You are on page 1of 369

Clouds

IT

Microsoft Private Cloud: Evaluation Guide

Table of Contents
Copyright Information ................................................................................................................................. 3 Introduction: The Microsoft Private Cloud ........................................................................................... 4 Part 1 Configure and Deploy Your Private Cloud Infrastructure ............................................... 7 Chapter 1: Explanation of Private Cloud Components ..................................................................... 8 Chapter 2: The Private Cloud Evaluation Guide Scenario & Architectural Overview ......... 13 Chapter 3: Installing the Private Cloud through the Unified Installer ...................................... 33 Chapter 4: Connecting the System Center Components ............................................................. 50 Chapter 5: Configuring Your Private Cloud Infrastructure ......................................................... 102 Chapter 6: Building Clouds .................................................................................................................... 128 Part 2 Application Performance Management and Service Delivery & Automation .... 145 Chapter 7: Creating Services ................................................................................................................. 146 Chapter 8: Monitoring Your Newly Deployed Service ................................................................. 240 Chapter 9: Automation as a Key Foundation of Your Private Cloud ...................................... 269 Chapter 10: Creating a Self-Service Catalog and Automate Offering to Your Customers or End-users ..................................................................................................................................................... 286 Chapter 11: Hybrid Cloud Management .......................................................................................... 334 Chapter 12: Protecting Your Data in the Private Cloud .............................................................. 344 Appendix A .................................................................................................................................................. 357 Appendix B .................................................................................................................................................. 362 Appendix C .................................................................................................................................................. 367

01

Copyright Information
2012 Microsoft Corporation. All rights reserved. This document is provided "as-is." Information and views expressed in this document, including URL and other Internet Web site references, may change without notice. You bear the risk of using it. This document does not provide you with any legal rights to any intellectual property in any Microsoft product. You may copy and use this document for your internal, reference purposes. You may modify this document for your internal, reference purposes.

Introduction: The Microsoft Private Cloud


Overview
This Private Cloud Evaluation Guide is built to give you the necessary information to evaluate the private cloud. In this evaluation guide, you will go through an entire scenario that you can use to evaluate the private cloud on your own premises in a proof of concept environment. This guide is split into two parts. The first part will walk you through deploying and configuring the infrastructure for the private cloud. The second part will go through the service model and application performance management as well as how to gain operational benefits through service delivery and automation. The second part will be included in this document at a later date. Please refer back to the download link for updates to this guide. This guide is intentionally built so that you can run it on -lower-level hardware for the purpose of evaluation. It is also possible to follow this guide and change the scenario to your own environment and parameters. This introduction will walk you through the content of this guide as well as give you some background on the Microsoft private cloud and the components that help you build it. We advise you to read this section if you are not familiar with the concept of the Microsoft private cloud.

Chapters
This evaluation guide consists of two parts: Part 1 Configure and Deploy Your Private Cloud Infrastructure Chapter 1: Explanation of the Private Cloud Components Chapter 2: The Private Cloud Evaluation Guide Scenario and Architectural Overview Chapter 3: Installing the Components of System Center 2012 through the Unified Installer. Chapter 4: Connecting the Components of System Center 2012 Chapter 5: Configuring Your Private Cloud Infrastructure Chapter 6: Building Clouds and Delegating Access Part 2 Application Performance Management and Service Delivery & Automation Chapter 7: Creating Services Chapter 8: Monitoring Your Newly Deployed Service Chapter 9: Automation as a Key Foundation of Your Private Cloud Chapter 10: Creating a Self-Service Catalog and Automate Offering to Your Customers or End-users Chapter 11: Hybrid Cloud Management Chapter 12: Protecting Your Data in the Private Cloud

A Private Cloud Todays Datacenter . . . Optimized


The architecture and functionality of most modern datacenters reflect the growth of the parent organization it serves. Whether this has been by steady organic growth or by rapid expansion through mergers and acquisitions, the result is typically a very heterogeneous environment that includes some best-of-breed point solutions, levels of standardization and isolated environments tailored to fit the demands of specific business groups. This makes for an environment that can be both difficult to manage, and impairs the agility of its various business units. Each time a request is submitted for a new application or service, the centralized IT function needs to hand-craft and deliver that request in a made-to-order fashion. Applications are built to accommodate peak usage, dedicating
4

infrastructure which often lies underutilized much of the time. IT is a challenging place to be; internal customers expect the ease and reliability of the sorts of consumer apps they use every day, such as Hotmail, Xbox Live, and so forth, but often they dont grasp the true scale at which these services run. Private cloud technologies allow any business a better ability to achieve the types of efficiencies in datacenter operation and application provisioning that has, to date, been the hallmark of much larger organizations. The concept of IT as a Service has been discussed in various forms for decades. For many businesses today, this opportunity for on demand IT manifests itself through the idea of a private cloud. Modeled around the success of public cloud offerings such as Microsoft Windows Azure and Amazon Web Services the private cloud is about automatically and efficiently delivering necessary services on request and dynamically scaling those services to meet demand. The private cloud computing model simplifies the ability of IT to deliver IT services. A private cloud shares many of the characteristics of public cloud computing such as resource pooling, self-service, elasticity and usage-based charge models but does so with dedicated physical resources that allow an organization to maintain complete control over their data and processes. A key to the success of private cloud deployments will be the tools and technologies that allow businesses to approach the levels of operational efficiency and high availability that are the hallmark of public cloud offerings; the set of private cloud enabling tools from Microsoft System Center 2012 help you to achieve just that.

The notion of pooled resources means that all compute, network, and storage assets are aggregated into a common grouping that can then be delegated within the organization. This is a shift from todays model in which an Application Owner will likely know (and probably fund) the exact hardware on which his application is physically deployed. In a cloud environment, this owner will only care that adequate capacity to run his application has been delegated to him. This, in turn, frees up the Datacenter Administrator to better optimize resource utilization; to move and shed loads as required and focus on activities that enable greater business value. There needs to be a true self-service interface to which services are published from central IT and consumed by the business units; even where explicit cross charge accounting is not put in place. Application Owners and customers need to be able to easily purchase and provision their resources when they wan t and at the level of service and cost they choose. This common understanding of available off the shelf service offerings is fundamental to the notion of cloud computing. It doesnt mean that custom requests arent possible; indeed a key benefit of the private cloud over public cloud is that it maintains a greater degree of flexibility, but commodity offerings vs. custom offerings may mean the difference between completing the task in 30 minutes vs. 2 weeks. The services deployed need to be elastic and scale up and down automatically based on demand. By designing this capability into the services that are deployed, central IT no longer needs to over-provision capacity to accommodate any potential spikes in load. Finally its important to deploy a usage based environment that
5

allows the Datacenter Administrator and Application Owner to view resource utilization and, ideally set up the right economic incentives to efficiently run their applications and know cost and usage through appropriate chargeback models. A private cloud deployment captures all of these characteristics, but above and beyond the public cloud, it also allows organizations to maintain total control over their applications and data as well as offering an ability to customize deployed resources; both common blockers for businesses looking at public cloud solutions. Ultimately, most customers will find portions of their organization that live best in a private deployment and portions that live best in a public deployment. The world will exist in a hybrid state for the foreseeable future and its important for companies to evaluate their particular needs to determine the best combination for them. As a leader in both public and private cloud technology Microsoft is well positioned to help organizations realize this vision of cloud computing.

Part 1 Configure and Deploy Your Private Cloud Infrastructure

Chapter 1: Explanation of the Private Cloud Components


Overview
Highly virtualized computing gives you the benefits of increased utilization of your servers, power savings, and reduced server footprint. We are familiar with these as they are in datacenters today. However, this does not equal the private cloud. A private cloud provides all of those benefits plus highly integrated and automated management, scalable and elastic platforms, and self-service IT infrastructure. Through a highly automated infrastructure, an organization can reduce operational costs by automating many tasks that previously required manual intervention. Through the service catalog an organization can provide a self-service IT infrastructure to business units and departments with an SLA. This forces service-level discussion and removes the burden to procure, provision, and manage infrastructure on a per-application, ad-hoc basis. With a scalable and elastic infrastructure, an organization can enable faster delivery of capacity as resource needs change. By utilizing a Windows Server 2008 R2 SP1 infrastructure along with System Center 2012, the Microsoft private cloud allows you to deploy a flexible and responsive infrastructure, designed to simplify day-to-day tasks and enable management of applications at the service level, rather than that of individual servers. The following table highlights private cloud capabilities, aligned by industry and to Windows Server 2008 R2 and the components of System Center 2012 that we are going to discuss in this chapter.

Microsoft Windows Server 2008 R2 SP1


Microsoft Windows Server 2008 R2 SP1 is the operating system that runs your private cloud. In this evaluation guide it will run as the host hypervisor, the OS for the different infrastructure components, and for the application that we will deploy, manage, and monitor.
8

Windows Server 2008 R2 SP1 evaluation can be downloaded from http://technet.microsoft.com/enus/evalcenter/dd459137.aspx

Hyper-V
Hyper-V is the server virtualization technology within Windows Server 2008 R2 SP1. It allows you to run virtual machines on top of the host Operating System when your hardware is capable of running virtualized loads.

System Center Orchestrator


System Center Orchestrator is a workflow engine that allows you to automate the creation, deployment and monitoring of resources in your private cloud. Better said, Orchestrator provides you with orchestration, integration and automation of IT processes. Orchestrator works in conjunction with all the System Center rd components and can also be used to automate components from 3 party applications like HP ILO and OA, VMware vSphere and many others (for a full list of Orchestrator 2012 integration packs see http://technet.microsoft.com/en-us/library/hh295851.aspx ). Orchestrator consists of the following: Components Management Server Runbook Server Description The management server is the communication layer between the Runbook Designer and the orchestration database A runbook server is where an instance of a runbook runs. A runbook is a collection of actions bundled together that Orchestrator will run performing various automated actions. Runbook servers communicate directly with the orchestration database. You can deploy multiple runbook servers per Orchestrator installation to increase capacity and redundancy. The database is a Microsoft SQL Server database that contains all of the deployed runbooks, the status of running runbooks, log files, and configuration data for Orchestrator. The Runbook Designer is the tool used to build, edit, and manage Orchestrator runbooks. One runbook or different runbooks together form your workflow(s). Runbook Tester is a run-time tool used to test runbooks developed in the Runbook Designer. This tool allows you to test your runbooks before taking them into production. The Orchestration console lets you start or stop runbooks and view real-time status on a web browser. This is a Silverlight-based web console. The Orchestrator web service is a Representational State Transfer (REST)based service that enables custom applications to connect to Orchestrator to start and stop runbooks, and retrieve information about operations by using custom applications or scripts. The Orchestration console uses this web service to interact with Orchestrator. Deployment Manager is a tool used to deploy integration packs (IPs), runbook servers, and Runbook Designers

Orchestration Database

Runbook Designer

Runbook Tester

Orchestration Console Orchestrator Web Service

Deployment Manager

integration pack (IP)

Orchestrator Integration Toolkit

An integration pack is a collection of custom activities specific to a product or technology. Microsoft and other companies provide integration packs with activities to interact with their product from an Orchestrator runbook. The Orchestrator Integration Toolkit lets you extend your library of activities beyond the collection of standard activities and integration packs. The Integration Toolkit has wizard-based tools to create new activities and integration packs for Orchestrator. Developers can also use the Integration Toolkit to create integration packs from custom activities that they build by using the Orchestrator SDK.

System Center App Controller


System Center App Controller is a Silverlight web-based interface that allows you to manage, build, configure and deploy services both on the private and the public cloud. With this interface, you will have a common self-service experience through your different clouds. This interface is mainly used to provide self-service capabilities for your application owners. The ability to control and manage applications and services within the private cloud is critical. A key requirement, as organizations begin using hybrid apps, will be the ability to connect with services in other clouds and to manage them through a single management experience.

Component Name App Controller Server

Database PowerShell Module

Description The App Controller Server runs the web-based Silverlight application to manage, build, configure and deploy services both on your private cloud and the public cloud. The database that contains the necessary information for the connection to your Azure subscriptions and your Virtual Machine Manager service(s). The App Controller PowerShell Module provides administrators with the ability to automate App Controller administration.

System Center Virtual Machine Manager


System Center Virtual Machine Manager is the component that provides you with virtual machine management AND service deployment. This component comes with support for multi-hypervisor environments and is the system that allows you to define, create and manage your private cloud environment(s).
10

Component Name VMM Management Server

VMM Console VMM Self-Service Portal VMM Database VMM Library Server

Description The computer on which the Virtual Machine Manager service runs and which processes commands and controls communications with the VMM database, the library server, and virtual machine hosts. The Virtual Machine Manager Console is the graphical user interface to your VMM environment. A website used to deploy and request virtual machines. The VMM database stores all the Virtual Machine Manager configuration and information regarding the hosts and virtual guests. The VMM Library Server is a catalog of resources containing all the ISO files, virtual hard disks, templates and profiles used to deploy virtual machines and services.

System Center Operations Manager


System Center Operations Manager provides you with deep application diagnostics and infrastructure monitoring of your private cloud components. It can offer you a thorough overview of the performance and availability of applications deployed in your datacenter, private or public cloud. Component Name Management Server Description The Operations Manager Management Server is the focal point for administering the management group and communicating with the database. When you open the Operations console and connect to a management group, you connect to a management server for that management group. Depending on the size of your computing environment, a management group can contain a single management server or multiple management servers. The Operations Manager is the graphical user interface that will give you the single pane of glass monitoring of your private cloud. The OpsMgr database is where all the collected data like performance & event data, alerts etc. are stored. The OpsMgr data warehouse is used for long term reporting. The OpsMgr web console provides a browser-based alternative to the OpsMgr console. Browser-based console to provide deep insight in your .Net applications A gateway server is used to monitor untrusted environments like a DMZ ACS is used for collecting and auditing security events.

Operations Console Operations Manager Database Operations Manager Data Warehouse Operations Manager Web Console Operations Manager Advisor Gateway Server Audit Collection Server

System Center Service Manager


Service Manager provides an integr ated platform for automating and adapting your organizations IT service management best practices, such as those found in Microsoft Operations Framework (MOF) and Information Technology Infrastructure Library (ITIL). It provides built-in processes for incident and problem resolution, changecontrol, and release management.
11

Component Name Management Server

Database

Data warehouse management server Data warehouse databases Service Manager console

Description Contains the main software part of a Service Manager installation. You can use the Service Manager management server to manage incidents, changes, users, and tasks. The database that contains Service Manager configuration items (CI) from the IT Enterprise; work items, such as incidents, change requests, and the configuration for the product itself. This is the Service Manager implementation of a Configuration Management Database (CMDB). The computer that hosts the server piece of the data warehouse. Databases that provide long-term storage of the business data that Service Manager generates. These databases are also used for reporting. The user interface (UI) piece that is used by both the help desk analyst and the help desk administrator to perform Service Manager functions, such as incidents, changes, and tasks. This part is installed automatically when you deploy a Service Manager management server. In addition, you can manually install the Service Manager console as a stand-alone part on a computer. A web-based interface into Service Manager.

Self-Service Portal

System Center Data Protection Manager


Data Protection Manager (DPM) enables disk-based and tape-based data protection and recovery for servers such as SQL Server, Exchange Server, SharePoint, virtual servers, file servers, and support for Windows desktops and laptops. DPM can also centrally manage system state and Bare Metal Recovery (BMR) which will allow us to protect the servers that contain our virtualized infrastructure. Component Name DPM server Description The DPM server contains the program files of the Data Protection Manager installation. This server will be responsible for all the protection and recovery jobs The DPM database will contain all the information of your Data Protection Manager environment. All protection group information, agent information, recovery points and so on are stored here. Operations Management is used as the platform for the central console and is used to manage your SCDPM server (or multiple DPM servers) The Storage Pool contains your storage that will be used to take disk-to-disk backups

Database

Central Console Storage Pool

Summary
In this first chapter, you reviewed the components that are needed to deploy a private cloud. Now you know all the building blocks to start with your evaluation of the private cloud. You can download Windows Server 2008 R2 SP1 from http://technet.microsoft.com/enus/evalcenter/dd459137.aspx and download the System Center components from http://technet.microsoft.com/en-us/evalcenter/hh505660.aspx?ocid=otc-f-corp-jtc-DPR&wt.mc_id=TEC_103_1_33 In the next chapter we will explain how to construct and design a new private cloud.
12

Chapter 2: The Private Cloud Evaluation Guide Scenario & Architectural Overview
Overview
Evaluating a private cloud can be a time-consuming and difficult task. How do you start? What kind of hardware do you need? Which scenarios do you want to test? With this Private Cloud Evaluation Guide, you can test and try all the components of System Center 2012 in combination with Hyper-V. With this guide you will learn how to build a private cloud and explore how the combinations of the components of System Center 2012 allow you to manage your application from start to finish. After all, in this new era of cloud computing, its all about the app.

Our Scenario and End-Goal


Throughout the evaluation guide, we will work with a specific scenario, users and a well-defined goal. To do this, we have designed the evaluation guide after a fictitious company, Contoso and their employees. At the end of each chapter, we will summarize the outcomes

Contoso.com
Here is background information about the Contoso Ltd., including details about the nature of their business operations, size and location, etc. Contoso, Ltd. is a global manufacturing and shipping company, dealing primarily with building materials. Customers are large retail home improvement chains Contoso maintains 75 locations in 10 countries on 3 continents o 2,000 servers, 700 of which are physical servers and 1,250 which are virtual servers hosted with Windows 2008 R2 Hyper-V o 12,000 employees total, with an IT department of about 150 people. o Three data centers (Seattle, Tokyo and Brussels) o Separate management reporting structures exist on each continent

13

Jeff, the Datacenter Admin


Jeff is a datacenter administrator within Contoso. His major concerns are keeping the infrastructure up and running, and accommodating all the requests from his application owners. The major challenges that Jeff has are: Managing change is difficult due to lack of well-defined procedures provisioning and managing services and related infrastructure Service requests and incidents are currently managed in a third party ticketing system. However, problem correlation is difficult due to lack of a comprehensive CDMB to track IT assets Availability of key revenue-generating services is suffering due to recurring incidents that currently require manual intervention 2-4 week delays in service and resource provisioning have resulted in tension between IT and other business units Lack of visibility into virtual and physical datacenter resources has resulted in widespread performance problems in LOB applications

Emily, the Application Owner


Emily is an Application owner. She is responsible for her line of business application that needs to be deployed. Emilys biggest challenges are: Keeping the different versions up-to-date (production, test environment, acceptance) Being able to deploy the application rapidly Getting the needed resources from IT quickly Ensuring that engineering and IT work together well Get applications to market faster

Other Persona
Jack: VP of Marketing Application (Lob) Owner The Board: CxOs (CEO or CIO) Contoso Engineering Group: Application Development Mike: Team Member of Emilys group

The End-Goal: Its All about the Application

14

The Board of Contoso has asked a consultancy firm to investigate the pain points of IT within the company and to provide advice on a possible solution. The consultancy company has investigated both the issues with the IT group as the users of IT. The key pain points are server sprawl and virtual server sprawl. Users are looking at purchasing IT services outside the IT department in the cloud and are convinced that they can get it cheaper elsewhere. The results showed that there are many concerns about compliance and security. The complexity of the infrastructure is also becoming extremely difficult to manage. Based on these results, the Board of Contoso has given the datacenter admin a challenge. Jeff needs to build a private cloud so that Emily has the ability to manage the applications she is responsible for. Emily and Jack should be able to deploy their application rapidly into production and scale whenever the need should arise. The application should also be monitored as a whole and should have the ability to upgrade to a new version without or with minimal interruption. Emily and Jack should also have self-service capabilities and a user interface where they can see their environments.

15

Figure 1: Management Components

In Figure 1: Management Components, you see an overview of what we are going to build with the components of System Center 2012. In the picture, you can see 3 main categories: Application Management is all about deploying and operating business applications. Service Delivery and Automation involves standardizing and automating service and resource provisioning, managing change and access controls, etc. Infrastructure Management is needed to be able to deploy and operate the entire underlying infrastructure on which our business applications and services run.

The Scenario
Throughout the different chapters of this Private Cloud Evaluation Guide we will work towards the specific demands of the business. After running through the different chapters, you will have a private cloud with an application in it that can be monitored, automated, deployed and managed as a service and self-service possibilities. In this first part of the Evaluation Guide, Jeff is going to get all the components installed and then prepare everything for the private cloud. In the last chapter, Jeff will deploy his first cloud. In the second part of the Evaluation Guide, which will be released on a later date, Jeff will continue his work and configure automation, backup and so on for the application so Emily can easily deploy the application and be confident Jeff can meet the agreed-upon SLA.

