Deploying Microsoft Azure Stack Technical Preview 2

In this post, I’ll cover my experiences with deploying the Microsoft Azure Stack Technical Preview 2 (TP2) that is now available.  Azure Stack provides you the ability to deploy Azure in your internal datacenter for Hybrid Cloud capability.

To get started, you can register and download the Azure Stack TP2 download. TP2 differs from TP1 in that Microsoft is no longer providing a full ZIP of the Stack, instead it provides an EXE to run the download on your operating system.

Now, while you could install the Azure Stack on a VM or a laptop, we opted to install it on a Dell R620 with dual socket, 8 core, 192 GB of memory server.  The biggest challenge is the amount of disks and disk space required by Azure Stack. Therefore, you should review carefully the system requirements. Our configuration has 4 SAS 10K drives, each with 600GB of available storage each.

azure_stack

First step was to install Windows 2012 R2 or greater, per the system requirements. The problem we encountered was that the AzureStackDownloader.exe would fail and generate a stack trace.  Recommendation from the Azure developer forum indicated running it on a Windows 2016 server, which resolved the issue. Note, the operating system of the server does not really matter, as the Azure Stack installer will load the Azure operating environment eventually with the downloaded VHD files.

You should also run the Deployment Checker for Azure Stack Technical Preview 2  which is a powershell as it validates the requirements.  You will need to set the Execution Policy to allow running unsigned powershell scripts as described here.  A simple command as below takes care of it:

# Set-ExecutionPolicy -ExecutionPolicy Unrestricted

Then execute the deployment checker.

azure_stack_checker

Once you’ve validated that you meet the hardware requirements, launch the AzureStackDownloader.exe and it will prompt you to where to save the Azure installation files:

azure_stack_downloader

Once downloaded, the downloader will ask to proceed to extract the installation files:

azure_stack_extract

 

Once the download is completed, create a powershell with the following code to download the Azure support files and save it under C:\

 # Variables
 $Uri = 'https://raw.githubusercontent.com/Azure/AzureStack-Tools/master/Deployment/'
 $LocalPath = 'c:\AzureStack_TP2_SupportFiles'

 # Create folder
 New-Item $LocalPath -type directory

 # Download files
 ( 'BootMenuNoKVM.ps1', 'PrepareBootFromVHD.ps1', 'Unattend.xml', 'unattend_NoKVM.xml') | foreach { Invoke-WebRequest ($uri + $_) -OutFile ($LocalPath + '\' + $_) }

 

Launch a Powershell window with elevated privileges and run the download support script you created above.  The script will create the C:\AzureStack_TP2_SupportFiles directory.

Navigate to that directory and run the following command to initiate the boot from VHD:

# .\PrepareBootFromVHD.ps1 -CloudBuilderDiskPath C:\CloudBuilder.vhdx -ApplyUnattend

The path to the VHD may need to be adapted depending where you placed the file.  The system will reboot automatically.

azure_stack_boot_from_vhd

 

Once your system reboots, you will see the following prompts on the console:

azure_stack_boot

 

Once the Azure stack boots up, login to it as the Administrator user and password assigned on step above, and disable any other network interfaces on your machine:

azure_stack_nics

In PowerShell, run this command:

# cd C:\CloudDeployment\Configuration

Run the deploy command: .\InstallAzureStackPOC.ps1

Then, Azure and Wine for a few hours…..

azure_and_wine

 

If you are curious to know how far into the installation progress you are, check out the “Installation Steps” section of the Troubleshooting doc.

To follow the progress of the installation, login as azurestack\azurestackadmin and the password you assigned during install process.

Reset the password expiration to 180 days

To make sure that the password for the Azure Stack POC machine doesn’t expire too soon, follow these steps after you deploy:

  1. Log in to the Azure Stack POC physical machine as azurestack\azurestackadmin.
  2. Run the following command to display the current MaxPasswordAge of 42 days:Get-ADDefaultDomainPasswordPolicy
  3. Run the following command to update the MaxPasswordAge to 180 days:Set-ADDefaultDomainPasswordPolicy -MaxPasswordAge 180.00:00:00 -Identity azurestack.local
  4. Run the following command again to confirm the password age change:Get-ADDefaultDomainPasswordPolicy.

azstack_password_age

 

I ran into a KeyVault deployment issue in step 60.160.178 related to KeyVault deployment.  Per discussions here, re-running the installation seems to address the failure.  Seems to be due to disk i/o timeout operation.

azure_keyvault_error

 

After rerunning the installation, we have successful deployment!

azure_success

Next, you have two ways of connecting into Azure Stack Portal:  RDP inside the Azure Stack environment, or setup a VPN for access from outside.

