Windows Azure Services for Windows Server, SPF and SCVMM – Managing Tenants across these components (Part 1)

Posted on 11/06/2013 by Marcel Zehner

SPF, short for service provider foundation, adds multi-tenancy capabilities to your System Center environment by offering a web service that in the backend will talk to other management products like System Center Virtual Machine Manager. To give users a good self service experience you can design a portal that communicates with SPF. Or if you want to save time you can use Windows Azure Services for Windows Server that contains different portals – one of them a tenant portal that allows new tenants to sign up and also order and manage virtual machines.

I will not go into any details how all these components are installed as there are already good articles out there. Check out this excellent series by Mark van Eijk.

http://www.hyper-v.nu/archives/marcve/2013/01/installing-and-configuring-system-center-service-provider-foundation/

http://www.hyper-v.nu/archives/marcve/2013/02/installing-and-configuring-windows-azure-for-windows-server-part-1/

http://www.hyper-v.nu/archives/marcve/2013/03/installing-and-configuring-windows-azure-for-windows-server-part-2/

http://www.hyper-v.nu/archives/marcve/2013/03/installing-and-configuring-windows-azure-for-windows-server-part-3/

In this post I’d like to focus more on the tenant objects and how they are managed. For this I will start with the sign up process on the Windows Azure Services portal to create a new tenant.

image

After a few seconds the tenant is created and is logged in automatically. Depending on the selected plan and it’s configuration, he will see different areas on the portal. In this case I selected a plan that only allows the creation of virtual machines and networks.

image

So the initial registration is done. But what happened in the background when the tenant was created? First, a new tenant was created in SPF. This can be checked by using the SPFAdmin PowerShell module available on the SPF server.

image

This tenant lives in the SPF SQL database. This can also be checked by checking the tenant table in the database. It displays more or less the same information as the cmdlet.

image

SPF will talk to SCVMM to deploy and manage virtual machines if the tenant requests it from the portal. Let’s check what happened in SCVMM so far. For that I use the VMM PowerShell module to connect to the SCVMM server and display the user roles.

image

image

As you can see, a user role (tenant) was created in SCVMM that has the same ID as the tenant in SPF. Whenever SPF initiates a connection to SCVMM to do work for a logged in user, this ID is used to identify the tenant in SCVMM. Good, so everything seems to be prepared. Let’s deploy a new VM from the tenant portal.

image

After some seconds you should see different jobs running in SCVMM that will deploy the new virtual machine. In this example the virtual machine creation job failed because the Hyper-V server was not running – doesn’t matter Smiley

image

If the deployment was successful, you should see that the virtual machine has been associated with the appropriate tenant.

image

This is the first blog post that describes how tenants are managed in SPF and SCVMM. More posts to come soon!

Cheers
Marcel

About Marcel Zehner

Microsoft Azure MVP
This entry was posted in System Center (without SCSM) and tagged , , , , . Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s