- By Orin Thomas
- Objective 4.1: Configure private cloud integration
- Objective 4.2: Configure integration of private and public clouds
Objective 4.2: Configure integration of private and public clouds
This objective deals with Service Provider Foundation and Microsoft Azure Pack for Windows Server, which are add-ons that allow you to extend your organization’s private cloud infrastructure. Service Provider Foundation allows you to build a multi-tenant self-service private cloud. Microsoft Azure Pack for Windows Server allows you to use the Microsoft Azure public cloud interface as a way of allowing your on-premises users to interact with your organization’s private cloud.
This section covers the following topics:
- Understanding Service Provider Foundation
- Deploying Service Provider Foundation
- Understanding Microsoft Azure Pack for Windows Server
Understanding Service Provider Foundation
Service Provider Foundation allows you to build a multi-tenant self-service private cloud that includes the following features:
- Multi-Tenancy Supports multiple separate tenants. Each tenant is isolated from other tenants.
- Usage Monitoring Monitor how cloud resources are being utilized through Operations Manager.
- Usage Billing Service Provider Foundation supports chargeback, which is where organizations charge tenants fees based on how they utilize resources.
- Usage Metering Measure resource utilization.
- Management Stamps A scalable unit of virtualized platform infrastructure.
A management stamp represents a unit of virtualized platform infrastructure that includes a VMM deployment, one or more virtualization hosts, the VMs that are managed by VMM, and the unique service accounts and user roles that are individual to that stamp.
Stamps are monitored through Operations Manager, though one instance of Operations Manager may monitor many stamps. Stamps allow service providers to spread tenants and services across System Center elements in separate datacenters. For example, if your organization has datacenters in Melbourne, Sydney, and Brisbane, a stamp can be configured to allow a tenant seamless access to resources in all three locations.
Stamps are scalable. This means that as a tenant’s capacity requirements increase, additional stamps can be allocated to meet that demand. For example, if a tenant needs 10,000 additional VMs in the Melbourne datacenter, additional stamps can be allocated to the tenant.
Service Provider Foundation allows organizations to use industry standard web service interfaces to connect their own web based management interfaces to a System Center cloud through the REST (Representational State Transfer) web service and the Odata (Open Data Protocol) API. Service Provider Foundation provides a programmatic web-based management interface to a large number of VMM scenarios. Rather than being restricted to using one of Microsoft’s self-service portal implementations, a tenant can use their own Self-Service Portal to interface with the System Center backend resources.
Service Provider Foundation has the following elements:
Web Services These provide tenants with portal applications and administration tools and include the following:
- Admin Web Service This web service generates User Roles, Servers, management stamps and other objects required for administrative tasks
- VMM Web Service This web service interacts with VMM to create and manage virtual machines, virtual networks, and tenants
- Usage Web Service This web service collects usage data from tenant virtual machines and other parts of the fabric such as storage and networking
Deploying Service Provider Foundation
The Service Provider Foundation installation files are located on the System Center 2012 R2 Orchestrator installation media. Service Provider Foundation has the following prerequisites as shown in Figure 4-30:
- Windows Server 2012 or Windows Server 2012 R2
- PowerShell 4.0
- IIS Version 7.5 or later
- IIS Management Scripts and Tools role service
- IIS Security Basic Authentication
- IIS Security Windows Authentication
- IIS Application Development ASP.NET 4.5
- WCF Data Services 4.0 for OData V3
- ASP.NET MVC 4
- Management OData IIS Extension
Virtual Machine Manager 2012 R2 Administrator Console
FIGURE 4-30 SPF prerequisites
You deploy Service Provider Foundation from the Orchestrator installation media. To deploy Service Provider Foundation, perform the following steps:
On the System Center 2012 R2 Orchestrator Setup dialog box, shown in Figure 4-31, click Service Provider Foundation.
FIGURE 4-31 Installation splash screen
- On the Service Provider Foundation dialog box, click Install.
- On the License Terms page, agree to the license terms.
- On the Prerequisites page, verify that all prerequisites are available.
On the Configure The Database page, review the database settings. Figure 4-32 shows the default database name is SCSPFDB.
FIGURE 4-32 Database server settings
On the Specify A Location For The SPF Files, specify the port number and the server certificate details. Figure 4-33 shows a certificate issued from an internal CA.
FIGURE 4-33 SPF file location
- On the Configure The Admin Web Service page, specify the domain credentials of the System Center Administrator web service and the credentials of the related application pool service account.
- On the Provider Web Service page, you specify domain credentials for the System Center Provider web service and the application pool credentials for the related application pool.
- On the VMM Web Service page, specify domain credentials for the VMM web service and service account credentials for the VMM web service application pool.
- On the Usage Web Service page, specify domain credentials for the Usage web service and service account credentials for the Usage web service.