Architectural Overview
Here is the overview of what hardware we are going to use for our private cloud evaluation. This can be different from your environment but this is the minimum required to evaluate the private cloud.

16

Service Manager SQL Server 2008 R2

Service Manager Data Warehouse SQL Server 2008 R2

Data Protection Manager SQL Server 2008 R2

Domain Controller

ServiceMgr Orchestrator SQL Server 2008 R2

ServiceMgrDW Virtual Machine Manager SQL Server 2008 R2

DPM AppController SQL Server 2008 R2

AD Operations Manager SQL Server 2008 R2

Orchestrator

VMM

AppController

OpsMgr

Hyper-V Host
Virtual - Virtual Network

Hyperv02
Following servers are used: Name Hyperv02 Orchestrator Function Hyper-v host Orchestrator + Unified Installer server Virtual Machine manager server App Controller server Operations Manager Server CPU 4 2 vCPU Memory 24 GB 2 GB Disk 1 TB 40 GB IP 192.168.1.2 192.168.1.3

VMM AppController OpsMgr

2 vCPU 2 vCPU 2 vCPU

2 GB 2 GB 2 GB

80 GB 40 GB 40 GB

192.168.1.4 192.168.1.5 192.168.1.6

17

ServiceMgr ServiceMgrDW DPM AD

Service Manager server Service Manager Datawarehouse Data Protection Manager server Domain Controller

2 vCPU 2 vCPU 2 vCPU 1 vCPU

2 GB 2 GB 2 GB 512 MB

40 GB 40 GB 40 GB 40 GB

192.168.1.7 192.168.1.8 192.168.1.9 192.168.1.10

Table 1: Server Information

When you are going to deploy the infrastructure and work through the different exercises, you can use your own IP addresses and better hardware. If you work with different IP ranges, you need to take into account that for some of the exercises, you will also need to change the ranges. The two most important considerations for your private cloud management infrastructure regarding performance will be: Memory Disk IO If you want to change the specifications of the virtual machines, please read the Prerequisites in Chapter 3 to verify that you meet the necessary requirements in advance.

What you need in advance


In this section we are going to discuss the environment required before you can continue with this evaluation guide.

Hyper-V Host(s)
Depending on the architecture, you should have one or more Hyper-V hosts installed with Windows Server 2008 R2 SP1. You can download the evaluation version of Windows here: http://technet.microsoft.com/enus/evalcenter/dd459137 Your Active Directory should be prepared with a few users and groups (see below). For information on how to install Active Directory, visit http://technet.microsoft.com/en-us/library/cc755103(v=ws.10).aspx

The Virtual Network


You need to prepare your Virtual Network so that the virtual machines can communicate with the hosts and with the other virtual machines. In a production environment, you will be working with different vlans, but for this guide we worked with a single network adapter, configured with the following parameters: Parameter Name Notes Connection Type Allow management operating system to share this network adapter
18

Value Virtual Virtual Network Microsoft Virtual Switch External (to your network adapter) Checked

Virtual Servers
The servers in Table 1: Server Information should already be deployed and joined to the domain. Follow this procedure to deploy a virtual machine on Hyper-V: Creating Virtual Server 1. Open Hyper-V Manager

19

2.

In the Actions pane, select New > Virtual Machine

3.

In the Before You Begin screen, select Next

4.

In the Specify Name and Location screen, fill in the Name of the virtual machine and the Location where you want to store the files. Then select Next

5.
20

In the Assign Memory screen, fill in the amount of memory allocated for this Virtual Machine. Note that the amount should be at least 2048 MB for the unified installer requirements (see chapter 3), the

Domain Controller can be 512 MB and then select Next

6.

In the Configure Networking screen, select your virtual network that you have created and select Next

7.

In the Connect Virtual Hard Disk screen, fill in the size for your VHD, specify the location and name of your VHD and select Next

21

8.

In the Installation Options screen, select how you want to install the Operations System. In our case, since we downloaded the ISO from the evaluation center, we choose the ISO and then select Next

9.

In the Completing the New Virtual Machine Wizard screen review your settings and select Finish to create the machine

22

Installing and Configuring the OS You can find all the required steps to install the OS in Appendix.

Configure and Join Domain 1. In the Initial Configuration Tasks window, select Configure Networking

2.

In the Network Connections window, right-click on the Local Area Connection Network icon and select Properties

23

Select Internet Protocol Version 4 (TCP/IPv4) and find all the required steps to install the OS in Appendix. 3. Properties

4.

Fill in the appropriate network information. Note that this information can be different in your environment. Select OK

24

5. Select Close and Close the network connections window 6. On the Initial Configuration tasks window select Provide computer name and domain

7.

On the System Properties window, select Change

25

8.

Fill in the Computer name and Domain and select OK

9.

On the Windows Security window, fill in the name and password of the user that has permissions to join this server to the domain and select OK

10. Select OK when you get the Welcome message

26

11. Select OK when you get the restart notification

12. Select Close in the System Properties window 13. Select Restart now to finish the process and to restart the server

Repeat the procedures for all servers.

Group Policies
To make the evaluation easier, weve created a Group Policy on domain level to enable and disable a few settings. By default Jeff disabled all Windows Firewalls on the server machines and enabled remote desktop for easy access. It is not necessary to disable Windows Firewall and you can review the requirements for Windows Firewall on the different TechNet pages for the components. Jeff knows that he will need to configure the Windows Firewall in production, but since this is an evaluation, he wants to deploy the systems fast and get quickly results.

Passwords
All passwords in this evaluation guide are the same. For every account, we are using t he password: P@ssw0rd (with the 0 being zero)

Users
In Active Directory, we are going to create a few users.
27

1.

Open Active Directory Users and Computers

2.

Create an OU by right-clicking on Contoso.com (or the root of your domain) and choose New > Organizational Unit

3.

Name the OU PrivateCloudUsers or choose another name and select OK

28

4.

On the newly created OU right click and choose New > User

5.

Fill in the New Object window with the following parameters and then select Next Value Jeff Jeff Jeff

Parameter First name Full name User Logon name

6.

Fill in the Password and select Password never expires and select Next and Finish to create the user

29

7.

Repeat steps 4 to 6 for the following users with the following parameters Value Emily Emily Emily Value Mike Mike Mike Value Jack Jack Jack

Parameter First name Full name User Logon name Parameter First name Full name User Logon name Parameter First name Full name User Logon name 8. 9. User Jeff Emily Jeff

Right-click on the newly created user and select Properties Change the properties for the two users according to the following parameters Parameter Description Description Member off Value DataCenter Administrator Application Owner Add Domain Admins

30

Security Groups
We also need some security groups for this evaluation. Build the following security groups: Parameter Name Type Members Value ProductionEmilyCloud Global Security Emily

31

Hardware and other possibilities


It is not necessary to run the private cloud evaluation on the same hardware or the same setup as described above. You can work with multiple Hyper-V hosts and/or split-off the domain controller role to another server. You can also separate the Orchestrator and Unified Installer role on different machines. With this evaluation guide we tried to deploy the private cloud with a minimum amount of hardware. Please note that the configuration found above is the absolute minimum to follow the scenario in this evaluation guide. The biggest blockers for evaluating the private cloud will be (in this order): Memory Disk IO We advise at least 24 GB but 32+ GB is preferable. Disk IO is the second biggest blocker for the evaluation. In total, you would need at least 500 600 GB of hard disk space. SSD Disk (or better hardware) is strongly recommended. Running the private cloud on lower Disk IO components may cause a lot of performance issues as previously discussed.

Summary
In this chapter Jeff has prepared the infrastructure necessary to start with the evaluation of the private cloud by using the System Center Unified Installer (Chapter 3). In production environments, this will probably be done differently and you may have other deployed systems / procedures in place. Now that we have a base infrastructure in place, we can continue on to Chapter 3 and start the installation of the components.

32

Chapter 3: Installing the Private Cloud through the Unified Installer


Overview
To help in getting started with a private cloud, Microsoft has created the System Center Unified Installer for evaluation and proof of concept purposes. The Unified Installer automates much of the installation process for the System Center 2012 components. The installation scripts deploy the System Center components and are designed for either a lab or proof of concept. In this chapter, we will use the Unified Installer to install our environment. In this chapter, Jeff is going to use the Unified Installer to install all of the components of System Center 2012, back-end database engines and prerequisites.

Before you Begin


Please take the time to read through the important notes and prerequisites before using the Unified Installer.

Important Notes
The documentation and workarounds for the known issues listed below can be found in the Unified Installer Release Notes: http://technet.microsoft.com/en-us/library/hh751278.aspx A "Logon Failure" Message is displayed when accessing SCUI.EXE using non-local domain credentials "This program might not have installed correctly" message might display when attempting to extract the Unified Installer on a local drive when using Windows 7 SP1 DPM installation might fail Preexisting installations of SQL Server might cause deployment to fail

Prerequisites
The latest prerequisites information can be found here: http://technet.microsoft.com/en-us/library/hh751268.aspx Hardware (per target computer, Virtual or Physical): a. b. c. Software a. One of the following versions of Windows operating systems: 64-bit edition of Windows 7 Service Pack 1 (SP1) or Windows Server 2008 R2 with (SP1) b. Internet Information Services (IIS) c. Microsoft .NET Framework 3.51 d. Windows PowerShell 2.0 e. You must use the same OS locale on both the installer computer (the computer where you run the Unified Installer) and the target computer (the computer where you install a System Center
33

CPU: Dual-core 2.1 gigahertz (GHz) RAM: 2 gigabytes (GB) minimum, 4 GB recommended Disk space: 10 GB of free space

2012 component) .NET Framework 4.0 (http://go.microsoft.com/fwlink/p/?LinkID=232304) Windows Automated Installation Kit 2.0 (http://go.microsoft.com/fwlink/p/?LinkID=224463) Report Viewer 2008 SP1 Redistributable (http://go.microsoft.com/fwlink/p/?LinkID=234896) Microsoft Report Viewer 2010 Redistributable Package (http://go.microsoft.com/fwlink/?LinkId=234118) Trial Version of SQL Server 2008 R2 (http://go.microsoft.com/fwlink/?LinkId=239628) SP1 for SQL Server 2008 R2 (http://go.microsoft.com/fwlink/p/?LinkID=235126) Cumulative Update Package 4 for SQL Server 2008 R2 (http://go.microsoft.com/fwlink/?LinkId=238411) SQL Server 2008 R2 Native Client a. x86 package: (http://go.microsoft.com/fwlink/?LinkID=188400) b. x64 package: (http://go.microsoft.com/fwlink/?LinkID=188401) c. IA-64 package: (http://go.microsoft.com/fwlink/?LinkID=188402) Microsoft SQL Server 2008 R2 Command Line Utilities a. x86 package: (http://go.microsoft.com/fwlink/?LinkID=188429) b. x64 package: (http://go.microsoft.com/fwlink/?LinkID=188430) c. IA-64 package: (http://go.microsoft.com/fwlink/?LinkID=188431) Microsoft Analysis Management Objects a. x86 package: (http://go.microsoft.com/fwlink/p/?LinkID=218847) b. x64 package: (http://go.microsoft.com/fwlink/p/?LinkID=218910) c. IA-64 package: (http://go.microsoft.com/fwlink/p/?LinkID=218912)

Creating the Installer Computer

The Installer Computer is the computer where you will run the Unified Installer. The Unified Installer can be run on a Windows Server 2008 R2 SP1 or a Windows 7 SP1. In our scenario, to save on resources, we are going to run the Unified Installer on the same server that we are going to run System Center Orchestrator (Orchestrator). To be able to run the Unified Installer, we need to prepare this machine in advance. We do this by changing the local policy of that server. We can also do this by using a Group Policy but Jeff decides to follow the documentation on TechNet and therefore changes the local policy.

34

1.

Open a blank MMC (Click Start > Run, type MMC and select OK)

2. 3.

Add the Group Policy Object (File > Add/Remove Snap-in, choose Group Policy Object, select Add) In the Select Group Policy Object dialog box, select Finish

4.

In the Add or Remove Snap-ins window, select OK

35

5.

In the Console1 window, browse to Credential Delegation. (Console Root, expand Local Computer Policy > Computer Configuration > Administrative Templates > System > Credential Delegation)

6. 7.

Open Allow Delegating Fresh Credentials in the Settings pane In the Allow Delegating Fresh Credentials dialog box, do the following: Enable the policy In the Options area, click Show and enter WSMAN/* in the value field

36

Make sure that Concatenate OS defaults with input above is selected, and then select OK

8. 9.

Open Allow Delegating Fresh Credentials with NTLM-only Server Authentication in the Settings pane In the Allow Delegating Fresh Credentials with NTLM-only Server Authentication dialog box, do the following: Enable the policy In the Options area, click Show and enter WSMAN/* in the value field Make sure that Concatenate OS defaults with input above is selected, and then select OK

10. In the Console1 window, browse to WinRm Client. (Console Root, expand Local Computer Policy > Computer Configuration > Administrative Templates > Windows Components > Windows Remote Management (WRM) > WinRM Client) 11. Open Allow CredSSP authentication in the Settings pane
37

12. In the Allow CredSSP authentication dialog box, click Enabled, and then select OK

13. Open Trusted Hosts in the Settings pane 14. In the Trusted Hosts dialog box, select Enabled 15. In the Options area, in TrustedHostsList, type *, and then select OK

16. Close the Local Group Policy Editor.

38

Preparing the Target Computers

To prepare the Target Computers, you can either change the local policy on each target computer or create a group policy object for those servers. We created a new OU in Active Directory and placed all the target computers in that OU.

On that OU, we created a GPO with the following parameters Location Computer Configuration / Administrative Templates / Windows Components / Windows Remote Management (WinRM) / WinRM Service Computer Configuration / Administrative Templates / Windows Components / Windows Remote Management (WinRM) / WinRM Service Computer Configuration / Administrative Templates / Windows Components / Windows Remote Shell Parameter Allow automatic configuration of listeners Value Enabled IPv4 filter: * IPv6 filter: * Enabled

Allow CredSSP authentication

Allow Remote Shell Access

Enabled

39

Computer Configuration / Administrative Templates / Windows Components / Windows Remote Shell The GPO report will look like this:

Specify maximum amount of memory in MB per Shell

2048

Preparing the Prerequisites and Source Files


Before you start with the installation, you need to prepare the source files and prerequisites. After downloading the evaluation versions of System Center 2012 you will need to extract some of these installers and you also need to download all the prerequisite files and place them on a share. Create a share on the installer computer with all the prerequisites and install media as shown below:

40

All of the components and prerequisites need to be extracted into separate folders in order for the Unified Installer to work. If the downloaded files come in ISO or .zip format, you will need to extract them. When you have bits that are one or more .exe files, run a command prompt as an administrator and run the .exe with the extract parameter with it. Example: To extract AppController, run AppController.RTM.exe extract

A new pop-up window will open asking you where you want to extract the files.

Installation of the System Center Components with the Unified Installer


Now that Jeff has done all the preparations, he can start with the deployment of the components. Since Jeff decided to run the Unified Installer on the same computer as the one where he is going to run Orchestrator, he will start on that server. 1. Log on to the computer Orchestrator by using the Domain Administrator account If you want to use another account than the administrator account, you need to take into account that that user has administrative credentials on both the Installer computer and the Target Computers On the Unified Installer installation media, right-click setup.exe, and then select Run as administrator to open the System Center 2012 Wizard

2.

41

If .NET 3.5 is not installed, you will receive the following notification and it will be installed automatically.

3.

If you receive the following notification, select Yes to continue

4.

On the System Center 2012 page, select Install System Center

5.

On the System Center Unified Installer window, select OK to continue

42

6.

On the Product Registration page, read the Microsoft Software License Terms , and accept by selecting, I have read, understood, and agree with the terms of the license agreement. Since we are doing an evaluation, Jeff also select Install as an evaluation edition and then select Next

43

7.

On the Component Selection page, select the System Center 2012 components to install. In our evaluation, Jeff is going to install Orchestrator, Virtual Machine Manager, App Controller, Operations Manager, Service Manager and Data Protection Manager and then select Next

8.

On the Component Media Location page, select Browse or type the folder where you stored the installation media. In our case, the source files are located on a share on the hyperv02 server and then select Next

44

Specifying a mapped drive for installation files is not supported. You must specify location by universal naming convention (UNC) or by copying the installation files to a local hard disk drive.

9.

On the Prerequisite License Terms page, select I accept these License Terms for the prerequisites that you will be using, and then select Next. These are the prerequisites that you downloaded earlier and placed into the different folders.

10. On the Perquisite Media Location page, select Browse or type the folder where you stored the installation media and then click Next
45

11. On the Installation Destination Location page, accept the defaults, and then select Next Due to constraints for the path name, the destination location for DPM cannot be changed.

12. On the Servers page, type the name of the server or servers that will host the System Center 2012 components, and then select Next For this release, you must use a computer short name when you are specifying the computer that will host a System Center 2012 component. Do not use a fully qualified domain name (FQDN) or an IP address when you are defining a target computer. The computer names must be unique. You can install only one component per computer.
46

13. On the Service Accounts page, in Installer Account, type the credentials for the account that will perform the installation, and then select Next You can change the installer account for the components. For the Installer Account, the Domain and Account names cannot be changed. For the Service Manager Administrator Role Group, no password is needed.

14. Depending on the components you selectfor example, Operations Manager or Service Manageryou might be presented with a Component Specific Questions page. If so, provide the requested information
47

(for example, the management group name), and then click Next

15. On the Communications and Updates page, indicate your preferences for the Customer Experience Improvement Program, Error Reporting, and Microsoft Update, and then select Next

16. On the Installation Validation page, examine the settings, and then select Install

17. When installation is complete, select Next


48

The deployment progress bar times out after two hours. Some installations may exceed the default time-out period. In these cases, your installation might still be running in the background. You can confirm that by checking the local system installation logs. 18. On the Deployment Summary Report page, select Finish

Troubleshooting the Unified Installer


If the installation of one of the components should go wrong, then you can find the log files at the following locations: Component Name Orchestrator VMM Operations Manager App Controller DPM System Center 2012 Configuration Manager Service Manager Unified Installer Log Location \Users\<user>\AppData\Local\Microsoft System Center 2012\Orchestrator\LOGS \programdata\vmmlogs \Users\<user>\AppData\Local\SCOM\Logs \Users\<user>\AppData\Local\AppController\Logs \Program Files\Microsoft System Center 2012\Data Protection Manager\DPMLogs \ConfigManagerSetup.log \Users\<user>\AppData\Local\Temp\1 \Users\<user>\AppData\Local\Microsoft System Center 2012\Unified Installer\LOGS

Summary
In this chapter, Jeff has installed all the System Center components through the use of the Unified Installer. Now he has all the management tools he needs to continue with his private cloud evaluation. In the next chapter, Jeff is going to connect the components together.
49

Chapter 4: Connecting the System Center Components


Overview
One of the biggest strengths of System Center 2012 is its integrated approach to workflow, knowledge and data management. System Center 2012 has connectors and integration packs that simplify communication between the components that help to provide full life-cycle management of your applications and infrastructure. In this chapter we will start with the overview of how to connect the components together. Now that Jeff has installed all the components by using the Unified Installer, he is going to set up the connections between the components. Because Jeffs goal is to make sure that Emilys application is monitored, deployed, and upgradable, he needs to ensure that all of the components are working and communicating together. In this chapter, we are going to create all these connections.

Bringing the System Center 2012 Components Together

When we look back at the model of interaction between Emily and Jeff, we see that the Orchestrator and Service Manager components are located in the middle of the model. This is not a coincidence. Service Manager and Orchestrator automate the workflows, the data management required to deliver self-service and efficiently deliver the private cloud SLAs.

50

In this figure we see how the components work together. We will now describe the different connections and then Jeff will configure them in his environment.

Orchestrator and the Integration Packs


Jeff knows that Orchestrator comes with an entire set of automation activities out of the box. But Orchestrator can easily be extended by using integration packs. An integration pack is a combination of activities that can extend the functionality of Orchestrator to provide more automation capabilities and integration into other thirdparty applications. In this evaluation, Jeff is going to use the Integration Packs to System Center 2012. Registering Integration Packs Before we can use an integration pack in Orchestrator, we need to register it. Jeff is going to register four integration packs. 1. Open the System Center 2012 Orchestrator Deployment Manager

51

2.

Right-click on Integration Packs and choose Register IP with the Orchestrator Management Server

3.

