of 90
8/12/2019 Deploy SQL Server Business Intelligence in Windows Azure Virtual Machines
1/90
8/12/2019 Deploy SQL Server Business Intelligence in Windows Azure Virtual Machines
2/90
Page 1of 89
Deploy SQL Server Business
Intelligence in Windows Azure Virtual
Machines
Chuck Heinzelman
Summary: This document describes and walks you through the creation of a multiserver
deployment of SQL Server Business Intelligence features, in a Windows Azure Virtual
Machines environment. The document focuses on the use of Windows PowerShell scripts
for each step of the configuration and deployment process.
Category: Step-by-Step
Applies to: SQL Server 2012 SP1, Windows Azure
E-book publication date: August 2013
8/12/2019 Deploy SQL Server Business Intelligence in Windows Azure Virtual Machines
3/90
Page 2of 89
8/12/2019 Deploy SQL Server Business Intelligence in Windows Azure Virtual Machines
4/90
Page 3of 89
Copyright 2012 by Microsoft Corporation
All rights reserved. No part of the contents of this book may be reproduced or transmitted in any form or by any means
without the written permission of the publisher.
Microsoft and the trademarks listed at http://www.microsoft.com/about/legal/en/us/IntellectualProperty/Trademarks/EN-US.aspx are trademarks of the Microsoft group of companies. All other marks are property of their respective owners.
The example companies, organizations, products, domain names, email addresses, logos, people, places, and events
depicted herein are fictitious. No association with any real company, organization, product, domain name, email address,
logo, person, place, or event is intended or should be inferred.
This book expresses the authors views and opinions. The information contained in this book is provided without any
express, statutory, or implied warranties. Neither the authors, Microsoft Corporation, nor its resellers, or distributors will
be held liable for any damages caused or alleged to be caused either directly or indirectly by this book.
8/12/2019 Deploy SQL Server Business Intelligence in Windows Azure Virtual Machines
5/90
Page 4of 89
1. Contents1. Contents ...............................................................................................................................................................
2. Introduction .........................................................................................................................................................
3. What Is Infrastructure as a Service (IaaS)? ..........................................................................................................
4. Why Infrastructure as a Service (IaaS)? ...............................................................................................................
5. Recommended Scenarios for BI on IaaS ..............................................................................................................
6. Document Conventions .......................................................................................................................................
7. Getting Started with IaaS .....................................................................................................................................
7.1. Affinity Groups .............................................................................................................................................
7.2. Virtual Networks ..........................................................................................................................................
7.2.1. Subnets.................................................................................................................................................
7.2.2. DNS .......................................................................................................................................................
7.2.3. On-Premises Connectivity ....................................................................................................................
7.3. Storage .........................................................................................................................................................
7.3.1. Containers ............................................................................................................................................
7.3.2. Access Keys ..........................................................................................................................................
7.4. Cloud Service ................................................................................................................................................
7.4.1. Deployments ........................................................................................................................................
7.4.2. Virtual IP Address .................................................................................................................................
7.5. Endpoints .....................................................................................................................................................
7.6. Virtual Machines ..........................................................................................................................................
7.7. Availability Sets ............................................................................................................................................
7.8. Disks .............................................................................................................................................................
7.9. Images ..........................................................................................................................................................
8. Prerequisites and Assumptions............................................................................................................................
9. Windows Azure PowerShell Commands ..............................................................................................................
10. Non-Windows Azure PowerShell Commands ..................................................................................................
11. The Overall Environment .................................................................................................................................
12. Overview of the Deployment Steps .................................................................................................................
13. Step 1: Configure the Windows Azure Environment .......................................................................................
13.1. Create the Affinity Group .........................................................................................................................
13.1.1. Validation .............................................................................................................................................
13.2. Network ...................................................................................................................................................
8/12/2019 Deploy SQL Server Business Intelligence in Windows Azure Virtual Machines
6/90
Page 5of 89
13.2.1. Create the Virtual Network ..................................................................................................................
13.2.2. Validation .............................................................................................................................................
13.2.3. Point-to-Site VPN .................................................................................................................................
13.3. Cloud Service ............................................................................................................................................
13.3.1. Create the Cloud Service ......................................................................................................................
13.3.2. Validation .............................................................................................................................................
13.4. Storage Account .......................................................................................................................................
13.4.1. Create the Storage Account .................................................................................................................
13.4.2. Validation .............................................................................................................................................
14. Step2: Deploy Active Directory Domain Services ............................................................................................
14.1. First Domain Controller ............................................................................................................................
14.1.1. Provision VM ........................................................................................................................................
14.1.2. Validation .............................................................................................................................................
14.1.3. Format Disks .........................................................................................................................................
14.1.4. Create Domain .....................................................................................................................................
14.1.5. Create Sites and Subnets .....................................................................................................................
14.1.6. Remove Forwarder ..............................................................................................................................
14.2. Second Domain Controller .......................................................................................................................
14.2.1. Provision VM ........................................................................................................................................
14.2.2. Format Disks .........................................................................................................................................
14.2.3. Create Domain Controller ....................................................................................................................
14.2.4. Create Share .........................................................................................................................................
14.3. Service User Accounts ..............................................................................................................................
14.3.1. Create Service User Accounts ..............................................................................................................
15. Step 3: Configure SQL Server Database Servers (SharePoint Back End) ..........................................................
15.1. First SQL Server Instance ..........................................................................................................................
15.1.1. Provision VM ........................................................................................................................................
15.2. Format Disks .............................................................................................................................................
15.3. Enable Clustering .....................................................................................................................................
15.4. Install SQL Server .....................................................................................................................................
15.5. Second SQL Server Instance .....................................................................................................................
16. Step 4: Configure SQL Server PowerPivot Servers ...........................................................................................
16.1. First PowerPivot Server ............................................................................................................................
8/12/2019 Deploy SQL Server Business Intelligence in Windows Azure Virtual Machines
7/90
Page 6of 89
16.1.1. Provision VM ........................................................................................................................................
16.1.2. Install SQL Server .................................................................................................................................
16.2. Second PowerPivot Server .......................................................................................................................
17. Step 5: Deploy the first SharePoint Application/Central Administration Server .............................................
17.1. SharePoint Image .....................................................................................................................................
17.1.1. Provision VM ........................................................................................................................................
17.1.2. Install SharePoint Prerequisites ...........................................................................................................
17.1.3. Install SharePoint .................................................................................................................................
17.1.4. Install Add-Ins.......................................................................................................................................
17.1.5. Install Updates .....................................................................................................................................
17.1.6. Sysprep .................................................................................................................................................
17.1.7. Capture Image ......................................................................................................................................
17.2. First SharePoint Server .............................................................................................................................
17.2.1. Provision VM ........................................................................................................................................
17.2.2. Create New Farm .................................................................................................................................
17.2.3. Add PowerPivot Solutions ....................................................................................................................
17.2.4. Install PowerPivot Features .................................................................................................................
17.2.5. Configure Service Instance ...................................................................................................................
17.2.6. Create PowerPivot Service Application ................................................................................................
17.2.7. Create Default Web Application ..........................................................................................................
17.2.8. Deploy Web Application Solution ........................................................................................................
17.2.9. Create Site Collection ...........................................................................................................................
17.2.10. Activate PowerPivot Feature ...........................................................................................................
17.2.11. Start the Claims to Windows Token Service ....................................................................................
17.2.12. Configure Secure Store Service ........................................................................................................
17.2.13. Configure Alternate Access Mappings .............................................................................................
17.2.14. Install Reporting Services .................................................................................................................
17.2.15. Install Reporting Services Bits ..........................................................................................................
17.2.16. Enable Reporting Services ................................................................................................................
17.2.17. Create Reporting Services Shared Service Application ....................................................................
17.2.18. Grant Reporting Services permissions .............................................................................................
17.3. Section Validation ....................................................................................................................................
18. Step 6: Configure AlwaysOn Availability Groups .............................................................................................
8/12/2019 Deploy SQL Server Business Intelligence in Windows Azure Virtual Machines
8/90
Page 7of 89
18.1. Create Cluster ..........................................................................................................................................
18.1.1. Validation .............................................................................................................................................
18.2. Enable AlwaysOn Availability Groups ......................................................................................................
18.2.1. Validation .............................................................................................................................................
18.3. Create Availability Group .........................................................................................................................
18.3.1. Validation .............................................................................................................................................
