Hello again folks. I wrote my first Azure Stack deployment guide back when TP3 dropped and updated it for the Azure Stack Development Kit (ASDK). Having used it recently to deploy a fresh ASDK last week (unsuccessfully), the process has changed enough that I’ve decided to post a new up-to-date guide. I’ll try and keep referencing my old guides to a minimum to save you jumping back and forth all the time, but sometimes it will just make sense to do so if part of the process hasn’t changed. Here’s a high list (links) of what I’ll be covering in this deployment series:
- Azure Stack Deployment Guide (This post)
- Deploy MSSQL Resource Provider into ASDK
- Deploy MySQL Resource Provider into ASDK
- Deploy App Service Resource Provider into ASDK
Before we get going, below is a list of links to the main sections within this post:
- Prerequisites and Downloads
- Boot into the CloudBuilder VHDX
- Deploy the Azure Stack Development Kit
- Increase Password Expiration
- Install and Configure Azure PowerShell for ASDK
- Register Azure Stack with your Azure Subscription
- Add a Windows Server 2016 Image to ASDK
Prerequisites and Downloads
I’ve covered these in detail before, you can find everything you need HERE. If it’s you’re first time deploying Azure Stack, I’d read the prerequisites section through to and including “Networking”.
Download the Cloudbuilder VHDX
Before continuing, the machine you’re working from will need at least 60GB of available disk space.
- To download the Azure Stack POC, you’ll have to follow the registration process HERE
- Click the link to launch the downloader and run it or save it locally.
- Once launched, click “Browse” and select a download location for the files, you’ll need about 16GB of available space. The correct build should be selected by default.
- Now click “Download”
Now go make a coffee, this may take a while depending on your available bandwidth…or it you don’t drink coffee, you can click “Details” to see what files are being downloaded.
- Once you files have been extracted, copy the “CloudBuilder.vhdx” file to “C:\CloudBuilder.vhdx”
If you plan to do any more ASDK deployments in the relatively near future, it may be worth taking a copy of the “CloudBuilder.vhdx” file and storing it off server to save you going through the download and extract process again.
Download the Azure Stack Installer
Next, we’re going to prepare our Azure Stack host by running a script called “asdk-installer.ps1”, but first we need to download it.
- Launch an elevated PowerShell ISE console, paste in the following code:
# Variables $URI = 'https://raw.githubusercontent.com/Azure/AzureStack-Tools/master/Deployment/asdk-installer.ps1' $LocalPath = 'C:\AzureStack_Installer' # Create folder New-Item $LocalPath -Type Directory # Download ASDK Installer Script Invoke-WebRequest $URI -OutFile ($LocalPath + '\' + 'asdk-installer.ps1') cd $LocalPath
Don’t close the ISE console and we’ll be using it again in a second and I went to the bother of putting you in the correct directory already 😛
Boot into the CloudBuilder VHDX
We’re about to say goodbye to the OS you’re currently working from and boot into the CloudBuilder VHDX we downloaded earlier. With that in mind, execute the “asdk-installer.ps1” script we just downloaded. This will launch a GUI where we can configure some options pertaining to our ASDK deployment post reboot.
- Next select “Prepare Environment”
- Click “Browse” and select the CloudBuilder VHDX you downloaded earlier (you should have moved it to C:\CloudBuilder.vhdx already)
- Now click “Next”
- Enter and confirm the password for your hosts local administrator account
- Enter a hostname for your ASDK host, this will be the name it’ll be given after it reboots into the CloudBuilder VHDX
- Change the time zone as required. I usually go with UTC as anything else used to give me errors when deploying the WebApp Resource Provider.
- Tick the box labelled “Static IP configuration”
- Now click “Next”
- Select the network adapter you’re using for management and click “Next”
- Confirm the “IP Address” and “Gateway” values are correct.
- Enter an IP address for both “DNS” and “Time Server IP” and click “Next”
The installer will check and prepare your environment prior to reboot.
