Packt+ | Advance your knowledge in tech

You're reading from Building Clouds with Windows Azure Pack

Product typeBook

Published inJan 2016

PublisherPackt

ISBN-139781785882470

Edition1st Edition

Tools

Azure Pack System Center

Concepts

Cloud Computing

Author (1)

Amit Malik

Chapter 3. Installing and Configuring Windows Azure Pack

In the previous chapter, we covered planning and configuration of Cloud Fabric Infrastructure, which is used to host the Cloud Fabric management and tenant workloads. Moving ahead, in this chapter we shall cover the installation and configuration of Windows Azure Pack websites, APIs, and authentication sites. We shall also cover post deployment steps such as customizing portal names and certificates as per enterprise and service providers' needs.

We will be covering the following topics in this chapter:

Windows Azure Pack deployment model review
Installing and configuring Windows Azure Pack
Installing Windows Azure Pack in a distributed model
Required firewall ports for WAP components
Customizing WAP portals' accessibility and certificates summary
Registering the Service Provider Foundation with WAP

Windows Azure Pack deployment models review

In Chapter 1, Know Windows Azure Pack and Its Architecture, we covered the architecture and various deployment models for an organization's private cloud and a service provider's cloud needs. Let's have a review of possible and recommended deployment models before starting actual installation of Windows Azure Pack (WAP).

Express Deployment Architecture: In Express Deployment Architecture, all components of WAP (portals, APIs, and authentication sites) are installed on a single Windows Server 2012/Windows Server 2012 R2. It doesn't provide any high availability and is suitable only for testing, development, and deployments. For the purpose of evaluating WAP in this book, we shall be following the Express Deployment model.
Distributed Deployment Architecture: In Distributed Deployment Architecture, WAP roles such as Admin/Tenant portals or API's. authentication sites are deployed in a distributed manner involving multiple Windows servers to provide...

Installing and configuring Windows Azure Pack

Microsoft Web Platform Installer (WEB PI) is used to install Windows Azure Pack components in both Express and Distributed Architectures. Microsoft Web Platform is a free tool available, which is used to download and install latest components of Microsoft Web platform-related components such as IIS, .NET, web development tools, web applications, Windows Azure Pack, and so on. Web PI automatically detects the operating system on which it's executed and displays only compatible solutions available for download and installation.

Before downloading and starting Web Platform installer, we need to ensure that Windows Azure Pack installation prerequisites are completed. Let's finish up the prerequisites before starting the installation.

WAP installation prerequisite

For the purpose of evaluation, we are installing Windows Azure Pack in the Express Deployment model. The following hardware and software prerequisites have to be met before starting the installation...

Installing Windows Azure Pack in a Distributed architecture

Installation of Windows Azure Pack in a Distributed architecture is similar to Express installation. In a Distributed architecture, instead of selecting Windows Azure Pack: Portal and API Express, individual components such as Admin site and Admin authentication sites are selected and installed on multiple servers.

Microsoft Web Platform Installer (Web PI) is used to select individual components and installation of each of them on all the WAP servers. Let's have a look at the steps to deploy WAP in a Distributed architecture.

Complete the hardware and software prerequisite on all WAP servers (see Chapter 1, Know Windows Azure Pack and Its Architecture, for various deployment topologies of WAP in a Distributed architecture, last topic for software prerequisites).
Verify required firewall ports allowed in Windows or network firewalls.
Deploy any load balancers (physical or logical) for WAP virtual machines as per architecture.
Install...

Required firewall ports for WAP components

The following networks ports have to be allowed in networks or any other external firewalls to enable communication between WAP components and websites access by admins or tenants.

Windows Azure Pack automatically creates rules in Windows firewall (if enabled) for these ports. Note that the following list includes only the default ports used by WAP components; add other ports if using any customized ports.

Customizing WAP portal's accessibility and certificates

By default, WAP websites use server hostnames as website URL, default port number, and self-signed certificates. In this topic, we will change the website's name, that is, URL, default port (such as 30081 to 443 for tenant portal) and SSL certificate with internal or public certificates as required. It is recommended to customize these portals' configuration for better security and user experience.

Assume a user experience of a tenant portal, also known as a customer portal, with complex enough URL and a custom port to add with disturbing security warnings of untrusted SSL certificates. Windows Azure Pack provides flexibilities to change URLs and ports along with trusted SSL certificates for WAP websites for improved security and smooth end user experience.

Before getting things into action, let's understand which websites come into the picture for the user logins (Admin or Tenant) WAP portal use claim-based authentication mechanism during...

Registering Service Provider Foundation with WAP

Now that we have our portal ready for Admin and Tenant usage, it's time to integrate or make WAP APIs communicate with Fabric prepared in the previous chapter. In this section, we will register Service Provider Foundation with Windows Azure pack Service Management APIs.

See Chapter 1, Know Windows Azure Pack and Its Architecture, System Centre integration section, to learn more about integration between WAP APIs and SPF.

Before registering, verify if SPF is deployed and configured properly to ensure successful registration:

There is network reachability on required ports between the WAP server and SPF
SPF application pools identity are running as a domain user
The SPF App Pool identity user has admin permissions on SCVMM and SPF DB
The local user is created on SPF server for WAP integration. Ensure that this local user is added to the SPF Local Groups Server (SPF_Admin, SPF_Provider, SPF_Usage, and SPF_VMM)

Steps to register SPF Endpoint in WAP are...

Summary

In this chapter, we learned about installation and configuration of Windows Azure Pack in the Express Deployment model and Distributed Deployment model. We did an installation and configuration walkthrough of different WAP components.

We also covered customizing portals' URLs, ports, and SSL certificates to provide better user experience and to comply with organizations' and cloud providers' needs. At the end of this chapter, we customized Admin and Tenant portals accessible for users (Admin and Tenant users), waiting to offer cloud services.

In the next chapter, we shall be building IaaS cloud offering catalogues.

The rest of the chapter is locked

You have been reading a chapter from

Building Clouds with Windows Azure Pack

Published in: Jan 2016Publisher: PacktISBN-13: 9781785882470

A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.

undefined

Unlock this book and the full library FREE for 7 days

Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of

Start free trial

Renews at $15.99/month. Cancel anytime

Author (1)

Amit Malik

Amit Malik is an IT enthusiast and technology evangelist from Delhi, India. He specializes in Virtualization, Cloud, and emerging technology space. He has an intense knowledge in building cloud solutions with Microsoft Windows Azure Pack. Amit holds various industry admired certifications from all major OEM's in Virtualization and Cloud space including MCSE for Private Cloud. Amit has designed and built numerous virtualization and private cloud solutions comprising the product lines of Microsoft, VMware, and Citrix. Apart from these, he can be found working on emerging technologies including VDI, hyper convergence, Software Defined Infrastructure solutions including networking and storage, Containers, Big Data, IoT, and other similar technologies. Amit is interested in building products and doing product management in near future for related technology space. You can always reach Amit on LinkedIn (https://in.linkedin.com/in/amitmalik99)or email (contact2amitmalik@gmail.com)
Read more about Amit Malik

Personalised recommendations for you

Based on your interests and search pattern

Designing and Implementing Microsoft Azure Networking Solutions

Designing and Implementing Microsoft Azure Networking Solutions Exam Ref AZ-700 is an all-encompassing guide to the AZ-700 exam and contains all the information you need to succeed in the world of virtual networking with Azure. With this book, you will be fully prepared for the exam and the world of cloud networking.

BookAug 2023524 pages

Microsoft 365 Security, Compliance, and Identity Administration

The Microsoft 365 Security, Compliance, and Identity Administration is a comprehensive guide that helps you employ Microsoft 365's robust suite of features and empowers you to optimize your administrative tasks.

BookAug 2023630 pages

Zero Trust Overview and Playbook Introduction

Get started on Zero Trust with this step-by-step playbook and learn everything you need to know for a successful Zero Trust journey with tailored guidance for every role, covering strategy, operations, architecture, implementation, and measuring success. This book will become an indispensable reference for everyone in your organization.

BookOct 2023240 pages

The Self-Taught Cloud Computing Engineer

This self-study book helps you master multiple clouds, including AWS, Azure, and GCP, and serves as a roadmap to becoming a certified cloud computing expert. The book will guide you to develop a professional cloud career by helping you build a broad cloud knowledge base, developing hands-on cloud computing skills, and getting cloud certified.

BookSep 2023472 pages

Technology Operating Models for Cloud and Edge

This book will help you build and create ownership of a technology operating model, as well as connect your leadership with engineering and operations, keeping your internal and external customers in mind. It provides practical tips on why, where, and how to make the cloud and edge platform paradigm sing for you, your team, and your organization.

BookAug 2023228 pages

Azure Architecture Explained

Azure is the preferred platform to build mission-critical and secure apps. This book provides comprehensive coverage of essential Azure products, services, and solutions vital for every solution architect's success. Elevate your knowledge and master the critical components of Azure to excel in your role with Azure Architecture Explained.

BookSep 2023446 pages

Pentesting Active Directory and Windows-based Infrastructure

This practical guide helps you explore the pentesting of Microsoft infrastructure in detail, and enhances your offensive skillset by showing you the different ways to perform security assessment. This book will help blue teamers and IT engineers get up to speed with possible security issues they may encounter in their Windows environments.

BookNov 2023360 pages

Practical Ansible

In Practical Ansible, you'll work with the latest release of Ansible and learn to solve complex issues quickly with the help of task-oriented scenarios. You'll start by installing and configuring Ansible to automate monotonous and repetitive IT tasks and get to grips with concepts such as playbooks, inventories, plugins, collections, and network modules.

BookSep 2023420 pages

Windows 11 for Enterprise Administrators

Microsoft’s launch of Windows 11 is a step toward satisfying the enterprise administrator’s needs for better management and enhanced user experience customization. This book provides the enterprise administrator with the knowledge needed to fully utilize the advanced feature set of Windows 11 Enterprise.

BookOct 2023286 pages

The Linux DevOps Handbook

This book is for software and IT professionals seeking knowledge on Linux systems and DevOps practices. This book will provide you with guidance and tools to learn and gain proficiency in managing Linux-based infrastructures and knowledge of DevOps.

BookNov 2023428 pages2

WAP Service	Port Number	Scope
Admin API	30004	Any IP required to access Admin API. It is usually cloud management IP range.
Management portal for Admins	30091	Any IP required to access admin portal. It is usually cloud management IP range.
Windows authentication site (used for admin portal authentication)	30072	Any IP required to access admin portal. It is usually cloud management IP range.
Configuration site	30101	Local WAP components subnet. This will be accessed during initial setup.
Monitoring site	30020	Any IP required to...