XenServer Management on Steroids with SCVMM 2012 Part 5
In Part 4 we discussed how to assign resources to your Private Cloud as well as creating and defining roles. Now In Part 5 we are going to get into App Controller 2012, which as we mentioned in Part 1is the successor to SCVMM Self-Service portal.
Note: This section assumes App Controller 2012 is successfully installed. If it is not installed, the installation was references as part of the Prerequisites section in to Part 1. For your convenience I’ve copied the section App Controller 2012 Installation and inserted it below.
App Controller 2012 Installation-In order to provide the XenServer lacking advanced delegation of administration, either Self-Service portal or the App Controller are required. I chose to focus on the App Controller as it’s the successor to the Self-Service Portal. I’m not going to dive into the installation, because there are plenty of articles out there going over the installation. Instead, I’ll point you to a few good resources for the installation. I will say the Installation is VERY straight forward, and will install the prerequisites for you (.NET 4, IIS role, Silverlight) if they are not installed already.
I should also note, If your testing in the lab, you should be aware that only one instance of App Controller can be installed per SQL Instance. This is detailed in the Official TechNet documentation below.
- Understanding App Controller 2012– Great Overview
- Microsoft TechNet App Controller 2012 Installation– Official Installation Instructions
- Installing App Controller 2012 – Great Overview
Configuring App Controller
Finally! We are at the point where we actually log into App Controller and see the advanced delegation of administration / Self-Service functionality in action!
1. Before we can login as one of the delegated users, we’ll need to configure App Controller to talk to SCVMM. This is done by launching the App Controller website and logging in with your administrator credentials. Once logged in you will see an option shown in Figure 57to “Connect a Virtual Machine Manager server and clouds” select this to continue.
2. In the “Add a new VMM Connection” dialog, enter your Connection Name, Description, and your SCVMM Server name and port. Be sure to check the “Automatically import SSL certificates” check box. Figure 58show’s a sample connection. Click “OK” when your ready to add this connection.
3. Once the new connection is added, click on the “Clouds” Icon on the left viewing pane. As you can see in Figure 59 the private clouds you previously created are listed. If nothing is shown, check the “Jobs” tab to make sure your SCVMM server connection was completed successfully.
Logging into App Controller as a delegated admin
Now that App Controller is setup, we can actually test logging in as one of the user’s we added as a member of our newly created role. If you recall in Part 3, we defined a scope which is attached to the Private Cloud.
1. In order to launch App Controller, open Internet Explorer & connect to the FQDN of your App Controller server. As shown in Figure 59 You will be prompted for your credentials to sign in. For purposes of this blog, I’m going to login as “School_ABC” which as you can see from above has specific rights in the “School ABC VM Admins” role. Once we login, I’ll only have the permissions as specified in Figure 53 above. Once you click “Sign in” you will see a splash screen like in Figure 60
2. Once signed in you will see a similar screen to the one below in Figure 61. Take note to the annotations I marked below. You can see at the top right it displays “School_ABC” as the logged in user. Also notice “1 Virtual Manager Cloud” is shown. If you look under “Services and Virtual Machines” and you will see that two “Virtual Machines” are assigned to this private cloud,
3. To further dig into your delegated environment see Figure 62click on the “Clouds” tab in the left viewing pane. Now in your right viewing pane you should see your Private Cloud that you defined in your role under the scope section.
4. Now, that we confirmed we have our private cloud, let’s confirm we have our two resources we defined under our newly defined role which is assigned to the School ABC Private cloud. As seen in Figure 63 Both of my Virtual Machines are shown below. You should verify that the machines shown, are in fact the machines which you added as resources in the “defining a role section” in Part 3.
There are a lot more options and configuration setting’s available in App Controller. The purpose of this post was to give you an opportunity to get your feet wet and show you how to add this functionality to your XenServer enterprise deployment. App Controller is more than just advanced delegation of Administration it’s about Self-Service and orchestration. I highly recommend digging deeper into App Controller. I’m going to be writing more blog post’s on it, as I see lot’s of value in the SCVMM product.
One of the item’s which I didn’t touch on is Libraries. Having a Library defined to a private cloud allows you to have a separate ISO store/ Templates, or a shared ISO store across your Private Clouds that your delegated admin’s use. This is a VERY nice feature! Also note, the current user logged in will ONLY be able to perform the actions you specified when configuring the role.
That’s it for Part 5, I will be doing a bit more of a deep dive in Part 7 on App Controller 2012 SP1 and discuss the new features. This concludes my first main pain point with XenServer “Delegation of Administration” up next in Part 6 – Creating Resource affinity rules AKA Custom Placement Rules we will get into my second pain point “Lack of Affinity rules”. As always, feel free to comment and make suggestions. I look forward to your feedback!