cancel
Showing results for 
Search instead for 
Did you mean: 

Azure Guide

Deploy A Container in Azure

Introduction

Containers have become increasingly popular due to their portability, easy of use and consistent nature. McAfee makes using its Database Security product easy to use by offering a container which is deployable in Azure's Container Instance. This is a step-by-step guide to deploying the application.

Overview

This guide will get you started with Azure Container Instances by showing how to deploy a container group in four different ways.

Prerequisities

This guide assumes that:

Deploy a Container using the Azure Resource Template from the Azure CLI

Creating a container instance using the resource template is the best way of initializing a container. The resource template will initialize two separate containers. The first container contains the server and sensor while the second container contains a Microsoft SQL Express database which will be used to store the server data.

Download Resource Template

  • Download the resource template from the following location.

Create Resource Group

  • Log in to Microsoft Azure:

    $ az login

  • Create a resource group by replacing MY_RESOURCE_GROUP with your own resource group name:

    az group create --name MY_RESOURCE_GROUP --location eastus

Deploy Resource Template

  • Replace MY_RESOURCE_GROUP with the resource group name specified in the previous step. Also replace RESOURCE_TEMPLATE_FILENAME with the resource template previously downloaded. Deploy the resource template:

    az group deployment create -g MY_RESOURCE_GROUP --template-file RESOURCE_TEMPLATE_FILENAME

    Browsing to https://<host name>:8443 where the host name specified in the container resource of the resource group and Database Security login page.

Deploy a Container using the Azure Resource Template in the Azure Portal

Creating a container instance using the resource template is the best way create a container. The resource template will initialize two separate containers, a container which contains the server and sensor and a second container with an Microsoft SQL Express database which will be used to store the server data.

Create Custom Template in Azure Portal

 

deploy-button.png

  

Deploy Custom Template in Azure Portal

  • Complete the details the custom template dialog in Azure Portal.

    custom-deployment-dialog.PNG
  • Select "Purchase" once the template details have been entered. The container instances will be initilaised in the resource group specified in the template deployment dialog. Browsing to https://<host name>:8443 where the host name specified in the container resource of the resource group and Database Security login page.

Deploy a Container from the Marketplace using the Azure CLI

Database Security can be deployed using the Azure CLI. The Database Security container image has to be part of a private registry in the Azure subscription. This is achieved by subscribing to the image in the Azure Marketplace. Once the image is stored in the private registry then the server and sensor container can be initialized. This will only create a single container so the server will use an internal database to store its data.

Create Resource Group

  • Log in to Microsoft Azure:

    $ az login

  • Create a resource group:

    az group create --name mcfee_database_security --location eastus

Subscribe to a Private Registry

A private Azure Container Registry needs to be created so the image pulled image can be deployed from

    • Navigate to the Microsoft Azure Marketplace, select the McAfee Database Security image and click “Subscribe”.
    • You will be redirected to a form. Select the subscription name and enter a name for your private registry. (If you already have an ACR, click the “Use existing” option). Finally, select the resource group previously created and enter the Location.
container-subscribe.png
  • Once you have a private registry on Azure, you need to retrieve the container registry credentials. Execute the following: REGISTRY_PASSWD=$(az acr credential show --name MY-REGISTRY --query "passwords[0].value" -o tsv)

Deploy the Container

Deploy the container using the commands:

  • az container create --name mfedbsec-container --resource-group MY-RESOUCE-GROUP --ports 8443 1996 --dns-name-label "mfedbsec" --image MY-REGISTRY.azurecr.io/mfedbsserversensorv4 --registry-username MY-REGISTRY --registry-password "$REGISTRY_PASSWD"
  • When the deployment is successful the API will return a response like the following:

    deployment-api-response.png

  • Browsing to https://<host name>:8443 where the host name specified at fqdn in the API response will display the Database Security login page.

Deploy a Container from the Marketplace using the Azure Portal Instance

Database Security can be deployed within the Azure Portal. The Database Security container image for has to be part of a private registry in the Azure subscription. This is achieved by subscribing to the image in the Azure Marketplace. Once the image is stored in the private registry then the server and sensor container can be initialize. This will only create a single container so the server will use an internal database to store its data.

Subscribe to a Private Registry

A private Azure Container Registry needs to be created so the image pulled image can be deployed from

  • Navigate to the Microsoft Azure Marketplace, select the McAfee Database Security image and click “Subscribe”.
  • You will be redirected to a form. Select the subscription name and enter a name for your private registry. (If you already have an ACR, click the “Use existing” option). Finally, select a Resource group and enter the Location.

    container-subscribe.png

Get Container Details

  • Log into the Azure Portal.
  • In the Resources Groups, select the resource group which contains the private registry. Then select the private registry.
  • Select "Access keys" under "Settings" and take a copy of the Login server, Username and the password.

Create Container Instance

  • In the Azure Portal, select "Create a new resource", then "Container" in the Azure Marketplace. Once the featured options are listed select "Container Instances"

    portal-create-instance.png

  • When the "Create Container Instance" dialog is displayed, enter a container name then select private for "Container image type". In "Container image" enter the login server preceding the image name mfedbsserversensorv4. Under "Image registry login server", "Image registry username" and "Image registry password" enter the copied values from earlier. Then select a suitable "Subscription", "Resource group" and "Location". Once complete, select Ok.

    portal-create-instance-basics.png

  • In the "Configuration" dialog, enter a DNS name under "DNS name label", change the Port value from 80 to 8443 and select "Open additional ports". In the newly display port textbox, enter 1996, then select Ok.

    portal-create-instance-configuration.png

  • On the "Summary" dialog, review the details displayed and then select Ok.

  • In the new container under the specified resource group, select "Overview". Browsing to https://<host name>:8443 where the host name specified at fqdn will display the Database Security login page.

Contributors
Version history
Revision #:
9 of 9
Last update:
‎09-19-2018 01:45 PM
Updated by: