Azure cloud access configuration
In order to allow configure Model9 for Azure cloud access, use the following procedure:
COLLECTING REQUIRED INFORMATION
- Storage account name - Document the storage account name you created for Model9, for example:
model9demoaccount
- Container name - Document the container name, for example:
model9-demo-container
- Storage account URL - On the Azure portal select the container you created for Model9 and go to Properties. A URL for the container will be shown: https://<StorageAccountName>.blob.core.windows.net/<containerName>For example:https://model9demoaccount.blob.core.windows.net/model9-demo-containerWhen configuring Model9, do not include the container name in the URL. In this example:https://model9demoaccount.blob.core.windows.net
- Application secret - Make sure you have the secret created on the previous steps. if not, repeat this step and collect the secret, for example:
on~bO.B_R_uzip3u3OKdw7gUDV92s_z4_F
- Application and Tenant ID - On the Azure portal go to the Azure active directory and “App registration”.Select the Model9 application and go to the overview tab.The application (client) ID and directory (tenant) ID will be avialable on the top of the screen, for example:Application (client) ID:
a7819e18-fdca-4b23-9d7c-04e0ba392bfc
Directory (tenant) ID:f3a811d8-2e40-4a50-8a88-84317dbf578b
SERVER CONFIGURATION
The server configuration should have the exact same cloud values.
The following agent parameters needs to be configured on the
model9-local.yml
file on the Linux server under /data/model9/conf/model9-local.yml
model9.objstore.endpoint.api.id: azureblob-oauth2model9.objstore.jclouds-config.jclouds.oauth.audience: https://storage.azure.com/model9.objstore.jclouds-config.jclouds.oauth.credential-type: clientCredentialsSecretmodel9.objstore.endpoint.url: <Storage account URL>model9.objstore.resources.container.name: <Container Name>model9.objstore.jclouds-config.jclouds.azureblob-oauth2.storageaccount: <Storage Account Name>model9.objstore.jclouds-config.oauth.endpoint: https://login.microsoftonline.com/<Tenant ID>/oauth2/tokenmodel9.objstore.endpoint.userid: <Application ID>model9.objstore.endpoint.password: <Application Secret>
According to the examples in this document the parameters will look like this:
model9.objstore.endpoint.api.id: azureblob-oauth2model9.objstore.jclouds-config.jclouds.oauth.audience: https://storage.azure.com/model9.objstore.jclouds-config.jclouds.oauth.credential-type: clientCredentialsSecretmodel9.objstore.endpoint.url: https://model9demoaccount.blob.core.windows.netmodel9.objstore.resources.container.name: model9-demo-containermodel9.objstore.jclouds-config.jclouds.azureblob-oauth2.storageaccount: model9demoaccountmodel9.objstore.jclouds-config.oauth.endpoint: https://login.microsoftonline.com/f3a811d8-2e40-4a50-8a88-84317dbf578b/oauth2/tokenmodel9.objstore.endpoint.userid: a7819e18-fdca-4b23-9d7c-04e0ba392bfcmodel9.objstore.endpoint.password: on~bO.B_R_uzip3u3OKdw7gUDV92s_z4_F
The server parameters are prefixed with “model9.”
AGENT CONFIGURATION
In order to configure the Model9 agent cloud definitions you will need the information collected above.
The following Agent parameters should be configured on the
agent.yml
configuration file under /usr/lpp/model9/conf/agent.yml
:objstore.endpoint.api.id: azureblob-oauth2
objstore.jclouds-config.jclouds.oauth.audience: https://storage.azure.com/
objstore.jclouds-config.jclouds.oauth.credential-type: clientCredentialsSecret
objstore.endpoint.url: <Storage account URL>
objstore.resources.container.name: <Container Name>
objstore.jclouds-config.jclouds.azureblob-oauth2.storageaccount: <Storage Account Name>
objstore.jclouds-config.oauth.endpoint: https://login.microsoftonline.com/<Tenant ID>/oauth2/token
objstore.endpoint.userid: <Application ID>
objstore.endpoint.password: <Application Secret>
According to the examples in this document the parameters will look like this:
objstore.endpoint.api.id: azureblob-oauth2
objstore.jclouds-config.jclouds.oauth.audience: https://storage.azure.com/
objstore.jclouds-config.jclouds.oauth.credential-type: clientCredentialsSecret
objstore.endpoint.url: https://model9demoaccount.blob.core.windows.net
objstore.resources.container.name: model9-demo-container
objstore.jclouds-config.jclouds.azureblob-oauth2.storageaccount: model9demoaccount
objstore.jclouds-config.oauth.endpoint: https://login.microsoftonline.com/f3a811d8-2e40-4a50-8a88-84317dbf578b/oauth2/token
objstore.endpoint.userid: a7819e18-fdca-4b23-9d7c-04e0ba392bfc
objstore.endpoint.password: on~bO.B_R_uzip3u3OKdw7gUDV92s_z4_F