Creating a Private Cloud – Part 2: Configuration

In this post I’ll carry on from part 1 and cover the configuration side of the System Center products to deliver Private Cloud type functionality.

Where should you be after Part 1?

So a quick recap from part 1, you should have Windows Server 2008 R2 installed, with the additional Roles and Features etc. installed. You should have promoted this machine to be a domain controller, name of your choice, and have DNS working.

SQL Server 2008 or higher should be installed along with System Center VMM Server and Admin console installed, plus System Center SSP 2.0. So right now we have everything installed and but nothing configured. That’s the next step.

SQL Server tip

I’ve talked and used SQL Server 2008 R2 standard in this discussion so far. If you want to extend SCVMM to include System Center Operations Manager 2007 you will encounter two minor annoyances. First, SCOM doesn’t play with SQL Server 2008 R2 using the standard install procedure off the DVD. Which is not too surprising considering the release dates, but it’s not the end of the install. You can use the DBCreateWizard.exe to get around the installers relocation to play nice with R2, the procedure is documented in this KB article, https://support.microsoft.com/kb/2425714. The other annoyance it that you will need to uninstall the VMM admin console and reinstall the Ops Manager version. This is lower down the VMM install page; the reason for this is that the management packs are added in with this install.

The other tip, ensure the SQL Agent service is running. The Agent runs a daily job that accumulates the costs for the registered Business units.

Just a couple of tips I found creating test setups.

Self-Service Portal Tips.

Now a couple of points to remember on the SSP install that I didn’t cover in part 1, apologies for not calling this out and thank you to Didier for posting this on the blog to remind me. The deployment guide does say to enable Windows Authentication on the IIS server before installing SSP 2.0. It could cause the install to fail; it will also cause the portal to prompt you for credentials each time you access it. Windows Authentication is not selected by default.

Also worth noting is that during the SSP install you are asked for Site name and port number. You can, using Host Header names and GlobalNames in DNS set up the Single name site. On my setup, I configured a GlobalNames zone in DNS, and added ITasaService to that zone, mapping it to the FQDN of the server. I then went back into the IIS and altered the bindings for the SSP Website to use port 80 and also added the host header ITasaService. My SSP users can now access the site via https:// ITasaService.

One thing to note with the RC build, which happened to me on all the installs I’ve done of SSP 2.0. Check the Self Service Portal Service after a reboot. I’ve noticed that, even though it’s set to automatic, the service may not start. It’s always started when I’ve gone in and manually started it. Just a quirk with the RC build, which is still a pain when you are doing a demonstration and you forget that trick.

Configuring SCVMM

I’m going to start with SCVMM, since this is the core of the environment. Basically, to create a self-service Private Cloud environment you need to configure the following:-

  • User Role group for the portal
  • Add any base images and ISO files to the library
  • Create templates of the workloads you want to offer.

It’s a surprisingly short list.

So the first step is to configure a new user group for the Self-Service side. The deployment docs for SSP 2.0 tell us to create a group called Self Service User and give it the Self Service role. This group is populated automatically by the portal as new Business Unit Admins are identified.

The next step is relatively easy too. The SCVMM library can store a number of file, from ISOs to VHDs. When dealing with self-service requests the ideal is that those users pick from a predefine set of templates that you’ve already configured ready for use.

Next step is the creation of your templates. The templates are just preconfigured images that have been generalized for easy deployment. So you can either take an existing VHD, or install a new OS, configure it the way it needs to be. Then prepare it. On the VM menu, selecting New Template will take the image and do all the work needed to generalize it. When you start this process the source image is destroyed. So if you need a copy, now is a good time to take one.

clip_image002The New Template Wizard asks for some basic information and the location where you want to store the template. When you configured SCVMM’s Library component during setup you created a share for the library, within that share you can create a folder for templates to help organizes these files.

Once a template is created you have the minimum need to try out the self-service portal, which is what we will now configure.

Configuring the Self-Service Portal

As the administrator, the first task is to configure the portal. Connecting to website as the administrator, you need to configure just two of the four options on the Settings link. The main one is the “Configure Datacenter Management” link, here you configure these properties.

