Installing and Configuring Microsoft Azure Service Broker

This topic describes how to install and configure Microsoft Azure Service Broker.

Step 1: Set up Azure

In this step, you configure your Azure account to allow the Microsoft Azure Service Broker to create and manage Azure resources.

  1. Create an Azure account by following these steps.

  2. Create a service principal by following these steps.

Note: The Contributor role needs to be assigned to the service principal.

Step 2: Create a Service Broker Database

Microsoft Azure Service Broker stores information, for example the provisioning information of a service instance, in the database. Follow these steps to create a SQL database on Azure.

Step 3: Install and Configure Microsoft Azure Service Broker

  1. Download the product file from Pivotal Network.

  2. Navigate to the Ops Manager Installation Dashboard and click Import a Product to upload the product file.

  3. Click Add next to the uploaded Microsoft Azure Service Broker tile in the Ops Manager Available Products view to add it to your staging area.

  4. Click the newly added Microsoft Azure Service Broker tile to configure the sections as described below. After the configuration, return to the Ops Manager Installation Dashboard and click Apply Changes to install Microsoft Azure Service Broker tile.

Azure Config

The setup in Step 1 must be successfully completed before beginning this configuration. You will need the Azure and database parameters from that step to successfully configure the broker.

  1. Click Azure Config.

    Azure sb azureconfig

  2. For Azure Environment, if you want to create Azure resource in mainland China, select Azure China Cloud. Otherwise, select Azure Cloud.

  3. Enter the Subscription Id from Step 1.

  4. Enter the Tenant Id, Client Id and Client Secret from Step 1.

  5. Click Save.

Broker Config

  1. Click Broker Config.

    Azure sb brokerconfig

  2. For Database Provider, select the database type. At the current time, only SQL Database is supported.

  3. For Database Server, enter the endpoint, for example, or the IP address of the SQL database.

  4. For Database Username and Database Password, enter your database credentials.

  5. For Database Name, enter the name of the database where the Microsoft Azure Service Broker can store information.

  6. For Database Encryption Key, enter the key to encrypt the sensitive information which are stored in the database. It should be a 32-character fixed-length string. If the key is forgotten, all sensitive information in the database will never be decrypted.

  7. Click Save.

SQL Database Config

  1. Click SQL Database Config.

    Azure sb sqldbconfig

  2. For Allow to Create Sql Server, select the checkbox if you want to allow the developers to create the SQL server through the service broker.

  3. For Enable Transparent Data Encryption, select the checkbox if you want to create SQL Database with Transparent Data Encryption enabled by default.

  4. If you did not select Allow to Create Sql Server, you must create a SQL server on Azure for developers to create databases:

    1. Click Add.
    2. Enter values for the following fields: Resource Group of the SQL Server, Location of the SQL Server, SQL Server Name, SQL Server Administrator Login, and SQL Server Administrator Login Password.
  5. Click Save.

Default Parameters Config

  1. Click Default Parameters Config.

    Azure sb defaultparametersconfig

  2. If Allow to Generate Names and Passwords for the Missing checked, the broker can fix those missing names and passwords in the parameters for creating service instances. Check generated-string in the json examples in Using Azure Service Broker for details.

  3. Default Resource Group and Default Location can be set to fix missing resource group and location in the parameters for creating service instances.

  4. For each service, you can set default parameters for it. The broker can fix those missing parameters in the parameters for creating service instances. Set them with {} if you don’t require any fixing. The priority of this rule is higher than the rules above.

  5. Click Save.

Step 4: Confirm Installation

Note: The Microsoft Azure Service Broker installs an app named azure-services-broker in the azure-service-broker-space space of the system org.

  1. After Ops Manager finishes the installation, the Microsoft Azure Service Broker appears as a green tile in the Installation Dashboard.

    Azure sb install

  2. In Apps Manager, the new services are listed in the Marketplace, and are exposed to all orgs and spaces. Users can create instances of these services only by using the Cloud Foundry Command Line Interface (cf CLI) because Apps Manager does not support asynchronous services. See the Using Microsoft Azure Service Broker topic for more information.

    Azure sb marketplace

Step 5: Confirm Service and Plan Access

The Microsoft Azure Service Broker is installed with all services enabled by default. All services can be listed in the Marketplace.

You can disable or enable any services through the cf CLI using the cf disable-service-access or cf enable-service-access commands.