Installing Mobile Controller-v for Azure
With SteelHead Mobile 5.5, Mobile Controller-v can be installed and run in Azure. After you have installed the Mobile Controller-v package, you can upgrade using a standard image.
This chapter describes how to install and configure Mobile Controller-v on Hyper-V. It includes these sections:
Recommended Azure instance sizes
Determine the number of endpoints you plan to support before you launch your Mobile Controller-v for Azure. This table lists the Azure instance size we recommend for the indicated maximum number of endpoints.
Maximum endpoints | Azure instance size |
4000 | DS2 v2 |
35000 | DS3 v2 |
Basic steps for installing and configuring Mobile Controller-v
This table provides an overview of the basic steps to install and configure Mobile Controller-v on Azure. Detailed procedures are provided in the sections that follow.
Task | Reference |
1. Determine the Azure instance size required for your deployment. | |
2. Launch Mobile Controller-v as a virtual machine from the Azure Marketplace. | |
3. Add a data store disk to the Mobile Controller-v virtual machine. | |
4. Install licenses on the Mobile Controller-v appliance. | |
5. Set the fully qualified domain name (FQDN) for the Mobile Controller-v appliance. | |
Launch Mobile Controller-v as a virtual machine
Mobile Controller-v is available through the Azure marketplace.
When you launch Mobile Controller-v, size the virtual machine on the number of endpoints you plan to manage. You can change the virtual machine instance size any time after deployment to accommodate a change in the number of managed endpoints. See
Recommended Azure instance sizes.
Note: The maximum number of supported endpoints for a single Mobile Controller is 35,000. We recommend using as a minimum the Standard_DS3_v2 virtual machine instance size to scale to 35,000 endpoints. You can cluster multiple Mobile Controller-v instances to manage more than 35,000 endpoints. See the SteelCentral Controller for SteelHead Mobile User’s Guide for details about configuring clustering.
To launch Mobile Controller-v through the Azure marketplace
1. Log in to Azure and search for “Riverbed SteelCentral Controller for SH Mobile 5.5” or navigate to this URL:
https://portal.azure.com/?pub_source=email&pub_status=success#create/riverbed.riverbed-sccm-5-5-1riverbed-sccm-5-5-1.
2. Choose Resource Manager from the Select a deployment model menu.
3. Click Create.
The Create Virtual Machine wizard appears.
4. Configure these basic virtual machine settings:
• Name - Enter a display name for the virtual machine.
• VM disk type - Select SSD or HDD.
• Authentication type - Select Password.
• Username - Enter the default user name: admin.
• Password/Confirm Password - Enter a password for logging in to the virtual machine.
• Subscription - Select a subscription.
• Resource group - Select to create a new group and enter a name for the group if you do not have an existing resource group that you want to use; otherwise, select to use an existing group and enter the group name.
• Location - Select a location within Azure where the virtual machine will be hosted.
5. Select a virtual machine instance size. Recommended sizes appear with a star.
6. Configure these optional settings:
• High Availability
• Storage
• Network - We recommend that you allow access only from specific source IPs on ports 80, 443 and 22 to make access more secure. Port 7870 must have access from all source IPs. The default behavior for the network security group associated with the virtual machine is to allow all source IPs access to ports 80, 443, 22, and 7870.
• Auto-shutdown
• Monitoring
7. Click Purchase to complete the wizard and deploy the virtual machine.
A message at the top of the Purchase page of the Create Virtual Machine wizard indicates whether the virtual machine has passed a validation check. If the virtual machine does not pass the validation check, return to the previous pages in the Create Virtual Machine wizard to reconfigure your instance.
The virtual machine appears on your dashboard.
Add a data store disk to the Mobile Controller-v virtual machine
The data store disk that you will add in the following procedure is used for storing statistical data about managed endpoints. Size this disk according to the number of endpoints managed. You can use either SSD or HDD disks.
