VHM and Azure

You can use a virtual host manager (VHM) to gather instances from Microsoft Azure.

The VHM allows SUSE Manager to obtain and report information about your virtual machines. For more information on VHMs, see Virtual Host Managers.

1. Prerequisites

The VHM you create needs to have the correct permissions assigned, in order for it to access the Azure VM.

Log in to your Azure account as the subscription administrator, and ensure that the Azure user account and application are in the correct groups. The group that the application is in determines the role it has, and therefore the permissions.

2. Create an Azure VHM

The Virtual Host Manager (VHM) runs on the SUSE Manager Server.

Ensure you have installed the virtual-host-gatherer-libcloud package on the SUSE Manager Server.

Procedure: Creating an Azure VHM
  1. In the SUSE Manager Web UI, navigate to Systems  Virtual Host Managers.

  2. Click Create and select Azure from the drop-down menu.

  3. In the Add an Azure Virtual Host Manager section, use these parameters:

    • In the Label field, type a custom name for your VHM.

    • In the Subscription ID field, type the subscription ID found in Azure portal > Services > Subscriptions page.

    • In the Application ID field, type the application ID that you collected when you registered the application.

    • In the Tenant ID field, type the tenant ID provided by Azure that you collected when you registered the application.

    • In the Secret Key field, type the secret key associated with the Azure instance.

    • In the Zone field, type the zone your VM is located in. For example, for West Europe, enter westeurope. This is required for subscription matching to work.

  4. Click Create to save your changes and create the VHM.

  5. On the Virtual Host Managers page, select the new VHM.

  6. On the Properties page, click Refresh Data to inventory the new VHM.

To see which objects and resources have been inventoried, navigate to Systems  System List  Virtual Systems.

3. Assigning permissions

If the permissions are not set correctly, you might receive an error like this when you run virtual-host-gatherer:

General error: [AuthorizationFailed] The client 'client_name' with object id 'object_ID' does not have authorization to perform action 'Microsoft.Compute/virtualMachines/read' over scope '/subscriptions/not-very-secret-subscription-id' or the scope is invalid. If access was recently granted, please refresh your credentials.

To determine the correct credentials, run this command at the prompt on the SUSE Manager Server:

virtual-host-gatherer -i input_azure.json -o out_azure.json -vvv

The input_azure.json file should contain this information:

[
    {
        "id": "azure_vhm",
        "module": "Azure",
        "subscription_id": "subscription-id",
        "application_id": "application-id",
        "tenant_id": "tenant-id",
        "secret_key": "secret-key",
        "zone": "zone"
    }
]

4. Azure UUID

Instances running on the Azure public cloud report this UUID to the SUSE Manager Server:

13f56399-bd52-4150-9748-7190aae1ff21