Managing Azure

This topic explains how to get started with Microsoft® Azure in vCommander, and also explains how managing Azure services differs from managing your on-premise VMware and Hyper-V services. This topic assumes that you understand the basics of Azure.

In this topic:

Getting started

To manage Azure services with vCommander, here's how to get started:

  1. Create a Microsoft Azure account. vCommander uses your account to connect to Azure.
  2. Create an Azure subscription. You do this in the Azure Management Portal. All of the private images and instances belonging to that subscription become a single managed system in vCommander. It's a good idea to have a small number of Azure subscriptions, so that you can keep the number of managed systems to a minimum.
  3. Create an identity for the vCommander application. You do this in the Azure Management Portal. This involves creating an Azure Active Directory application and service principal that can access Azure resources. To learn how, see the following article from the Microsoft documentation:
  4. https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-group-create-service-principal-portal

    For Application Type, select Web app / API.

    Azure Portal Create Application

  5. Record the subscription ID. You find this information in the Azure Management Portal. For example:
  6. Azure Portal Subscription ID

  7. Record the application ID and authentication key. You find this information in the Azure Management Portal. To learn how, see the following article from the Microsoft documentation:
  8. https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-group-create-service-principal-portal#get-application-id-and-authentication-key

    Azure Portal Settings

  9. Record the tenant ID. You find this information in the Azure Management Portal. To learn how, see the following article from the Microsoft documentation:
  10. https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-group-create-service-principal-portal#get-tenant-id

  11. Assign the vCommander application to a role. To learn how, see the following article from the Microsoft documentation:
  12. https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-group-create-service-principal-portal#assign-application-to-role

  13. Optional: If Internet access is established through a web proxy server, integrate your web proxy server with vCommander. See Connecting Public Clouds to vCommander through a Web Proxy Server.
  14. Add your Azure subscription to vCommander as a managed system, using the Subscription ID, tenant ID, application ID and authentication key. See Adding Managed Systems.
  15. (Optional) Add private images to your subscription. You do this in the Azure Management Portal. vCommander also displays a configurable set of common public Azure images.
  16. Add images to the Service Catalog. See Managing the Service Catalog.

To learn what vCommander features are supported for Azure, see vCommander Capability Matrix.

How vCommander works with Azure

Infrastructure view

To learn about how the Operational, Deployed and Storage views differ for Azure managed systems, see vCommander Views. Because Azure doesn't provide visibility of its physical compute infrastructure, hosts and clusters are not shown in vCommander.

Supported Azure resources

vCommander allows you to manage the Azure resources detailed in the following table.

Infrastructure / Resource Type Details

Virtual Machines

Azure virtual machines can be managed from vCommander's Operational and Deployed views and can be deployed through the service catalog. Azure VMs are deployed using preconfigured instance types rather than fine-grained configuration of CPU, memory, storage and networking resources.

You add Azure images from your Azure subscription to the vCommander Service Catalog. vCommander also provides a configurable set of popular public images.

When you add an image to the service catalog, you choose the instance types to make available to users when they request that image.

vCommander supports reconfiguring Azure VM resources both manually and through a service change request.

Instance types added between vCommander releases are fully supported in the next vCommander release. If a new instance type is added between vCommander releases, the instance type will not be available in vCommander until a new instance with this instance type is deployed in the public cloud and vCommander is synchronized with the public cloud. The new instance type will then be available for use in vCommander deployments, but resource and cost information will not be available, and quota won't be calculated.

Images

Azure images are equivalent to templates and are displayed as templates in vCommander. Azure provides a set of public images. Any images you create are private images. vCommander enables you to deploy private images as well as a set of popular public images.

Disks

vCommander retrieves information for disks that are attached to Azure VMs. See also Storage Accounts below.

Network Interfaces

vCommander supports the assignment of network interfaces to VMs during manual and automated deployment.

Availability Sets

An availability set ensures both fault tolerance and service availability during upgrade. You can assign the availability set through the service catalog, as well as during manual deployment.

Images

Azure images are equivalent to templates and are displayed as templates in vCommander. Azure provides a set of public images. Any images you create are private images. vCommander lets you deploy private images as well as a set of popular public images.

Regions

Azure operates datacenters in global regions. See Selecting Public Cloud Regions to Display in vCommander to learn which Azure regions vCommander displays by default, and how to change this.

Resource Groups

Each Azure VM must be deployed into a resource group, which provides lifecycle management capabilities. Resource groups are created in a specific region, but the contents of a resource group can span regions. You can assign the resource group through the service catalog, as well as during manual and automated deployment.

Networks

An Azure Virtual Network enables you to create a logically isolated section in Azure and securely connect it to your on-premises datacenter or a single client machine using an IPsec connection. vCommander supports the assignment of network zones to virtual networks. You can also assign virtual networks during manual and automated deployment.

