This document describes how to deploy a gateway on Azure cloud.
The deployed Azure cloud environment gateway helps monitor and manage your resources.
Prerequisites
Before deploying a gateway in the Azure cloud environment make sure you satisfy the following prerequisites. If you have previously deployed a gateway, you can skip the first two prerequisites.
- Create a Resource Group.
- Create a template JSON specification to launch the gateway.
- Download the Azure Gateway VHD file.
Create a Resource Group
- Log in to the Azure account from your browser.
- In the top-left corner, click the menu icon and select Resource groups.
- From the Resource groups screen, click +Create.
- Enter the resource group name, select the required resource group location, and click Create.
- Verify that the resource group is created.
- To create a Storage Account in the resource group, navigate back to the Menu icon in the top-left corner and click Storage Accounts.
- Click +Create to create a new storage account within the resource group.
- Open the Storage account and click Blob Service.
- Click +Container to create a new container, enter a name, and select Private (no anonymous access).
- Click create. You need to save the gateway VHD file in this Container for later.
- To create a virtual network in the resource group, navigate back to the Menu icon in the top-left corner and click Virtual networks.
- Click +Create. You now have a resource group, storage account, and virtual network in the same resource group.
Create the Template JSON to Launch the Gateway
- Log in to the Azure account from your browser.
- Search for Templates in the search area.
- Click +Create to create a new template.
- Enter the template name and description and select the ARM Template tab.
- Copy the following JSON code, paste it, and save the template.
{
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"vmName": {
"type": "string",
"metadata": {
"description": "Name of the VM"
}
},
"osType": {
"type": "string",
"defaultValue": "Linux",
"metadata": {
"description": "Type of OS of the existing vhd"
}
},
"vmSize": {
"type": "string",
"metadata": {
"description": "Size of the VM"
},
"defaultValue": "Standard_B2s"
},
"storageaccountname": {
"type": "string",
"metadata": {
"description": "Provide the Storage account name"
}
},
"osDiskVhdUri": {
"type": "string",
"metadata": {
"description": "Uri of the existing OS VHD in ARM standard or premium storage"
}
},
"existingVirtualNetworkNameID": {
"type": "string",
"metadata": {
"description": "Name of the existing VNET ID"
}
},
"subnetName": {
"type": "string",
"metadata": {
"description": "Name of the subnet in the virtual network you want to use"
}
},
"enablePublicIP": {
"type": "bool",
"defaultValue": true,
"metadata": {
"description": "Enable/Disable Public IP"
}
}
},
"variables": {
"diagStorageAccountName": "[parameters('storageaccountname')]",
"publicIPAddressType": "Dynamic",
"vnetID": "[parameters('existingVirtualNetworkNameID')]",
"subnetRef": "[concat(variables('vnetID'),'/subnets/', parameters('subnetName'))]",
"nicName": "[concat(parameters('vmName'), '-nic1')]",
"publicIPAddressName": "[concat(parameters('vmName'), '-pip')]"
},
"resources": [
{
"condition": "[parameters('enablePublicIP')]",
"apiVersion": "2023-05-01",
"type": "Microsoft.Network/publicIPAddresses",
"name": "[variables('publicIPAddressName')]",
"location": "[resourceGroup().location]",
"tags": {
"displayName": "PublicIPAddress"
},
"properties": {
"publicIPAllocationMethod": "[variables('publicIPAddressType')]"
}
},
{
"apiVersion": "2023-05-01",
"type": "Microsoft.Network/networkSecurityGroups",
"name": "VistaraNSG",
"location": "[resourceGroup().location]",
"tags": {
"displayName": "VistaraVM-NSG"
},
"properties": {
"securityRules": [
{
"name": "SSH",
"properties": {
"description": "Allow SSH",
"protocol": "Tcp",
"sourcePortRange": "*",
"destinationPortRange": "22",
"sourceAddressPrefix": "Internet",
"destinationAddressPrefix": "*",
"access": "Allow",
"priority": 100,
"direction": "Outbound"
}
},
{
"name": "HTTPS",
"properties": {
"description": "Allow HTTPS",
"protocol": "Tcp",
"sourcePortRange": "*",
"destinationPortRange": "443",
"sourceAddressPrefix": "Internet",
"destinationAddressPrefix": "*",
"access": "Allow",
"priority": 101,
"direction": "Outbound"
}
}
]
}
},
{
"condition": "[parameters('enablePublicIP')]",
"apiVersion": "2023-05-01",
"type": "Microsoft.Network/networkInterfaces",
"name": "[variables('nicName')]",
"location": "[resourceGroup().location]",
"dependsOn": [
"[concat('Microsoft.Network/publicIPAddresses/', variables('publicIPAddressName'))]",
"[concat('Microsoft.Network/networkSecurityGroups/', 'VistaraNSG')]"
],
"tags": {
"displayName": "NetworkInterface"
},
"properties": {
"ipConfigurations": [
{
"name": "ipconfig1",
"properties": {
"privateIPAllocationMethod": "Dynamic",
"publicIPAddress": {
"id": "[resourceId('Microsoft.Network/publicIPAddresses',variables('publicIPAddressName'))]"
},
"subnet": {
"id": "[variables('subnetRef')]"
}
}
}
],
"networkSecurityGroup": {
"id": "[resourceId('Microsoft.Network/networkSecurityGroups', 'VistaraNSG')]"
}
}
},
{
"condition": "[not(parameters('enablePublicIP'))]",
"apiVersion": "2023-05-01",
"type": "Microsoft.Network/networkInterfaces",
"name": "[variables('nicName')]",
"location": "[resourceGroup().location]",
"dependsOn": [
"[concat('Microsoft.Network/networkSecurityGroups/', 'VistaraNSG')]"
],
"tags": {
"displayName": "NetworkInterface"
},
"properties": {
"ipConfigurations": [
{
"name": "ipconfig1",
"properties": {
"privateIPAllocationMethod": "Dynamic",
"subnet": {
"id": "[variables('subnetRef')]"
}
}
}
],
"networkSecurityGroup": {
"id": "[resourceId('Microsoft.Network/networkSecurityGroups', 'VistaraNSG')]"
}
}
},
{
"apiVersion": "2023-07-01",
"type": "Microsoft.Compute/virtualMachines",
"name": "[parameters('vmName')]",
"location": "[resourceGroup().location]",
"tags": {
"displayName": "VirtualMachine"
},
"dependsOn": [
"[concat('Microsoft.Network/networkInterfaces/', variables('nicName'))]"
],
"properties": {
"hardwareProfile": {
"vmSize": "[parameters('vmSize')]"
},
"storageProfile": {
"osDisk": {
"name": "[concat(parameters('vmName'),'-osDisk')]",
"osType": "[parameters('osType')]",
"caching": "ReadWrite",
"vhd": {
"uri": "[parameters('osDiskVhdUri')]"
},
"createOption": "Attach"
}
},
"networkProfile": {
"networkInterfaces": [
{
"id": "[resourceId('Microsoft.Network/networkInterfaces',variables('nicName'))]"
}
]
},
"diagnosticsProfile": {
"bootDiagnostics": {
"enabled": "true",
"storageUri": "[concat(reference(concat('Microsoft.Storage/storageAccounts/', parameters('storageaccountname')), '2016-01-01').primaryEndpoints.blob)]"
}
}
}
}
]
}
Download the Azure Gateway VHD file
- Log in to OpsRamp and go to Setup > Downloads > Gateway.
- On the Azure widget, click Copy Link to copy the Azure blob container link.
- Use this link to download the Azure Gateway VHD file using Microsoft Azure Storage Explorer. You can download and install Microsoft Azure Storage Explorer on your machine if needed: download
- Open MS Azure Storage Explorer and click the User icon on the left side panel. Add your account by clicking “Add an account link”, which displays a pop-up window.
- Click subscription and log in to your Azure account to access your storage.
- After logging into the account, click the connect icon, which displays a pop-up window
- Click Blob Container.
- Select the Shared access signature URL (SAS) radio button.
- Paste the link that you copied from the OpsRamp Gateway download page and click next.
- Click connect. The Gateway VHD file is available in your Azure storage explorer at Local & Attached > Storage Accounts > Blob Containers.
- Right-click the OpsRamp gateway VHD file and copy it.
- Navigate to the storage container you created in the steps and paste the gateway VHD file. This process takes some time so make sure you wait until the file download process completes.
Deploy a Gateway using the Template JSON
In the browser, log in to your Azure account and navigate to the templates page.
Click your previously created template.
Click Deploy and enter the following required information in the gateway deployment form:
Property Description Resource group Select the resource group you created for gateway deployment. Vm Name Enter a user-defined gateway VM name. Os Type Linux
Vm Size The minimum size is Standard_B2s
. You can increase the size according to your requirements.Storageaccountname - Go to Storage accounts< in a new browser tab.
- Select the storage account.
- Make a note of the storage account name and paste it into the gateway deployment form.
Os Disk Vhd Uri - Go to Storage accounts in a new browser tab.
- Click the storage account.
- Click Blob service
- Click the container
- Click the gateway VHD file you downloaded
- In the overview tab, copy the URL and paste it into the Gateway deployment form.
You can deploy only one gateway per VHD file. If you want to deploy more than one gateway, make a copy of the VHD file before deploying another gateway.Existing Virtual Network Name ID - Go to Virtual networks in a new browser tab.
- Select the virtual network.
- Click Properties in the left-side menu.
- Copy the Resource ID and paste it into the gateway deployment form.
Subnet Name - Go to Virtual networks in a new browser tab.
- Select the virtual network.
- Click Subnets in the left-side menu.
- Copy the Name and paste it into the gateway deployment form.
Accept the terms and conditions and click the Purchase button to deploy the gateway. Deployment takes a couple of minutes. You can check the progress on the Notification page.
After deployment, go to Virtual machines and select the gateway.
In the left-hand side menu, choose the Networking option.
Select Add inbound port rule and allow ports 22 and 5480 according to your requirement to access the gateway using SSH or WebUI.
You can access the gateway by using the public IP address assigned to it.
Register the Gateway
Follow this Link to register the gateway.