Abiquo Documentation Cookies Policy

Our Documentation website uses cookies to improve your experience. Please visit our Cookie Policy page for more information about cookies and how we use them.


Abiquo 4.7

Skip to end of metadata
Go to start of metadata

Azure ARM Features table

See Azure ARM features table

Configure Microsoft Azure ARM in Abiquo

Creating a public cloud region for Microsoft Azure ARM in Abiquo is the same as for a standard public cloud provider. However, before you create the public cloud region, you can configure the provider in Abiquo.

Filter templates

Azure has a very large number of templates and template publishers, which means it may take a considerable amount of time to perform template operations, such as listing templates or taking snapshots.

To improve performance, Abiquo uses a set of predefined publishers.


To configure the predefined publishers, set the following jclouds property in the abiquo.properties file on the Remote Services server:

PropertyDescriptionProfile
jclouds.azurecompute.arm.publishersPublishers to use for filtering Azure ARM templates as a comma-separated list. Display only templates from these publishers to improve performance
Default: Canonical,RedHat,MicrosoftWindowsServer
jclouds property in Remote Services

To add publishers, users can start typing the name and select from the pull-down list. Users can remove publishers by clicking on the x to the left of the publisher name.

After you select the publishers, you can search for templates as in other public cloud providers.


Optionally configure VSM

As for other public cloud providers, you can optionally configure the VSM polling frequency.

See Abiquo Configuration Properties#vsm

Obtain Microsoft Azure ARM credentials and add to Abiquo

Introduction

To work with Azure ARM compute in Abiquo, you'll need to add credentials to your Abiquo enterprise.

First create an Azure Subscription. Note that you may require separate credentials for some groups of regions, for example, regions in China.

Then follow this guide, which describes how to obtain the details of the subscription and create an Application.

After you follow this guide, you'll have the following Azure attributes:

  • Subscription ID
  • Application ID
  • Tenant ID
  • Application password

For optional pricing credentials, you may also have:

  • Offer ID


Abiquo provides these instructions as a guide only and we update them occasionally. 

Abiquo recommends that customers follow the instructions of the cloud provider, for example, at the time of writing for Azure:


Obtain details of your Azure subscription

To obtain details of your Azure subscription, do the following steps.

  1. Log in to the Azure portal
  2. In the search box in the top menu bar, enter Subscriptions. Then select Subscriptions

  3. Click on your subscription

    Troubleshooting

    If the subscription does not display, check that you have selected the correct directory. Click on the directory name in the top right corner. From here you can switch directory

  4. Save the Subscription ID to enter in the Abiquo credentials.

  5. If you purchased the subscription directly from Azure, you can also save the Offer ID for the pricing credentials.  

Create an ARM application using Azure Portal

To create an ARM application using the Azure Portal and obtain details of the application, do these steps.

  1. Log in to the Azure portal
  2. In the search box, enter Azure Active Directory. Select Azure Active Directory

  3. Click App registrations
  4. Click New registration
  5. To register the application, enter a Name, select the Supported account types, and enter a URL. The value of the URL will not be used, so it could be any URL. Click Register

  6. Save the Application (client) ID and the Directory (tenant) ID, because you will need to configure them in Abiquo. Then click Certificates & secrets

  7. To configure the password for the application, click New client secret, which will open the Add a client secret section. Enter a Description and an Expiry duration, then click Add

    The Azure portal will display the password ONCE ONLY. You must use this password in Abiquo, so make sure to save it, because Azure will not display it again.

  8. Go to the Subscriptions menu, select the subscription you want to associate the application with, and add a new permission for it with these steps.

    1. Select Access control (IAM)

    2. Click Add

    3. Click Add role assignment 
    4. In the dialog, select the Contributor role, and in the Select box, enter the name of the application. Then click Save


Add the Azure ARM compute credentials to Abiquo

Before you begin, your administrator must configure Abiquo to use the appropriate Azure ARM regions. 

To connect Abiquo to your Azure ARM account, add the Azure ARM credentials obtained in the above step to Abiquo.

To do this, edit the Enterprise credentials and enter the credentials for the Azure ARM provider in the following format:

  • Identity: 

    subscription-id#app-id#tenant-id

    This means you should enter the Subscription ID, Application ID and Tenant ID, as a single string and separate each element with a '#'. For example: 

    566058dd-80bc-4ccc-8d6e-e9ac00c4b4a1#8927a710-4f4d-4d11-811c-94c36e9b2c3f#fbb96b71-f92c-4f78-acf7-cd88bdee36b1
  • Credential: Enter the password for the Application.

