CHAPTER 3
Provisioning self-service with App Controller
This chapter provides a brief overview of System Center 2012 R2 App Controller. The topics covered in this chapter include
▪ Introduction to App Controller
▪ App Controller in action
▪ Insights from the experts
▪ How to learn more
Introduction to App Controller
App Controller provides a self-service experience for deploying and managing virtual machines (VMs) and services in cloud environments. The self-service experience provided by App Controller through a web browser is consistent across all types of clouds, including private, public, and hosted clouds. This capability makes App Controller the ideal platform for implementing the hybrid computing model.
Microsoft’s approach to cloud computing involves two key platforms: System Center and Windows Azure. System Center enables enterprises to deploy and manage private clouds, which enables the enterprise to transition from a device-based infrastructure to a user-centric, service-based consumption model. Windows Azure is Microsoft’s public cloud offering, and enterprises can use it to deploy and manage cloud solutions on a subscription basis. Additionally, you can use System Center to manage and monitor your virtual machine in third-party datacenters, allowing you to consume resources in service providers’ clouds. App Controller can be thought of as the “glue” that ties these three clouds together, enabling the enterprise to build and manage private, service-provider, and public-cloud resources using a consistent management experience.
App Controller components
App Controller consists of one or more App Controller servers, a website hosted by Internet Information Services (IIS), a Microsoft SQL Server database, and a Microsoft Windows PowerShell module. This website can be accessed through any supported web browser, such as Internet Explorer.
The App Controller library is a logical representation of all library objects from clouds that have been registered in App Controller. These clouds can be private clouds associated with Virtual Machine Manager or the Windows Azure public cloud. The App Controller library can manage three kinds of shared storage: file shares on your network, private cloud libraries, and Windows Azure storage accounts.
Integration with Virtual Machine Manager
App Controller is tightly integrated with System Center 2012 R2 Virtual Machine Manager and is considered an extension of Virtual Machine Manager. In fact, one of the prerequisites for installing an App Controller server is that the Virtual Machine Manager console feature already be installed on the server. The version and service pack level of App Controller and Virtual Machine Manager must also match for them to work together.
Virtual Machine Manager 2012 and earlier included a Self Service Portal feature that could be deployed to allow users to provision virtual machines themselves based on the virtual machine templates available to the user. Beginning with Virtual Machine Manager 2012 SP1, however, the Self Service Portal feature was removed in favor of using the self-service capabilities provided by the web-based App Controller console.
Because App Controller relies on the role-based security model of Virtual Machine Manager, users of the App Controller console can see only the resources defined for the user role that has been assigned to them and perform only the tasks assigned to that role. Because administrators can use App Controller to delegate authority based on user roles, managing multitenant cloud environments can be greatly simplified by providing security at the user-role level rather than the individual member level.
Windows PowerShell support
App Controller includes a Windows PowerShell module that includes more than two dozen cmdlets. Any task you can perform using the App Controller console can also be performed using Windows PowerShell commands. This enables administrators to use Windows PowerShell to automate App Controller day-to-day operational tasks.
Day-to-day operations
Once App Controller has been installed and configured in your environment, you are ready to begin working with App Controller. Some of the day-to-day operations tasks you can perform include the following:
▪ Creating and managing user roles
▪ Delegating users
▪ Adding or removing library resources, such as file shares, private cloud libraries, and Windows Azure storage accounts
▪ Connecting to private or public clouds
▪ Copying files between file shares and private or public clouds
▪ Copying library resources between clouds of the same type
▪ Deploying virtual machine templates to private clouds
▪ Uploading virtual hard disks or images to Windows Azure
▪ Monitoring the usage of private and public clouds
▪ Backing up and restoring the App Controller database
▪ Performing any other cloud-related management tasks
App Controller in action
Let’s now look at a few examples of App Controller at work. Figure 3-1 shows the Overview workspace of App Controller. This workspace shows the services and virtual machines running across any of the clouds, which include an on-premises private cloud, a Windows Azure cloud, and a cloud hosted by a service provider. In this screen shot, one of the virtual machines running in Windows Azure needs attention, and the self-service user is reviewing the recommendations from the Common Tasks and Online Help panes.
FIGURE 3-1 Reviewing issues with a virtual machine running in Windows Azure
Figure 3-2 shows the Services workspace of App Controller. This workspace is used to provide an overview of the Services (a collection of VMs) running in any of the clouds connected to App Controller. In this screen shot, a Service called Wiki0 is selected, which is running in a Production cloud on Windows Azure. The self-service user can see that the service is in West Europe and has two tiers, which are both healthy.
FIGURE 3-2 Details of a cloud service running in Windows Azure
Figure 3-3 shows the Library workspace of App Controller. This workspace is used to manage templates from Virtual Machine Manager, manage disks and images from Windows Azure, and also provide access to resources in other file shares. In this screen shot, the self-service user is reviewing the hardware configuration of a Windows Server 2012 R2 template hosted in the VMM Library.
FIGURE 3-3 Hardware configuration of a Generation 2 virtual machine
Figure 3-4 shows the deployment of a new virtual machine to Windows Azure using App Controller. In this screen shot, a Windows Server 2012 VM is selected from a gallery of publicly available images, which also includes other Microsoft applications.
FIGURE 3-4 Deploying a new virtual machine running Windows Server 2012 Datacenter edition to Windows Azure
Insights from the experts
We’ll conclude this chapter by hearing from one of our experts at Microsoft about how to set up and manage a hybrid cloud using App Controller.
Managing Hybrid clouds with System Center App Controller
As organizations progress with their journey to the cloud, transitioning from virtualized datacenters to private clouds, service-provider hosted clouds, and public clouds, we are seeing cloud administrators and business unit IT administrators of these organizations entrusted with managing these clouds. With each of these clouds on various virtualization platforms with different capabilities and different administrative consoles, administrators often find it difficult to manage them all, be it day-to-day tasks like provisioning, deprovisioning, start, stop, snapshot, or other tasks like migrating virtual machines between clouds (from a private cloud to the Windows Azure public cloud).
System Center 2012 R2 App Controller delivers a web interface that provides administrators and end users with a common self-service experience to manage resources across private, public (Windows Azure), and hosting service provider clouds:
Setting up clouds
App Controller connects to Virtual Machine Manager to provide private cloud management, and both App Controller and Virtual Machine Manager need to be running the same version (2012 or 2012 R2).
To connect to a service-provider cloud, the administrator enters the details provided by the hosting service provider, who will have configured System Center Provider Foundation with the tenant details and provided the necessary certificate to import into App Controller. Similarly, Windows Azure subscription details can be entered by providing the Subscription ID and Management certificate details.
Access to hosting service-provider clouds and Windows Azure subscriptions can then be managed by creating or modifying the user role. The administrator can add users and groups from Active Directory that will have either read-only or full access to these clouds. In case there are multiple subscriptions, the administrator can choose which subscriptions individual users and groups will have access to:
Once the administrator connects to all the clouds that the organization has access to, the business unit IT administrators and self-service users see the clouds that they have access to, based on the roles defined in Virtual Machine Manager (for private clouds) and App Controller (for hosting service-provider clouds and Windows Azure). The page displays the quota assigned for each cloud, and the current resource utilization, so that you are in a better position to decide where you want to create your next virtual machine or service:
When you are ready to deploy your service or virtual machine, select the cloud where you want the service or virtual machine deployed, and choose from the available templates. The templates shown here are again based on the permissions given in Virtual Machine Manager:
The Services workspace displays all the services deployed to private, public, and service-provider hosted clouds, and it lets you perform administration tasks like start, stop, resume, suspend, shutdown of the service, which in turn will do the corresponding task for all the virtual machines that are part of the template. This is useful for administrators, especially when there are a lot of services deployed.
You can also get a diagram view of a service that gives a visual representation of all the virtual machines that are part of a service and the networks and other virtual machines that they are connected to. When the administrator publishes an update for a deployed service template, a notification appears in the portal and you can update the template at your convenience.
The Virtual Machines workspace displays all the virtual machines that are deployed either as a standalone deployment or as part of a service template. All the virtual machines running on the service-provider hosted cloud as well as the public cloud are also listed in the same page, giving you an overall picture of all the resources that you own or are responsible for from a single page, as well as their current status and resources utilization. Administration tasks like start, shutdown, pause, save, store, mount image, and remote desktop can be performed by selecting the appropriate option:
Performing operations across clouds
One of the biggest benefits of App Controller is the flexibility that it provides administrators to perform operations across clouds using a single management interface. This may be important for different scenarios, like moving a workload temporarily to Windows Azure when you anticipate an increased load, or even to automate the migration using System Center 2012 R2 Orchestrator. With App Controller, this can be achieved by just copying the virtual machine that needs to be moved. The virtual machine that needs to be moved from the private cloud to Windows Azure has to be first shut down and stored in the library. Once the virtual machine is in a stored state, you can copy the virtual machine’s disk to Windows Azure, and then create a VM in Azure using that disk.
Similarly, you can move a virtual hard disk from Windows Azure to the local virtual machine library by selecting the virtual hard disk from Windows Azure and copying it from there:
You can then use the Virtual Machine Manager console to deploy the virtual hard disk that has been copied.
MS Anand
Technical Evangelist, Microsoft Technology Center India
How to learn more
The following sections provide links where you can learn more about App Controller.
Product home page
Your starting point for exploring, trying, buying, deploying, and supporting App Controller and other System Center 2012 R2 products is the System Center 2012 R2 home page on Microsoft’s Server And Cloud Platform site at http://www.microsoft.com/en-us/server-cloud/products/system-center-2012-r2/.
TechNet Library
If you’re already familiar with previous versions of App Controller, you might want to start with “What’s New in System Center 2012 R2 App Controller” found at http://technet.microsoft.com/en-us/library/dn249765.aspx. If you’re new to App Controller, you can browse the full online documentation for App Controller starting from http://technet.microsoft.com/en-us/library/hh546834.aspx.
TechNet wiki
The System Center 2012 App Controller Survival Guide can be found at http://social.technet.microsoft.com/wiki/contents/articles/7565.system-center-2012-app-controller-survival-guide.aspx.
TechNet forums
To get answers to your questions about App Controller, try posting to the App Controller - General forum on TechNet at http://social.technet.microsoft.com/Forums/en-us/home?forum=appcontroller.
TechNet Evaluation Center
You can download evaluation versions of App Controller and other System Center 2012 R2 products from the TechNet Evaluation Center at http://technet.microsoft.com/en-US/evalcenter/dn205295.
TechNet Virtual Labs
You can try out App Controller and other System Center 2012 R2 products online using the TechNet Virtual Labs at http://technet.microsoft.com/en-us/virtuallabs.
Channel 9
Channel 9 on MSDN has lots of helpful videos on App Controller. See http://channel9.msdn.com/search?term=App+Controller&type=All.
Microsoft Virtual Academy
The Microsoft Virtual Academy has online courses on App Controller and other System Center 2012 R2 products at http://www.microsoftvirtualacademy.com/product-training/system-center.