Exam Ref 70-247 Configuring and Deploying a Private Cloud
Chapter 4. Configure System Center Integration
The System Center products integrate with one another. You can leverage the functionality of one product, such as Operations Manager’s performance and availability monitoring, with the automation capabilities of Orchestrator, and the incident and problem management functionality of Service Manager. In this chapter you’ll learn how to integrate several different System Center products, allowing them to build off each other’s functionality. You’ll also learn about Service Provider Foundation, and Microsoft Azure Pack for Windows Server, which allow you to customize the way that users of your private cloud interact with the infrastructure.
Objectives in this chapter:
Objective 4.1: Configure private cloud integration
Objective 4.2: Configure integration of private and public clouds
Objective 4.1: Configure private cloud integration
This objective deals with integrating Operations Manager with Service Manager, and Virtual Machine Manager. You’ll also learn about the Orchestrator integration packs (IPs), which allow you to use each System Center product’s functionality when building automation runbooks. You’ll learn about other non-Operations Manager connectors that are available, as well as how to integrate VMM with the new IP address management feature of Windows Server 2012.
This section covers the following topics:
Integrating Operations Manager
Orchestrator integration packs
Other System Center connectors
Integrating IPAM with VMM
Integrating Operations Manager
Operations Manager is Microsoft’s enterprise monitoring solution. When integrated with other products in the System Center suite, you can use it as a source of incidents and problems for Service Manager, and to extend the management and monitoring functionality of VMM. You can also use Operations Manager events to trigger Orchestrator runbook automation.
Integrating Operations Manager with Service Manager
The Operations Manager alert connector for Service Manager allows you to automatically create Service Manager incidents based on Operations Manager alerts. An Operations Manager alert is created in Operations Manager when an object that Operations Manager monitors experiences a change that is deemed worthy of attention, such as a hardware or software failure occurring on a monitored server. There are two types of Operations Manager connectors for Service Manager: the alert connector, and the configuration item (CI) connector. The CI connector imports objects that Operations Manager has discovered into the Service Manager database. Alert connectors bring alert information into Service Manager.
To create the alert connector, perform the following steps:
1. In the Administration workspace of the Server Manager console, click Connectors.
2. On the Tasks pane, click Create Connector, and then click Operations Manager Alert Connector.
3. On the General page of the Operations Manager Alert Connector Wizard, provide a name for the alert connector.
4. On the Server Details page, shown in Figure 4-1, specify the name of the Operations Manager server and a Run As account that has permission to connect to Operations Manager. Ensure that you use the Test Connection button to verify that the account works and has appropriate permissions.
FIGURE 4-1 Alert connector configuration
5. On the Alert Routing Rules page, click Add to add an alert routing rule. An alert routing rule allows you to specify which Service Manager incident template will be used to create an incident based on an Operations Manager alert.
6. In the Add Alert Routing Rule dialog box, shown in Figure 4-2, provide the following information:
Rule Name The name of the alert routing rule.
Template The Service Manager incident template that will be used when creating the Service Manager incident.
Criteria Type Here you can select the conditions that trigger the alert routing rule. You can choose between the alert being generated by a specific Operations Manager management pack, being generated by a specific computer or security group, a custom field, or an Operations Manager monitoring class.
Select Alert Severity And Priority Allows you to specify the alert priorities and severities that will trigger the alert routing rule.
FIGURE 4-2 Alert routing rule
7. As Figure 4-3 shows, alerts that don’t match any of your configured rules will automatically be created as incidents using the Operations Manager Incident Template.
FIGURE 4-3 Routing rules
8. On the Schedule page, select the frequency at which Service Manager will query the Operations Manager server for alerts. You can also configure the connector so that alerts within Operations Manager will be closed when the incident that relates to the alert is resolved or closed in Service Manager. You can also configure Service Manager to automatically mark incidents as Resolved if the incident that triggered the alert in Operations Manager is closed. Figure 4-4 shows these settings.
FIGURE 4-4 Schedule settings
9. On the Summary page, review the connector setup, and then create the connector.
10. Once the connector is created, you can modify the alert routing rules by editing the properties of the connector, as shown in Figure 4-5.
FIGURE 4-5 Connector properties
More Info: Operations Manager Connector for Service Manager
You can learn more about the Operations Manager Connector for Service Manager at http://technet.microsoft.com/en-us/library/hh524325.aspx.
Integrating Operations Manager with Virtual Machine Manager
To be able to monitor your organization’s virtualization layer when you are using a System Center 2012 and System Center 2012 R2 managed private cloud, you need to integrate Operations Manager with Virtual Machine Manager.
Integrating Operations Manager with Virtual Machine Manager provides you with the following dashboards and views, as shown in Figure 4-6:
Cloud Health
Application Health
Application Hosts Health
Host Cluster Health
Host Health
IP Address Pool Health
Library Server Health
Load Balancer Health
MAC Address Pool Health
Service Health
Storage Pool Health
User Role Health
Virtual Machine Health
Virtual Machine Manager Server Health
FIGURE 4-6 Virtualization dashboards and views
The Virtual Machine Health dashboard is shown in Figure 4-7.
FIGURE 4-7 Virtual Machine Health
Integrating Operations Manager and Virtual Machine Manager also allows you to view the following performance information:
Cloud Performance
Host Cluster Performance
Host Performance
IP Address Pool Performance
MAC Address Pool Performance
Service Performance
Storage Pool Performance
Virtual Machine Performance
Figure 4-8 shows the Virtual Machine Performance view.
FIGURE 4-8 Virtual Machine Performance
To integrate Operations Manager with Virtual Machine Manager, you need to configure the connector between VMM and Operations Manager. Prior to configuring the connection between VMM and Operations Manager, you need to ensure that you perform the following prerequisite configuration steps:
Install the Operations Manager console on to the VMM server.
Install the following Operations Manager management packs on the Operations Manager server:
SQL Server Core Library version 6.0.5000.0 or later
Windows Server Internet Information Services Library version 6.0.5000.0 or later
Windows Server Internet Information Services 2003 version 6.0.5000.0 or later
Windows Server 2008 Internet Information Services 7 version 6.0.6539.0 or later
To link VMM and Operations Manager, you need the credentials of an account that is a member of the Operations Manager Administrators user role, and the credentials of an account that is a member of the VMM Administrator user role. These can be separate accounts or the same accounts. To configure a connection between VMM and Operations Manager, perform the following steps:
1. In the Settings workspace of the VMM console, click System Center Settings, and then click Operations Manager Server.
2. On the ribbon, click Properties.
3. On the Connection To...page of the Add Operations Manager Wizard, type the name of the Operations Manager server and a Run As account that has the appropriate permissions, as shown in Figure 4-9.
