Microsoft Azure Stack and CSP Uncovered
Mon, 23 Mar 2020 22:39:11 -0000|
Read Time: 0 minutes
Microsoft’s Cloud Solution Provider (CSP) program allows partners to completely own their end-to-end customer lifecycle, which may include activities such as deployment of new services, provisioning, management, pricing and billing. The CSP program helps value-added resellers (VARs) and managed service providers (MSPs) sell Microsoft software and Cloud Service licenses with additional support so that you can become more involved with your customer base. This means that every cloud solution from Azure to Office 365 could be resold to your customers at a price that you set, and with unique value added by you. The goal of the CSP program is not simply to resell Microsoft services, but to enhance them and deliver them in a way that makes sense for you and your customers.
What's the fuss all about Azure Stack CSPs?
As an Azure Stack Product Technologist, one question I am frequently asked by customers who are existing Microsoft CSPs is, how to operate and offer services on Microsoft Azure Stack in a CSP model. Although this information is available through Microsoft Azure Stack online documentation and videos from various events, I am trying to consolidate that information into this blogpost as well as trying to explain the various CSP operating models in Azure Stack and the steps required to successfully manage and operate Azure Stack as a CSP.
The key difference between operating as an Azure CSP vs Azure Stack CSP is the additional responsibility of managing the Azure Stack Integrated system. Really? well, it really depends on the CSP operating model which we will discuss in detail in the subsequent sections in this blog.
What's the Business Opportunity here?
Today, Azure services are available in 54 regions spread across various geographical locations. Which also means that Azure services are not available in every nook and corner of the globe. This could be due to poor internet connectivity or no connectivity or customers want to operate in a disconnected mode or to simply meet the regulatory compliance, adhering to the policy guidelines and laws in the respective country of origin. Most importantly it is your geographical presence that differentiates you as a CSP who can deliver consistent Azure services in that region. With the rise of Edge computing, it becomes more and more critical that data is processed as close to the edge as possible, and as a result we see more and more cloud services moving back towards the edge. As a result, as a CSP not only is your geographical location important, but you can also provide differentiated or specialized applications while serving the needs of certain industries with a specific requirement.
What are the various CSP operating models for Azure Stack?
When you make the decision to be an Azure Stack CSP, you will need to explore and understand the two CSP operating models. You must ensure that you understand which model aligns best with your organization. So let's try and understand the two CSP operating models.
In this model CSP operates Azure Stack and has a direct billing relationship with Microsoft. All usage of Azure Stack is directly billed to the CSP. The CSP in turn generates a bill for each customer or tenant who is consuming the services offered by the CSP. The period of billing, the amount you bill, and what you bill for are entirely in your hands as a CSP.
In this model, Indirect CSP is also referred to as Distributor, is responsible to operate Azure Stack. Here a network of Resellers can help sell CSP offered services to the end customers. Indirect CSP has direct billing relationship with Microsoft and hence all usage of Azure Stack resources are billed to the Indirect CSP. The indirect CSP in turn bills either the reseller or the end customer
Now that you've familiarized yourself with Azure Stack CSP operating models, it is important to understand the two types of CSP subscriptions that are available.
- Azure Partner Shared Services (APSS) Subscription
According to Microsoft's definition, Azure Partner Shared Services (APSS) are the preferred choice for registration when a direct CSP or an indirect CSP, also known as CSP distributor operates Azure Stack. This means a CSP directly purchases Azure subscription from Microsoft for their own use. This creates opportunity for CSPs to build differentiated solutions and offer them to their tenants.
- CSP Subscription
This is the most common subscription model. In this either a CSP reseller or the customer operates the Azure Stack admin and tenant spaces, or in many cases splits the responsibility, with CSP managing the Admin space and customer managing the Tenant.
Roles and Responsibilities in a CSP Model:
With so many myriads of options available in a CSP model involving various personas such as Direct CSPs, Indirect CSPs, Resellers and End Customers along with two types of CSP subscriptions, let's try and understand from the chart below on the various roles and responsibilities associated with each persona and the right CSP subscription applicable for each scenario.
Azure Stack Operator
Usage and Billing
Note: When End Customer operates Azure Stack, multi-tenancy is not required. The end customer needs a CSP subscription from the CSP partner, then uses it for the initial (default) registration. Usage is billed to the Distributor or Indirect CSP.
How do you get started?
Once you have made the decision on the type of CSP model you will be operating Azure Stack, we will now dive into the nitty-gritties of how to make Azure Stack operational in this model. To be able to successfully operate and run Azure Stack, you will need to take some steps to plan on how you want to offer services and configure Azure Stack. Let's look at what are some of the key steps in this planning
- Billing: During this phase, you will need to come up with a plan on how you want to bill your end customers based on the usage of services you offer. This is where you will need to plan on how to register Azure Stack and plan the integration of your billing system. You will also need to plan on coming up with appropriate pricing model for the services you offer. During this phase you may also want to explore some of the third party billing services offered by ISVs.
- Services: In this phase you will come up with a plan on what are the various native Azure Stack services you would want to offer your end customers. You may also plan on offering differentiated value added services to your end customers. This will determine how you configure quotas, plans and offers on the Azure Stack system. For more information on how to create quotas, plans and offers please refer to this video.
- On boarding End Customers: Once you have planned on billing and services for your end customers, you will need to onboard new customers and users to your Azure Stack system. Let's look at how to do this in the following section.
Note: This blogpost assumes that you already have access to the Microsoft Partner Center and have some knowledge on CSP Program. If you need access to training materials on CSP Program please refer to the Microsoft Partner Center documentation.
Customer On boarding Flow
- First, create a CSP or APSS Subscription depending on the CSP operating model that best fits your organization from Microsoft Partner Center (For Azure Partner Shared Services subscription (APSS) - Please go through Microsoft documentation on How to create APSS Subscription)
- CSP Subscription - Please go through Microsoft documentation on How to create CSP Subscription
- Register Azure Stack against the CSP subscription as opted in Step 1. Steps on how to register Azure Stack can be found here
- After Azure Stack is registered, you need to enable multi-tenancy if you are planning to offer Azure Stack services to multiple tenants. If you don't enable multi-tenancy, all usage will be reflected against the subscription which was used for Azure Stack registration. You can refer to Microsoft documentation on How to Enable multi-tenancy
- Once multi-tenancy is enabled, you will need to first create End Customers or tenants in the Partner Center portal so that when those End Customers consume the services you offer, Azure Stack reports the usage to their CSP subscription. (You can refer to the Microsoft documentation on How to add tenants in Partner Center as shown below)
- Create an Azure subscription for each End Customer you created in the above step in Partner Center. You can refer to Creating New Subscriptions as shown below
2. Create guest users in the End Customer's directory: The reason you do this is because by default, you as a CSP will not have access to the End Customer's Azure Stack subscription. If the End Customer wants you to manage their resources they can add your account as owner/contributor to their Azure Stack subscription. In order to do that they will need to add your account as a guest user in their Azure AD tenant. It is recommended that you as a CSP use a different account other than your CSP account to manage your Enc Customer's Azure Stack subscription.
3. Update the registration in Azure Stack with the End Customer's Azure Stack subscription. By doing this End Customer's usage is tracked using the customer's identity in Partner Center thereby ensuring that usage tracking and billing is made easier. You can refer to this link on How to update Azure Stack registration
4. On board tenants to Azure Stack to enable users from multiple Azure AD tenant directory to use services you offer on Azure Stack. You can refer to the link How to Enable multi-tenancy
5. As a last step you need to ensure you are able to create a resource in the End Customer's Azure Stack subscription using the guest user account created in Step c
By now you should be all set to successfully operate and offer services on Azure Stack. To track usage and billing, CSPs can use APIs or use the Partner Center. CSPs can also work with third party billing solution providers like Cloud Assert or Exivity for a more customized billing solutions for those who need more flexibility in the pricing and billing model.
Related Blog Posts
Azure Stack with PowerScale
Tue, 04 Aug 2020 14:52:59 -0000|
Read Time: 0 minutes
Dell EMC Integrated System for Microsoft Azure Stack Hub has been at the forefront in bringing Azure to customer datacenters, enabling customers to operate their own region of Azure in a secure environment that addresses their data sovereignty and performance needs.
As data growth explodes at the edge, many of our customers are looking to process PB scale data in the context of file, image/video processing, analytics, simulation, and learning. With Azure Stack Hub, built on hyperconverged infrastructure (HCI), the need for external storage to handle this growth in data was critical. Additionally, for applications that use file storage with CIFS/NFS today, Azure files storage service is currently not supported.
