LATEST VERSION: 1.10 - CHANGELOG
Pivotal Cloud Foundry v1.10

Launching an Ops Manager Director Instance with an ARM Template

Page last updated:

This topic describes how to deploy Ops Manager Director for Pivotal Cloud Foundry (PCF) on Azure using an Azure Resource Manager (ARM) template. An ARM template is a JSON file that describes one or more resources to deploy to a resource group.

You can also deploy Ops Manager Director manually. For more information, see the Launching an Ops Manager Director Instance on Azure without an ARM Template topic.

Before you perform the procedures in this topic, you must complete the procedures in the Preparing to Deploy PCF on Azure topic. After you complete the procedures in this topic, follow the instructions in Configuring Ops Manager Director on Azure.

Step 1: Create BOSH Storage Account

Azure for PCF uses multiple general-purpose Azure storage accounts. The BOSH and Ops Manager VMs use one main BOSH storage account, and the other components share five or more deployment storage accounts.

  1. Choose a name for your resource group and export it as an environment variable $RESOURCE_GROUP.
    $ export RESOURCE_GROUP="YOUR-RESOURCE-GROUP-NAME"
    

    Note: If you are on a Windows machine, you can use set instead of export.

  2. Export your location. For example, westus.
    $ export LOCATION="YOUR-LOCATION"
    

    Note: For a list of available locations, run azure location list.

  3. Create your resource group:
    $ azure group create $RESOURCE_GROUP $LOCATION
    
  4. Choose a name for your BOSH storage account, and export it as the environment variable $STORAGE_NAME. Storage account names must be globally unique across Azure, between 3 and 24 characters in length, and contain only lowercase letters and numbers.
    $ export STORAGE_NAME="YOUR-BOSH-STORAGE-ACCOUNT-NAME"
    
  5. Register your subscription with Microsoft.Storage:
    $ azure provider register Microsoft.Storage
    
  6. Create the storage account.
    $ azure storage account create -l $LOCATION -g $RESOURCE_GROUP \
    --sku-name LRS --kind Storage $STORAGE_NAME
    

    Note: LRS refers to Standard Azure Storage Account. BOSH Director requires table storage to store stemcell information. Azure Premium Storage does not support table storage and cannot be used here.

  7. Retrieve the connection string for your BOSH storage account:
    $ azure storage account connectionstring show $STORAGE_NAME \
    --resource-group $RESOURCE_GROUP
    
    The command returns the following output:
    info:    Executing command storage account connectionstring show
    + Getting storage account keys
    data:    connectionstring: DefaultEndpointsProtocol=https;AccountName=example-storage;AccountKey=accountkeystring
    info:    storage account connectionstring show command OK
    
  8. From the data: field in the output above, record the full value of connectionstring, starting with and including DefaultEndpointsProtocol=.
  9. Export the connection string:
    $ export CONNECTION_STRING="YOUR-CONNECTION-STRING"
  10. Create a container for the Ops Manager image:
    $ azure storage container create opsman-image \
    --connection-string $CONNECTION_STRING
  11. Create a container for the Ops Manager VM:
    $ azure storage container create vhds \
    --connection-string $CONNECTION_STRING
  12. Create a container for Ops Manager:
    $ azure storage container create opsmanager \
    --connection-string $CONNECTION_STRING
  13. Create a container for BOSH:
    $ azure storage container create bosh \
    --connection-string $CONNECTION_STRING
  14. Create a container for the stemcell:
    $ azure storage container create stemcell --permission blob \
    --connection-string $CONNECTION_STRING

    Note: Make sure the stemcell storage container is assigned blob permissions.

  15. Create a table for stemcell data:
    azure storage table create stemcells --connection-string $CONNECTION_STRING

Step 2: Copy Ops Manager Image

  1. Navigate to Pivotal Network and download the latest release of Pivotal Cloud Foundry Ops Manager for Azure. You can download either a PDF or a YAML file.

  2. View the downloaded file and locate the Ops Manager image URL appropriate for your region.

  3. Export the Ops Manager image URL as an environment variable.

    $ export OPS_MAN_IMAGE_URL="YOUR-OPS-MAN-IMAGE-URL"

  4. Copy the Ops Manager image into your storage account:

    $ azure storage blob copy start $OPS_MAN_IMAGE_URL opsmanager \
    --dest-connection-string $CONNECTION_STRING \
    --dest-container opsman-image \
    --dest-blob image.vhd 
    

  5. Copying the image may take several minutes. Run the following command and examine the output under Status to check the status:

    $ azure storage blob copy show opsman-image image.vhd --connection-string $CONNECTION_STRING
    info:    Executing command storage blob copy show
    + Getting storage blob information
    data:    Copy ID                               Progress                 Status
    data:    ------------------------------------  -------------            -------
    data:    069d413d-be05-4b12-82bc-c96dacee230e  31457280512/31457280512  success
    info:    storage blob copy show command OK
    
    When Status reads success, continue to the next step.