Connect with Remote Desktop

With a Remote Desktop connection, a single concurrent user can work with the portal to manage resources. You can also use tools on the MAS-CON01 virtual machine.

  1. Log in to the Azure Stack POC physical machine.
  2. Open a Remote Desktop Connection and connect to MAS-CON01. Enter AzureStack\AzureStackAdmin as the username, and the administrative password you provided during Azure Stack setup.
  3. On the MAS-CON01 desktop, open Server Manager, click Local Server, turn off Internet Explorer Enhanced Security, and then close Server Manager.
  4. Double-click Microsoft Azure Stack Portal icon (https://portal.azurestack.local/) to open the portal.
    Azure stack portal icon

Connect with VPN

Virtual Private Network connections let multiple concurrent users connect from clients outside of the Azure Stack infrastructure. You can use the portal to manage resoures. You can also use tools, such as Visual Studio and PowerShell, on your local client.

  1. Install the AzureRM module by using the following command:
    Install-Module -Name AzureRm -RequiredVersion 1.2.6 -Scope CurrentUser
    
  2. Download the Azure Stack Tools scripts. These support files can be downloaded by either browsing to the GitHub repository, or running the following Windows PowerShell script as an administrator:
    Note

    The following steps require PowerShell 5.0. To check your version, run $PSVersionTable.PSVersion and compare the “Major” version. A vanilla Azure Stack TP2 deploying returned Major version of 5, so we are ok.

        #Download the tools archive
        invoke-webrequest https://github.com/Azure/AzureStack-Tools/archive/master.zip -OutFile master.zip
    
        #Expand the downloaded files. 
        expand-archive master.zip -DestinationPath . -Force
    
        #Change to the tools directory
        cd AzureStack-Tools-master
     `
    
  3. In the same PowerShell session, navigate to the Connect folder, and import the AzureStack.Connect.psm1 module:
    cd Connect
    import-module .\AzureStack.Connect.psm1
    
  4. To create the Azure Stack VPN connection, run the following Windows PowerShell. Before running, populate the admin password and Azure Stack host address fields.
    #Change the IP Address below to match your Azure Stack host
    $hostIP = "<HostIP>"
    
    # Change password below to reference the password provided for administrator during Azure Stack installation
    $Password = ConvertTo-SecureString "<Admin Password>" -AsPlainText -Force
    
    # Add Azure Stack One Node host & CA to the trusted hosts on your client computer
    Set-Item wsman:\localhost\Client\TrustedHosts -Value $hostIP -Concatenate
    Set-Item wsman:\localhost\Client\TrustedHosts -Value mas-ca01.azurestack.local -Concatenate  
    
    # Update Azure Stack host address to be the IP Address of the Azure Stack POC Host
    $natIp = Get-AzureStackNatServerAddress -HostComputer $hostIP -Password $Password
    
    # Create VPN connection entry for the current user
    Add-AzureStackVpnConnection -ServerAddress $natIp -Password $Password
    
    # Connect to the Azure Stack instance. This command (or the GUI steps in step 5) can be used to reconnect
    Connect-AzureStackVpn -Password $Password
    

    NOTE: On the power shell script above, I ran into issues with the Set-Item for TrustedHosts.  My vanilla install already  had a wildcard “*” as a value:

    azure_trusted_hosts_current
    When trying to run the Set-Item commands (x2), it would fail. I had to clear the entries with the following command, and then proceed in re-adding the two entries.

    azure_trusted_hosts_clear

  5. Launch IE and connect to https://portal.azurestack.local/

Log in using the Azure Active Directory credentials specified during installation.

azure_portal_rdp

Accept the AzureStack Portal permission requests:

azure_arm_auth

And then you are presented with the Azure Stack Dashboard!

azure_resources

 

Well, I hope this has been a useful walk through guide on the Azure Stack TP2 installation from a layman’s perspective.  If you have any questions, please don’t hesitate to drop a comment.

Written by

November 22, 2016
Comments 1

Comments

  1. Thanks Vinnie! Can’t wait to try this at SNL…

Speak Your Mind

*


*