FIGURE 4-9 Connection to Operations Manager
4. On the Connection To VMM page, specify the credentials of the account that will be used by Operations Manger to connect to the VMM server.
5. Complete the wizard.
Configuring the connection between Operations Manager and VMM automatically loads the Management Packs, shown in Figure 4-10, which allow you to monitor the health and performance of your private cloud’s virtualization layer.
FIGURE 4-10 Management packs
More Info: Operations Manager Integration with VMM
You can learn more about configuring Operations Manager integration with VMM at http://technet.microsoft.com/library/hh427287.aspx.
Orchestrator integration packs
Orchestrator integration packs are collections of tasks that allow you to automate activities with different System Center products. You can download the integration packs for the System Center 2012 R2 suite of products from Microsoft’s website. Once you’ve downloaded the integration packs and extracted them to a temporary directory, you can install them by performing the following steps:
1. In the Orchestrator Deployment Manager, select the Integration Packs node.
2. Right-click the Integration Packs node and click Register IP With The Orchestrator Management Server. This will launch the Integration Pack Registration Wizard.
3. On the Select Integration Packs Or Hotfixes dialog, click Add.
4. Navigate to the location where you extracted the integration packs. You’ll need to add one at a time as you can’t add multiple integration packs using this interface. Figure 4-11 shows the integration packs that are available for the System Center 2012 R2 products.
FIGURE 4-11 Integration packs
5. Complete the wizard to add the integration packs. This will involve agreeing to the license terms for each integration pack.
Once the integration packs have been registered, you need to deploy them to the runbook server. To deploy integration packs to the runbook server, perform he following tasks.
1. In the Deployment Manager console, select the Integration Packs node and then select all of the integration packs that you want to deploy to the runbook server.
2. Right-click on the selected integration packs and click Deploy IP To Runbook Server Or Runbook Designer. This will launch the Integration Pack Deployment Wizard.
3. On the Deploy Integration Packs Or Hotfixes page, select all of the integration packs that you want to deploy to the runbook server, as shown in Figure 4-12.
FIGURE 4-12 Integration pack deployment
4. On the Computer Selection Details page, specify the address of the runbook server or Runbook Designer to which you wish to deploy the integration packs.
5. On the Installation Options page, specify when to perform the installation. The default option, shown in Figure 4-13, is to install the integration packs immediately upon completion of the wizard.
FIGURE 4-13 Installation Options
6. Complete the wizard to deploy the integration packs.
Operations Manager integration pack
You can configure Orchestrator to integrate with Operations Manager by configuring a connection to the Operations Manager server from the Orchestrator Management server. When you do this, you can monitor and collect information from Operations Manager alerts, which you can use when building Orchestrator runbooks. To integrate Orchestrator with Operations Manager, first install the Operations Manager integration pack. You can download this integration pack from Microsoft’s website. You’ll also need to install the Operations Manager console on the server that hosts the Runbook Designer, and verify that you can use it to make a connection to the Operations Manager server.
Once you’ve performed that step, you configure a connection from the Orchestrator Management server to the Operations Manager Management Group by performing the following steps:
1. In the Runbook Designer’s Options menu, click SC 2012 Operations Manager.
2. On the Connections tab of the SC 2012 Operations Manager dialog box, click Add.
3. In the Connection dialog box, shown in Figure 4-14, type the name of the connection, IP address or FQDN of the Operations Manager server, and then provide the credentials of an account that has access to the Operations Manager server.
FIGURE 4-14 Connection configuration
4. On the SC 2012 Operations Manager dialog box, shown in Figure 4-15, click Finish.
FIGURE 4-15 Operations Manager connections
Once you have configured the connection, you’ll be able to use the activities that are included in the Operations Manager integration pack when building Orchestrator runbooks. These activities are shown in Figure 4-16, and have the following functionality:
Create Alert This activity allows you to create an alert in Operations Manager.
Get Alert This activity allows you to extract data from an Operations Manager alert. Use this activity as the basis of creating runbooks that create incidents in Service Manager by extracting relevant information from alerts and using that information when creating incidents.
Get Monitor Use this activity to collect monitoring data. You can take the data extracted from this activity and use it to populate incidents in Service Manager.
Monitor Alert Use this activity to watch for specific new or updated Operations Manager alerts. You might use this when configuring a runbook to have additional steps taken when specific alerts are raised in Operations Manager during runbook execution.
Monitor State Use this activity to monitor and run when an object managed by Operations Manager has its state changed to Warning or Critical. You might use this when configuring a runbook to have additional steps taken when the state of specific Operations Manager monitored objects changes during runbook execution.
Start Maintenance Mode This activity allows you to put an Operations Manager managed object into maintenance mode. Maintenance mode is a special state that suppresses alerting. For example, you would put a server into maintenance mode when applying software updates so that Operations Manager alerts aren’t generated by the software update process.
Stop Maintenance Mode This activity allows you to take an Operations Manager managed object out of maintenance mode, so that Operations Manager alerts are no longer suppressed.
Update Alert Use this activity to update an Operations Manager alert with data. For example, you could update an Operations Manager alert with information provided in a Service Manager incident.
FIGURE 4-16 Operations Manager activities
Service Manager integration pack
You configure integration between Orchestrator and Service Manager by performing the following steps:
1. Ensure that the Service Manager integration pack is installed on the management server.
2. Click SC 2012 Service Manager in the Options menu of the Orchestrator Runbook Designer console.
3. On the Connections tab of the SC 2012 Service Manager dialog box, click Add.
4. In the Connection dialog box, shown in Figure 4-17, provide the following information. Ensure that you click Test Connection to verify that the connection to the Service Manager server functions correctly.
Name Name of the connection to the Service Manager server
Server FQDN of the Service Manager server
Credentials Credentials of an account that has permission to access the Service Manager server
FIGURE 4-17 Connection properties
5. On the SC 2012 Service Manager dialog box, shown in Figure 4-18, click Finish.
FIGURE 4-18 Service Manager connection
Once the connection between the Orchestrator and Service Manager server is established, you can use the integration pack activities, shown in Figure 4-19, to build workflows.
