Follow

EvOps - Multi Node - Deployment Guide

Gridpro AB

Rev: 1.1.217

Published: March 2018

 

Introduction

This document contains information on how to install EvOps on Multi Node Azure Stack.

Prerequisites

Azure Stack Version

Minimum supported version: 1.0.180302.1. 

Verify Access to Privileged Endpoint Virtual Machine

A core requirement for the EvOps installation is that the client host you are running all scripts from to install and manage EvOps has access to the Azure Stack Privileged Endpoint virtual machine.

Setup Azure Stack PowerShell Environment

EvOps installation requires that AzureRM and Azure Stack-specific PowerShell modules are installed, AzureStack Tools are available, and the PowerShell environment is configured for your Azure Stack deployment type (Azure AD or AD FS). Please see below article for step-by-step instructions.

Get up and running with PowerShell in Azure Stack
https://docs.microsoft.com/azure/azure-stack/azure-stack-powershell-configure-quickstart

Add Windows Server 2016 VM image to Azure Stack

EvOps requires a default Windows Server 2016 image SKU to be available in Marketplace so that it can be used during the installation. Images can be added either through syndication, if there is internet access, or using PowerShell if there is no internet access.

The following steps are applicable for environments with internet access, for other scenarios please refer to the official Microsoft documentation.

  1. Login as a Cloud Admin on Azure Stack Administration Site
  2. Select More services > Marketplace management
  3. Click Add from Azure
  4. Select Windows Server 2016 Datacenter
    1.png
  5. Click Download
  6. Verify that status is Succeeded in the Marketplace management blade before starting EvOps installation script

Prepare EvOps Installation Directory

  1. Extract the downloaded EvOps zip archive, in this example extracted to:
    C:\Install\Gridpro.EvOps.1.1.217.1
  2. Download Microsoft Azure Service Fabric for Windows Server:
    http://go.microsoft.com/fwlink/?LinkId=730690
  3. Verify that download filename is in format: Azure.ServiceFabric.WindowsServer.<version>.zip
  4. Save file to: C:\Install\Gridpro.EvOps.1.1.217.1\resources folder
  5. Download Web Deployment Tool:
    https://www.microsoft.com/en-us/download/details.aspx?id=43717
  6. Verify that download filename is in format:
    WebDeploy_amd64_en-US.msi
  7. Save file to: C:\Install\Gridpro.EvOps.1.1.217.1\resources folder
  8. Download Microsoft Azure Service Fabric Runtime:
    https://go.microsoft.com/fwlink/?linkid=839354
  9. Verify that download filename is in format:
    <version>.cab
  10. Save file to: C:\Install\Gridpro.EvOps.1.1.217.1\resources folder

Create Subscription hosting EvOps infrastructure

All EvOps infrastructure resources should be hosted in a dedicated subscription. EvOps requires the following services as a minimum in the subscription where you choose to deploy the EvOps infrastructure:

  • Compute
  • Network
  • Storage
  • KeyVault

Please see this section for how to prepare a suitable subscription.

Create Plan containing services required by EvOps

  1. Login as a Cloud Admin on the Azure Stack Administration site
  2. Select More services > Plans
  3. Click Add
  4. Provide a Display nameg. EvOpsCore
  5. Create a new Resource Group, or select an existing one, as a container for the Plan
  6. Click Services
  7. Select Compute, Microsoft.KeyVault, Microsoft.Network and Microsoft.Storage, then click Select
  8. Click Quotas
  9. Select Storage (local), select Default Quota
  10. Select Network (local), select Default Quota
  11. Select KeyVault (local), select Unlimited
  12. Select Compute (local), select Default Quota
  13. Click OK
  14. Click Create

Create Offer for EvOps Core Plan

  1. Login as a Cloud Admin on Azure Stack Administration site
  2. Select More services > Offers
  3. Provide a Display nameg. EvOpsCore
  4. Create a new Resource Group, or select an existing one, as a container for the Offer
  5. Click Base plans
  6. Select EvOpsCore and click Select
  7. Click Create
  8. In Offer blade, click Refresh
  9. Select offer EvOpsCore, click Change State and select Public

NOTE: If you don’t want to make the offer Public you will need to create the tenant subscription from the admin site instead of following the steps in the next section.

