Setting up a Linux Instance on Azure

Contents

General Prerequisites

As this description shows the basic setup of a Linux instance in Azure, it does not list specific prerequisites. However, depending on the use case, the following prerequisites should be considered:

  • To set up a Linux instance in Azure, you need an Azure account.
  • Secondly, prerequisites will be different depending on the planned use of the instance:
    • Option 1: the instance is to be used as a Charon emulator host system:
      • Refer to the hardware and software prerequisite sections of the User's Guide and/or Getting Started guide of your Charon product to determine the exact hardware and software prerequisites that must be fulfilled by the Linux instance.
        The image you use to launch your instance and the instance type you chose determine the software and hardware of your cloud instance.
      • A Charon product license is required to run emulated legacy systems. Contact your Stromasys representative or Stromasys VAR for details.
    • Option 2: the instance is to be used as a dedicated VE license server:
      • Refer to the VE License Server Guide for detailed prerequisites.
  • Certain legacy operating systems that can run in the emulated systems provided by Charon emulator products require a license of the original vendor of the operating system. The user is responsible for any licensing obligations related to the legacy operating system and has to provide the appropriate licenses.

Azure Login and New Instance Launch

Logging in to your Azure account

To log in perform the following steps:

  • Go to portal.azure.com. You will see a Microsoft Azure login screen.
  • Enter your login credentials.
  • Upon successful login, the Azure home screen will be displayed as shown in the example below:


Creating a Virtual Machine

Step 1: Click on the Virtual machines or on the Marketplace icon on the home page. If you create your instance via the Marketplace icon, please select the Charon listing from the Marketplace offerings, select to create an instance, and continue with Step 3.

Clicking on Virtual machines opens the virtual machines overview list.


Step 2: Click on the Create link in the overview list.

For a basic setup, select Azure virtual machine from the drop down list opened by the Create link. This opens the Basics tab of the Create a Virtual Machine window.


Step 3: Enter your data on the Basics tab. Mandatory data are, for example:

  • Your subscription
  • Existing resource group (or click on Create new)
  • Virtual machine name (cannot be changed after launching the instance)
  • Region for the virtual machine
  • The Azure image from which to launch your instance. Click on See all images to select the correct image. If installing a prepackaged marketplace Charon image, select the matching image. If you plan to install Charon using RPM packages, use a Linux version supported by your Charon emulator product.
  • Size of your VM (click on See all sizes to see a list of available sizes)



Basics tab upper part sample:

Select the image from which to launch your instance and the correct size of your instance (please review the sizing requirements above). Enter the other information in accordance to your environment.


Basics tab lower part sample:

  • Enter the user sshuser as the administrative user.
  • Select SSH public key authentication. You can then use one of the following steps to install your SSH public key.
    • Let Azure create a new key-pair for you.
    • Use the public key from a key-pair on your computer. As shown in the example below, you will have to past your public key into the field provided.
    • Use a key-pair previously created on Azure.
  • The default allowed inbound port will allow SSH connections without limiting the source IP range. Some images may also have preconfigured access rules that cannot be changed during the launch of the instance. In either case, remember to adapt the rules to your requirements after creating the instance or in the Networking tab (advanced) during the creation of the instance. 

Please note: if your management system supports it, for RHEL 9.x, Rocky Linux 9.x, and Oracle Linux 9.x use SSH key types ECDSA or ED25519. This will allow connecting to these Charon host Linux systems using an SSH tunnel without the default crypto-policy settings on the Charon host having to be changed for less secure settings. This is, for example, important for the Charon-SSP Manager. See also: https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/security_hardening/using-the-system-wide-cryptographic-policies_security-hardening.


Click on Next: Disks. This will open the Disks tab of the VM creation window.


Step 4: Define the disks for your VM.

Please note: By default, Azure VMs have one operating system disk and a temporary disk for short-term storage (mounted on /mnt/resource and not persistent). The recommended minimum system disk size is 30GB. You can attach existing additional data disks, or create new disks and attach them.

Disks tab sample:

Click on Next: Networking. This will open the Networking tab of the VM creation window.



Step 5: Enter the necessary information in the Networking tab.

On this tab, you can define the network configuration of your VM:

  • Virtual Network (existing or new)
  • Subnet (default or other subnet)
  • Whether a public IP should be assigned or not (note that if you use an image requiring a public, Stromasys-operated license server, this server must be accessed via a public IP address from the Azure range)
  • Basic, advanced, or preconfigured security settings (which ports are open for access to the VM).

Networking tab sample:

Optionally, you can proceed to the Management, Advanced, and Tags tabs to configure additional details of your VM. However, for a basic test, this is not required. Click on Review + Create to proceed to the review screen.


Step 6: additional configuration for AutoVE setup.

If the instance is launched from a Charon AL marketplace image and is planned to use AutoVE licensing (instead of the public license servers), you must add the corresponding information to the instance configuration before the first launch of the instance:

The AutoVE license server information is entered as instance User Data. In the initial instance configuration window, go to the Advanced section.
  • Open it and scroll down to the User Data section.

  • Enable the User Data by ticking the checkbox.
  • Then enter the correct primary and backup AutoVE servers as shown in the example below:

Valid User Data configuration options:

  • primary_server=<ip-address>[:<port>]
  • backup_server=<ip-address>[:<port>]

where

  • <ip-address> stands for the IP address of the primary and the backup server as applicable, and
  • <port> stands for a non-default TCP port used to communicate with the license server (default: TCP/8083).

Please note: at least one license server must be configured at initial launch to enable AutoVE mode. Otherwise, the instance will bind to one of the public license servers operated by Stromasys.



Step 7: Check the data on the Review + Create screen and create VM.

Verify that the checks passed successfully and click on Create to create the VM.

Sample Review+Create screen:


If key-pair was newly created, download private key:

If you chose to let Azure create a new SSH key-pair, you will be asked to download the private key after clicking on the Create button, this step is very important as this is the only opportunity to download the private key, which is required to access your VM. The image below shows a sample of this prompt:


The Deployment page:

Create will take you to the Deployment page (possibly after downloading the private SSH key) where the current status of the deployment is displayed. Once the VM has been fully deployed, the Deployment Complete screen will be displayed.

Sample Deployment Complete screen:


Click on Go to resource to get to the details page of the newly created VM. The image below shows a sample of a detail page:




Initial Access to the Instance

Once you have access to the instance, you can create the access you require for your applications. This section just shows the basic steps for initial access to the instance.

SSH Interactive Access

To connect to the instance interactively, you must connect as the management user of your instance. Use the following command:

$ ssh -o ServerAliveInterval=30 -i <path-to-your-private-key> <management-user-name>@<cloudhost-IP-address>

The parameter ServerAliveInterval will protect the connection from timing out.

Please note:

  • Depending on the type of connection, you will have to use either the public IP address of the cloud system or its address in a customer-specific VPN.
  • The private key used must correspond to the public key installed in the authorized_keys file of the cloud instance management user. This is usually done during initial cloud instance launch.
  • The management user account normally allows sudo access to privileged commands (use sudo -i).
  • If the instance was created using a Stromasys-provided AL or VE marketplace image, the management user for interactive login is the user sshuser.

File Transfer with SFTP

SFTP enables file transfers to and from the cloud instance. Use the management user of your instance. The security rules must allow SSH access to allow SFTP access to the cloud instance.

Please note: Depending on the type of connection, you will have to use either the public IP address of the cloud system or its address in a customer-specific VPN.

To connect to the instance, use the following command:

$ sftp -i <path-to-your-private-key> <management-user-name>@<cloudhost-IP-address>


Please note:

  • Depending on the type of connection, you will have to use either the public IP address of the cloud system or its address in a customer-specific VPN.
  • The private key used must correspond to the public key installed in the authorized_keys file of the cloud instance management user. This is usually done during initial cloud instance launch.
  • If the instance was created using a Stromasys-provided AL or VE marketplace image, the management user for file transfer is the user charon.
  • If the user charon is used to transfer files, the home directory for the file transfer will be /charon/storage.



© Stromasys, 1999-2024  - All the information is provided on the best effort basis, and might be changed anytime without notice. Information provided does not mean Stromasys commitment to any features described.