Deploying

Important: This documentation is for the APS-based Azure integration solution. If you are using a Connect-based Azure integration solution, please refer to the Connect documentation.

This section explains how to meet the prerequisites and install all the necessary software components.

In this section:

• Meeting the Prerequisites
• Installing and Configuring the Software

Meeting the Prerequisites

Before deploying the Azure application, do the following:

1. Make sure that Odin Automation 8.3 or CloudBlue Commerce 20.4 is deployed. The deployment instructions are provided in the Platform Deployment Guide.
2. If you use CloudBlue Commerce with the Billing component, make sure that the initial configuration of Billing is completed. For the configuration instructions, refer to the Billing Deployment Guide.
3. Create a reseller account in CloudBlue Commerce or request your provider to create one for you, if you do not have access to this option. A reseller account is needed for managing the Azure application. For instructions on how to create a reseller, refer to Getting Started with Resellers.
4. Make sure you have a CSP agreement with Microsoft as a Partner and credentials to log in to the Partner Center.

5. Create a separate administrator user in your CSP account. This admin user will be used by CloudBlue Commerce for managing Azure services. Note that the login of the admin user must be based on the domain onmicrosoft.com. We recommend that you use the following user name and login: CloudBlue Commerce and cbc_account@<partnersubdomain>.onmicrosoft.com.

   After the admin user is added, do the following to grant the required permissions:

   1. Log in to the Partner Center (https://partner.microsoft.com/).
   2. Go to Dashboard > Account settings > User management.
   3. Click the required admin user.
   4. Under Roles and permissions, select the checkboxes next to the roles Manages your organization's account as Global admin, Business profile admin, Referrals admin, and Assists your customers as Admin agent.
   5. Click Update.

   Write down the admin's login name and password because you will need to use them later.

6. Configure firewall settings on all nodes that are used by your installation of CloudBlue Commerce.

This section provides the firewall requirements for the Azure application. For general information about how to configure the firewall under CloudBlue Commerce, refer to the CloudBlue Commerce Firewall Configuration Guide.

Azure Application Endpoint Host

Internal Outgoing Connections

From	To	Protocol	Port
Azure Application Endpoint Host (AZCSPAEH) – BackNet NIC	DNS Resolver Server – BackNet NIC	TCP, UDP	53
	CloudBlue Commerce Management Node on Linux (LINMN) – BackNet NIC	TCP	8440 (CloudBlue Commerce XMLRPC API)
	CloudBlue Commerce Management Node on Linux (LINMN) – BackNet NIC	TCP	6308 (APSC)
	Billing Application Server on Linux (BALINFE) – BackNet NIC	TCP	5224 (Billing XMLRPC API)

Internal Incoming Connections

From	To	Protocol	Port
CloudBlue Commerce Management Node on Linux (LINMN) – BackNet NIC	Azure Application Endpoint Host (AZCSPAEH) – BackNet NIC	TCP	11443 (endpoint)

External Outgoing Connections

From	To	Protocol	Port
Azure Application Endpoint Host (AZCSPAEH) – FrontNet NIC	Microsoft Azure Partner Center API	TCP	443

CloudBlue Commerce Management Node

Internal Outgoing Connections

From	To	Protocol	Port
CloudBlue Commerce Management Node on Linux (LINMN) – BackNet NIC	Azure Application Endpoint Host (AZCSPAEH) – BackNet NIC	TCP	11443 (endpoint)

Internal Incoming Connections

From	To	Protocol	Port
Azure Application Endpoint Host (AZCSPAEH) – BackNet NIC	CloudBlue Commerce Management Node on Linux (LINMN) – BackNet NIC	TCP	6308 (APSC)
		TCP	8440 (<Operations_name> XMLRPC API)

Billing Application Server

Internal Incoming Connections

From	To	Protocol	Port
Azure Application Endpoint Host (AZCSPAEH) – BackNet NIC	Billing Application Server on Linux (BALINFE) – BackNet NIC	TCP	5224 (Billing XMLRPC API)

Installing and Configuring the Software

Deploying an Azure Application Endpoint

This section describes how to set up an Azure application endpoint host. This is a separate physical or virtual machine that hosts the main components of the integration package.