Create Subscription

  1. Login as a Cloud Admin on Tenant site
  2. Select More services > Subscriptions
  3. Click Add
  4. Provide a Display nameg. EvOpsInfra
  5. Select Offer, then click EvOpsCore
  6. Click Create
  7. Select subscription EvOpsInfra, copy Subscription ID for use in deployment script

Prepare Certificates

Three certificates are required to install EvOps, see below table for certificate details.

Certificate

Description

Usage

SSL

Used to encrypt traffic to EvOps fabric

Server Authentication

FabricAuth

Securing internal communication in EvOps fabric

Client/Server Authentication

Encryption

Used to encrypt data store in EvOps fabric

Data Encipherment

 

Each exported pfx file should be placed in the corresponding \Certificates sub-folder. These pfx files passwords will be asked for during the installation and certificates will be validated as a part of the installation.

Using self-signed certificates

Self-signed certificates can be generated automatically by the installation script using the
-CreateSelfSigned switch.

 

Installation

Once the preparations are completed, you are ready to initiate the installation.

Deploy EvOps for Azure Stack

  1. Login host with Azure Stack PowerShell Environment and access to Privileged Endpoint Virtual Machine as: AzureStackAdmin
  2. Open an elevated PowerShell ISE editor and open script file:
    C:\Install\Gridpro.EvOps.1.1.217.1\Install-EvOps.ps1
  3. Replace all variables in parameters section with environment specific data according to table below:

<PrivilegedEndpoint>

DNS name or IP address of the privileged endpoint virtual machine

<TenantSubscriptionID>

Specify Subscription ID of the subscription that will host EvOps infrastructure that was created in section “Create Subscription hosting EvOps infrastructure”
Example format: 06f64eb6-150a-4b70-a596-ad170b446ac5

<ServiceAdmin>

Specify service admin login (AAD or AD FS) e.g. admin@contoso.onmicrosoft.com

<Domain>

NetBIOS name for the Azure Stack domain

<Azure Stack tools directory>

Azure Stack tools directory, typically C:\AzureStack-Tools-master

  1. Remove -CreateSelfSigned switch if you provide your own certificates
  2. Change working directory before running the script by executing the following command:
    cd C:\Install\Gridpro.EvOps.1.1.217.1
  3. Click Run Script to execute script (script can take up to 60 minutes to complete)
  4. Enter service admin password and click OK
  5. Enter cloud admin passwords and click OK
  6. Read the EULA carefully and click type Y, if you accept the terms
  7. Verify that script executed successfully based on output
  8. Installation completed

 

Getting Started

The following steps will help you to get started with EvOps for Azure Stack.

Activate License

  1. Login as a Cloud Admin on Azure Stack Administration site
  2. Select More services > EvOps
  3. Click License management

Internet Connected Environment

  1. Click Activate license
  2. Type in your activation key
  3. Click OK

Non-Internet Connected Environment

  1. Click Activate license
  2. Paste license request string and send to support@gridprosoftware.com
  3. When you receive license file, click Offline activation request
  4. Browse and select license file received and click OK

