...building hybrid clouds that can support any device from anywhere
After numerous requests from people we have talked to, we are now doing a blog post on how to install Windows Azure Pack and configuring the basic settings for IaaS and Databases Resource Providers.
In the following series of blog posts Shri from the Windows Azure Pack Product team and I will explain how you can:
Contoso Inc is a Service Provider offering IaaS Service like Virtual Machines and SQL Databases to its customers (tenants).
Contoso has a domain called Contoso.com and wants to deploy a Windows Azure Pack infrastructure which enables them to offer VM and Database services.
They want to setup a Proof of Concept to test the solution, the solution has a simplified setup from what it would look like it production, as it will be used to test general concepts.
The Proof of Concept environment will look like the following:
The Servers will be configured as follows:
Active Directory, ADFS, Certificate Server
Windows Azure Pack
Windows Azure Pack Express Install
Service Provider Foundation
Virtual Machine Manager
Virtual Machine Manager 2012 R2 managing one Hyper-v host
This blog post will take you from Installing Windows Azure Pack all the way to deploying your first VM and Database in your Cloud.
This is not in any way replacing the TechNet documentation, but due to many requests of having a scenario based example we have taken the feedback and created this blog post.
The following links are the official documentation for Installing and configuring Windows Azure Pack.
In this blog post we will explain how to perform the following tasks;
Disclaimer: This environment is meant for testing only. This should not be considered guidance for production use, as several decisions made in this blog post are not targeting a production environment.
Let's get started:
Figure 1: WAP Express installer in Web PI
Figure 2: WAP Install screen in Web PI
Figure 3: WAP Install screen in Web PI
Figure 4: WAP Install screen in Web PI
Figure 5: Database Server setup in WAP install
In order to verify that the installation succeeded do the following:
Figure 6: Websites created after WAP Install
Figure 7: Databases created after WAP Install
In this section we want to configure the following:
Things to configure in SCVMM are the following in high level steps.
NOTE: - when creating the VM templates, in Hardware Profiles it's not necessary to select one, for our example we created medium, then click next, and make sure that you select Create a new Windows Operating System Customization Settings, and select the operating system (for example, Windows Server 2012 R2 Datacenter). If this is not selected, the VM will not show up in the Windows Azure Pack Portal.
Things to configure in Service Provider Foundation are the following in high level steps.
Note: This is not the same as the SPF Web Service (Application Pool). This is a local user on the SPF Server.
The way SPF executes commands against VMM will be in the context of the user under which the web service is running.
To verify that the SPF Web Service is running under the right service account do the following:
To do this we need to do the following:
Note: the User name and password is the user created locally on the SPF server and which was added to the SPF groups (e.g. SPF01\spf).
Now we'll configure SQL Server for hosting. To do this do the following:
Note: The SQL Server used for the SQL server must have SQL Authentication enabled for the Service Provider service to work.
Note: In our scenario we created two plans: Contoso and Fabrikam.
Note: Depending on what kind of sysperped image is used, it's necessary to provide a product key. Only if the image is build using a Volume License image it might not be needed to provide a product key.
Hope this blog post will help you with Installing and configuring Windows Azure Pack by providing an example end to end.
In the next blog post we will look at how you can create certificates for Windows Azure Pack
Until Next time, happy installing and configuring Windows Azure Pack!
Dave, Victor & Anders
Is it possible to have WAP installed in the DMZ domain and SMA in an other domain? Can you make a connection from WAP to SMA in this way?
Has anyone configured system center 2012 R2 Windows Azure pack to use ADFS for domain authentication yet? I have gone through the steps for ADFS and I get a 500 error when trying to login to the tenant portal. I have confirmed the ADFS portion is working but I can't get Azure to work corretly with ADFS.
I would really like to see an install and configure series that doesn't take the express install route with WAP. I would love to see a fully distributed install. Any chance of anyone doing that?
@Jason - we are just about to release a full deployment guide for the distributed install over the next few weeks. This will showcase deployment on 2 physical servers for a initial POC, and cover all features up to usage (usage reporting will come in V2).
@Christopher - as part of the guide I mentioned above, we also have a full ADFS implementation for WAP.
Yes this should be a possible scenario (have not tested it personally). As long as you open for the connection and have a user that is member of sma local Group you should be good to go. You might think about if you want to put all wap roles in the dmz as there can be different options for this. In some scenarios only the WAP tenant web and api roles are placed in the dmz. This depends on your requirements, which I don't know.
Please check this blog post for guidance on ADFS and WAP.
@Michael - Looking forward to that series, any idea when it will be posted?
How to add a user as Admin User for Windows Azure Pack Admin Portal? There is already one user which is the administrator which was used for installing Azure pack. But, how to add more users as ADMIN?
Have a look here part 2: http://blogs.technet.com/b/privatecloud/archive/2013/12/05/adding-an-already-running-vm-in-virtual-machine-manager-to-a-wap-subscription.aspx
The article describes how to add a user as Co-Admin to a subscription (for access to Tenant portal). I am looking for adding a user for access to Admin portal rather than tenant portal. So that the service provider can use multiple ids to access the admin portal rather than sharing a single administrator id. Can you please help?
I understand what you mean.
By default WAP Admin portal uses AD for authentication of Admin users.
This means that all users in the AD where WAP Admin portal is installed can login to the portal if they are added to the WAP local Security Group (MgmtSvc Operators).
To add a user do the following:
1. Logon to the server where the WAP Admin Portal is installed. as an administrator
2. Start Computer Management
3. Click Local User & Groups
4. Select Groups
5. Select MgmtSvc Operators Group and click add user
6. Add the Group or users you want to give access to the WAP Portal.
7. Click Ok
8. Login to WAP Admin Portal using the new credentials.
Let me know if you run into any challenges.
Really appreciate the quick reply. Followed the steps you provided and it worked like a charm. Thank you.
Hello, We have two datacenters. The user can select the datacenter you there when it registered the azure interface pack ? Thank you
when i am trying to add vmm server to the wap server after spf registration its showing that an error occured while processing this request and registration is getting failed