Sunday, 23 April 2017

Microsoft Windows Azure Pack (PRIVATE CLOUD - WAP) - Console Connect Feature - Part 9

Hello Everyone,

This blog is to about Console Connect, it's features & why it is required on Windows Azure Pack Tenant portal.

To see Microsoft Windows Azure Pack (PRIVATE CLOUD - WAP) - INTRODUCTION - Part 1, Click Here!

To see Microsoft Windows Azure Pack (PRIVATE CLOUD - WAP) - Components & Deployment Types- Part 2, Click Here!


To see Microsoft Windows Azure Pack (PRIVATE CLOUD - WAP) - Complete Setup Deployment Requirement - Part 3, Click Here!

To see Microsoft Windows Azure Pack (PRIVATE CLOUD - WAP) - WAP Architecture (STANDALONE & HIGH AVAILABILITY) - Part 4, Click Here!

To see Microsoft Windows Azure Pack (PRIVATE CLOUD - WAP) - WAP Components Sizing - Part 5, Click Here!

To see Microsoft Windows Azure Pack (PRIVATE CLOUD - WAP) - Installation & Configurations - Part 6, Click Here!

To see Microsoft Windows Azure Pack (PRIVATE CLOUD - WAP) - Integration process with SPF and SCVMM & Post Configurations - Part 7, Click Here!

To see Microsoft Windows Azure Pack (PRIVATE CLOUD - WAP) - Tenant Portal Login overview & Configure Public Access  - Part 8, Click Here!


Let'start with understanding the concept of Console Connect for Tenant Virtual Machines...

ABOUT CONSOLE CONNECT:


Remote Console provides tenants with the ability to access the console of their virtual machines in scenarios when other remote tools (or Remote Desktop) are unavailable. Tenants can use Remote Console to access virtual machines when the virtual machine is on an isolated network, an untrusted network, or across the Internet.


WHY REMOTE CONSOLE IS REQUIRED FOR TENANT:


Once a private cloud is established the cloud providers expect tenants to create, operate and manage the virtual machine using self-service portal. Once you deploy private cloud using Microsoft window azure portal, it’s easy to take Terminal Server or Console access via RDP protocol if you are in same Subnet or routable subnet of the host and virtual machine.

If tenants want to access their Virtual machine infrastructure via Internet using a browser the same is not offered in default installation. This feature becomes key requirement for ISPs and Enterprise cloud providers- called as Remote console Connect feature.

Remote Console provides tenants and cloud administrator with the ability to access the console of their virtual machines in scenarios when other remote tools (or Remote Desktop) are unavailable.

Tenants & Cloud administrators can use Remote Console to access virtual machines when the virtual machine is on an isolated network, an untrusted network, or across the Internet.


This feature is required for below mentioned functionalities:
  • Hyper-V Manager let you connect to the VM without any network connectivity, and copy files between the host and VM.
  • Using USB with the virtual machine.
  • Printing from a virtual machine to a local printer
  • Take advantage of all of the above, without any network connectivity
  • Deliver 100% IAAS to customers/tenants. Infrastructure as a Service will give the tenants the opportunity to deploy virtual machines, virtual storage and virtual networks. In other words, all of the fabric content is managed by the service provider (Networking, Storage, and Hypervisor) and the tenants simply get an operating system within a virtual machine. Now, to truly deliver that, through the power of self-service, without any interaction from the service provider, we must also support that the tenants can do whatever they want with this particular virtual machine


WHY REMOTE DESKTOP SERVER IS REQUIRED?



Windows Server 2012 R2 – Hyper-V introduced us for many new innovations, and a thing called “Enhanced VM session mode”, or “RDP via VMBus” was a feature that no one really cared about at first.

To put it simple: The traditional VMConnect session you initiate when connecting to a virtual machine (on port 2179 to the host, that then exposes the virtual machine) now supports redirecting local resources to a virtual machine session. This has not been possible before, unless you are going through a TCP/IP RDP connection directly to the guest – that indeed required network access to the guest.

Hyper-V’s architecture has something called “VMBus” which is a communication mechanism (high-speed memory) used for interpretation communication and device enumeration on systems with multiple active virtualized partitions. If you do not install the Hyper-V role, the VMBus is not used for anything. But when Hyper-V is installed, the VMBus are responsible for communication between parent/child with the Integration Services installed.

The virtual machines (guests/child partitions) do not have direct access to the physical hardware on the host. They are only presented with virtual views (synthetic devices). The synthetic devices take advantages when Integration Services is installed for storage, networking, graphics, and input system. The Integration Services is a very special virtualization aware implementation, which utilizes the VMBus directly, and bypasses any device emulation layer.

In other words: The enhanced session mode connection uses a Remote Desktop Connection session via the VMBus, so no network connection to the virtual machine is required.

Remote Desktop Gateway (RD Gateway) can only be used for console access to virtual machines. When you configure RD Gateway, a configuration change occurs, which makes the gateway unusable for other purposes. The following tasks are completed when you configure RD Gateway:

  • Deploy RD Gateway and install the authentication plug-in.
  • Install the certificate.
  • Configure trusted issuer certificates (by using WMI).
  • Create a certificate for RD Gateway.

PREREQUISITES TO CONFIGURE CONSOLE CONNECT FEATURE:


  • Windows Server 2012 R2 – Hyper-V
  • System Center 2012 R2 – Virtual Machine Manager
  • System Center 2012 R2 – Service Provider Foundation (which was introduced in SP1)
  • Windows Azure Pack
  • Remote Desktop Gateway
  • Certificates on SCVMM, Hyper-V hosts (which are added in SCVMM server) and Remote Desktop Gateway server.



In my next post, I will show how to configure & test console connect feature in Windows Azure Pack environment. 




Share Your feedback or any query!!!


Happy Reading!!!

If You like my post then follow my updates:


Join my Facebook group for updates on trending technologies/technical references/issues etc: