Differences

This shows you the differences between two versions of the page.

--- azure-gettingstarted [2020_07_30 21:51] – [Requirements] steven
+++ azure-gettingstarted [2024_04_22 21:30] (current) – external edit 127.0.0.1
@@ Line 1: / Line 1: @@
 # Getting Started with Microsoft Azure
+**Last updated Feb 27, 2023**
 {{ azure-gettingstarted:ms-azure_logo_horiz_c-gray_rgb.png?400 |nobox}}
 ## Why Azure?
-Azure customers are using the File Fabric to take advantage of the high durability, scalability and low cost of Azure Cloud Services. Customers are able to securely extend access to end users and existing file-based applications, significantly reducing migration costs to the cloud.
+Azure customers are using the Nasuni Access Anywhere to take advantage of the high durability, scalability and low cost of Azure Cloud Services.
-For more information on See [[https://storagemadeeasy.com/objectstorage/|The Enterprise File Fabric™ — The Killer Solution for Object Storage !]]
 ## Architecture
-### Single VM Deployment
+#### Single VM Deployment
-For evaluation and smaller production environments the Enterprise File Fabric™ solution is typically deployed as a single virtual machine. The virtual machine includes an embedded database and search index.
+For evaluation and smaller production environments the solution is typically deployed as a single virtual machine. The virtual machine includes an embedded database and search index.
-A single virtual machine can be launched directly from the Azure Marketplace (Coming Soon).
+A single virtual machine can be launched directly from the Azure Marketplace.
-### Multiple VM Deployment
+#### Multiple VM Deployment
-The Enterprise File Fabric solution may also be deployed for High Availability with multiple virtual machines and a separate database.
+The solution may also be deployed for High Availability with multiple virtual machines and a separate database.
 Please contact us for more information on setting up HA deployments on the Azure Cloud.
@@ Line 27: / Line 25: @@
 For production deployments see also [[sizingguide]].
-### Requirements
+## Requirements
 You will need the following information before you can complete setup on Azure:
  * A domain name (recommended)
- * License key (required) - A trial key can be requested from [Enterprise File Fabric Sign Up](https://www.storagemadeeasy.com/appform/).
+ * A Nasuni Account with access to a Nasuni Access Anywhere Serial Number.
+ * Password for Appliance Administrator
  * Outbound mail relay information. (recommended)
- * Default storage system connectivity details - for example, Azure Blob Storage (required)
+ * Storage system connectivity details - for example, Nasuni File storage (required)
  * An Active Directory service account if you are connecting to AD (optional)
+## Azure Marketplace
-## Launch from Azure Marketplace
+Navigate to  [[https://azuremarketplace.microsoft.com/en-us/marketplace/apps/nasunicorporation.naa-server|Nasuni Access Anywhere]].
-From [[https://azuremarketplace.microsoft.com/en-us/marketplace/apps/storage_made_easy.file_fabric|Azure Marketplace]] navigate to the [[https://azuremarketplace.microsoft.com/en-us/marketplace/apps/storage_made_easy.file_fabric|Enterprise File Fabric App]].
+[[https://azuremarketplace.microsoft.com/en-us/marketplace/apps/storage_made_easy.file_fabric|{{ :azure-gettingstarted/azure-mktplace-create.png?600 }}]]
-[[https://azuremarketplace.microsoft.com/en-us/marketplace/apps/storage_made_easy.file_fabric|{{:azure-gettingstarted/azure-mktplace-getitnow.png}}]]
+Select **"Get It Now"** and log in with a Microsoft Account.
+{{ :azure-gettingstarted:create-this-app2.png?700 |}}
-Select **"GET IT NOW"** and log in with a Microsoft Account.
-{{ :azure-gettingstarted:create-this-app.png?600 |}}
-Add contact information if requested and select **"Continue"**.
-{{ :azure-gettingstarted:azure-mktplace-create.png?500 |}}
 Select **"Create"** to //Create a Virtual Machine//.
@@ Line 64: / Line 57: @@
 {{ :azure-gettingstarted:create-vm-basics-project-details.png?600 |}}
-Enter a **Virtual Machine Name** such as "file-fabric". It will also be the default hostname.
+Enter a **Virtual Machine Name** such as "nasuni-access-anywhere". It will also be the default hostname.
 {{ :azure-gettingstarted:create-vm-basics-instance-details.png?750 |}}
-Enter the Username **smeconfigure** and either create or use an existing SSH key.