Step 3: Configure the ARM Template

  1. Create a keypair on your local machine with the username ubuntu. For example, enter the following command:
    $ ssh-keygen -t rsa -f opsman -C ubuntu
    

    When prompted for a passphrase, press the enter key to provide an empty passphrase.
  2. Clone the PCF Azure ARM Templates GitHub repository. This repository contains both the ARM template, azure-deploy.json, and the parameters file, azure-deploy-parameters.json.
  3. Open the parameters file and enter values for the following parameters:
    • storageAccountName: The name of the storage account you created in Step 1: Create Storage Account
    • storageEndpoint: The name of the storage endpoint. Leave the default endpoint unless you are using Azure China, Azure Government Cloud, or Azure Germany:
      • For Azure China, use blob.core.chinacloudapi.cn. See the Azure documentation for more information.
      • For Azure Government Cloud, use blob.core.usgovcloudapi.net. See the Azure documentation for more information.
      • For Azure Germany, use blob.core.cloudapi.de. See the Azure documentation for more information.
    • adminSSHKey: The contents of the opsman.pub public key file that you created above
    • tenantID: Your tenant ID, retrieved in the Preparing to Deploy PCF on Azure topic
    • clientID: Your client or application ID, retrieved in the Preparing to Deploy PCF on Azure topic
    • clientSecret: Your client secret, created in the Preparing to Deploy PCF on Azure topic
    • vmSize: The size of the Ops Manager VM. Pivotal recommends using Standard_DS2_v2.
    • location: The location where to install the Ops Manager VM. For example, westus.

Step 4: Deploy the ARM Template and Deployment Storage Accounts

  1. Deploy the template:
    $ azure group deployment create -f azure-deploy.json \
    -e azure-deploy-parameters.json -v $RESOURCE_GROUP cfdeploy
    
  2. When the command finishes, examine the last five lines of the output:
    data:    Name                          Type    Value
    data:    ----------------------------  ------  --------------------------------------------------
    data:    opsMan-FQDN                   String  pcf-opsman-e8ddgelqqlq22.westus.cloudapp.azure.com
    data:    extra Storage Account Prefix  String  xtrastrgm7qcfdqljlq62
    info:    group deployment create command OK
    
    Record the following values:
    • opsMan-FQDN: In the example above, pcf-opsman-e8ddgelqqlq22.westus.cloudapp.azure.com
    • extra Storage Account Prefix: In the example above, xtrastrgm7qcfdqljlq62
  3. The template creates five new Premium deployment storage accounts. The names of the deployment storage accounts are the value of extra Storage Account Prefix appended with 1, 2, 3, 4, and 5. In the example above, the names of the five deployment storage accounts are the following:

    • xtrastrgm7qcfdqljlq621
    • xtrastrgm7qcfdqljlq622
    • xtrastrgm7qcfdqljlq623
    • xtrastrgm7qcfdqljlq624
    • xtrastrgm7qcfdqljlq625

      If you want to use Standard Azure Storage, replace Premium_LRS with Standard_LRS. Pivotal recommends Premium_LRS for better performance.

      Note: The five Premium storage accounts created by the template provide a reasonable amount of initial storage capacity. Pivotal recommends creating one Standard storage account for every 30 VMs, or one Premium storage account for every 150 VMs. You can increase the number of storage accounts later by provisioning more with the Azure CLI and following the naming sequence listed above.


      For each of the five new deployment storage accounts, perform the following steps:
      1. Retrieve the connection string for your storage account, replacing YOUR-DEPLOYMENT-STORAGE-ACCOUNT-NAME with the name of the storage account. For example, xtrastrgm7qcfdqljlq621.
        $ azure storage account connectionstring \
        show YOUR-DEPLOYMENT-STORAGE-ACCOUNT-NAME \
        --resource-group $RESOURCE_GROUP
        
        The command returns output similar to the following:
        info:    Executing command storage account connectionstring show
        + Getting storage account keys
        data:    connectionstring: DefaultEndpointsProtocol=https;AccountName=example-storage;AccountKey=accountkeystring
        info:    storage account connectionstring show command OK
        
      2. From the data: field in the output above, record the full value of connectionstring from the output above, starting with and including DefaultEndpointsProtocol=.
      3. Export the connection string, choosing a unique name for CONNECTION_STRING_N. For example, CONNECTION_STRING_2.
        $ export CONNECTION_STRING_N="YOUR-CONNECTION-STRING"
      4. Create a container for Ops Manager:
        $ azure storage container create opsmanager \
        --connection-string $CONNECTION_STRING_N
      5. Create a container for BOSH:
        $ azure storage container create bosh \
        --connection-string $CONNECTION_STRING_N
      6. Create a container for the stemcell:
        $ azure storage container create stemcell --permission blob \
        --connection-string $CONNECTION_STRING_N

        Note: Make sure the stemcell container is assigned blob permissions.

  4. Create a network security group named pcf-nsg.

    $ azure network nsg create $RESOURCE_GROUP pcf-nsg $LOCATION
    

  5. Add a network security group rule to the pcf-nsg group to allow traffic from the public Internet.

    $ azure network nsg rule create $RESOURCE_GROUP pcf-nsg internet-to-lb \
    --protocol Tcp --priority 100 --destination-port-range '*'

Step 5: Complete Ops Manager Director Configuration

  1. Navigate to your DNS provider, and create an entry that points a fully qualified domain name (FQDN) in your domain to the opsMan-FQDN you retrieved from the output of the template deployment above.

  2. Continue to the Configuring Ops Manager Director on Azure topic.

Create a pull request or raise an issue on the source for this page in GitHub