Hardware Requirements for an Azure Application Endpoint Host

An Azure application endpoint host must meet the following requirements.

Server Name	AZCSPAEH
Description	Azure application endpoint host
Quantity	1
OS	CentOS 7 (x64)
Software	To be installed by the customer: OS To be automatically installed with the Azure RPM package: Python 2.7.5-48 or later JDK 11 or later
CPU	4 core (2.3 GHz or higher)
RAM	5 GB
Disks	Array 1: OS and software - 2 x 80 GB SATA, RAID1 (software impl.) + 50 GB for each 1000 Azure subscriptions
Disk Partitioning	Array 1: / – 80 GB - for OS
NICs	BackNet with access to the Internet

Synchronizing Date, Time, and Time Zone

Before installing an Azure application endpoint node, synchronize date, time, and time zone between the following hosts:

• Azure application endpoint.
• Management node server.
• Billing application server.
• Billing database server.
• Billing online store server.

Installing an Azure Application Endpoint Node

1. Copy the RPM package from the Azure distribution package to the endpoint node.
2. Issue the command yum install -y azure-nce-<version>.noarch.rpm
3. Edit the configuration file /usr/local/azure-nce/application.yml: replace the server IP address with the IP address of the network interface of the BackNet subnet.
4. Start the application by issuing the command systemctl start azure-nce

Importing an Azure APS Package

To import a package, do the following:

1. Copy the AzureCloudSolutionProviderNCE-<version>-app.zip package from the Azure distribution package to a local storage on your computer.
2. In the Provider Panel of CloudBlue Commerce, go to Services > Applications > APS Connectors tab > Import Package.
3. Select the local file option, browse for the application package, select it, and click Submit.

Creating an Azure Application Instance

Before using the Azure application, you need to create an application instance. You can run only one application instance on an endpoint host. The application instance will host all CSP partner accounts.

To create an application instance, do the following:

1. In Provider Panel, go to Services > Applications > Azure Cloud Solution Provider NCE > Instances tab > Add Instance.

2. Under Connection Settings, specify the following:

   • Application API end-point URI – URI with the corresponding backnet IP address: https://<azure_site_ip_backnet_address>:11443/aps/
   • Authentication Type - leave the Certificate value selected.
   • Network Access - leave the BackNet value selected.
3. If you are deploying on CloudBlue Commerce 20.4 or later, under Initialization Settings, select one of the following options:

   • Automatically create resource types and service templates. We recommend that you select this option to have the system automatically create all the necessary resource types and service templates (Azure NCE Partner, Azure NCE Reseller, and Azure NCE Subscription).

   • Automatically create resource types, service templates, and service profiles. Do not select this option. It is reserved for future uses. Service profiles are not supported yet.

   • Do not automatically create resource types, service templates, and service profiles.

4. Under Impersonation Level, select the Accept the impersonation level checkbox.
5. Click Next.
6. Specify an instance name for your convenience, a vendor contract ID, and click Next.
7. Verify the settings and click Finish.

You can change these settings later in Services > Applications > Azure Cloud Solution Provider NCE > Instances > <instance name> > Configuration tab > Edit.

Integrating with Microsoft 365

If you have the Microsoft 365 package installed, you need to perform the following additional steps to ensure the proper integration with it:

1. Determine the Microsoft 365 tenant version: Extract the contents of your Microsoft 365 package and search the APP-META.xml file for the string "http://www.parallels.com/Office365/Tenant/". The string should contain a number after /Tenant/. For example, 2.8. This is the number you need to know.
2. Edit the configuration file /usr/local/azure-nce/application.yml on the Azure end-point node: locate the line typeUri: http://www.parallels.com/Office365/Tenant and add the tenant version that you learned in the previous step, so that it looks similar to typeUri: http://www.parallels.com/Office365/Tenant/2.8.
3. Restart the application by issuing the command systemctl restart azure-nce.