+Enter the Username **smeconfiguser** and either create or use an existing SSH key.
 {{ :azure-gettingstarted:create-vm-basics-admin-account.png?750 |}}
@@ Line 79: / Line 72: @@
 Select **"Create"**.
+## SSH Access
-## Setting Up Instance
-### SSH Access
 The instance can now be accessed at this IP address using a standalone SSH client. The username is **smeconfiguser**. For example:
-    ssh -i "FileFabric.pem" smeconfiguser@54.194.216.200
+    ssh -i "AccessAnywhere.pem" smeconfiguser@54.194.216.200
 Check that you can become root.
-    sudo bash
+    sudo su -
 This will be required to complete configuration.
@@ Line 96: / Line 86: @@
 More information on connecting via SSH can be found from the Azure Console. Select the instance and click **Connect**.
+## Configure Domains
-### SSL Configuration (Recommended)
+#### SSL Configuration (Recommended)
 The appliance is configured, by default, with DHCP and a self-generated untrusted SSL certificate.
@@ Line 107: / Line 98: @@
 If you do NOT wish to use SSL for the trial you can disable it.
-. Log in as the Appliance Administrator as per the the instructions below.
+. Log in as the Appliance Administrator as per the instructions below.
 . Navigate to Settings > Site Functionality
 . Set Always use HTTPS to No.
-. Set Generate secure server side links to No.
+. Set Generate secure server-side links to No.
 . Select *Update options* at the bottom of the page.
-### Create DNS entries
+#### Create DNS entries
-Choose three fully qualified domain names (FQDNs). For example:
+Choose two fully qualified domain names (FQDNs). For example:
    * **files**.example.com - Domain name (service endpoint and website)
    * **files-webdav**.example.com - used for WebDAV service
-   * **files-s3**.example.com - used for S3 service
 Add DNS type A records that point these domain names to the appliance IP Address. For example,
@@ Line 126: / Line 116: @@
 | A    | files        | 54.194.216.200|
 | A    | files-webdav | 54.194.216.200|
-| A    | files-s3     | 54.194.216.200|
 Verify that Public DNS records are setup correctly:
@@ Line 132: / Line 121: @@
     curl -Lk http://files.example.com | head
     curl -Lk http://files-webdav.example.com | head
-    curl -Lk http://files-s3.example.com | head
 These commands should resolve the domain name, connect to port 80, get redirected to port 443 and return (part of) the web login page:
@@ Line 141: / Line 129: @@
     <head>
 	<!-- title -->
-		<title>Home | SME Appliance</title>
+		<title>Home | Nasuni Access Anywhere Server</title>
 	<meta content="text/html; charset=utf-8" http-equiv="content-type"/>
@@ Line 147: / Line 135: @@
 	<meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=no"/>
-### Change Hostname
+#### Change Hostname
-To update the appliance with the FQDN change to the root user by issuing “sudo bash“ with SSH. As the root user, edit /etc/hostname with nano or vi.
+Change the hostname to your FQDN by editing /etc/hostname. For example,
-Change the Azure instance name to your FQDN.
+    echo "files.example.com" > /etc/hostname
-    files.example.com
+#### Add Inbound Access to Port 8080
-### Start SME Config Server
+The NAAConfig App is used to set up networking. To access it you will need to open port 8080.
+From the virtual machine resource page within the [[https://portal.azure.com|Azure portal ]] select Settings > Networking and add an inbound port rule.
-Leave root privilege:
+ * Source - Any
+ * Source port ranges -**8080**
+ * Destination - Any
+ * Service - Custom
+ * Protocol - TCP
+ * Action - Allow
-    [root@ip-10-0-0-192 smeconfiguser]# exit
+#### Start NAAConfig Server
+If you are logged in as root leave root privilege:
+    [root@files smeconfiguser]# exit
 As the smeconfiguser start the configuration server by typing **smeconfigserver**. You should see a confirmation that the config server is running:
-    [smeconfiguser@ip-10-0-0-192 ~]$ smeconfigserver
+    [smeconfiguser@files ~]$ smeconfigserver
     Please contact me with a browser on port 8080
     Hit Ctrl+C when work is done
@@ Line 173: / Line 171: @@
-### Configure Hostname Settings
+#### Configure Hostname Settings
-Here you only need to configure the three domain names. Click "**Configuration**" and then "**SME Server Hostname Settings**".
