Enterprise 11: Verify readiness for installation on Microsoft Azure
Use these steps to configure third-party products for the Control Room installation.
Procedure
-
Ensure the installation environment meets the data center requirements and
collect the necessary information about the following components:
-
Load balancer (basic or standard) or Application Gateway- IP address
- Ensure that Microsoft Azure supports WebSocket in Transport Layer.
- Ensure that Microsoft Azure supports WebSocket at the Application level using the Application Gateway.
-
Microsoft SQL Server or PostgreSQL Server - port credentials
- Microsoft Azure SQL database - Virtual core (vCore)
provisioning modelRecommendation: We recommend the vCore model rather than the DTU model. The vCore-based provisioning model works best with our installation environment, so use the model even for the common workload. The DTU-based provisioning model might lead to the performance issues.
-
SMB file share - address credentials
-
Subversion server (optional) - port credentials
-
Enterprise identity management system (optional)
If you have Active Directory (AD) - AD server domain credentials
-
SMTP- host port HTTP/S ports for TLS (optional)
-
Control Room servers- Have Windows credential manager installed
-
-
Configure the Network Security Group as per the recommended security policies
for Inbound Port rules:
Data center object Port Protocol Control Room 80, 443 Any Azure Active Directory 53, 389 Any LDAP 3268, 3269 Any email SMTP 587 Any SSH 22 Any RDP 3389 TCP -
Configure the AD server.
Ensure all users are part of the AD domain and the AD server is setup in IaaS mode for Azure cluster environment installations. To add user, navigate to Active Directory Users and Computers > <domain> > Users and add the necessary user.To configure the AD server on Azure with IDaaS, refer to the Microsoft Azure documentation.
-
Ensure the Control Room servers in the cluster can ping each
other.
-
If the ping is not successful:
- Enable the following below file and printer sharing firewall
rule:
File and Printer Sharing (Echo Request - ICMPv4-In) File and Printer Sharing All Yes Allow No Any Any Any ICMPv4
- Ping the Control Room after enabling the firewall rule change.
- Enable the following below file and printer sharing firewall
rule:
-
If the ping is not successful: