We have some users on-boarded on the AzureStack multi-node system and they do testing and when they forget to remove stuff and we need to make some changes we might need to remove their resources and as Stanislav mentioned there is a way to actually take over a subscription. There is though a small thing that needs to be added to the PowerShell cmds that can change a Azure Stack user subscription owner when you have a multitennant setup of your Stack, your users will have their own tenant ID´s on the subscriptions.
So to be able to access and remove resources from an user that left his subscription and resources burning you will have to do a update on both Owner and TenantId
So set up your enviroment with the AzureStack tools and PowerShell environment, connect as a cloud operator to the default subscription and then run the following::
# Get all User subs
# save the user subscription you want to take over into variable
Here is my second post on experience with our lovely AzureStack multinode that we now have running.
First of all, there is now a good doc on the AzureStack site for Datacenter Integration and it is really important to read and understand the text. It is also vital to also have the networking guys on the wagon!
For a success in the deployment you will need to have a NAT functionality within your router/fw or have a transparent proxy. The doc says it is needed for the Infra Network that is called public, it is not public reachable but do need internet access. Some routers have advanced functionality with Policy based routing that can send infra traffic to a fw and public VIP traffic directly to and from internet!
Also during deployment the BMC network will need access to internet because the deployment VM running on the HLH will need to do a AAD login and registration if the stack is not being deployed as a disconnected version.
Before you can get a deployment up and running you will need to make sure that the certificates that you ordered are rock solid! Follow the documentation and do not take any short cuts in wild card certs etc…
There is a sample cert INF template file that you can use:
I know that I have been more than usual quiet in my blogging the latest months, that is because we have had much at work and I have been over my head in new tech stuff and among that I also been the lead in the implementation of our AzureStack multinode.
I will do a couple of blog posts about my experience and caveats that I have stumbled on so keep checking back!
First of all Me self and Geir-Morten from our company will do a session on friday at the NIC conference in Oslo
The Three Amigos fighting compliance with Azure Stack
Hybrid cloud with Azure Stack can deliver great benefits to your organization, helping you innovate and get faster to market. But at the same time also protect your sensitive information and stay compliant with regulations like GDPR. This session will focus on the different roles associated with the Azure Stack, from operating the Stack to the developer and IT pro bringing their solution into a true hybrid environment. The sessions will be packed with demos on a Azure Stack multi-node system showing the different roles in action in environment spanning not only Azure and Azure Stack, but also private clouds.
After installing/deploying the AzureStack DevKit i added the SQL RP and also wanted to add the App Service Resource Provider for a dev experience!
I have an relative ordinary HPE 380 G9 box with 128 GB of ram and 2 CPU´s so it should be fine, but there was some issues that I wanted to document to help others, this will probably be fixed in an later release of the App Service install pack though.
I downloaded the bits and ran the deploy App Service
After filling this out the deployment started but after a few hours it failed during the deploy step, I tried the Retry a couple of times but without luck, also closing the wizard makes you lose the stage of deploy and need to rerun the whole deploy! When doing a redeploy you have to delete the resource group APPSERVICE-LOCAL (or what you called it) and also go into your SQL server that you entered into the wizard and remove the appservice db´s!!
How did I mange to get it working though? I got some help from Andrew at Microsoft that works with the Stack team and he gave me some guidance how to get it into a good state! Apparently the App Service adds all uppdates during deploy and to be more successful the recommendation was to update with patches that was released up until last tuesday with the win2016 image and thus update to latest CU, mine came from the marketplace syndication with Azure and that one had not the patches when I did this test, I threw that away and ran the create image script adding the parameter for -includeLatestCU.
Rerunning the wizard and when it allthough had a image with latest and greatest patches got stuck on “App Service Deploy Failed” I went into the CN0-VM and opened the mmc for the state of the different servers in the App Service
I also hit the repair link and when all of them said “Ready” I added a new 0.status file I got from Andrew into the custom script folder on the CN0-VM, easiest way to do that was with the lovely PowerShell Direct that is part of the Win 2016!
and then went back into the wizard hitting Retry and this time it continued to the finish and my deployment was successful!
Yesterday during the start of Microsoft Partner Conference Inspire the AzureStack was released as GA and also was made available for the devkit version to be downloaded!
Of course I had to test it and now thanks to the new installation powershell script with a gui it is even more easy than ever to start the deployment… First of all I downloaded the kit, It helps to have a 10 Gbit internet connection at the datacenter 😉 and then download the Powershell script.
Once the bits had been extracted I could use the wizard to prepare the unattended-file and the boot-from-vhd for the cloudbuilder.vhdx and reboot the server to continue the deployment!
After reboot I could start the same wizard to start deployment of the Stack
There was issues with the deploy script yesterday me and Ruud reported which was quickly fixed by Marc van Eijk, the problems was that if added a vlan or a dns the deploy failed.
I also found an issue that if as in my case the firewall in front of my stack did not allow for external NTP sources I ended up in a failed deploy because it requires a NTP sync before continuing, so I had to configure an internal NTP source and then the deploy succeeded!
The deployment took about 4 hours and once that was completed I could fire up an browser and connect to the portal!
With Azure Stack TP3, we’ve worked with customers to improve the product through numerous bug fixes, updates, and deployment reliability & compatibility improvements from TP2. With Azure Stack TP3 customers can:
Deploy with ADFS for disconnected scenarios
Start using Azure Virtual Machine Scale Sets for scale out workloads
Syndicate content from the Azure Marketplace to make available in Azure Stack
Use Azure D-Series VM sizes
Deploy and create templates with Temp Disks that are consistent with Azure
Take comfort in the enhanced security of an isolated administrator portal
Take advantage of improvements to IaaS and PaaS functionality
Use enhanced infrastructure management functionality, such as improved alerting
Shortly after TP3, Azure Functions will be available to run on TP3, followed by Blockchain, Cloud Foundry, and Mesos templates. Continuous innovation will be delivered to Azure Stack up to general availability and beyond. TP3 is the final planned major Technical Preview before Azure Stack integrated systems will be available for order in mid-CY17.
During Ignite 2016 in Atlanta, Microsoft announced the technical preview 2 of AzureStack and finally now this friday I got my hardware available (the dang server was not responding on the ILO port and I had to go to the datacenter to give it a kung-fu-devops-kick) so I could deploy the new bits.
First things first! Read the documentation about how to proceed and you will more likely succeed in your deployment!
The download for AzureStack is 20 GB so if you have a slow internet connection it will take some time!
Before getting started i suggest you to run the pre-check script that can tell you if there is some immediate issues,
And then you can unpack and follow the instructions to prepare to vhd-boot into the cloudbuilder disk with the next script:
Once rebooted you want to make sure that you only have one nic enabled and then kick of the deployment which will take about 2-3 hours if you have a decent hardware like me 😛
As you can see the install process uses both desired state and powershell direct (which is a lovely feature in Hyper-V 2016)
And if you are patient and then log in as a azurestack\AzureStackAdmin on the physical machine you will see the status of the deployment. Do not log in as a local user on the server and try to start the deployment again!
Hopefully you will end up with the same result as me:
And then you can log in to the VM MAS-CON01 to connect to the portal,
Maybe I was lucky but I believe that the Stack-Team has done some serious work since TP1 and the deployment process have been thoroughly developed, tested and works really good now.