+Here you only need to configure the three domain names. Click "**Configuration**" and then "**NAAServer Hostname Settings**".
@@ Line 186: / Line 184: @@
 Follow the prompts on the page to reboot the appliance. If you are not doing this immediately stop the Config Server by typing Control-C in the terminal window.
-### Create SSL Certificates
+{{ :azure-gettingstarted:reboot-server.png?nolink&400 |}}
+#### Remove Inbound Access to Port 8080
+You can now remove inbound port access to 8080.
+#### Create SSL Certificates
 This section creates and configures SSL certificates from Let's Encrypt. If you are using your own certificates (or a different service) you can use the smeconfigserver service above to add certificates.
@@ Line 192: / Line 196: @@
 Log back into the rebooted appliance:
-   ssh -i "FileFabric.pem" smeconfiguser@34.194.216.200
+   ssh -i "AccessAnywhere.pem" smeconfiguser@34.194.216.200
 Elevate to the root user (no password required).
-    sudo bash
+    sudo su -
 Note: The appliance will be inaccessible during the request which may be up to a minute.
@@ Line 208: / Line 212: @@
 Please also agree to the Terms of Service. It is not necessary to share the provided email with the Electronic Frontier Foundation.
-Certbot will automatically detect what FQDNs are setup for the Enterprise File Fabric and prompt for which should be included in the certificate.
+Certbot will automatically detect what FQDNs are setup for the server and prompt for which should be included in the certificate.
     Which names would you like to activate HTTPS for?
     - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
 : files.example.com
-: files-s3.example.com
+: files-webdav.example.com
-: files-webdav.example.com
     - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
     Select the appropriate numbers separated by commas and/or spaces, or leave input
     blank to select all options shown (Enter 'c' to cancel):
-After successful completion, the Enterprise File Fabric will automatically start using the new certificates.  These certificates will last for 90 days, so the final step is to setup automated renewal.
+After successful completion, the machine will automatically start using the new certificates.  These certificates will last for 90 days, so the final step is to setup automated renewal.
 ####  Automatically Certificate Renewal
@@ Line 225: / Line 228: @@
 A Let’s Encrypt certificate is valid for 90 days, and can be automatically renewed within 30 days of expiration.  A simple cron job will run daily and handle renewals.
-Please Note:  The File Fabric will be inaccessible during the renewal.  Please ensure that the renewal time is during off hours.  Downtime will only occur every 60 days when a renewal is required and may last up to one minute.
+Please Note:  The server will be inaccessible during the renewal.  Please ensure that the renewal time is during off hours.  Downtime will only occur every 60 days when a renewal is required and may last up to one minute.
 While still logged in as root run the following command to add a cron job.
@@ Line 231: / Line 234: @@
     crontab -e
-In the example below the renewal attempt will process at 2:30AM in the timezone of the Enterprise File Fabric.  The Enterprise File Fabric ships by default with the timezone set to UTC time.  Please adjust this timezone as necessary.
+In the example below the renewal attempt will process at 2:30AM.  The server ships with the timezone set to UTC.  You can set the cron jobs to run at the time of your choosing, but do not change the timezone.
 2 * * * /bin/certbot renew >> /var/log/letsencrypt/le-renew.log
@@ Line 237: / Line 240: @@
 This will create a crontab entry for a cron job that will handle the renewals and write its output to a log file.
-Use https://www.ssllabs.com/ to test the installation.
+Use https://www.ssllabs.com/ to test the installation after updating the certificate.
-## Appliance Administrator
+## Configure Appliance
-Open a browser to the the domain name you assigned:
+Open a browser to the domain name you assigned:
    https://files.example.com
@@ Line 251: / Line 254: @@
 You'll see the following login page:
-{{ ::appladmin-login.png?nolink&300 |}}
+{{ :azure-gettingstarted:naa-login.png?300 |}}
-Log into the appliance as appladmin with a password from your trial license:
+Log into the appliance using the username appladmin with the password provided to you (typically in the trial email):
    User name: appladmin
-   Password: appladminpassword
+   Password: <provided>
-### License Key
+### Change Admin Password (REQUIRED)
-Configure your license key under **Settings > License Key**.
+Select "Password/Login" from the Main Menu to change the Appliance Administrator password.
-A trial key can be requested from https://www.storagemadeeasy.com/appform/.
+After you select "Update password" you will be logged out and need to log back in.
