Partilhar via


Creating a Private Cloud – Part 2: Configuration

In this post I’ll carry on from part 1 and cover the configuration side of the System Center products to deliver Private Cloud type functionality.

Where should you be after Part 1?

So a quick recap from part 1, you should have Windows Server 2008 R2 installed, with the additional Roles and Features etc. installed. You should have promoted this machine to be a domain controller, name of your choice, and have DNS working.

SQL Server 2008 or higher should be installed along with System Center VMM Server and Admin console installed, plus System Center SSP 2.0. So right now we have everything installed and but nothing configured. That’s the next step.

SQL Server tip

I’ve talked and used SQL Server 2008 R2 standard in this discussion so far. If you want to extend SCVMM to include System Center Operations Manager 2007 you will encounter two minor annoyances. First, SCOM doesn’t play with SQL Server 2008 R2 using the standard install procedure off the DVD. Which is not too surprising considering the release dates, but it’s not the end of the install. You can use the DBCreateWizard.exe to get around the installers relocation to play nice with R2, the procedure is documented in this KB article, https://support.microsoft.com/kb/2425714. The other annoyance it that you will need to uninstall the VMM admin console and reinstall the Ops Manager version. This is lower down the VMM install page; the reason for this is that the management packs are added in with this install.

The other tip, ensure the SQL Agent service is running. The Agent runs a daily job that accumulates the costs for the registered Business units.

Just a couple of tips I found creating test setups.

Self-Service Portal Tips.

Now a couple of points to remember on the SSP install that I didn’t cover in part 1, apologies for not calling this out and thank you to Didier for posting this on the blog to remind me. The deployment guide does say to enable Windows Authentication on the IIS server before installing SSP 2.0. It could cause the install to fail; it will also cause the portal to prompt you for credentials each time you access it. Windows Authentication is not selected by default.

Also worth noting is that during the SSP install you are asked for Site name and port number. You can, using Host Header names and GlobalNames in DNS set up the Single name site. On my setup, I configured a GlobalNames zone in DNS, and added ITasaService to that zone, mapping it to the FQDN of the server. I then went back into the IIS and altered the bindings for the SSP Website to use port 80 and also added the host header ITasaService. My SSP users can now access the site via https:// ITasaService.

One thing to note with the RC build, which happened to me on all the installs I’ve done of SSP 2.0. Check the Self Service Portal Service after a reboot. I’ve noticed that, even though it’s set to automatic, the service may not start. It’s always started when I’ve gone in and manually started it. Just a quirk with the RC build, which is still a pain when you are doing a demonstration and you forget that trick.

Configuring SCVMM

I’m going to start with SCVMM, since this is the core of the environment. Basically, to create a self-service Private Cloud environment you need to configure the following:-

  • User Role group for the portal
  • Add any base images and ISO files to the library
  • Create templates of the workloads you want to offer.

It’s a surprisingly short list.

So the first step is to configure a new user group for the Self-Service side. The deployment docs for SSP 2.0 tell us to create a group called Self Service User and give it the Self Service role. This group is populated automatically by the portal as new Business Unit Admins are identified.

The next step is relatively easy too. The SCVMM library can store a number of file, from ISOs to VHDs. When dealing with self-service requests the ideal is that those users pick from a predefine set of templates that you’ve already configured ready for use.

Next step is the creation of your templates. The templates are just preconfigured images that have been generalized for easy deployment. So you can either take an existing VHD, or install a new OS, configure it the way it needs to be. Then prepare it. On the VM menu, selecting New Template will take the image and do all the work needed to generalize it. When you start this process the source image is destroyed. So if you need a copy, now is a good time to take one.

clip_image002The New Template Wizard asks for some basic information and the location where you want to store the template. When you configured SCVMM’s Library component during setup you created a share for the library, within that share you can create a folder for templates to help organizes these files.

Once a template is created you have the minimum need to try out the self-service portal, which is what we will now configure.

Configuring the Self-Service Portal

As the administrator, the first task is to configure the portal. Connecting to website as the administrator, you need to configure just two of the four options on the Settings link. The main one is the “Configure Datacenter Management” link, here you configure these properties.

  • VMM Server. This is the FQDN of the machine you installed the VMM server role on.
  • Device. Configure the names any SANS or Load Balancers you have.
  • Networks. These map to the names of the networks you configured in Hyper-V. The names here must match those in the Virtual Network Manager in the Hyper-V console.
  • Active Directory. Add any Domains you have.
  • Quota Cost. Enter the default values for memory and storage. You can alter these on a template basis later.
  • Environment. Enter the names of any environments you want to use to group infrastructures in. This is purely process and organization.

Save and close and you are almost set.

Next part is to configure the Templates. On the Template page enter the library server where you’d like to get the templates from. If the Self-Service Portal service is not running, this is the point you find out as service will not return any information from the library server.

The list you configure here is the list that BU’s can access; you can also select a cost for each template.

clip_image003Now you are ready to try out the configuration of Business Units, Infrastructures and Virtual Machines. As the administrator you get to approve all requests, so while anyone could request a BU, you get the final say. Now, if you are testing this, don’t use really BU names because once you use than name you can’t delete it later yet – as I found setting up a demo.

So what do you configure? I’ll run through the basics to get the system working on a test environment. On the BU registration, a lot of it is simply documentation; the administrators are the one area that interacts with VMM. Those names you enter here are added to the role we configured earlier. When submitted, the request appears as an “Onboarding” request in the request queue.

Once approved, the BU can set up its infrastructures. From the first post, the diagram of what an infrastructure consist of gives us a good idea of what the request process will cover. The request is a 3 step process:-

  • Configure the Infrastructure name.
  • Configure the Service and Service Role
  • Add Templates for the VMs.

