Azure Stack Running in an Azure VM

With the recent release of V3 VMs on Azure, you’ve now the possibility to do Nested Hyper-V, running a VM in an Azure VM.

Azure Stack Development Kit just released, it was the opportunity for me to deploy the last version in Azure, because I don’t have the necessary hardware at home to run it.

Be careful, the following article is not supported by Microsoft and can be used only for test.

Daniel Neumann, TSP Azure at Microsoft provided a version for his installation, on L2 nested virtualization: http://www.danielstechblog.info/running-azure-stack-development-kit-azure/

I will use some parts of his blog for my installation. The difference is that he is deploying Azure Stack in a VM, on the Azure VM. In my case, we will deploy Azure Stack directly on the Azure VM.

Before starting, create an Azure AD account who is Global Admin. This account will be used to connect your Azure Stack to your Azure AD.

To start, deploy a VM on Azure, with the image Windows Server 2016 and with the minimum size E16s v3 (16 cores, 128 GB memory). It’s prerequisites to be able to run Azure Stack: https://docs.microsoft.com/en-us/azure/azure-stack/azure-stack-deploy

When the VM is deployed, do not apply any updates, just ignore them. We will rename the local administrator to Administrator, so we don’t have to modify scripts:

Stop the VM through the Azure Portal, and go to Disks. Expand the OS disk to 256GB and add 4 disks for the Storage Spaces Direct part, with 256GB each:

Start the VM and initialize disks. Modify the timezone with your time zone and deactivate the IE Enhanced Security Configuration parameter. You can connect and install prerequisites to gain time for the next part:

Restart the server:

You can now download Azure Stack Development Kit: https://azure.microsoft.com/en-us/overview/azure-stack/development-kit/

When extracted, mount the disk CloudBuilder.vhdx and copy folders CloudDeployment, fwupdate and tools in the root of your C drive. You can eject the disk CloudBuilder. Open a PowerShell console and do:

For IP addresses, use IP addresses that are not used in your Azure VNet and in your Azure Stack environment. You’ll have a first error who will be that your server is not physical. Don’t worry, you need to modify the file C:\CloudDeployment\Roles\PhysicalMachines\Tests\BareMetal.Tests.ps1 and to find $isVirtualizedDeployment. This variable is present 3 times in the file.

Remove the -not before each variable. Launch the installation again with the following command:

[OPTIONAL]

If you’ve an error with CredSSP when the script is modifying the number of maximum joined computer, follow this procedure. On the DC server, execute the following command:

On the Hyper-V server, execute the following command:

Open the gpedit.msc console and navigate to Local Computer Policy > Computer Configuration > Administrative Templates > System > Credential Delegation.

Activate Allow Delegating Fresh Credentials with NTLM-only Server Authentication and add the value WSMAN/*. Launch the script again:

[/OPTIONAL]

When the BGPNAT VM is deployed, execute the following script on the Azure VM to create a new virtual switch that will give Internet access to your VM, by adapting IP addresses with IP that you used when you launched the installation:

Go in the parameter of the BGPNAT VM and change the virtual switch for the network card NAT from PublicSwitch to NATSwitch:

You can now ping external IP addresses:

The deployment of the infrastructure continues:

After few hours, the deployment is finished and you can connect to the admin and user interfaces:

Spread the word. Share this post!