locked
How to setup ATA in Azure VM? RRS feed

  • Question

  • Hey guys,

    Been trying to prepare my Azure VM.

    In order to deploy ATA, I need 2 IP addresses, correct?

    Please could someone guide me on how to do that (exactly) inside an Azure VM?

    Thank you


    • Edited by Shim Kwan Friday, June 17, 2016 3:36 AM
    Friday, June 17, 2016 3:35 AM

All replies


  • Hi, ATA has 2 components, ATA Center (main server with web interface and central database) and ATA (Lightweight) Gateway (a server used for monitoring DC traffic and events). Which one of these components would you like to deploy in Azure?
    Saturday, June 18, 2016 9:53 AM
  • I'd like to setup ATA Center on one VM (with 2 IPs, as per installation requirement).

    ATA Lightweight Gateway will be deployed on the domain controller, which is another VM.


    • Edited by Shim Kwan Sunday, June 19, 2016 9:41 AM
    Sunday, June 19, 2016 9:40 AM
  • As I understand it, having 2 IP addresses is not a requirement, just a recommendation and the default configuration. I would stick to using just 1 IP address in Azure.

    Here is a screenshot from the most important step in configuring ATA Center:

    ATA Center Installer

    If 10.0.0.4 is the IP address you assigned to the Azure VM, fill the blanks in this way:

    • ATA Center Service IP address : port - 10.0.0.4 : 8443
    • ATA Console IP address - 10.0.0.4

    As for the certificate, I would again use the same one for both purposes, for the sake of simplicity. Its purpose must be Server Authentication and must contain the ATA Center's IP address and DNS name in the Subject Alternative Name (SAN) section. I basically use a template for Web Servers and just add the correct SANs to the request.

    Deployment of ATA Lightweight Gateway on a DC in Azure is pretty straightforward, you just need to click the "Next" button several times and enter ATA administrative credentials on one of the screens. I typically use self-signe certificates on ATA gateways, to minimize the management overhead required for certificate changes, as Windows certificate autoenrollment does not support adding IP addresses to the SAN section.

    Sunday, June 19, 2016 10:04 AM
  • Thanks Michael, that worked for the installation of the ATA Center.

    However, for learning purposes, I still would love to know how to setup another IP address inside a Azure VM...

    • Edited by Shim Kwan Monday, June 20, 2016 10:20 PM
    Monday, June 20, 2016 1:58 AM
  • You can add multiple IP address in Azure VM if required. It depends on the "type" of the VMs. Review the following article for more info:

    https://azure.microsoft.com/en-us/documentation/articles/virtual-networks-multiple-nics/


    Santhosh Sivarajan | Houston, TX | www.sivarajan.com
    ITIL,MCITP,MCTS,MCSE (W2K3/W2K/NT4),MCSA(W2K3/W2K/MSG),Network+,CCNA

    My Books: | Windows Server Security | Windows Server 2012

    Blogs | Twitter | LinkedIn | Facebook|

    This posting is provided AS IS with no warranties, and confers no rights.

    Wednesday, June 22, 2016 6:08 PM
  • Santhoshis right, an Azure VM can definitely have multiple IPs, but you would have to use multiple NICs for this purpose. It actually makes sense, if you want to entirely separate the monitoring traffic from the management one.
    Wednesday, June 22, 2016 6:19 PM
  • Thanks Santosh, the link however talks about creating a new VM with multiple NICs - how do I do this for an existing VM?

    I cannot believe its so hard to do such a simple thing?

    Thursday, June 23, 2016 4:28 AM
  • AFAIK, adding another NIC to an existing Azure VM with single NIC is currently not supported in Azure.
    Thursday, June 23, 2016 6:51 AM
  • HI,

    My VM Size (Standard SKUs) is D2.

    Looking at the reference document, it says it supports up to 2 NICs.

    Again, all I am trying to do is add another NIC to an existing Azure VM - surely someone out there has done this???

    https://azure.microsoft.com/en-us/documentation/articles/virtual-networks-multiple-nics/

    Thursday, June 23, 2016 10:09 PM
  • Shim, as I understand it, the support is only at creation time. Once you create a VM with only 1 NIC, you cannot add a new NIC to that VM. You can only re-create the VM with the required amount of NICs.
    Friday, June 24, 2016 12:53 PM
  • Thanks Michael, quite a limitation IMHO.

    So are you saying that when I deploy/create a new VM, I should be able to select the amount of NICs from the GUI?

    Cheers.


    • Edited by Shim Kwan Monday, June 27, 2016 1:58 AM
    Sunday, June 26, 2016 9:28 PM
  • Hi Michael, Would this be a supported configuration or just acceptable for testing?
    Monday, June 27, 2016 3:28 PM
  • Shim, I will probably disappoint you again: You can only create multi-NIC VMs in Azure using PowerShell or ARM templates (Visual Studio has limited GUI for that). Here is the crucial step.

    If you lack this capability in the portal, feel free to submit a feature request. But we are already getting off-topic, as this is ATA forum.

    Monday, June 27, 2016 4:24 PM
  • Hi Simon, the documentation clearly states this:

    Two IP addresses (recommended but not required)

    So I'd say it is a supported configuration and in my experience, it works just fine. But you'd have to ask someone from the ATA team to tell you what is behind this recommendation.

    Monday, June 27, 2016 4:30 PM
  • Thank you Michael.
    • Edited by Shim Kwan Monday, June 27, 2016 9:26 PM
    Monday, June 27, 2016 9:25 PM