Prepare Plan and Offer for EvOps

  1. Login as a Cloud Admin on Azure Stack Administration site
  2. Select More services > Plans
  3. Click New
  4. Login as a Cloud Admin on Azure Stack Administration site
  5. Select More services > Plans
  6. Click Add
  7. Provide a Display nameg. EvOps for Azure Stack
  8. Create a new Resource Group, or select an existing one, as a container for the Plan
  9. Click Services
    2.png
  10. Select EvOps and click Select
  11. Click Quotas
  12. Select Storage (local), select Default Quota
  13. Select Network (local), select Default Quota
  14. Select KeyVault (local), select Unlimited
  15. Select Compute (local), select Default Quota
  16. Select EvOps (local) and click Create new quota
    3.png
  17. Type Unlimited as Name and check Unlimited Accounts and Requests
  18. Click OK to save quota
  19. Select Unlimited and click OK
  20. Click Create
  21. Select More services > Offers
  22. Provide a Display nameg. EvOps for Azure Stack
  23. Create a new Resource Group, or select an existing one, as a container for the Offer
  24. Click Base plans
  25. Select EvOps for Azure Stack and click Select
  26. Click Create
  27. In Offer blade, click Refresh
  28. Select offer evops-for-azure-stack, click Change State and select Public

Create your first EvOps Account

Now you are ready to create your first EvOps account.

IMPORTANT: It is not recommended that you create EvOps account in the Subscription that hosts the EvOps infrastructure for security reasons.

Create subscription hosting your EvOps account

  1. Login as a Cloud Admin on Azure Stack Tenant site
  2. Select More services > Subscriptions
  3. Type in a name, in this example: EvOpsAdmin
  4. Click Offers
  5. Select EvOps for Azure Stack offer
  6. Click Create
  7. Click subscription you just created
  8. Click Resource providers
  9. Find Gridpro.EvOps resource provider in list and click Register
  10. Done

Create EvOps account principal

  1. Login host with Azure Stack PowerShell Environment and access to Privileged Endpoint Virtual Machine as: AzureStackAdmin
  2. Open an elevated PowerShell ISE editor and open script file:
    C:\Install\Gridpro.EvOps.1.1.217.1\Create-EvOpsAccountPrincipal.ps1
  3. Replace all variables in parameters section with environment specific data according to table below:

    <PrivilegedEndpoint>

    DNS name or IP address of the privileged endpoint virtual machine

    <ServiceAdmin>

    Specify service admin login (AAD or AD FS) e.g. admin@contoso.onmicrosoft.com

    <Domain>

    NetBIOS name for the Azure Stack domain

    <EvOpsAccountName>

    Type in name of EvOps account you are creating the principal for.

    <Azure Stack tools directory>

    Azure Stack tools directory, typically C:\AzureStack-Tools-master


    NOTE: In this example EvOpsAccountName is set to Cloud1

  4. Change working directory before running the script by executing the following command: cd C:\Install\Gridpro.EvOps.1.1.217.1
  5. Click Run Script to execute script (script can take up to 60 minutes to complete)
  6. Enter cloud admin password and click OK
  7. Enter certificate pfx file password and click OK
  8. Enter service admin password and click OK
  9. Verify that script executed successfully save DisplayName and ApplicationID for next chapter.
    evops_asdk.png

Create EvOps account

  1. Select More services > EvOps accounts
  2. Click New
  3. Select EvOpsAdmin subscription
  4. Type in a name, in this example Cloud1
  5. In Resource group, click Create new and type in EvOps
  6. Click Service Principal
  7. Select your service principal with displayname generated in chapter Create EvOps account principal step 8 and click Select
  8. Type Application ID generated in chapter Create EvOps account principal step 8
  9. Click Browse and select the PFX file that was generated in chapter Create EvOps account principal step 8. Will be in: C:\Install\Gridpro.EvOps.1.1.217.1
    Tip: When using Azure AD, you can filter on application ID to simplify locating your service principal.
  10. Type PFX file password that you entered in chapter Create EvOps account principal step 5
  11. Click Create
  12. Done

Import Sample Request Templates

The installation kit contains two samples as described below. For updated and more samples, please visit EvOps product support site.

The installation kit contains two samples as described below. For updated and more samples, please visit EvOps product support site.

  • VM with approval (vm-with-approval.evpkg): Request template with an advanced wizard that contains SKU pickers, conditional visibility etc. and a workflow that contains an approval and ARM deployment for virtual machine creation.
  • Support Request (support-request.evpkg): Request template creating a support request with resource picker that allows to add affected item.

Please follow the steps below to import samples.

  1. Select More services > EvOps accounts
  2. Click your EvOps account
  3. Click Request templates
  4. Click Import
  5. Browse to the folder where you extracted the EvOps installation files and documentation
  6. Select vm-with-approval.evpkg file in the list and click Open
  7. Change Display name and Name if required, then click OK to import
  8. Repeat step 4-7 for support-request.evpkg file as well
  9. Open each Request template and click Publish to publish to Marketplace

 

Upgrade

This section describes the procedure to upgrade EvOps for Azure Stack from any previous version.

  1. Login host with Azure Stack PowerShell Environment and access to Privileged Endpoint Virtual Machine as: AzureStackAdmin
  2. Open an elevated PowerShell ISE editor and open script file:
    C:\Install\Gridpro.EvOps.1.1.217.1\Install-EvOps.ps1
  3. Replace all variables in parameters section with environment specific data according to table below:

<PrivilegedEndpoint>

DNS name or IP address of the privileged endpoint virtual machine

<TenantSubscriptionID>

Specify Subscription ID of the subscription that will host EvOps infrastructure that was created in section “Create Subscription hosting EvOps infrastructure”
Example format: 06f64eb6-150a-4b70-a596-ad170b446ac5

<ServiceAdmin>

Specify service admin login (AAD or AD FS) e.g. admin@contoso.onmicrosoft.com

<Domain>

NetBIOS name for the Azure Stack domain

<Azure Stack tools directory>

Azure Stack tools directory, typically C:\AzureStack-Tools-master

  1. Comment out switch -CreateSelfSigned by adding # in front
    # -CreateSelfSigned
  2. Change working directory before running the script by executing the following command: cd C:\Install\Gridpro.EvOps.1.1.217.1
  3. Click Run Script to execute script (script can take up to 60 minutes to complete)
  4. Enter service admin password and click OK
  5. Enter cloud admin passwords and click OK
  6. Read the EULA carefully and click type Y, if you accept the terms
  7. Verify that script executed successfully based on output
  8. Upgrade completed

Uninstallation

Remove EvOps for Azure Stack

  1. Start by removing all Plans and Offers connected to EvOps
  2. Login to the Azure Stack physical host as: AzureStackAdmin
  3. Open an elevated PowerShell ISE editor and open script file:
    C:\EvOpsInstall\Uninstall-EvOps.ps1
  4. Replace all variables in parameters section with environment specific data according to table below:

<PrivilegedEndpoint>

DNS name or IP address of the privileged endpoint virtual machine

<TenantSubscriptionID>

Specify Subscription ID of the subscription that will host EvOps infrastructure that was created in section “Create Subscription hosting EvOps infrastructure”.
Example format: 06f64eb6-150a-4b70-a596-ad170b446ac5

<ServiceAdmin>

Specify service admin login (AAD or AD FS) e.g. admin@contoso.onmicrosoft.com

<Domain>

NetBIOS name for the Azure Stack domain

  1. Change working directory before running the script by executing the following command: cd C:\EvOpsInstall
  2. Click Run Script to execute script (script can take up to 60 minutes to complete)
  3. Type Y, on the question that you are sure you want to unregister EvOps resource provider
  4. Verify that script executed successfully based on output
  5. Uninstallation completed

 

Known Limitations

This section describes known issues with this version of the product.

  • It is currently not possible to edit list values like "Classification, Source, Support group". This will be possible in a future release.
  • After adding an extension and the success message is shown, it can still take a while before the extension shows up in the list of active extensions.
  • Subscriptions should not be deleted before deleting the resources of those subscriptions first. If the subscription is deleted without doing so, it will leave orphaned resources in the system. This is a known issue in current builds of Azure Stack.
  • Resource group- and location picker are added by default to the wizard of a new request template. For any request that does not include a Deployment Activity, the resource group and location picker can be removed.

 

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request

Comments