- Once it says “Completed”, click “Next”
- Then click “Reboot now”
Your host will now reboot into the preconfigured CloudBuilder VHDX, once it’s up, log in as the local administrator using the password you specified above.
Deploy the Azure Stack Development Kit
NOTE: This guide will be stepping through an Azure Active Directory deployment of the ASDK and assume you’ll be doing the same, an ADFS deployment is out of scope.
Disable Additional NICs
The ASDK only makes use of one NIC, so we’ll want to disable the rest.
- Make sure the only cabled NIC is the one you set the IP on above.
- Launch an elevated PowerShell console and paste in the following code:
This code will disable any NICs that aren’t reporting as “Up”
Get-NetAdapter | Where-Object Status -ne "Up" | Disable-NetAdapter -Confirm:$false -Verbose
Change Time Zone
I’ve had a fair few issues with time zones and time sync in the past when deploying the ASDK, so I’ve elected to always make sure that the host and all VMs are singing from the same hymn sheet…so to speak. I’ve went over this in detail in a previous guide, you can find it HERE
Deploy the ASDK
We’ll need to grab the “asdk-installer.ps1” script again, I usually just re-download it instead of grabbing it from our old mounted “C:” drive.
- Launch an elevated PowerShell ISE console, paste in and execute the following code:
# Variables $URI = 'https://raw.githubusercontent.com/Azure/AzureStack-Tools/master/Deployment/asdk-installer.ps1' $LocalPath = 'C:\AzureStack_Installer' # Create folder New-Item $LocalPath -Type Directory # Download ASDK Installer Script Invoke-WebRequest $URI -OutFile ($LocalPath + '\' + 'asdk-installer.ps1') cd $LocalPath
- Execute the “asdk-installer.ps1” script and select “Install” from the GUI when prompted.
![clip_image002[1]](http://davidfleming.org/wp-content/uploads/2017/11/clip_image0021.png)
- Select “Azure Cloud” under “Identity Provider”
- Under “AAD Directory”, enter the name of your Azure Active Directory…Directory e.g. companyname.onmicrosoft.com
- Enter the password for the local administrator account you’re currently logged onto the host with
- Click “Next”
- Select the only connected NIC and click “Next”
NOTE: For this guide, I’ll be going with a static IP configuration
- Select “Static” and enter an “IP Address” (in CIDR notation), “Gateway” for the BGPNAT VM that will be deployed
- For “Time Server IP”, enter the IP address for the time server you configured on your ASDK host
- Enter a “VLAN ID” if required in your deployment (I won’t need one for this deployment)
- Enter a “DNS Forwarder IP” for use by the domain controller VM that will be deployed
- Click “Next”
- Your entries will now be validated, once it UI has returned “Completed”, click “Next”
- Click “Deploy” to start the process
- In about two minutes or so you’ll be asked to enter the credentials for a global administrator in your AAD directory
During the deployment process, the host will reboot. When it comes back up log on with the following credentials:
Username: azurestack\azurestackadmin
Password: Same as the hosts local administrator account
NOTE: If you accidentally sign in as the local administrator after the hosts comes back up, you’ll notice that you can’t watch the deployments progress. If you do this, log off and log back on using the above credentials.
The deployment will take a good long while, in my experience it’s usually about 6-7 hours. A successful deployment should look something like this:
Increase Password Expiration
By default, the password for your Azure Stack environment is set to expire in 42 days, let’s increase that to 180:
- Open an elevated PowerShell console, paste in the following code and run it:
Get-ADDefaultDomainPasswordPolicy | FT MaxPasswordAge Set-ADDefaultDomainPasswordPolicy -MaxPasswordAge 180.00:00:00 -Identity azurestack.local Get-ADDefaultDomainPasswordPolicy | FT MaxPasswordAge
Install and Configure Azure PowerShell for ASDK
Before we move on we’ll have to set up PowerShell for Azure within our newly deployed environment.