18.4. Enable High Availability in SharePoint .....................................................................................................
18.4.1. Validation .............................................................................................................................................
19. Step 7: Deploy SharePoint Web Front End Servers .........................................................................................
19.1. Provision VM ............................................................................................................................................
19.1.1. Validation .............................................................................................................................................
19.2. Join SharePoint Farm ...............................................................................................................................
19.2.1. Validation .............................................................................................................................................
19.3. Import Certificate .....................................................................................................................................
19.3.1. Validation .............................................................................................................................................
19.4. Deploy PowerPivot Solutions ...................................................................................................................
19.4.1. Validation .............................................................................................................................................
19.5. Configure Second SharePoint Web Front End .........................................................................................
20. Step 8: Deploy Additional SharePoint Application/Central Administration Servers .......................................
20.1. Provision VM ............................................................................................................................................
20.1.1. Validation .............................................................................................................................................
20.2. Join SharePoint Farm ...............................................................................................................................
20.2.1. Validation .............................................................................................................................................
20.3. Configure Local Service Instances ............................................................................................................
20.3.1. Validation .............................................................................................................................................
20.4. Start the SharePoint Services ...................................................................................................................
20.4.1. Validation .............................................................................................................................................
20.5. Deploy PowerPivot Solutions ...................................................................................................................
20.5.1. Validation .............................................................................................................................................
20.6. Install Reporting Services Bits ..................................................................................................................
20.6.1. Validation .............................................................................................................................................
20.7. Enable Reporting Services ........................................................................................................................
20.7.1. Validation .............................................................................................................................................
8/12/2019 Deploy SQL Server Business Intelligence in Windows Azure Virtual Machines
9/90
Page 8of 89
21. Conclusion ........................................................................................................................................................
21.1. For more information: .............................................................................................................................
21.2. Feedback ..................................................................................................................................................
8/12/2019 Deploy SQL Server Business Intelligence in Windows Azure Virtual Machines
10/90
Page 9of 89
2. IntroductionWeve been getting more and more requests for guidance on running Business Intelligence (BI)
workloads in Windows Azure Virtual Machines. This paper is a joint effort between the Microsoft
SQL Server BI portion of the Windows Azure Customer Advisory Team and Microsoft's Israel
Development Center. The deployment guidance in this document is based on customer experiences,
customer feedback, and user research.
The environment outlined in this document works as a stand-alone environment that does not need
to connect to an on-premises Active Directory domain. It emphasizes BI deployment techniques for
Windows Azure Virtual Machines without going too deeply into individual BI technologies. The
paper assumes that you already understand how to build BI environments in general and you now
want to deploy a Microsoft SharePoint based BI environment in Windows Azure Virtual Machines.
This document should serve as a starting point to build such a Windows Azure-based BI
environment.
Although this paper describes the use of Windows PowerShell to build the environment, most of
these tasks can also be accomplished through other tools, including the Windows AzureManagement Portal, SQL Server Management Studio, and SharePoint Central Administration. The
Windows PowerShell approach does not require the use of multiple tools and can easily be
automated and repeated as needed.
3. What Is Infrastructure as a Service (IaaS)?IaaS is any environment that enables you to host virtual machines (VMs) without having to build and
maintain the hosting infrastructure yourself. Many corporate IT departments take advantage of
virtualization environments to run their workloads. IaaS eliminates the need to install or maintain
host servers, enabling you to focus on your VMs rather than the infrastructure. In Windows Azure,
IaaS is provided through the Windows Azure Virtual Machines service.
4. Why Infrastructure as a Service (IaaS)?There are several reasons to run BI workloads on IaaS. Some reasons are related to the general
benefits of an IaaS environment. Other reasons are derived from the combination of IaaS
advantages with the characteristics of BI solutions:
Seamless migration to the cloud.IaaS is the most accessible alternative for migrating BI
workloads to the cloud, because IaaS is very similar to existing on-premises architectures.
No physical infrastructure maintenance.Windows Azure takes care of physical infrastructure
deployment and maintenance for you.
IaaS solutions are flexible.Additional VMs can be created from predefined Windows Azure
gallery images or from custom images. You can deploy additional servers to increase capacity
dynamically.
Reduced total cost of ownership (TCO).By accruing costs only for consumed resources,
required software SKUs, and actual resource usage time, IaaS can help to lower TCO. This is
especially significant for short-lived projects, such as demos or proof-of-concept (POC)
deployments.
8/12/2019 Deploy SQL Server Business Intelligence in Windows Azure Virtual Machines
11/90
Page 10of 89
5. Recommended Scenarios for BI on IaaSIaaS is a good choice for the following scenarios:
DemonstrationsIaaS is a convenient option when you need to demonstrate the new
Microsoft BI stack. No hardware is required, and the deployed solution is available from
everywhere. Also, cost is associated only with the time during which the solution isdeployed.
Proof of concept (POC)IaaS can be used for creating a POC of a BI solution. Running the
POC on IaaS enables trial and error of various architectures while avoiding the high costs
associated with buying hardware. After the BI solution architecture is clear, it can be
decided which hardware to buy, or even continue using IaaS for the production solution.
Also, the Windows Azure gallery provides some building blocks that can save some work in
comparison to the on-premises alternative, for example VM images that contain Operating
Systems and so on.
Development/Test/Lab/TrainingDevelopment and test environments commonly require
an iterative build-and-try workflow. Training environments frequently require several
machines configured in a specific way for several days, and lab environments can be used
for various explorations and scenario testing. For all these cases, using IaaS is convenient
because it provides maximum flexibilitydifferent environments can be created quickly,
and IaaS is easy to scale as needed. Also, as in previous scenarios, cost is minimized to the
actual required resources.
6. Document ConventionsThis section describes documentation conventions used in this paper.
Each implementation section starts with a description of the desired end result of that section. If
you feel comfortable implementing the particular section without using the sample scripts included
in the document, feel free to skip the scripted guidance and implement that section on your own.
Important: The implementation sections are progressively dependent on each other; later
sections build on previous sections. You cannot complete sections later in the document if the
previous sections have not been completed by either the scripts provided or manually by you.
Each implementation section concludes with steps and recommendations for how to verify that the
steps for that section completed successfully. You should verify the results of each section before
you proceed to the next section.
Scripting ConventionsThis document makes wide use of Windows PowerShell scriptfragments. If the fragment contains a single command, the text leading up to it provides
information on what the script does. If the fragment contains several commands, the text
leading up to it provides information on what the fragment as a whole does, and comments
(Windows PowerShell comments start with #) embedded in the fragment describe what is
happening in more detail.
http://findicons.com/icon/2958/warning?id=29588/12/2019 Deploy SQL Server Business Intelligence in Windows Azure Virtual Machines
12/90
Page 11of 89
7. Getting Started with IaaSThis section goes over the topics and terminology specific to Windows Azure. The content in the
section is not specific to BI, but if you are new to Windows Azure, it helps you understand the
overall Windows Azure IaaS environment. If you are comfortable with these topics already, feel free
to skip this section and move on to the architectural guidance.
Note that this information is believed to be accurate at the time of the papers publication. The
Windows Azure environment is a live service that receives updates and improvements. For the most
up-to-date information about Windows Azure, see the following:
Windows Azurehttp://www.windowsazure.com
Virtual Machineshttp://www.windowsazure.com/en-
us/documentation/services/virtual-machines/?fb=en-us
7.1.Affinity GroupsIn Windows Azure, an affinity groupis a logical grouping of resources defined by the user. When
storage and virtual machines are grouped into affinity groups, Windows Azure does all it can to
locate these resources physically close together in the data center, which helps minimize latency.
It is important to locate your virtual machines and the storage close together physically, because
the virtual hard disks (VHDs) used by the virtual machines are stored as blobs in Windows Azure
storage.
7.2.Virtual Networks
In Windows Azure, you can define one or more virtual networks within your subscription. A
virtual network is private to you and the services that you deploy to itVMs that are not a part
of the virtual network cannot see into the virtual network. You can define a single address space
or multiple address spaces within your virtual network, and you can divide those address spaces
up into multiple subnets if you wantthe flexibility is yours.
It is worth mentioning at this point that it is important to plan your virtual network carefully
before you create resources. After resources (virtual machines in this case) are deployed to a
network, most of the configuration settings on that network cannot be changed. The only way to
change configuration settings after deployment is to deprovision the resources from the
network, make your changes, and then add the resources back to the network. This is time-
consuming, and it requires downtime of your applications and services while the work is being
performed.
