Service Provider Foundation (SPF) – Installation Step by Step

Hello Everyone,

Description

First question, what is System Center 2012 SP1 Service Provider Foundation?
On TechNet (http://technet.microsoft.com/en-us/library/jj642895.aspx), I found the following description:

Service Provider Foundation is provided with System Center 2012 – Orchestrator, a component of System Center 2012 Service Pack 1 (SP1). Service Provider Foundation exposes an extensible OData web service that interacts with Virtual Machine Manager (VMM). This enables service providers and hosters to design and implement multi-tenant self-service portals that integrate IaaS capabilities available System Center 2012 SP1.

In other words:

  • Service Provider Foundation is available on the same ISO file than System Center Orchestrator 2012 SP1.
  • A hoster is any person that is providing a hosting services (Hyper-v hosts, networks, …) from his infrastructure to different customers/tenants who will deploy VM, Apps, websites on the hoster’s infrastructure.
  • SPF will help these hosters to build a multi-tenants self-service portal that will present an extended web service for Virtual Machine Manager.
  • Concerning the portal, you could build one on your own or you could use the Windows Azure Services for Windows Server. http://msdn.microsoft.com/en-us/library/jj874381.aspx (This topic will be cover in another blog post)

Prerequisites

  • A new server on which we will install SPF (We will call it SRV-SPF01)
  • Orchestrator Iso file
  • The Virtual Machine Manager 2012 SP1 Administrator Console must be installed on SRV-SPF01
  • A SQL server that could be used by SPF for installing its DB
  • Download the Certificate Creation Tool here : http://gallery.technet.microsoft.com/Certificate-Creation-tool-5b7c054d
  • Download and install MVC4: http://www.asp.net/mvc/mvc4
  • Download and install WCF Data Services 5.0 for OData V3 : http://www.microsoft.com/en-us/download/details.aspx?id=29306
  • A Active Directory Global Security group that we will called SPF-Admins
  • A service account that is member of the VMM Administrator group, SPF-Admins group and local administrator group on SRV-SPF01
  • Your AD account must be member of the SPF-Admins group also
  • The following Roles and Features must be installed on SRV-SPF01

     

Create the SSL certificates

Service Provider Foundation requires that a Secure Sockets Layer (SSL) server certificate be configured for its website bindings. The Service Provider Foundation website is the endpoint for the Admin service and the Virtual Machine Manager (VMM) service that use Representational State Transfer (REST) and Open Data Protocol (OData) technology to communicate with clients and portal applications.

The certificate should conform to the following recommendations:

  • A self-signed certificate should be used only for testing purposes.
  • The fully qualified domain name (FQDN) should be specified for the certification path instead of “localhost”.
  • A self-signed certificate should be placed in the personal store.

A complete explanation is available on TechNet: http://technet.microsoft.com/en-us/library/jj943808.aspx

We first need to create test Root Certificate, with the MAKECERT application that we download in the perquisites.

makecert -pe -n “CN=TestRootCA” -ss personal -sr LocalMachine -sky signature -r “TestRootCA.cer”

We now have to create a certificate for the machine itself

makecert -pe -n “CN=SRV-SPF01.CONTOSO.COM” -ss my -sr LocalMachine -sky exchange -eku 1.3.6.1.5.5.7.3.1,1.3.6.1.5.5.7.3.2 -in “TestRootCA” -is personal -ir LocalMachine -sp “Microsoft RSA SChannel Cryptographic Provider” -sy 12 SPFTestCert.cer

At the end, we have two new certificates, move these certificates to a folder that we will access later.

SPF installation

Start the setup.exe file on the Orchestrator cd and at the bottom, there is the Service Provide Foundation section, click on Install.

A new window, dedicated to SPF pops up, click on install.

Accepts the license terms and click on Next.

Check the box and click on Next.

Once the prerequisites check done, click on Next.

Specify your SQL Server and click on Next.

Click on Change Folder and browse to the folder where you stored the two certificates that you created earlier.
Review the information available in Certificate Store and Certificate Name, if everything is ok, click on Next.

Specify the AD group and service account that we created during the perquisites and click on Next.

Specify the AD group and service account that we created during the perquisites and click on Next.

Specify the AD group and service account that we created during the perquisites and click on Next.

Selection your own values and click on Next.

Review all the information and click on Install.

SPF installation in progress.

Installation completed.

This post is in fact the first one of a service dedicated to Windows Azure Services for Windows Server.
Stay tuned!!!

Christopher

Tweet about this on TwitterShare on FacebookShare on LinkedInShare on Google+Email this to someoneShare on TumblrPin on PinterestDigg thisShare on RedditFlattr the authorBuffer this pageShare on StumbleUpon

About Christopher Keyaert

Christopher Keyaert is a Consultant, focused on helping partners to leverage the System Center and Microsoft Azure cloud platform. He is also a Microsoft Most Valuable Professional (MVP) for Cloud and Data Center Management and a Microsoft Certified Trainer (MCT).
This entry was posted in Uncategorized. Bookmark the permalink.

One Response to Service Provider Foundation (SPF) – Installation Step by Step

  1. Pingback: SPF Prerequisites via PowerShell | Christopher's System Center Blog

Leave a Reply

Your email address will not be published. Required fields are marked *