FIGURE 4-19 Service Manager integration pack activities
These activities allow you to do the following:
Create Change With Template Use this activity to create a change record using an existing change template. When you use this activity, mandatory fields in the service manager change record need to be configured using Orchestrator.
Create Object This activity allows you to create a Service Manager object based on a defined class. For example, you could use this activity to create a Service Manager incident, change, or problem record.
Create Incident With Template You can use this activity to create a Service Manager incident based on an existing template. When you use this activity, mandatory fields in the Service Manager incident record need to be configured using Orchestrator.
Create Related Object You use this activity to create new Service Manager objects that have relationships to existing Service Manager objects.
Create Relationship This activity allows you to create relationships between Service Manager elements. For example, you could use it to create a relationship between an incident and a computer or user. You can also use it to relate multiple incidents with a Service Manager problem record.
Delete Relationship Use this activity to remove a relationship between Service Manager elements.
Get Activity Allows an Orchestrator runbook to collect activity records based on specific criteria.
Get Object Use this activity to search for a Service Manager activity, incident, or change records based on specific criteria.
Get Relationship Allows Orchestrator to generate a list of objects from separate classes that are related by specific criteria.
Monitor Object Allows you to configure Orchestrator to find new and updated records based on specific criteria.
Update Activity Allows you to update Service Manager activity records.
Upload Attachment Use this activity to upload a file to an existing Service Manager object. For example, you might use this activity to upload a log file so that it can be stored with the incident generated automatically by an Operations Manager alert.
Update Object You can use this activity to modify the values of a Service Manager object’s properties.
VMM integration pack
As shown in Figure 4-20, the VMM integration pack contains 45 activities.
FIGURE 4-20 VMM activities for Orchestrator
These activities allow you to do the following:
Apply Pending Service Update Apply a pending service update to a VMM service.
Configure Service Deployment Configure a VMM service for deployment. Requires the service configuration name, service template name, and deployment target.
Create Checkpoint Create a VM checkpoint. Requires the GUID of the VM.
Create New Disk Creates a new virtual hard disk. Requires you specify IDE/SCSI, Dynamic or Fixed, File Name, Size, and VM GUID of VM to which the disk should be attached.
Create New Disk From VHD Creates a new virtual hard disk from an existing virtual hard disk. Requires you specify IDE/SCSI, Dynamic or Fixed, file name of new disk, path to original disk, VM GUID of VM to which the disk should be attached.
Create Network Adapter Creates a new network adapter and attaches it to a VM. Requires the VM GUID. You can also configure additional network adapter properties such as MAC Address, MAC Address Pool, Network Tag, Virtual Network ID, VLAN ID, and Logical Network.
Create User Role Creates a VMM user role. Requires that you specify a role name and the VMM user role profile that the role will use.
Create VM From Template Allows you to create a VM from an existing VMM template. Requires the Type Of VM, Destination, Path, Source Template Name, Cloud Capability Profile, and VM Name.
Create VM From VHD Use this activity to create a VM from an existing virtual hard disk. Requires you to specify IDE or SCI, name of destination VHD, path, location of VHD from which you will be creating the VM, the name of the VM host, and the VM name.
Create VM From VM Use this activity to create a new VM from an existing VM. Requires that you specify the type of VM to create, destination, VM path, the VM GUID of the source VM, and the name to apply to the newly created VM.
Deploy Service Use this activity to create a VMM service using a VMM service template. Requires that you specify the new service’s name, and the VMM template name.
Get Checkpoint Use this activity to retrieve VM checkpoint information.
Get Cloud Get information to view information about clouds on the VMM management server.
Get Network Adapter View information about VMM virtual network adapters.
Get Service Use this activity to return data on all services on the VMM management server.
Get Service Configuration You use this activity to generate information about service configurations on the VMM management server.
Get Service Template This activity allows you to generate a list of all VMM service templates.
Get Tier Provides information about all VMM tiers.
Get User Role Use this activity to extract information about VMM user roles.
Get User Role Quota Use this activity to return information about all user role quotas on VMM management server.
Get VM This activity provides information on a specific VM.
Get VM Host Use this activity to extract information about a virtualization host.
Get VM Network This activity allows you to extract information about a VMM VM network.
Get VM Subnet Use this activity to provide Orchestrator with information about a VMM VM subnet.
Manage Checkpoint You can use this activity in an Orchestrator runbook to revert a VMM VM to a specific checkpoint, or to remove checkpoints that are no longer required.
Move VM This activity allows you to move a VM to a new location.
Remove User Role This activity deletes a user role from VMM.
Remove VM Use this activity to delete a VM. This activity can only target a VM that is in a shutdown state.
Repair VM Use this activity to issue a retry, undo, or dismiss action on a VMM VM.
Resume VM This activity allows Orchestrator to resume a VM that is in a paused state.
Run VMM PowerShell Script Use this activity to trigger a PowerShell script.
Scale Tier In This activity allows Orchestrator to remove a virtual machine instance from a specific service tier.
Scale Tier Out This activity allows Orchestrator to add a virtual machine instance to a specific service tier.
Set Pending Service Update Use this activity to set a specific VMM service template as the pending service update.
Shut Down VM This activity allows Orchestrator to shut down a stopped VM, taking the VM offline.
Start VM Use this activity in an Orchestrator runbook to start a VM that has been paused, shut down, or stopped.
Stop Service This activity will stop a VMM service.
Stop VM Use this activity in an Orchestrator runbook to place a VM into a stopped state.
Suspend VM This activity will place a VM into a suspended state.
Update Disk This activity allows an Orchestrator runbook to change the properties of an existing disk.
Update Network Adapter Use this activity to update the properties of an existing network adapter.
Update User Role Property Updates the properties of a VMM user role.
Update User Role Quota Updates the quota for a user role.
Update VM Use this activity in an Orchestrator runbook to update a VM.
More Info: VMM Integration Pack
Learn more about the VMM integration pack for Orchestrator by consulting the following article at http://technet.microsoft.com/en-us/library/hh830704.aspx.
To create Orchestrator runbooks that can use activities that perform tasks in VMM, you configure VMM integration for Orchestrator. To configure the VMM connector for Orchestrator, perform the following steps:
1. Ensure that the VMM integration pack is installed on the Orchestrator server.
2. Ensure that the VMM Administration console is installed on the Orchestrator server. It is possible to configure the connector without a local deployment of the VMM console, but this is a more complicated process than installing the console on the Orchestrator server.
3. Ensure that the Windows PowerShell execution policy on the Orchestrator server is set to Remote Signed.
4. In the Options menu of the Orchestrator Runbook Designer, click SC 2012 Virtual Machine Manager.
5. On the SC 2012 Virtual Machine Manager dialog box, click Add.
6. On the Add Configuration dialog box, specify the name of the connection. Next to type, click the ellipsis (...).
7. On the Item Selection page, click System Center Virtual Machine Manager.
8. In the Properties section of the Add Configuration dialog box, shown in Figure 4-21, configure the following settings:
VMM Administrator Console Address of the server with the VMM console.
VMM Server Address of the VMM server.
User User account of the user with permissions to the VMM server.
Domain Domain that hosts the user account.
Password Password associated with the account.
Authentication Type (Remote Only) Needs to be configured if the VMM Administrator console is not installed on the Orchestrator server. You need to enable the authentication method for WinRM using Group Policy.
Port (Remote Only) Only required if the Orchestrator runbook server doesn’t have an instance of the VMM Administrator console.
Use SSL (Remote Only) Only required if the Orchestrator runbook server doesn’t have an instance of the VMM Administrator console.
Cache Timeout Amount of time in minutes before the session times out.
FIGURE 4-21 Connect VMM to Orchestrator
9. Click OK on the Add Configuration dialog box, and the SC 2012 Virtual Machine Manager dialog box.
DPM Orchestrator integration pack
You can use the DPM integration pack for Orchestrator, shown in Figure 4-22, to create DPM-specific runbook automation. These activities allow you to automate the following tasks when creating an Orchestrator runbook:
Create Recovery Point Use this activity to create a recovery point for a specific data source.
Get Data Source Use this activity to determine information about available data sources.
Get Recovery Point Use this activity to determine which recovery points exist for a specific protected data source.
Get DPM Server Capacity Use this activity to determine a DPM server’s capacity.
Protect Data Source Use this activity to put a data source into protection. Use the Get Data Source activity to determine the identity of eligible data sources.
Recover SharePoint Use this activity to recover SharePoint data.
Recover SQL Use this activity to recover SQL data.
Recover VM Use this activity to recover a protected virtual machine.
Run DPM PowerShell Script Use this activity to run a DPM PowerShell script. You can use the information returned from this script in the Orchestrator runbook.
FIGURE 4-22 DPM activities for Orchestrator
More Info: DPM Integration Pack
You can learn more about the DPM integration pack at http://technet.microsoft.com/en-us/library/hh830694.aspx.
Configuration Manager integration pack
The Configuration Manager integration pack includes a number of activities that allow you to automate Configuration Manager processes using Orchestrator. The integration pack is shown in Figure 4-23.
FIGURE 4-23 Configuration Manager integration pack activities
The Configuration Manager integration pack includes the following activities:
Add Collection Rule This activity allows you to add membership rules to a collection.
Create Collection Use this activity to automate the creation of a collection.
Delete Collection This activity allows you to remove a collection.
Delete Collection Rule This activity allows you to delete a collection rule.
Deploy Application Use this activity to deploy an application to a collection.
Deploy Configuration Baseline This activity allows you to deploy an existing configuration baseline to an existing collection.
Deploy Program Use this activity to deploy an existing program, including a script that you want to run, to a collection.
Deploy Software Update Use this activity to deploy an existing software update to a collection.
Deploy Task Sequence This activity assigns an existing task sequence to a collection.
Get Collection Members Use this activity to view the membership of a collection.
Get Deployment Status This activity allows you to view the deployment status of an application, program, task sequence, or software update deployment.
Perform Client Action This activity allows you to trigger client actions such as the Machine Policy Retrieval & Evaluation Cycle or File Collection Cycle.
Query ConfigMgr Use this activity to query the Configuration Manager database.
Update Collection Membership Use this activity to trigger an update of a collection’s membership.
More Info: Configuration Manager Integration Pack
You can learn more about the Configuration Manager integration pack at http://technet.microsoft.com/en-us/library/hh967525.aspx.
Configuring other System Center connectors
While this objective focuses on connecting Operations Manager with other System Center products and Orchestrator integration packs, it’s also possible to configure integration between other products in the System Center suite.
Orchestrator and Service Manager
Earlier in this chapter you learned how to connect Orchestrator to Service Manager, which allows you to use Orchestrator runbooks to perform tasks in Service Manager. You can also configure a connector that works the other way, between Service Manager and Orchestrator, which allows Service Manager to make reference to and utilize Orchestrator runbooks. To configure the connector between Service Manager and Orchestrator, perform the following steps:
1. In the Administration workspace of the Service Manager console, click Connectors.
2. In the Tasks pane, click Create Connector, and then click Orchestrator Connector.
3. On the General page of the Orchestrator Connector Wizard, enter a name for the connector.
4. On the Connection page, specify the Orchestrator Web Service URL as shown in Figure 4-24, and the operational database account. The URL of the Orchestrator web service will be http://computer.fqdn:81/Orchestrator2012/Orchestrator.svc. The Run As account you use must have the right to connect to Orchestrator. Ensure that you click Test Connection to verify that the connection is successful.
FIGURE 4-24 Orchestrator connector
5. On the Sync Folder page, select a Sync Folder, and click Next.
6. On the Web Console URL page, shown in Figure 4-25, specify the URL for the Orchestrator web console. The URL will be http://computer.fqdn:92.
FIGURE 4-25 Web console URL
7. On the Summary page, review the settings, and click Create.
You will be able to verify that the process has worked by navigating to the Library workspace, and clicking the Runbooks node. Any runbooks that you’ve created on the Orchestrator will be present in this node. Figure 4-26 shows this node with a runbook present.
FIGURE 4-26 Synchronized runbooks
More Info: Creating Orchestrator Connector
You can learn more about creating a connector between Service Manager and Orchestrator at http://technet.microsoft.com/en-us/library/hh519779.aspx.
VMM Connector for Service Manager
Configuring the VMM connector for Service Manager will provide Service Manager with information about the VMM environment. To configure the VMM connector for Service Manager, perform the following steps:
1. In the Administration workspace of the Service Manager console, click Connectors.
2. In the Tasks pane, click Create Connector, and then click Virtual Machine Manager Connector.
3. On the General page of the Virtual Machine Manager Connector Wizard, type the connector name.
4. On the Connection page, shown in Figure 4-27, type the FQDN of the VMM server, and specify a Run As account. This account needs to have permissions to access VMM. Click Test Connection to verify this account.
FIGURE 4-27 VMM connector
5. On the Summary page, review the configuration information, and click Create.
Integrating IPAM with VMM
IPAM is a Windows Server 2012 and Windows Server 2012 R2 role service that allows you to centralize the management of DHCP and DNS servers. You can use a single IPAM server to manage up to 150 separate DHCP servers, and up to 500 individual DNS servers. A single IPAM server is able to manage 6,000 separate DHCP scopes and 150 separate DNS zones. You can perform tasks such as creating address scopes, configuring address reservations, and managing DHCP and DNS options globally, rather than having to perform these tasks on a server-by-server basis.
You can integrate the IPAM role with VMM. When you do this, VMM synchronizes IP address settings associated with logical networks and virtual machine networks with the IPAM database. After you integrate IPAM with VMM, VMM administrators use IPAM to configure and monitor logical networks and their associated network sites and IP address pools. Tenants, however, must continue to use VMM to manage and configure any virtual machine networks that use network virtualization. Put another way, you cannot use IPAM to manage the tenant address space.
To add the IPAM server to VMM, perform the following steps:
1. In the Fabric workspace of the VMM console, click Network Services under Networking.
2. On the Home tab of the VMM console ribbon, click Add Resources, and then click Network Services.
3. On the Name page, provide a name that identifies the IPAM deployment.
4. On the Manufacturer and Model page, in the list of manufacturers click Microsoft, and in the model list select Microsoft Windows Server IP Address Management, as shown in Figure 4-28.
FIGURE 4-28 Add Network Service Wizard
5. On the Credentials page, select a Run As account that is a member of the IPAM ASM Administrators and Remote Management Users security groups.
6. On the Connection String page, provide the FQDN of the IPAM server.
7. On the Provider page, ensure that Microsoft IP Address Management Provider is selected, as shown in Figure 4-29, and click Test.
FIGURE 4-29 Provider page
8. On the Host Group page, select which host groups you want to have IPAM manage the address space for.
9. Complete the wizard.
More Info: IPAM and VMM
You can learn more about integrating IPAM and VMM at http://technet.microsoft.com/en-us/library/dn249418.aspx.
Exam Tip
Understand the steps required to configure integration between Operations Manager and VMM.
Thought experiment: Integrating Operations Manager with VMM at Contoso
In this thought experiment, apply what you’ve learned about this objective. You can find answers to these questions in the “Answers” section at the end of this chapter.
You are preparing to configure the Operations Manager connector for VMM for your System Center deployment at Contoso. You have two separate servers, OM.contoso.internal and VMM.contoso.internal. Each server has its respective management console installed. When configuring the connector, you will use a single Active Directory user account. With this information in mind, answer the following questions:
1. Which console must you install prior to configuring the Operations Manager connector for VMM?
2. Which roles must the account use to configure the Operations Manager connector for VMM in Operations Manager and VMM?
Objective summary
The Operations Manager alert connector for Service Manager allows you to automatically create Service Manager incidents based on Operations Manager alerts.
Integrating Operations Manager with Virtual Machine Manager allows you to monitor your organization’s virtualization layer when you are using a System Center 2012 and System Center 2012 R2 managed private cloud.
The Operations Manager connector for VMM prerequisite requirements include the Operations Manager console to be installed on the VMM server and the installation of several management packs.
To link VMM and Operations Manager, you need the credentials of an account that is a member of the Operations Manager Administrators user role, and the credentials of an account that is a member of the VMM Administrator user role.
Orchestrator integration packs are collections of tasks that allow you to automate activities with different System Center products.
You can import integration packs for Service Manager, Operations Manager, VMM, DPM, and Configuration Manager.
Objective review
Answer the following questions to test your knowledge of the information in this objective. You can find the answers to these questions and explanations of why each answer choice is correct or incorrect in the “Answers” section at the end of this chapter.
1. Which of the following Operations Manager integration pack tasks would you use to extract data from an existing Operations Manager alert for use in an Orchestrator runbook?
A. Create Alert
B. Get Alert
C. Get Monitor
D. Monitor Alert
2. Which of the following activities from the VMM Orchestrator integration pack would you use to create a clone of an existing virtual machine hosted on a VMM managed virtualization host? (Choose the best answer.)
A. Deploy Service
B. Create VM From VM
C. Create VM From VHD
D. Create VM From Template
3. Which of the following activities from the DPM integration pack for Orchestrator could you use in an Orchestrator runbook to create a recovery point for a virtual machine hosted on a protected Hyper-V host?
A. Recover VM
B. Create Recovery Point
C. Get Recovery Point
D. Protect Data Source
4. Which of the following activities from the Configuration Manager integration pack for Orchestrator would you use to deploy a script to a virtual machine that has the Configuration Manager client installed? (Choose the most correct answer.)
A. Deploy Application
B. Deploy Configuration Baseline
C. Deploy Program
D. Deploy Task Sequence
Objective 4.2: Configure integration of private and public clouds
This objective deals with Service Provider Foundation and Microsoft Azure Pack for Windows Server, which are add-ons that allow you to extend your organization’s private cloud infrastructure. Service Provider Foundation allows you to build a multi-tenant self-service private cloud. Microsoft Azure Pack for Windows Server allows you to use the Microsoft Azure public cloud interface as a way of allowing your on-premises users to interact with your organization’s private cloud.
This section covers the following topics:
Understanding Service Provider Foundation
Deploying Service Provider Foundation
Understanding Microsoft Azure Pack for Windows Server
Understanding Service Provider Foundation
Service Provider Foundation allows you to build a multi-tenant self-service private cloud that includes the following features:
Multi-Tenancy Supports multiple separate tenants. Each tenant is isolated from other tenants.
Usage Monitoring Monitor how cloud resources are being utilized through Operations Manager.
Usage Billing Service Provider Foundation supports chargeback, which is where organizations charge tenants fees based on how they utilize resources.
Usage Metering Measure resource utilization.
Management Stamps A scalable unit of virtualized platform infrastructure.
A management stamp represents a unit of virtualized platform infrastructure that includes a VMM deployment, one or more virtualization hosts, the VMs that are managed by VMM, and the unique service accounts and user roles that are individual to that stamp.