All IP addresses within Windows Azure Virtual Machines are assigned through Dynamic Host
Configuration Protocol (DHCP) and remain assigned to the VM until the VM is deallocated. It isimportant that you do not change the IP address in your virtual machines. If you manually change
the IP address, you may lose connectivity to the VM. Let Windows Azure provide the network
settings for all of the machines that you deploy. For more information, see
http://msdn.microsoft.com/en-us/library/windowsazure/dn133803.aspx .
http://www.windowsazure.com/http://www.windowsazure.com/http://www.windowsazure.com/http://www.windowsazure.com/en-us/documentation/services/virtual-machines/?fb=en-ushttp://www.windowsazure.com/en-us/documentation/services/virtual-machines/?fb=en-ushttp://www.windowsazure.com/en-us/documentation/services/virtual-machines/?fb=en-ushttp://www.windowsazure.com/en-us/documentation/services/virtual-machines/?fb=en-ushttp://msdn.microsoft.com/en-us/library/windowsazure/dn133803.aspxhttp://msdn.microsoft.com/en-us/library/windowsazure/dn133803.aspxhttp://findicons.com/icon/2958/warning?id=2958http://msdn.microsoft.com/en-us/library/windowsazure/dn133803.aspxhttp://www.windowsazure.com/en-us/documentation/services/virtual-machines/?fb=en-ushttp://www.windowsazure.com/en-us/documentation/services/virtual-machines/?fb=en-ushttp://www.windowsazure.com/8/12/2019 Deploy SQL Server Business Intelligence in Windows Azure Virtual Machines
13/90
Page 12of 89
7.2.1.SubnetsA virtual network in Windows Azure supports address space divided into multiple subnets.
Routing between the subnets is automatically handled through Windows Azure, so VMs in one
subnet on your virtual network are automatically able to see VMs in other subnets within the
same virtual network. You can add more subnets to a virtual network after machines are
deployed, but you cannot change the settings of existing subnets without removing all of thedeployed resources.
Windows Azure uses some of the addresses in each subnet defined for its own internal
purposes. Currently Windows Azure consumes three addresses from every subnet defined
(which is why a /29 subnet is the smallest that you can define). When you plan your network,
make sure that you take this information into account. You might need to use a larger subnet
than you think to accommodate for the addresses that Windows Azure consumes.
Avoid making assumptions about IP address assignments. It is common for
administrators to make the assumption that the first IP address that they receive in a
subnet will be the fourth possible IP address. For example, for a 10.10.10.0/29 subnet,
you might assume that the first IP address handed out is 10.10.10.4. Although that
assumption is currently correct, the pattern of IP address assignment can change at any
time without warning. The best bet here is to refrain from making assumptions about
the IP address that your VM will receive.
7.2.2.DNSWindows Azure provides a Domain Name System (DNS) server that allows you to access the
Internet from your virtual machines. You can also provide your own DNS servers on your virtual
network to handle name resolution within your own network. In the example deployment that
we build in this paper, two DNS servers are defined, and they provide name resolution within
the virtual network.
You can define the DNS servers in two places, at the virtual network level and at the Cloud
Service level. DNS settings that are defined at the Cloud Service level apply to every machine
deployed into that Cloud Service, regardless of what the virtual network-level settings are. DNS
settings that are defined at the virtual network level apply to every machine deployed to that
network, unless that machine is part of a Cloud Service that has custom DNS settings.
7.2.3.On-Premises ConnectivityWindows Azure Virtual Networks can be set up for on-premises connectivity in two different
ways point-to-site and site-to-site. Each method has its own purpose, and both can be used
in the same virtual network.
Point-to-Site On-Premises Connectivity
Point-to-site connectivity is essentially a virtual private network (VPN) connection into
your virtual network. Your machine gets an IP address on the virtual network, and you
can then communicate with the machines via IP address or via names resolved by a
DNS server, if you have configured one. This best way to think about point-to-site
connectivity is like a corporate VPN. When you are off-site, you can use VPN software
provided by your employer to connect to network resources at the office. This is the
8/12/2019 Deploy SQL Server Business Intelligence in Windows Azure Virtual Machines
14/90
Page 13of 89
same basic technology that corporate VPNs use. The communication channel between
your machine and the virtual network in Windows Azure is handled through certificates
that you create and load rather than user names and passwords.
Site-to-Site On-Premises Connectivity
Site-to-site connectivity is different from point-to-site connectivity. Site-to-site
connectivity is meant to be a permanent tunnel between your corporate environment
and your virtual network in Windows Azure. If you set up site-to-site connectivity, your
cloud-based virtual machines can actually be a part of your corporate domain
structure.
7.3.Storage
Windows Azure Virtual Machines make extensive use of .vhd files, similar to what is used
in on-premises Windows Server Hyper-V environment. You can have multiple distinct storage
accounts within a single Windows Azure subscription, and you can spread files from VMs across
multiple storage accounts. The .vhd files used by Windows Azure Virtual Machines are stored inWindows Azure Blob Storage as page blobs. This is an important distinction because there are
two types of blobs in blob storage: page blobs and block blobs. For .vhd files, you use page blobs.
If you have existing machines that you want to host and run in Windows Azure Virtual
Machines, you can upload the .vhd files to Windows Azure Blob Storage and create a virtual
machine based on them. You can also upload a .vhd that includes a sysprepped virtual machine
that can be used as an image to create multiple virtual machines. You can also create new .vhd
by creating a new virtual machine Disk in the management portal (or Windows PowerShell
Add-AzureDatadisk).
7.3.1.ContainersRather than folders, blob storage uses containers to store blobs. When you are workingwith virtual machines, a vhds container is automatically created for you. Containers
have three different levels of security: Private, Public Container, and Public Blob. The
vhds container that is created when you create virtual machines is created as Private.
When you work with virtual machines, you can use whatever container structure works
best for you. All you need to do when creating a virtual machine is provide the full path
to the .vhd file.
The following diagram illustrates the Windows Azure objects that are part of the
storage environment:
8/12/2019 Deploy SQL Server Business Intelligence in Windows Azure Virtual Machines
15/90
Page 14of 89
7.3.2.Access KeysWindows Azure storage accounts can be accessed from various third-party tools (as well as the
published API). This access is commonly done by using one of the access keys on the storage
account. Each storage account has two access keys: a Primary Access Key and a Secondary
Access Key. Both keys provide the same level of access. There are two keys so that if you want
to perform periodic key maintenance you can change one of them while still accessing your
storage through the other.
7.4.Cloud Service
The cloud service is the heart of your cloud-based deployment. It provides a public face to your
infrastructure if you want it to have one. Your level of exposure to the Internet is controlled by how
much you open your cloud service.
7.4.1.DeploymentsCloud services can have multiple deployments. For the purposes of working with Windows Azure Virtual
Machines, the examples in this paper use production deployments.
7.4.2.Virtual IP AddressEach cloud service gets a single public-facing IP address. Along with that, it gets a public DNS entry. If
you name your cloud service BIPaper, its public DNS entry will be BIPaper.cloudapp.net.This IP
address (and public DNS entry) is how you connect to the resources running as part of the cloud service.
7.5.EndpointsFor each virtual machine that you deploy, you can define one or more public endpoints. An endpoint is a
public/private port pairing that acts as a bridge between the public virtual IP address and the privatevirtual machine IP address. For example, if you want inbound (public) traffic on port 53186 of the virtual
IP address routed to port 3389 on a given virtual machine, you can set up an endpoint on that virtual
machine with a public port of 53186 and a private port of 3389.
A public port can only be used once per cloud serviceunless you set the endpoints up as load-balanced
endpoints. You can share a single public endpoint across multiple virtual machines by using the built-in
load balancer in Windows Azure.
8/12/2019 Deploy SQL Server Business Intelligence in Windows Azure Virtual Machines
16/90
Page 15of 89
Many people may want to use remote desktop to connect to their Windows Azure-based virtual
machines. The easiest way to do this is through a point-to-site VPN, but you can still do it without a VPN.
Set up an endpoint on each virtual machine that you want to access with a private port of 3389 (the
standard port for RDP) and an obfuscated public port. The obfuscation of the public port provides two
benefits: 1) multiple machines in the same cloud service can use the same private port without load
balancing, and 2) port 3389 is a well-known port and using it as your public RDP port can open yourinfrastructure up for potential attacks.
