Microsoft Azure deploy tasks
Deploying to Microsoft Azure involves the following tasks:
Topics
Before you begin
- You’re familiar with Azure GUI and CLI, commands and concepts.
Wherever possible both the UI and CLI instructions are provided.
Microsoft Azure deployment tasks
Process overview
Creating an instance of Access Gateway within Microsoft Azure requires the creation of a VM and then associating that VM with a disk image. Microsoft requires the use of fixed size disk files, as such the Access Gateway disk must be expanded to its full size before being used. Expanding the provided disk locally would require an upload to Microsoft Azure which is greater than 200gb. To avoid this a second temporary VM is created, and this temporary VM is used to create a disk in the Microsoft Azure Cloud. The Access Gateway Microsoft Azure disk image is then copied directly to the disk associated with the VM, expanded and then attached to the second, actual Access Gateway VM. The original, temporary VM, is then deleted to conserve resources.
Tasks
| Task | Description | Related Topic(s) |
| Install and configure Microsoft Azure CLI | The Microsoft Azure Command line utility is used extensively through the MS Azure deployment process. | Install and Configure Microsoft Azure Command Line interface |
| Define an resource group | Microsoft Azure uses resource groups to contain related resources. Access Gateway VM and disk must be created within the same resource group. |
Define Resource Group |
| Create Temporary VM | To create a VM in Microsoft Azure we must define a virtual machine and associate it with a previously uploaded disk image. | Create Disk Host VM |
|
Prepare Temporary Disk |
The Temporary VM is used for the purpose of creating a disk to contain the OAG image. |
|
| Create and populate managed disk | Upload Microsoft Azure disk to the new disk and decompress. Using the Microsoft Azure CLU and AZcopy create a manage disk and copy the uncompressed image to it. |
Upload, create and populate managed disk |
|
Create snapshot and replicate |
Create a disk snapshot and then replicate disks as required for clustering. |
|
|
Create Access Gateway VM |
Create a virtual machine and attach it to the previously created disk. |
|
|
Open Ports |
Open port 80 and 443 to new VM. |
|
|
Cleanup |
Clean up an the temporary VM and disk. |
Post deployment tasks
All deployments of Access Gateway require a set of common tasks including:
| Task | Description | Related Topic(s) |
|
First Login |
Reset the Access Gateway Management console password. |
First login to Command Line Console
|
| Determine the IP Address assigned and configure DNS |
Determine Access Gateway IP address.
Configure required /etc/hosts admin entry Configure required DNS entries. |
Determine Access Gateway IP address, for non-AWS instances.
Configure Admin /etc/hosts entry Configure Access Gateway DNS |
| Initialize Access Gateway |
Initialize the cookie domain and instance hostname. |
Initialize Access Gateway Console |
| Configure an identity provider |
Configure Okta tenant as identify provider Setup SAML Access. |
|
|
Configure SAML access to Access Gateway from your Okta tenant |
Configure Okta Tenant to allow access to Access Gateway using SAML. |
Important
When creating a set of Access Gateway nodes, for use in a High Availability Cluster, care should be taken to name the nodes appropriately.
Note also, node names must be resolvable between Access Gateway instances before configuring High Availability.
High availability and load balancer tasks
Organizations which are implementing high availability and load balancing will also want to perform the following tasks.
| Task | Description | Related Topic(s) |
| Configure Load Balancer | Configure a load Balancer and related health checks. | Configure Microsoft Azure load balancers |