Note: We recommend a minimum disk size of 100 GB. If the Mobile Controller-v will manage 35,000 endpoints, the maximum for a single Mobile Controller-v, we recommend a minimum disk size of 512 GB. If the Mobile Controller-v will manage 10,000 endpoints or more, we recommend using an SSD disk.
To add a data store disk to the Mobile Controller-v virtual machine
1. Log in to Azure.
2. Navigate to the Mobile Controller-v virtual machine and select it.
3. In the Azure console for the virtual machine, choose Settings > Disks.
4. In the Data disks section, click Add data disk.
5. In the Data disks section under the Name column, select Create disk.
The Create managed disk screen appears.
6. In the Create managed disk screen, enter a display name for the disk.
7. Select Use existing and choose the resource group you created in
Step 4.
8. Select an account type, either Standard HDD or Premium SSD.
9. Select a source type.
10. Enter a size for the disk.
11. Click Create.
Azure validates the parameters and creates the disk. The disk appears in the drop-down menu under the Name column in the Data disks section of the Settings > Disks page of the Azure console for the virtual machine.
Configure licenses on the Mobile Controller-v appliance
After the Mobile Controller-v appliance is deployed and running, you can configure licenses on it through the appliance’s management console. To complete this procedure, you will need the license information you received from Riverbed Support.
To configure licenses on the Mobile Controller-v appliance
1. Log in to Azure.
2. Navigate to the Mobile Controller-v virtual machine and select it.
3. In the Azure console for the virtual machine, choose Overview.
4. Find the Public IP address on the Overview screen.
5. Copy the IP address.
6. Launch a browser and navigate to the IP address for the Mobile Controller-v.
The log in screen for the Riverbed SteelCentral Controller for SteelHead Mobile appears.
7. Log in with the credentials you used in
Step 4.
8. Choose Configure > Maintenance > Licenses.
The Licenses screen appears.
9. Click Add a New License.
10. Enter your license into the text area and click Add.
11. Choose Configure > Maintenance > Reboot/Shutdown.
12. Click Reboot.
The appliance reboots and applies the licenses.
Set the FQDN on the Mobile Controller-v appliance
It is necessary to set the FQDN on the Mobile Controller-v so that the client download packages can be properly downloaded. Setting the FQDN adjusts the links to the download packages so that the packages can be reached from outside Azure.
To set the FQDN on the Mobile Controller-v appliance
1. Log in to Azure.
2. Navigate to the Mobile Controller-v virtual machine and select it.
3. In the Azure console for the virtual machine, choose Settings > Configuration.
The Configuration screen appears.
4. Find the DNS name label and make a note of it.
5. Open a command window and SSH to the Mobile Controller-v command line interface.
where <DNS-name-label> is the DNS name label you noted in
Step 4 and <azure-domain-label> is the Azure domain label. Example:
ssh admin@xyz123123.westus.clouapp.azure.com
6. Run the following commands:
Riverbed SteelCentral Controller for SteelHead Mobile
admin@ xyz123123.westus.cloudapp.azure.com’s password:
Last login: Wed Oct 18 04:49:48 2017 from 111.93.144.90
amnesiac > enable
amnesiac # configure terminal
amnesiac (config) # ip fqdn override xyz123123.westus.cloudapp.azure.com
amnesiac (config) # write memory
The Mobile Controller-v is ready for use and its status is changed to either Healthy or Healthy [Needs Attention].
Best practices for Mobile Controllers located on the public internet
A Mobile Controller client user can insert the IP address of a Mobile Controller-v that is located on the public internet into their list of controllers and receive the default acceleration policy associated with that controller, which consumes a license when a connection is optimized. To prevent this, set the default policy of your public internet-based controllers to disable optimization (client users require administrator or monitor privileges on the controller to select a non default policy). A simple way to do that is to add an in-path rule that passes through all traffic. Although clients can still connect to a controller with a default policy that disables optimization, the client will not consume a license.