Using SteelHead-c for Microsoft Azure

This chapter describes how to use SteelHead-c virtual appliances for Microsoft Azure. It includes these sections:

• Before using your SteelHead-c for Azure

• Prerequisites for installing SteelHead-c in Azure

• Installing a SteelHead-c on an Azure virtual machine

Before using your SteelHead-c for Azure

This information will help you make the most of your SteelHead-c for Azure:

• In Azure, NAT rules to a virtual machine are very aggressive. These rules can cause frequent failures of the inner connection pool. To avoid this issue, configure your client-side SteelHead appliances that pair with a SteelHead-c for Azure so that their inner keepalive interval is 30 seconds or less.

cfe (config) # protocol connection addr <azure-sh-ip> inner-intvl 30 oob-intvl 30

• License your SteelHead-c for Azure after you create it.

• Out-of-path deployment using fixed-target rules and agent-intercept deployment using Discovery Agent are supported.

Prerequisites for installing SteelHead-c in Azure

Before you install the virtual appliance, ensure that these prerequisites are met:

• You have access credentials to a Microsoft Azure account that allow you to create resources in the region and virtual networks where you want to deploy SteelHead-c.

• You have obtained a one-time token from the Riverbed Cloud Portal to license your SteelHead-c. Access the portal at https://cloudportal.riverbed.com.

• The SteelHead-c instance must have continuous SSL/TLS (TCP port 443) access to the Riverbed Cloud Portal in order to verify that the license is active. If the SteelHead-c cannot contact the Riverbed Cloud Portal, it will stop optimization and will by-pass connections until it can verify the license again. For enhanced security, configure a TCP proxy in the virtual machine’s Networking > Host Settings.

Installing a SteelHead-c on an Azure virtual machine

This section provides instructions for installing a SteelHead-c virtual appliance on an Azure Hyper-V virtual machine using the default mode (Create a virtual machine wizard.) The programmatic deployment mode is not covered in this document. See the Azure documentation for details about that mode.

The default deployment mode in Microsoft Azure has changed from Classic (programmatic) to Resource Manager (wizard.) SteelHead-c can be deployed in either mode; however, resources deployed through different deployment modes cannot interoperate. Select the deployment mode that matches the rest of your infrastructure in Azure.

For RiOS 9.12.0 and later, the default password is password regardless of the value you specified while provisioning or creating the Cloud SteelHead from the Azure marketplace image. You can change the password after you provision the system using the Cloud SteelHead UI or CLI. (This caveat is only applicable for Azure Cloud SteelHeads launched from Azure marketplace.)

To install using the Microsoft Azure portal

1. Log in to the Microsoft Azure portal and navigate to your dashboard.

2. Click Create a resource.

The New page appears. On this page you can find Marketplace items by search, type, or popularity.

3. Search for keywords: Riverbed SteelHead.

4. Select an image from the available options.

5. In the image details pane, near the bottom, click Create.

The Create virtual machine wizard displays.

If you want to deploy the SteelHead-c using Azure’s programmatic mode, select Want to deploy programmatically? Get started ->. See the note at the beginning of this section, Installing a SteelHead-c on an Azure virtual machine.

6. In the Basics section of the wizard, enter this information:

Project Details

– Select a subscription model.

– Select a resource group, or click Create new if you want to place the virtual appliance you are creating into a new resource group.

Instance Details

– Enter a display name for the virtual appliance.

– Select the region where you want to deploy the virtual appliance.

– Specify Availability options.

– Select the image you want to install on the virtual machine. The default is the item you selected in Step 4.

– Select a size for the virtual machine. The size determines the maximum amount of compute resources (CPU, RAM memory) available to the virtual machine. See SteelHead-c models and required virtual machine resources to find the amount of resources required to run the SteelHead-c model you want to deploy.

Administrator Account

The account that you create in this step is not used. However, use the password you specify here along with the username admin for first-time login. After initial login, you can change your credentials at any time.

– Specify how administrators will authenticate when logging in to the Hyper-V virtual machine.

7. Click Next : Disks > to advance to the wizard’s Disks tab.

8. Under Disk Options, select a disk type for the SteelHead-c virtual appliance’s operating system (RiOS).

9. Optionally enable Ultra SSD compatibility.

10. Under Data Disks, create and attach a disk or attach an existing disk to serve as the SteelHead-c virtual appliance’s data store. See SteelHead-c models and required virtual machine resources to find the minimum disk size required to run your model SteelHead-c.

If you do not already have a data store disk, select Create and Attach a new disk.

– In the Create a new disk page, specify these settings: disk type, display name, size in gigabytes (GB), source type.

– Click OK. A virtual disk with your settings is allocated. The Create a new disk page closes and you are returned to the wizard’s Disk tab. The newly allocated disk is listed under Data Disks.

– Select Read/Write from the Host Caching drop-down menu corresponding to the newly allocated disk.

If you already have a data store disk, select Attach an existing disk.

– A row is added to the Data Disks table.

– Select a disk from the Name drop-down menu.

– Select Read/Write from the Host Caching drop-down menu corresponding to the newly added disk.

11. Under the Advanced section, accept the default values.

12. Click Next : Networking > to advance to the wizard’s Networking tab.

13. Select the network and subnet where you want to deploy the SteelHead-c from the Virtual network and Subnet drop-down menus.

If you have not already configured a virtual network and a subnet, click Create new to display the Create new network page. Enter an address space for the new virtual network, create subnets, and then click OK. See the Microsoft Azure help for assistance.

14. Optionally select a public IP address from the Public IP drop-down menu. A public IP enables you to communicate with the virtual appliance from outside the virtual network.

If you want to use a public IP but none exist, click Create new to display the Create public IP address page. Enter a display name for the new IP address, specify SKU and assignment, and then click OK. See the Microsoft Azure help for assistance.

15. NIC network security group is Advanced. NIC network security group settings are preconfigured.

16. Select a network security group from the Configure network security group drop-down menu.

If no security groups exist, click Create new to display the Create network security group page, specify Inbound rules and Outbound rules, and then click OK. See the Microsoft Azure help for assistance.

17. Accelerated networking is Off. Accelerated networking is not supported.

18. Under Load Balancing, select No.

19. Click Next : Management > to advance to the wizard's Management tab.

20. Optionally configure the settings under Monitoring, Identity, and Auto-Shutdown to your liking.

21. Click Next : Guest config > to advance to the wizard's Guest config tab.

22. Click Next : Tags > to advance to the wizard's Tags tab.

23. Optionally add tags.

24. Click Next : Review + create > to advance to the wizard's Review + create tab.

25. Review your selections and then click Create.

26. License your virtual appliance. See Licensing SteelHead-c virtual appliances.