Today, I am excited to announce I will be joining the awesome team at 5nine Software as Director of Product Management. My primary job responsibilities will be for the product strategy and direction of 5nine’s security and management solutions. So, you ask, why Product Management? It’s been a lifelong dream to be part of shaping the direction of a technology solution. By joining 5nine, I hope to simplify IT, Cloud and beyond, because there’s always a better way 🙂
“What prepared me for this was very surprising looking back.”
Happy New Year Everyone!!! I know Azure Stack is just around the corner, but I still get lots of questions around configuring WAP and portals. So to follow-up my Windows Azure Pack (WAP) series, I am going to talk about reconfiguring server names and ports as well as assigning trusted certificates to my WAP Portals.
Hi Everyone…I love to show off the cool Microsoft integrations that Nutanix has and most recently Nutanix released System Center Virtual Machine Manager (SCVMM) 2012 R2 Fast Clones plug-in.
With NOS 4.1.3, Nutanix has released a Fast Clone plugin for SCVMM. The plug-in has the ability to provide space efficient, low impact clones from SCVMM and quickly. The plugin is a wrapper around Nutanix powershell commands for Fast Cones. The plugin does need proper access rights to the Hyper-V hosts and SCVMM and already should be setup for most environments that have Nutanix with Hyper-V deployed. You will need to install the plugin on the SCVMM host along with the Nutanix powershell command-lets.
Once you have the SCVMM Fast Clones plug-in installed, you can start creating Fast Clones right away. Installation is quick and easy and creating clones is just as easy as shown below.
To create VM clones using the Nutanix Fast Clones wizard, follow the below steps:
Start the SCVMM
Navigate to the Nutanix hosts.
Select a host and then select the VM to be cloned.
To invoke the wizard, do one of the following: Click the “Nutanix Fast Clone” button on the top menu-bar. Right-click the target VM and select “Nutanix Fast Clone” from the pop-up context menu:
In the Introduction screen, read the instructions and then click the “Next” button. NOTE: On start of the wizard, it makes a connection to the VMM to be able to communicate with it to run SCVMM PowerShell cmdlets to gather information about the selected VM.
The “Identity” screen is displayed. The “Source VM Name” and “Source VM Host Name” is prepopulated, enter the following information and then click the “Next” button:
Clone Type: Click the “Clone One Virtual Machine” radio button and enter a name for the clone when creating a single clone or click the “Clone Multiple Virtual Machines” radio button and enter the following information:
VM Prefix Name: This is the root part of the new VM name.
Beginning Suffix: a number to start the numbering of the new VMs
Number of Clones: a number between 1 and 100.
In the Authentication screen, enter the Prism and VMM Service Account user names and passwords in the appropriate fields, and then click the “Next” button.
In the “Select Path” screen, select the destination path and then click the “Next” button. Leave the default path “as is” or change it to a new path as needed by clicking the “Change the default path” box. Click the Browse button to select a destination path for the clone VMs. This is the path where virtual machine configuration files will be stored. The path must be on the same Nutanix SMB share as the VM configuration file.
In the “Add Properties” screen, click the appropriate radio button to either power on or not power on the VMs after cloning and then click the “Next” button.
In the Summary screen below, review (confirm) the settings are correct.
Clicking the “View Script” button displays the script to be executed:
Clicking the “Enable Verbose Messages” displays detailed log messages as the VMs are being created.
When the settings are correct, click the “Create” button to create the cloned VM(s). An hour glass is displayed and progress messages are displayed.
After the clones are created, click the Finish button to close the wizard and you just created VM’s at lighting speed.
If you want to check out Fast Clones for your environment, you can download Fast Clones from the Nutanix Portal at https://portal.nutanix.com.
Below is a demo video shows traditional cloning vs Fast Clones that my buddy @mcghem created. It shows the awesome benefit of Fast Clones.
As always, if you have any questions please post a comment.