On the Welcome to the Integration Pack Registration Wizard select Next

4.

Select the Add button and browse to the location where you stored your Integration Packs

5.

Select the System Center 2012 Virtual Machine Manager Integration Pack and the select Open

52

6.

Repeat this process for the following integration packs: System Center 2012 Data Protection Manager System Center 2012 Operations Manager System Center 2012 Service Manager

7.

Select Next when you have added all the management packs

8.

On the Completing the Integration Pack page, select Finish

53

9.

Accept the End-User License Agreement by selecting Accept. You will have to do this four times (one EULA per integration pack)

Deploying Integration Packs Now that Jeff has registered the Integration Packs, he also needs to deploy them to each Runbook server and to each server / workstation with a runbook designer that will use the integration packs. In our evaluation, Jeff is going to deploy them on the Orchestrator server as this is the server that he is going to use for the evaluation. 1. Open the System Center 2012 Orchestrator Deployment Manager

54

2.

Right-click on Integration Packs and choose Deploy IP to Runbook Server or Runbook Designer

3.

On the Welcome to the Integration Deployment Wizard select Next

4.

On the Deploy Integration Packs or Hotfixes page select the four integration packs that we registered and then select Next System Center Integration Pack for System Center 2012 Data Protection Manager System Center Integration Pack for System Center 2012 Virtual Machine Manager System Center Integration Pack for System Center 2012 Service Manager System Center Integration Pack for System Center 2012 Operations Manager

55

5.

On the Computer Selection Details page, type in the name of the runbook server (in our case this is Orchestrator) and select the Add button. Then select Next

6.

On the Installation Configuration page, Jeff is going to choose to deploy the Integration Packs now. This will stop all the running runbooks on that server. If that would be a problem, then Jeff could have chosen to schedule the installation or to install the Integration Packs without stopping the runbooks and restart the server afterwards.

7.
56

On the Completing the Integration Pack Deployment page, select Finish

8.

You can verify that the deployment is successful by looking at the Runbook Designers folder within the Orchestrator Deployment Manager to see that the Integration Packs are there. You can do the same by looking at the Runbook Servers and selecting Orchestrator to see if the Integration Packs are shown.

Configuring the System Center 2012 Virtual Machine Manager Integration Pack Before Jeff can actually use the Integration Packs, he needs to configure them so that they have a connection to the correct server(s) and that they have a username and password to connect to these servers. In the next steps, Jeff is going to configure the four integration packs that he just registered and deployed. Before Jeff can configure an integration pack, he needs to make sure that the prerequisites are OK. In the documentation on TechNet, he finds all the information that he needs: http://technet.microsoft.com/en-us/library/hh295851.aspx To configure the System Center 2012 Virtual Machine Manager Integration Pack, Jeff needs to have the following prerequisites: System Center 2012 Orchestrator System Center 2012 Virtual Machine Manager (VMM) Windows Management Framework (Windows PowerShell 2.0 and WinRM 2.0)

Jeff has deployed the Orchestrator server and the VMM server in Chapter 3. The Orchestrator server is configured on Windows Server 2008 R2 SP1 so the Windows Management Framework is also covered. Last but not least, Jeff needs to change the execution policy of PowerShell. The execution policy in Windows PowerShell determines which scripts must be digitally signed before they will run. By default, the execution policy is set to Restricted which prohibits loading any configuration files or running any scripts. 1. Right Click on the PowerShell icon and choose Run As Administrator

57

2.

In the PowerShell window, type set-executionpolicy remotesigned and select Enter

3.

Type Y when asked

4.

Jeff is now ready to connect the Integration Pack to the Virtual Machine Manager server. Open System Center 2012 Orchestrator Runbook Designer

58

5.

On the menu bar, select Options and select SC 2012 Virtual Machine Manager

6.

On the Prerequisite Configuration page, select Add

7.

On the Add Configuration page, type in the Name (VMM Connection) and click on the button to add the Type (System Center Virtual Machine Manager). Then fill in the following properties and then select OK VMM Administrator Console: vmm.contoso.com VMM Server: vmm.contoso.com User: administrator Domain: contoso

59

Password: ********** Authentication Type (Remote only): Default Port (Remote only): 5985 Use SSL (Remote only): False Cache Session Timeout (Min.): 10

8.

Select Finish

Jeff has now configured the Integration Pack to connect to Virtual Machine Manager in his environment.

Configuring the System Center 2012 Service Manager Integration Pack Jeff continues by configuring the System Center 2012 Service Manager Integration Pack. Just as before, he reads the prerequisites first:
60

System Center 2012 Orchestrator System Center 2012 Service Manager The Service Manager IP is supported for use only on computers set to use:

o o

The ENU Locale The U.S. English date format (month/day/year)

Jeff doesnt need to do anything special to configure this Integration Pack so he can go directly to System Center 2012 Orchestrator Runbook Designer 1. Open System Center 2012 Orchestrator Runbook Designer

2.

On the menu bar, select Options and select SC 2012 Service Manager

3.

On the Connections page, select Add

61

4.

Fill in the following information, then select the Test Connection button Name: Service Manage Connection Server: servicemgr.contoso.com Domain: contoso User name: administrator Password: ****** Polling: 10 Reconnect: 10

5.

When the window Test connection succeeded appears, select OK and then OK again

6.

Select Finish

62

Configuring the System Center 2012 Operations Manager Integration Pack The next integration pack that needs to be configured is System Center 2012 Operations Manager. Jeff looks again on the TechNet Page and notices that he needs the following prerequisites: System Center 2012 - Orchestrator System Center 2012 Operations Manager Operations Manager console on each computer where an Orchestrator Runbook server or Runbook Designer is installed. Orchestrator will use the Operations Manager console to interact with Operations Manager.

Before configuring the Integration Pack, Jeff installs the Operations Manager console on the Orchestrator server. The procedure for this can be found in the Appendix. Jeff is now ready to connect the Integration Pack to the Operations Manager server. 1. Open System Center 2012 Orchestrator Runbook Designer

2.

On the menu bar, select Options and select SC 2012 Operations Manager

3.

On the Microsoft System Center Operations Manager Connections page, select Add

63

4.

On the System Center Operations Manager Connection Settings page, fill in the following information and select Test Connection Name: OpsMgr.contoso.com Domain: contoso User name: administrator Password: *******

5.

When the Connection successful dialog box appears, select OK twice

6.

Select Finish

64

Configuring the System Center 2012 Data Protection Manager Integration Pack The last integration pack that Jeff wants to deploy is the Data Protection Manager integration pack. As usual, he checks the prerequisites: System Center 2012 - Orchestrator System Center 2012 Data Protection Manager (DPM) Windows Management Framework

All the prerequisites are OK. The integration pack also requires that the execution policy of PowerShell is set to Remote Signed but we already did that when we configured the Virtual Machine Manager integration pack. The System Center Data Protection Manager Integration Pack requires that the PowerShell remoting is enabled. This integration pack uses Windows PowerShell remote commands to communicate with the DPM server, regardless of whether the server is remote or local. If you have not already done so, you must configure the DPM server and the Orchestrator client computer to receive Windows PowerShell remote commands that are sent by the Orchestrator server. To enable PS Remoting: 1. 2. 3. On the DPM server Open a Windows PowerShell (x86) console as an administrator. Type Enable-PSRemoting and select Enter

65

4.

Select Y when asked to continue

5.

Select Y again when asked to perform this action

Jeff can now configure the Data Protection Manager integration pack. 1. Open System Center 2012 Orchestrator Runbook Designer

2.
66

On the menu bar, select Options and select SC 2012 Data Protection Manager

3.

On the Prerequisite Configuration page, select Add

4.

Fill in the following configuration and then select OK DPM Administrator Console: DPM.Contoso.com DPM Server: DPM.Contoso.com User: administrator Domain: Contoso Password: ****** Authentication Type: Default Port: 5985 Use SSL: false Cache Session Timeout: 10

67

5.

Select Finish

Additional Exercise Install Active Directory Integration Pack


If want to perform the remaining exercises in this Private Cloud Evaluation Guide, youll first need to install the Active Directory Integration Pack, otherwise this exercise is optional.

1. 2. 3. 4.

Download the Active Directory Integration Pack: http://www.microsoft.com/download/en/details.aspx?displaylang=en&id=28020 Register the integration pack Deploy the integration pack Configure the integration pack with the information below: Name: Active Directory Connection Type: Microsoft Active Directory Domain Configuration Configuration User Name: administrator Configuration Password: ****** Configuration Domain Controller Name: contoso.com

68

Service Manager and the Connectors


Jeff has created the connections in System Center 2012 Orchestrator. Now he needs to configure the Connectors in System Center 2012 Service Manager. Connectors in Service Manager are used to build the configuration management database, CMDB. The CMDB is created and maintained by importing configuration items (CIs) from Active Directory Domain Services, Operations Manager, Virtual Machine manager, and Configuration Manager There is also a connector that allows you to automatically import alerts from Operations Manager and you can import data manually as well from a CSV file. By having an accurate and easily maintained CMDB, Jeff can accurately create the organizational processes and automated responses required to maintain his private cloud SLAs. For creating the connectors in Service Manager, Jeff logs on to the Service Manager server as a Domain Administrator The Active Directory Connector The Active Directory Connector will import users, groups, printers and computers as configuration items into the Service Manager CMDB database. Those objects then can be used as objects in incidents, requests and so on. Jeff is going to configure this connector. 1. In the Service Manager console, under Administration, click on Connectors

I 2. In the Tasks pane, on the right, select the Create connector button

69

3.

Choose Active Directory connector

4.

On the Before you begin page, select Next

5.

On the General page, type in the following parameters and select Next Name: Active Directory Connector Description: Connector for Active Directory Enable this connector: checked

70

6.

On the Domain or organizational unit page, select the domain then select New to create a specific account for this connection or choose an already created account. In this case, we are going to create a new one.

7.

On the Run As Account page, fill in the following parameters; after that, when back on the Domain/OU page test the connection and select Next Name: Active Directory Account Description: Account to connect to Active Directory Account: Windows Account User name: administrator Password: ******

71

Domain: Contoso

8.

On the Select objects screen, select All computers, printers, users and user groups and select Next

9.

On the Confirm connector settings screen, review your settings and select Create to create the connector

72

10. On the Completion screen, select Close

The Operations Manager Alert Connector The next connector that Jeff wants to connect is the Operations Manager Alert Connector. This connector is responsible for checking on a defined schedule if there are new Operations Manager Alerts. These alerts are then matched against the rule(s) that Jeff will create. The connector can also be configured to work bidirectionally. If an analyst closes an incident that has been created through this connector, the Alert will be closed in Operations Manager and vice versa.

73

1.

In the Service Manager console, under Administration, click on Connectors

2.

In the Tasks pane, on the right, select the Create connector button

3.

Choose Operations Alert connector

4.

On the Before you begin page, select Next

74

5.

On the General page, type in the following parameters and select Next Name: Operations Manager Alert Connector for Critical Only Alerts Description: This is a Connector to connect OpsMgr with Service Mgr for all critical alerts Enable: checked

6.

On the Server Details screen, type in the following configuration and select Next Server name: opsmgr.contoso.com Run As Account: create a new account with the name Operations Manager Account (see procedure above).

75

7.

On the Alert Routing Rules screen, select the Add button to create a new Alert Routing rule

8.

On the Add Alert Routing Rule screen, add the following parameters and then select Next Name: All Critical Alerts Template: Operations Manager Incident Templates Criteria: Severity: Critical

76

9.

Back on the Alert Routing Rules screen, select Next

10. On the Create a schedule page, select the frequency that Service Manager uses to poll Operations Manager and choose whether to auto close the incidents in Operations Manager when they are resolved or closed in Service Manager and whether to resolve the incidents in Service Manager when the alerts are closed in Operations Manager. In our scenario, we are going to select both because we want to autoresolve incidents in Service Manager when they are closed in Operations Manager and when the service desk resolves an alert, it should close the alert in Operations Manager when this alert is not an alert the system can resolve automatically. Select Next

77

11. On the Confirm the connector settings screen, review your selections and select Create

12. Select Close when the connector is created successfully

78

The Operations Manager CI Connector The Operations Manager Configuration Item connector imports objects into Service Manager that are discovered by Operations Manager. 1. In the Service Manager console, under Administration, click on Connectors

2.

In the Tasks pane, on the right, select the Create connector button

79

3.

Choose Operations Alert connector

4.

In the Before you begin screen, select Next

5.

On the General page, fill in the following details and then select Next Name: Operations Manager CI Connector Description: This is the connector to pull the CI information from Operations Manager Enable: Checked

80

6.

On the server details page, fill in the following details and then select Next Server name: OpsMgr.contoso.com Run As Account: Use the same Operations Manager Account as created before

7.

On the Management Packs page, select the Select All checkbox and select Next Jeff wants to make sure that the management packs that are imported in Operations Manager are also imported in Service Manager

81

8.

On the Schedule page, create a schedule that synchronizes this connector every day at 11.00 PM. Now Jeff knows that changes (new discoveries and deletions) during the day will be synchronized in the evening. Select Next

9.

On the Summary page, review your settings and select Create

82

10. On the Completion page, select Close

The Virtual Machine Manager Connector Jeff continues with the Virtual Machine Manager connector. This connector will import objects, such as clouds, templates, and virtual machines. 1. In the Service Manager console, under Administration, click on Connectors

83

2.

In the Tasks pane, select the Create connector button

3.

Choose Virtual Machine Manager connector

4.

On the Before you begin page, select Next

84

5.

On the General page, type in the following details and select Next Name: Virtual Machine Manager Connector Description: Connector used for Virtual Machine Manager Enable this connector: Checked

6.

On the Connection page, fill in the following details and select Next Server Name: vmm.contoso.com Run As Account: VMM Account (create one using the procedures noted above)

85

7.

On the Summary page, review your settings and select Create

8.

On the Completion page, select Close

86

The Orchestrator Connector The System Center Orchestrator Connector provides the capability to synchronously invoke runbooks from within Service Manager through the use of workflows. 1. In the Service Manager console, under Administration, click on Connectors

2.

In the Tasks pane, select the Create connector button

87

3.

Choose Orchestrator connector

4.

On the Before you Begin page, select Next

5.

In the General screen, enter the following parameters and select Next Name: Orchestrator Connector Description: Connector used for Orchestrator Enable the connector: checked

88

6.

On the Connection page, fill in the URL for the Orchestrator Web Service URL. This is http://servername:port/Orchestrator2012/Orchestrator.svc so in our environment this is http://orchestrator:81/Orchestrator2012/Orchestrator.svc. Add also a Run As Account with the name Orchestrator Account as described earlier. Select the Test Connection and when this has succeeded, select Next

7.

On the Sync folder page, you can select which folders in Orchestrator that you want to import. If you choose the \ folder as Jeff is going to do, then you will import all the runbooks from Orchestrator. Select Next

89

8.

On the Web Console URL page, enter the IRL for the Web Console of Orchestrator. This is http://orchestrator:82/ (or http://orchestratormanagementserver:port). Select Next

9.

On the Summary page, review your settings and select Create

90

10. On the Completion page, select Close

Service Manager and the Data Warehouse


After you have deployed the service manager management servers and data warehouse management servers, you need to set up reporting. To do this, you run the Data Warehouse Registration Wizard. This wizard registers the service manager management group with the data warehouse management group. It also deploys management packs from the service manager management server to the data warehouse management server. This process can take several hours to complete. It is advised that you dont turn off any services during this period. You can work with Service Manager during this time without any problems.

91

Registering with the Data Warehouse Jeff is not going to evaluate the reporting now but he sure will want to look into this in a later phase of the evaluation. For now, he is going to register the Service Manager installation with the Data Warehouse 1. In the System Center 2012 Service Manager console, go to Administration

2.

On the Administration Overview page, click on Register with Service Manager Data Warehouse

3.

On the Before You Begin page, select Next

92

4.

On the Data Warehouse page, type in the Server name ServiceMgrDW and select the Test Connection button.

5.

If the connection test succeeds, select Next

93

6.

On the Credentials page, select the DW_ServiceManagerMG SecureReference Run As Account and select Next

7.

The system will request you to enter the Password for these credentials. Enter the password and select OK

94

8.

On the Summary page, review your selections and select Create

9.

When the Report Deployment process popup appears, select OK

10. On the Completion page, select Close

95

How to determine when the Data Warehouse registration is complete Jeff knows that the synchronization process can take up to a few hours. In the meantime, he will continue with his evaluation. During this time, he also would like to check on the status of the registration process. Jeff can see if the initial synchronization process is finished by following this procedure: 1. In the System Center 2012 Service Manager console, go to Data Warehouse > Data Warehouse Jobs

2.
96

In the Data Warehouse Jobs pane, double click MPSyncJob

3.

On the MPSyncJob details page, go to Status and review the Job details list. The management pack deployment process is complete when the status for all of the management packs is Associated or Imported

4.

After the management packs have been deployed (as determined in step 3), make sure that the following five data warehouse jobs appear in the Data Warehouse Jobs pane: Extract_<Service Manager management group name> Extract_<data warehouse management group name> Load.Common Transform.Common MPSyncJob

97

Virtual Machine Manager and Operations Manager


Connecting System Center 2012 Virtual Machine Manager with System Center 2012 Operations Manager allows you to monitor the health and availability of the virtual machines and hosts that VMM manages. You can also monitor the VMM Management server, the VMM database server, library servers, and VMM Self-Service Portal web servers, and see diagram views of the virtualized environment through the Operations console in Operations Manager. As services are deployed in Virtual Machine Manager, a corresponding Distributed Application will be created in Operations Manager. Also, through the connections between Virtual Machine Manager and Operations Manager, you can view reports on the health and utilization of your private cloud infrastructure. Jeff wants to make sure that he has those views. Because Virtual Machine Manager will be crucial in his private cloud, he needs to make sure that every component is healthy. Before he can start connecting Virtual Machine Manager and Operations Manager he needs to verify some prerequisites: Credentials o An account which is a member of the Operations Manager Administrators user role o An account which is a member of the VMM Administrator user role Management Packs o SQL Server Core Library version 6.0.5000.0 or later (http://www.microsoft.com/download/en/details.aspx?id=10631) o Windows Server Internet Information Services Library version 6.0.5000.0 or later o Windows Server Internet Information Services 2003 version 6.0.5000.0 or later o Windows Server 2008 Internet Information Services 7 version 6.0.6539.0 or later (http://www.microsoft.com/download/en/details.aspx?id=9815) Operations Manager console installed on the VMM Server

Since this is an evaluation, he can use the administrator role for the credentials. The procedure on how to import Management Packs can be found in the Appendix. The procedure on how to install the Operations Manager console on the VMM Server can also found in the Appendix. Jeff performs these procedures first and then starts with the connecting procedure. 1. In the System Center Virtual Machine Manager console, go to Settings > System Center

98

2.

On the Settings pane, double click on Operations Manager Server

3.

On the Introduction page, select Next

4.
99

On the Connection to Operations Manager page, enter the following information and then select Next

Server name: OpsMgr Use the VMM server service account: checked Enable Performance and Resource Optimization (PRO): checked Enable maintenance mode integration with Operations Manager: checked

5.

On the Connection to VMM page, fill in the following data and select Next User name: contoso\administrator Password: ******

6.

On the Summary page, review your settings and select Finish

100

7.

A job window will open where you can see if the job succeeds or fails

Summary
In Chapter 3 Jeff installed all the components with the help of the Unified Installer. In this chapter, he configured all the connectors between the System Center 2012 components. He configured the Integration Packs between Orchestrator and the remaining System Center 2012 components, configured the connectors between Service Manager and the remaining System Center 2012 components, and connected Operations Manager and Virtual Machine Manager through their connector. Jeff is now ready to start configuring his environment.

101

Chapter 5: Configuring Your Private Cloud Infrastructure


Overview
In the previous chapter we connected all the components of System Center 2012 together. Now, we are ready to configure the infrastructure components within our private cloud. One of the key tenets of a private cloud is the ability to abstract your diverse set of physical resources into a logical pool that you can delegate to specific users. Jeff wants to be able to give resources to Emily so that she and her team can do their work. The problem is that Emily doesnt ha ve knowledge of the compute resources, the different internal network architecture or the storage topology. In reality, Emily shouldnt be concerned with that. Emily would just like access to a pool of resources to deploy the applications her team needs to deploy. Jeff wants to provide Emily standard choices for memory, storage, which network to connect to and the number of virtual CPUs so that she and her team can easily create a virtual machine and deploy applications without the need to know the underlying infrastructure details. Jeff is going to prepare the private cloud infrastructure now through Virtual Machine Manager. He needs to import the existing Hyper-V host (or hosts, depending on your scenario) and create a network private cloud infrastructure called SEATTLE_EXTERNAL. He also wants to explore some of the other fabric possibilities such as the storage classifications.