Stamps are monitored through Operations Manager, though one instance of Operations Manager may monitor many stamps. Stamps allow service providers to spread tenants and services across System Center elements in separate datacenters. For example, if your organization has datacenters in Melbourne, Sydney, and Brisbane, a stamp can be configured to allow a tenant seamless access to resources in all three locations.
Stamps are scalable. This means that as a tenant’s capacity requirements increase, additional stamps can be allocated to meet that demand. For example, if a tenant needs 10,000 additional VMs in the Melbourne datacenter, additional stamps can be allocated to the tenant.
Service Provider Foundation allows organizations to use industry standard web service interfaces to connect their own web based management interfaces to a System Center cloud through the REST (Representational State Transfer) web service and the Odata (Open Data Protocol) API. Service Provider Foundation provides a programmatic web-based management interface to a large number of VMM scenarios. Rather than being restricted to using one of Microsoft’s self-service portal implementations, a tenant can use their own Self-Service Portal to interface with the System Center backend resources.
Service Provider Foundation has the following elements:
Web Services These provide tenants with portal applications and administration tools and include the following:
Admin Web Service This web service generates User Roles, Servers, management stamps and other objects required for administrative tasks
VMM Web Service This web service interacts with VMM to create and manage virtual machines, virtual networks, and tenants
Usage Web Service This web service collects usage data from tenant virtual machines and other parts of the fabric such as storage and networking
More Info: Service Provider Foundation
You can learn more about Service Provider Foundation at http://technet.microsoft.com/en-us/library/jj642895.aspx.
Deploying Service Provider Foundation
The Service Provider Foundation installation files are located on the System Center 2012 R2 Orchestrator installation media. Service Provider Foundation has the following prerequisites as shown in Figure 4-30:
Windows Server 2012 or Windows Server 2012 R2
PowerShell 4.0
IIS Version 7.5 or later
IIS Management Scripts and Tools role service
IIS Security Basic Authentication
IIS Security Windows Authentication
IIS Application Development ASP.NET 4.5
WCF Data Services 4.0 for OData V3
ASP.NET MVC 4
Management OData IIS Extension
Virtual Machine Manager 2012 R2 Administrator Console
FIGURE 4-30 SPF prerequisites
You deploy Service Provider Foundation from the Orchestrator installation media. To deploy Service Provider Foundation, perform the following steps:
1. On the System Center 2012 R2 Orchestrator Setup dialog box, shown in Figure 4-31, click Service Provider Foundation.
FIGURE 4-31 Installation splash screen
2. On the Service Provider Foundation dialog box, click Install.
3. On the License Terms page, agree to the license terms.
4. On the Prerequisites page, verify that all prerequisites are available.
5. On the Configure The Database page, review the database settings. Figure 4-32 shows the default database name is SCSPFDB.
FIGURE 4-32 Database server settings
6. On the Specify A Location For The SPF Files, specify the port number and the server certificate details. Figure 4-33 shows a certificate issued from an internal CA.
FIGURE 4-33 SPF file location
7. On the Configure The Admin Web Service page, specify the domain credentials of the System Center Administrator web service and the credentials of the related application pool service account.
8. On the Provider Web Service page, you specify domain credentials for the System Center Provider web service and the application pool credentials for the related application pool.
9. On the VMM Web Service page, specify domain credentials for the VMM web service and service account credentials for the VMM web service application pool.
10. On the Usage Web Service page, specify domain credentials for the Usage web service and service account credentials for the Usage web service.
11. On the CEIP and Microsoft Update page, choose whether to opt in to the Customer Experience Improvement Program, and whether to enable Microsoft Update.
12. On the Installation Summary page, review the installation settings, and click Install. Verify that Setup Is Complete, as shown in Figure 4-34.
FIGURE 4-34 Verify setup is complete
More Info: Deploy Service Provider Foundation
You can learn more about Service Provider Foundation deployment at http://technet.microsoft.com/en-us/library/jj642900.aspx.
Understanding Microsoft Azure Pack for Windows Server
Microsoft Azure Pack provides an on-premises replica of Microsoft Azure services that you can deploy in your datacenter, including Virtual Machine and website provisioning. The advantage of Microsoft Azure Pack is that it provides a replica of the experience that a user would get if they used the online Microsoft Azure portal to perform tasks.
Microsoft Azure Pack provides Self-Service IT through a Self-Service Portal that allows hybrid cloud scenarios. A hybrid cloud is spread across private, public, and hosted clouds.
Microsoft Azure Pack includes the following:
End User Portal The end user portal is designed to replicate the Microsoft Azure portal. Like the Microsoft Azure portal, the end user portal allows end users to access their resources in the private cloud. Administrators can configure separate offerings for each tenant.
Management Portal This portal is for cloud administrators. It allows them to manage the offerings and services that end users access through the end user portal.
Management API Web service that handles requests from the management portal. Can also be used by third party management portals through OData REST standards.
Service Management API Database Stores configuration data.
Web Sites Provides a scalable shared web hosting platform. Supports sites that host ASP.NET, PHP, and Node.js applications.
Virtual Machines Supports the deployment of any VM that can be managed using VMM. Supports software defined networking and remote access connections to each VM’s console.
Databases Supports Microsoft SQL 2008/2012 and MySQL 5.x in Platform as a Service configuration.
Service Management Automation Allows the building of automation based on Orchestrator and PowerShell 3.0 workflows.
Service Bus Provides a messaging service between applications running in the private cloud.
VMM is able to collect usage data, such as CPU, memory, storage, and network utilization, for all of the VMs and virtualization hosts it manages. VMM stores this data in the VMM database for 30 days. If you’ve integrated VMM with Operations Manager, this data can be transferred across to the Operations Manager data warehouse.
The Service Provider Foundation element of Microsoft Azure Pack is able to utilize this data when stored in the Operations Manager data warehouse, providing it to authorized users to view through interfaces such as the management portal for administrators. Service Provider Foundation is able to collect metric data from multiple VMM instances and aggregate them so that you can use that data for billing, or for overall infrastructure analysis.
More Info: Microsoft Azure Pack for Windows Server
You can learn more about Microsoft Azure Pack for Windows Server at http://technet.microsoft.com/en-au/library/dn296432.aspx.
