Skip to content

Latest commit

 

History

History
105 lines (67 loc) · 4.9 KB

README.md

File metadata and controls

105 lines (67 loc) · 4.9 KB

Connection Scripts

Note

For Azure Stack versions 1903 or earlier, please use the code from the tag PRE-1904. For the Azure Stack version 1902 and 1903, the work around mentioned in the issue is also needed

As a prerequisite, make sure that you installed the correct PowerShell modules and versions:

For Azure stack 1901 or later

Install-Module -Name AzureRM -RequiredVersion 2.4.0
Install-Module -Name AzureStack -RequiredVersion 1.7.0

For all other azure stack versions, please follow the instructions at https://aka.ms/azspsh for the needed azure powershell

This tool set allows you to connect to an Azure Stack Development Kit (ASDK) instance from an external personal laptop. You can then access the portal or log into that environment via PowerShell.

Instructions below are relative to the .\Connect folder of the AzureStack-Tools repo.

Import-Module .\AzureStack.Connect.psm1

VPN to Azure Stack Development Kit

VPN to Azure Stack Development Kit

The Connect to Azure Stack document describes ways to connect to your Azure Stack Development Kit environment.

One method is to establish a split tunnel VPN connection to an Azure Stack Development Kit. This allows your client computer to become part of the Azure Stack Development Kit network system and therefore resolve Azure Stack endpoints.

The tool will also download the root certificate of the targeted Azure Stack Development Kit instance locally to your client computer. This will ensure that SSL sites of the target Azure Stack installation are trusted by your client when accessed from the browser or from the command-line tools.

To connect to an Azure Stack Development Kit via VPN, you will need to know the host IP address of the target installation.

The commands below need to access the Azure Stack Development Kit host computer, so it needs to be a trusted host in PowerShell. Run PowerShell as administrator and modify TrustedHosts as follows.

# Add Azure Stack Development Kit host to the trusted hosts on your client computer
Set-Item wsman:\localhost\Client\TrustedHosts -Value "<Azure Stack host IP address>" -Concatenate

For the VPN connection, use the admin password provided at the time of the Azure Stack deployment.

$Password = ConvertTo-SecureString "<Admin password provided when deploying Azure Stack>" -AsPlainText -Force

Then connect your client computer to the environment as follows.

# Create VPN connection entry for the current user
Add-AzsVpnConnection -ServerAddress <Host IP Address> -Password $Password

# Connect to the Azure Stack instance. This command can be used multiple times.
Connect-AzsVpn -Password $Password

Configure Azure Stack PowerShell Environment

Adding Azure Stack Environment

One method of deploying templates and interacting with your Azure Stack Development Kit is to access it via PowerShell.

See the Azure Stack Install PowerShell article to download and install the correct PowerShell modules for Azure Stack.

To target your Azure Stack instance as a tenant, an AzureRM environment needs to be registered as follows. The ARM endpoint below is the tenant default for a one-node environment. AzureRM cmdlets can be targeted at multiple Azure clouds such as Azure China, Government, and Azure Stack.

Add-AzureRMEnvironment -Name AzureStack -ArmEndpoint "https://management.local.azurestack.external"

To create an administrator environment use the below. The ARM endpoint below is the administrator default for a one-node environment.

Add-AzureRMEnvironment -Name AzureStackAdmin -ArmEndpoint "https://adminmanagement.local.azurestack.external"

Connecting to your environment requires that you obtain the value of your Directory Tenant ID. For Azure Active Directory environments provide your directory tenant name:

$TenantID = Get-AzsDirectoryTenantId -AADTenantName "<mydirectorytenant>.onmicrosoft.com" -EnvironmentName AzureStackAdmin

For ADFS environments use the following:

$TenantID = Get-AzsDirectoryTenantId -ADFS -EnvironmentName AzureStackAdmin

After registering the AzureRM environment, cmdlets can be easily targeted at your Azure Stack instance. For example:

Login-AzureRmAccount -EnvironmentName "AzureStack" -TenantId $TenantID

Similarly, for targeting the administrator endpoints:

Login-AzureRmAccount -EnvironmentName "AzureStackAdmin" -TenantId $TenantID