Hello Everyone,
This blog is to about Console Connect, it's features & why it is required on Windows Azure Pack Tenant portal.
To see Microsoft Windows Azure Pack (PRIVATE CLOUD - WAP) - INTRODUCTION - Part 1, Click Here!
To see Microsoft Windows Azure Pack (PRIVATE CLOUD - WAP) - Components & Deployment Types- Part 2, Click Here!
To see Microsoft Windows Azure Pack (PRIVATE CLOUD - WAP) - Complete Setup Deployment Requirement - Part 3, Click Here!
To see Microsoft Windows Azure Pack (PRIVATE CLOUD - WAP) - WAP Architecture (STANDALONE & HIGH AVAILABILITY) - Part 4, Click Here!
To see Microsoft Windows Azure Pack (PRIVATE CLOUD - WAP) - WAP Components Sizing - Part 5, Click Here!
To see Microsoft Windows Azure Pack (PRIVATE CLOUD - WAP) - Installation & Configurations - Part 6, Click Here!
To see Microsoft Windows Azure Pack (PRIVATE CLOUD - WAP) - Integration process with SPF and SCVMM & Post Configurations - Part 7, Click Here!
This blog is to about Console Connect, it's features & why it is required on Windows Azure Pack Tenant portal.
To see Microsoft Windows Azure Pack (PRIVATE CLOUD - WAP) - INTRODUCTION - Part 1, Click Here!
To see Microsoft Windows Azure Pack (PRIVATE CLOUD - WAP) - Components & Deployment Types- Part 2, Click Here!
To see Microsoft Windows Azure Pack (PRIVATE CLOUD - WAP) - Complete Setup Deployment Requirement - Part 3, Click Here!
To see Microsoft Windows Azure Pack (PRIVATE CLOUD - WAP) - WAP Architecture (STANDALONE & HIGH AVAILABILITY) - Part 4, Click Here!
To see Microsoft Windows Azure Pack (PRIVATE CLOUD - WAP) - WAP Components Sizing - Part 5, Click Here!
To see Microsoft Windows Azure Pack (PRIVATE CLOUD - WAP) - Installation & Configurations - Part 6, Click Here!
To see Microsoft Windows Azure Pack (PRIVATE CLOUD - WAP) - Integration process with SPF and SCVMM & Post Configurations - Part 7, Click Here!
To see Microsoft Windows Azure Pack (PRIVATE CLOUD - WAP) - Tenant Portal Login overview & Configure Public Access - Part 8, Click Here!
Let'start with understanding the concept of Console Connect for Tenant Virtual Machines...
ABOUT CONSOLE CONNECT:
Remote
Console provides tenants with the ability to access the console of their
virtual machines in scenarios when other remote tools (or Remote Desktop) are
unavailable. Tenants can use Remote Console to access virtual machines when the
virtual machine is on an isolated network, an untrusted network, or across the
Internet.
WHY REMOTE CONSOLE IS REQUIRED FOR TENANT:
Once a private cloud is established the cloud providers expect
tenants to create, operate and manage the virtual machine using self-service
portal. Once you deploy private cloud using Microsoft window azure portal, it’s
easy to take Terminal Server or Console access via RDP protocol if you are in
same Subnet or routable subnet of the host and virtual machine.
If tenants want to access their Virtual machine infrastructure via
Internet using a browser the same is not offered in default installation. This
feature becomes key requirement for ISPs and Enterprise cloud providers- called
as Remote console Connect feature.
Remote Console provides tenants and cloud administrator with the
ability to access the console of their virtual machines in scenarios when other
remote tools (or Remote Desktop) are unavailable.
Tenants & Cloud administrators can use Remote Console to access
virtual machines when the virtual machine is on an isolated network, an
untrusted network, or across the Internet.
This feature is
required for below mentioned functionalities:
- Hyper-V Manager let you connect to the VM without any network connectivity, and copy files between the host and VM.
- Using USB with the virtual machine.
- Printing from a virtual machine to a local printer
- Take advantage of all of the above, without any network connectivity
- Deliver 100% IAAS to customers/tenants. Infrastructure as a Service will give the tenants the opportunity to deploy virtual machines, virtual storage and virtual networks. In other words, all of the fabric content is managed by the service provider (Networking, Storage, and Hypervisor) and the tenants simply get an operating system within a virtual machine. Now, to truly deliver that, through the power of self-service, without any interaction from the service provider, we must also support that the tenants can do whatever they want with this particular virtual machine
WHY REMOTE DESKTOP SERVER IS REQUIRED?
Windows Server 2012 R2 – Hyper-V
introduced us for many new innovations, and a thing called “Enhanced VM session
mode”, or “RDP via VMBus” was a feature that no one really cared about at
first.
To put it simple: The traditional
VMConnect session you initiate when connecting to a virtual machine (on port
2179 to the host, that then exposes the virtual machine) now supports
redirecting local resources to a virtual machine session. This has not been
possible before, unless you are going through a TCP/IP RDP connection directly
to the guest – that indeed required network access to the guest.
Hyper-V’s architecture has
something called “VMBus” which is a communication mechanism (high-speed memory)
used for interpretation communication and device enumeration on systems with
multiple active virtualized partitions. If you do not install the Hyper-V role,
the VMBus is not used for anything. But when Hyper-V is installed, the VMBus
are responsible for communication between parent/child with the Integration
Services installed.
The virtual machines (guests/child
partitions) do not have direct access to the physical hardware on the host.
They are only presented with virtual views (synthetic devices). The synthetic
devices take advantages when Integration Services is installed for storage,
networking, graphics, and input system. The Integration Services is a very
special virtualization aware implementation, which utilizes the VMBus directly,
and bypasses any device emulation layer.
In
other words: The enhanced session
mode connection uses a Remote Desktop Connection session via the VMBus, so no
network connection to the virtual machine is required.
Remote Desktop Gateway (RD
Gateway) can only be used for console access to virtual machines. When you
configure RD Gateway, a configuration change occurs, which makes the gateway
unusable for other purposes. The following tasks are completed when you
configure RD Gateway:
- Deploy RD Gateway and install the authentication plug-in.
- Install the certificate.
- Configure trusted issuer certificates (by using WMI).
- Create a certificate for RD Gateway.
PREREQUISITES TO CONFIGURE CONSOLE CONNECT FEATURE:
- Windows Server 2012 R2 – Hyper-V
- System Center 2012 R2 – Virtual Machine Manager
- System Center 2012 R2 – Service Provider Foundation (which was introduced in SP1)
- Windows Azure Pack
- Remote Desktop Gateway
- Certificates on SCVMM, Hyper-V hosts (which are added in SCVMM server) and Remote Desktop Gateway server.
In my next post, I will show how to configure & test console connect feature in Windows Azure Pack environment.
Share Your feedback or any query!!!
Happy Reading!!!
If You like my post then follow my updates:
Join my Facebook group for updates on trending technologies/technical references/issues etc:
good post
ReplyDelete