Initial cloud settings

This task describes the initial steps required for setting up communication with the cloud.

Initial cloud settings overview

To initially set up communication with a cloud provider, you must establish an account with the cloud provider and obtain the cloud provider credentials. You must then set up communication from ALM to your cloud provider, and define network settings for communicating with your cloud-based load generators.

Creation of cloud provider account

You must first create a cloud provider account for using the cloud provider services. You need to provide credentials for storing and accessing resources on the cloud, such as:

  • Amazon EC2 - Access Key, Secret Key, and Account Number

  • Microsoft Azure - Subscription ID and Certificate File

Note: Performance Center only integrates with Microsoft Azure and Amazon EC2 cloud accounts.

For details about creating cloud provider accounts, see the documentation provided by your cloud provider.

Communication to cloud provider

When communicating with your cloud provider, you can choose to communicate directly or via a proxy.

The following diagram illustrates direct communication to a cloud provider:

The communication is initiated from the ALM server over the organization's firewall to the cloud provider. The ports on the ALM server should be opened for outgoing requests.

The following diagram illustrates communication to a cloud provider through a proxy server:

The communication is initiated from the ALM server to the defined proxy server using HTTP tunneling. The proxy server then runs over the organization's firewall and transfers outgoing requests to the cloud provider.

Communication to cloud-based load generator

When communicating with your cloud-based load generators, you can choose to communicate directly or via a proxy.

Note:  

  • When the communication is through a proxy, SSL (Secure Socket Layer) is required.

  • Performance Center supports provisioning of load generators only.

The following diagram illustrates direct communication to a cloud-based load generator:

The communication is initiated from the Performance Center server and the Controller over a firewall to the cloud-based load generator. Data is transmitted through TCP (Transmission Control Protocol). The Load Generator should allow incoming requests on ports 8080 and 443. Performance Center and the Controller should allow outgoing requests.

The following diagram illustrates communication to a cloud-based load generator through a proxy server:

The communication is initiated from the Performance Center server and the Controller to the defined proxy server. An HTTP Tunnel is used as a means for communicating from the Performance Center server and the Controller to the proxy server. The proxy server then runs over the firewall and transfers the data to the cloud-based load generator.

Note: SSL is supported between the controller and the cloud-based load generator.

Configuration of security settings

For details on additional security features related to your cloud provider, see Security group rules.

Back to top

Create an account with a cloud provider

Sign up and create an account for using cloud provider services .

Obtain the following cloud credentials:

  • Amazon EC2 - Access Key, Secret Key, and Account Number

  • Microsoft Azure - Subscription ID and Certificate File

Note: Performance Center only integrates with Microsoft Azure and Amazon EC2 cloud accounts.

Back to top

Configure cloud network settings

Define cloud network settings for communicating from Performance Center to your cloud provider (define the proxy settings if your organization uses a proxy server for communicating with an outside network), and for communicating with your cloud-based load generators.

  1. Prerequisites

    To enable SSL for your cloud-based load generator, you must create a Certification Authority (CA) and a Digital Certificate and store the files on ALM, the Performance Center server, and the Controller. For more details on creating the certificates, see Create digital certificates.

  2. Configure the cloud network settings

    1. Click Cloud Network Settings to open the Cloud Network Settings dialog box.

      Note: The Cloud Network Settings option is not available if a Performance Center server has not been created. For more details on creating Performance Center servers, see How to Manage Performance Center Servers.

  3. Enable communication from Performance Center to your cloud provider

    1. In the Proxy section, enter the Proxy Server URL (format: http[s]://server[:8080]).

    2. Enter the User Name (format: Domain\username) and Password of a user with connection rights to the proxy server.

  4. Enable communication for a cloud-based load generator

    1. In the Proxy section Performance Center Communication section, define the communication mode. By default, Use Proxy Server for Load Generator Communication and Use SSL for Load Generator Communication are selected. Note that if the communication is through a proxy, SSL is required. The default port value for the proxy server is 443.
    2. Enter the Performance Center Agent Service Port number. This port is used for running Vusers on the load generator. Make sure this port is opened for incoming communication. The default port value is 8080.
    3. Enter the Remote Management Agent Service Port number. This port is used for Lab Management operations. Make sure this port is opened for outgoing requests. The default port value is 8080.

Back to top

Define security settings for Amazon EC2 cloud accounts

To define security settings on the cloud provider side for Amazon EC2 cloud accounts, perform the following:

  1. From your cloud provider console, create a security group. The ports defined for communicating with the cloud-based load generator must be opened. For details on the security group rules, see the ALM Lab Management Troubleshooting Guide.

    For details about security groups, see the documentation provided by your cloud provider.

  2. Create a key pair.

  3. If you plan on working with elastic IP addresses, allocate elastic IP addresses and make sure they are opened on your organization's firewall for outgoing communication.

Back to top

Define security settings for Microsoft Azure cloud accounts

To define security settings on the cloud provider side for Microsoft Azure cloud accounts, perform the following:

  1. You must increase your JDK’s strength to Unlimited. Download the appropriate version of the Java Cryptography Extension from java.sun.com. Replace the local_policy.jar, and US_export_policy.jar files in the JRE. The jar files are located by default in C:\Program Files\Micro Focus\ALM\java\jre\lib\security.

  2. Create Windows Azure service certificates in Personal Information Exchange (.pfx) format for use in Performance Center.

  3. Create Windows Azure management certificates in X.509 (.cer) format and upload them to Azure.

Back to top

See also: