| title | description | services | documentationcenter | author | manager | editor | ms.assetid | ms.author | ms.date | ms.service | ms.tgt_pltfrm | ms.topic | ms.workload | ms.custom |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Create a Pivotal Cloud Foundry cluster on Azure |
Learn how to set up the parameters needed to provision a Pivotal Cloud Foundry (PCF) cluster on Azure |
Cloud Foundry |
CloudFoundry |
ruyakubu |
brunoborges |
ruyakubu |
ruyakubu |
09/13/2018 |
azure |
multiple |
tutorial |
web |
devx-track-azurecli |
This tutorial provides quick steps to create and generate the parameters you need to provision a Pivotal Cloud Foundry (PCF) cluster on Azure. To find the Pivotal Cloud Foundry solution, perform a search in the Azure Marketplace.
There are several ways to generate a public secure shell (SSH) key by using Windows, Mac, or Linux.
ssh-keygen -t rsa -b 2048For more information, see Use SSH keys with Windows on Azure.
Note
To create a service principal, you need owner account permission. You also can write a script to automate creating the service principal. For example, you can use the Azure CLI az ad sp create-for-rbac.
-
Sign in to your Azure account.
az login
Copy the "id" value as your subscription ID, and copy the "tenantId" value to use later.
-
Set your default subscription for this configuration.
az account set -s {id} -
Create an Azure Active Directory application for your PCF. Specify a unique alphanumeric password. Store the password as your clientSecret to use later.
az ad app create --display-name "Svc Principal for OpsManager" --password {enter-your-password} --homepage "{enter-your-homepage}" --identifier-uris {enter-your-homepage}Copy the "appId" value in the output as your clientID to use later.
[!NOTE]
Choose your own application home page and identifier URI, for example, http://www.contoso.com.
-
Create a service principal with your new app ID.
az ad sp create --id {appId} -
Set the permission role of your service principal as a Contributor.
az role assignment create --assignee "{enter-your-homepage}" --role "Contributor" --scope /subscriptions/{subscription-id}/resourceGroups/{resource-group-name}Or you also can use
az role assignment create --assignee {service-principal-name} --role "Contributor" --scope /subscriptions/{subscription-id}/resourceGroups/{resource-group-name}
-
Verify that you can successfully sign in to your service principal by using the app ID, password, and tenant ID.
az login --service-principal -u {appId} -p {your-password} --tenant {tenantId} -
Create a .json file in the following format. Use the subscription ID, tenantID, clientID, and clientSecret values you copied previously. Save the file.
{ "subscriptionID": "{enter-your-subscription-Id-here}", "tenantID": "{enter-your-tenant-Id-here}", "clientID": "{enter-your-app-Id-here}", "clientSecret": "{enter-your-key-here}" }
- Register or sign in to your Pivotal Network account.
- Select your profile name in the upper-right corner of the page. Select Edit Profile.
- Scroll to the bottom of the page, and copy the LEGACY API TOKEN value. This value is your Pivotal Network Token value that you use later.
Now you have all the parameters you need to provision your Pivotal Cloud Foundry cluster on Azure. Enter the parameters, and create your PCF cluster.
-
Your PCF cluster shows a deployment status.
-
Select the Deployments link in the navigation on the left to get credentials for your PCF Ops Manager. Select the Deployment Name on the next page.
-
In the navigation on the left, select the Outputs link to display the URL, username, and password for the PCF Ops Manager. The "OPSMAN-FQDN" value is the URL.
-
Start the URL in a web browser. Enter the credentials from the previous step to sign in.
[!NOTE]
If the Internet Explorer browser fails due to a "Site not secure" warning message, select More information and go to the webpage. For Firefox, select Advance and add the certification to proceed.
-
Your PCF Ops Manager displays the deployed Azure instances. Now you can deploy and manage your applications here.
