Windows Azure Pack – Website gallery issue

I had an issue with the WebSite Gallery in my Windows Azure Pack installation. When I opened the Website Gallery I had this issue:

So to check why the service didn’t work I looked into the debug log of MgmtSvc-WebAppGallery. I saw this event:

To be sure that the web service Web App Gallery worked, I opened the database to verify if items was added to Marketplaceitems table.

Moreover, in the MgmtSvc-WebAppGallery debug log, I saw these events:

At this point, I knew that WebAppGallery web service fetched items from Internet to the marketplace database. So it was not a connectivity problem (proxy etc.). To explain you the mistake, I have to describe my Windows Azure Pack installation:

Below my endpoint dns addresses:

DNS entry

Domain

Role

Admin

Home.net

Management portal for admins

auth

Home.net

AD FS

aapi

Home.net

Admin API

tapi

Home.net

Tenant API

www

Dmzhome.net

Management portal for tenants

auth

Dmzhome.net

Tenant authentication site

api

Dmzhome.net

Public Tenant API

So to connect to the WebAppGallery service installed on my privilege servers, the tenant portal uses aapi.home.net:30018 endpoint. I have reconfigured my resource provider with the below script:

Import-Module MgmtSvcAdmin
## Environment settings
# SQL Server AlwaysOn DNS Listener containing the Windows Azure Pack databases
$server="SQLAAG02.home.net"

# Admin Authentication Site
$WinAuthSiteLB = "auth.home.net"
$WinAuthSitePort = "443"
# Admin API
$AdminApiLB ="aapi.home.net"
$AdminApiPort = "443"
$adminApiUri = "https://${AdminApiLB}:$AdminApiPort"
$windowsAuthSite = "https://${WinAuthSiteLB}:$WinAuthSitePort"

# credentials for performing actions
$password = ConvertTo-SecureString "password" -AsPlainText -Force
$credential = New-Object System.Management.Automation.PSCredential ("home\rserre",$password)
$token = Get-MgmtSvcToken -Type Windows -AuthenticationSite $windowsAuthSite -ClientRealm "https://azureservices/AdminSite" -User $credential -DisableCertificateValidation
# Get a list of resource providers with the current configured endpoint values
$rp = Get-MgmtSvcResourceProvider -IncludeSystemResourceProviders -AdminUri $adminApiUri -Token $token -DisableCertificateValidation
$rp | Select Name, @{e={$_.AdminEndPoint.ForwardingAddress}}, @{e={$_.TenantEndpoint.ForwardingAddress}}

# new fqdn for resource provider marketplace
$resourceProviderName = "marketplace"
$adminEndpoint = "https://${AdminApiLB}:30018/"
$tenantEndpoint = "https://${AdminApiLB}:30018/"
$usageEndpoint = $null
$healthCheckEndpoint = $null
$notificationEndpoint = $null
$rp = Get-MgmtSvcResourceProvider -Name $resourceProviderName -IncludeSystemResourceProviders -AdminUri $adminApiUri -Token $token -DisableCertificateValidation
if ($rp.AdminEndpoint -and $adminEndpoint) {
# update endpoint
$rp.AdminEndpoint.ForwardingAddress = New-Object System.Uri($adminEndpoint)
}
if ($rp.TenantEndpoint -and $tenantEndpoint) {
# update endpoint
$rp.TenantEndpoint.ForwardingAddress = New-Object System.Uri($tenantEndpoint)
}
if ($rp.UsageEndpoint -and $usageEndpoint) {
# update endpoint
$rp.TenantEndpoint.ForwardingAddress = New-Object System.Uri($usageEndpoint)
}
if ($rp.HealthCheckEndpoint -and $healthCheckEndpoint) {
# update endpoint
$rp.TenantEndpoint.ForwardingAddress = New-Object System.Uri($healthCheckEndpoint)
}
if ($rp.NotificationEndpoint -and $notificationEndpoint) {
# update endpoint
$rp.TenantEndpoint.ForwardingAddress = New-Object System.Uri($notificationEndpoint)
}
Set-MgmtSvcResourceProvider -ResourceProvider $rp -AdminUri $adminApiUri -Token $token -DisableCertificateValidation –Force

Below the resource provider endpoints after the reconfiguration run with this script:

And it is ….. wrong. The WAP team configured me that the tenant endpoint forwarding address for the marketplace must be https://<URL>:<PORT>/subscriptions.

So I run again the above script with these settings:

# new fqdn for resource provider marketplace
$resourceProviderName = "marketplace"
$adminEndpoint = "https://${AdminApiLB}:30018/"
$tenantEndpoint = "https://${AdminApiLB}:30018/subscriptions"
$usageEndpoint = $null
$healthCheckEndpoint = $null
$notificationEndpoint = $null

Below the result after that the script was run:

End Taaadaaaa my Website Gallery works:

So don’t forget to add the /subscriptions URI in the tenant endpoint forwarding address when you reconfigure your resource providersJ.

About Romain Serre

Romain Serre works in Lyon as a Senior Consultant. He is focused on Microsoft Technology, especially on Hyper-V, System Center, Storage, networking and Cloud OS technology as Microsoft Azure or Azure Stack. He is a MVP and he is certified Microsoft Certified Solution Expert (MCSE Server Infrastructure & Private Cloud), on Hyper-V and on Microsoft Azure (Implementing a Microsoft Azure Solution).

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

x

Check Also

Windows Azure Pack – Authenticate tenants with AD FS

By default, Windows Azure Pack provides an Authentication site for tenants. This authentication site can ...

Windows Azure Pack – PowerShell tenant API

Thanks to the Public Tenant API hosted on public services tier, the tenants can use ...

Windows Azure Pack – Implement billing with Cloud Cruiser

Cloud Cruiser is software that delivers financial management for Clouds. Windows Azure Pack is able ...