  • VMM Server. This is the FQDN of the machine you installed the VMM server role on.
  • Device. Configure the names any SANS or Load Balancers you have.
  • Networks. These map to the names of the networks you configured in Hyper-V. The names here must match those in the Virtual Network Manager in the Hyper-V console.
  • Active Directory. Add any Domains you have.
  • Quota Cost. Enter the default values for memory and storage. You can alter these on a template basis later.
  • Environment. Enter the names of any environments you want to use to group infrastructures in. This is purely process and organization.

Save and close and you are almost set.

Next part is to configure the Templates. On the Template page enter the library server where you’d like to get the templates from. If the Self-Service Portal service is not running, this is the point you find out as service will not return any information from the library server.

The list you configure here is the list that BU’s can access; you can also select a cost for each template.

clip_image003Now you are ready to try out the configuration of Business Units, Infrastructures and Virtual Machines. As the administrator you get to approve all requests, so while anyone could request a BU, you get the final say. Now, if you are testing this, don’t use really BU names because once you use than name you can’t delete it later yet – as I found setting up a demo.

So what do you configure? I’ll run through the basics to get the system working on a test environment. On the BU registration, a lot of it is simply documentation; the administrators are the one area that interacts with VMM. Those names you enter here are added to the role we configured earlier. When submitted, the request appears as an “Onboarding” request in the request queue.

Once approved, the BU can set up its infrastructures. From the first post, the diagram of what an infrastructure consist of gives us a good idea of what the request process will cover. The request is a 3 step process:-

  • Configure the Infrastructure name.
  • Configure the Service and Service Role
  • Add Templates for the VMs.

This maps to our diagram and pulls in the information and configurations we made earlier.

Configure the Infrastructure name.

The first part asks for the infrastructure name, the priority, how long the BU expects to keep it and the forecast for the capacity it will use. The capacity you enter here is used when calculating free space when starting VMs or when creating new Services and Service roles. If you exceed the capacity later, you will need to enter an Infrastructure change request to change the capacity.

Configure the Service and Service Role

In the Service and Service Roles we set out how the Infrastructure is set up. We provide the name of the service, add it to the environment. The environment is the list we added earlier when setting up the portal. The billing code and datacenter are names you use internally. It’s when you get to the Service Quota you start to use information from the other pages. As mentioned above, the Infrastructure capacity on the first page is used as the cap for Services and Roles.

The networks are those setup earlier or you can be request them on this page. These have to match the name use in the Hyper-V Virtual Network Manager. The services can have their own access control; you can enter additional admins to those for the BU, plus members who can access this service.

The service role is tucked away at the end, all you need to enter is the Role name and the number of images it needs. The rest for our test environment can be left to their default.

Add Templates for the VMs.

The final part of the infrastructure request is to assign the templates to this request. The list you get is the one from the template settings for the portal. Here selecting the templates available are the ones that will be available when the BU tries to create VMs. If the template is not selected here and is needed later then a new Infrastructure change request needs to be created.

Once approved the virtual machine creation can begin and the billing starts.

Creating Virtual Machines

We’ve now got to the point where BU can request Virtual Machines and manage their environment. The control on resources comes in here, when requesting a VM you are asked for the number of machines, their names, the infrastructure details and template to use. If they exceed the resources, the creation process stops. BU’s can’t say one thing about capacity and do something else.

Once created the VMs are managed and controlled from the VM page, all members of the BU Roles can start or stop the VMs created. You can also monitor the jobs from the Jobs page or as a DC Administrator the SCVMM console.

From this point on, you have enough configured to try things out. I used this information to demonstrate a Private Cloud at a trade show in the UK recently

Beyond the Basics covered here.

These two posts covered the basics. With SCVMM and SCSSP 2.0 you can test out and a simple Private Cloud scenario. By adding more Hyper-V hosts you can certainly extend this model. However, there is more. I haven’t included System Center Operations Manager (SCOM), System Center Service Manager (SCSM), System Center Configuration Manager (SCCM) or the Offline Image Servicing Solution Accelerator in either of the posts. The roles they play become more critical the larger your deployment becomes and provide much more flexibly. To help we’ve released some guidance and guides, these can be found at https://www.microsoft.com/virtualization/en/us/private-cloud.aspx.

Also the reporting and Dashboard components of the portal are another post on their own. These are important if you want to implement true charge-back modelling.