Abiquo Documentation Cookies Policy

Our Documentation website uses cookies to improve your experience. Please visit our Cookie Policy page for more information about cookies and how we use them.


Abiquo 4.6

Skip to end of metadata
Go to start of metadata

Azure ARM Features table

See Azure ARM features table

Configure Microsoft Azure ARM in Abiquo

Creating a public cloud region for Microsoft Azure ARM in Abiquo is the same as for a standard public cloud provider. However, before you create the public cloud region, you can configure the provider in Abiquo.

Filter templates

Azure has a very large number of templates and template publishers, which means it may take a considerable amount of time to perform template operations, such as listing templates or taking snapshots.

To improve performance, Abiquo uses a set of predefined publishers.


To configure the predefined publishers, set the following jclouds property in the abiquo.properties file on the Remote Services server:

PropertyDescriptionProfile
jclouds.azurecompute.arm.publishersPublishers to use for filtering Azure ARM templates as a comma-separated list. Display only templates from these publishers to improve performance
Default: Canonical,RedHat,MicrosoftWindowsServer
jclouds property in Remote Services

To add publishers, users can start typing the name and select from the pull-down list. Users can remove publishers by clicking on the x to the left of the publisher name.

After you select the publishers, you can search for templates as in other public cloud providers.


Optionally configure VSM

As for other public cloud providers, you can optionally configure the VSM polling frequency.

See Abiquo Configuration Properties#vsm

Obtain Microsoft Azure ARM credentials and add to Abiquo

Abiquo provides these instructions as a guide only and we update them occasionally. 

Abiquo recommends that customers follow the instructions of the cloud provider, for example, at the time of writing for Azure:


To work with Azure ARM compute in Abiquo, you will need to add the following Azure credentials to your Abiquo enterprise:

  • Subscription ID
  • Application ID
  • Tenant ID
  • Application password

For pricing credentials, you will also need:

  • Offer ID

To obtain Azure credentials:

  1. Create an Azure subscription
  2. Create an ARM application and keep the details of the application to add to Abiquo.

View your Azure subscription

To view your Azure subscription, do the following steps.

  1. Log in to the Azure portal
  2. Go to Home
  3. In the search box in the top menu bar, enter Subscriptions
  4. Click on your subscription

Troubleshooting: if the subscription does not display, check that you have selected the correct directory.

Copy the Subscription ID as you will need it to configure the credentials in Abiquo.

If you purchased the subscription directly from Azure, you can also copy the Offer ID for use in your pricing credentials.  

Create an ARM application using Azure Portal

The following procedure describes how to create an ARM application using the Azure Portal.

  1. Log in to the Azure portal
  2. In the search box, enter Azure Active Directory 
  3. Select App registrations.
  4. Click New registration
  5. Create a new application registration. Enter a name, select the supported account types, and enter a URL. The URL will not be used, so it could be any URL. Click Register

  6. Note the Application client ID because you will need it to configure the credentials in Abiquo. Also copy the Directory ID, which will be the Tenant ID because you will need it to configure the credentials in Abiquo. Then go to Credentials and secrets

  7. Configure the password for the application. Click New client secret, then the Add a client secret will open. Enter a description and a duration, then click Add

    When you save, the Azure portal will display the password ONCE ONLY. You must use this password in Abiquo, so make sure to save it, because Azure will not display it again.

  8. Go to the Subscriptions menu, select the subscription you want to associate the created application with, and add a new permission for it as follows. In the dialog, select the Contributor role, and in the selection text box type the name of the created application. Then save the new permission.

Add the Azure ARM compute credentials to Abiquo

Before you begin, your administrator must configure Abiquo to use the appropriate Azure ARM regions. 

To connect Abiquo to your Azure ARM account, add the Azure ARM credentials obtained in the above step to Abiquo.