- On the CEIP and Microsoft Update page, choose whether to opt in to the Customer Experience Improvement Program, and whether to enable Microsoft Update.
On the Installation Summary page, review the installation settings, and click Install. Verify that Setup Is Complete, as shown in Figure 4-34.
FIGURE 4-34 Verify setup is complete
Understanding Microsoft Azure Pack for Windows Server
Microsoft Azure Pack provides an on-premises replica of Microsoft Azure services that you can deploy in your datacenter, including Virtual Machine and website provisioning. The advantage of Microsoft Azure Pack is that it provides a replica of the experience that a user would get if they used the online Microsoft Azure portal to perform tasks.
Microsoft Azure Pack provides Self-Service IT through a Self-Service Portal that allows hybrid cloud scenarios. A hybrid cloud is spread across private, public, and hosted clouds.
Microsoft Azure Pack includes the following:
- End User Portal The end user portal is designed to replicate the Microsoft Azure portal. Like the Microsoft Azure portal, the end user portal allows end users to access their resources in the private cloud. Administrators can configure separate offerings for each tenant.
- Management Portal This portal is for cloud administrators. It allows them to manage the offerings and services that end users access through the end user portal.
- Management API Web service that handles requests from the management portal. Can also be used by third party management portals through OData REST standards.
- Service Management API Database Stores configuration data.
- Web Sites Provides a scalable shared web hosting platform. Supports sites that host ASP.NET, PHP, and Node.js applications.
- Virtual Machines Supports the deployment of any VM that can be managed using VMM. Supports software defined networking and remote access connections to each VM’s console.
- Databases Supports Microsoft SQL 2008/2012 and MySQL 5.x in Platform as a Service configuration.
- Service Management Automation Allows the building of automation based on Orchestrator and PowerShell 3.0 workflows.
- Service Bus Provides a messaging service between applications running in the private cloud.
VMM is able to collect usage data, such as CPU, memory, storage, and network utilization, for all of the VMs and virtualization hosts it manages. VMM stores this data in the VMM database for 30 days. If you’ve integrated VMM with Operations Manager, this data can be transferred across to the Operations Manager data warehouse.
The Service Provider Foundation element of Microsoft Azure Pack is able to utilize this data when stored in the Operations Manager data warehouse, providing it to authorized users to view through interfaces such as the management portal for administrators. Service Provider Foundation is able to collect metric data from multiple VMM instances and aggregate them so that you can use that data for billing, or for overall infrastructure analysis.
Microsoft Azure Pack VM clouds
To add a VMM cloud to Microsoft Azure Pack, perform the following general steps:
- On the server that hosts the Microsoft Azure Pack Management Portal for Administrators, start the Management Portal by navigating to https://localhost:30091.
- In the Management Portal, click VM Cloud.
Click Register System Center Service Provider Foundation Server. This will be in the form https://server.fqdn:8090. You’ll need to provide the credentials used for the following Application Pool identities on the Service Provider Foundation server:
- Once registration is complete, all of the VMM instances (or stamps) associated with the Service Provider Foundation endpoint will be listed.
All clouds present on the VMM server (or stamp) will be listed under the Clouds tab of the portal. You can add stamps or VMM servers in the management portal for Administrators by clicking New, click VM Clouds, and click Connect to, and specify the FQDN of the VMM server or stamp.
Microsoft Azure Pack web clouds
A Microsoft Azure Pack web cloud deployment has the following roles:
- Web Sites Controller This role is used by Microsoft Azure Pack to provision and manage other web sites role.
- Management Server This role hosts a REST endpoint. It routes management traffic to the Microsoft Azure Pack Web Sites Management API.
- Web Workers The web servers that will process client web requests. Can be configured as either Shared or Reserved. One of each is required. Reserved web workers are categorized as small, medium, and large.
- Front End This role accepts client web requests, provides clients with responses from web workers, routes web worker requests, and provides load balancing and SSL termination.
- File server Hosts web site content for every web site that runs on the web cloud.
- Publisher Allows content publishing to the web sites in the cloud for FTP clients, Visual Studio, and WebMatrix through the Web Deploy and FTP protocols.
- Web Sites Runtime Database Database that Microsoft Azure Pack web clouds uses for operations.
- Service Management API Database Stores configuration data for the Microsoft Azure Pack Service Management API. This role will have already been installed during the deployment of Microsoft Azure Pack.
- Application Databases If supported usage scenarios include providing back end database functionality for the websites hosted through Microsoft Azure Pack for Windows Server, it’s necessary to install databases instances for one or both of Microsoft SQL Server or MySQL.
Microsoft Azure Pack SQL clouds
The SQL Server and MySQL resource providers for Microsoft Azure Pack enable users to have the use of Microsoft SQL and MySQL databases. To support this usage scenario, it is necessary for you to install the separate SQL server and MySQL databases that underpin this service. It is only necessary to install MySQL if you want to offer MySQL through Microsoft Azure Pack.
