-
Notifications
You must be signed in to change notification settings - Fork 140
/
azure-arm-template.html.md.erb
251 lines (175 loc) · 11.1 KB
/
azure-arm-template.html.md.erb
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
---
title: Deploying BOSH and Ops Manager to Azure with ARM
owner: Ops Manager
---
This topic describes how to deploy BOSH Director for <%= vars.platform_name %> on Azure using an Azure Resource Manager (ARM) template.
## <a id='overview'></a> Overview
An ARM template is a JSON file that describes one or more resources to deploy to a resource group.
You can also deploy BOSH Director manually by following the procedure in [Deploying <%= vars.ops_manager %> on Azure Manually](/platform/ops-manager/<%= vars.current_major_version.sub('.', '-') %>/azure/deploy-manual.html). You must manually deploy if you are deploying to any of the following:
* Azure China
* Azure Germany
* Azure Government Cloud
* Azure Stack (Beta)
<p class="note"><strong>Note:</strong> Azure Stack is in beta for this release. <%= vars.company_name %> does not recommend using Azure Stack for a production deployment.</p>
Before you perform the procedures in this topic, you must complete the procedures in [Preparing to Deploy <%= vars.ops_manager %> on Azure Manually](/platform/ops-manager/<%= vars.current_major_version.sub('.', '-') %>/azure/prepare-env-manual.html). After you complete the procedures in this topic, follow the instructions in [Configuring BOSH Director on Azure Manually](/platform/ops-manager/<%= vars.current_major_version.sub('.', '-') %>/azure/config-manual.html).
## <a id='arm-template'></a> Where to Find the <%= vars.platform_name %> Azure ARM Templates
The <%= vars.platform_name %> Azure ARM Templates are available for download from the following GitHub repository:
[https://github.com/pivotal-cf/pcf-azure-arm-templates](https://github.com/pivotal-cf/pcf-azure-arm-templates)
For <%= vars.platform_name_pivotal %> v1.11 and later, use the templates tagged with the [1.11+ release](https://github.com/pivotal-cf/pcf-azure-arm-templates/releases/tag/1.11%2B).
For <%= vars.platform_name_pivotal %> v1.11 and earlier, use the templates tagged with the [1.10- release](https://github.com/pivotal-cf/pcf-azure-arm-templates/releases/tag/1.10-).
## <a id='storage'></a> Step 1: Create BOSH Storage Account
Azure for <%= vars.platform_name %> uses multiple general-purpose Azure storage accounts. The BOSH and <%= vars.ops_manager %> VMs use one main BOSH storage account, and the other components share five or more deployment storage accounts.
To create a BOSH storage account:
1. Choose a name for your resource group and export it as an environment variable `$RESOURCE_GROUP`. Run:
```
export RESOURCE_GROUP="RESOURCE-GROUP-NAME"
```
Where `RESOURCE-GROUP-NAME` is the name you want to give your resource group.
<p class="note"><strong>Note:</strong> If you are on a Windows machine, you can use <code>set</code> instead of <code>export</code>.</p>
1. Export your location by running:
```
export LOCATION="LOCATION"
```
Where `LOCATION` is the code for your location. For example, `westus`.
<p class="note"><strong>Note:</strong> For a list of available locations, run <code>az account list-locations</code>.</p>
1. Create your resource group by running:
```
az group create --name $RESOURCE_GROUP --location $LOCATION
```
1. Choose a name for your BOSH storage account, and export it as the environment variable `$STORAGE_NAME`. Storage account names must be globally unique across Azure, between 3 and 24 characters in length, and contain only lowercase letters and numbers. Run:
```
export STORAGE_NAME="BOSH-STORAGE-ACCOUNT-NAME"
```
Where `BOSH-STORAGE-ACCOUNT-NAME` is the name you want to give your BOSH storage account.
1. Create the storage account by running:
```
az storage account create --name $STORAGE_NAME \
--resource-group $RESOURCE_GROUP --sku Standard_LRS \
--kind Storage --location $LOCATION
```
<p class="note"><strong>Note:</strong> <code>Standard_LRS</code> refers to a Standard Azure storage account. The BOSH Director requires table storage to store stemcell information. Azure Premium storage does not support table storage and cannot be used for the BOSH storage account.</p>
1. Retrieve the connection string for your BOSH storage account by running:
```
az storage account show-connection-string \
--name $STORAGE_NAME --resource-group $RESOURCE_GROUP
```
The command returns output similar to the example below:
<pre class="terminal">
{
"connectionString": "DefaultEndpointsProtocol=https;EndpointSuffix=core.windows.net;AccountName=cfdocsdeploystorage1;AccountKey=EXAMPLEaaabbbcccMf8wEwdeJMvvonrbmNk27bfkSL8ZFzAhs3Kb78si5CTPHhjHHiK4qPcYzn/8OmFg=="
}
</pre>
1. Record the full value of `connectionString` from the output above, starting with and including `DefaultEndpointsProtocol=`.
1. Export the connection string by running:
```
export CONNECTION_STRING="CONNECTION-STRING"
```
Where `CONNECTION-STRING` is the value of `connectionString`.
