This section outlines the recommended steps for deploying Active Roles in the Windows Azure Infrastructure Services environment. After you complete these steps, you have the following services deployed in Windows Azure using Windows Azure virtual machines:
This guide assumes that you already have the following prerequisites:
For instructions on how to install a replica domain controller, see Install a Replica Active Directory Domain Controller in Windows Azure Virtual Networks.
Perform the following tasks to deploy SQL Server:
When creating the virtual machine, on the Virtual machine configuration page, select the Create a new cloud service option and choose the Virtual Network used by your replica domain controller in Windows Azure.
For instructions on how to deploy SQL Server 2012 in Windows Azure, see Provisioning a SQL Server Virtual Machine on Windows Azure.
Because SQL Server will be accessed from within the Virtual Network, you do not need to create public endpoints in Windows Azure.
Perform the following tasks to deploy the Active Roles Administration Service:
When creating the virtual machine, on the Virtual machine configuration page, select the Cloud Service that you created for the SQL Server virtual machine in Step 2. Deploy Microsoft SQL Server 2012. This will automatically select the correct Virtual Network as this Cloud Service is already used to host the SQL Server virtual machine. For further information, see Add a Virtual Machine to a Virtual Network, section “Create Virtual Machine and Deploy to Virtual Network.”
When prompted for the service account, specify the appropriate user account defined in your Active Directory domain. Ensure that this user account is a member of the Administrators local group on the virtual machine where you are installing the Administration Service. For example, this could be a domain user account that belongs to the Domain Admins group of your Active Directory domain.
When prompted for SQL Server, specify the name of SQL Server you deployed in Step 2. Deploy Microsoft SQL Server 2012.
$allowedClientSubnets = @('10.0.0.0/8', '172.16.0.0/12', '192.168.0.0/16');
New-NetFirewallRule -DisplayName "Active Roles" -Direction Inbound `
-Action Allow -Service 'aradminsvc' -RemoteAddress $allowedClientSubnets `