To do this, edit the Enterprise credentials and enter the credentials for the Azure ARM provider in the following format:

  • Identity: 

    subscription-id#app-id#tenant-id

    This means you should enter the Subscription ID, Application ID and Tenant ID, as a single string and separate each element with a '#'. For example: 

    566058dd-80bc-4ccc-8d6e-e9ac00c4b4a1#8927a710-4f4d-4d11-811c-94c36e9b2c3f#fbb96b71-f92c-4f78-acf7-cd88bdee36b1
  • Credential: Enter the password for the Application.

Add the Azure Pricing credentials to Abiquo

For Azure, the format of the pricing credentials identity for standard Azure accounts is as follows.

  • Identity

    normal#subscription-id#app-id#tenant-id#offer-durable-id

    The text string "normal#" indicates a standard account, which is also the default if the "normal#" text string is not present.

    The Offer-Durable-ID is the Offer ID from the Azure portal. See Display Azure billing data for billing dashboard instructions.  

  • Credential: Enter the password for the Application


For CSP accounts, the main tenant should add the pricing credentials in the following format:

csp#tenantId#clientId#accessToken#refreshToken

The customer tenants do not need to add pricing credentials. The platform will use the CSP credentials for the customer tenants in the hierarchy.

How Abiquo works with Microsoft Azure ARM

Abiquo creates virtual datacenters and virtual networks in Azure ARM.

Diagram of correspondence between Abiquo entities and Azure ARM entities

In Azure ARM, users will be able to allocate and assign public IPs as in AWS.

Diagram of how Abiquo creates a VDC in Azure ARM

Azure VPNs

To create a VPN in Abiquo between a private cloud virtual datacenter and Azure, you will need the following Azure ARM configuration for the enterprise:
  • A Gateway Subnet in the Virtual Network that represents the VPC
  • A Virtual Network Gateway (VNG) using this Gateway Subnet - if this does not exist, Abiquo will try to create it in the virtual network with the supplied netmask
  • A Local Network Gateway (LNG) that will represent the remote VPN site, which is not managed by Azure ARM
  • A Virtual Network Gateway Connection that relates the VNG to the LNG
    • All address spaces from the Virtual Network will be exposed through the Virtual Network Gateway.

To create the Azure VPN configuration, set the following properties in each enterprise that will use Azure VPNs.

NameDescription
azurecompute-arm.vpn.virtualnetworkgateway.type

Type of routing to use by the Virtual Network Gateway. See https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-about-vpngateways. To create a VPN from Azure to Azure, set to PolicyBased
Range: RouteBased, PolicyBased
Default: RouteBased

azurecompute-arm.vpn.gatewaysubnet.mask

The Virtual Network Gateway requires a 'gateway subnet'. If this does not exist, the plugin will try to create it in some available range of the virtual network, using the mask given by this property
Default: 29

azurecompute-arm.vpn.virtualnetworkgateway.sku.nameName of the Virtual Network Gateway SKU. See https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-about-vpngateways#gwsku
Default: Basic

azurecompute-arm.vpn.virtualnetworkgateway.sku.tier

Tier of the Virtual Network Gateway SKU. See https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-about-vpngateways#gwsku
Default: Basic
azurecompute-arm.vpn.virtualnetworkgateway.sku.capacity

Capacity of the Virtual Network Gateway SKU. See https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-about-vpngateways#gwsku
Default: 1

azurecompute-arm.vpn.virtualnetworkgatewaycheck.timeoutTimeout for the creation of the Virtual Network Gateway. In the units specified by the timeunit property. Expected creation time is around 40 minutes.
Default: 45
azurecompute-arm.vpn.virtualnetworkgatewaycheck.periodInterval between checks for the creation of the Virtual Network Gateway. In the units set by the timeunit property.
Default: 1
azurecompute-arm.vpn.virtualnetworkgatewaycheck.maxperiodMaximum interval in minutes between checks to back off to for the creation of the Virtual Network Gateway. In the units set by the timeunit property
Default: 2
azurecompute-arm.vpn.virtualnetworkgatewaycheck.timeunit

Time unit for the timeout and intervals of checks for Virtual Network Gateway creation
Default: minutes

Related links: