Microsoft Azure

Microsoft supplies a prebuilt HPE Helion Stackato image on its Azure platform.

Important

The HPE Helion Stackato image on the Microsoft Azure platform is provided on the basis of the Bring Your Own License model: it is subject to the Software License Terms and requires a software license key.

To Create a Resource Group

A resource group is necessary for storing resources such as storage accounts, virtual networks, virtual machines, network interfaces, network security groups, public IP addresses, and extensions.

Tip

If you plan to create multiple Helion Stackato instances, it is a good practice to create them under the same resource group.

  1. In Azure, on the left panel, click Resources groups Resource groups and then click Add.

  2. Enter the Resource group name.

  3. Select your Subscription.

  4. Select the Resource group location.

  5. Click Create.

    The resource group is created.

To Create a Virtual Network

A virtual network is necessary for the virtual machines in your cluster to communicate together on an internal, private network.

  1. In Azure, on the left panel, click Browse.

  2. Enter network into the Filter search field, click Virtual networks Virtual Networks, and then click Add.

  3. Enter the virtual network Name, Address space (in CIDR notation), Subnet name, and Subnet address range (in CIDR notation).

  4. Select your Subscription.

  5. Under Resource Group, click Select Existing, click Not configured, and then select the resource group that you have created earlier.

  6. Select the virtual network Location.

  7. Click Create.

    The virtual network is created and associated with your resource group.

To Create Network Security Groups

It is a good practice to set up the smallest possible profile for the public gateway of a cluster while allowing the functional components inside the cluster to communicate freely on various required ports. You can add this functionality by creating two partially-overlapping security groups.

Note

For more information on how Helion Stackato uses ports, see the Helion Stackato port requirements.

  1. In Azure, on the left panel, click Browse.

  2. Enter security into the Filter search field, click Network security groups Network security groups, and then click Add.

  3. On the Create network security group dialog box, enter the security group Name.

  4. Select your Subscription.

  5. Under Resource Group, click Select Existing, click Not configured, and then select the resource group that you have created earlier.

  6. Select the virtual network Location.

  7. Click Create.

    The security group is created and associated with your resource group.

Create a Public-Facing Network Security Group

  1. On the Settings panel, click Inbound security rules, and then click Add.

  2. On the Add inbound security rule panel, enter the following rules and click OK.

    Name Priority Source Protocol Source Port Range Destination Destination Port Range Action
    SSH 100 Any TCP * Any 22 Allow
    HTTP 200 Any TCP * Any 80 Allow
    HTTPS 300 Any TCP * Any 443 Allow

Create an Internal Network Security Group

Default security group rules allow for internal communication within the virtual network.

Enable Communications Between Network Security Groups

As long as the two network security groups are on the same subnet, no additional settings are necessary for the network security groups to communicate with each other. However, if they are on different subnets, add a rule to each network security group that specifies the CIDR address of the other network security group in the Source field.

To Create a Storage Account

A storage account is necessary for storing the virtual disks of your virtual machines.

  1. In Azure, on the left panel, click Browse.

  2. Enter storage into the Filter search field, click Storage accounts Storage accounts, and then click Add.

  3. Enter the storage account Name and select the storage account Type.

  4. (Optional) To disable metric and log request diagnostics, click Disable (enabled by default).

  5. Select your Subscription.

  6. Under Resource Group, click Select Existing, click Not configured, and then select the resource group that you have created earlier.

  7. Select the storage account Location.

  8. Click Create.

    The storage account is created and associated with your resource group.

To Deploy a Helion Stackato Virtual Machine

  1. In Azure, on the left panel, click New.

  2. Next to Marketplace, click See all.

  3. On the Everything pane, enter stackato into the Search Compute field, press Enter, and click the Helion Stackato row.

  4. On the Helion Stackato pane, click Create.

    The Create virtual machine and Basics panes are displayed.

Configure Basic Settings

  1. On the Basics pane, enter the virtual machine Name.
  2. Enter stackato for the virtual machine User name.

Important

If you set your username to anything other than stackato, after you set up your VM, you must run the following command on the core node using your public IP (in the following example, 203.0.113.0) in order to run kato commands, for example:

sudo passwd stackato
sudo su - stackato
kato node rename 203.0.113.0.xip.io --no-restart
kato node setup core api.203.0.113.0.xip.io
ip -4 address

After you run the command, you will receive your private IP address (in the following example, 192.0.2.0). You can use this IP address to configure all your other nodes by running the following command, for example:

sudo su - stackato
kato node attach -e ROLE 192.0.2.0
  1. Ensure that the Authentication type is set to Password and enter a Password for the virtual machine.
  2. Select the Subscription.
  3. Under Resource Group, click Select Existing, click Not configured, and then select the resource group that you have created earlier.
  4. Select the virtual machine Location.
  5. Click OK.

Choose Virtual Machine Size

  1. On the Choose a size pane, select the virtual machine size. The following three recommended deployments are displayed.

    A2 Basic A2 Standard D2 Standard
    • 2 cores
    • 3.5 GB
    • 4 data disks
    • 4x300 Max IOPS
    • 2 cores
    • 3.5 GB
    • 4 data disks
    • 4x500 Max IOPS
    • Load balancing
    • Auto scale
    • 2 cores
    • 7 GB
    • 4 data disks
    • 4x500 Max IOPS
    • 100 GB Local SSD
    • Auto scale

    To view all possible configurations, click View all.

  2. Click Select.

Configure Optional Features

On the Settings pane, you can configure the following optional features.

Storage

Network

Monitoring

Availability

  • (Optional) To provide redundancy for your application, you can select an Availability set.

When you finish configuring the optional features, click OK.

Summary

On the Summary pane, you can review your selections.

  1. To return to any of the previous pane, click a step on the Create virtual machine pane.
  2. When you are satisfied with your selections, click OK.

Purchase

On the Purchase pane, you can read the offer details, the Terms of use, and the Privacy policy and familiarize yourself with the Pricing for other VM sizes, Azure infrastructure costs, and the Azure Marketplace Terms.

When you are satisfied with all of the terms and conditions, click Purchase.

The Helion Stackato virtual machine, its network interface, and IP address are created and associated with your resource group.

To Configure a Helion Stackato Virtual Machine

Set the Hostname and DNS

To be able to access the web interface and applications that will be hosted on Helion Stackato, you must set the hostname on your public-facing node to a corresponding wildcard DNS record. You can use the xip.io service to obtain wildcard DNS resolution for your Elastic IP address.

  1. ssh to your instance, for example:

    $ ssh stackato@203.0.113.0
    
  2. Rename the hostname, for example:

    $ kato node rename 203.0.113.0.xip.io
    

    At the end of the process, the address of the API endpoint is displayed, for example:

    Stackato Micro Cloud:-
      endpoint: api.203.0.113.0.xip.io
      mbusip: 127.0.0.1
      micro cloud: true
      eth0 IP: 198.0.2.0
    

You can now connect to the web console of your instance by entering the API endpoint into your browser.

Configure the First Administrative Account

  1. Enter the address of the web console of your instance into a web browser, for example:

    api.203.0.113.0.xip.io
    

    When you first connect to the web console, you will receive a warning about an untrusted connection. Add an exception for the provided certificate and proceed.

    Important

    For production systems, add a signed certificate and a real DNS record to your domain. You can publish the public-facing address of your domain name either using DNS or dynamic DNS. For example, a static DNS zone file for stackato-test on example.com would have the following entries (note the . that terminates the A record):

    stackato-test      IN  A       <Elastic-IP>.
    \*.stackato-test   IN  CNAME   stackato-test
    

    For more information on DNS configuration, see DNS.

  2. On the Set Up First Admin User page, enter the Username, Email Address, and Password for the first administrative account, the first Organization Name and Space Name.

    Tip

    The password you specify for this account will also become the password for the stackato system user, removing the warning displayed after connecting to the instance using ssh.

  3. Review the Stackato Terms of use, click Yes, I agree, and click Set Up First Admin User.

To Deploy a Helion Stackato Cluster

Create Non-Core Instances

  • To setup a multi-node, clustered Helion Stackato PaaS, see Cluster Setup
  • To create a single cluster, create the required number of additional Helion Stackato instances using the same resource group and follow the same steps and instance types you used to create your core VM.

Configure the Core Node

  1. ssh to your core instance, for example:

    $ ssh stackato@203.0.113.0
    
  2. Set up the core node:

    $ kato node setup core
    
  3. Press y when prompted for an endpoint or enter a name for the endpoint.

  4. Enter your password when prompted.

    Helion Stackato disables all the roles that will be delegated to other nodes and configures itself to listen on the node's internal MBUS IP address. At the end of the process, the internal MBUS IP address and the assigned and available roles are displayed, for example:

    Stackato Cluster:-
      endpoint: api.203.0.113.0.xip.io
      mbusip: 198.0.2.24
      micro cloud: false
    Stackato Node [198.0.2.0]
      assigned roles : base,controller,primary,router
      available roles: base,mdns,primary,controller,router,dea,postgresql,mysql,rabbit,rabbit3,mongodb,redis,filesystem,harbor,memcached,load_balancer
    

    Tip

    Note the internal MBUS IP address. You will need it to configure your non-core nodes.

Configure the Non-Core Nodes

  1. In Azure, on the left panel, click Resources groups Resource groups and then click the name of your resource group.

  2. On the Resource group panel, click the Network interface Network interface of your VM.

  3. On the Network interface panel, note the Private IP address of the VM.

  4. ssh to your core instance, for example:

    $ ssh stackato@203.0.113.0
    
  5. ssh to your non-core instance from the core instance, for example:

    $ ssh stackato@198.0.2.24
    

    Important

    There is no other way to access the non-core instances. When you ssh into non-core instances, use the stackato username and password. You can later simplify setup and maintenance operations by configuring passwordless SSH authentication between the core and non-core nodes.

Create Droplet Execution Agent (DEA) Nodes

  1. Create the required number of DEAs from the non-core node using the internal MBUS IP address of the core node, for example:

    $ kato node attach -e dea 198.0.2.0
    

    Note

    The -e option enables the specified role on the node and disables all other roles. While kato node attach commands run on various cluster nodes, the web console may display Node Degraded! error messages. However after the commands finish, you can view the operational cluster nodes by navigating to the Helion Stackato web console and clicking Admin > Cluster or by running the kato node list and kato status commands after you ssh into your core node.

  2. Enter your password for the non-core node and core node when prompted.

Create a Data Service Node

data-services is a meta-tag that enables support for MySQL, PostreSQL, MongoDB, RabbitMQ, Memcached, and the Filesystem service.

  1. Create a data service node from the non-core node using the internal MBUS IP of the core node, for example:

    $ kato node attach -e data-services 198.0.2.1
    
  2. Enter your password for the non-core node and core node when prompted.