Virtual Insider

Blog archive

How To Configure Hybrid Clouds with System Center App Controller

If you have not had a chance to play in the public cloud yet, I invite you to give it a test. To do that, point your browser to and sign up for a free 90 day account. With the cloud fever going into full force this month, especially after the VMware-Amazon "extravaganza" and the rumored VMware public cloud offering, it is clear that what I've been saying on this blog for a few years now is beginning to come true: That the public cloud will take away workloads from enterprise data centers, and for good reason.

That being said, Windows Azure provides a good toolset for testing what a workload would look like in the public cloud. For those who have built a private cloud around Microsoft System Center and want to get your feet wet with hybrid cloud, I'll show you how you can connect Microsoft System Center App Controller to a Windows Azure subscription and manage both your private, on-premise cloud and your public cloud. I'll also show you how to move workloads between the two, thereby realizing the hybrid cloud.

You need to do a few things before you can enable a hybrid cloud:

  • A Windows Azure subscription
  • A connection between the Windows Azure subscription to the App Controller infrastructure, which will require uploading an SSL certificate with a .PFX to Windows Azure and which will authenticate your App Controller server
  • A storage repository on Windows Azure, which would allow you to upload VMs, the ISOs and any other resource you'll need

Once you have signed up for a Windows Azure subscription, the first step is to upload your App Controller SSL certificate to Azure. Now remember, you will need to export two files for your certificate, the .CER and also the .PFX that includes the Private Key. Once you have both certificates, follow these steps to connect Azure with App Controller:

  1. From within the Azure dashboard, in the left pane, scroll down all the way to Settings and then in the right pane select certificates and click on upload management certificate.
  2. At this stage, upload the certificate with the .CER extension.
  3. Once uploaded, your Azure subscription ID will be generated and you can find it in a similar location to what's shown in Fig 1. Copy the string to the clipboard because you will need to use it in a later step.
Generating an Azure subscription ID.

Figure 1. Generating an Azure subscription ID. (Click image to view larger version.)

  1. Switch to your App Controller server and make sure you are connected to your dashboard and click on Connect a Windows Azure.
  2. You will get a dialog box similar to Fig. 2; give it a name and in the Subscription ID field paste the string of numbers you copied from step 3.
Almost done connecting Azure and App Controller.

Figure 2. Almost done connecting Azure and App Controller. (Click image to view larger version.)

  1. In the Management certificate field, upload the certificate with the .PFX extension and enter the appropriate password.

When you click OK, you'll create the connection between App Controller and Azure. The App Controller dashboard should now show you one active subscription with Azure.

Even with App Controller connected with Azure, you cannot yet copy resources in Azure because you don't have a storage repository to which you can move resources into. You can use a storage repository or a library of resources that Microsoft makes available by default, but here's how to upload our own storage repository:

  1. From within the App Controller Dashboard, in the left pane, click on Library.
  2. On the right expand Windows Azure select your cloud
  3. Click on Create storage account, give it a name and specify a region (in the U.S. in my case) that you want this storage repository hosted in. the idea here is to create the storage repository as close as possible to your location, which would increase the upload speeds and would make the syncing of these files easier. Now keep in mind, create this repository as close to where your private cloud infrastructure resides. Click OK.

You now have a storage repository which you can move resources into from the same pane of glass that you are managing your private cloud from.

Is your company considering service like IaaS from public cloud providers? If so I am really interested in which public cloud providers you are going with, why and what type of workloads you've determined to be most suitable for these clouds. I am also interested to know if you plan on using these public IaaS cloud for burstability; please share in the comments section here.

Posted by Elias Khnaser on 03/11/2013 at 1:34 PM


Subscribe on YouTube