Private Cloud Infrastructure Components


When working with the private cloud, it is very important to understand the concept of Infrastructure Components. In the past, most of the datacenter administrators talked in terms of hardware. With the private cloud, we are going to abstract the hardware into pooled resources. Components such as networking, storage and compute (CPU, memory) will be abstracted from the hardware and delegated to Emily. It is Jeffs responsibility to manage the underlying physical resources and just ensure that Emily has the correct amount of resources available to suit her business needs. Emily does not need to know or understand the underlying hardware to be able to do that.

Host Groups
Host groups are used to group virtual machine hosts in meaningful ways, often based on physical site location and resource allocation. Jeff has two datacenters and is going to create a specific host group for this evaluation, and create a structure that matches the Brussels Datacenter. For each group, Jeff can define different parameters based on the infrastructure that will be placed beneath that host group. Jeff starts with creating the Seattle host group. 1. In the Virtual Machine Manager console, go to VMs and Services > All Hosts

102

2.

On the ribbon, select Create Host Group

3.

Give it the name Seattle

4.

Jeff also is going to have a quick look on how he can create a tree for a datacenter that Contoso has in Brussels. Below you see the examples.

103

5.

Jeff realizes that he can do some great things with the host groups. However, because he is still evaluating the private cloud, he is going to keep working with the Seattle host group. Jeff right-clicks on host group and select's Properties to adjust some settings specific for that host group.

6.

On the General page, you see the name that you gave the host group when you created it. You can add a description here, change the location if necessary, and decide if you want to allow unencrypted file transfers. Type in the following data: Description: Main host group for the Seattle Datacenter

104

7.

On the Placement Rules page, you can define specific placement settings for this host group

8.

On the Host Reserves page, Jeff decides to change a few settings specific for the Seattle hosts. Change the settings to the following parameters: CPU: 5 % Memory: 256 MB Disk I/O: 0 IOPS Disk space: 1 % Network I/O: 0 %

105

9.

On the Dynamic Optimization page, Jeff looks at the specific options that he has to balance the virtual machine load within a host cluster. Because Jeff doesnt have a cluster in this evaluation it isnt that important, but it is good to see that he has many options to work with. He also selects the Settings button to look at the power optimization settings.

10. After looking at the Power Optimization settings, select OK

106

11. On the Network page, Jeff doesnt see any network resources yet. But since we still need to create the private cloud infrastructure, they will appear here later on.

12. On the Storage page, you can review the Storage allocated to this host group. Again, since we didnt create any private cloud infrastructure yet, we dont see any storage here.

107

13. On the Pro Configuration page, you can view the settings for the Pro Monitors. You can overrule the inheritance and change the settings specific for this host group.

14. On the Custom Properties page, you can manage Custom Properties for your hosts.

108

Networking
Jeff now has some host groups created. In his evaluation, he is only going to use the Seattle host group and now he wants to create a logical network for that host group together with some predefined IP addresses that can be used when deploying the servers for Emilys application.

Create Logical Network


Jeff is going to create a network in Virtual Machine Manager. This network is called the SEATTLE_EXTERNAL network. When your server is connected to this network, you will get internet access. It is perfectly possible that you dont have a specific network. In our evaluation, we only have one network on the host and that network will be imported when we are going to import the hyper-v host. The next exercise is just to create a feeling about how to create a logical network and what the possibilities are 1. In the Virtual Machine manager console, go to Fabric > Networking

109

2.

On the ribbon, select Create Logical Network

3.

On the Name page, fill in a name and description for the network. Please note that a well-chosen name and description are crucial here. Dont forget that it will be Emily that will chose some of these private cloud infrastructure or resources so she will need to know what network it is and what the function of that network is. Select Next Name: Exterior Seattle Network Description: Network that gives access to the Internet

4.
110

On the Network Site page, select the Add button

5.

Select the specific host group (Seattle) and fill in the IP Subnet in. For this example, Im using the 10.0.0.1/24 subnet and no VLAN. If you have a VLAN, you need to fill it in here. Also, you can change the Network site name from the suggestion. Select OK

6.

On the Summary page, confirm the settings and select Finish

111

Create IP Pool
Now that Jeff has created a logical network he is going to create an IP Pool for that logical network. 1. In the ribbon, select Create IP Pool

2.

On the Name page, select the Seattle Network and type in the information for the IP Pool. Then select Next Name: Internet Seattle Pool Description: All IP-addresses that can be used to connect to the internet from the Seattle Host Group Logical Network: Exterior Seattle Network

112

3.

On the Network Site page, select Use an existing network site and make sure that the correct Seattle Network is selected. Then select Next

4.

On the VIP and Reserved IPs page, fill in the starting IP address and ending IP address. This will give you your total number of IP addresses that can be used in that pool. You can also specify specific IP addresses reserved for load balancers or for other reasons. Jeff fills in the following data as example and then select Next Starting IP address: 10.0.0.10 Ending IP address: 10.0.0.49 IP addresses reserved for load balancer VIPs: 10.0.0.25

113

5.

On the Gateway page, you can specify a gateway for that IP pool. Jeff fills in the IP address for the gateway (10.0.0.1) in that network. Select Next

6.

On the DNS page, you can fill in the IP of the DNS server(s) for that network. You can also specify a DNS suffix. Jeff fills in the DNS server 10.0.0.2. Select Next

114

7.

On the WINS page, you can specify WINS servers. Jeff doesnt have those anymore so he selects Next

8.

On the Summary page, review your selections and settings and select Finish

115

Create VIP Template


Jeff decides to create a VIP template also as Emily will probably need a load balancer in the near future. 1. On the ribbon, click Create VIP Template

2.

On the Name page, fill in the name for the template, the description and the Virtual IP port and then select Next Template name: Seattle VIP Template Description: The template is used for the webservers in the Seattle Host Group Virtual IP Port: 80

116

3.

On the Type page, Jeff selects to create a Specific type because he knows that he is going to use the Microsoft Network Load Balancing feature in the future. Select Next after selecting Microsoft as manufacturer and the correct Model: Network Load Balancing (NLB)

4.

On the Protocol page, Jeff selects the TCP protocol and then he selects Next

117

5.

On the Persistence page, Jeff leaves the Enable persistence open and selects Next

6.

On the Summary page, review your selections and select Finish

118

Storage
Now that Jeff has configured the network private cloud infrastructure, he wants to explore the storage section as well. Unfortunately, because this is an evaluation he doesnt have storage that meets the SMI -S specification (http://www.snia.org/tech_activities/standards/curr_standards/smi). Storage that is SMI-S capable is necessary to allow Virtual Machine Manager to automatically discover storage. So for this evaluation, he is just going to explore the classifications. Jeff knows he that he will have to configure SMI-S when he goes into production. He reads about it on the TechNet documentation (http://technet.microsoft.com/en-us/library/gg610600.aspx) and sees the possibilities for more automation in the future. 1. Go to fabrics > Storage

119

2.

On the ribbon, select Create Classification

3.

On the Create a storage classification page, enter a name and description for the storage and select Add

4.

In this example, Jeff has created classifications for Bronze, Silver and Gold storage as he will do when going into production.

120

Compute
Jeff has made all the preparations to start importing his Hyper-V server. This is the last fabric he is going to configure. Because the Hyper-V server already exists, all he needs to do is add the server to the Seattle host group. Virtual Machine Manager will automatically deploy the agent to the host and add that host as a managed entity in Virtual Machine Manager. Jeff doesnt need to create the same virtual network that already is configured on the host or add the storage (which is local storage in this evaluation) as Virtual Machine manager will automatically import the network configuration. 1. In Virtual Machine Manager, go to Fabric > Servers

121

2.

On the ribbon, select Add Resources > Hyper-V Hosts and Clusters

3.

On the Resource Location page, select Windows Server computers in a trusted Active Directory domain and select Next

4.

On the Credentials page, select Use an existing Run As account and select Browse

122

5.

On the Select a Run As Account, select Create Run As Account

6.

On the Create Run As Account, type in the Name and Description for the account. Because Jeff is evaluating, he choose his own account for now. In a real production environment, he will never choose his own user but a specific run as user. Type in the password for Jeff (twice) and select OK

123

7.

On the Select a Run As Account page again, you can now select the Domain RAA account. Select OK

8.

Back on the Credentials page, select Next

124

9.

On the Discovery Scope page, select Specify Windows Server computers by names and type in the name of your host in the text box. (Hyperv02). Select Next

10. On the Target resources page, select the discovered server and select Next

125

11. On the Host settings page, select the Seattle host group, type in the path where you want to store your virtual machines (in our evaluation environment, this is a local path) and select Next

12. On the Summary page, review your selections and select Finish to add the host to your environment

126

13. When the job is finished, you will be able to see your host added to the Virtual Machine Manager console

14. You will also see that under Fabric > Networking > Logical Networks the configured network on the host is now visible

Summary
Jeff has created private cloud infrastructure. He also investigated the possibilities he will have in a true production environment. Now that Jeff is ready with all the preparations, he is ready to move on to the next chapter, and build a cloud for Emily and her team. In that chapter, Jeff will see the true value of creating a pool of resources.

127

Chapter 6: Building Clouds


Overview
Now that weve configured our infrastructure components through Virtual Machine Manager, we are ready to define our first cloud. In this chapter, we are going to build our first cloud and create a self-service user that will be able to consume resources from that cloud.

Our First Cloud


Jeff wants to build a cloud for Emily and her team. He wants to give her the ability to use resources that he defines. Jeff is going to use the set of pooled resources he created in the previous chapter In the Virtual Machine Manager console, go to VMs and Services > Clouds

In the ribbon, select Create Cloud

On the General page fill in the name and description for Emilys cloud. Normally, you would not create a cloud for each individual user or use case, but for this evaluation purpose, we are labeling the cloud Production Emily Cloud to allow us some distinction in the future. Select Next

128

On the Resources page, select the Seattle host group and select Next. This means that servers, services or applications that will be deployed in this cloud will only be able to run on hosts that are located in the Seattle host group. This is exactly what Jeff wants for this evaluation.

On the resources page, select the virtual network that you are going to use. Only the virtual networks that are attached to a host located in this host group will be visible and selectable. Select Next

129

On the Load Balancers page, select the load balancers that you want to use. Although it is not yet necessary, Jeff decides to select the load balancer for possible use in the near future. Select Next

On the VIP Profiles page, select the Seattle VIP Template that we created earlier. When Emily would use the load balancer that we previously selected, she will be able to select this configuration. Select Next

130

On the Storage page, Jeff cant select any storage resources because he doesnt have storage that supports SMI-S in this evaluation. If he could, he would choose classifications that he would like to give to this cloud (for example: Gold, Silver, Bronze storage). Select Next

On the Library page, Jeff is able to select library shares that will be usable for this private cloud. Since Jeff doesnt know yet how the library is going to look, he decides to wait with this until he is ready with configuring the application for Emily. Select Next

131

On the Capacity page, Jeff creates the capacity for this cloud. Now that all infrastructure components are abstracted, he can give Emily a cloud with certain parameters. If necessary he can grow this cloud afterwards. For now, he gives Emily the following capacity: Virtual CPU: 10 vCPU Memory (GB): 4 GB Storage (GB): 300 GB storage Custom Quota: Unlimited (this is backwards compatibility for VMM 2008 R2 which will not be used in this evaluation) Virtual machines: 5 Select Next

132

On the Capability Profiles page, Jeff selects Hyper-V to be able to use all the capabilities of Hyper-V. In

this evaluation he is not going to use another hypervisor. In production, Jeff knows that he also has the ability to add his Citrix XenServers and VMware vSphere Servers to clouds. Select Next

On the Summary page, review your selections and select Finish

Building the Management Cloud


This is an additional exercise and is not necessary to complete the rest of the evaluation guide. But it will give you better insight when using other components of System Center 2012 during this evaluation of the private cloud.
133

Jeff has built his first cloud for Emily. He has seen that this cloud brings a lot of possibilities and therefore he also wants to build a cloud for all his infrastructure servers. Jeff therefore builds a cloud with the following parameters: Parameter Name Description Resources Logical Networks Load Balancers VIP Profiles Storage Library Capacity Capability Profiles Pro Configuration Pro State Custom Properties Value Production Management Cloud Management Cloud that contains all the servers necessary to manage this private cloud environment All Hosts Virtual Virtual Network None None None None All unlimited All None None None

Add Servers to a Cloud


This exercise can only be performed if you have built the Management Cloud in the previous exercise. If you didnt build this cloud, you can skip this exercise. In the future, every Virtual Machine that will be deployed will be added to a cloud. Jeff wants to add his management servers that already exist to his Management Cloud. Therefore, he is going to change the properties of his management servers so that they are added to his management cloud. 1. In the Virtual Machine Manager interface, go to VMs and Services > All Hosts > Seattle > Hyperv02

134

2.

On one of the management virtual machines, right-click on it and choose Properties

3.

On the General page, click on the Cloud parameter and choose Production Management Cloud and select OK.

135

Additional Exercise: Do the same for all of the management servers.

Creating a Self-Service User


Emilys production cloud has been created. Because one key aspects of the private cloud is self-service, Jeff is going to authorize Emilys team with some certain actions in that cloud. Although the team will be able to do a lot themselves, Jeff still wants certain actions limited. For that purpose, he is going to create a self-service user role in Virtual Machine Manager that enables Emily and her team to work on their application, but have no access to the underlying physical infrastructure. 1. In the Virtual Machine Manager console, go to Settings > User Roles

136

2.

On the ribbon, select the Create User Role button

3.

On the Name and Description page, fill in a name and description for this self-service user role. (Name: Production Emily Application Cloud Self-Service User). Then select Next

137

4.

On the Profile page, select Self-Service User and select Next

5.

On the Members page, select Add and select the security group ProductionEmilyCloud from Active Directory. Then select Next

6.

On the Scope page, select Production Emily Cloud and select Next

138

7.

On the Quotas for page, Jeff sees that he has the ability to select two types of Quotas. One for the entire role (the security group in this case) and one for each member of that role. This means that he can give a total quota for the role in this cloud and per user a more limited quota. Since Jeff has created this cloud specifically for that team, he is going to give the maximum for the role, but he is going to limit the quota per user. This will prevent any one team member from taking all of the available resources. Change the quota selections according to the screenshot (or your own selections) and select Next Role Level Quotas Virtual CPUs: Use maximum Memory (MB): Use maximum Storage (GB): Use maximum Custom Quota: Unlimited Virtual machines: Unlimited Member Level Quotas: Virtual CPUs: 2 Memory (MB): 4096 Storage (GB): 150 Custom Quota: Unlimited Virtual machines: 2

139

8.

On the Resources page, you can add the specific resources (templates, scripts etc) that this user is allowed to use. Jeff is leaving this blank for this moment but will have to adjust this when he is going to configure the application. Select Next

9.

On the Actions page, select the permitted actions for the user role. Jeff decides that Emilys team will have the rights to Deploy (From template only), Pause and resume, Shut Down and Start. If Jeff notices that these rights are not enough, he can always change them afterwards. Select Next

140

10. On the Run As accounts page, Jeff selects the Domain RAA account by selecting Add This means that Emily and her team are able to perform actions on their servers and services with this account without knowing the password. Jeff realizes that this is a very powerful item. With this run as accounts possibilities, Emily will be able to join servers to the domain (through the templates) and so on without having a user and password for doing this. Select Next

11. On the Summary page, review your selections and select Finish

141

Looking at the Cloud Overview


Jeff has created some clouds today; he also has created a user-role for Emily and now wants to have a quick overview of the Emily cloud. In Virtual Machine Manager, he can easily see the overview. 1. In Virtual Machine Manager, go to VMs and Services > Production Emily Cloud

2.
142

On the ribbon, make sure that Overview is selected

3.

Now you can see the different settings for this cloud, including the user roles attached to it and their quotas.

Summary
Jeff easily deployed the cloud for Emily and her team. Because Jeff abstracted the resources into a pool he could simply define the virtual CPUs, amount of memory and so on for Emily to start building her application or service. In the next chapter, Jeff is going to prepare the service configuration so that Emily has all the resources she needs to start deploying her application.

143

Summary
In Part 1 of the Private Cloud Evaluation Guide, we have walked through the installation of the management components for the private cloud. We have also walked through the configuration and deployment of the private cloud infrastructure components. We have shown through this evaluation guide that you can setup your infrastructure to pool the resources and provide the compute, network, and storage for your private cloud. Now, in part 2 of this guide, we will show you the benefits of Application Performance Management, and Service Delivery and Automation.

144

Part 2 Application Performance Management and Service Delivery & Automation

145

Chapter 7: Creating Services


Overview
With the infrastructure now completely in place, Jeff is ready to focus on the service Emily has requested. He begins to consider all the tasks which need to be completed in order to deploy the service. The business application that Jeff will be modeling as a service in Virtual Machine Manager is called BlogEngine and will be implemented as a single-tier service. However, prior to creating the service Jeff will also need to create a second application to enable him to successfully package BlogEngine as a Virtual Application. This Packaging service will contain a machine with both Microsoft WebDeploy and Microsoft Server App-V Sequencer. While deploying new services, Jeff prefers to use static IPs in preference to dynamic addresses (DHCP). To facilitate this, Jeff plans to use IP pools with the network interfaces of the virtual machines in the service tiers. We have a lot of ground to cover in this chapter, and the following task list will function as our guide in delivering Emily her BlogEngine .NET service, in addition to doubling as a foundation for additional services which Jeff will need for future deliveries.

Task List
Preparation Work o Create IP Pool o Add Resources to a library o Create a Virtual Machine to be used as template o Create Virtual Machine o Create a Clone o Create VM Template Sequencer Service o Create & Deploy Service Template o Sequence BlogEngine Application o Add a Custom Resource to the Library o Create & Deploy BlogEngine Service Template

Create IP Pool
Jeff is going to create an IP Pool for the Virtual Virtual Network. The IP Pool will be used later to assign static IPs as we add machines to Emilys service. 1. 2. From the Virtual Machine Manager Console, in the Fabric workspace, with the Network Node expanded, select the Logical Networks branch. On the context aware ribbon, choose Create IP Pool or, right-click on Virtual Virtual Network and select Create IP Pool

146

3.

The Create Static IP Address Pool Wizard will appear, on the Name page, select the Virtual Virtual Network from the Logical Network drop-down list, and enter the following information, then select Next Name: Virtual Network IP Pool Description: IP Pool for the Virtual Network

4.

On the Network Site page, select the option Create a network site and provide the following information: Network site: Seattle Virtual IP IP Subnet: 192.168.1.0/24 (or what fits your network range that you have chosen during the setup of your environment) Host groups: Seattle Select Next

147

5.

On the VIP and Reserved IPs page, provide both the Starting IP address and Ending IP address in the adjacent text boxes. Optionally, you may also specify IP addresses reserved for load balancers VIPs and IP addresses reserved for other reasons. The following table covers the details which Jeff has decided to provide for his environment, after which he selects Next Starting IP address: 192.168.1.20 Ending IP address: 192.168.1.30

6.

On the Gateway page, we are offered the opportunity to specify gateway addresses associated with the IP pool. For Jeffs environment in the Gateway Address text field, he enters 192.168.1.1, and then selects Next

148

7.

On the DNS page, we are again offered the option of providing the IP of the DNS server(s) for our network. Additionally, we can also specify any DNS suffix for the pool. Jeff enters in the DNS server Address list box, the address 192.168.1.10. Select Next

8.

On the WINS page, if WINS is still in use, you can specify any required WINS servers. Jeff doesnt have those any longer so he selects Next

149

9.

On the Summary page, review your selections and settings and then select Finish

Add Resources to a library


Currently our Library contains no resources; we will first explore the library share and create some new folders for the resources. After updating the library view in VMM, we will then import an ISO. 1. From the Virtual Machine Manager Console, in the Library workspace, with the Library Servers node expanded, select the VMM.contoso.com branch.

150

2.

Right-click on branch called MSSCVMMLibrary and choose Explore

3.

After a few moments Windows Explorer appears, create the following folders: Under MSSCVMMLibrary: EmilyCloudResources Under EmilyCloudResources: ISO Under EmilyCloudResources: VHDs

151

4.