Here’s a quick breakdown of what the code below is doing:
- Sets module repository
- Sets execution policy to RemoteSigned
- Removes any potentially pre-installed Azure PowerShell modules (you won’t have any here if this is a fresh ASDK deployment)
- Installs PowerShell for Azure Stack
- Downloads Azure Stack tools from GitHub
- Imports the Azure Stack Connect module
- Registers an AzureRM instance that targets your Azure Stack instance
- Logs into your Azure Stack environment
- Launch an elevated PowerShell ISE and paste in the following code. Update the $TenantName variable before running. You can run this section at a time or all at once if you prefer…your call.
# Specify Azure Active Directory tenant name.
$TenantName = "mydirectory.onmicrosoft.com"
# Set the module repository and the execution policy.
Set-PSRepository `
-Name "PSGallery" -InstallationPolicy Trusted
Set-ExecutionPolicy RemoteSigned -Force
# Uninstall any existing Azure PowerShell modules. To uninstall, close all the active PowerShell sessions, and then run the following command:
Get-Module -ListAvailable |
Where-Object Name -like "Azure*" |
Uninstall-Module
# Install PowerShell for Azure Stack.
Install-Module -Name AzureRm.BootStrapper -Force
Use-AzureRmProfile -Profile 2017-03-09-profile -Force
Install-Module `
-Name AzureStack `
-RequiredVersion 1.2.11 `
-Force
# Download Azure Stack tools from GitHub and import the connect module.
cd \
Invoke-WebRequest `
'https://github.com/Azure/AzureStack-Tools/archive/master.zip' `
-OutFile master.zip
Expand-Archive master.zip `
-DestinationPath . `
-Force
cd AzureStack-Tools-master
Import-Module .\Connect\AzureStack.Connect.psm1
# For Azure Stack development kit, this value is set to https://adminmanagement.local.azurestack.external. To get this value for Azure Stack integrated systems, contact your service provider.
$ArmEndpoint = "https://adminmanagement.local.azurestack.external"
# For Azure Stack development kit, this value is adminvault.local.azurestack.external
$KeyvaultDnsSuffix = "adminvault.local.azurestack.external"
# Register an AzureRM environment that targets your Azure Stack instance
Add-AzureRMEnvironment `
-Name "AzureStackAdmin" `
-ArmEndpoint $ArmEndpoint
# Get the Active Directory tenantId that is used to deploy Azure Stack
$TenantID = Get-AzsDirectoryTenantId `
-AADTenantName $TenantName `
-EnvironmentName "AzureStackAdmin"
# Sign in to your environment
Login-AzureRmAccount `
-EnvironmentName "AzureStackAdmin" `
-TenantId $TenantID
Now that you have a configured PowerShell environment, I’d keep the console open for the time being, we’ll be using it a fair bit as we go on.
If you want to confirm that everything is working as it should be, the code below will create a Resource Group in your Azure Stack environment.
New-AzureRMResourceGroup -Name "ASDK-Test-RG" -Location Local
Success looks like this…
Register Azure Stack with your Azure Subscription
Although this step isn’t strictly required, it’s something you probably want to do as it’ll allow you to download items from the Azure marketplace for deployment on your environment.
NOTE: Registering your ASDK to Azure will send usage data to Azure Commerce. You are not charged for sending this usage data…because that would be mental Microsoft 🙂
The first thing we’ll need is a subscription ID for an active Azure subscription. Log into your Azure subscription at https://portal.azure.com . The screenshot below shows where in your subscription you can grab the ID:
Register Azure Stack Resource Provider in Azure
This should be a nice easy one and only needs to be done once per ASDK environment.
The code you’re about to run does the following:
- Logs into your Azure account. You’ll be prompted for credentials here, enter the credentials of a Global Administrator for your subscription.