Deploying SPF (Service Provider Foundation) – This blog post
Deploying Windows Azure Pack (coming soon)
Service Provider Foundation
SPF is provided with System Center 2012 – Orchestrator, a component of System Center 2012 R2. SPF exposes an extensible OData web service that interacts with System Center Virtual Machine Manager (SCVMM). This enables service providers and hosters to design and implement multi-tenant self-service portals that integrate IaaS (Infrastructure as a Service) capabilities available on System Center 2012 R2. The following picture shows how System Center w/SPF interacts with WAP to provide VM Cloud Services (see TechNet article for more info): As with every installation, SPF requires additional software, features and server roles. Setup wizard checks prerequisites and reports about their status. Unfortunately, there is no “button” to install all of requirements automatically. I’ve wrote a script to automate this process (see below). Please note: Don’t try to install SPF on the SCVMM Server. It’s not supported. Requirements:
SQL Server 2012 SP1 or higher instance (Already Deployed)
OS – Windows Server 2012 R2 VM (Already Deployed)
2 CPU Cores
4 Gigs of RAM
100 Gig OS Drive
Feature – Management OData Internet Information Services (IIS) Extension
Feature – NET Framework 4.5 features, WCF Services, and HTTP Activation.
Web Server (IIS) server. Include the following services:
Basic Authentication
Windows Authentication
Application Deployment ASP.NET 4.5
Application Development ISAPI Extensions
Application Deployment ISAPI Filters
IIS Management Scripts and Tools Role Service
Certificates: self-signed (wizard creates one automatically) or obtained SSL-certificate (recommended for production)
This script will install all requirements except SCVMM console (please note that SCVMM console has to be installed manually):
#IIS + Process activation model Install-WindowsFeature Web-Asp-Net45,Web-Scripting-Tools,Web-Basic-Auth,Web-Windows-Auth,NET-WCF-Services45,Web-ISAPI-Ext,Web-ISAPI-Filter,Web-Scripting-Tools,WAS-Process-Model,WAS-Config-APIs,ManagementOdata #Download and install WcfDataServices and AspNetMVC4 New-Item C:SPFRequirements -ItemType Directory Invoke-WebRequest http://download.microsoft.com/download/8/F/9/8F93DBBD-896B-4760-AC81-646F61363A6D/WcfDataServices.exe -OutFile C:SPFRequirementswcfdatasvc.exe Invoke-WebRequest http://download.microsoft.com/download/2/F/6/2F63CCD8-9288-4CC8-B58C-81D109F8F5A3/AspNetMVC4Setup.exe -OutFile C:SPFRequirementsaspnetmvc.exe Set-Location C:SPFRequirements .aspnetmvc.exe /quiet Wait-Process aspnetmvc .wcfdatasvc.exe /quiet Wait-Process wcfdatasvc Write-Host “All prerequisites are installed. Insert your SCVMM 2012 R2 DVD and install SCVMM Console manually. Then your environment will be ready for SPF installation“
Required user accounts
We need to create a domain user account for the Service Provider Foundation application pools and a domain group that will be used for the permissions on the individual virtual directories created by the installer.
In my test lab I have created the following domain service accounts. They do not need any special rights other than domain users group.
spfadmnsvc – SPF Admin Web Service
spfprovsvc – SPF Provisioning Web Service
spfusagesvc – SPF Provisioning Web Service
And the following domain group
SPF_Admins – Group for SPF Administrators – Add all your WAP admins to this gorup
This admin group should be added to the local Administrators group on the SPF server.
Certificates
The Service Provider Foundation provides an extensible OData web service. Communications to this web service can and should be encrypted by SSL. SSL requires certificates. The Service Provider Foundation allows for self-singed certificates (for testing purposes) and certificates issued by a standalone Certificate Authority, an enterprise Certificate Authority or a public Certificate Authority. The Service Provider Foundation install defaults to self-signed (wizard creates one automatically) or you can obtain a certificate from a Public CA for production.
Installation
The Service Provider Foundation setup is on the System Center Orchestrator R2 media.
When installing, login to the SPF server as a user that has DBO/SA rights to the SQL 2012 instance that will be hosting SPF databases.