7.6.Virtual Machines
Virtual machines are at the core of what we are doing in this paper. In many ways, the machines
that you host in Windows Azure are no different than the machines that you host in Hyper-V on-
premises. There are a few things, such as snapshots, that you are unable to do with Windows Azure
Virtual Machines, and you do not have direct access to the Hyper-V management tools. All management
of virtual machines needs to be done either through the Windows Azure Management Portal
(https://manage.windowsazure.com/ )or through the exposed APIs.
7.7.Availability SetsAvailability setsare logical groupings of virtual machines. Periodically, the host operating systems that
run underneath your virtual machines need to be updated. When these updates happen, any virtual
machine running on that host is taken offline. To get the promised service-level agreement (SLA) for
Windows Azure Virtual Machines, you need to have at least two machines running in a given role (two
domain controllers, for example). Placing those machines in the same availability set tells Windows
Azure that it should make sure that one machine always remains up while host maintenance is being
performed.
7.8.Disks
To present a .vhd stored in blob storage to a virtual machine, verify that the .vhd has a Windows AzureDisk defined. Disks can be marked as data disks, bootable disks (which contain an operating system
image), or images (which contain a sysprepped image that can be used for creating other virtual
machines). In this paper, all three disk types are used.
7.9.ImagesImages are templates in the world of Windows Azure Virtual Machines. There are prebuilt
gallery images for a variety of technologies, including Windows Server and SQL Server. If you
have a situation where you need to add machines to your deployments quickly (such as scaling
out a SharePoint environment), you can create your own custom images with your software
preinstalled. These images can then be used as a template for creating additional machines.
One word of cautionmake sure that the software you install on the image supports beingsysprepped.
The procedures in this document use a base Windows Server image from the Windows
Azure Virtual Machines gallery. The procedures do not use gallery images that contain SQL
Server. We made this choice for the following reasons:
https://manage.windowsazure.com/https://manage.windowsazure.com/https://manage.windowsazure.com/http://findicons.com/icon/2958/warning?id=2958https://manage.windowsazure.com/8/12/2019 Deploy SQL Server Business Intelligence in Windows Azure Virtual Machines
17/90
Page 16of 89
The gallery images have most of SQL Server installed and running. Many of these features
are not needed for the BI scenarios covered in this document. To simplify the installation
and configuration procedure, the scripts install only the SQL Server features that are
needed for the BI scenarios.
Leveraging the gallery images that have SQL Server already installed does not allow you to
make use of your existing licenses. The procedures in this document assume you supply
the installation files and necessary licenses for SQL Server and SharePoint. For more
information, see the prerequisites and assumptions section of this document.
8/12/2019 Deploy SQL Server Business Intelligence in Windows Azure Virtual Machines
18/90
Page 17of 89
8. Prerequisites and AssumptionsWe made several assumptions about our readers and your environments while we were writing this
paper:
Installation BitsFor the purpose of this paper we used the Windows Server 2012 gallery
images. These images do not have any additional software installed on them. You will need toprovide the installation media for SQL Server 2012 with SP1 (Enterprise or Business Intelligence
edition), SharePoint Server 2013 (Enterprise) and any service packs and cumulative updates you
want to apply. The paper was written using the following software:
SQL Server 2012 Enterprise Core edition
SQL Server 2012 ervice pack (SP) 1 and cumulative update (CU) 4
SharePoint Server 2013 Enterprise edition
SharePoint Server 2013 March 2013 CU
SharePoint Server 2013 April 2013 CU
LicensingThrough the use of the Windows Server 2012 gallery images, the Windows licensing
is covered on a pay-by-the-hour basis. Any licensing for the SQL Server and SharePoint
components are the responsibility of the person doing the installation. For more information
about Windows Azure pricing and licensing, seehttp://www.windowsazure.com/en-
us/pricing/details/virtual-machines/ .
Windows Azure SubscriptionYou will need access to a Windows Azure subscription with a
sufficient number of cores allocated. The default is 20 cores per subscription. To build the entire
lab outlined in this document, you need 66 coresat the recommended machine sizes. To
increase the core quota, contacthttp://www.windowsazure.com/en-us/support/options/ .
Important: After you are finished developing and testing the scripts, verify that the Windows
Azure resources are in the desired state so you are not charged for resources you do not need. For
example, if you leave Windows Azure Virtual Machines running, you are charged compute hours. If
you do not want to delete virtual machines and you do not want to incur charges while the virtual
machine is unused, shut down the virtual machine(s) in the Windows Azure Management Portal. For
more information about the cost of Windows Azure compute charges, see
http://www.windowsazure.com/en-us/pricing/calculator/ .
Management CertificateTo use the scripts included in this paper, you need to create a
management certificate and upload it into the Windows Azure Management Portal. For more
information about how to do this, seeCloud Spelunking, Managing Azure form your Desktop via
PowerShell (the Setup) (http://blogs.msdn.com/b/sql_shep/archive/2013/03/29/cloud-
spelunking-managing-azure-form-your-desktop-via-powershell.aspx).
VPN CertificateIf you plan to use the point-to-site VPN functionality to access your virtual
machines, you need to create your root and client certificates. For more information about how
http://www.windowsazure.com/en-us/pricing/details/virtual-machines/http://www.windowsazure.com/en-us/pricing/details/virtual-machines/http://www.windowsazure.com/en-us/pricing/details/virtual-machines/http://www.windowsazure.com/en-us/pricing/details/virtual-machines/http://www.windowsazure.com/en-us/support/options/http://www.windowsazure.com/en-us/support/options/http://www.windowsazure.com/en-us/support/options/http://www.windowsazure.com/en-us/pricing/calculator/http://www.windowsazure.com/en-us/pricing/calculator/http://c/Users/v-pawrig.REDMOND/Downloads/Cloud%20Spelunking,%20Managing%20Azure%20form%20your%20Desktop%20via%20PowerShell%20(the%20Setup)%20(http:/blogs.msdn.com/b/sql_shep/archive/2013/03/29/cloud-spelunking-managing-azure-form-your-desktop-via-powershell.aspxhttp://c/Users/v-pawrig.REDMOND/Downloads/Cloud%20Spelunking,%20Managing%20Azure%20form%20your%20Desktop%20via%20PowerShell%20(the%20Setup)%20(http:/blogs.msdn.com/b/sql_shep/archive/2013/03/29/cloud-spelunking-managing-azure-form-your-desktop-via-powershell.aspxhttp://c/Users/v-pawrig.REDMOND/Downloads/Cloud%20Spelunking,%20Managing%20Azure%20form%20your%20Desktop%20via%20PowerShell%20(the%20Setup)%20(http:/blogs.msdn.com/b/sql_shep/archive/2013/03/29/cloud-spelunking-managing-azure-form-your-desktop-via-powershell.aspxhttp://c/Users/v-pawrig.REDMOND/Downloads/Cloud%20Spelunking,%20Managing%20Azure%20form%20your%20Desktop%20via%20PowerShell%20(the%20Setup)%20(http:/blogs.msdn.com/b/sql_shep/archive/2013/03/29/cloud-spelunking-managing-azure-form-your-desktop-via-powershell.aspxhttp://c/Users/v-pawrig.REDMOND/Downloads/Cloud%20Spelunking,%20Managing%20Azure%20form%20your%20Desktop%20via%20PowerShell%20(the%20Setup)%20(http:/blogs.msdn.com/b/sql_shep/archive/2013/03/29/cloud-spelunking-managing-azure-form-your-desktop-via-powershell.aspxhttp://findicons.com/icon/2958/warning?id=2958http://c/Users/v-pawrig.REDMOND/Downloads/Cloud%20Spelunking,%20Managing%20Azure%20form%20your%20Desktop%20via%20PowerShell%20(the%20Setup)%20(http:/blogs.msdn.com/b/sql_shep/archive/2013/03/29/cloud-spelunking-managing-azure-form-your-desktop-via-powershell.aspxhttp://c/Users/v-pawrig.REDMOND/Downloads/Cloud%20Spelunking,%20Managing%20Azure%20form%20your%20Desktop%20via%20PowerShell%20(the%20Setup)%20(http:/blogs.msdn.com/b/sql_shep/archive/2013/03/29/cloud-spelunking-managing-azure-form-your-desktop-via-powershell.aspxhttp://c/Users/v-pawrig.REDMOND/Downloads/Cloud%20Spelunking,%20Managing%20Azure%20form%20your%20Desktop%20via%20PowerShell%20(the%20Setup)%20(http:/blogs.msdn.com/b/sql_shep/archive/2013/03/29/cloud-spelunking-managing-azure-form-your-desktop-via-powershell.aspxhttp://www.windowsazure.com/en-us/pricing/calculator/http://www.windowsazure.com/en-us/support/options/http://www.windowsazure.com/en-us/pricing/details/virtual-machines/http://www.windowsazure.com/en-us/pricing/details/virtual-machines/8/12/2019 Deploy SQL Server Business Intelligence in Windows Azure Virtual Machines
19/90
Page 18of 89
to do this, seeConfigure a Point-to-Site VPN in the Management Portal
(http://msdn.microsoft.com/en-us/library/windowsazure/dn133792.aspx ).