Back in the Virtual Machine Manager console, we can force a refresh of the library to detect the new folders (By default, VMM refreshes the library once an hour). Right-click on node VMM.contoso.com and select Refresh

5.
152

On the context aware ribbon, choose Import Physical Resource

6.

The Import Library Resources wizard will appear. Click on the Add Resource button, using the browse dialog navigate to your Windows Server 2008 R2 SP1 ISO media and click OK. In the Select library server and destination for the imported resources section, select the Browse button and choose to the library location which we created a few moments ago, \\VMM.contoso.com\MSSCVMMLibrary\EmilyCloudResources\ISO

7.

Select Import to add the chose ISO to the selected Library

153

8.

A progress dialog will be presented while the resource is imported

Create Virtual Machine


As Jeff currently has no virtual machines on his cloud, we first need to create a new virtual machine. 1. From the Virtual Machine Manager Console, in the VMs and Services workspace, with the Clouds node expanded, select Production Emily Cloud

154

2.

On the context aware ribbon, choose Create Virtual Machine

3.

The Create Virtual Machine Wizard will appear. On the Select Source page, select the option Create the new virtual machine with a blank virtual hard disk and then select Next

155

4.

On the Specify Virtual Machine Identity page provide the following details, then select Next Virtual Machine name: Windows 2008 R2 SP1 base image Description: Windows 2008 R2 SP1 base image

156

5.

On the Configure Hardware page, we will accept all the defaults, except for the following entries, and then select Next Compatibility: Hyper-V Network Adapter: Connected to Virtual - Virtual Network Hard Disk: Create a new virtual hard disk. Type: Dynamic. Size: 40 GB

6.

On the Select Destination page, choose Deploy the virtual machine to a private cloud and then select Next

157

7.

The Select Cloud page will then appear, offering a star rating for clouds which we have access to (As Jeff is an administrator, each Hyper-V host participating in the cloud will be presented with its own star rating. If you are using more than one Hyper-V host, select the host with the best rating). Select Production Emily Cloud and select Next

158

8.

On the Add Properties page, set the actions as follows, then select Next o Action to take when the virtualization server starts: Never automatically turn on the virtual machine Jeff will take another option in production but because this is a POC environment he chooses this option so that it doesnt get overloaded when the physical machine starts. o Action to take when the virtualization server stops: Shut down guest OS

9.

Finally the Summary page will be presented, so you can review your choices, and then select Create to begin the creation and deployment.

159

Install Virtual Machine


Our new virtual machine currently only has a blank hard disk, with no operating system. We now need to install an operating system to our virtual machine using the ISO we placed into our library. 1. From the Virtual Machine Manager Console, in the VMs and Services workspace, with the Clouds node expanded, select Production Emily Cloud In the VMs view, our new virtual machine will appear. Right-click on the virtual machine and choose Properties from the context menu

2.

160

3.

In the Windows 2008 R2 base image Properties on the Hardware Configuration page, select he Virtual DVD Drive. Attach the ISO that we placed in the library to the virtual machine by selecting the Browse button and choosing the ISO from the library. Select OK

4.

A new VMM job will begin to attach the ISO to the Virtual machine. The status of the job can be viewed on the VMs list.

5.

After the job has completed, right-click on the Virtual Machine to present the context menu, and select Power On, then repeat and select the option Connect via Console

6.

The Virtual Machine Viewer will be presented, and the first page of the Windows 2008 R2 installation wizard will be visible running on the console. On the OS Installation Wizard select the following choices and then click Next Language to install: English

161

Time and currency format: English (United States) Keyboard or input method: (Choose your own keyboard layout)

7.

In the next window, select Install Now

162

8.

We can now choose your Operating System. For this evaluation, we are going to choose Windows Server 2008 R2 Enterprise (Full Installation) for our virtual machine, and then select Next

9.

On the License terms page, choose I accept the license terms and then select Next

163

10. For the Installation Type, choose the Custom (advanced) installation

11. Select the Disk on to which you plan to install the OS. Note: This will be the blank virtual disk .vhd that you have created while deploying the virtual machine. Select Next
164

12. Installation should now begin; this will take a little time to complete.

13. After the installation has completed, you will be presented with a screen requesting that you change the local administrator password. We will select OK here
165

14. The Change password screen for the local administrator will be presented, provide the password, confirm the password (see passwords in this evaluation guide but you are free to choose your own password), and then select the blue arrow.

166

15. Once you receive a confirmation that the change has been completed, select OK

16. After a few moments the Windows desktop should appear, and we can now Shut Down the virtual machine.

17. When prompted, provide a reason for shutting down the machine, and then select OK

167

18. Finally, we can close the Virtual Machine Viewer console

Create a Clone
This is an additional exercise which you may skip. However, if you want to perform the exercise that creates a windows server template with SQL Server sysprepped, you must first complete this step. 1. From the Virtual Machine Manager Console, in the VMs and Services workspace, with the Clouds node expanded, select Production Emily Cloud In the VMs view, our new Virtual Machine will appear. Right-click on the Virtual Machine and choose Create > Clone from the context menu

2.

3.

The Create Virtual Machine Wizard will launch. On the Specify Virtual Machine Identity page, in the Virtual Machine Name text box enter Windows 2008 R2 base image plus SQL R2 and then select Next

168

4.

On the Configure Hardware page, leave all the settings and select Next

5.

On the Select Destination page, select Deploy the virtual machine to a private cloud and then select Next

169

6.

On the Select Cloud page, select Production Emily Cloud and then select Next (Note: The details tab now reports that we have 4 out of 5 machines left, which matches with the quota we assigned in Chapter 6)

170

7.

On the Add Properties page, set the actions as follows, and then select Next Action to take when the virtualization server starts: Never automatically turn on the virtual machine Action to take when the virtualization server stops: Shut down guest OS

8.

Finally the Summary page will be presented, so you can review your choices, and then select Create to begin producing your new Clone Machine.

171

Create a VM Template
Now that we have deployed our virtual machine and installed Windows 2008 R2 operating system, Jeff is now ready to generate a template of this machine for storage in his library. 1. From the Virtual Machine Manager Console, in the VMs and Services workspace, with the All Hosts node expanded, select the Seattle branch

172

2.

In the VMs view, our currently created virtual machines will appear. Right-click on the first virtual machine and choose Create > Create VM Template

3.

A notification window will be presented to warn that creating a template will actually destroy the currently deployed virtual machine. We are going to select Yes and accept the warning since the purpose of our virtual machine is specifically to create a template. Note: If you followed the previous step, then you already have a clone of this virtual machine appearing in VMs List.

4.

The Create VM Template Wizard will be presented. On the VM Template Identity page, in the VM Template name text box, enter Windows 2008 R2 SP1 base image, and select Next

173

5.

On the Configure Operations System page, under General Settings, select Admin Password

6.

Choose the option Select a Run As account for the local administrator account and then select Browse

174

7.

In the Select a Run As account dialog, choose the option Create Run As Account

8.

The Create Run As Account dialog will be presented. We can now provide the following information and select OK to save Name: Local Password User name: administrator (do not prefix with contoso\ as we are providing a local administrator account) Password: ****** (provide and confirm your password) Validate domain credentials: unchecked In the Select a Run As Account dialog, select the new account and then select OK

175

9.

Still on the Configure Operations System page, under General Settings, select the Product Key section. As Jeff is only running this exercised for evaluations, he doesnt worry about the Product Key, while in his production environment he uses a Key Management Services (KMS). Proceed to the Networking section and select Domain/Workgroup Depending on the ISO used in the library, you may be required to add a product key. A non-eval version ISO will get blocked during the automatic deployment as it requires a product key. Check this page for KMS keys: http://technet.microsoft.com/en-us/library/ff793421.aspx

176

10. Select the Domain option, and in the text box enter Contoso. Next choose the option Select the Run As account to use for joining the domain, select Browse, and then choose the Domain RAA which we created earlier in Chapter 5. We can now select Next and progress to the next stage

11. On the Select Library Server, we now select VMM.Contoso.com as our library server to store our template, and then click Next

177

12. On the Select Path page, select Browse to navigate to VMM.Contoso.com > MSSCVMMLibrary > EmilyCloudResources > VHDs as the location to store our template and then select OK

13. With the Virtual machine path defined, now select Next

178

14. On the Summary page, review the settings and select Create to generate the template.

15. From the Virtual Machine Manager Console, in the Jobs workspace, the Job recent jobs page will permit you to follow the creating of the template in detail
179

Create a Virtual Machine with SQL Server 2008 R2 Sysprepped


This is an additional exercise which you may skip. This exercise can only be performed if youve already completed the clone exercise earlier.

To gain additional experience Jeff would also like to generate a virtual machine which also includes a copy of SQL 2008 R2 installed ready for use as a SQL VM Template. This particular image is not required for Emilys service, but should be easy to create using the VM Clone Jeff decided to create a little earlier. 1. From the Virtual Machine Manager Console, in the VMs and Services workspace, with the All Hosts node expanded, select the Seattle branch In the VMs view, our currently created virtual machines will appear. Right-click on the remaining virtual machine which is currently powered off and choose Power On

2.

180

3.

Right-click again and from the context menu choose Connect or View > Connect via Console

4.

The Virtual Machine Viewer will be presented, and the OS should shortly be ready to accept the CTRL ALT DEL key sequence to logon to the virtual machine. Provide the local administrator credentials, and after a few moments the windows desktop should appear.

181

5.

Launch Windows Explorer and create a folder on the C: drive called SQLEval

6. 7.

Copy the sources from SQL 2008 R2 (that you have downloaded in Chapter 3) to the C:\SQLEval folder Right-click on Setup.exe and choose Run as administrator

182

8.

If you receive the message that SQL Server 2008 R2 Setup requires .NET Framework, select OK to allow installation.

9.

On the SQL Server Installation Center page, in the left short cut list select Advanced, and then choose Image preparation of a stand-alone instance of SQL Server

183

10. The Setup Installer will launch. On the Setup Support Rules page, verify that all the rules have passed and then select OK

11. On the License Terms page, select I accept the license terms and then select Next

12. On the Setup Support Files page, select Install

184

13. On the Setup Support Rules page, verify that all rules have passed and then select Next

14. On the Feature Selection page, select Database Engine Services and Full-Text Search and then select Next

185

15. On the Instance Configuration page, change the Instance ID to SYSPREPSQL and select Next

16. On the Disk Space Requirements page, select Next

186

17. On the Prepare Image Rules page, verify that that the rules have passed and then select Next

18. On the Ready to Prepare Image page, review your settings and select Prepare

187

19. On the Complete page, select Close to complete the setup process

20. Back on the desktop, we can now select to Shut down the virtual machine

188

Create a VM Template with SQL Sysprepped


This is the final part of the additional exercise that you may skip. This exercise can only be performed if youve already completed the Create a Virtual Machine with SQL 2008 R2 sysprepped exercise earlier.

189

Following the same process which Jeff completed earlier to Create a VM Template, we are going to repeat the exercise to generate a template with SQL Pre-Staged. 1. From the Virtual Machine Manager Console, in the VMs and Services workspace, with the All Hosts node expanded, select the Seattle branch

2.

In the VMs view, our currently created Virtual Machines will appear. Right-click on the remaining Virtual Machine and choose Create > Create VM Template

3.

A notification window will be presented to warn that creating a template will actually destroy the currently deployed virtual machine. We are going to accept the warning and select Yes, as the purpose of our virtual machine was specifically for creating a template.

190

4.

The Create VM Template Wizard will be presented, On the VM Template Identity page, in the VM Template name text box enter Windows 2008 R2 SP1 SQL R2 base image, and select Next

5.

On the Configure Operating System page, change the following settings and then select Next Configure Operating System - Admin Password: Local Password Run As Account (Created earlier) Domain/Workgroup Join Domain: Domain: Contoso Run As Account: Domain RAA (Created earlier)

191

6.

On the Select Library Server, we now select VMM.Contoso.com as our library server to store our template, then select Next

192

7.

On the Select Path page, select Browse to navigate to VMM.Contoso.com > MSSCVMMLibrary > EmilyCloudResources > VHDs as the location to store our template, then click OK. With the Virtual machine path now defined, select Next

193

8.

On the Summary page, review your settings and select Create

9.

From the Virtual Machine Manager Console, in the Jobs view, the Job recent jobs page will permit you to follow the creating of the template in detail

Create a Service Template


With the virtual machine templates now in the library, Jeff is ready to create his first service template. The initial template will be utilized to automatically deploy the Server App-V Sequencer machine. This will be used for sequencing the application which will be deployed for Emilys team. 1. From the Virtual Machine Manager Console, in the Library workspace, select Templates > Service Templates

194

2.

On the context aware ribbon, select Create Service Template

3.

The New Service Template dialog will be presented. Set the Name text to Sequencer Template, the Release to 1 and choose Single Machine (v1.0) pattern

4.
195

On Virtual Machine Service Template Designer canvas, drag the Windows 2008 R2 SP1 base image

from the VM Templates pane to the Single Tier on the designer canvas.

5.

Right-click on the Single Tier machine and then select Properties from the context menu

6.

Jeff will now modify the configuration to fine tune the sequencer machine to his requirements, including adding both WebDeploy and Server App-V Sequencer. He begins by altering the Virtual Hardware Memory to 1024 MB

196

7.

Next, Jeff would like to replace the default legacy network adapter with the synthetic network adapter. Note: The synthetic network adapter (network adapter) requires the installation of Hyper-V Integration Components, and is unsuitable for use with PXE services, however offers vast performance improvements . Select the Legacy Network Adapter and then click Remove from the menu bar.

8.

From the menu bar, click Network Adapter > Network Adapter to add a new synthetic network adapter

197

9.

Configure the added Network Adapter 1 with the following parameters: Connected to: Virtual Virtual Network Static IP: IP protocol version: IPv4 only MAC Address: Static Select the OS Configuration page

10. On the OS Configuration page, with Identity Information selected, change the Computer name to Sequence###. Jeff knows that ### will be automatically translated to a sequenced number. So the first sequencer to be deployed will automatically be named Sequence001.

11. Select the Operating System settings. Set Operating System to 64-bit edition of Windows Server 2008 R2 enterprise
198

12. On the Roles settings, select the following: Web Server (IIS) Application Development Basic Authentication IIS 6 Management Compatibility IIS 6 Metabase Compatibility IIS 6 Scripting Tools IIS 6 Management Console IIS 6 WMI Compatibility IIS Management Console IIS Management Scripts and Tools Management Server Management Tools WebDAV Publishing

199

13. On the Features setting, select the following: .NET Framework 3.5.1 Features .NET Framework 3.5.1 Background Intelligent Transfer Service (BITS)

14. On the Domain / Workgroup settings, verify that the Domain and Run As Account are still correct. Then select the Application Configuration page

200

15. On the Application Configuration page, Jeff is now ready to configure the application deployment of both WebDeploy and the Server App-V Sequencer. Set the Application Profile to Default Create new application settings

16. Select OS Compatibility and choose 64-bit edition of Windows Server 2008 R2 Enterprise

201

17. To add our first application, called WebDeploy, we will use an install script. Select Add > Script.

18. On the script properties page, Jeff enters the following details, then selects the Advanced button Script command type: Pre-Install Executable program: cmd.exe Parameters: /q /c InstallWebDeploy.cmd Script Resource Package: WebDeploy_x64_en-US_2.0.1070.cr (2.0.1070) Run As Account: NT AUTHORITY\System Timeout (seconds): 900

202

19. On the Advanced script command settings dialog, change the Action when matched from the dropdown to Warn and Continue and select OK

20. For our second application, called App-V Sequencer, we will also use an install script. Select Add > Script

203

21. On the script properties page, enters the following details, then select Advanced Script command type: Post-Install Executable program: cmd.exe Parameters: /q /c InstallSAVSequencer.cmd /w Script Resource Package: SAV_x64_en-US_4.7.27.1491.cr (4.7.27.1.1491) Run As Account: NT AUTHORITY\System Timeout (seconds): 900 On the Advanced script command settings dialog, change the Action when matched drop-down and set to Warn and Continue and select OK

22. With both applications now configured for scripted install, click OK to close the Machine Tier 1 Properties dialog. From the ribbon, select Save and Validate. The validation process will take a few
204

moments, assuming there are no errors or warnings you can proceed to deploy the service.

23. To begin the deployment, from the ribbon, select Configure Deployment

24. The Select name and destination dialog is presented. In the Name text box, provide Sequencer as the service name and choose the Destination for the service as Production Management cloud. If you have not previously created this cloud you may also deploy the service to Emilys cloud

25. The Deploy Service - Sequence dialog appears next. Here you can review and confirm all settings are correct, including the machine name prior to deployment

205

26. When you are ready, from the ribbon, click Deploy Service

27. The Are you sure dialog for Deploy Service is presented, confirm by selecting Deploy

28. Similar to all other VMM jobs, you can monitor the progress of the new service deployment by switching to the Jobs View

206

29. Once the Service Instance has been created, a yellow warning sign will be presented as the final status. This is informational as we are using scripts to deploy both applications. The warnings are to notify you if the exit status codes from the scripts. Exit code 0 implies success.

30. In the Virtual Machine Manager Console, on the VMs and Services view, you should now see your service deployed and running.

Sequence BlogEngine Application


Using the newly deployed sequencer, Jeff can begin the pro cess of sequencing Emilys application. The first task is to download the application on his sequence server. 1. Connect to the sequencer machine, launch your web browser and download the application from http://go.microsoft.com/fwlink/?LinkId=213637 Make sure that you choose the MSDEPLOY package from the available downloads
207

2.

After selecting BlogEngine.NET 2.0 (msdeploy), you will need to accept the license terms in order to continue. Select I Agree

3.

Download the package to C:\BlogEngine on the sequencer VM you just deployed.

With the package now available, Jeff can begin the actual sequencing process. 1. On the sequencer machine, launch the Microsoft Server Application Virtualization Sequencer

208

2.

After a few moments the Server Application Virtualization application appears, select option Create a New Virtual Application Package

3.

The Create New Package wizard, on the Prepare Computer page, select Next

209

4.

On the Select Installer page, select Perform a custom installation and then select Next

5.

On the Package Name page, in the Virtual Application Package Name text box enter BlogEngine20. Ensure that the Primary Virtual Application Directory is Q:\BlogEngine20 and select Next

210

6.

On the Installation page, let the sequencer do its magic and WAIT until the next screen appears

7.

On the Installation page, you will be presented with the message Install your applications now. Jeff can now install the BlogEngine application

211

8.

Copy the BlogEngine.NET_2.0_(msdeploy) zip package to Q:\BlogEngine20

9.

From the Start Menu on the sequencer machine, navigate to Administrative Tools and launch Internet Information Services (IIS) Manager

212

10. In the Information Services (IIS) Manager, expand the SEQUENCE001 entry, select Sites -> Default Web Site

11. On the context aware Actions pane, under the Deploy section, select Import application

12. The Import Application Package dialog appears, browse to and select the Q:\BlogEngine20\BlogEngine.NET 2.0 (msdeploy).zip package

13. On the Select the Contents of the Package page, ensure all the checkboxes are selected, then select Next
213

14. On the Enter Application Package Information page, accept the default application path Default Web Site/BlogEngine by selecting Next

15. On the Installation Progress and Summary page, review the summary and confirm that everything is successfully processed, then select Finish

214

16. Launch Windows Explorer, and navigate to Q:\BlogEngine20\VFS\inetpub\wwwroot\blogengine. Right-click Web.config and select Properties from the context menu

17. In the Web.config Properties dialog, select the Security tab, and click Advanced

18. In the Advanced Security Settings for Web.Config dialog, select Change Permissions

215

19. Ensure that the Include inheritable permissions from this objects parent check box is selected. Then click OK three times to close all the open dialog boxes.

20. Open IIS Manager and go to the application pools.

21. Right-click on the DefaultAppPool-{xxxx and select Advanced Settings

216

22. Select the button next to the Identity to change the ApplicationPoolIdentity.

23. Select LocalSystem and then select OK


217

24. Select OK again and close IIS

25. Switch back to the Server App-V Sequencer page. Check the tick-box adjacent to the I am finished installing option and select Next

218

26. The sequencer will begin processing the changes, wait until this fully completes before proceeding, then select Next

27. On the Configure Software page, simply select Next

219

28. With the process almost complete, on the Create Package page, select Close

29. After the Server App-V package has been created, save it as BlogEngine20 to the C:\BlogEngine\BlogEngine20 folder

220

Add Custom Resource to the VMM Library


Jeff, content with just creating his new Server App-V package for Blogger.NET, is another building block closer to creating Emilys service. The next task for Jeff to complete is to place his new App -V package into a System Center 2012 Virtual Machine Manager library, to ensure it will be available for use in his service template. 1. 2. Copy the created package from the Sequencer machine to a location on your VMM server. From the Virtual Machine Manager Console, in the Library view, expand Library > Library Servers > VMM.contoso.com. Right-click on the MSSCVMMLibrary folder and choose Explore from the context menu.

