Adding Microsoft Azure to vRA and vRB Part #2

In part 1 I showed how to add Microsoft Azure to vRA.  In this part 2 I will show how to add Microsoft Azure with Non-EA account to vRealize Business which will provide cost information for your MS Azure account.

I have to apologies for taking so long to publish this but I had the blog written and ready to go but it was created with vRB 7.2, which had a lot of bugs with Azure integration  and the documentation was not very thorough and made use of the old Azure portal interface for configuration.  The problem I ran into can be view in the community post here, but with a lot of views and not responses I decided to wait until vRB 7.3 to review this again.

Prerequisites:

  1. You must have a Microsoft Azure Enterprise Agreement (EA) or non-EA account.
  2. If using MS Azure non-EA you must have one of the following credits offers:
    1. Pay-as-you-go
    2. MSDN
    3. Monetary commitment
    4. Monetary credit

To add a non-EA account you will also need the following information during configuration so please make sure you have this available.  I am also providing the steps on how to configure your non-EA account.

  • Client ID
    • When you register a client app, such as a console app, you receive a Client ID. The Client ID is used by the application to identify themselves to the users that they are requesting permissions from.
  • Location of Purchase
  • Tenant ID
    • Value can be retrieved from the Azure default Active directory when you select manage -> properties in menu.
  • Secret Key
    • Value will be defined during app registration.

How to configure your non-EA account Azure account to retrieve Client ID : (This is the tricky part in my opinion)

  1. Login to Azure Portal.
  2. First we need to setup the user account.
    1. Select Azure Active Directory
    2. Screen Shot 2017-07-19 at 9.58.03 AM.png
    3. Verify the the Default Directory is displayed at top of screen.
    4. Select manage -> users and groups
    5. Screen Shot 2017-07-19 at 10.01.04 AM.png
    6. Select manage -> All users
    7. Click “New user”
    8. Screen Shot 2017-07-19 at 10.01.34 AM.png
    9. Enter Name
    10. Enter Username
      • should be in UPN format
    11. Leave rest default
    12. Click Directory Role
      • Change to Global Administrator or Limited Administrator
    13. Check the box to Show Temporary Password
    14. Copy the password
    15. Screen Shot 2017-07-19 at 10.07.58 AM.png
    16. Click Create
  3. Logout of Azure
  4. Login to Azure with newly create username and password
    1. You will receive a prompt to change password, do so and set the password to you company standards.
  5. Select Azure Active Directory from menu
  6. Select Manage -> App Registrations
    • Screen Shot 2017-07-19 at 10.10.48 AM.png
  7. Click New application registration
    • Screen Shot 2017-07-19 at 10.12.51 AM.png
  8. Enter name
    • For instance vRealize Business.
    • This can be anything descriptive
  9. Leave application type as “Web app / API”
  10. Change Sign-on URL to
  11. Screen Shot 2017-07-19 at 10.15.39 AM.png
  12. Click Create
  13. Screen Shot 2017-07-19 at 10.16.40 AM.png
  14. Select the newly created application
    • Screen Shot 2017-07-19 at 10.17.06 AM.png
  15. On the right hand side settings panel, select keys
    • Screen Shot 2017-07-19 at 10.18.26 AM.png
    • Enter Description
    • Pick the expiration
    • Click Save
    • Screen Shot 2017-07-19 at 10.19.33 AM.png
    • Wait for the save to finish and COPY the value that appear since you will not be able to retrieve it later.  (this wil be needed in vRB as the Client Secret)
  16. Scroll to left to show the registered app
    • Screen Shot 2017-07-19 at 10.31.15 AM.png
    • Copy the Application ID (this is needed in vRB as the Client ID)
  17. Screen Shot 2017-07-19 at 10.36.52 AM.png
  18. In the left side navigation Select More services.
    • Type Subscriptions in the filter field
    • Select Subscriptions
    • (You can also find it under general -> Subscriptions)
  19. Screen Shot 2017-07-19 at 10.38.18 AM.png
  20. If see message “No subscriptions in <domain> (default directory) then you need to configure permissions first for the AD user.
    1. Login with user that has owner role to subscription.
    2. Select Subscriptions
    3. Select Access Control (IAM)
    4. Screen Shot 2017-07-19 at 10.45.32 AM.png
    5. Click + Add
      • Select role
      • Select the Azure AD user below
      • Click Save
  21. Log out and log back in with Azure AD user.
  22. Select Subscriptions
    1. Select the Subscription
    2. Select Access Control (IAM)
    3. Click + Add
    4. Select role = reader
    5. In select field, TYPE the application name defined earlier.
    6. Screen Shot 2017-07-19 at 10.54.51 AM.png
    7. Select the application.
    8. Click Save

How to configure vRealize Business and manage your non-EA Microsoft Azure account

Login to standalone vRB or to your vRA integrated environment.  In my case I logging into my vRA which has vRB integrated.

  1. Select Administration -> Business management
  2. Screen Shot 2017-03-07 at 4.48.12 PM.png
  3. Select Manage Hybrid Cloud & Public Cloud Accounts
  4. Select Microsoft Azure -> Non-Enterprise Agreement
  5. Click Plus sign to add
    1. Screen Shot 2017-03-07 at 4.49.36 PM.png
    2. Enter Name or Description
    3. Enter the Client ID
      • The application ID value that was copied from the registered app.
    4. Enter Location of Purchase.
      • If not sure review your Azure Profile for this information.
    5. Enter Tenant ID
      • The Directory ID of the Azure default active directory.
    6. Enter Client Secret
      • The value copied from the app registration key.
  6. This should be successful and will start to sync information.
  7. Verify sync status
    • Screen Shot 2017-07-19 at 11.14.45 AM.png
  8. Now you can select Expenses -> Public Cloud (Azure) -> overview & Non-EA VM Stats.
    • Screen Shot 2017-07-19 at 11.12.30 AM.png
    • Screen Shot 2017-07-19 at 11.16.37 AM.png

 

Troubleshooting

VMware has troubleshooting pdf guide of vRealize Business for Cloud.

http://pubs.vmware.com/vrbforcloud-72/topic/com.vmware.ICbase/PDF/vRBforCloud-troubleshoot.pdf   Page 31 – 32 has some Azure troubleshooting.

If you run into problems with Sync, SSH to the vRB appliance and review the log file (/var/log/vrb/itfm-server/itfm-server.log). It provides valuable information.

KB 2146798 provides a solution for when you are unable to successfully collect data from Azure.

 

 

 

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s