-### Change Admin Password (Recommended)
+### License Activation
-Select "Password/Login" from the Main Menu to change the Appliance Administrator password. After you select "Update password" you will be logged out and need to log back in.
+Register your site key under **Settings > Account Status & License Key**.
+For more information see [[:server:applying-license]].
 ### Outbound Email (Recommended)
@@ Line 274: / Line 279: @@
 If you do not configure an email server remember not to use email notification when adding users.
-### Using SendGrid for Email
+#### Using SendGrid for Email
 Microsoft has restrictions on sending email from the Azure platform. They recommend using an SMTP relay service such as SendGrid. See [[https://docs.microsoft.com/en-us/azure/sendgrid-dotnet-how-to-send-email|Sending Email from Azure with SendGrid.]]
-The File Fabric SMTP configuration would be:
+An SMTP configuration is:
 {{ :azure-gettingstarted:smtp-sendgrid.png?nolink&600 |}}
@@ Line 300: / Line 305: @@
 ## Create an Organization
-An //organization// is a tenant within the appliance and is created by the Appliance Administrator.
+An organization is an administrative unit for a set of users. It includes policies, storage resources, and permissions for those users. Organizations, also called tenants, are self-managed by their users and not accessible or even visible from other organizations on the same appliance.
-### Review User Package (Optional)
-The File Fabric platform uses templates for organizations, in order for us to create our organization, we need to pick a template, before we do, let’s review.
-Login as the Appliance Administrator.
-Click “User Packages” and then click the pencil to modify “Organisation Cloud 20 Users” This is a good template to start from. Scroll down to the “Extra options” section and add “Content Search Enabled” and Dropfolders. Use “Crtl-Click" to add to the selection.
-### Create Organization
-Login as the Appliance Administrator.
-In the hamburger menu, select “Users” and then "Add a User".
-On the Add a User screen create your Organization admin user. (This will also be your organization.)
-. User Login: The Organization short name and superuser's username. We recommend the domain name of your company such as "smestorage.com".
-. E-mail: Email address of organizational admin, must be unique to the system, do not use your own.
-. Password:
-. Name (Company Name): Full organization name.
-. Package: The user package template from earlier.
-. We do not need to split the license between organizations, leave the last field empty.
-Click Save.
-{{ :cloudappliance:applinstallv1901:image014.png?nolink&400 |}}
+The appliance administrator creates organizations and provides credentials for the first “Organization Administrator” who will log in to complete the setup of organization policies and users.
-## Setting Up an Organization
+To create an organization see [[server/organization]].
-Log out from the Appliance Admin, appladmin user, and log back in as the user you just created.
+## Add Storage
-You will first see the “Add Storage Provider” screen. You have to add storage before you can continue.
+Log out as the appladmin user, and log back in as the user you just created. You will first see the “Add Storage Provider” screen. You have to add storage before you can continue setup.  The first storage added is the "default storage" used for internal files such as generated image thumbnails. The default storage can be changed in the future.
-Select your provider and follow the instructions on the next couple of screens. See the next section for information on setting up Amazon S3 storage.
+Select your provider and follow the instructions on the next couple of screens.
-## Cloud Storage Provider
+See [[cloudproviders:azure]] for more information.
-After logging into the organization you will be prompted to register your cloud storage provider. Choose the provider (for example, [[cloudproviders:azure]]) and click Continue to proceed.
-### Azure Storage Provider
-Enter your Azure Blog Storage account name and key to continue:
+## Single Sign-On (Optional)
+An authentication provider can be added to allow users to log in using their corporate credentials. For Azure, we recommend Azure Active Directory. There are two ways to connect.
-The credentials are validated and a list of buckets in the account are returned. Select the buckets you wish to be indexed. We recommend not using buckets with existing production data for the initial trial.
+. Use [[ldap]] with Azure AD Domain Services if you will be using a [[:server/cifs|Multi-user SMB connector]] such as for Azure Files, Nasuni, or Azure NetApp Files.
-Select and create a new bucket for default data (at the bottom) before selecting Continue. You are then ready to add users!
+. Otherwise use [[:admin/saml#configuring_with_adfs_-_azure_ad|SAML Integration]].
-## Use Cases
+## Next Steps
 Once this is complete you can:
-  * [[organisationcloud/usermanagement|Add users]]
+  * [[admin/usermanagement|Add users]]
-  * [[filesharing|Share files]]
-  * ...
 For more information see [[index|]]