221

3.

Navigate into the folder called EmilyCloudResources and create a new folder called Server Apps

4.

On the context aware ribbon, select the option Import Physical Resource

222

5.

The Import Library Resources dialog is offered. Click the button Add custom resource

6.

In the Browse For Folder dialog, navigate to the folder where you stored the App-V package, and select OK

7.

On the Import Library Resources dialog, in the section Select Library Server and destination for the imported resources click the Browse button. The Select Destination Folder dialog is presented, here we can select the new folder we created a moment ago by navigating to MSSCVMMLibrary > EmilyCloudResources > Server App and clicking OK to accept.

223

8.

We can now select Import to transfer the App-V package to our library

9.

Our Virtual Application Package should be visible in the library after the subsequent refresh cycle.

224

Create BlogEngine Service Template


Finally ready, Jeff can now utilize the Server Designer to create the new Service Template for Emilys Application Blogger.NET. 1. From the Virtual Machine Manager Console, in the Library view, select Templates > Service Templates

2.

On the context aware ribbon, choose the option Create Service Template

3.

The New Service Template dialog will be presented. Set the Name text to Blog Engine, the Release to 1 and choose the Single Machine (v1.0) pattern

225

4.

On Virtual Machine Service Template Designer canvas, drag the Windows 2008 R2 SP1 base image from the VM Templates pane to the Single Machine on the designer canvas. Right-click on the Single Tier machine and then select Properties from the context menu

5.

Jeff will now modify the configuration to fine tune the machine to his requirements. He begins by altering the virtual hardware Memory to 1024 MB on the Hardware Configuration page

226

6.

As with the previous Service template, Jeff will replace the default legacy network adapter with the synthetic network adapter. Select the Legacy Network Adapter and click Remove on the menu bar. From the menu bar, select Network Adapter > Network Adapter to add a new Synthetic Network adaptor.

7.

Configure the added Network Adapter 1 with the following parameters: Connect To: Virtual Virtual Network Static IP: IP protocol Version: IPv4 only MAC Address: Static Select the OS Configuration page

227

8.

On the OS Configuration page, with the Identity Information selected, change the Computer name to BlogEngine###. The first service to be deployed will be named automatically as BlogEngine001

9.

Select the Operating System settings, set Operating System to 64-bit edition of Windows Server 2008 R2 Enterprise.

228

10. On the Roles setting, select the following features: Web Server (IIS) Application Development Basic Authentication IIS 6 Management Compatibility IIS 6 Metabase Compatibility IIS 6 Scripting Tools IIS 6 Management Console IIS 6 WMI Compatibility IIS Management Console IIS Management Scripts and Tools Management Server Management Tools WebDAV Publishing

229

11. On the Features setting, select the following features: .NET Framework 3.5.1 Features .NET Framework 3.5.1 Background Intelligent Transfer Service (BITS) Finally, we can now select the Application Configuration page

12. On the Application Configuration page, we can begin to configure the application deployment. Set the Application Profile to Default Create new application settings

230

13. First we need to have the App-V runtime environment installed. From the menu select Add > Script

14. On the script properties page, Jeff enters the following details, then selects the Advanced button Script command type: Pre-Install Executable program: cmd.exe Parameters: /q /c InstallSAV.cmd /w Script Resource Package: SAV_x64_en-US_4.7.27.1491.cr (4.7.27.1491) Run As Account: NT AUTHORITY\System Timeout (seconds): 900

231

15. On the Advanced script command settings dialog, change the Action when matched drop-down, set to Warn and Continue and select OK

16. Now we can add our Blogger.NET App-V package, click Add and select Virtual application

232

17. Click the Browse button adjacent to Virtual application package, select the BlogEngine20 package and then OK.

18. Our Blogger.NET service is now configured for installation, click on OK to close the Machine Tier 1 Properties dialog. On the ribbon in the designer, select Save and Validate. The Validation process will take a few moments, assuming there are no errors or warnings we can proceed to deploy the service

233

19. To begin the deployment, from the ribbon select Configure Deployment

20. The Select name and destination dialog is presented, we can now provide, in the Name text box, BlogEngine as the service name and choose the destination for the service as Production Emily Cloud

21. The Deploy Service - Sequence dialog appears next. Here you can review and confirm all settings are correct, including the machine name prior to deployment.

234

22. When you are ready, from the ribbon, select Deploy Service

23. The Are You Sure dialog for Deploy Service is presented, confirm by selecting Deploy

24. Similar to all other VMM Jobs, you can monitor the progress of the new service deployment by switching to the Jobs view

25. When the service is deployed, browse with an Internet Explorer to http://blogengine001/blogengine to test if the application works.

235

Security
With the service template now created and tested, all that remains for Jeff to do is to provide the self-service security group permission so that Emily and her team can deploy the service. 1. From the Virtual Machine Manager Console, in the Settings view, select User Roles

2.
236

In the User Roles list, locate and right-click on the entry Production Emily Cloud Self-Service User.

From the context menu select Properties

3.

In the Production Emily Cloud Self-Service User Properties dialog, select Resources

4.

Click on the Add button to present the Add Resources dialog. Select BlogEngine Service Template Release 1 from the Add resources list, and then select OK

237

5.

Switch to the Run As accounts page, and click on the Add button. Select the Local Password run as account, required for deploying the Blogger.NET Service Template.

6.

Now both the Service Template and Run As account are now accessible to Emi lys user role. Select OK to close the wizard.

238

Summary
After a challenging, but fun journey Jeff successfully deployed and verified that the Blogger.NET service functions correctly. Jeff now has a new sequencer service he can re-use at any time in the future to create new Virtual Applications. Additionally, Jeff can call Emily to let her know that her service is packaged and ready for deployment on her cloud. But, before he makes that call, Jeff realizes that he would like to ensure that he can monitor the application while in use. In the next chapter Jeff will configure monitoring for the service.

239

Chapter 8: Monitoring your newly deployed service


Overview
When you have a private cloud, understanding how the underlying infrastructure is performing is important, but knowing how the services running on top of the infrastructure is equally, if not more, important. Previously, monitoring servers or systems could vary from rudimentary to excessive. With Systems Center 2012 Operations Manager this all changes courtesy of its tight integration with Virtual Machine Manager, monitoring the entire private cloud from end to end is now easy and automatic! In this chapter, Jeff will explore the monitors and features which are provided as a result of this integration, while 1 also extending on this base functionality to present an SLO dashboard of Emilys Blogger.NET service Operations Manager, has a complete range of additional features which Jeff will not take advantage of at this time, including the new Application Performance Monitoring (APM) component that can gather performance counters and data from .NET applications. Exposing insight that software developers can consume to improve their applications, or assist in pinpointing the true root of a lingering problem.

Deploying Management Packs


Normally, prior to monitoring a service, Jeff would deploy some Management Packs. However, we completed this exercise earlier during the integration of System Center 2012 Virtual Machine Manager and System Center 2012 Operations Manager. This exercise can be located in Appendix C.

Deploying Agents
Monitoring servers and applications requires that Jeff deploys agents to all servers that he requires to monitor. In this procedure, Jeff will deploy an agent to the Orchestrator server. After completing the procedure, we will repeat the process on the remaining servers: AD.contoso.com Appcontroller.contoso.com BlogEngine001.contoso.com DPM.contoso.com VMM.contoso.com Hyperv02.contoso.com

If you want to have a full overview of your environment, you can also deploy the agents to all remaining servers.

SLO: Service Level Objective: This is a part of a Service Level Agreement and is an agreement in measuring the performance based on counters (can be multiple)
1

240

1.

In the Operations Manager Console, on the Administration workspace, select the Device Management branch

2.

Right-click on Device Management and select Discovery Wizard from context menu.

3.

The Computer and Device Management Wizard is presented, on the Discovery Type page, select Windows computers, and click Next

241

4.

On the Auto or Advanced? page, select the Advanced discovery option and click Next

5.
242

On the Discovery Method page, select Browse for, or type-in computer names, then browse for the server Orchestrator or type the name in the text box. Select Next

6.

On the Administrator account page, select Use selected Management Server Action Account and then select Discover

243

7.

On the Select Objects to Manage page, select the discovered server, make sure that the Management mode is Agent and not agentless, then select Next

8.

The default Agent Installation directory is normally fine, however you may choose another location if desired. For the Agent Action Account (the context in which the monitoring services run in) if necessary you can specify a domain service account, however the default local system account is generally preferred. Then select Finish

244

9.

The Agent Management Task Status dialog is displayed, offering the ability to monitor the task status. You can close this window by selecting Close at any time.

Make an agent proxy-enabled


Some agents deployed will gather information, performance data, warnings and al erts from other managed objects on different computers, in order to report this information to Operations Manager; the agents must be
245

Proxy Enabled. A working example of this scenario may be a windows cluster, the agent installed on Server A of the cluster can report on behalf of the virtual resource. In Jeffs private cloud we must also enable the agent proxy function, as the agent that runs on Virtual Machine Manager will report on behalf of the resources that are managed by Virtual Machine Manager. 1. In the Operations Manager Console, in the Administration workspace, select the Device Management > Agent Managed branch

2.

Locate and right-click on the VMM server in the list, then choose Properties from the context menu

3.

The VMM.contoso.com - Agent Properties dialog appears, select the Security tab

246

4.

On the Security tab, Enable the check box adjacent to Allow this agent to act as a proxy and discover managed objects on other computers and then select Apply and OK

Creating a new Management Pack for customizations


As Jeff plans to customize the monitoring which he will perform on his service, he first will follow the documented best practices, and create a dedicated management pack to store his customizations. 1.
247

In the Operations Manager Console, on the Administration workspace, select the Management Packs branch

2.

On the context aware Tasks pane, click the action Create Management Pack

3.

The Create a Management Pack wizard will appear, in the Name text box enter BlogEngine.Management.Pack. The default version number is suitable for our new management pack, select Next to progress.

248

4.

On the Knowledge page, Jeff could provide specific knowledge/document regarding the new Management Pack (a best practice in production environments). Select Create to create the management pack.

Running through the Monitoring


Management packs imported, agents deployed, and discoveries running, Jeff is almost ready to begin configuring his monitoring configuration. As Operations Manager discoveries run on different schedules Jeff decides to leave the system for 24 hours to complete their initial discovery.
249

End-to-End monitoring through System Center 2012 Virtual Machine Manager


After a good nights sleep, Jeff is eager to see how well his private cloud is monitor ed. Due to the integration with Virtual Machine Manager he is expecting to see all his components monitored by Operations Manager. 1. In the Operations Manager Console, on the Monitoring workspace, select the Virtual Machine Manager Views > Diagram View for VMM branch

2.

The Diagram View, refreshes to present the components in the private cloud

250

3.

Exploring the Operations Manager console, Jeff browses through the Managed Resources to view his clouds. Navigate through Managed Resources > All Clouds > Production Emily Cloud

4.

Expanding BlogEngine, we should be able to view all of the components of the service including the server operating system, drilling deeper into the BLOGENGINE001.contoso.com node, even more information is presented including network and virtual hard disk details.

251

5.

Intrigued, Jeff is curious about what additional information he can retrieve from Operations Manager. Still on the Monitoring view, navigate to Monitoring > Virtual Machine Manager > Managed Resources > Cloud Health

252

6.

Thankfully there are no active alerts presented for his clouds. In the Cloud State view both of Jeffs clouds are visible. Selecting the Production Emily Cloud he can view more information about the cloud, including the VMM Object ID, Quota and lots more.

253

7.

Still exploring, Jeff navigates to Monitoring > Virtual Machine Manager > Managed Resources > Service Health and reviews the state and information of his services.

8.

Next, after Jeff has reviewed the possible alerts and health states, he analyses some performance data. Now, navigating to Monitoring > Virtual Machine Manager > Performance > Host Performance, a range of new performance counters are available to view. Selecting a few of them he begins graphing

254

9.

Next stop for Jeff is to check to see if the Virtual Machine Manager to Operations Manager connector also creates distributed applications. Hopeful to find an application for BlogEngine, he navigates to Monitoring > Distributed Applications

255

10. On the Distributed Applications page, right-click on BlogEngine and select Open > Diagram View

11. After a few moments, the Distributed Application is presented for the BlogEngine service.

256

Blog Engine SLO monitoring


Wanting to measure the up-time of the service, Jeff decides to create a Service Level Objective for Emily and her team. As the application is already fully monitored, all that is required is to create a SLO and a dashboard to present this. 1. In the Operations Manager Console, on the Authoring workspace, select the Management Pack Objects > Service Level Tracking branch

257

2.

On the Tasks pane, click Create

3.

The Service Level Tracking wizard is presented starting on the General page. In the Name text field type BlogEngine SLA, and provide a Description in text box; then select Next

258

4.

On the Objects to Track page, click the Select button to select your class or object

5.

The Select a Target Class dialog box is shown, in the list box, select the Target called Service from the Management pack called System Center 2012 Virtual Machine Manager. Click OK

259

6.

Back on the Objects to Track page, in the Scope (Options) section, select the option A group or object that contains objects of the targeted class, click the Select button to open the Select an Object dialog

7.

In the dialog, in the Look for: text box enter BlogEngine and click Search. Locate and select the Group or Object called BlogEngine with the Class called Service

260

8.

In the Management Pack section, select the BlogEngine Management Pack that we created earlier to store the SLO, and select Next

9.

On the Service Level Objectives page, select the drop-down adjacent to the Add button, and select the option Monitor State SLO

261

10. The Service Level Objective (Monitor State) dialog is presented, provide the following details, and click OK to store: Service Level Objective name: BlogEngine SLO Targeted class: Service Monitor: Availability Service level objective goal: 99.000 States: Critical, Unplanned Maintenance, Unmonitored, Monitor Disabled Once complete, select Next to move to the Summary page

262

11. On the Summary page, select Finish to create the monitor

With the SLO for the BlogEngine Service now created Jeff next wants to visualize the measurement.

Blog Engine SLO Dashboard


Using the dashboard functionality we will now create visualization of the BlogEngine SLO. 1.
263

In the Operations Manager Console, on the Monitoring workspace, select the Monitoring branch

2.

Right-click on Monitoring, on the context menu select New > Dashboard View

3.

The New Dashboard and Widget Wizard appears, on the Template page, choose Service Level Dashboard and click Next

4.

On the General Properties page, in the Name text box enter BlogEngine SLA and provide a Description in the provided test field, then click Next

264

5.

On the Scope page, select the Add button

6.

The Add SLA Dialog appears, select from the Available Items list the BlogEngine SLA that we just created, and select Add, then click OK

265

7.

On the Specify the Scope page, select Next

8.
266

On the Summary page, review your choices, and select Create

9.

Once the Visualization has been created, select Close to dismiss the wizard

10. The Dashboard of our Blog Engine SLA for the previous 24 hours is now rendered

267

Summary
After investigating the monitoring features generated as a result of the integration of Virtual Machine Manager and Operations Manager, Jeff was extremely impressed with what he found. With very little effort he was able to extend the provided monitoring, generate custom monitors and measures, and present this rich data. Jeff has only taken a very quick peek at what Operations Manager has to offer, but the key take away from the integration is the ability for Jeff to design and deploy a Service in VMM, only to have Operations Manager automatically generate a Distributed Application ready to immediately be monitored. Content with his experience, Jeff can retire for the day, confident that Operations Manager is already actively monitoring his full private cloud fabric, ready to alert him in the event of any potential issue.

268

Chapter 9: Automation as a key foundation of your private cloud


Overview
In this chapter we are going to explore the automation possibilities of the Microsoft Private Cloud. The primary component of System Center 2012 we will be focusing on will be System Center 2012 Orchestrator. Jeff wants to build some automation into his environment. Initially, Jeff would like to explore some of the automation capabilities available, and may later decide to re-use his new runbooks in his production environment.

Creating a simple runbook


Jeff already uses System Center Virtual Machine Manager 2008 R2 in his production environment. He receives many tickets to change the ownership of virtual machines created by Emily, enabling them to be shared with her team. Because automation is a key component of the private cloud, Jeff wonders if he can automate this simple task. If he succeeds, Emilys requests will be fulfilled faster, and Jeff can continue to focus on his existing work instead of repeating this simple task. Jeff decides to try to achieve this objective utilizing System Center 2012 Orchestrator. 1. 2. Log on to the Orchestrator server Open the Runbook Designer (Start > All Programs > Microsoft System Center 2012 > Orchestrator > Runbook Designer) On the left, under connections, right-click on Runbooks and select New > Folder

3.

4.

Give the new folder a name, for example EmilyCloud

269

5.

On the newly created EmilyCloud folder, right-click and choose New > Runbook

6.

On the newly created Runbook, right-click and choose Rename from the context menu.

7.

When you receive the Confirm Check out, select Yes

8.

To assist in identifying the purpose of the new runbook, change its name to ChangeOwnerOfVM.

9.

From the activities pane (right side of the console), select the Runbook Control folder, to expose the contained activities.

270

10. Drag the Initialize Data activity object to the runbook canvas (as illustrated below)

11. Next, select the SC 2012 Virtual Machine Manager folder to present its activities

12. Drag both the Get VM and Update VM activities to the runbook canvas as illustrated below

271

13. Next, we will create two connections in the runbook to wire up the workflow, these connections are commonly referred to as the pipeline or databus, because this is the mechanism utilized to pass information between each activity. On the runbook canvas, move your mouse to the right of the Initialize Data activity until your pointer changes to a crosshair. Then, holding down the left mouse button, draw a connection between the Initialize Data and the Get VM activity. Repeat the process, this time from the Get VM activity to the Update VM activity. Jeff now has created his first, simple runbook. It will start with the first activity Initialize Data, then proceed to the Get VM activity and finally perform the Update VM activity, passing the results of the previous activity over the pipeline, and available for the following activity to utilize.

14. Jeff must now configure the activities in the runbook, as currently it has no configured task to perform. To begin, double-click on the Initialize Data activity to open the properties dialog box.

272

15. On the dialog Details page, select the Add button twice to add two parameters.

16. Next, select Parameter 1 and change that name to VMName, and then repeat by selecting Parameter 2,
change its name to UserName and then select Finish to close the dialog

273

17. Back on the canvas, double-click the Get VM activity

18. Select the button on the right of the Configuration Name: and then select the connection (VMM Connection) that you created earlier in Chapter 4.

274

19. Select the Add button

20. On the Filter Settings, set the Name field to VM Name, set the Relation field to Equals. To set the Value field, right-click in the text box and select from the context menu Subscribe > Published Data

21. In the Activity drop-down, the Initialize Data activity should be presented. The pipeline or databus
275

attributes of VMName and UserName which we created earlier are now available to select. As Jeff plans to use this runbook to update the VM with the same name as Emilys requests we will select to use the VMName property as the value for our filter.

22. This will instruct the Get VM activity to filter out all VMs except those which match the VM Name we will provide when we start the runbook. Now, select Finish on the Get VM activity to proceed.

276

23. Double-click on the Update VM activity

24. In the Configuration section Name field, select the button to add the VMM Connection

25. Jeff now is going to use this Update VM activity to change some of its properties. In the previous activity Get VM he filtered all the VMs to return only the VM which matched the supplied VM Name. The results of the Get VM activity were then automatically placed on the databus or pipeline. The Update VM activity requires the VM ID to identify which VM should be updated. Jeff can now utilize the new information place on the databus or pipeline to present the VM ID as a parameter for this next activity. In the text field next to the VM ID, right-click and choose Subscribe > Published Data

277

26. From the Published Data dialog, set the Activity to Get VM, and choose the VM ID property as our input parameter, and select OK

27. Next, Jeff is going to identify the fields which he plans to update. To do this he selects the Optional Properties button.

278

28. In the Add/Remove Property dialog, search for the Owner field in the Available list and then click the >> button to move that field to the Selected list. When complete, select OK

29. Back in the Update VM Properties dialog, in the text field next to the Owner property, right-click and choose Subscribe > Published Data. From the published data dialog, set the Activity to Initialize Data, and chose the UserName as our input property. Then select OK

279

30. Select Finish

Testing the Runbook


Jeff has now created his first runbook. The only thing he now has to do is start the runbook, provide the two parameters and his job should be automated, saving him time in the future. But before he relaxes, he must now check to see if the runbook actually works. For that, he is going to use the Runbook Tester which is integrated into the Orchestrator Runbook Designer we have already being utilizing. For his test, Jeff wants to assign Contoso\Jeff as the Owner of the Virtual Machine named AD. 1. Select the Runbook Tester in the menu bar

280

2.

