In-Depth

Azure Pack: Hyper-Converged

The HPE HC 250 puts the Microsoft cloud platform system in a box with Windows Server, System Center and the Windows Azure Pack portal.

While hyper-converged systems running the Microsoft Azure Stack won't arrive until next summer, enterprises and hosting providers can still deploy and operate hybrid environments based on the company's cloud platform. Microsoft has offered Windows Azure Pack (WAP) for several years. WAP provides the Azure portal interface atop of Windows Server and System Center. Dell Inc., Hewlett Packard Enterprise (HPE) and most recently Nutanix offer hyper-converged systems -- hardware with software-defined compute, storage and network control -- engineered with their own management and control software and WAP.

I had the opportunity to go to one of HPE's technology centers in Palo Alto, Calif., to spend some time with its new iteration of the Microsoft Cloud Platform System (CPS), the Hyper Converged 250 (HC 250). The company started offer­ing the system a little more than a year ago with an original target focused specifically on the VMware Inc. platform. At the HPE Discover London event in December 2015, the company announced that the Hyper Converged 250 would also come with the CPS pre-installed. Both operating environments run quite well on the HC 250 with its four nodes packed into a single 2U chassis and six small form-factor drive slots per node.

You'll need a minimum of two nodes for the VMware solution and three for CPS. Storage options include all-flash, a combination of flash and spinning disk (HDD) or all HDD. CPU options include the Intel Xeon E5 v3 processors for VMware and both E5 v3 and E5 v4 models for CPS. On the networking side you get 10GbE standard with two ports per node. The vSphere configuration also includes four 1GbE ports per node. Memory options are 128GB, 256GB or 512GB per node.

HPE bundles its StoreVirtual Virtual Storage Appliance (VSA) product with both the VMware and CPS iterations. VSA handles all configuration and management tasks while presenting the storage as an iSCSI resource. On the VMware side, you'll find a plug-in for vCenter that provides access to the major portion of all VSA functionality. While you can purchase a pre-configured system ready to power up and run, HPE also offers a software configuration tool called HPE OneView InstantOn (OVIO) to help you through the process. I'll cover that more in the following sections.

Configuration and Management
The heart and soul of CPS Standard is the System Center family of management tools. The HPE HC 250 system comes loaded with Windows Server 2012 R2 Datacenter, System Center Operations Manager (SCOM), System Center Virtual Machine Manager (VMM) and, optionally, System Center Data Protection Manager (DPM). On top of these tools sits the WAP to provide more of an Azure-like management experience.

Each node in the system has a number of virtual machines (VMs) that provide redundant storage and management. The HPE StoreVirtual Appliance requires one VM on each node to control the resilient and redundant storage. Azure Pack uses two VMs for the admin portal (APA01) and the tenant portal (APT01). These typically install on the first two available nodes and administrators can view the server, storage and network nodes via the HPE StoreVirtual Centralized Management System.

The HPE StoreVirtual Centralized Management Console gives administrators an overview of the environment with the four nodes (servers) and four VSA instances on each node. Storage is provisioned across the entire cluster with all redundancy and resiliency managed by StoreVirtual VSA.

The HPE OVIO tool takes all the guesswork and hassle out of configuring a multi-node system. The installation process utilizes a deployment virtual machine (DVM) on each node to bootstrap the process. You must configure a number of IP address ranges for use by the HC 250 in the Management screen of the OVIO setup process. Later you'll need to enter additional IP addresses for the storage network plus the default StoreVirtual VSA credentials, which should be changed once installation is complete.

One of the last steps in the installation process allows you to opt-in for Azure Site Recovery. This option is checked by default and requires you to sign in to an Azure account to make the connection. Be aware that if the Azure onboarding process fails for some reason during installation, you'll need to go back and re-accomplish these steps.

By default, Azure Pack will auto­matically place new VMs on the first available node. If you need to place VMs on specific nodes, you'll need to use VMM to migrate between nodes. You will also need to connect to the Store­Virtual Centralized Management Console (CMC) in order to make any changes to the default storage configuration. In order to do this, you'll need to know the IP address of the VSA VM from any node in order to connect. This can be found in VMM by right-clicking on the VSA instance and selecting properties.

SCOM provides a wide range of tools to both monitor and manage your operations. The SCOM dashboard provides a color-coded view of all critical resources (see Figure 1).

[Click on image for larger view.] Figure 1. The System Center Operations Manager dashboard lets administrators monitor and manage resources with its library of tools.

Azure Pack and CPS
The original implementation of CPS utilized VMM as the primary management console. The HC 250 for CPS Standard incorporates WAP into the mix to provide an Azure-like UX. With WAP, all management functions are provided via the Console VM, which typically runs on the first node in the cluster. Unfortunately, WAP can't do everything VMM can at this point, so you may need to revert to the VMM console at times. Examples of what it can't do include adding or modifying VM templates, configuring new virtual networks and other related management functions. The UX in the WAP Service Management Portal is essentially identical to what you would expect from the Azure portal.

The portal includes the VMM, which has for default instant types, which correlate to templates in VMM and can be modified to suit your specific needs.

Connecting to your VMs once created takes a bit of Windows PowerShell. Specifically, you must open up the RDP firewall port and enable the Remote Desktop setting. This takes just two lines of PowerShell code, or three if you need to change the security setting.

  1. Enable Remote Desktop:
    set-ItemProperty -Path 'HKLM:\System\CurrentControlSet\Control\Terminal Server'-name "fDenyTSConnections" -Value 0
  2. Allow incoming RDP on firewall: Enable-NetFirewallRule -DisplayGroup "Remote Desktop"
  3. Enable secure RDP authentication:
set-ItemProperty -Path 'HKLM:\System\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp' -name "UserAuthentication" -Value 1 

(Bruce Adamczak's TechNet blog post, "Windows 2012 Core Survival Guide -- Remote Desktop," offers further details.)

The smallest configuration of the HPE HC 250 is a three-node that comes with 128GB per node, 7.2TB of storage and dual Xeon E5-2640v3 processors, which will start at $108,000. At the high-end, a similarly spec'd dual-CPU, 16-node system starts at $500,000.

At the end of the day, the HC 250 CPS version provides a solid platform for running cloud-based applications within your own datacenter. It also makes it drop-dead simple to move applications to and from the Azure cloud. This provides great flexibility for both initial development and for long-term operations. The basic system from HPE doesn't come with any System Center licenses, so you'll need to provide these along with an Azure account. Azure Site Recovery is an optional part of the system and requires the appropriate Azure account in order to activate.

About the Author

Paul Ferrill, a Microsoft Cloud and Datacenter Management MVP, has a BS and MS in Electrical Engineering and has been writing in the computer trade press for over 25 years. He's also written three books including the most recent Microsoft Press title "Exam Ref 70-413 Designing and Implementing a Server Infrastructure (MCSE)" which he coauthored with his son.

Featured

comments powered by Disqus

Office 365 Watch

Sign up for our newsletter.

I agree to this site's Privacy Policy.