Mount ISO with Orchestrator and run SetupOrchestrator.exe and click on “Service Provider Foundation”
Click Install
Accept license terms and click Next
We’ve already installed all prerequisites using my script, so just click Next
Define SQL Server 2012 SP1 Instance Name , Port Number and click Next. If you unable to reach SQL Server you have to open firewall ports (https://support.microsoft.com/kb/968872) or check SQL TCP properties
Choose certificate type (For test lab, use self-signed and can be changed out later) and click Next
Define application pool credentials (spfadminsvc) and SPF_Admin Group that will have an access to SPF services and click Next. It’s best practices to create new domain accounts for every SPF services instead of using Network Service account.
Provider Web Service properties , click Next
Usage Web Service configuration, click Next
Windows updates + CEIP – yes (Microsoft needs your feedback 🙂 ), click Next
Click Install
Setup is complete!
Update SPF with the latest rollup (https://support.microsoft.com/en-us/kb/3021802) or use Windows Update. Please note, the latest roll-up causing an issue in IIS and breaks SPF Web from working. I ran into this during my lab deployment. Check out this blog post on “System Center 2012 R2 : Update Rollup 4 breaks the SPF website” that fixes the issue.
This completes the SPF install. In a future blog post, we will be integrating SPF with WAP and SCVMM.
Additional links: http://technet.microsoft.com/en-us/library/jj642895.aspx http://technet.microsoft.com/en-us/library/dn266007.aspx Next up in my series, Installing the Windows Azure Pack on Nutanix
To continue the Windows Azure Pack series, here is my next topic: Windows Azure Pack – Environment Prep If you missed parts 1 or 2 in the series, check links below: Part 1 – Understanding Windows Azure Pack Part 2 – Understanding Windows Azure Pack – Deployment Scenarios
Environment Prep
In the first blog posting in this series we examined the capabilities and benefits of deploying WAP (Windows Azure Pack) in enterprise datacenters by first looking at Windows Azure, Microsoft’s public cloud offering.
In the second blog posting we looked at some of the terminology associated with WAP and we summarized two kinds of deployment scenarios on Nutanix: Express and Distributed architecture
Moving on…”Cloud” is the buzz word in all aspects of our computing life today, and more and more companies want to be able to offer the benefits of a “Cloud” environment to their on premises users. And by now, we should all know the Public Cloud (i.e. Azure, Amazon, etc.) might not suit everyone and is definitely not suited for all situations….That is where Nutanix and WAP standout; Giving your the ability to have a predictable, scalable , highly available, high performing IaaS (Infrastructure as a Service) hybrid datacenter
This series is meant to be a guide to building your own WAP test lab on Nutanix and also provide you guidance for building out a production Nutanix WAP environment.
WAP Test Environment Requirements
Just to see functionally, you could deploy it the requirements on one host with Nutanix CE (Community Edition), but building this WAP environment on a Nutanix cluster will give you real world results.
In this series, we will be building 2 VM’s for the WAP test environment. The VM’s consist of SPF (Service Provider Foundation) Server and Windows Azure Pack Server.
In my test lab, I am using a 4 Node Nutanix NX3050 Cluster with Server 2012 R2 Hyper-V. This blog post assumes you have an Active Directory Domain and SCVMM (System Center Virtual Machine Manager) 2012 R2 up and running. It also assumes you have an empty SQL 2012 SP1 server built for hosting SPF, WAP and Tenant SQL Databases.
Virtual Machine Manager is installed and configured and:
Member of the Active Directory domain.
One or more SCVMM Clouds created in SCVMM (see below video)
One or more VM Networks created in SCVMM (see below video)
Service Provider Foundation
Windows Server 2012 R2
4 Gigs of RAM
2 CPU Cores
Database Storage
Member of the Active Directory domain
Windows Azure Pack Server
Windows Server 2012 R2
4 Gigs of RAM
2 CPU cores
20 Gigs Data Storage
Database Storage
Member of the Active Directory domain
SQL Server is installed and running
Windows Server 2012 R2
SP1 or Above
16 Gigs of RAM
2 CPU Cores
100 Gigs Data and Log Drive
With Mixed or SQL Authentication enabled
Member of the Active Directory domain
If you need help building a SCVMM 2012 R2 Server, check out my blog post on Installing SCVMM 2012 R2 on Nutanix (coming soon). If you need help building a SQL 2012 Server, check out my blog post on Install SQL 2012 on Nutanix (coming soon)
If you need help deploying Hyper-V to a Nutanix cluster and joining the cluster to an Active Directory Domain, see my buddy Chris Brown’s Blog Video on Installing Hyper-V on Nutanix. This also covers adding it to SCVMM 2012 R2. He also has a great Hyper-VSCVMM Networking Overview. Another great Nutanix\Microsoft resource.
