Introduction
Microsoft released Technical Preview 2105 last week and it had a bunch of updates, one of which is related to being able to select the size of your CMG virtual machine in Azure as long as it’s configured to use a virtual machine scale set.
When creating a CMG you get to choose how you want to deploy your cloud services, and there are two options available, shown below.
If you choose Virtual machine scale set you get more options to grow than with the older Cloud service (classic) option and indeed, Virtual machine scale set is the default option.
But what are Virtual machine scale sets ? let’s see what Microsoft says about it.
Azure virtual machine scale sets let you create and manage a group of load balanced VMs. The number of VM instances can automatically increase or decrease in response to demand or a defined schedule. Scale sets provide high availability to your applications, and allow you to centrally manage, configure, and update a large number of VMs. With virtual machine scale sets, you can build large-scale services for areas such as compute, big data, and container workloads.
Back to Technical Preview 2105, with this release you can now choose the virtual machine (VM) size when creating a CMG. The following three options are available:
This control gives you greater flexibility with your CMG deployment. You can adjust the size for test labs or if you support large environments. For example, the smaller Lab size is ideal for testing with a smaller number of clients at less cost. For production deployments, either use the default Standard size or add more capacity with the Large size.
Creating a new CMG
Note: Only one type of CMG is supported per site, as per planning docs here. This is a lab and I will remove the Cloud service (classic) CMG shortly due to the documented known issue with the Cloud service (classic). However, for now they’ll be together, but keep in mind, mixing CMG types is not supported.
For this blog post we’ll look at how the process works when creating a new VMSS CMG. So, here we will create a new CMG for the Lab scenario. Labs will get the B2s scale set. If you are wondering what B2s means, see the following.
So based on that table, a standard B2s will get 4 GB of ram, 2 vCPU and 8 GB of temp storage.
In the Technical Preview console, navigate to Cloud Services and choose to Create a Cloud Management Gateway.
Tip: If you’d like help with learning how to create a Cloud Management Gateway please check here.
In my screenshot below I’ve logged in to my tenant using my Azure id, and I’m going with the default option of Virtual machine scale set for the new CMG.
Note: I already have a CMG deployed in this tenant, however it is a Cloud services (classic) type, and there’s a known issue with this release which directly affects this type of CMG.
Click Next and point to the extracted pfx certificate and fill in the appropriate details, notice how the VM size has a dropdown menu, and the default is Lab (B2S). Don’t forget to also add your certificate(s) for the cloud service.
Click through the wizard until completion.
In the MEMCM console you’ll see the new CMG has a status of Provisioning and if you look closely you’ll see the Deployment Model is Virtual machine scale set
a quick look at the CloudMgr.log reveals two interesting things…
- The cmgnoob (cloud service (classic)) CMG is having issues even though listed as ‘Ready’ in the console (this is a known issue in TP2105)
- The virtualmachinescaleset (Virtual machine scale set) CMG is not done yet…
My new CMG was stuck in provisioning because I forgot to upload my Root certificate and Issuing CA (intermediate) certificate, once I did upload them, provisioning completed very fast…
If you configured everything correctly after a couple of minutes you’ll see that the deployment of the new CMG is ProvisioningState/succeeded.
and in the console, it’s reflected as being in a status of Ready.
After doing this a couple of times I removed my Cloud service (classic) CMG and replaced it with the Virtual Machine Scale Set CMG. Here’s the end product.
TIP: If you are creating a new CMG using Virtual Machine Scale Set, make sure to check the region and prepend your cname with that, eg: my VMSS CMG region is in West Europe so the Deployment Name is virtualmachinescaleset.westeurope.cloudapp.azure.com and your cname must reflect that otherwise your connection point will fail.
Related reading
- https://docs.microsoft.com/en-us/mem/configmgr/core/clients/manage/cmg/server-auth-cert
- https://docs.microsoft.com/en-us/mem/configmgr/core/clients/manage/cmg/plan-cloud-management-gateway#virtual-machine-scale-sets
- https://docs.microsoft.com/en-us/mem/configmgr/core/clients/manage/cmg/data-flow#internet-access-requirements
Overall, it’s great to see the CMG advances taking place with Endpoint Manager, here’s to the next Technical Preview.
Hi Niall,
Thanks for the posts, I have found them to be most helpful. I was wondering if you can answer a question. I am planning to stand up a CMG in the near future and I am wondering if I should use a VMSS vs a classic deployment. From what I understand, Azure customers that have a CSP (which I don’t have) can implement a CMG if they configure it as a VMSS because, I think, a classic deployment isn’t supported. I’ve read on some forums that it is recommended to use a classic CMG when standing up a new one. In addition, most, if not all blogs that describe standing up a CMG that I have read, are all written with the steps to use a classic deployment and make little mention of using a VMSS. Having said this, can you help me to understand the best option to use? Thanks for your help.
hiya,
the Cloud service (classic) CMG is still supported, but as you can see more and more features are being added to the newer VMSS CMG as that is the direction Microsoft are going. If I was creating a new CMG today I would vote for a VMSS CMG unless you had a compelling reason not to. It’s been available in ConfigMgr since version 2010. For more info see below: CMG deployments with the cloud service (classic) method don’t support subscriptions for Azure Cloud Service Providers (CSP). The CMG deployment with Azure Resource Manager continues to use the classic cloud service, which the CSP doesn’t support. For more information, see Azure services available in the Azure CSP program. In version 2006 and earlier, this deployment method is the only option.
Starting in version 2010, customers with a Cloud Solution Provider (CSP) subscription can deploy the CMG with a virtual machine scale set in Azure. For more information, see Topology design: Virtual machine scale sets.
via > https://docs.microsoft.com/en-us/mem/configmgr/core/clients/manage/cmg/supported-configurations
Any idea how we could RDP into the servers within the VMSS? We could with the old classic service.
first of all why do you think you need to RDP into this server ? let me know before I reply