This maps to our diagram and pulls in the information and configurations we made earlier.

Configure the Infrastructure name.

The first part asks for the infrastructure name, the priority, how long the BU expects to keep it and the forecast for the capacity it will use. The capacity you enter here is used when calculating free space when starting VMs or when creating new Services and Service roles. If you exceed the capacity later, you will need to enter an Infrastructure change request to change the capacity.

Configure the Service and Service Role

In the Service and Service Roles we set out how the Infrastructure is set up. We provide the name of the service, add it to the environment. The environment is the list we added earlier when setting up the portal. The billing code and datacenter are names you use internally. It’s when you get to the Service Quota you start to use information from the other pages. As mentioned above, the Infrastructure capacity on the first page is used as the cap for Services and Roles.

The networks are those setup earlier or you can be request them on this page. These have to match the name use in the Hyper-V Virtual Network Manager. The services can have their own access control; you can enter additional admins to those for the BU, plus members who can access this service.

The service role is tucked away at the end, all you need to enter is the Role name and the number of images it needs. The rest for our test environment can be left to their default.

Add Templates for the VMs.

The final part of the infrastructure request is to assign the templates to this request. The list you get is the one from the template settings for the portal. Here selecting the templates available are the ones that will be available when the BU tries to create VMs. If the template is not selected here and is needed later then a new Infrastructure change request needs to be created.

Once approved the virtual machine creation can begin and the billing starts.

Creating Virtual Machines

We’ve now got to the point where BU can request Virtual Machines and manage their environment. The control on resources comes in here, when requesting a VM you are asked for the number of machines, their names, the infrastructure details and template to use. If they exceed the resources, the creation process stops. BU’s can’t say one thing about capacity and do something else.

Once created the VMs are managed and controlled from the VM page, all members of the BU Roles can start or stop the VMs created. You can also monitor the jobs from the Jobs page or as a DC Administrator the SCVMM console.

From this point on, you have enough configured to try things out. I used this information to demonstrate a Private Cloud at a trade show in the UK recently

Beyond the Basics covered here.

These two posts covered the basics. With SCVMM and SCSSP 2.0 you can test out and a simple Private Cloud scenario. By adding more Hyper-V hosts you can certainly extend this model. However, there is more. I haven’t included System Center Operations Manager (SCOM), System Center Service Manager (SCSM), System Center Configuration Manager (SCCM) or the Offline Image Servicing Solution Accelerator in either of the posts. The roles they play become more critical the larger your deployment becomes and provide much more flexibly. To help we’ve released some guidance and guides, these can be found at https://www.microsoft.com/virtualization/en/us/private-cloud.aspx.

Also the reporting and Dashboard components of the portal are another post on their own. These are important if you want to implement true charge-back modelling.

Comments

  • Anonymous
    February 14, 2011
    Hey Alan, It was my pleasure to read both of your's blogs. but i have one doubt in mind. As i m a student, and want to create a private cloud as a part of my project, do Microsoft charge me for using their solution if yes then is there any open source solution to create private cloud. pls let me know. Thanks. hT

  • Anonymous
    February 14, 2011
    Hi, You can create this test scenario with evaluation software and for that there is no charge. If you want to run a longer term project, greater than 3 months then you will need to look at licenses. In the post I talked about using the software from a TechNet subscription. That is one of the cheapest methodsof trying this out. Not sure about an equivilent Open Source solution. I've not heard of one, that doesn't rule one out, just means it not hugely main stream. How long is your project and what does it involve? Alan

  • Anonymous
    February 14, 2011
    thanks for ur reply, basically i need to create a simulation of a cloud or in other words a private cloud on which i can deploy my application the application which i planned is almost ready and the time left for this project to complete is near about 1 and half month. so pls suggest me wat should i do.

  • Anonymous
    February 15, 2011
    Ok, so for about 90-120 days you can download the software needed to create the same environment I used in the blog from the evaluation center. All the software is free and should run long enough to complete your project. The software you need and locations are:- Windows Server 2008 R2 x64 technet.microsoft.com/.../dd459137.aspx System Center VMM 2008 R2 technet.microsoft.com/.../cc793138.aspx SQL Server 2008 R2 technet.microsoft.com/.../ee315247  or SQL Server 2008 technet.microsoft.com/.../bb851664.aspx Self-service Portal 2.0 www.microsoft.com/.../details.aspx This should get you enough to manage one of more host machines, create templates and Infrastructures for self-service deployment of you application image. Regards, Alan

  • Anonymous
    April 10, 2011
    The comment has been removed

  • Anonymous
    August 11, 2011
    Hi Alan Thanks for these guidelines, they were very helpful. I have one issue though and hope you can help. I can access the VM through the self-service portal when on the server (BTW - I configured everything on one server), but when I try to access the VM through the Self_service portal from my laptop, I get: Virtual Machine Manager failed to connect to the virtual machine because of a socket connection error. Check the firewall and network settings, and then try to connect again. What could the problem be? Thanks Trevor

  • Anonymous
    August 11, 2011
    Hi Trevor, Is the RDP port 3389 open? Regards, Alan

  • Anonymous
    August 12, 2011
    There is no firewall on the LAN. I can connect to the Self_service Portal with my laptop on the LAN. I can see the VM listed. I get the above mentioned error when I select "connect to VM". RDP is not enabled on the VM and my laptop is not joined to the domain. When directly logged onto the server, I have the same as above only, I can connect to the VM. Hope this helps. Thanks Trevor

  • Anonymous
    February 18, 2013
    The comment has been removed