Windows Azure PowerShell CmdletsIf you intend to use the scripts included in this paper,
you need to download and install the Windows Azure PowerShell cmdlets (the scripts in this
document were created using the June 2013 cmdlets). For more information about how to
download Windows Azure PowerShell, seeDownloads (http://www.windowsazure.com/en-us/downloads/#cmd-line-tools).
Windows PowerShell ScriptingIt is our assumption that people using this document will have
a basic working knowledge of Windows PowerShell, including the definition and use of variables
and scripts. For more information about using Windows PowerShell, seeGetting Started with
Windows PowerShell (http://technet.microsoft.com/en-us/library/hh857337.aspx).
Windows PowerShell Integrated Scripting Environment (ISE)We recommend that you use
the Windows PowerShell ISE tool for running the scripts included in this document. The
Windows PowerShell ISE is installed by default on Windows Server 2012.
On-Box vs. Off-Box ScriptsIn this paper, the terms on-boxand off-boxare used when in
discussions of Windows PowerShell scripts. On-box scripts are Windows PowerShell scripts that
should be run while you are logged into the specified virtual machine. They do not require any
of the Windows Azure settings, but they do require certain variables to be created and
populated. Off-box scripts are Windows PowerShell scripts that should be run from a local
workstation. They require the Windows Azure settings and variables.
9. Windows Azure PowerShell CommandsThis section describes script related document conventions and best practices regarding the Windows
Azure-related PowerShell commands contained in this document.
Run the following command before you run any Windows Azure PowerShell commands.
Import-Module"C:\Program Files (x86)\Microsoft SDKs\WindowsAzure\PowerShell\Azure\Azure.psd1"
This command ensures that the Windows Azure PowerShell cmdlets are loaded. Make sure
that the path is correct for where your Azure.psd1 file is located.
The following standard variable names are used throughout the document.
Variable name Purpose/source
$subscriptionName The name of your Windows Azure subscription
$subscriptionID The unique identifier for your Windows Azure subscription
(can be found in the Settings section of the Windows Azure
Management Portal under Management Certificates)
$thumbPrint The thumbprint of the management certificate that you
uploaded to the Windows Azure Management Portal
$affinityGroupLocation The Windows Azure data center where you will be deploying
your resources
$affinityGroupName The name of the affinity group (must be unique in your
subscription)
$affinityGroupDescription The description for the affinity group
http://c/Users/v-pawrig.REDMOND/Downloads/Configure%20a%20Point-to-Site%20VPN%20in%20the%20Management%20Portal%20(http:/msdn.microsoft.com/en-us/library/windowsazure/dn133792.aspxhttp://c/Users/v-pawrig.REDMOND/Downloads/Configure%20a%20Point-to-Site%20VPN%20in%20the%20Management%20Portal%20(http:/msdn.microsoft.com/en-us/library/windowsazure/dn133792.aspxhttp://c/Users/v-pawrig.REDMOND/Downloads/Configure%20a%20Point-to-Site%20VPN%20in%20the%20Management%20Portal%20(http:/msdn.microsoft.com/en-us/library/windowsazure/dn133792.aspxhttp://c/Users/v-pawrig.REDMOND/Downloads/Configure%20a%20Point-to-Site%20VPN%20in%20the%20Management%20Portal%20(http:/msdn.microsoft.com/en-us/library/windowsazure/dn133792.aspxhttp://c/Users/v-pawrig.REDMOND/Downloads/Downloads%20(http:/www.windowsazure.com/en-us/downloads%23cmd-line-toolshttp://c/Users/v-pawrig.REDMOND/Downloads/Downloads%20(http:/www.windowsazure.com/en-us/downloads%23cmd-line-toolshttp://c/Users/v-pawrig.REDMOND/Downloads/Downloads%20(http:/www.windowsazure.com/en-us/downloads%23cmd-line-toolshttp://c/Users/v-pawrig.REDMOND/Downloads/Downloads%20(http:/www.windowsazure.com/en-us/downloads%23cmd-line-toolshttp://c/Users/v-pawrig.REDMOND/Downloads/Getting%20Started%20with%20Windows%20PowerShell%20(http:/technet.microsoft.com/en-us/library/hh857337.aspxhttp://c/Users/v-pawrig.REDMOND/Downloads/Getting%20Started%20with%20Windows%20PowerShell%20(http:/technet.microsoft.com/en-us/library/hh857337.aspxhttp://c/Users/v-pawrig.REDMOND/Downloads/Getting%20Started%20with%20Windows%20PowerShell%20(http:/technet.microsoft.com/en-us/library/hh857337.aspxhttp://c/Users/v-pawrig.REDMOND/Downloads/Getting%20Started%20with%20Windows%20PowerShell%20(http:/technet.microsoft.com/en-us/library/hh857337.aspxhttp://c/Users/v-pawrig.REDMOND/Downloads/Getting%20Started%20with%20Windows%20PowerShell%20(http:/technet.microsoft.com/en-us/library/hh857337.aspxhttp://c/Users/v-pawrig.REDMOND/Downloads/Getting%20Started%20with%20Windows%20PowerShell%20(http:/technet.microsoft.com/en-us/library/hh857337.aspxhttp://c/Users/v-pawrig.REDMOND/Downloads/Downloads%20(http:/www.windowsazure.com/en-us/downloads%23cmd-line-toolshttp://c/Users/v-pawrig.REDMOND/Downloads/Downloads%20(http:/www.windowsazure.com/en-us/downloads%23cmd-line-toolshttp://c/Users/v-pawrig.REDMOND/Downloads/Configure%20a%20Point-to-Site%20VPN%20in%20the%20Management%20Portal%20(http:/msdn.microsoft.com/en-us/library/windowsazure/dn133792.aspxhttp://c/Users/v-pawrig.REDMOND/Downloads/Configure%20a%20Point-to-Site%20VPN%20in%20the%20Management%20Portal%20(http:/msdn.microsoft.com/en-us/library/windowsazure/dn133792.aspx8/12/2019 Deploy SQL Server Business Intelligence in Windows Azure Virtual Machines
20/90
Page 19of 89
$affinityGroupLabel The label for the affinity group
$virtualNetworkName The name for the virtual network (must be unique in your
subscription)
$cloudServiceName The cloud service name you want to use (must be globally
unique)
$cloudServiceDescription The description for the cloud service$cloudServiceLabel The label for the cloud service
$storageAccountName The storage account name you want to use (must be globally
unique)
$storageAccountLabel The label for the storage account
$domainName The NetBIOS name of the domain being created (BIPaper, for
example)
$domainNameFQ The fully qualified domain name (FQDN) of the domain being
created (BIPaper.local, for example)
We suggest having these variables and the Import-Module command in a script file that you
run with each of the off-box scripts that you run. Here is a sample script block that contains
these variables, including default values for responses that are assumed in the paper.
# Import PowerShell Module...Import-Module"C:\Program Files (x86)\Microsoft SDKs\WindowsAzure\PowerShell\Azure\Azure.psd1"
# Variable Block...# Subscription Information...$subscriptionName=""$subscriptionID=""$thumbPrint=""
# Affinity Group Information...$affinityGroupLocation=""# To see possible locations, run the command: Get-AzureLocation | FT Name, AvailableServices
$affinityGroupName="BIPaper-AffinityGroup"$affinityGroupDescription="Affinity Group used for the BI in IaaS Paper"# Maximumof 1024 Characters...$affinityGroupLabel="BI in IaaS Paper Affinity Group"# Maximum of 100 Characters...
