March 21, 2013 at 12:59 pm in by
Hello Everyone, Description First question, what is System Center 2012 SP1 Service Provider Foundation?On TechNet (), I found the following description: Service Provider Foundation is provided with System Center 2012 – Orchestrator, a component of System Center 2012 Service Pack 1 (SP1). Service Provider Foundation exposes an extensible OData web service that interacts with Virtual Machine Manager (VMM). This enables service providers and hosters to design and implement multi-tenant self-service portals that integrate IaaS capabilities available System Center 2012 SP1. In other words: Service Provider Foundation is available on the same ISO file than System Center Orchestrator 2012 SP1. A hoster is any person that is providing a hosting services (Hyper-v hosts, networks, …) from his infrastructure to different customers/tenants who will deploy VM, Apps, websites on the hoster’s infrastructure. SPF will help these hosters to build a multi-tenants self-service portal that will present anextended web service for Virtual Machine Manager. Concerning the portal, you could build one on your own or you could use the Windows Azure Services for Windows Server. (This topic will be cover in another blog post) Prerequisites A new server on which we will install SPF (We will call it SRV-SPF01) Orchestrator Iso file The Virtual Machine Manager 2012 SP1 Administrator Console must be installed on SRV-SPF01 A SQL server that could be used by SPF for installing its DB Download the Certificate Creation Tool here : Download and install MVC4: Download and install WCF Data Services 5.0 for OData V3 : A Active Directory Global Security group that we will called SPF-Admins A service account that is member of the VMM Administrator group, SPF-Admins group and local administrator group on SRV-SPF01 Your AD account must be member of the SPF-Admins group also The following Roles and Features must be installed on SRV-SPF01 Create the SSL certificates Service Provider Foundation requires that aSecure Sockets Layer (SSL) server certificate be configured for its website bindings. The Service Provider Foundation website is the endpoint for the Admin service and the Virtual Machine Manager (VMM) service that use Representational State Transfer (REST) and Open Data Protocol (OData) technology to communicate with clients and portal applications. The certificate should conform to the following recommendations: A self-signed certificate should be used only for testing purposes. The fully qualified domain name (FQDN) should be specified for the certification path instead of “localhost”. A self-signed certificate should be placed in the personal store. A complete explanation is available on TechNet: We first need to create test Root Certificate, with the MAKECERT application that we download in the perquisites. makecert -pe -n “CN=TestRootCA” -ss personal -sr LocalMachine -sky signature -r “TestRootCA.cer” We now have to create a certificate for the machine itself makecert -pe -n“CN=SRV-SPF01.CONTOSO.COM” -ss my -sr LocalMachine -sky exchange -eku 1.3.6.1.5.5.7.3.1,1.3.6.1.5.5.7.3.2 -in “TestRootCA” -is personal -ir LocalMachine -sp “Microsoft RSA SChannel Cryptographic Provider” -sy 12 SPFTestCert.cer At the end, we have two new certificates, move these certificates to a folder that we will access later. SPF installation Start the setup.exe file on the Orchestrator cd and at the bottom, there is the Service Provide Foundation section, click on Install. A new window, dedicated to SPF pops up, click on install. Accepts the license terms and click on Next. Check the box and click on Next. Once the prerequisites check done, click on Next. Specify your SQL Server and click on Next. Click on Change Folder and browse to the folder where you stored the two certificates that you created earlier.Review the information available in Certificate Store and Certificate Name, if everything is ok, click on Next. Specify the AD group and service account that we created duringthe perquisites and click on Next. Specify the AD group and service account that we created during the perquisites and click on Next. Specify the AD group and service account that we created during the perquisites and click on Next. Selection your own values and click on Next. Review all the information and click on Install. SPF installation in progress. Installation completed. This post is in fact the first one of a service dedicated to Windows Azure Services for Windows Server.Stay tuned!!! Christopher