I have always been a huge fan of Lab Management and now that you have the ability to create “standard environments” out of the box I couldn’t resist to try this scenario out against Azure VM Roles.
VS11 Lab Management
Lab Management in VS11 now allows you to manage environment you already have setup. This means you can deploy builds and run tests, but not manage the environment (such as stopping, starting and taking snapshots). This does mean you can manage environments that are not defined in Hyper-V/SCVMM – for instance physical environments, VMware defined environments or in my case Azure defined VM environments. Below is a screenshot if the end result – read on to find out how to do it.
Lab Management - Azure based Standard Environment
Azure VM Roles and Azure Connect
I am not going to go into too much detail of Azure VM Roles and Azure Connect in this post, I will simply outline what I have done to create my to-be-managed-by-lab-management environment in Azure.
Below is a high level topology of what I am trying to achieve.
Topology - TFS 11 & VS 11 & Azure VM
- I have defined a Team Foundation Server 11 in our labs – these are situated at our offices (Avanade) in Soho, London. TFS is member of the ALM.UK.Avanade domain.
- I have Visual Studio 11 on my laptop (Hyper-V VM) and is also member of the ALM.UK.Avanade domain. I have a VPN connection with the lab environment.
- I have defined a Azure VM (worker role) – this is situated somewhere in North Central US region. At present, in order for this scenario to work I need to add the Azure VM to my ALM.UK.Avanade domain. This can be achieved by leveraging Azure Connect – this will allow me to create an IPSec connection between my lab environment and the Azure VM thus allowing it to join my domain.
Step 1 – Creating a new Azure VM and prepping it with Azure Connect
Download the latest Azure SDK - this allows you to define Azure VM Roles within Visual Studio. Select the Worker Role (others also include Web Role and your own Virtual Machine Role) – I will just focus on the Worker Role in this post.
Worker role project in VS2010
Then set the following properties on the Worker Role:
Configuration properties – left as is. This allows you to for example specify the number of instances that you’d like to create and what VM Size they should be (small to extra large).
Configuration properties in VS2010 for Worker Role
Virtual Network properties – added my Azure Connect Activation token.
Activation Token property in VS2010
You get this token from your Azure Connect portal. Go to Virtual Network section on the Azure Management Portal and select the Get Activation Token for you subscription:
Get Activation Token - Azure
Get Activation Token Clipboard - Azure
-
Microsoft.WindowsAzure.Plugins.Connect.ActivationToken
To enable joining to Domain (you need to provide these details):
-
Microsoft.WindowsAzure.Plugins.Connect.EnableDomainJoin [set to "true"]
-
Microsoft.WindowsAzure.Plugins.Connect.DomainFQDN [set to "ALM.UK.Avanade"]
-
Microsoft.WindowsAzure.Plugins.Connect.DomainControllerFQDN [set to "W2K8R2-ALM01.ALM.UK.Avanade"]
-
Microsoft.WindowsAzure.Plugins.Connect.DomainAccountName [set to "ALM\Administrator"]
-
Microsoft.WindowsAzure.Plugins.Connect.DomainPassword [set to encrypted password - this is the password of the DomainAccountName in encrypted format specified in above setting]. See here for more information on how to create this encrypted password.
-
Microsoft.WindowsAzure.Plugins.Connect.Administrators [set to "ALM\Administrator"]
You can leave the other properties as is.
Note: the Microsoft.WindowsAzure.Plugins.Connect.DomainOU property allows you to specify an Organisational Unit where the VM Role will be added to. If left empty it will add it to the default location.
Settings properties - VS2010
-
TestAgent Incoming traffic – TCP on port 6910
-
File and Printer Sharing (MSB-IN) – TCP on port 445 (this is needed in the verification and configuration of Test Agent and Lab Agent by Lab Manager – see later in post)
Endpoints properties - VS2010
Local Storage properties - VS2010
Certificates properties - VS2010
That’s all there is to the properties for the moment.
Then select Publish on your Azure Role. This allows you to specify your subscription in the Sign-in section of the wizard.
Publish - select in VS2010
Publish - sign in - VS2010
Publish - new hosted service - VS2010
Publish - new hosted service - Azure portal
Environment settings – you can leave this as is. In this example I selected ["Production"].
Publish - Environment - VS2010
Build Configuration settings – you can leave this as is. In this example I selected ["Release"].
Publish - Build Configuration - VS2010
Service Configuration settings – you can leave this as is. In this example I selected ["Cloud"].
Publish - Service Configuration - VS2010
Enable the Remote Desktop connection setting. This will allow you to remote into the created VM. This brings up a different dialog box where you can specify user name, password and expiration date.
Publish - enable Remote Desktop Connection - VS2010
Click on the Settings… link. This brings you to the Remote Desktop Configuration window where you can provide user credentials to connect to the VM.
Publish - Remote Desktop Connection - VS2010
Click on the More Options – this will allow you to export (save) the certificate.
Remote Desktop Configuration - export Certificate
In the Details tab you can Copy to File (export) the certificate.
Remote Desktop Configuration - export Certificate - step 1
A export certificate wizard starts.
Remote Desktop Configuration - export Certificate - step 2
Select not to export the private key.
Remote Desktop Configuration - export Certificate - step 3
Remote Desktop Configuration - export Certificate - step 4
Save the certificate in a known place on your hard disk. Keep it safe.
Remote Desktop Configuration - export Certificate - step 5
Remote Desktop Configuration - export Certificate - step 6
You must now upload this certificate to the Azure Management Portal. Go to the Management Certificates section.
Management Certificates - upload - step 1
Select the certificate you just saved.
Management Certificates - upload - step 2
You can now go ahead and publish a new Azure VM Role. A Windows Azure Activity Log within Visual Studio shows you the progress.
Publish - Windows Azure Activity Log - VS2010
You can also check the progress in the Azure Management Portal.
Publish - Windows Azure Activity Log - Azure Management Portal
Once the environment is in a ready state you need to do some additional steps with regards to the Azure Connect bits.
First thing is make sure you have the Endpoint software installed in your local environment. In my case I have installed the Azure Connect Endpoint Software on my Team Foundation Server 11 Server, Domain Controller (which has also the DNS Service running) and my Visual Studio 11 development workstation.
You can do this by browsing (in each of your local servers/workstations) to the Virtual Network – Install Local endpoint option (top left of your Azure Management Portal).
Install Endpoint - Azure Management Portal
Install Endpoint - clipboard - Azure Management Portal
Once you have installed the Connect Endpoint Software on each of your local servers/workstations you will see them appear in the Connect Subscription section alongside your newly created VM Worker Role.
You now need to group all of them together – you do this by either creating a new Endpoint Group or edit an existing one (like in my example).
Edit Endpoint Group - Azure Management Portal
Connect - Grouping Endpoints - Azure Management Portal
In my case I already have another VM Worker Role added to the same group (another environment I did previously).
Once this step is done, hopefully you will be see the Local Endpoints enabled in all environments – the local servers and the VM Worker Role.
Azure Endpoint Connect Status in OS
Check the diagnostics window to see if everything is OK.
Endpoint Connect Diagnostics Window
At this point your Azure VM Role should be automatically added to your local domain. If it is not, then you can easily add it manually.
Domain added VM Role
If your VM was not added to the domain automatically, you can still add it manually.
Manually adding Role to Domain
Configuring Lab Management 11 Environment
You are now ready to start creating a new Lab Management environment. Open MTM 11 and go to the Lab Management section and select New to create a new environment.
Lab Management - Add Standard Environment - step 0
Step 1 - Select Standard Environment and provide name & description.
Lab Management - Add Standard Environment - step 1
Step 2 - Provide the Azure Role VM name and Lab Role. In my example this is ["RD00155D423994"] and this is a ["Web Server"].
You must also make sure you provide the correct credentials enabling Lab Management to log on to the target VM Role. This must be a user that is member of the Administrators group.
Lab Management - Add Standard Environment - step 2
At this point you are in a position to Verify the Lab Environment configuration – press the Verify button.
Lab Management - Add Standard Environment - step 4
The second step in this list is the most difficult one to get right. Make sure you have enabled the firewall exceptions correctly as outlined above and that you have provided the correct credentials to access the machine. In order for this step to succeed you must have enabled File & Print Sharing on your VM Role.
Finish the wizard. At this point Lab Manager is preparing the Azure VM Role – it is uploading the Test Agent 11 and Lab Agent 11 and trying to configuring them.
Lab Management - Add Standard Environment - step 5
Now at this point things will go wrong. First of all this step takes a very long time and eventually it will come back with an error.
Lab Management - Add Standard Environment - step 6
Lab Management - Add Standard Environment - step 7
This error is caused because the Test Agent cannot connect back to the Test Controller. This is due to some change in the implementation – a new checkpoint – in VS11 and its incompatibility with Azure VM Roles (at the moment).
The way around this is to add the following key in the AppSettings section of the QTAgentService.exe.config on the Azure VM Role.
<add key=”IgnoreNetworkAdapterInfo” value “true” />
You can find the QTAgentService.exe.config on the D-Drive (Windows) most probably in D:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE
[Many thanks to Vijay Machiraju and Darshan Desai from Microsoft for helping to debug this problem]
Once you have added this you must restart the Test Agent service.You can now go back to MTM 11 and check the status of the environment – it should be in a Ready state. If not then you can remove the environment and start the procedure of creating a new environment again. This time the installation will go much quicker and the environment should now end up in a ready state.
Lab Management - Add Standard Environment - step 8
If you still notice an error on the right side – you can safely ignore this error – it is a remnant from the first configuration attempt. You can get rid of this by opening the environment and updating something (for instance the name). This will refresh everything and remove the error message.
What’s next?
In the next post I will outline how to effectively use this environment in an End to End Build, Deploy and Test scenario using MTM 11, Web Deploy and TFS 11 Build Services (possibly also defined in Azure VM Role).
Very helpful :-]
http://twitter.com/#!/chrislowndes/status/142360840195145729
Thanks for sharing. Great work and really informative post.