# Virtual Network Information...$virtualNetworkName="BIPaper-Network"
# Cloud Service Information...$cloudServiceName=""$cloudServiceDescription="Cloud Service used for the BI in IaaS Paper"$cloudServiceLabel="BI in IaaS Paper Cloud Service"
# Storage Account Information...$storageAccountName=""# Must be globally unique and all lowercase...$storageAccountLabel=""
# Domain Information...$domainName="BIPaper"$domainNameFQ="BIPaper.local"
In addition, you should set and select your subscription with each command, especially if your account is
associated with more than one subscription. There are two different methods for setting your
subscription, one for a subscription that contains a storage account and one for a subscription that does
not have a storage account. Each script listed includes information about which method to use.
8/12/2019 Deploy SQL Server Business Intelligence in Windows Azure Virtual Machines
21/90
Page 20of 89
Withoutstorage account:
$certificate=Get-Itemcert:\currentuser\my\$thumbPrint
Set-AzureSubscription`-SubscriptionName$subscriptionName`-SubscriptionId$subscriptionID`-Certificate$certificate
Select-AzureSubscription`-SubscriptionName$subscriptionName
Withstorage account:
$certificate=Get-Itemcert:\currentuser\my\$thumbPrint
Set-AzureSubscription`-SubscriptionName$subscriptionName`-SubscriptionId$subscriptionID`-Certificate$certificate`-CurrentStorageAccount$storageAccountName
Select-AzureSubscription`-SubscriptionName$subscriptionName
10. Non-Windows Azure PowerShell CommandsThe following is the list of standard variables that this paper uses for Windows PowerShell
commands. The variables are not used for WindowsAzurePowerShell.
Variable name Purpose/source
$domainNameFQ The fully qualified domain name (FQDN) that you want to use
(BIPaper.local, for example)
$domainName The NetBIOS name for the domain (BIPaper, for example)
$dbServer The name of the primary database server (BIPaper-DB1, forexample)
$dbServer2 The name of the secondary database server (BIPaper-DB2, for
example)
$farmServiceAccount The name of the service account to use for running the SharePoint
farm (SP_Farm, for example)
$reportingServiceAccount The name of the service account to use for running SQL Server
Reporting Services (SQL_Reporting, for example)
$cloudServiceName The name used for the Windows Azure cloud service (BIPaper, for
example)
$clusterName The name used for the Windows Failover Cluster required by
AlwaysOn Availability Groups (BIPaper-DB, for example)$quorumServerName The name of the server that hosts the Quorum share (BIPaper-DC2,
for example)
As with the off-box variables discussed earlier, we suggest including all of these variables and their
values in a script file that can be run with each of the on-box scripts that you run. Here is a sample script
block containing these variables, including default values for responses that are assumed in the paper.
8/12/2019 Deploy SQL Server Business Intelligence in Windows Azure Virtual Machines
22/90
Page 21of 89
# Variable Block...$domainNameFQ="BIPaper.local"$domainName="BIPaper"$dbServer="BIPaper-DB1"$dbServer2="BIPaper-DB2"$farmServiceAccount="SP_Farm"$reportingServiceAccount="SQL_Reporting"$cloudServiceName="BIPaper"
$clusterName="BIPaper-DB"$quorumServerName="BIPaper-DC2"
11. The Overall EnvironmentIn this document, we are going to build a SharePoint-based BI environment that has high availability
(HA) designed in at each level. The environment is illustrated in the following diagram. We start with
the Windows Azure infrastructure, and then we proceed through building:
Domain controllers (BiPaper-DC1, Bipaper-DC2)
Database servers (Bipaper-DB1, Bipaper-DB2)
PowerPivot servers (BiPaper-PP1, Bipaper-PP2)
SharePoint farm server (BiPaper-App1).
After the system is up and operational, we scale it out by adding:
Two Web Front End (WFE) servers (BiPaper-WFE1, BiPaper-WFE2) behind a Windows
Azure load balancer.
A second SharePoint application-tier server (BiPaper-App2) for HA
8/12/2019 Deploy SQL Server Business Intelligence in Windows Azure Virtual Machines
23/90
Page 22of 89
The following diagram shows the complete architecture used in this paper, including IP addresses, subnets, and computer names.
BIPaper.cloudapp.net WebNet
(172.16.4.0/24)
WebAffinityGroup
BIPaper-WFE1 BIPaper-WFE2
https://bipaper.cloudapp.net
Client
https Load Balancer
ADNet
(172.16.1.0/29)
AppAffinityGroup
BIPaper-DC1 BIPaper-DC2
AppNet
(172.16.3.0/24)
AppAffinityGroup
BIPaper-App1 BIPaper-App2
DBNet
(172.16.2.0/24)
PPAffinityGroup
BIPaper-PP1 BIPaper-PP2
DBAffinityGroup
BIPaper-DB1 BIPaper-DB2
8/12/2019 Deploy SQL Server Business Intelligence in Windows Azure Virtual Machines
24/90
Page 23of 89
12. Overview of the Deployment StepsThe following table lists the high-level steps to deploy a full-featured BI environment in IaaS. The steps walk you through
a deployment that is intended to illustrate several useful technologies and how they work together in a highly available
design. You may decide in your environment to not include some technologies.
# Step Description
1 Configure the Windows Azure
Environment
Configuration of the core elements of the Windows Azure
environment: affinity group, virtual networking, storage, and
cloud service.
2 Deploy Active Directory Domain
Services (AD DS)
Provisioning and configuration of two domain controllers to
support the environment and creation of user accounts for
services.
3 Configure SQL Server Database
Servers
Provisioning and configuration of two SQL Server database servers
to support highly available storage of the SharePoint databases.
4 Configure PowerPivot Servers Provisioning and configuration of two (or more) SQL Server
Analysis Services SharePoint mode servers to support loading of
PowerPivot workbooks.
5 Deploy the first SharePoint
Application/Central
Administration Server
Provisioning and configuration of the first SharePoint App-Tier
server, including Central Administration, Microsoft Excel Services,
Reporting Services, and PowerPivot.6 Configure AlwaysOn Availability
Groups
Configuring an availability group, including all of the SharePoint
databases that were created.
7 Deploy SharePoint Web Front
End Servers
Provisioning and configuration of multiple SharePoint Web Front
End servers to support Internet traffic.
8 Deploy Additional SharePoint
Application/Central
Administration Servers
Provisioning and configuration of additional SharePoint App-Tier
servers to support scaled-out load balancing.
8/12/2019 Deploy SQL Server Business Intelligence in Windows Azure Virtual Machines
25/90
Page 24of 89
13. Step 1: Configure the Windows Azure EnvironmentThe first step of the process is to configure the Windows Azure environment to make it ready for deploying our
virtual machines. If you are comfortable with creating a Windows Azure infrastructure on your own without the
samples, create the following infrastructure objects and skip to the sectionStep2: Deploy Active Directory Domain
Services.Otherwise, continue reading for the step-by-step instructions.
The following list describes the different elements this paper uses in the Windows Azure environment.
Important:The boldnames in the following list are names that are required through the remainder of this
paper. If you use different names, be sure to adjust the other scripts that use these names.
Affinity groupBIPaper-AffinityGroup
The affinity group that we create binds all of the infrastructure assets together. The affinity group lets Windows
Azure know that these different pieces (network, virtual machine, storage, and so on) are working together and
that they should be physically located near each other to reduce latency between the different parts of the
system.
Network:
NameBIPaper-Network
Affinity GroupBIPaper-AffinityGroup
Point-to-Site Address Space172.16.128.0/29 (this is necessary only if you are using point-to-site VPN)
Address Space172.16.0.0/17
Subnets:
ADNet172.16.1.0/29
DBNet172.16.2.0/24
AppNet172.16.3.0/24
WebNet172.16.4.0/24
Gateway172.16.127.0/29 (this is necessary only if you are using point-to-site VPN)
If you are configuring point-to-site VPN:
Create Gateway
Upload Root Certificate Configure VPN Connection
Cloud Service:
NameChoose a globally unique name (for this paper, we used bipaper)
Affinity GroupBIPaper-AffinityGroup
Storage Account:
NameChoose a globally unique name (for this paper, we used bipapersp)
Affinity GroupBIPaper-AffinityGroup
13.1. Create the Affinity GroupTo create the affinity group, run the following Windows Azure PowerShell command (use the variable/subscription block
withoutthe storage account).
