server: vmm01
    2. Port number (optional):
    3. Remote Desktop Gateway:
    4. Click on register.
  8. Verify that VMM Server registers correctly by selecting the server under clouds and verify that all clouds shows for the VMM Server.

Configure SQL Servers Resource Provider in Windows Azure Pack

Now we'll configure SQL Server for hosting. To do this do the following:

  1. In the WAP Admin Portal go to SQL Servers
  2. Click on Add an existing server to the hosting server group.
  3. In the wizard provide the following information:
    1. SQL Server Group: Default
    2. SQL Server name: db01
    3. Username: sa
    4. Password: ********
    5. Size of hosting server in GB: 20

    Note: The SQL Server used for the SQL server must have SQL Authentication enabled for the Service Provider service to work.

  4. Verify that the following message shows in the status area.

  5. Under Servers there should now be a new SQL Server showing.

Configuring a Plan in Windows Azure Pack

  1. In the WAP Admin Portal go to Plans.
  2. Click on + New -> PLAN -> CREATE PLAN.
  3. Specify a name for the plan (e.g. Contoso).
  4. Select the service that should be offered via the plan (e.g. Virtual Machine Clouds and SQL Servers) and click next.

  5. Skip add-ons and Click Ok.

    Note: In our scenario we created two plans: Contoso and Fabrikam.

  6. Under plan verify that the new Plan(s) shows in the list.

  7. Click on the first plan created.
  8. Under plan service click on Virtual Machine Clouds.
  9. Select the VMM Server (There should only be one in the list).
  10. Under Virtual Machine Cloud select the Cloud for which you would like to use with the plan (e.g. Contoso).
  11. Under Usage limit specify the usage limits that the plan should use.

  12. Under networks click Add network.
  13. Select the VM networks that should be used for the plan and click Ok.

  14. Click Add hardware profiles.
  15. Select the hardware profiles that should be used for the plan and click Ok.

  16. Click Add Templates and select the templates that should be used for the plan.

  17. Under Additional settings select the actions that should be allowed within the plan
  18. Click Save
  19. Verify that the plan service shows as configured and Active for both services

Configure a Admin Account and a subscription in Windows Azure Pack

  1. In the WAP Admin main menu click User Accounts
  2. Click + New -> User Account > Quick Create >
  3. Provide the following information:
    1. E-mail: eg. admin@contoso.com
    2. Password: *******
    3. Select a plan (e.g. Contoso)
  4. Click Create.
  5. Click on the newly created user and verify that a subscription shows.

Login as a Tenant and provision a VM and SQL Database to a Cloud.

  1. Open a browser and go to the WAP Tenant Portal (e.g. https://wap01.contoso.com:30081)
  2. Specify the user account created earlier and password (e.g. admins@contoso.com)
  3. Click on Submit.
  4. Finish the introduction wizard.
  5. Click on Virtual Machines.
  6. Click Create a virtual Machine Role.
  7. Select Standalone Virtual Machine.
  8. Select From Gallery -> Templates.
  9. Select a template in the list and click Next.

  10. Provide the following information of the VM.
    1. Name: e.g. Contoso01
    2. Password:
    3. Product Key

    Note: Depending on what kind of sysperped image is used, it's necessary to provide a product key. Only if the image is build using a Volume License image it might not be needed to provide a product key.

  11. Select a network for the Virtual Machine e.g. Contoso Tenant (this is the network that was selected when creating the plan).

  12. Click Next

  13. Go to Virtual Machine Manager.
  14. Start the VMM Console.
  15. Select Job and Select Running
  16. Verify that one job shows provisioning the virtual machine.

  17. Go back to the WAP Tenant Portal.
  18. Select SQL Server Databases.
  19. Click Add a New Database.
  20. Specify a Name for the Database (e.g. DB01).
  21. Click Next.
  22. Provide a User Name and a Password (e.g. dba01).

  23. Click Ok to create the Database.
  24. Verify that the job completes with success.

  25. Click on All Items.
  26. Verify that a VM and a Database shows in the list.

Hope this blog post will help you with Installing and configuring Windows Azure Pack by providing an example end to end.

In the next blog post we will look at how you can create certificates for Windows Azure Pack

Until Next time, happy installing and configuring Windows Azure Pack!

Dave, Victor & Anders

Your comment has been posted.   Close
Thank you, your comment requires moderation so it may take a while to appear.   Close
Leave a Comment
  • Is it possible to have WAP installed in the DMZ domain and SMA in an other domain? Can you make a connection from WAP to SMA in this way?

  • Has anyone configured system center 2012 R2 Windows Azure pack to use ADFS for domain authentication yet? I have gone through the steps for ADFS and I get a 500 error when trying to login to the tenant portal. I have confirmed the ADFS portion is working but I can't get Azure to work corretly with ADFS.

  • I would really like to see an install and configure series that doesn't take the express install route with WAP. I would love to see a fully distributed install. Any chance of anyone doing that?

  • @Jason - we are just about to release a full deployment guide for the distributed install over the next few weeks. This will showcase deployment on 2 physical servers for a initial POC, and cover all features up to usage (usage reporting will come in V2). @Christopher - as part of the guide I mentioned above, we also have a full ADFS implementation for WAP.

  • @Anonymous Yes this should be a possible scenario (have not tested it personally). As long as you open for the connection and have a user that is member of sma local Group you should be good to go. You might think about if you want to put all wap roles in the dmz as there can be different options for this. In some scenarios only the WAP tenant web and api roles are placed in the dmz. This depends on your requirements, which I don't know.

  • Hi Anonymous Please check this blog post for guidance on ADFS and WAP. http://blogs.technet.com/b/privatecloud/archive/2013/12/17/federated-identities-to-windows-azure-pack-through-ad-fs-part-1-of-3.aspx

  • @Michael - Looking forward to that series, any idea when it will be posted?

  • @Michael - Looking forward to that series, any idea when it will be posted?

  • How to add a user as Admin User for Windows Azure Pack Admin Portal? There is already one user which is the administrator which was used for installing Azure pack. But, how to add more users as ADMIN?

  • Have a look here part 2: http://blogs.technet.com/b/privatecloud/archive/2013/12/05/adding-an-already-running-vm-in-virtual-machine-manager-to-a-wap-subscription.aspx

  • The article describes how to add a user as Co-Admin to a subscription (for access to Tenant portal). I am looking for adding a user for access to Admin portal rather than tenant portal. So that the service provider can use multiple ids to access the admin portal rather than sharing a single administrator id. Can you please help?

  • Hi WAPUser. I understand what you mean. By default WAP Admin portal uses AD for authentication of Admin users. This means that all users in the AD where WAP Admin portal is installed can login to the portal if they are added to the WAP local Security Group (MgmtSvc Operators). To add a user do the following: 1. Logon to the server where the WAP Admin Portal is installed. as an administrator 2. Start Computer Management 3. Click Local User & Groups 4. Select Groups 5. Select MgmtSvc Operators Group and click add user 6. Add the Group or users you want to give access to the WAP Portal. 7. Click Ok 8. Login to WAP Admin Portal using the new credentials. Let me know if you run into any challenges. Regards Anders

  • Anders, Really appreciate the quick reply. Followed the steps you provided and it worked like a charm. Thank you.

  • Hello, We have two datacenters. The user can select the datacenter you there when it registered the azure interface pack ? Thank you

  • when i am trying to add vmm server to the wap server after spf registration its showing that an error occured while processing this request and registration is getting failed