Installing CT-VL on Azure Stack Hub
Note
To obtain the CT-VL image for Azure Stack Hub, download the CT-VL VHD image from Thales Customer Support Portal.
Prerequisites to Install CT-VL on Azure Stack Hub
A virtual machine and a subnet.
Minimum recommended settings for a CT-VL VM: 4 CPUs, 16GB memory.
Note
The network security group defines the firewall rules of the CT-VL virtual machine. At a minimum, incoming ports must allow port 22 (SSH) and port 443 (HTTPS).
If your cluster nodes are located in different resource groups, you also need to add port 5432 to the allowed incoming ports. However, if all your cluster nodes are in the same resource group, do not add port 5432, because nodes inside a resource group do not need any firewall permissions to communicate with one another.
Create the Azure VM
Log in to Azure Stack Hub.
Upload the CT-VL VHD image into the Azure Stack Hub storage container. The CT-VL VHD image is of dynamic format. To upload a VHD image to Azure Stack Hub, the VHD image must be in fixed format. Convert the VHD image to fixed format before uploading to the Azure Stack Hub storage container. If you use the 'azure-vhd-utils' tool, you can use the dynamic VHD image to upload and it will convert automatically to fixed format when it saves to the Azure Stack Hub.
Navigate to Virtual Machines menu. Supply the following information to create a virtual machine:
VM name: name of the VM you want to use, for example,
my-CT-VL-2.6.0-azure-vm.VM disk type: SSD or HDD.
User name: Not required by CT-VL, but Azure needs this data to create a VM. This user name entry is not retained by CT-VL and is not used as a CT-VL credential.
Authentication type: Also not required by CT-VL, but required for Azure to create a VM. This authentication type entry is not retained by CT-VL and does affect the CT-VL configuration.
Resource group: You may create a new resource group or use an existing one. If you plan to create a cluster of CT-VL machines, it is recommended that all cluster nodes use the same resource group, so that they can communicate with one another without having to use a public static IP address or enable an incoming port in the firewall.
Location: For example, “West-US”.
Subnet and subnet address range:
Static or dynamic public IP address: Use a static IP address if you expect your cluster to span multiple resource groups.
Configuration Notes
To begin configuration, ssh into the instance as the cliadmin user using the public IP address, and follow the steps in Configuring the CT-VL System.
Note that on Azure, you will not configure the CT-VL network settings. Azure automatically configures these parameters for the CT-VL VM:
Internal and subnet IP addresses are provided to the VM through DHCP.
For CT-VL clusters, create an instance for each node in the cluster. Then configure each node separately, and join the nodes in a cluster.
When creating or joining a cluster, if you have all the cluster nodes in the resource group, you must use the same internal or subnet IP address used by the VM.
When adding a node to the cluster, you must always use the internal or subnet IP address of the new CT-VL VM node.