As we set out to identify the right storage subsystem that met our customers’ needs (with performance, multi-tenancy, multi-petabyte scale-out storage, and advanced data management features), we did not have to look far. Dell Technologies has a large product portfolio that enables us not only to integrate with other infrastructures but to innovate in other areas to deliver the Azure consistent experience our customers expect.
With newly announced Azure Stack Hub integration with Dell EMC PowerScale, customers can run their Azure IaaS and PaaS on-premises while connecting to data that is generated and stored locally. In the context of Azure consistency, depending on your application needs, there are two ways to consume this storage.
- Azure Consistent Storage (ACS): Applications that are using Azure Block Blob storage
- Integrated NAS (File Storage): NFS and CIFS
Here are some highlights about the choices and differences:
Regardless of your protocol of choice, you have two personas engaged:
- The Azure Stack Hub Cloud administrator (screen below) is responsible for creating offers, quotas, and plans to offer the underlying storage, via subscriptions, to Azure tenants.
- The Azure Stack tenant can consume storage and be metered and billed consistent with other Azure Services. All of this, without having to manage anything in PowerScale.
With this strategy, our customers can tap into external PB storage to consume Azure Block Blob or Files via CIFS/NFS while maintaining the Azure consistent experience. Additionally, for customers looking to keep their applications in the public cloud while maintaining their data on-premises, Dell Technologies Cloud PowerScale extends OneFS running on-prem to Azure.
To read more about it, see this solution brief:
With the work Dell Technologies has been doing with Azure and Azure Stack Hub, your data is secure and compliant. You also have the choice to run your application in Azure or Azure Stack Hub and connect to your on-prem data without sacrificing bandwidth or latency.
Automated Detection of Server Configuration Drift
Sun, 21 Jun 2020 15:57:53 -0000|
Read Time: 0 minutes
Automated Detection of Server Configuration Drift
Security and compliance are key design principles of Microsoft Azure Stack Hub. The Dell EMC Integrated System for Microsoft Azure Stack Hub is engineered to meet Compliance, Regulatory, and Policy requirements of our customers.
Security posture on Dell EMC Integrated system for Microsoft Azure Stack Hub is implicit to our automated lifecycle management. Our goal is to extend and complement Microsoft’s strategy of baselining and remediating their security posture with a comprehensive drift and remediation strategy for all of our Azure Stack Hub elements.
The Automated Server Config Drift Detection feature, enabled on Dell EMC OpenManage Enterprise as part of the Dell EMC Patch and Update Automation - 2004 Release, ensures Configuration Compliance as instituted by Microsoft and Dell EMC.
Monitor & Detect, Notify, and Remediate Server configuration Drift on Azure Stack Hub are the three key outcomes of the Automated Server config drift detection feature.
- Compliance Monitoring is kicked off by automated discovery of HLH and Scale Unit nodes on Dell EMC OpenManage Enterprise (Figure 1, below).
- Configuration integrity is maintained by enabling compliance baseline templates for the HLH and Scale Unit Nodes on OpenManage Enterprise in order to track drift (Figure 2).
- Customers can view Compliance reports which display whether Server settings conform to the configuration baseline or not (Figure 3).
- Drift from any of the Server settings applied at initial deployment on the HLH or Scale Unit nodes will be automatically detected, resulting in the node being tagged as Non-Compliant (Figure 4).
- Server-drift Notification Alerts generated on OpenManage Enterprise are sent proactively via Dell Support Assist Enterprise (SAE) to Dell Technologies support.
- Customers can call Dell EMC Support to remediate non-compliance to ensure that the health and compliance status of their Azure Stack Hub continues to stay green.
Figure 1: Monitor HLH and SU nodes discovered on OpenManage Enterprise for alerts
Figure 2: Configuration Compliance status of HLH and SU nodes against configuration baseline
Figure 3: Compliance report indicating SU Node level Compliance status
Figure 4: Drill down view of Compliance report in case of Compliance failures
Future updates to the compliance baseline are seamlessly applied by means of the Dell EMC Patch and Update Automation as customers update to the latest Dell EMC Customer Toolkit.
Stay tuned as we move the needle towards a well-rounded compliance experience for our customers with similar features on ToR and Management switches in upcoming releases.