Microsoft Azure Pack VM clouds
To add a VMM cloud to Microsoft Azure Pack, perform the following general steps:
1. On the server that hosts the Microsoft Azure Pack Management Portal for Administrators, start the Management Portal by navigating to https://localhost:30091.
2. In the Management Portal, click VM Cloud.
3. Click Register System Center Service Provider Foundation Server. This will be in the form https://server.fqdn:8090. You’ll need to provide the credentials used for the following Application Pool identities on the Service Provider Foundation server:
VMM
Usage
Admin
Provider
4. Once registration is complete, all of the VMM instances (or stamps) associated with the Service Provider Foundation endpoint will be listed.
All clouds present on the VMM server (or stamp) will be listed under the Clouds tab of the portal. You can add stamps or VMM servers in the management portal for Administrators by clicking New, click VM Clouds, and click Connect to, and specify the FQDN of the VMM server or stamp.
Microsoft Azure Pack web clouds
A Microsoft Azure Pack web cloud deployment has the following roles:
Web Sites Controller This role is used by Microsoft Azure Pack to provision and manage other web sites role.
Management Server This role hosts a REST endpoint. It routes management traffic to the Microsoft Azure Pack Web Sites Management API.
Web Workers The web servers that will process client web requests. Can be configured as either Shared or Reserved. One of each is required. Reserved web workers are categorized as small, medium, and large.
Front End This role accepts client web requests, provides clients with responses from web workers, routes web worker requests, and provides load balancing and SSL termination.
File server Hosts web site content for every web site that runs on the web cloud.
Publisher Allows content publishing to the web sites in the cloud for FTP clients, Visual Studio, and WebMatrix through the Web Deploy and FTP protocols.
Web Sites Runtime Database Database that Microsoft Azure Pack web clouds uses for operations.
Service Management API Database Stores configuration data for the Microsoft Azure Pack Service Management API. This role will have already been installed during the deployment of Microsoft Azure Pack.
Application Databases If supported usage scenarios include providing back end database functionality for the websites hosted through Microsoft Azure Pack for Windows Server, it’s necessary to install databases instances for one or both of Microsoft SQL Server or MySQL.
More Info: Azure Pack Web Clouds
You can learn more about Microsoft Azure Pack web clouds at http://technet.microsoft.com/en-us/library/dn457747.aspx.
Microsoft Azure Pack SQL clouds
The SQL Server and MySQL resource providers for Microsoft Azure Pack enable users to have the use of Microsoft SQL and MySQL databases. To support this usage scenario, it is necessary for you to install the separate SQL server and MySQL databases that underpin this service. It is only necessary to install MySQL if you want to offer MySQL through Microsoft Azure Pack.
To install a SQL Server or MySQL resource provider:
1. Sign on to the computer on which you are going to install the SQL Server or MySQL resource provider, and launch the Web Platform Installer.
2. On the Products tab of the Web Platform Installer, click Microsoft Azure.
3. Depending on whether you are deploying a SQL Server provider or MySQL provider, click Add next to one of the following, and then click Install:
Microsoft Azure Pack: SQL Server Extension
Microsoft Azure Pack: MySQL Extension
4. When the installation completes, click Continue. This will launch the Configuration site. On this site, enter the following information using the settings specified when you deployed Microsoft Azure Pack for Windows Server:
Address of the database server configured when you deployed Microsoft Azure Pack
Azure Pack database authentication details
Azure Pack Configuration Store passphrase.
5. Once these steps are complete, you’ll be able to register the database endpoints for the Microsoft SQL or the MySQL instances you have deployed.
Once you have registered the appropriate resource provider, you can register database endpoints. You’ll need to have deployed the database instance prior to attempting endpoint registration.
Register Microsoft SQL Database Endpoint
To register a Microsoft SQL database endpoint, perform the following steps:
1. Sign on to the server that hosts the Microsoft Azure Pack Management Portal for Administrators, and launch the portal.
2. Click SQL Servers in the navigation pane, and then click New or Add. Click Connect.
3. Provide the following SQL Server instance name:
Group Name The name of the group that you want the instance to belong to in Microsoft Azure Pack.
Server Name The name of the server that hosts the instance. Usually this will be just the name of the server, but can also include the instance name in the Servername\instancename format if you have deployed multiple instances on a computer.
Administrator User Name Name of a user with administrative privileges on the instance.
Administrator Password Password of the user account specified that has administrative privileges on the instance.
Size Of The Hosting Server (GB) Specify the amount of disk space available on the hosting server.
4. Click Connect to register the Microsoft SQL instance.
Register MySQL Instance
To connect an existing MySQL instance to Microsoft Azure Pack, perform the following steps:
1. Sign on to the server on which you deployed the Microsoft Azure Pack Management Portal for Administrators and launch the management portal.
2. In the Microsoft Azure Pack Management Portal for Administrators, click MySQL Servers, click New or Add, and then click Connect.
3. Provide the following information about the MySQL instance:
Group Name Name of the Microsoft Azure Pack group to which you want to add the MySQL server.
Server Name Name of the MySQL server instance.
Administrator User Name Name of a user account that has administrative privileges on the MySQL instance.
Administrator Password Password of the user account that has administrative privileges on the MySQL instance.
Size Of The Hosting Server (in GBs) Provide the amount of available space.
4. Click Connect to register the MySQL instance.
Enter the MySQL server instance information: group name, server name, administrator user name, administrator password, and the size of the hosting server (in GBs).
Click Connect. When you receive a message indicating that registration was successful, close the message.
More Info: SQL Clouds with Microsoft Azure Pack
You can learn more about Microsoft Azure Pack SQL clouds at http://technet.microsoft.com/en-us/library/dn469317.aspx.
Exam Tip
Remember that Service Provider Foundation provides a framework for multi-tenant self-service clouds where custom portals are used. Microsoft Azure Pack for Windows Server provides portals that replicate the Microsoft Azure experience, though these can also be customized.
Thought experiment: Microsoft Azure Pack for Windows Server at Tailspin Toys
In this thought experiment, apply what you’ve learned about this objective. You can find answers to these questions in the “Answers” section at the end of this chapter.
You are the private cloud administrator at Tailspin Toys. You are investigating the benefits of deploying Microsoft Azure Pack for Windows Server. Stakeholders at the organization want to know about the functionality of Microsoft Azure Pack and have forwarded you the following questions:
1. Which VM operating systems can be requested through the portal after Microsoft Azure Pack for Windows Server is deployed and operational?
