Before you create the public cloud region, you can configure the provider in Abiquo. The screenshots below are to give you an indication of the Azure features but you will not be able to access these features until you create a public cloud region and add credentials.
Azure has a very large number of templates and template publishers, which means it may take a considerable amount of time to perform template operations, such as listing templates or taking snapshots.
To improve performance, Abiquo uses a set of predefined publishers as shown in the following screenshot.
To configure the predefined publishers, set the following jclouds property in the abiquo.properties file on the Remote Services server:
|jclouds.azurecompute.arm.publishers||Publishers to use for filtering Azure ARM templates as a comma-separated list. Display only templates from these publishers to improve performance|
|jclouds property in Remote Services|
After you create a region, and add credentials for an enterprise, users can access the Apps library to import templates.
As for other public cloud providers, you can optionally configure the VSM polling frequency.
To obtain details of your Azure subscription, do the following steps.
Click on your subscription
If the subscription does not display, check that you have selected the correct directory. Click on the directory name in the top right corner. From here you can switch directory
Save the Subscription ID to enter in the Abiquo credentials.
If you purchased the subscription directly from Azure, you can also save the Offer ID for the pricing credentials.
To create an ARM application using the Azure Portal and obtain details of the application, do these steps.
To register the application, enter a Name, select the Supported account types, and enter a URL. The value of the URL will not be used, so it could be any URL. Click Register
Save the Application (client) ID and the Directory (tenant) ID, because you will need to configure them in Abiquo. Then click Certificates & secrets
To configure the password for the application, click New client secret, which will open the Add a client secret section. Enter a Description and an Expiry duration, then click Add
The Azure portal will display the password ONCE ONLY. You must use this password in Abiquo, so make sure to save it, because Azure will not display it again.
Go to the Subscriptions menu, select the subscription you want to associate the application with, and add a new permission for it with these steps.
Select Access control (IAM)
In the dialog, select the Contributor role, and in the Select box, enter the name of the application. Then click Save
Go to the Subscriptions menu and select Resource providers
Search for the Microsoft.Compute provider and click Register to add it for the subscription if it is not already added
Search for the Microsoft.Network provider and click Register to add it for the subscription if it is not already added
Before you add credentials, an administrator must create at least one compatible public cloud region in Azure ARM, and allow your enterprise to access this region. Some regions may require separate credentials, for example regions in China, and you will need to obtain credentials and create these regions separately. See Create a public cloud region.
To do this, edit the Enterprise and enter the credentials for the Azure ARM provider in the following format:To connect Abiquo to your Azure ARM account, add the Azure ARM credentials obtained in the above step to Abiquo.
This means you should enter the Subscription ID, Application ID and Tenant ID, as a single string and separate each element with a '#'. For example:
Before you add credentials, your administrator must create at least one compatible public cloud region in Azure ARM, and allow your enterprise to access this region. Some regions may require separate credentials, for example regions in China, and you will need to obtain credentials and create these regions separately. See Create a public cloud region
For Azure, the format of the pricing credentials identity for standard Azure accounts is as follows.
The text string "normal#" indicates a standard account. We recommend that you specify the "normal#" text string, even though it is the default option.
The Offer-Durable-ID is the Offer ID from the Azure portal. See Display Azure billing data for billing dashboard instructions.
For CSP accounts, the main tenant should add the pricing credentials in the following format:
The customer tenants do not need to add pricing credentials. The platform will use the CSP credentials for the customer tenants in the hierarchy.
Abiquo creates virtual datacenters and virtual networks in Azure ARM.
In Azure ARM, users will be able to allocate and assign public IPs as in AWS.
When the user creates a VDC, they can specify the address range of the virtual network. The user can also onboard and delete address ranges
To power off a VM in ARM, select the Power off option. To deallocate a VM in ARM, select the Deallocate option.
A deallocated VM has a state of "OFF" and the "deallocated" attribute set to true. The UI displays the text "(Deallocated)" on the VM label.
The following conditions apply to VM firewall policies in Azure:
To create the Azure VPN configuration, set the following properties in each enterprise that will use Azure VPNs.
Type of routing to use by the Virtual Network Gateway. See https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-about-vpngateways. To create a VPN from Azure to Azure, set to PolicyBased
The Virtual Network Gateway requires a 'gateway subnet'. If this does not exist, the plugin will try to create it in some available range of the virtual network, using the mask given by this property
|azurecompute-arm.vpn.virtualnetworkgateway.sku.name||Name of the Virtual Network Gateway SKU. See https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-about-vpngateways#gwsku|
|Tier of the Virtual Network Gateway SKU. See https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-about-vpngateways#gwsku |
Capacity of the Virtual Network Gateway SKU. See https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-about-vpngateways#gwsku
|azurecompute-arm.vpn.virtualnetworkgatewaycheck.timeout||Timeout for the creation of the Virtual Network Gateway. In the units specified by the timeunit property. Expected creation time is around 40 minutes.|
|azurecompute-arm.vpn.virtualnetworkgatewaycheck.period||Interval between checks for the creation of the Virtual Network Gateway. In the units set by the timeunit property.|
|azurecompute-arm.vpn.virtualnetworkgatewaycheck.maxperiod||Maximum interval in minutes between checks to back off to for the creation of the Virtual Network Gateway. In the units set by the timeunit property|
Time unit for the timeout and intervals of checks for Virtual Network Gateway creation
In Azure, you can work with volumes that are Managed Disks.
After an upgrade, to display availability sets that were not present in the platform with deployed VMs, the user should synchronize the virtual datacenter or networks.
For more information about Azure Availability sets, see Azure documentation, for example, https://docs.microsoft.com/en-us/azure/virtual-machines/windows/tutorial-availability-sets.
When you create a VM, you can select an Availability set. This is similar to the VM layers feature in private cloud.
Before you deploy a VM, to change the availability set, you can edit the VM and select another availability set.