New-AzureAffinityGroup`-Location$affinityGroupLocation`-Name$affinityGroupName`-Description$affinityGroupDescription`-Label$affinityGroupLabel
13.1.1. ValidationThere are two ways to verify that the affinity group has been created:
http://findicons.com/icon/2958/warning?id=29588/12/2019 Deploy SQL Server Business Intelligence in Windows Azure Virtual Machines
26/90
Page 25of 89
PortalIn the Windows Azure Management Portal (https://manage.windowsazure.com), click Settingsand then
click Affinity Groupsto verify that it exists (you might need to refresh the page).
Windows PowerShellRun the following Windows PowerShell command (include the same variable script
block used to run the command listed earlier). It should return the value True.
((Get-AzureAffinityGroup|where{$_.Name -eq$affinityGroupName}) -ne$NULL)
13.2. NetworkThe network that we will be creating provides subnets and address spaces for each virtual machine that we deploy. We
have divided our network up as follows:
Address Space172.16.0.0/17. This is the total possible pool of IP addresses that can be assigned in our virtual
network. There are 32,763 usable addresses.
Point-to-Site Address Space172.16.128.0/29. This is the address space allocated to the machines that connect
via the point-to-site VPN feature. There are six usable addresses. Subnets: The subnets defined here are strictly for logical grouping of machines.
ADNet172.16.1.0/29. This is the address space allocated to our Active Directory servers. There are
three usable addresses.
DBNet172.16.2.0/24. This is the address space allocated to our database servers, There are 251 usable
addresses.
AppNet172.16.3.0/24. This is the address space allocated to our app-tier servers. There are 251 usable
addresses.
WebNet172.16.4.0/24. This is the address space allocated to our web servers. There are 251 usable
addresses.
Gateway172.16.127.0/29. This is a subnet used by the internal gateway. There are three usable
addresses.
13.2.1. Create the Virtual NetworkThe way that the network is created depends on whether you have existing virtual networks defined. If your subscription
has existing networks defined, you can merge the new network configuration into the existing configuration. If your
subscription does not have existing networks defined, you can create the entire network from scratch. The script in step
3 automatically detects which scenario you have and acts accordingly.
Here are the steps for network creation:
8/12/2019 Deploy SQL Server Business Intelligence in Windows Azure Virtual Machines
27/90
Page 26of 89
1) Save the following XML block into a file named C:\Temp\NetworkDef.xml.
172.16.0.0/17
172.16.1.0/29
172.16.2.0/24
172.16.3.0/24
172.16.4.0/24
172.16.127.0/29
172.16.128.0/29
2) Save the following XML block into a file named C:\Temp\NetworkDef-Full.xml.
172.16.0.0/17
172.16.1.0/29
172.16.2.0/24
172.16.3.0/24
172.16.4.0/24
172.16.127.0/29
172.16.128.0/29
3) Run the following Windows Azure PowerShell (use the variable/subscription block withoutthe storage account).
# Get a temporary path for the network config...$networkTempPath=[IO.Path]::GetTempFileName()
8/12/2019 Deploy SQL Server Business Intelligence in Windows Azure Virtual Machines
28/90
Page 27of 89
# Get the current network configuration...Get-AzureVNetConfig-ExportToFile$networkTempPath
# Determine whether we got the network configuration...if((Test-Path$networkTempPath) -eq$false){
# Didn't get a config file...# Load the full network config...[string]$networkConfig=Get-Content("C:\Temp\NetworkDef-Full.xml")# Replace the placeholder name and affinity group with the variable values...$networkConfig=$networkConfig.Replace("placeholder-network",
$virtualNetworkName).Replace("placeholder-affinitygroup",$affinityGroupName)# Save the network configuration...$networkConfig.Save($networkTempPath)
}else{
# Got a config file...# Load the config file...[xml]$networkConfig=Get-Content$networkTempPath
# Check for VirtualNetworkSites node...if
($networkConfig.Item("NetworkConfiguration").Item("VirtualNetworkConfiguration").Item("VirtualNetworkSites") -eq$NULL)
{# VirtualNetworkSites node not found...create one...$virtualNetworkNamespace=
"http://schemas.microsoft.com/ServiceHosting/2011/07/NetworkConfiguration"$vncNode=$networkConfig.CreateNode("element","VirtualNetworkSites",$virtualNetworkNamespace)
$networkConfig.Item("NetworkConfiguration").Item("VirtualNetworkConfiguration").AppendChild($vncNode)
}
# Merge in the predefined configuration...# Load the network config fragment...[string]$networkConfigNode=Get-Content("C:\Temp\NetworkDef.xml")# Replace the placeholder name and affinity group with the variable values...$networkConfigNode=$networkConfigNode.Replace("placeholder-network",
$virtualNetworkName).Replace("placeholder-affinitygroup",$affinityGroupName)# Merge the fragment into the full file...
$networkConfig.Item("NetworkConfiguration").Item("VirtualNetworkConfiguration").Item("VirtualNetwor
kSites").InnerXML +=$networkConfigNode# Save the network configuration...$networkConfig.Save($networkTempPath)
}
# Upload the network configuration...Set-AzureVNetConfig-ConfigurationPath$networkTempPath
# Clean up the temporary file...Remove-Item-Path$networkTempPath
13.2.2. ValidationThere are two ways to verify that the network has been created:
PortalIn the Windows Azure Management Portal, click Networksand verify that the network exists (you might
need to refresh the page); also review the configuration to make sure it looks like what was defined earlier in
the paper.
Windows PowerShellRun the following Windows PowerShell command (include the same variable script
block used to run the command listed earlier). It should return the value True.
8/12/2019 Deploy SQL Server Business Intelligence in Windows Azure Virtual Machines
29/90
Page 28of 89
((Get-AzureVnetSite|Where{$_.Name -eq$virtualNetworkName}) -ne$NULL)
13.2.3. Point-to-Site VPNIf you want to use the point-to-site VPN capabilities (as of this writing, the feature is in a preview state), complete the
configuration as outlined here:http://msdn.microsoft.com/en-
us/library/windowsazure/dn133792.aspx#bkmk_CreatingVNET (starting with the Create a dynamic routing gateway
heading; everything prior to that has already been completed through the network configuration). If you chose not to
not the point-to-site VPN functionality, you will need to remove the -NoRDPEndpoint switch from the Add-
AzureProvisioningConfig commands foryour virtual machines. This change allows Windows Azure to create a RDPendpoint that you can use to connect to the machine.
13.3. Cloud ServiceThe cloud service provides a container for all of the virtual machines to live in, as well as a public IP and DNS entry for us
to use for access. It is possible to have multiple cloud services sharing a single virtual network, but for this paper we
have only one.
13.3.1. Create the Cloud ServiceTo create the cloud service, run the following Windows Azure PowerShell command (use the variable/subscription block
withoutthe storage account).
New-AzureService`-AffinityGroup$affinityGroupName`-ServiceName$cloudServiceName`-Description$cloudServiceDescription`-Label$cloudServiceLabel
13.3.2. ValidationThere are two ways to verify that the cloud service was created:
PortalIn the Windows Azure Management Portal, click Cloud Servicesand then verify that the cloud service
exists (you might need to refresh the page).
PowerShellRun the following Windows PowerShell command (include the same variable script block used to
run the command listed earlier). It should return the value True.
((Get-AzureService|where{$_.ServiceName -eq$cloudServiceName}) -ne$NULL)
13.4. Storage AccountFor the purposes of this paper, we will put all of our resources into a single storage account. This may not be the optima
situation for a high-throughput production system (especially if you have database servers that perform a large number
of storage transactions). There is one reason, however, to put multiple virtual machines into a single storage accountcustom-built images (which we discuss later in the paper).
13.4.1. Create the Storage AccountTo create the storage account, run the following Windows Azure PowerShell command (use the variable/subscription
block withoutthe storage account defined).
New-AzureStorageAccount`-StorageAccountName$storageAccountName`-Label$storageAccountLabel`-AffinityGroup$affinityGroupName
http://msdn.microsoft.com/en-us/library/windowsazure/dn133792.aspx#bkmk_CreatingVNEThttp://msdn.microsoft.com/en-us/library/windowsazure/dn133792.aspx#bkmk_CreatingVNEThttp://msdn.microsoft.com/en-us/library/windowsazure/dn133792.aspx#bkmk_CreatingVNEThttp://msdn.microsoft.com/en-us/library/windowsazure/dn133792.aspx#bkmk_CreatingVNEThttp://msdn.microsoft.com/en-us/library/windowsazure/dn133792.aspx#bkmk_CreatingVNEThttp://msdn.microsoft.com/en-us/library/windowsazure/dn133792.aspx#bkmk_CreatingVNET8/12/2019 Deploy SQL Server Business Intelligence in Windows Azure Virtual Machines
30/90
Page 29of 89
13.4.2. ValidationThere are two ways to verify that the storage account was created:
PortalIn the Windows Azure Management Portal, click Storageand then verify that the storage account exists
(you might need to refresh the page).