2. Which database servers can be used to host databases used to store the data for web applications deployed in a Microsoft Azure Pack for Windows Server web cloud?
Objective summary
Service Provider Foundation allows you to build a multi-tenant self-service private cloud.
Service Provider Foundation clouds support multi-tenancy, usage monitoring, usage billing, usage metering, and management stamps.
A management stamp represents a unit of virtualized platform infrastructure that includes a VMM deployment, one or more virtualization hosts, the VMs that are managed by VMM, and the unique service accounts and user roles that are individual to that stamp.
Stamps allow service providers to spread tenants and services across System Center elements in separate datacenters.
As a tenant’s capacity requirements increase, additional stamps can be allocated to meet that demand.
Microsoft Azure Pack provides an on-premises replica of Microsoft Azure services that you can deploy in your datacenter, including Virtual Machine and website provisioning.
When deploying Microsoft Azure Pack, you need to provide credentials for the VMM, Usage, Admin and Provider Application Pool identities on the Service Provider Foundation server.
Objective review
Answer the following questions to test your knowledge of the information in this objective. You can find the answers to these questions and explanations of why each answer choice is correct or incorrect in the “Answers” section at the end of this chapter.
1. You are installing Microsoft Azure Pack for Windows Server. Service Provider Foundation is already deployed in your organization’s environment. During the installation of Service Provider Foundation, you used domain accounts when configuring each application pool service account. Which of these credentials are required when deploying Microsoft Azure Pack for Windows Server? (Choose all that apply.)
A. Provider web service application pool.
B. Admin web service application pool.
C. VMM web service application pool.
D. Orchestrator web service application pool.
2. Which of the following database products can you install to provide as a service to users after installing Microsoft Azure Pack for Windows Server.
A. PostgreSQL.
B. MySQL.
C. Microsoft SQL Server.
D. Oracle.
3. Which of the following elements are included in a Service Provider Foundation management stamp? (Choose all that apply.)
A. One or more virtualization hosts.
B. Orchestrator runbook server.
C. Operations Manager management group.
D. VMs managed by VMM.
Answers
This section contains the solutions to the thought experiments and answers to the objective review questions in this chapter.
Objective 4.1: Thought experiment
1. You must install the Operations Manager console on the VMM server.
2. To link VMM and Operations Manager, you need the credentials of an account that is a member of the Operations Manager Administrators user role, and the credentials of an account that is a member of the VMM Administrator user role.
Objective 4.1: Review
1. Correct answer: B
A. Incorrect: This activity allows you to extract data from an Operations Manager alert.
B. Correct: This activity allows you to extract data from an Operations Manager alert.
C. Incorrect: Orchestrator integration packs are collections of tasks that allow you to automate activities with different System Center products.
D. Incorrect: Orchestrator integration packs are collections of tasks that allow you to automate activities with different System Center products.
2. Correct answer: B
A. Incorrect: Use this activity to create a VMM service using a VMM service template.
B. Correct: You use this activity to create a new VM from an existing VM that is on a VMM managed virtualization host.
C. Incorrect: Use this activity to create a VM from an existing virtual hard disk in the VMM library.
D. Incorrect: This cmdlet allows you to create a VM from an existing VMM template.
3. Correct answer: B
A. Incorrect: You use this activity to recover a protected virtual machine.
B. Correct: You use this activity to create a recovery point for a specific data source.
C. Incorrect: You use this activity to determine which recovery points exist for a specific protected data source.
D. Incorrect: You use this activity to put a data source into protection. Use the Get Data Source activity to determine the identity of eligible data sources.
4. Correct answer: C
A. Incorrect: You use this activity to deploy an application to a collection. In Configuration Manager, you use a Program rather than an Application to deploy scripts.
B. Incorrect: This activity allows you to deploy an existing configuration baseline to an existing collection.
C. Correct: You use this activity to deploy an existing program, including a script that you want to run, to a collection.
D. Incorrect: This activity assigns an existing task sequence to a collection. While task sequences can run scripts, the “more correct” answer is to use a Program to deploy the script. Task sequences are most commonly used in Operating System Deployment (OSD) type activities.
Objective 4.2: Thought experiment
1. Microsoft Azure Pack for Windows Server supports any operating system that can be managed through VMM. This means that it is possible to deploy VMs running supported versions of the Windows and Linux operating systems.
2. Both Microsoft SQL Server and MySQL can be used to host the databases that store the data for web applications deployed in a Microsoft Azure Pack for Windows Server web cloud.
Objective 4.2: Review
1. Correct answers: A, B and C
A. Correct: You need to specify credentials for the VMM, Provider, Admin, and Usage web service application pool when installing Microsoft Azure Pack for Windows Server.
B. Correct: You need to specify credentials for the VMM, Provider, Admin, and Usage web service application pool when installing Microsoft Azure Pack for Windows Server.
C. Correct: You need to specify credentials for the VMM, Provider, Admin, and Usage web service application pool when installing Microsoft Azure Pack for Windows Server.
D. Incorrect: You do not need to specify credentials for the Orchestrator web service application pool when installing Microsoft Azure Pack for Windows Server.
2. Correct answers: B and C
A. Incorrect: You cannot provision PostgreSQL database to users through Microsoft Azure Pack for Windows Server.
B. Correct: You can install MySQL databases and provide them as a service to users through Microsoft Azure Pack for Windows Server.
C. Correct: You can install Microsoft SQL Server databases and provide them as a service to users through Microsoft Azure Pack for Windows Server.
D. Incorrect: While it is possible to deploy Oracle in the cloud version of Microsoft Azure, Oracle is not supported for deployment through Microsoft Azure Pack.
3. Correct Answers: A and D
A. Correct: A management stamp represents a unit of virtualized platform infrastructure that includes a VMM deployment, one or more virtualization hosts, the VMs that are managed by VMM, and the unique service accounts and user roles that are individual to that stamp.
B. Incorrect: While a Service Provider Foundation management stamp may utilize Orchestrator and Service Provider Foundation is installed from the Orchestrator installation media, there is no direct relationship between a management stamp and Orchestrator.
C. Incorrect. A single Operations Manager management group can monitor multiple Service Provider Foundation management stamps.
D. Correct: A management stamp represents a unit of virtualized platform infrastructure that includes a VMM deployment, one or more virtualization hosts, the VMs that are managed by VMM, and the unique service accounts and user roles that are indi