The System Center 2012 Orchestrator Runbook Tester window will now be presented, select the Run button to test the runbook.

3.

The Initialize Data Parameters dialog will be presented; here we will assign the VMName as AD and the UserName as Contoso\Jeff. Then select OK

4.

Using the Log pane, Jeff can observe the runbook activities which are currently active, or have completed. By selecting the Show Details link, or expanding the + icon, Jeff can view the results of each activity as it processes within the workflow.

281

5.

When all activities are complete, Jeff will see that the job status now reads, success

6.

Back in the Virtual Machine Manager Console, Jeff should now also see that the VM called AD, has been updated with Contoso\Jeff as owner.

Check in the Runbook


Prior to utilizing our completed runbook, it must be checked in again, using the Orchestrator Runbook Designer. If the runbook has not been checked in, it will not be replicated to Service Manager in the next chapter. 1. 2. 3. Open the Runbook Designer Locate our Runbook which we named ChangeOwnerOfVM Select the Check In button from the menu bar

Additional Exercise
This exercise is not necessary to continue with this evaluation guide. You will need to do this exercise if you want to do additional exercises in the next chapters.

282

Create a new runbook that will add an Active Directory user to the AD Group ProductionEmilyCloud. This runbook will then be used to automate the addition of users to the security group, automatically granting access to the self-service role that has been created for Emilys private cloud. Details: Name: AddUserToSelfServiceGroup Number of activities: 4 o Initialize Data o Get User o Get Group o Add User to Group

Initialize Data parameters Details Page o UserName: String

Get User parameters Properties Page o ReturnDNOnly: True Filters Page o Sam Account Name equals {UserName from Initialize Data}

283

Get Group parameters Filters o Sam Account Name equals ProductionEmilyCloud

Add User to Group parameters Properties Page o Group Distinguished Name: {Distinguished Name from Get Group} o User Distinguished Name: {Distinguished Name from Get User}

284

Summary
Jeff has successfully created his first simple runbook to automate a single task that he has to do on a regular basis. Excited, Jeff realizes that there are many more tasks which he can possibly automate, and looks forward to the challenges as he embraces this powerful tool.

285

Chapter 10: Creating a Self-Service catalog and automate offerings to your customers or end-users
Overview
In the previous chapter, Jeff created a runbook (or two if you followed the additional exercise) with the objective of optimizing his time not addressing repetitive tasks. Jeff read about the Self-Service potential of the private cloud and plans to embrace automation even further. Currently, Jeff must still start his new runbook and provide the virtual machine name and new owner details manually each time he receives a request ticket. Unfortunately, many times he simply only receives an email request, eager to automate the complete process, Jeff plans to present Emily and her team a simple web page to request the change, letting Service Manager and Orchestrator do the rest.

Prerequisites
Before Jeff begins to create the Self-Service portal, he will need to first source all the required components for the project. For his evaluation implementation, Jeff is going to use the ServiceMgr server to install all the required components. In production, Jeff will follow the recommend guidelines, utilizing additional virtual machines to distribute the roles and service loads. The initial installation that Jeff needs is SharePoint Foundation 2010. The Self-Service portal is a collection of components that live on top of SharePoint. In production, he will embed those components on his production SharePoint farm, while for the evaluation; he is going to utilize the free SharePoint Foundation sever that he downloads from http://www.microsoft.com/download/en/details.aspx?id=5970 Prior to beginning the installation of SharePoint Foundation 2010, Jeff must download and install the following prerequisites specifically for SharePoint SharePoint Foundation 2010 prerequisites: Prerequisite Windows Identity Foundation: Microsoft Sync Framework Runtime v1.0 (x64): Microsoft Chart Controls for Microsoft .NET Framework 3.5: Microsoft Filter Pack 2.0: Microsoft Server Speech Platform Runtime (x64): Microsoft Server Speech Recognition Language - TELE(en-US): SQL 2008 R2 Reporting Services SharePoint 2010 Add-in: Microsoft Sync Framework Runtime v1.0 (x64):
286

URL http://www.microsoft.com/download/en/details.aspx?id=17331 http://www.microsoft.com/download/en/details.aspx?id=15391 http://www.microsoft.com/download/en/details.aspx?id=14422 http://www.microsoft.com/download/en/details.aspx?id=17062 http://www.microsoft.com/download/en/details.aspx?id=16789 http://go.microsoft.com/fwlink/?LinkID=166371 http://www.microsoft.com/download/en/details.aspx?id=622 http://go.microsoft.com/fwlink/?LinkID=160382

After installing the prerequisites, Jeff also installs .Net Framework 4.0 which he downloaded from http://go.microsoft.com/fwlink/p/?LinkID=232304 Next, Jeff proceeds with the installation of SharePoint as a Standalone server with the default settings After the installation, he then runs the SharePoint Configuration Wizard (default settings)

Installing the Self-Service Portal


Now that all the prerequisites have installed, Jeff can start installing the System Center 2012 Service Manager web portal. 1. 2. Still working on the ServiceMgr computer, Run setup.exe from the installation media On the Service Manager splash screen, select Service Manager web portal

3.

On the Portal Parts screen, select both the Web Content Server and SharePoint Web Parts and select Next

287

4.

On the Product registration page, fill in a Name and Organization, select I have read, understood, and agree with the terms of the license terms and select Next

5.

On the Installation location page, change the installation location or leave it default and select Next

288

6.

On the System check results, when you have passed the system requirements, select Next

7.

On the Configure the Service Manager Self-Service Portal name and port, uncheck the Enable SSL encryption and make sure that the Port is 81. Select Next to continue

289

8.

On the Select the Service Manager database page, in the Database server text field enter servicemgr, and set the SQL Server instance dropdown to Default. Finally, in the Database dropdown select ServiceManager. Then select Next

9.

On the Configure the account for the Self-Service Portal page, select the Domain account option; provide the User name as administrator, provide the relevant password, and then set the domain to contoso. Select Test the credentials. When the test succeeds, select Next

290

10. On the Configure the Service Manager SharePoint Web site, uncheck the Enable SSL encryption and make sure that the port is 82. Set the Database server as ServiceMgr, the SQL Server instance drop down to SharePoint, and the Database name to read SharePoint_SMPortalContent. Then select Next

11. On the Configure the account for Service Manager SharePoint application pool , provide the User name as administrator, provide the relevant password, and then set the domain to contoso. Select Test the credentials. When the test succeeds, select Next

291

12. On the Help improve Microsoft System Center 2012 Service Manager choose if you want to participate in the Customer Experience Improvement Program or not, then select Next

13. On the Use Microsoft Update to help keep your computer secure and up-to-date page, select if you want to use Microsoft Update, and select Next

292

14. On the Installation summary, review your settings and select Install

15. On the Setup completed successfully page, write down the URL (http://servicemgr:82/SMPortal) of your newly created portal as presented in the results text. Finally you may select Close to complete the exercise.

293

All the Steps Required


Jeff now considers the steps which he needs to repeat in order to deliver a service to his end-users, some of these will not require to be repeated each time, so the list will act as a guide for him as he proceeds to publishing his new service offerings on the portal. Pre-Work Create a Runbook in Orchestrator (already covered in Chapter 9) Create the Orchestrator Connector in Service Manager (already covered in Chapter 4) Synchronize Orchestrator with Service Manager Optional: Adding a category to the Knowledge category list Optional: Create Knowledgebase Article Create a Runbook Automation Activity template Create a Service Request template Optional: Create a Service Offering category Create a Service Offering Create a Request Offering Add the Request Offering to the Service Offering

As this is the first time Jeff has encountered this new process, he decides that he will attempt to complete each of these steps now so he understands the process, and later when he is ready to offer additional services he can opt to exclude the optional steps if he so wishes.

Pre-Work
Prior to Jeff beginning the work of offering new services, he first will create a Management Pack. This
294

management pack will be used to store all the customizations which he will create as he implements his offerings. An advantage of this approach is that he can undo his changes by deleting the management pack, but also he can export the management pack from his evaluation environment, and simply import it onto another environment, for example Production at any time in the future. This enables Jeff to have a good test first approach for delivering new services. 1. In the System Center 2012 Service Manager console, with the Administration workspace selected, expand the navigation tree to select Administration > Management Packs

2.

The context of the Tasks Pane will update, and now we can choose Create Management Pack

3.

On the Create Management Pack dialog, in the Name text box enter Emily Cloud Management Pack, and in the Description text box enter: This is a Management Pack that contains all customization for Emilys Cloud. Then select OK

295

Synchronize Orchestrator with Service Manager


Previously in chapter 4, Jeff created a connector from Orchestrator to Service Manager. However, as we created a runbook in the previous chapter he must now synchronize this new information with Service Manager, otherwise the new runbook will be unavailable for us to utilize in Service Manager. 1. In the System Center 2012 Service Manager console, with the Administration workspace selected, expand the navigation tree to select Administration > Connectors.

296

2.

Select the previously created Orchestrator Connector connection

3.

The context of the Tasks pane will update, and now we can choose Synchronize Now

4.

Select OK on the Synchronize Now page and then refresh the page until the synchronization has finished.

Adding a category to the Knowledge category list


Curiously, Jeff is eager to understand the flexibility of the self-service portal, realizing that his end-users (including Emily and her team) will see and work from this environment. Initially he plans to understand how Knowledgebase Articles will look from the portal. Before creating his first Knowledgebase Article, he will create a Knowledge Category in Service Manager. 1. In the System Center 2012 Service Manager console, with the Library workspace selected, expand the navigation tree to select Lists

297

2.

On the Lists pane, select Knowledge Article Category

3.

The context of the Tasks pane will update, and now we can choose Properties

298

4.

On the List Properties page, select Add Item. Change the Name text box entry to read Emilys Cloud, provide a short Description in the text box. Finally use the Move Up button until the entry is placed above Other, then select OK

Create Knowledgebase Article


With the new Knowledge Base Category now in place, Jeff can proceed to create his first Knowledgebase Article, and assign it to his newly created category, while also flagging it as published for the users to utilize. 1. In the System Center 2012 Service Manager console, with the Library workspace selected, expand the navigation tree to select Knowledge.

299

2.

The context of the Tasks pane will update, and now we can choose Create Knowledge Article.

3.

On the Knowledge Article information page, with the General tab selected, fill in the following data: Title: How to Guide: Change owner of a Virtual Machine Description: This guide describes the steps that you need to take to change the owner of a Virtual Machine Keywords (separated by a semi-column): VM; Virtual Machine; Owner; Cloud Knowledge Article Owner: Jeff Category: Emilys Cloud

300

4.

Switching to the Analyst tab, you should enter the step by step guide to complete the task. As an example, Jeff enters some steps to assist Emily and her team while filling out the request

5.
301

In the dialog title area, from the drop down list we should now select Published as the articles status.

6.

Finally, we can select Apply and OK to save the new knowledge base article.

Create Runbook Automation Activity Template


Next, Jeff needs to prepare Service Manager to offer the runbook that he created in Chapter 9 as available for use in his templates. Once this is complete Jeff can then utilize the runbook in any of his service templates, including requests and incidents. Jeff also has the option to take advantage of the template to define some parameters now, so they do not need to be redefined every time the runbook is required. 1. In the System Center 2012 Service Manager console, with the Library workspace selected, expand the navigation tree to select Runbooks.

2.

Select the Runbook from the Runbooks pane that you created in Chapter 9 called ChangeOwnerOfVM

302

3.

The context of the Tasks pane will update, and now we can choose Create Runbook Automation Activity Template.

4.

Fill in the following data on the Create Template page. When done, select OK to open the template editor Name: Change Owner of VM Runbook Activity Template Description: This is the template used for the Runbook ChangeOwnerOfVM Class: Runbook Automation Activity Management Pack: Emily Cloud Management Pack

303

5.

Now you can change the parameters for the runbook activity. Those parameters will be automatically filled in when a new activity is created in Service Manager. Title: Change Owner of a Virtual Machine Description: Change Owner of a Virtual Machine Area: Hardware\Server Ensure the option Is Ready for Automation box is checked; otherwise you cannot use this runbook as an automated activity. Finally close and save the dialog changes, select Apply and OK

6.

304

Create Service Request Template


When the end user connects to the Self Service portal to submit a new request, Service Manager is presenting a Service Request offering; these offering are based on the Service Request Template, and can be customized to auto-populate some of the fields in the request. Additionally, the Service Request Template allows Jeff to define which workflow will be carried out when this request offering is implemented. In this example the main activity Jeff is concerned with is his recently created runbook activity. 1. In the System Center 2012 Service Manager console, with the Library workspace selected, expand the navigation tree to select Templates

305

2.

The context of the Tasks pane will update, and now we can choose Create Template.

3.

On the Create Template page fill in the following data: Name: Change Owner of a Virtual Machine Request Template Description: This template will serve as the template for the Service Request Class: Service Request (this should be filled in automatically) Our management pack called Emily Cloud Management Pack should still be selected, and we can Select OK to open the Template Editor

306

4.

Once the form is presented, we will be placed on the General tab, where we can customize the parameters which we would like to be automatically filled for each new service request created in Service Manager based on this template Title: Automated Service Request Change the owner of a Virtual Machine Description: Through the Self-Service Portal, users will be able to change the owner of a Virtual Machine automatically Urgency: medium Priority: Low Area: Hardware\Server

307

5.

We can then proceed on to the Activities tab. Here we can define the workflow of activities which should be executed for this service request. Examples here may be a Review Activity when we would first prefer a manager to approve the request prior to moving on with the next step in the workflow. Jeff has decided that, for his initial validation, to add the Runbook Activity he created earlier so as to understand how this really works. He proceeds by selecting the button.

308

6.

In the Select Template dialog, choose the Runbook Automation Activity that we created a little earlier and called Change Owner of VM Runbook Activity. Then select OK

7.

As Jeff does not plan to add any additional activities for now, just select Apply and OK to complete creating the Service Request template

309

Create a Service Offering category


Now that Jeff has created both his templates, he can finally proceed to create the offerings that will appear on the Self-Service portal. Jeff has browsed through some information about this process and learned that there are two types of offerings. A) Service Offering, these are really nothing more than a collection of different Request Offerings. B) Request Offerings are the actual offering which end-users are presented, and are normally customized with specific questions relevant to the request. However, before Jeff starts creating his Service Offerings, he also has the ability to classify these Service Offerings into different categories. This enables Jeff to group similar Service Offerings on the portal simplifying the presentation which his users will experience when they visit the portal. To create these categories he can update the list with his available options. 1. In the System Center 2012 Service Manager console, with the Library workspace selected, expand the navigation tree to select Lists

310

2.

On the Lists pane, select Service Offering Category. The context of the Tasks pane will update, and now we can choose Properties. The List Properties dialog is then presented, select the Add Item button

3.

4.

Change the name of the new list item, by entering in the Name text field Emilys Cloud and selecting OK

311

Create a Service Offering


With the Service Categories list now updated, Jeff will next create the Service Offering. In this example Jeff will be creating the offerings called Emilys Cloud Offerings. Since a Service Offering is a collection of different Request Offerings, Jeff will add all offerings specific for Emilys Cloud under this Service Offering. 1. In the System Center 2012 Service Manager console, with the Library workspace selected, expand the navigation tree to select Service Catalog > Service Offerings.

2.

The context of the Tasks pane will update, and now we can choose Create Service Offering

312

3.

The Create a new service offering wizard will be presented, select Next to begin

4.

On the Specify the information for this offering page fill in or select the following information: Title: Emilys Cloud Offerings Category: Emilys Cloud Language: Leave empty! Overview: Here are all the Offerings specific for Emilys Cloud Description: On this page, you will find all the offerings for Emilys Cloud Management Pack: Emily Cloud Management Pack Select Next

313

5.

The Detailed Information page enables Jeff to provide both Service level agreement (and a related URL), as well as Cost information (and a related URL), which are associated with the service offering. Currently Jeff has not figured out what these might be in his evaluation, but will review these before going into production, for now, just select Next

6.

The Related Services page is presented next, Jeff adds the BlogEngine service previously deployed and selects Next

314

7.

The Knowledge Articles page is next, Jeff created a knowledge article earlier however that was for his yet to be created Request offering, so for now has no suitable article to attach. However Jeff clearly realizes that he can create and associate additional knowledge base information with relative ease, and have these associated to his service offering. As there is no changes for now, just select Next

8.

On the Request Offering page, we have the ability to add the request offerings that users will see grouped under this service offering. Because we have not yet create a request offering, we will leave this empty for now and select Next

315

9.

On the Specify publishing information page, we will set the Offering status to Published and set the Offering owner to Jeff. And again we can select Next

10. Finally, we can review the choices from the Summary page, before we select Create

316

11. When the offering has been created, select Close. Please note that we will not see this service offering presented in the portal until we associate at least on request offering to the service

Create Request Offering


Jeff just finalized his Service Offering and is now eager to publish his first Request Offering. As Jeff required just some specific information for this runbook, instead of manually extracting the information from a generic request, and transposing this into his runbook, he is instead going to customize the offering specifically prompting the user for the information which is relevant to this specific request. 1. In the System Center 2012 Service Manager console, with the Library workspace selected, expand the navigation tree to select Service Catalog > Request Offerings

317

2.

The context of the Tasks Pane will update, and now we can choose Create Request Offering

3.

The Create a new service offering wizard will be presented, select Next to begin

318

4.

On the Specify this information page, fill in the following information: Title: Change the owner of a Virtual Machine Description: This request will allow you to change the owner of virtual machine Template name: Change Owner of a Virtual Machine Request Template Jeff now understands why he created the template earlier, as every request that will be made through the portal will be created in Service Manager utilizing this template. Management Pack: Emily Cloud Management Pack Select Next

The User Prompts page enables Jeff to define what questions should be presented to his end users when they select this request offering, these can be marked as mandatory or optional for the user to provide. (For more information about the different prompt types: http://blogs.technet.com/b/servicemanager/archive/2011/11/08/request-offering-wizard-overview.aspx) For Jeffs example there are two questions which he requires to be answered, so appends these to the
319

form Virtual Machine name > Required > Text Owner > Required > Text Select Next

5.

On the Configure Prompts page, we dont need to do anything. However, if Jeff would have selected other prompt types these generally would need to be configured. (In that case Jeff would highlight the prompt to be configured and then select the Configure button above the form). We can simply select Next

6.

On the Map prompts page, we are going to map the users responses to fields so that we can process them in Service Manager. Jeff plans to use both of the prompts to be passed as parameters to his runbook activity so that Orchestrator knows what we would like to take action on. To do this, we simply select the Runbook Automation Activity we created earlier called Change Owner of a virtual machine.

320

Now, we can map both of the prompt fields to the parameters of the activity by mapping the Virtual Machine Name to the Text1 property and the Owner to the Text2 property. Proceed by selecting Next

7.

The Knowledge Articles page is now presented, and this time we know Jeff did create a knowledge article which should be presented to the users of this request offering. Therefore we will select Add

8.

In the select objects dialog, the scope will be set to Knowledge Article, and we can select the knowledge base article which we created earlier called How to Guide: Change Owner of a Virtual Machine. Then we just select Add to link it, and finally select OK when we are done

321

9.

With our Knowledge Base article associated, we can select Next to move to the next page

10. On the Publish page, change the Offering status to Published and change the Offering owner to Jeff. Select Next

322

11. On the Summary page, review your settings and then select Create

12. Once the Completion page is presented we can select Close

323

Add the Request Offering to the Service Offering


The last thing that Jeff has to do is add this Request Offering to the Service Offering that we created earlier. Then we will be able to see the offering on the Self-Service portal. 1. In the System Center 2012 Service Manager console, with the Library workspace selected, expand the navigation tree to select Service Catalog > Request offerings > Published Request Offerings

2.

Select the Change the owner of a Virtual Machine offering from the presented list

324

3.

The context of the Tasks pane will update, and now we can choose Add to Service Offering

4. Choose Emilys Cloud Offerings and select Add. Then select OK

325

Running through the Service Request


Prior to Jeff releasing this new Service Offering to Emily and her team, he first plans to verify the experience which will be presented to the users and that the interactions with Orchestrator and Virtual Machine Manager do indeed work as planned. For his test scenario, Jeff will reverse back the owner of his Virtual Machine to be the Administrator again.

