Microsoft Azure Service Broker
We describes in this blog how to configure Microsoft Azure Service Broker

Microsoft Azure Setup

In this step, you configure your Azure account to allow the Microsoft Azure Service Broker to create and manage Azure resources.

Create an Azure account by following these steps.

Create a service principal by following these steps.

Make sure you have assign the Contributor role to the Service principal

Create a Service Broker Database

Microsoft Azure Service Broker stores information, for example the provisioning information of a service instance, in the database. Follow these steps to create a SQL database on Azure.


Install and Configure Microsoft Azure Service Broker

Download the product file from Microsoft.


Azure Config

The setup in Microsoft Azure setup  must be successfully completed before beginning this configuration. You will need the Azure and database parameters from that step to successfully configure the broker.

Click Azure Config.

For Azure Environment, if you want to create Azure resource in India, select Azure India Cloud. Otherwise, select Azure Cloud.
Enter the Subscription Id from Microsoft Azure setup .

Enter the Tenant Id, Client Id and Client Secret from Microsoft Azure setup .

Click Save.

Broker Config
Click Broker Config.
For Database Provider, select the database type. At the current time, only SQL Database is supported.
For Database Server, enter the endpoint, for example, or the IP address of the SQL database.
For Database Username and Database Password, enter your database credentials.
For Database Name, enter the name of the database where the Microsoft Azure Service Broker can store information.
For Database Encryption Key, enter the key to encrypt the sensitive information which are stored in the database. It should be a 32-character fixed-length string. If the key is forgotten, all sensitive information in the database will never be decrypted.
Click Save.

SQL Database Config

Click SQL Database Config.

For Allow to Create Sql Server, select the checkbox if you want to allow the developers to create the SQL server through the service broker.

For Enable Transparent Data Encryption, select the checkbox if you want to create SQL Database with Transparent Data Encryption enabled by default.

If you did not select Allow to Create Sql Server, you must create a SQL server on Azure for developers to create databases:

Click Add.

Enter values for the following fields: Resource Group of the SQL Server, Location of the SQL Server, SQL Server Name, SQL Server Administrator Login, and SQL Server Administrator Login Password.

Click Save.

Click Default Parameters Config.



Default Parameters Config

If Allow to Genrate Names And Password for the Missing checked, the broker can fix those missing names and passwords in the parameters for creating service instances. Check Generated-String in the json examples in Using Azure Service Broker for details.

Default Resource Group and Default Location can be set to fix missing resource group and location in the parameters for creating service instances.

For each service, you can set default parameters for it. The broker can fix those missing parameters in the parameters for creating service instances. Set them with {} if you don’t require any fixing. The priority of this rule is higher than the rules above.

Click Save.


Confirmation of Installation

The Microsoft Azure Service Broker installs an app named Azure-Services-broker in the Azure- service-broker-space space of the System org.


After Ops Manager finishes the installation, the Microsoft Azure Service Broker appears as a green tile in the Installation Dashboard.

In Apps Manager, the new services are listed in the Marketplace, and are exposed to all orgs and spaces. Users can create instances of these services only by using the Cloud Foundry Command Line Interface (cf CLI) because Apps Manager does not support asynchronous services. See the Using Microsoft azure Service Broker topic for more information.

Confirmation of Service and Plan Access

The Microsoft Azure Service Broker is installed with all services enabled by default. All services can be listed in the Marketplace.

You can disable or enable any services through the cf CLI using the CF Disable-Service-Access or CF Enable-Service-Access commands.
Previous Post Next Post