For your first use of the Azure Virtual Datacenter Automation Toolkit we will deploy the simulated on-premises archetype. This tutorial is intended to get you up and running quickly with the toolkit. See additional documentation for more details on using the toolkit.
This tutorial assumes that you have already set up the toolkit to run in Docker or locally. For local setups, it assumes that the Azure CLI is also installed.
We will go through the following steps:
- Logging into Azure with the CLI
- Collecting subscription, tenant, and user information.
- Creating an archetype configuration
- Deploying the archetype
If you are using Docker, as recommended, be sure to run the image before proceeding.
First, login with the Azure CLI:
az login
This prompts you to log in using the Azure web interface.
If your account is associated with more than one subscription, you'll then need to set the default subscription you're deploying resources to after you login:
az account set --subscription [subscription id]
Before we can deploy, we will need to provide the toolkit with:
- ID for the targeted Azure Active Directory (AAD) tenant
- ID for the targeted subscription
- Object ID for your AAD user (to provide access to the deployed Key Vault)
These values can be acquired from the CLI.
Run az account show
- The value for
"id"is the subscription ID - The value for
"tenantId"is the AAD tenant ID
The following command retrieves your AAD user's Object ID, this command must be executed in your local computer (using az cli version 2.0.55 or greater) or in Azure Cloud Shell.
NOTE:
Running
az ad signed-in-usercommand inside the Docker container will result in an error.
Run az ad signed-in-user show --query "objectId"
- This command returns the value for
"object-id"
We need to create an instance of the configuration for the on-premises archetype using value unique to our deployment.
- Locate the sample configuration at
archetypes/on-premises/archetype.test.json. - Copy the sample configuration and name it
archetype.json. It should be place inarchetypes/on-premises/.- The file name:
archetype.jsonis included in .gitignore, the reason is to prevent sensitive data from being pushed to the github repo. Changing the file name will require the inclusion of the new file name into .gitignore file.
- The file name:
- Open the new configuration and make these changes:
- Replace the two instances of
"subscription-id"with your appropriate subscription ID. One is located in"shared-services"and the other in"on-premises". - Replace
"tenant-id"under"general"with your AAD tenant ID. - Replace
"deployment-user-id"with your AAD user object ID. - Provide a unique name for
"vdc-storage-account-name". This must be a globally unique name since it is used to construct a URI for a structure account. This storage account will reside undershared-servicessubscription. - Provide a password value for
"domain-admin-password".
- Replace the two instances of
- Save
archetype.json.
If you want to know more about the setting, please see the section on archetype configuration files.
You are ready to begin your first deployment.
Return to your terminal/command-line interface and navigate to the root of the toolkit source.
We need to execute from the root of the repository in order for the paths used in this tutorial to resolve.
[Docker]
python vdc.py create on-premises -path archetypes/on-premises/archetype.json --upload-scripts
[Linux/OSX]
python3 vdc.py create on-premises -path archetypes/on-premises/archetype.json --upload-scripts
[Windows]:
py vdc.py create on-premises -path archetypes/on-premises/archetype.json --upload-scripts
The toolkit will initiate the deployment and provide status updates.
Now that you have the toolkit setup and have started your first deployment, you should learn about more advanced usage of the toolkit.