- Registers the “Microsoft.AzureStack” resource provider with your Azure account
Login-AzureRmAccount -EnvironmentName "AzureCloud" Register-AzureRmResourceProvider -ProviderNamespace Microsoft.AzureStack
Register your Azure Stack Environment with Azure
As with most configuration in the ASDK, registration with Azure it does using a PowerShell script. The script/module is named “RegisterWithAzure.psm1” and is located in the following folder:
C:\AzureStack-Tools-master\Registration\
Copy the file to “C:\Temp\”
You’ll be running a PowerShell cmdlet in a minute, the table below shows what information each variable is expecting:
| Variable | Description |
|---|---|
| $ASDKAdminCred | This should be the credentials for your AzureStack\AzureStackAdmin user |
| $AADTenantName | This should be your AAD directory name e.g. mydirectory.onmicrosoft.com |
| $AzureSubscriptionID | This is the Subscription ID you copied from the Azure portal earlier |
| $PrivilegedEndpoint | This should be the IP address of the Azs-ECRS01 VM that was deployed as part of the ASDK |
# Variables
$ASDKAdminCred = Get-Credential # Enter the credentials for your "AzureStack\AzureStackAdmin" user
$AADTenantName = "" # e.g. mydirectory.onmicrosoft.com
$AzureSubscriptionID = "" # Enter the Subscription ID you grabbed from the Azure portal earlier
$PrivilegedEndpoint = "" # This should be the IP address for the Azs-ECRS01 VM that's deployed as part of ASDK
# Import the Register With Azure Module
cd \Temp\
Import-Module .\RegisterWithAzure.psm1
# Run the Azure registration cmdlet
Add-AzsRegistration `
-CloudAdminCredential $ASDKAdminCred `
-AzureDirectoryTenantName $AADTenantName `
-AzureSubscriptionId $AzureSubscriptionID `
-PrivilegedEndpoint $PrivilegedEndpoint `
-BillingModel Development
Success looks like…
You can confirm everything worked as expected by doing the following:
- Log into the ASDK Admin portal at: https://adminportal.local.azurestack.external
- Select “Marketplace Management” from the left menu
- Click “Add from Azure”
You should now be presented with a populated Marketplace…nice!
With all that done, our next task is made all the easier for it.
Add a Windows Server 2016 Image to your ASDK
Later in the guide, we’ll be deploying the following Resource Providers (RPs)
- MSSQL
- MySQL
- WebApp Service
Before we can do those (the Windows ones anyway), we’ll need to make a Windows Server 2016 VM image available to our ASDK environment. Being that we just finished registering our environment with the Azure Marketplace, this couldn’t be easier.
- Log into the ASDK Admin portal at: https://adminportal.local.azurestack.external
- Select “Marketplace Management” from the left menu
- Click “Add from Azure”
- Select the image named “Windows Server 2016 Datacenter – Eval”
- Click “Download”
Once the image download has completed successfully, you’ll receive a pop-up in the notifications area.
If you missed that, you can check the item in the “Marketplace Management” blade and it should show a “Status” of “Successful”
That’s it for this guide, hope to see you in Part 2 where I’ll be deploying the MSSQL Resource Provider. Chowder!
david,
i just deployed ASDK with ADFS option.
i can not find default subscription anywhere (portal or with cmdlet).
do you have to have subscription with portal.azure.com? trying to keep my lab work in disconnected mode.
without default subscription id, i am not able to import any image or create resource group or anything.
appreciate if you can point me in right direction.
Hi Ken,
If you’ve set up the ASDK with ADFS, you won’t be able to setup marketplace syndication with Azure (as you mentioned, it’s disconnected). You should still be able to upload your own image to the ASDK though (covered in my guide). The fact you can’t create a resource group is a little bizarre though.
I was going to suggest you try running a validation on your deployment (https://docs.microsoft.com/en-us/azure/azure-stack/azure-stack-diagnostic-test) but it appears that also only works with an AAD deployment. Apologies I can’t be much more help as I’ve only ever done connected scenarios.