Viewing the Self-Service Portal with Internet Explorer requires the Silverlight plugin. In this example, Jeff is running it on the Service Manager server itself but you could use another Server / Workstation to connect to the portal without needing to install Silverlight on the Service Manager server 1. Open the Service Manager portal by browsing to http://servicemgr:82/. After a few moments the portal will be presented, and Jeff can select Emilys Cloud Offerings from his new category Emilys Cloud

2.

As Jeff only has a single Request offering created and published, this will be presented on the Emilys Cloud Offerings page. Here Jeff will select this offering Change the owner of a Virtual Machine

3.

On the Request offering page, Change the owner of a Virtual Machine, we now can see knowledge base article that we created an associated listed is now under the Related help articles heading, and in the title area we see the larger button which we will select to Go to request form

326

4.

Our two user prompts which we created on the request form are now presented, and we can proceed to fill these out as follows. In the Virtual Machine Name text box enter AD and in the Owner text box enter Contoso\Administrator. Then we can select Next

5.

On the Review and Submit page, we can double check our information prior to selecting Submit

6.

The Confirmation page will then be presented where we now have the option to select View my requests

327

7.

After Selecting the View My Requests button, we can observe that our request is currently in progress.

8.

Switching back to the Service Manager Console, Jeff can see the newly created service request by ensuring the Work Item workspace selected, and expanding the navigation tree to select Service Request Fulfillment > All Open Service Requests

9.
328

In the All Open Service Requests, the ticket created is now presented, matching the ID which was

reported on the My Requests page in the portal. We can now double-click this request to open it

10. On the general page we can see that all the fields which we defined in the template are now completed as we provided

11. When Jeff selects the Activities tab we can see that the Runbook activity is already in progress.

329

12. Switching over to the Virtual Machine Manager console, Jeff can see after a few moments that the owner of the virtual machine AD has indeed changed to now read as Contoso\Administrator

13. Switching back again to the Self-Service Portal, Jeff refreshes the request to see that its status is now also updated, and marked as complete.

330

14. In the Service Manager console, ensuring the Work Item workspace is selected, and expanding the navigation tree to this time select Service Request Fulfillment > Completed Service Requests

15. Jeff can now see his Service Request is indeed presented and its status updated to read Completed.

Additional Exercise
You can only do this exercise if you have done the additional exercise in chapter 4 and chapter 9
331

Jeff wants to add another request offering to the portal under the service offering of Emilys private cloud. He therefore is going to add the second runbook he created in the previous chapter called AddUserToSelfServiceGroup to a new request offering. Initially, Jeff created a list of tasks which may need to be completed to create his Request Offering Pre-Work Create a Runbook in Orchestrator (already done in Chapter 9) Create the Orchestrator Connector in Service Manager (already done in Chapter 4) Synchronize Orchestrator with Service Manager Optional: Adding a category to the Knowledge category list Optional: Create Knowledgebase Article Create a Runbook Automation Activity template Create a Service Request template Optional: Create a Service Offering category Create a Service Offering Create a Request Offering Add the Request Offering to the Service Offering

However, this time around Jeff understands that only a subset of these are now needed for his next offering, which are Create a Runbook Automation Activity template Create a Service Request template Create a Request Offering Add the Request Offering to the Service Offering

Here are the parameters that you can use for the different steps: Create a Runbook Automation Activity Template Name: Add User To Self Service Group Runbook Automation Activity Template Description: This is the template used for the Runbook AddUserToSelfServiceGroup Class: Runbook Automation Activity Management Pack: Emily Cloud Management Pack Title: Add User To Self Service Group Description: Add User to Self Service Group Area: Hardware\Server Is Ready for Automation: Enabled

Create a Service Request template


332

Name: Add User to Self Service Group Request Template Description: This template will serve as the template for the Service Request Class: Service Request (this should be filled in automatically) Management Pack: Emily Cloud Management Pack Title: Automated Service Request - Add User to Self Service Group Description: Through the Self-Service Portal, users will be able to add a user to the Self Service

Group Urgency: medium Priority: Low Area: Hardware\Server Activities tab: Add the Add User to Self Service Group automation activity

Create a Request offering Title: Add User to the Self-Service group Description: Add a user to the Self-Service Group that has access to Emily's Cloud Template: Add user to Self Service Group Request Template Management Pack: Emily Cloud Management Pack Form instructions: Enter the username to add the Self-Service group User Prompt: UserName / Required / Text Map Prompt: Add User To Self-Service Group - (Runbook Automation Activity) -> UserName Offering Status: Published Offering Owner: Jeff

Add to Service Offering Emilys Cloud Offerings

Summary
After a pretty long days work, Jeff is thrilled that he now has the ability to offer Emily and her team a request via his self-service portal, while ensuring the fulfillment is completely automated trough the integration of Service Manager, Orchestrator and Virtual Machine Manager. The initial task of setting this up had a large number of steps to complete, which was daunting at first, but, now with a better understanding of the relationships for each of these steps completing the second offering was much simpler, as there was no requirement to repeat many of the initial configuration steps, focusing only on the items specific to publishing his second offering. Content with his learning, Jeff is now ready to investigate the potential of this tool a lot more as he takes his first offerings into production.

333

Chapter 11: Hybrid Cloud Management


Overview
As Jeff considers what a wonderful experience he has been having over the last few days while progressing through all the different phases of implementing his private cloud infrastructure, while he pauses to recall some of his favorite achievements, ranging for his initial fabric implementation, his first cloud, his first service, monitoring that service, and implementing automation, presented from a customized self-service portal; he stops for a moment and realizes he has yet to embrace the functions of System Center 2012 App Controller. Excited, with the thoughts of a new goal, he sets off to enable the App Controller portal, which he can share with Emily and her team, to deploy services.

Logging in to the App Controller Portal


Jeffs quest starts by logging into the App Controller Portal, so he can proceed to configure the connections to his private cloud environment. 1. Launching his Web Browser, Jeff points to the previously installed App Controller Web Server, to open its home page located at https://appcontroller/ or https://192.168.1.5/ After a few moments, he is challenged with a Login request, so provides his credentials setting his User Name to contoso\jeff and providing his Password, before selecting Sign In

2.

3.

Once authenticated, the Overview page is presented; from here we will select the link Connect a Virtual Machine Manager server

334

4.

The Add a new VMM connection dialog is then presented. Jeff provides the connection details for his System Center Virtual Machine Manager server, as per the table, and then selects OK Connection name: Virtual Machine Manager Description: Virtual Machine Manager server Server name: vmm.contoso.com Port: 8100 Automatically import SSL certificates: checked

335

5.

App Controller then begins processing the request, and after some moments closes the dialog. The home screen soon updates with new status details related to the private clouds previously created in System Center Virtual Machine Manager.

Jeffs company, Contoso has also acquired a Windows Azure subscription, which he now also decides to connect with his App Controller environment. This exercise can only be performed when you or your company has a Windows Azure subscription. If you do not complete this exercise, you will still be able proceed with the remaining exercises.

1.

While still on the App Controller Overview page, we will select the link Connect a Windows Azure Subscription.

2.

The Connect a Windows Azure subscription dialog is then presented. Jeff provides the connection details for his companys Windows Azure subscription, as per the table: Name: Windows Azure Subscription Description: Windows Azure Subscription Subscription ID: <your subscription id> The private certificate for the subscription has previously being created, therefore for the Management Certificate, select Browse and select existing certificate. Next, in the Management certificate password text box, enter the relevant certificate password, before finally selecting OK

336

3.

App Controller then beings processing the request, and after some moments closes the dialog. The home screen soon updates with new status details related to the Public Clouds previously created on the Windows Azure Subscription and System Center Virtual Machine Manager.

4.

Jeff continues to explore the App Controller interface, to determine the services and their structure which are currently running within his Windows Azure Subscription.

337

Deploying a Service as Emily


With the App Controller environment configured, Jeff collaborates with Emily so that together they proceed to attempt a deployment of the BlogEngine service defined at the beginning of the evaluation. 1. Launching her Web Browser, Emily points to the App Controller Web Server home page located at https://appcontroller/ or https://192.168.1.5/

2.

After a few moments, she is challenged with a Login request, so provides her credentials setting her User name to contoso\emily and provides her Password, before selecting Sign In

338

3.

Once authenticated, the Overview page is presented; from here we will select the Clouds page

4.

On the Clouds page, Emily sees only one cloud available to her. This is exactly what Jeff wants.

5.

Emily now goes to the Services page

339

6.

From the menu bar on the services page, we will begin the process of deploying a new instance of the BlogEngine service, by first selecting on the Deploy button

7.

App Controller then presents the New Deployment page. We select the link Configure offered in the CLOUD box.

8.

The Select a cloud for this deployment dialog is presented, where we can select Production Emily Cloud as the target cloud (note the available quota is also presented here) and then select OK to select. Note - If you opted to deploy the second cloud in the side exercises, this is not offered to Emily for selection, as she was not granted access in Virtual Machine Manager. App Controller respects and presents only what has being provisioned and authorized from Virtual Machine Manager.

340

9.

The New Deployment page updates and Emily must now select the link Select a template in the Template box.

10. The previously created BlogEngine service template is now offered as available for deployment (along with its quota requirements, and the remaining quota after deployment); choose this service and then select Ok. Note: Again App Controller is respecting Virtual Machine Manager Configuration, and is not offering the Sequencer template, as this was also not published for Emily to access.

341

11. The New Deployment page updates again, and Emily must now review the service diagram. Once she is content, she can begin the deployment of the service by simply selecting on the Deploy button.

12. After selecting on the Deploy button, the Services page is again presented, and after a few moments, a notification that the VMM service deployment started will be presented.

13. The Services page also updates with a new box, representing the BlogEngine service, with the status of Deploying.
342

14. By selecting on the notification link or manually switching to the Jobs view Emily can now monitor the deployment progress of her BlogEngine service in greater detail.

Summary
Configuring System Center 2012 App Controller to integrate with both System Center 2012 Virtual Machine Manager and Microsoft Windows Azure subscriptions turns out to be a very trivial operation. Additionally, App Controller adheres to the roles and delegations configured within Virtual Machine Manager, requiring no additional steps to ensure users have access only to the services which were originally defined for them. Deploying new business services through App Controller is a rich experience with a visual overview of the service about to be deployed along with the capacity details of the cloud being targeted.

343

Chapter 12: Protecting your data in the private cloud


Overview
The final objective which Jeff implements for Emily requests to be completely addressed is to enable regular backups of her services which she is now hosting in the private cloud. To enable this Jeff earlier selected to deploy System Center 2012 Data Protection Manager as part of the Unified Installer experience and will now utilize this product to ensure this last goal is accomplished.

Creating a Storage Pool


Data Protection Managers strengths lie in the area of disk-to-disk backups; and for Emilys cloud, Jeff has elected to create a new Storage Pool using a new 250GB disk which he has attached to the Data Protection Manager server. There are a few possibilities to add this disk to the System Center 2012 Data Protection Manager server. You can use a pass-through disk. You can also use a local vhd or create a new vhd. Working with a vhd as your storage pool is not supported and not recommended in a production environment. For this proof of concept setup, you can work with a 250 GB created vhd to explore the possibilities. 1. From the Data Protection Manager Console, select the Management workspace, and then highlight the Disks Link

2.

The context sensitive ribbon will update, and we can then select Add

344

3.

The Add Disks to Storage Pool dialog will be presented, where our new 250Gb disk should be listed as available, select this disk and then select Add

4.

The disk will then be listed in the Selected disks list, and we can then select OK

5.

After a few moments, the new disk should be presented in the storage pool

Installing an agent
Data Protection Manager (DPM) utilizes agents, which are deployed to the servers hosting the workloads, to protect the content. DPM 2012 is Hyper-V Virtual Machine aware, and only requires that the host have an agent installed. Therefore Jeff opts to protect the host being utilized by Emilys private cloud which is called hyperv02 1. From the Data Protection Manager Console, select the Management view, and then highlight the Agents Link

345

2.

The context sensitive ribbon will update, and we can then select Install

3.

The Protection Agent Installation Wizard is presented, on the Select Agent Deployment Method page we will select Install agents and then select Next

4.
346

On the Select Computers page, we will select our desired hyper-v server, which was called hyperv02 from the Computer name list. Select the Add button to move it into the Selected computers list, and

then select Next

5.

On the Enter Credentials page, provide the credentials of a user with administrator privileges on the target computer. As Jeff is a domain administrator, he can utilize his own credentials. Then select Next

6.

On the Choose Restart Method page, as DPM does not generally require a computer restart after installing a new agent (unless a previous reboot is pending) we will select the option No, I will restart the selected computers later. DPM will report later if it determines a reboot needs to be scheduled. Select Next

347

7.

The Summary page is presented which we can quickly review prior to selecting Install

8.

After the Installation is completed, we can select Close to dismiss the wizard

348

The Backup Strategy


Apart from the rich backup support Data Protection Managers offers for its key business workloads of SQL, Exchange and Active Directory, Data Protection Manager also offers integrated protection of the Virtual Machines hosted on a protected hyper-v server. Leveraging this capability, Jeff can now create a new Protection Group for Emilys cloud. 1. From the Data Protection Manager Console, select the Protection workspace, and then highlight the All Protection Groups link

349

2.

The context sensitive ribbon will update, and we can then select New

3.

The Create New Protection Group Wizard is presented. On the Welcome page select Next

4.

On the Select protection group type page, select Servers and then select Next

350

5.

On the Select group members page, expand the Available members tree, and select the Hyper-V Host called hyperv02. Expand the tree and enable the tick box beside the selection HyperV > Backup Using Child Partition Snapshot\BlogEngine002.contoso.com. Then select Next

6.

On the Select data protection method page, in the Protection Group Name text field type HyperV Guests. Enable the check box I want short-term protection and select Disk from the associated drop down. Then select Next

7.
351

On the Select short-term goals page, set the Retention range to read 5 days. Select the Modify button to set the Express Full Backup to occur at a suitable time every date. Once configured select Next

8.

On the Review disk allocation page, review how much disk space is forecast to be consumed for this backup and Modify if you desired to adjust the allocation. The option to enable Co-locate data in DPM Storage Pool is currently disabled. To reduce storage requirements this will generally be enabled in production environments. Select Next to move to the next step

9.

On the Choose Replica Creation Method page, in the Replica in DPM Server section, enable the option Automatically over the network and set the option to Now. This will instruct DPM to generate a one-time full backup of the virtual machine we are protecting, which will result in greater than normal load generated on the hyper-v host and network, therefore it is recommended to schedule this activity for

352

after working hours in a production environment. Select Next

10. On the Choose consistency check options, select the options that you wish to utilize for verifying consistency. Initially, Jeff decides to perform consistency checks each time the replica becomes inconsistent by choosing Run a consistency check if the replica becomes inconsistent. Select Next

11. The Summary page permits a review of the options selected, prior to selecting Create Group

353

12. System Center 2012 Data Protection Manager will then perform all the necessary tasks required to prepare for protecting the selected virtual machine. Once complete DPM will begin creating the replicas and ensuring the virtual machine is protected. Select Close to dismiss the wizard

13. Back on the console, we can now see that the replica of the selected virtual machine is being created

354

14. After a little while the initial replication will complete, and we can then see that the virtual machine is protected

Summary
After just a few minutes working with Data Protection Manager, Jeff has accomplished his goal and has easily implemented a simple backup plan for the service in Emilys cloud. Extending this to protect more resources would be quite easy as Jeff considers other parts of his business which my benefit from utilizing this solution.

355

SUMMARY
Through the preceding chapters of this evaluation guide, we have walked you through the initial steps necessary to install, configure, monitor and operate the Microsoft Private Cloud. Through the Unified Installer, we have taken you through a scenario installation of System Center 2012 components. In addition, we walked through the various connectors between the different components as well as the Orchestrator Integration Packs. We walked through the cloud creation process and learned how to delegate cloud access to our Application Owners. Through the service template creation process, we explored the new capabilities within the Virtual Machine Templates (like role enablement, and Server App-V packages), and learned how to create a service template through the Service Template Designer. We explored the Service Catalog, and runbook automation capabilities provided by Service Manager and Orchestrator, and showed how to create Request Offerings for our Self Service users. Yet, even with all that we have accomplished in this guide, it is still only the beginning and we are just scratching the surface of potential scenarios and services that you can accomplish while utilizing System Center 2012. What happens next? Well, thats up to you! As you begin to explore its many possibilities, we hope you enjoy System Center 2012 and your new Microsoft Private Cloud.

356

Appendix A
Installing and configuring the OS
1. Right click on the newly created server and choose Start. This will start your new server.

2. 3.

Right click on the server again and choose Connect In the Server window, after you are loaded into the WinPE environment, choose your Language, Time and Currency Format and Keyboard or input method and select Next Language to install: English Time and Currency format: English (United States) Keyboard or input method: Choose your keyboard layout

4.
357

In the next window, select the Install Now button

5.

Choose your Operating System. For this evaluation, we are going to use Windows Server 2008 R2 Enterprise (Full Installation) for all servers

6.

Choose I accept the license terms and select Next

358

7.

Choose the Custom (advanced) installation

8.

Select the Disk where you want to deploy the OS. This is the disk (.vhd) that you have created during the virtual machine creation. Then select Next

359

9.

Wait until Windows has installed the Operating System

10. When the installation is finished, you will receive a notification to change the local administrator password. Select OK

360

11. Change the password of the local administrator (see passwords in this evaluation guide but you are free to choose your own password) and select the blue arrow.

12. Select OK when the password is changed

361

Appendix B
Installing the Operations Manager Console on another workstation / server
As Jeff wants to integrate Virtual Machine Manager with Operations Manager and deploy the Integration Pack for Operations Manager onto the Orchestrator Runbook server he needs to deploy the Operations Manager Console on the Orchestrator server and the Virtual Machine Manager server. Jeff will have to download and install the following prerequisites first: Prerequisite .NET Framework 4.0 Microsoft Report Viewer 2010 Redistributable Package 1. URL to download http://go.microsoft.com/fwlink/p/?LinkID=232304 http://go.microsoft.com/fwlink/?LinkId=234118

Run Setup.exe from the Operations Manager source media as administrator. On the splash page, select Install

2.

On the Select features to install page, select Operations console and select Next

362

3.

On the Select Installation Location page, choose the installation location by pressing browse or leave it at the default and select Next

4.

On the Proceed with Setup page check if there are warnings or errors and resolve those before you continue with the installation. Then select Next

363

5.

On the Help improve System Center 2012 Operations Manager page, select whether you want to participate in the Customer Experience Improvement Program and choose your option for the Error Reporting. Then select Next

6.

On the Microsoft Update page, select whether you want to check for updates automatically or manually. Select Next

364

7.

On the Installation Summary page select Install

8.

When the Setup is complete page appears, select Close. Note the two check boxes below. If you select Launch Microsoft Update when the wizard closes it will open Microsoft Update and Start the Operations console when the wizard closes will request you with the information for Operations Manager as can be seen in the next screenshot.

365

9.

Fill in the Server that runs Operations Manager. In our case, this is OpsMgr and select the connect button

366

Appendix C
Deploying Monitoring Management Packs
Monitoring Management Packs in Operations Manager are the knowledge for your monitoring experience. Each monitoring management pack contains monitors, rules, discovery, and knowledge about an application or service. Examples of monitoring management packs include monitoring management packs for Exchange, SQL, and the Windows Operating System. In many cases, an application consists of different components. For example, the application that Jeff has deployed consists out of a web server (or multiple), some services and SQL databases. Therefore Jeff has to import some of these monitoring management packs. All of the Monitoring Management Packs can be found at http://systemcenter.pinpoint.microsoft.com/ For this exercise Jeff will download the following monitoring management packs: Management Pack Name SQL Server Monitoring Management Pack Windows Server Internet Information Services 7 Management Pack Windows Server Operating System Management Pack URL http://www.microsoft.com/download/en/details.aspx?id=10631 http://www.microsoft.com/download/en/details.aspx?id=9815 http://www.microsoft.com/download/en/details.aspx?id=9296

This is the procedure on how to deploy the Monitoring Management Packs: 1. In the Operations Manager console, go to Administration and select Management Packs

2.
367

On the Actions pane, select Import Management Packs

3.

On the Select Management Packs page select Add > Add from disk

4.

Locate the management packs where you downloaded and extracted (or installed them) and select them.

368

5.

When you have selected all the management packs, select Install to start the installation of the management packs in your Operations Manager environment

6.

Select Close when all the management packs are imported

369