Installing Hyper-V on Nutanix
Hyper-V Networking Overview
SCVMM Server / Fabric Prep
Account requirements
The Active Directory security account groups below are recommended as best practices when deploying WAP with SCVMM. Active Directory Security were created and mapped in SCVMM as Delegated Administrations. See screenshots below.
Self-Service Users (tenants) storage of VMs in the SCVMM Library
You will also need to create a library share, or create a folder in a library share that will serve as the storage location for tenants. Also, understanding that self-service users must have the Store and Re-Deploy permission to store their virtual machines in important. In my test lab, I created a Nutanix container (SMB Share) with compression attributes and presented it to SCVMM.
IMPORTANT RULES FOR LIBRARY SHARES
The library share location that you designate for stored virtual machines must be different from the shares that you designate as read-only resource locations for the private cloud.
The path or part of the path must be unique when compared to the user role data path that is specified for a self-service user role
You could also create entirely separate library shares with containers on Nutanix,like I did above
Understand that you will configure the stored virtual machine path and read-only library shares when you run the Create Cloud Wizard as shown video below.
The self-service user role data path is specified when you create a self-service user role or modify the properties of a self-service user role.
Make sure that one or more library shares exists that you can assign as the read-only library shares for self-service users to use.
The library shares that you designate as read-only resource locations for the private cloud must be unique when compared to the library share or shares that are used for stored virtual machines and for the user role data path that is specified for a self service user role.
Creating Tenant Storage and Private Cloud in SCVMM 2012 R2 on Nutanix
In high level, best practices is to have each tenant how their own separate storage containers as shown in below diagram. This will allow you to advertise available capacity, security boundaries, and apply attributes, like deduplication or compression on a per container basis and then tie it up to storage classifications in SCVMM.
Next is to create storage for you tenants. In Prism, create a new container with the name of your tenant, set an advertised capacity and add any storage attributes, like deduplication or compression depending on the type of workloads being hosted. See the below a video I produced with my buddy @Mike TME at Nutanix of the process:
Ok, Let’s start with some terminology used when talking about WAP(Windows Azure Pack). Here are two key terms you need to know:
Administrator – Someone who deploys, configures and manages WAP and makes cloud services available to tenants.
Tenant – Someone who subscribes to and uses cloud services made available through WAP.
When WAP is deployed by a hoster (service provider) the administrator refers to IT staff at the hoster while the tenants are the customers to which the hoster is selling cloud services. And when WAP is deployed in an enterprise datacenter, the administrator will be your own IT department; the tenants in this case will be the other departments, divisions, or business units within your organization that want to take advantage of the cloud services your IT department is offering.
Admin Portal
User Signin Portal
User Main Portal
Required components
WAP currently includes eight components. Two of these components are portals:
Management Portal for Administrators – A web-based portal that lets administrators configure and manage user accounts, resource clouds, tenant offers, and so on.
Management Portal for Tenants – A web-based self-service portal that lets tenants provision, monitor and manage the following cloud services: Web Sites, Virtual Machines, and Service Bus.
The self-service capabilities of the Management Portal for Tenants enables tenants to deploy and manage the cloud services they need when they need them without having to go through the slow procurement processes of the traditional approach to enterprise IT.
Authentication is another key feature of WAP to ensure that only properly authenticated administrators have access to the Management Portal for Administrators and only properly authenticated users have access to the Management Portal for Tenants. By default, the Management Portal for Administrators uses Windows authentication (Kerberos or NTLM) but you can optionally use Active Directory Federation Services (ADFS) for authentication purposes. The Management Portal for Tenants on the other hand uses the ASP.NET Membership Provider for authentication purposes. WAP includes two authentication sites, an Admin Authentication Site and a Tenant Authentication Site, for these purposes.