1. Create a container for the <%= vars.ops_manager %> image by running:
```
az storage container create --name opsman-image \
--connection-string $CONNECTION_STRING
```
1. Create a container for the <%= vars.ops_manager %> VM by running:
```
az storage container create --name vhds \
--connection-string $CONNECTION_STRING
```
1. Create a container for <%= vars.ops_manager %> by running:
```
az storage container create --name opsmanager \
--connection-string $CONNECTION_STRING
```
1. Create a container for BOSH by running:
```
az storage container create --name bosh \
--connection-string $CONNECTION_STRING
```
1. Create a container for the stemcell by running:
```
az storage container create --name stemcell \
--connection-string $CONNECTION_STRING
```
1. Create a table for stemcell data by running:
```
az storage table create --name stemcells \
--connection-string $CONNECTION_STRING
```
## <a id='copy'></a> Step 2: Copy <%= vars.ops_manager %> Image
To copy your <%= vars.ops_manager %> image:
1. Navigate to the [<%= vars.ops_manager %>](https://network.pivotal.io/products/ops-manager) page on VMware Tanzu Network and download the latest release of **<%= vars.ops_manager %> for Azure**. You can download either a PDF or a YAML file.
1. View the downloaded file and locate the <%= vars.ops_manager %> image URL appropriate for your region.
1. Export the <%= vars.ops_manager %> image URL as an environment variable by running:
```
export OPS_MAN_IMAGE_URL="OPS-MANAGER-IMAGE-URL"
```
Where `OPS-MANAGER-IMAGE-URL` is the URL of your <%= vars.ops_manager %> image.
1. Copy the <%= vars.ops_manager %> image into your storage account by running:
```
az storage blob copy start --source-uri $OPS_MAN_IMAGE_URL \
--connection-string $CONNECTION_STRING \
--destination-container opsman-image \
--destination-blob image.vhd
```
1. Copying the image may take several minutes. Run:
```
az storage blob show --name image.vhd \
--container-name opsman-image \
--account-name $STORAGE_NAME
```
Examine the output under `"copy"`, as in the example below:
<pre class="terminal">
"copy": {
"completionTime": "2017-06-26T22:24:11+00:00",
"id": "b9c8b272-a562-4574-baa6-f1a04afcefdf",
"progress": "53687091712/53687091712",
"source":"https://opsmanagerwestus.blob.core.windows.net/images/ops-manager-1.11.3.vhd",
"status": "success",
"statusDescription": null
},
</pre>
When `status` reads `success`, continue to the next step.
## <a id='configure'></a> Step 3: Configure the ARM Template
1. Create a key pair on your local machine. For example, enter:
```
ssh-keygen -t rsa -f opsman -C ubuntu
```
<br>
When prompted for a passphrase, follow the prompts to provide an empty passphrase.
1. Download the latest release of the <%= vars.platform_name %> Azure ARM Templates. For <%= vars.platform_name_pivotal %> v1.11 and later, download [1.11](https://github.com/pivotal-cf/pcf-azure-arm-templates/releases/tag/1.11%2B) from the <%= vars.platform_code_pivotal %> Azure Resource Manager (ARM) Templates repository on GitHub.
1. Open the parameters file and enter values for the following parameters:
* **OpsManVHDStorageAccount:** The name of the storage account you created in [Step 1: Create Storage Account](#storage).
* **BlobStorageContainer:** The name of the container to which you copied the <%= vars.ops_manager %> VHD.
* **BlobStorageEndpoint:** The base URL of the storage endpoint. Leave the default endpoint unless you are using Azure China, Azure Government Cloud, or Azure Germany:
* For Azure China, use `blob.core.chinacloudapi.cn`. For more information, see [Azure China developer guide](https://docs.microsoft.com/en-us/azure/china/china-get-started-developer-guide) in the Microsoft Azure documentation.
* For Azure Government Cloud, use `blob.core.usgovcloudapi.net`. For more information, see [Azure Government storage](https://docs.microsoft.com/en-us/azure/azure-government/documentation-government-services-storage) in the Microsoft Azure documentation.
* For Azure Germany, use `blob.core.cloudapi.de`. For more information, see [Azure Germany developer guide](https://docs.microsoft.com/en-us/azure/germany/germany-developer-guide) in the Microsoft Azure documentation.
* **AdminSSHKey:** The contents of the `opsman.pub` public key file that you created above.
* **Location:** The location to install the <%= vars.ops_manager %> VM. For example, `westus`.
* **Environment:** Tag template-created resources for assisting with resource management.
## <a id='deploy'></a> Step 4: Deploy the ARM Template
To deploy the ARM template:
1. Run:
```
az group deployment create --template-file azure-deploy.json \
--parameters azure-deploy-parameters.json \
--resource-group $RESOURCE_GROUP --name cfdeploy
```
1. Create a network security group named `<%= vars.product_name_lc %>-nsg` by running:
```
az network nsg create --name <%= vars.product_name_lc %>-nsg \
--resource-group $RESOURCE_GROUP \
--location $LOCATION
```
1. Add a network security group rule to the `<%= vars.product_name_lc %>-nsg` group to allow traffic from the public Internet. Run:
```
az network nsg rule create --name internet-to-lb \
--nsg-name <%= vars.product_name_lc %>-nsg --resource-group $RESOURCE_GROUP \
--protocol Tcp --priority 100 \
--destination-port-range '*'
```
## <a id='post-deploy'></a> Step 5: Complete BOSH Director Configuration
To finish configuring the BOSH Director:
1. Navigate to your DNS provider and create an entry that points a fully-qualified domain name (FQDN) in your domain to the IP address of the <%= vars.ops_manager %> VM.
<p class="note"><strong>Note:</strong> If the ARM template deployment does not return an IP address in the output of <code>opsMan-FQDN</code>, then visit the Azure Portal to retrieve the public IP address of the new <%= vars.ops_manager %> virtual machine.</p>
1. Continue to [Configuring BOSH Director on Azure Manually](/platform/ops-manager/<%= vars.current_major_version.sub('.', '-') %>/azure/config-manual.html).