Windows PowerShellRun the following Windows PowerShell command.
((Get-AzureStorageAccount|where{$_.StorageAccountName -eq$storageAccountName}) -ne$NULL)
At this point, your Windows Azure environment should be configured and ready for us to move on to creating the actual
virtual machines.
To Overview of the deployment steps
8/12/2019 Deploy SQL Server Business Intelligence in Windows Azure Virtual Machines
31/90
Page 30of 89
14. Step2: Deploy Active Directory Domain ServicesNow that our Windows Azure infrastructure is in place, we need to start building out the virtual machines that will
support the BI scenario. This starts with two domain controllers (BIPaper-DC1 and BIPaper-DC2). We need two domain
controllers for high availability and to meet the Windows Azure SLA (which requires two or more machines in the same
rolein this case the role is domain controller). One of the machines will have a share on it to hold our installation
media for the other servers that we build, and the other machine will have a share that will serve as the quorum share
for the Windows Failover Cluster that we build in a later step. It is a best practice to put your Active Directory databases
on a disk that does not have write caching enabled (the C: drive of your VM will have caching enabled, and you shouldnot change that setting), so that will be part of our build-out procedure. Another thing that we learned in testing is that
the Windows Azure DNS server automatically gets added to the first domain controller as a forwarder. In the scripts we
remove this automatic configuration.
At the end of this section, you will have an environment that looks like this:
First Domain Controller:
Server NameBIPaper-DC1
Storage Account
Domain/Forest NameBIPaper.local
Domain/Forest Functional LevelWindows Server 2012
Acting as a DNS Server
Active Directory Sites and Subnets Created to match the Virtual Network definition
Attached Disk50 GB for Active Directory databases (scripts format as Z)
Network SubnetADNet
Availability SetADAvailabilitySet
Server added to Windows Azure Virtual Network as a DNS server
Second Domain Controller:
Server NameBIPaper-DC2
Storage Account
Domain/Forest NameBIPaper.local
Domain/Forest Functional LevelWindows Server 2012
Acting as a DNS Server
Attached Disk50 GB for Active Directory databases (scripts format as Z)
Network SubnetADNet
Availability SetADAvailabilitySet
Server added to Windows Azure Virtual Network as a DNS server
Public ShareQuorum
Change access granted to everyone
If you feel comfortable creating this environment on your own, you can do so and then skip to the Service User
Accounts section.
14.1. First Domain ControllerThe first domain controller that we will create provides the foundation for all other machines that we build. It serves as
not only an Active Directory server, but also as an internal DNS server for name resolution between our VMs. As with all
of the virtual machines we will be creating, the first step is a Windows Azure PowerShell command that runs off-box and
creates the machine itself. The remaining steps are Windows PowerShell commands that run while you are logged into
the VM.
8/12/2019 Deploy SQL Server Business Intelligence in Windows Azure Virtual Machines
32/90
Page 31of 89
14.1.1. Provision VMThis is the only off-box task within the scope of creating the first domain controller. All other scripts are run in a remote
desktop session on the machine. This script consists of the following elements:
Variable BlockThis section gathers information (in addition to the standard variable block you provide as
outlined earlier in the document).
VM CreationThis section (starting with the comment Creating the virtual machine) consists of the
following Windows Azure commands:
New-AzureVMConfig This command begins the definition of the virtual machine. It sets the name, size,image, vhd location and label, and availability set.
Add-AzureProvisioningConfig This command determines how Windows Azure should provision the VM
defined in the last command. It tells Windows Azure that this will be a Windows machine, that
automatic updates should be disabled (you can turn this back on if you want), that there should not be
endpoints for RDP or Remote Windows PowerShell, and what the administrator user and password
should be.
Set-AzureSubnetThis command defines what subnet the virtual machine should be deployed into.
Add-AzureDataDisk This command attaches an empty disk to the virtual machine when it is created.
The command defines the size and storage location of the disk, as well as the LUN and cache setting.
New-AzureVMThis command creates the virtual machine that was defined in the earlier commands. In
addition to the information gathered from the earlier commands, it defines the cloud service and virtual
network that should be used. The script loops until creation of the VM is complete and the script writes
a status to the screen every 15 seconds.
DNS CreationThis section (starting with the comment DNS Variables) consists of the following sections:
DNS VariablesA set of variables used to create a DNS entry in the virtual network.
Get the Windows Azure Network Configuration FileLoads the current virtual network configuration.
Check for DNS NodeChecks the network configuration XML for a DNS node and creates one if it does
not exist.
Check for DnsServers NodeChecks the network configuration XML for a DnsServers node and creates
one if it does not exist.
Add DNS Server EntryAdds the newly created domain controller as an available DNS server.
Add DNS Servers ReferenceChecks the network configuration XML for a DnsServersRef node in the
papers virtual network and creates one if it does not exist.
Add DNS Server ReferenceChecks the network configuration XML for a DnsServerRef node in the
papers virtual network and creates one if it does not exist.
Save the Network ConfigurationSaves the network configuration XML.
Update the Network ConfigurationUploads the updated network configuration to Windows Azure.
Clean Up After YourselfCleans up the temporary file used for the network configuration.
To create the first domain controller, run the following Windows Azure PowerShell command (use the
variable/subscription block withthe storage account defined).
# Get the name for the VM...$vmName="BIPaper-DC1"
# Get the admin user name for the VM...$vmAdminUserName=Read-Host-Prompt"Server Administrator User Name"
# Ask for the password that should be used for the server and convert it to a format usable by thecommands...$vmAdminPasswordSecure=Read-Host-AsSecureString-Prompt"Server Administrator Password"$stringMarshal=[System.Runtime.InteropServices.Marshal]::SecureStringToBSTR($vmAdminPasswordSecure)$vmAdminPassword=[System.Runtime.InteropServices.Marshal]::PtrToStringAuto($stringMarshal)
8/12/2019 Deploy SQL Server Business Intelligence in Windows Azure Virtual Machines
33/90
Page 32of 89
# Get the name of the VM Image to use...$vmImageName=(Get-AzureVMImage|Where{ $_.Category -eq"Microsoft Windows Server Group"-and$_.Label -like"Windows Server 2012 Datacenter*"} |Sort-ObjectPublishedDate-Descending|SELECTImageName)[0].ImageName
# Set the location for the .vhd files...$storageAccountContainer="https://"+$storageAccountName+".blob.core.windows.net/vhds/"$vmVHDLocation=$storageAccountContainer+$vmName+".vhd"$vmADVHDLocation=$storageAccountContainer+$vmName+"_ADData.vhd"$vmADVHDName=$vmName+" AD Data"
# Create the virtual machine...Write-Host"Creating the VM..."New-AzureVMConfig`
-Name$vmName`-InstanceSizeSmall`-ImageName$vmImageName`-MediaLocation$vmVHDLocation`-DiskLabel"OS"`-AvailabilitySetName"ADAvailabilitySet"|Add-AzureProvisioningConfig`
-Windows`-DisableAutomaticUpdates`-DisableWinRMHttps`-NoRDPEndpoint`-AdminUsername$vmAdminUserName`-Password$vmAdminPassword|Set-AzureSubnet`
-SubnetNames"ADNet"|Add-AzureDataDisk`-CreateNew`-DiskSizeInGB"50"`-MediaLocation$vmADVHDLocation`-DiskLabel$vmADVHDName`-LUN0`-HostCaching"None"|New-AzureVM`
-ServiceName$cloudServiceName`-VNetName$virtualNetworkName
# Loop until Status = ReadyRole...Write-Host"`tWaiting for Provisioning to Complete..."$VMStatus=Get-AzureVM-name$vmName-ServiceName$cloudServiceName
While($VMStatus.InstanceStatus -ne"ReadyRole")
{ write-host"`t`tWaiting...Current Status = "$VMStatus.InstanceStatusStart-Sleep-Seconds15$VMStatus=Get-AzureVM-name$vmName-ServiceName$cloudServiceNam