WAP also includes components that provide the following application programming interfaces (APIs):
Windows Azure Pack Admin API – Enables administration tasks to be performed using the Management Portal for Administrators and Windows PowerShell.
Windows Azure Pack Tenant API – Enables tenant-specific tasks to be performed using the Management Portal for Tenants and Windows PowerShell.
Windows Azure Pack Tenant Public API – Provides additional tenant-specific functionality primarily for hosting provider environments.
All of the above components are required in any WAP deployment.
Optional components
The following components of WAP may be deployed in order to offer additional forms of cloud services and other resources to tenants:
Web Sites – Provides you with a managed web environment you can use to create new websites or migrate your existing business website into the cloud.
Virtual Machines – Provides you with a general-purpose computing environment that lets you create, deploy, and manage virtual machines running in the Windows Azure cloud.
Service Bus – Allows you to keep your apps connected across your private cloud environment and the Windows Azure public cloud.
Automation and Extensibility – Allows you to automate and integrate custom services into your services framework using runbooks.
SQL and MySQL – Allows you to provision Microsoft SQL and MySQL databases for tenants to use.
Windows Azure Pack – Deployment Scenario’s
There are two basic deployment scenarios for WAP:
Express architecture – Recommended for proof of concept testing only.
Distributed architecture – Recommended for production environments.
In addition, the distributed architecture can be implemented in various ways depending on the scale and degree of availability needed. Let’s briefly examine each of these scenarios.
Express architecture
In an express deployment of Windows Azure Pack, you install all of the required components on a single server and any optional components needed on one or more additional servers. This is the deployment I will be doing in the next part of the series. Specifically, the following required components must all be installed on your first server:
Windows Azure Pack Admin API
Windows Azure Pack Tenant API
Windows Azure Pack Tenant Public API
Admin Authentication Site
Tenant Authentication Site
Management Portal for Administrators
Management Portal for Tenants
In addition, your first server must host the SQL Management Database used by the required components. This means you must install a required version of Microsoft SQL Server on the first server.
Distributed architecture
In a distributed deployment of WAP, you spread out the required components across multiple servers. There are many ways you can do this, but the following recommendations should generally be adhered to in order to ensure optional performance and supportability for your deployment:
Install a management portal and its corresponding authentication site on the same server. For example, install the Management Portal for Administrators and the Admin Authentication Site on the same server.
If you will be providing cloud services to tenants over the public Internet, install the following components on the same public-facing server:
Management Portal for Tenants
Tenant Authentication Site
Windows Azure Pack Tenant Public API
If Active Directory Domain Services (ADDS) is to be used for authentication purposes, install it on a separate identity server.
If Active Directory Federation Services (ADFS) is to be used for authentication purposes, install it on a separate identity server along with an ADFS
For greater scalability and high availability in large deployments, install the SQL Management Database on a separate failover cluster. In addition, use failover clustering for your public-facing servers and for the servers hosting your other required components.
For even higher scalability, install each required component on a separate failover cluster and the SQL Management Database on another failover cluster. In other words, use eight failover clusters to deploy the seven required components plus the SQL Management Database. Check out Nutanix Best Practices guide for deploying SQL
In the next blog post in this series, we will begin our walk-through of installing and configuring WAP. I will focus primarily on the express deployment scenario in this series along with two types of cloud services: Virtual Machines and SQL Databases…………..Let’s build a cloud……
This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish.AcceptReject
Privacy & Cookies Policy
Privacy Overview
This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
Manage Cookie Consent
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional
Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes.The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
So, you ask, why Product Management? It’s been a lifelong dream to be part of shaping the direction of a technology solution. By joining 5nine, I hope to simplify IT, Cloud and beyond, because there’s always a better way 🙂
As with every installation, SPF requires additional software, features and server roles. Setup wizard checks prerequisites and reports about their status. Unfortunately, there is no “button” to install all of requirements automatically. I’ve wrote a script to automate this process (see below). Please note: Don’t try to install SPF on the SCVMM Server. It’s not supported.
Admin Portal
User Signin Portal
User Main Portal
You must be logged in to post a comment.