Add the Azure Pricing credentials to Abiquo

Standard accounts

For Azure, the format of the pricing credentials identity for standard Azure accounts is as follows.

  • Identity

    normal#subscription-id#app-id#tenant-id#offer-durable-id

    The text string "normal#" indicates a standard account. We recommend that you specify the "normal#" text string, even though it is the default option.

    The Offer-Durable-ID is the Offer ID from the Azure portal. See Display Azure billing data for billing dashboard instructions.  

  • Credential: Enter the password for the Application

CSP accounts

For CSP accounts, the main tenant should add the pricing credentials in the following format:

csp#tenantId#clientId#accessToken#refreshToken

The customer tenants do not need to add pricing credentials. The platform will use the CSP credentials for the customer tenants in the hierarchy.

How Abiquo works with Microsoft Azure ARM

Abiquo creates virtual datacenters and virtual networks in Azure ARM.

Diagram of correspondence between Abiquo entities and Azure ARM entities

In Azure ARM, users will be able to allocate and assign public IPs as in AWS.

Diagram of how Abiquo creates a VDC in Azure ARM

Deallocate or Power off a VM in Azure 

To power off a VM in ARM, select the Shut down option. To deallocate a VM in ARM, select the Power off option. 

Azure VPNs

To create a VPN in Abiquo between a private cloud virtual datacenter and Azure, you will need the following Azure ARM configuration for the enterprise:
  • A Gateway Subnet in the Virtual Network that represents the VPC
  • A Virtual Network Gateway (VNG) using this Gateway Subnet - if this does not exist, Abiquo will try to create it in the virtual network with the supplied netmask
  • A Local Network Gateway (LNG) that will represent the remote VPN site, which is not managed by Azure ARM
  • A Virtual Network Gateway Connection that relates the VNG to the LNG
    • All address spaces from the Virtual Network will be exposed through the Virtual Network Gateway.

To create the Azure VPN configuration, set the following properties in each enterprise that will use Azure VPNs.

NameDescription
azurecompute-arm.vpn.virtualnetworkgateway.type

Type of routing to use by the Virtual Network Gateway. See https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-about-vpngateways. To create a VPN from Azure to Azure, set to PolicyBased
Range: RouteBased, PolicyBased
Default: RouteBased

azurecompute-arm.vpn.gatewaysubnet.mask

The Virtual Network Gateway requires a 'gateway subnet'. If this does not exist, the plugin will try to create it in some available range of the virtual network, using the mask given by this property
Default: 29

azurecompute-arm.vpn.virtualnetworkgateway.sku.nameName of the Virtual Network Gateway SKU. See https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-about-vpngateways#gwsku
Default: Basic

azurecompute-arm.vpn.virtualnetworkgateway.sku.tier

Tier of the Virtual Network Gateway SKU. See https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-about-vpngateways#gwsku
Default: Basic
azurecompute-arm.vpn.virtualnetworkgateway.sku.capacity

Capacity of the Virtual Network Gateway SKU. See https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-about-vpngateways#gwsku
Default: 1

azurecompute-arm.vpn.virtualnetworkgatewaycheck.timeoutTimeout for the creation of the Virtual Network Gateway. In the units specified by the timeunit property. Expected creation time is around 40 minutes.
Default: 45
azurecompute-arm.vpn.virtualnetworkgatewaycheck.periodInterval between checks for the creation of the Virtual Network Gateway. In the units set by the timeunit property.
Default: 1
azurecompute-arm.vpn.virtualnetworkgatewaycheck.maxperiodMaximum interval in minutes between checks to back off to for the creation of the Virtual Network Gateway. In the units set by the timeunit property
Default: 2
azurecompute-arm.vpn.virtualnetworkgatewaycheck.timeunit

Time unit for the timeout and intervals of checks for Virtual Network Gateway creation
Default: minutes

Storage

In Azure, you can work with volumes that are Managed Disks.

  • Users can onboard and create volumes, and attach them to VMs. 
  • When you onboard disks, the platform will make them available to users that can access All virtual datacenters in the tenant
  • After users detach volumes from VMs or delete VMs, the synchronization process will make the volumes available in the public cloud region. Users can move volumes between virtual datacenters and release them to the region. 
  • In Azure the VM instance functionality to take a snapshot of a VM has been disabled pending further development.

Related links: