Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revisionNext revisionBoth sides next revision | ||
azure-gettingstarted [2020_06_29 21:42] – [Use Cases] steven | azure-gettingstarted [2021_07_27 13:39] – dan | ||
---|---|---|---|
Line 1: | Line 1: | ||
# Getting Started with Microsoft Azure | # Getting Started with Microsoft Azure | ||
+ | ##### last updated July 27, 2021 | ||
{{ azure-gettingstarted: | {{ azure-gettingstarted: | ||
Line 11: | Line 12: | ||
## Architecture | ## Architecture | ||
- | ### Single VM Deployment | + | #### Single VM Deployment |
For evaluation and smaller production environments the Enterprise File Fabric™ solution is typically deployed as a single virtual machine. The virtual machine includes an embedded database and search index. | For evaluation and smaller production environments the Enterprise File Fabric™ solution is typically deployed as a single virtual machine. The virtual machine includes an embedded database and search index. | ||
- | A single virtual machine can be launched directly from the Azure Marketplace | + | A single virtual machine can be launched directly from the Azure Marketplace. |
- | ### Multiple VM Deployment | + | #### Multiple VM Deployment |
The Enterprise File Fabric solution may also be deployed for High Availability with multiple virtual machines and a separate database. | The Enterprise File Fabric solution may also be deployed for High Availability with multiple virtual machines and a separate database. | ||
Line 27: | Line 27: | ||
For production deployments see also [[sizingguide]]. | For production deployments see also [[sizingguide]]. | ||
- | ### Requirements | + | ## Requirements |
You will need the following information before you can complete setup on Azure: | You will need the following information before you can complete setup on Azure: | ||
* A domain name (recommended) | * A domain name (recommended) | ||
- | * License key (required) - A trial key can be requested from https:// | + | * License key (required) - A trial key can be requested from [Enterprise File Fabric Sign Up](https:// |
* Outbound mail relay information. (recommended) | * Outbound mail relay information. (recommended) | ||
* Default storage system connectivity details - for example, Azure Blob Storage (required) | * Default storage system connectivity details - for example, Azure Blob Storage (required) | ||
Line 38: | Line 38: | ||
- | ## Launch from Azure Marketplace | + | ## Azure Marketplace |
- | **COMING SOON** | + | From [[https:// |
+ | [[https:// | ||
+ | Select **"GET IT NOW"** and log in with a Microsoft Account. | ||
+ | {{ : | ||
- | ## Setting Up Instance | + | Add contact information if requested and select **" |
+ | {{ : | ||
- | ### SSH Access | + | Select **" |
+ | |||
+ | ## Create a Virtual Machine | ||
+ | |||
+ | Choose where you wish to deploy the appliance: | ||
+ | |||
+ | 1. Check **Subscription** | ||
+ | 2. Check **Resource Group** | ||
+ | |||
+ | {{ : | ||
+ | |||
+ | Enter a **Virtual Machine Name** such as " | ||
+ | |||
+ | {{ : | ||
+ | |||
+ | Enter the Username **smeconfigure** and either create or use an existing SSH key. | ||
+ | |||
+ | {{ : | ||
+ | |||
+ | Select " | ||
+ | |||
+ | {{ : | ||
+ | |||
+ | Then select **" | ||
+ | |||
+ | Select **" | ||
+ | |||
+ | ## Configure Domains | ||
+ | |||
+ | #### SSH Access | ||
The instance can now be accessed at this IP address using a standalone SSH client. The username is **smeconfiguser**. For example: | The instance can now be accessed at this IP address using a standalone SSH client. The username is **smeconfiguser**. For example: | ||
Line 64: | Line 97: | ||
- | ### SSL Configuration (Recommended) | + | #### SSL Configuration (Recommended) |
The appliance is configured, by default, with DHCP and a self-generated untrusted SSL certificate. | The appliance is configured, by default, with DHCP and a self-generated untrusted SSL certificate. | ||
- | In order to use the client tools (desktop and mobile | + | In order to use the web, desktop and mobile |
#### Disabling SSL (Not Recommended) | #### Disabling SSL (Not Recommended) | ||
Line 74: | Line 107: | ||
If you do NOT wish to use SSL for the trial you can disable it. | If you do NOT wish to use SSL for the trial you can disable it. | ||
- | 1. Log in as the Appliance Administrator as per the the instructions below. | + | 1. Log in as the Appliance Administrator as per the instructions below. |
2. Navigate to Settings > Site Functionality | 2. Navigate to Settings > Site Functionality | ||
3. Set Always use HTTPS to No. | 3. Set Always use HTTPS to No. | ||
- | 4. Set Generate secure server side links to No. | + | 4. Set Generate secure server-side links to No. |
5. Select *Update options* at the bottom of the page. | 5. Select *Update options* at the bottom of the page. | ||
- | ### Create DNS entries | + | #### Create DNS entries |
Choose three fully qualified domain names (FQDNs). For example: | Choose three fully qualified domain names (FQDNs). For example: | ||
Line 91: | Line 124: | ||
^ Type ^ Name ^ Value^ | ^ Type ^ Name ^ Value^ | ||
- | | A | files | 35.188.82.62| | + | | A | files | 54.194.216.200| |
- | | A | files-webdav | 35.188.82.62| | + | | A | files-webdav | 54.194.216.200| |
- | | A | files-s3 | + | | A | files-s3 |
Verify that Public DNS records are setup correctly: | Verify that Public DNS records are setup correctly: | ||
- | curl -L -k http:// | + | curl -Lk http:// |
- | curl -L -k http:// | + | curl -Lk http:// |
- | curl -L -k http:// | + | curl -Lk http:// |
These commands should resolve the domain name, connect to port 80, get redirected to port 443 and return (part of) the web login page: | These commands should resolve the domain name, connect to port 80, get redirected to port 443 and return (part of) the web login page: | ||
Line 114: | Line 147: | ||
<meta name=" | <meta name=" | ||
- | ### Change Hostname | + | #### Change Hostname |
- | To update the appliance with the FQDN change to the root user by issuing “sudo bash“ with SSH. As the root user, edit / | + | To update the appliance with the FQDN change to the root user by issuing “sudo bash“ with SSH. You can then edit / |
- | Change the Azure instance name to your FQDN. | + | hostname files.example.com |
- | files.example.com | ||
- | + | #### Start SME Config Server | |
- | ### Start SME Config Server | + | |
Leave root privilege: | Leave root privilege: | ||
- | [root@ip-10-0-0-192 | + | [root@files smeconfiguser]# |
As the smeconfiguser start the configuration server by typing **smeconfigserver**. You should see a confirmation that the config server is running: | As the smeconfiguser start the configuration server by typing **smeconfigserver**. You should see a confirmation that the config server is running: | ||
- | [smeconfiguser@ip-10-0-0-192 | + | [smeconfiguser@files ~]$ smeconfigserver |
Please contact me with a browser on port 8080 | Please contact me with a browser on port 8080 | ||
Hit Ctrl+C when work is done | Hit Ctrl+C when work is done | ||
Line 140: | Line 171: | ||
- | ### Configure Hostname Settings | + | #### Configure Hostname Settings |
- | Here you only need to configure the three domain names. Click " | + | Here you only need to configure the three domain names. Click "**Configuration**" and then "**SME Server Hostname Settings**". |
Line 148: | Line 179: | ||
After Saving go to the " | After Saving go to the " | ||
+ | |||
+ | {{ : | ||
Follow the prompts on the page to reboot the appliance. If you are not doing this immediately stop the Config Server by typing Control-C in the terminal window. | Follow the prompts on the page to reboot the appliance. If you are not doing this immediately stop the Config Server by typing Control-C in the terminal window. | ||
- | ### Create SSL Certificates | + | {{ : |
+ | |||
+ | #### Create SSL Certificates | ||
This section creates and configures SSL certificates from Let's Encrypt. If you are using your own certificates (or a different service) you can use the smeconfigserver service above to add certificates. | This section creates and configures SSL certificates from Let's Encrypt. If you are using your own certificates (or a different service) you can use the smeconfigserver service above to add certificates. | ||
Line 196: | Line 231: | ||
crontab -e | crontab -e | ||
- | In the example below the renewal attempt will process at 2: | + | In the example below the renewal attempt will process at 2: |
30 2 * * * / | 30 2 * * * / | ||
Line 204: | Line 239: | ||
Use https:// | Use https:// | ||
- | ## Appliance | + | ## Configure |
- | Open a browser to the the domain name you assigned: | + | Open a browser to the domain name you assigned: |
| | ||
Line 216: | Line 251: | ||
You'll see the following login page: | You'll see the following login page: | ||
- | {{ ::appladmin-login.png? | + | {{ :azure-gettingstarted:azure-fabric-login.png? |
Log into the appliance as appladmin with a password from your trial license: | Log into the appliance as appladmin with a password from your trial license: | ||
Line 229: | Line 264: | ||
A trial key can be requested from https:// | A trial key can be requested from https:// | ||
- | ### Change Admin Password (Optional) | + | ### Change Admin Password (Recommended) |
- | Select " | + | Select " |
+ | |||
+ | After you select " | ||
### Outbound Email (Recommended) | ### Outbound Email (Recommended) | ||
Line 239: | Line 276: | ||
If you do not configure an email server remember not to use email notification when adding users. | If you do not configure an email server remember not to use email notification when adding users. | ||
+ | #### Using SendGrid for Email | ||
+ | |||
+ | Microsoft has restrictions on sending email from the Azure platform. They recommend using an SMTP relay service such as SendGrid. See [[https:// | ||
+ | |||
+ | The File Fabric SMTP configuration would be: | ||
+ | |||
+ | {{ : | ||
+ | |||
+ | Use **Test SMTP options** to test the settings and also check that the test email was received since Azure silently discards emails sent to unsupported servers. | ||
### Change Appliance Admin Email | ### Change Appliance Admin Email | ||
- | With an SMTP server configured you can change the email of the Appliance Admin. Go to the main menu (Hamburger icon) to Password/ | + | With an SMTP server configured you can change the email of the Appliance Admin which will require a confirmation email. |
+ | |||
+ | Go to the main menu (Hamburger icon) to Password/ | ||
You can also set up Two Factor Authentication (2FA) for the Appliance Admin from this screen. | You can also set up Two Factor Authentication (2FA) for the Appliance Admin from this screen. | ||
Line 254: | Line 302: | ||
## Create an Organization | ## Create an Organization | ||
- | An //organization// is a tenant within the appliance and is created by the Appliance Administrator. | + | An organization is an administrative unit for a set of users. It includes policies, storage resources, and permissions for those users. Organizations, also called tenants, are self-managed by their users and not accessible or even visible |
- | + | ||
- | ### Review User Package (Optional) | + | |
- | + | ||
- | The File Fabric platform uses templates for organizations, in order for us to create our organization, we need to pick a template, before we do, let’s review. | + | |
- | + | ||
- | Login as the Appliance Administrator. | + | |
- | + | ||
- | Click “User Packages” | + | |
- | + | ||
- | ### Create Organization | + | |
- | + | ||
- | Login as the Appliance Administrator. | + | |
- | + | ||
- | In the hamburger menu, select “Users” and then "Add a User" | + | |
- | + | ||
- | On the Add a User screen create your Organization admin user. (This will also be your organization.) | + | |
- | + | ||
- | 1. User Login: The Organization short name and superuser' | + | |
- | 1. E-mail: Email address of organizational admin, must be unique to the system, do not use your own. | + | |
- | 1. Password: | + | |
- | 1. Name (Company Name): Full organization name. | + | |
- | 1. Package: The user package template | + | |
- | 1. We do not need to split the license between | + | |
- | + | ||
- | Click Save. | + | |
- | {{ : | + | The appliance administrator creates organizations and provides credentials for the first “Organization Administrator” who will log in to complete the setup of organization policies and users. |
- | ## Setting Up an Organization | + | To create |
- | Log out from the Appliance Admin, appladmin user, and log back in as the user you just created. | + | ## Add Storage |
- | You will first see the “Add Storage Provider” screen. You have to add storage before you can continue. | + | Log out as the appladmin user, and log back in as the user you just created. |
- | Select your provider and follow the instructions on the next couple of screens. See the next section for information on setting up Amazon S3 storage. | + | Select your provider and follow the instructions on the next couple of screens. |
- | ## Cloud Storage Provider | + | See [[cloudproviders: |
- | After logging into the organization you will be prompted to register your cloud storage provider. Choose the provider (for example, [[cloudproviders: | ||
- | ### Azure Storage Provider | ||
- | Enter your Azure Blog Storage account name and key to continue: | + | ## Single Sign-On (Optional) |
+ | An authentication provider can be added to allow users to log in using their corporate credentials. For Azure, we recommend Azure Active Directory. There are two ways to connect. | ||
- | The credentials are validated and a list of buckets in the account are returned. Select the buckets | + | 1. Use [[ldap]] with Azure AD Domain Services if you will be using a [[: |
- | Select and create a new bucket for default data (at the bottom) before selecting Continue. You are then ready to add users! | + | 2. Otherwise use [[: |
- | ## Use Cases | + | ## Next Steps |
Once this is complete you can: | Once this is complete you can: |