Administrator Guide

ManualsBrandsDell ManualsCloudLink SecureVMHybrid Cloud System for Microsoft

Default Windows Azure Pack conguration

In the Dell Hybrid Cloud System for Microsoft, the Windows Azure Pack components are installed on two VMs, as described in the

following table.

Table 11. Windows Azure Pack VMs

VM Name Purpose

Prex

>APA01 Hosts the Windows Azure Pack admin components. These include:

• Management portal for administrators— A portal for administrators to

congure and manage resource clouds, user accounts, tenant plans, quotas,

and pricing. In this portal, administrators create plans, and manage user

subscriptions.

• Admin API— Exposes functionality to complete administrative tasks from

the management portal for administrators or through the use of Windows

PowerShell cmdlets.

• Tenant API—Enables tenants to manage and congure cloud services that

are included in the plans that they subscribe to.

• Admin authentication site— By default, Windows Azure Pack uses

Windows authentication for the administration portal. Before going into

production, you must disable this site and use AD FS or an external third-

party identity system that supports Web Services Federation (WS-

Federation) and JWT tokens to authenticate users.

NOTE: This VM also runs SMA and SPF.

Prex

>APT01 Hosts the Windows Azure Pack tenant components. These include:

• Management portal for tenants— A customizable self-service portal to

provision, monitor, and manage services. In this portal, users sign up for

services and create services, VMs, and databases.

• Tenant Public API— Enables tenants to manage and congure cloud

services that are included in the plans that they subscribe to. Can be

exposed to the internet to provide command line access.

• Tenant authentication site— By default, Windows Azure Pack uses an

ASP.NET Membership provider to provide authentication for the

management portal for tenants. Before going into production, you must

disable the ASP.NET provider, and use AD FS or an external third-party

identity system that supports WS-Federation and JWT tokens to

authenticate users.

For more information, see Windows Azure Pack components (http://technet.microsoft.com/library/dn469332.aspx) in the Microsoft

TechNet Library.

Before you go into production

Dell Hybrid Cloud System for Microsoft installation prepares Windows Azure Pack for you to use, but there are some important things you

must do before you go into production.

You must:

• Replace self-signed certicates for the Windows Azure Pack websites, SMA, and SPF with trusted SSL certicates that are issued by a

trusted certication authority (CA).

• Disable both the default tenant and admin authentication websites.

• Update both tenant and admin authentication to use a security token service such as AD FS or an external third-party identity system.

NOTE

: There is also an optional procedure to set up tenant portal access on an isolated network. If you want to do this, you must

set up the tenant portal access before you replace self-signed certicates and congure integration for AD FS or some other

security token service.

34 Administration