Installing and Configuring Microsoft Azure Service Broker

This topic describes how to install and configure Microsoft Azure Service Broker.

Step 1: Set up Azure

In this step, you configure your Azure account to allow the Microsoft Azure Service Broker to create and manage Azure resources.

  1. Create an Azure account by following these steps.

  2. Create a service principal by following these steps.

Note: The Contributor role needs to be assigned to the service principal.

Step 2: Create a Service Broker Database

Microsoft Azure Service Broker stores information, for example the provisioning information of a service instance, in the database. Follow these steps to create a SQL database on Azure.

Step 3: Install and Configure Microsoft Azure Service Broker

  1. Download the product file from Pivotal Network.

  2. Navigate to the Ops Manager Installation Dashboard and click Import a Product to upload the product file.

  3. Click Add next to the uploaded Microsoft Azure Service Broker tile in the Ops Manager Available Products view to add it to your staging area.

  4. Click the newly added Microsoft Azure Service Broker tile to configure the sections as described below. After the configuration, return to the Ops Manager Installation Dashboard and click Apply Changes to install Microsoft Azure Service Broker tile.

Azure Config

The setup in Step 1 must be successfully completed before beginning this configuration. You will need the Azure and database parameters from that step to successfully configure the broker.

  1. Click Azure Config.

    Azure sb azureconfig

  2. For Azure Environment, if you want to create Azure resource in mainland China, select Azure China Cloud. Otherwise, select Azure Cloud.

  3. Enter the Subscription Id from Step 1.

  4. Enter the Tenant Id, Client Id and Client Secret from Step 1.

  5. Click Save.

Broker Config

  1. Click Broker Config.

    Azure sb brokerconfig

  2. For Database Provider, select the database type. At the current time, only SQL Database is supported.

  3. For Database Server, enter the endpoint, for example SQL-SERVER-NAME.database.windows.net, or the IP address of the SQL database.

  4. For Database Username and Database Password, enter your database credentials.

  5. For Database Name, enter the name of the database where the Microsoft Azure Service Broker can store information.

  6. For Database Encryption Key, enter the key to encrypt the sensitive information which are stored in the database. It should be a 32-character fixed-length string. If the key is forgotten, all sensitive information in the database will never be decrypted.

  7. Click Save.

SQL Database Config

  1. Click SQL Database Config.

    Azure sb sqldbconfig

  2. For Allow to Create Sql Server, select the checkbox if you want to allow the developers to create the SQL server through the service broker.

  3. If you did not select Allow to Create Sql Server, you must create a SQL server on Azure for developers to create databases:

    1. Click Add.
    2. Enter values for the following fields: SQL Server Name, SQL Server Administrator Login, and SQL Server Administrator Login Password.
  4. Click Save.

Step 4: Confirm Installation

Note: The Microsoft Azure Service Broker installs an app named azure-services-broker in the azure-service-broker-space space of the system org.

  1. After Ops Manager finishes the installation, the Microsoft Azure Service Broker appears as a green tile in the Installation Dashboard.

    Azure sb install

  2. In Apps Manager, the new services are listed in the Marketplace, and are exposed to all orgs and spaces. Users can create instances of these services only by using the Cloud Foundry Command Line Interface (cf CLI) because Apps Manager does not support asynchronous services. See the Using Microsoft Azure Service Broker topic for more information.

    Azure sb marketplace

Step 5: Confirm Service and Plan Access

The Microsoft Azure Service Broker is installed with all services enabled by default. All services can be listed in the Marketplace.

You can disable or enable any services through the cf CLI using the cf disable-service-access or cf enable-service-access commands.

Create a pull request or raise an issue on the source for this page in GitHub