Network Security Groups

Security groups are like firewall rules: they define inbound and outbound rules with source and target IP restrictions and port definitions. You can assign a security group during manual and automated deployment.

Storage Accounts

vCommander supports both managed and unmanaged storage accounts.

With managed storage, Azure automatically manages the availability of disks to provide data redundancy and fault tolerance, so that you don't need to create and manage storage accounts. Managed Disks may not be available in all regions. It's similar to AWS storage, where you can select between SSD and HDD disks. The managed storage account can't be assigned a vCommander storage tier.

With unmanaged storage, you must create and manage storage accounts yourself. It's analogous to vCenter datastores. Because Azure provides more than six types of unmanaged storage account, you need to decide how best to map storage accounts to vCommander's six storage tiers. By default, all unmanaged storage accounts are assigned storage tier 1. See also Setting the Storage Tier for a Datastore or Datastore Cluster.

An Azure VM may use storage that spans multiple resource groups, but not multiple regions.

Azure storage accounts are displayed as datastores in vCommander. You can assign the storage account through the service catalog, as well as during manual and automated deployment. See also vCommander Views.

Because Azure storage is elastic, vCommander properties and variables related to capacity (for example, provisioning level) don't apply to Azure. Likewise, reports based on these properties don't include data for Azure (for example, the Over-provisioned Disk Summary Report).

During regular synchronization with Azure, vCommander collects the storage used by disks, but not the total used storage.

Updates from Azure

Changes made to an Azure managed system within vCommander are displayed as soon as the task has finished, just as they are with vCenter and SCVMM managed systems. Unlike vCenter and SCVMM, however, vCommander retrieves changes made within Azure and generates events based on these changes at a configurable update frequency. By default, vCommander waits 60 minutes between updates. You can change this interval, but we recommend keeping at least 60 minutes between updates.

Caution: More frequent updates (meaning lower values for this setting) may impact vCommander performance, especially in large installations.

You can manually resynchronize the inventory, just as you can with vCenter and SCVMM.

Public Azure images

The Public Images folder in the Deployed view provides a set of popular images from the Azure Marketplace. The default images provided can be deployed in any Azure region. You can add, remove and modify images in this folder by editing the following configuration file:

<vCommander_install_dir>\tomcat\common\classes\arm-images.xml

Save a backup copy of this file before editing.

Elements in the ARM Public Images XML Configuration File

Element

Description

Example

image name

The display name of the image in vCommander. You can set this name to whatever you like.

Ubuntu Server 16.04.0-LTS

region

The Azure region where you want vCommander to look for the image, in command-line format

centralus

If the image is not available in the region specified, deployment will fail. All of the default public images referenced in the file are available in all Azure regions.

publisher

The publisher of the image

Canonical

offer

The image offer

UbuntuServer

sku

The image SKU

16.04.0-LTS

osDiskSizeGb

The default size of the OS disk, in GiB

40

You can add these public images to the service catalog, and you can deploy them manually. Note that the cost of these templates is always displayed as $0. To learn more, see:

Authentication

Guest OS credentials must be supplied in order to deploy an Azure prepared image. These credentials can be either username/password or, for Linux prepared images, RSA key credentials.

User names must be between one and 64 characters long, and must not include reserved words or unsupported characters.

Passwords must be between 12 and 72 characters long and must include three of the following: one lowercase character, one uppercase character, one number and one special character.

Due to an Azure limitation, all images are displayed as generalized images.

Automated deployment

Microsoft Azure VMs (instances) must be deployed in the same Azure region as their source template (image). Therefore, if you're deploying to multiple Azure regions, you need to configure a service catalog entry and a deployment destination for each region.

See Microsoft Azure: Configuring Destinations for Automated Deployment.

Azure has strict rules for VM names. If you're deploying Azure services, to prevent automated deployment failure, you must ensure that your naming convention adheres to these rules. VM names must be between 3 and 15 characters, must contain only letters, numbers and hyphens, must start and end with a letter or a number, and must not contain spaces. The default VM naming convention in new installations of vCommander adheres to these rules.

See Customizing Naming Conventions.

Power scheduling

To save public cloud costs, vCommander supports the ability to schedule a power on/off cycle for VMs. See Configuring VM Power Schedules for more details.

Costing

vCommander includes an Azure cost model that is automatically applied when an Azure subscription is added as a managed system. Azure doesn't provide a breakdown of CPU, memory, and operating system costs. Instead, Azure instance costs are taken from Azure's On-Demand Instance Prices for the particular instance type requested. For more details, see Configuring Cost Models.

Azure resource and storage costs are updated with every vCommander release. However, if you have customized storage tier costs, your custom costs are not overwritten on upgrade.

To make sure your Azure list prices are current, you can use the command workflow Update Public Cloud List Prices. For more information, see Updating Public Cloud List Prices.