To install a SQL Server or MySQL resource provider:
- Sign on to the computer on which you are going to install the SQL Server or MySQL resource provider, and launch the Web Platform Installer.
- On the Products tab of the Web Platform Installer, click Microsoft Azure.
Depending on whether you are deploying a SQL Server provider or MySQL provider, click Add next to one of the following, and then click Install:
- Microsoft Azure Pack: SQL Server Extension
- Microsoft Azure Pack: MySQL Extension
When the installation completes, click Continue. This will launch the Configuration site. On this site, enter the following information using the settings specified when you deployed Microsoft Azure Pack for Windows Server:
- Address of the database server configured when you deployed Microsoft Azure Pack
- Azure Pack database authentication details
- Azure Pack Configuration Store passphrase.
- Once these steps are complete, you’ll be able to register the database endpoints for the Microsoft SQL or the MySQL instances you have deployed.
Once you have registered the appropriate resource provider, you can register database endpoints. You’ll need to have deployed the database instance prior to attempting endpoint registration.
Register Microsoft SQL Database Endpoint
To register a Microsoft SQL database endpoint, perform the following steps:
- Sign on to the server that hosts the Microsoft Azure Pack Management Portal for Administrators, and launch the portal.
- Click SQL Servers in the navigation pane, and then click New or Add. Click Connect.
Provide the following SQL Server instance name:
- Group Name The name of the group that you want the instance to belong to in Microsoft Azure Pack.
- Server Name The name of the server that hosts the instance. Usually this will be just the name of the server, but can also include the instance name in the Servername\instancename format if you have deployed multiple instances on a computer.
- Administrator User Name Name of a user with administrative privileges on the instance.
- Administrator Password Password of the user account specified that has administrative privileges on the instance.
- Size Of The Hosting Server (GB) Specify the amount of disk space available on the hosting server.
- Click Connect to register the Microsoft SQL instance.
Register MySQL Instance
To connect an existing MySQL instance to Microsoft Azure Pack, perform the following steps:
- Sign on to the server on which you deployed the Microsoft Azure Pack Management Portal for Administrators and launch the management portal.
- In the Microsoft Azure Pack Management Portal for Administrators, click MySQL Servers, click New or Add, and then click Connect.
Provide the following information about the MySQL instance:
- Group Name Name of the Microsoft Azure Pack group to which you want to add the MySQL server.
- Server Name Name of the MySQL server instance.
- Administrator User Name Name of a user account that has administrative privileges on the MySQL instance.
- Administrator Password Password of the user account that has administrative privileges on the MySQL instance.
- Size Of The Hosting Server (in GBs) Provide the amount of available space.
Click Connect to register the MySQL instance.
- Enter the MySQL server instance information: group name, server name, administrator user name, administrator password, and the size of the hosting server (in GBs).
- Click Connect. When you receive a message indicating that registration was successful, close the message.
- Service Provider Foundation allows you to build a multi-tenant self-service private cloud.
- Service Provider Foundation clouds support multi-tenancy, usage monitoring, usage billing, usage metering, and management stamps.
- A management stamp represents a unit of virtualized platform infrastructure that includes a VMM deployment, one or more virtualization hosts, the VMs that are managed by VMM, and the unique service accounts and user roles that are individual to that stamp.
- Stamps allow service providers to spread tenants and services across System Center elements in separate datacenters.
- As a tenant’s capacity requirements increase, additional stamps can be allocated to meet that demand.
- Microsoft Azure Pack provides an on-premises replica of Microsoft Azure services that you can deploy in your datacenter, including Virtual Machine and website provisioning.
- When deploying Microsoft Azure Pack, you need to provide credentials for the VMM, Usage, Admin and Provider Application Pool identities on the Service Provider Foundation server.
Answer the following questions to test your knowledge of the information in this objective. You can find the answers to these questions and explanations of why each answer choice is correct or incorrect in the “Answers” section at the end of this chapter.
You are installing Microsoft Azure Pack for Windows Server. Service Provider Foundation is already deployed in your organization’s environment. During the installation of Service Provider Foundation, you used domain accounts when configuring each application pool service account. Which of these credentials are required when deploying Microsoft Azure Pack for Windows Server? (Choose all that apply.)
- Provider web service application pool.
- Admin web service application pool.
- VMM web service application pool.
- Orchestrator web service application pool.
Which of the following database products can you install to provide as a service to users after installing Microsoft Azure Pack for Windows Server.
- Microsoft SQL Server.
Which of the following elements are included in a Service Provider Foundation management stamp? (Choose all that apply.)
- One or more virtualization hosts.
- Orchestrator runbook server.
- Operations Manager management group.
- VMs managed by VMM.