Deploy Azure Stack On An Azure VM (Part 1)

Share This Post

Pre-Requisite

Request extra CPU quota from Microsoft support for the region that you are looking to use
- You must have a minimum of unused 16 vCPU quota at a minimum for the DSv3 or ESv3 VM series
- Default quota limit is 10 vCPUs
Create a new Azure AD user with Global admin rights
- For example: doazurestack@whatever.onmicrosoft.com
- Make a note of the username and temporary password
- Reset the password in https://portal.office.com
Advisable to use a single complex password to avoid confusion
- Obviously, this is only recommended as we are merely using this for testing and the environment will be destroyed afterwards

Basic Information

Architecture: https://docs.microsoft.com/en-us/azure/azure-stack/azure-stack-architecture
Basic Admin Info: https://docs.microsoft.com/en-us/azure/azure-stack/azure-stack-manage-basics
Deployment Information: https://blogs.technet.microsoft.com/yagmurs/2017/11/05/deploying-azure-stack-development-kit-asdk-straight-on-azure-vm/

Deploy Azure Stack Hyper-V Host as an Azure VM (Approx 20 minutes)

https://github.com/yagmurs/AzureStack-VM-PoC/tree/development
VM Size: Standard_E16s_v3
Admin Password: Set a complex password
Data Disk Size in GB: 256
Data Disk Count: 4
Public DNS: Set a unique DNS name
Leave other settings as default

Log into Azure Stack Host

Connect to the newly deployed Azure VM using RDP to its public IP address
Username in the template is “administrator”
Password is whatever you set
- You may need to use the Azure password reset tool to reset the password

Run Install-ASDK.ps1 script on the desktop (Approx 6 hours)

Open PowerShell (ensure you run as administrator) and run the following:

Set-Location "C:\AzureStackOnAzureVM"

.\Install-ASDK.ps1
Enter the password for the local “Administrator” user (same password used to log into the computer)
- Re-enter the password
Enter the username of the Azure AD user with Global Admin permission that you created earlier
- For example: doazurestack@whatever.onmicrosoft.com
Enter the Azure AD user password
- Re-enter the password
Enter “1” to select “Azure Latest 1807” and enter “C” to confirm
The deployment will start. After about one hour, the system will auto-shutdown. This happens after the Azure VM is joined to the domain.
- Wait about 6 hours for the rest of the deployment to complete
- If you sign in as a local admin after the machine is joined to the domain, you won’t see the deployment progress.
- Do not rerun deployment, instead sign out and sign back in as “AzureStack\AzureStackAdmin” to validate that the deployment process is still running.

Post-Installation Configuration (Approx 1.5 hours)

Follow the instructions on the link below to install Azure Stack PowerShell modules, other Azure stack tools, to activate the tenant admin/user portals and to extend password reset to 180 days (Approx 35 minutes)
- https://docs.microsoft.com/en-us/azure/azure-stack/asdk/asdk-post-deploy
  - Admin Portal registration: https://adminportal.local.azurestack.external/guest/signup
  - User Portal registration: https://portal.local.azurestack.external/guest/signup
    - Log into both portals with the Azure AD User account that you created earlier. For example: doazurestack@whatever.onmicrosoft.com

Subscribe To Our Newsletter

Get updates and learn from the best

More To Explore

Uncategorized

New Azure Container Instance Vulnerability — What to do?

Just yesterday, Microsoft disclosed a new (and yet to be clarified) Azure Container Instance vulnerability — https://msrc-blog.microsoft.com/2021/09/08/coordinated-disclosure-of-vulnerability-in-azure-container-instances-service/. From the information shared in the disclosure, it seems

David Okeyode September 9, 2021

Protecting against #ChaosDB

Cloud security researchers @sagitz and @nirohfeld who both work at Wiz recently discovered what I think is a major vulnerability that exploits the recent CosmosDB Jupyter notebook feature to

David Okeyode August 27, 2021