Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
[This topic provides preliminary content for the beta release of the Windows Azure VM role feature. To join the beta, log on to the Management Portal, click Home, and then click Beta Programs.]
The Windows Azure Integration Components must be installed to your Windows Server 2008 R2 image before it can be uploaded to Windows Azure. The Integration Components run on each service instance that is created from your image and handle integration between the service instance and the Windows Azure environment.
The following sections describe the features supported by the Windows Azure Integration Components
Support for Windows Setup on Deployment
When a server instance is first brought online, the generalized image that is used to create the server instance must run through a Windows setup specialization phase. This specialization phase is performed by the System Preparation Tool (sysprep), provided by the Windows Azure Integration Components.
In order to automate the specialization phase, the Windows Azure Integration Components install an answer file to the root directory of the server instance. This answer file is by default named c:\unattend.xml. It may be customized while you are preparing your image on-premises.
The answer file provides a set of default Windows configuration settings during the specialization phase that sets up Windows. These default settings include:
Setting the system locale to EN-US.
Setting the system time zone to UTC.
Turning off Windows Update.
Setting the administrator password.
Note that the Administrator account is disabled once you deploy your image to Windows Azure. However, if, during the process of preparing your image, you generalize it, then specialize it again, the administrator password is needed for the specialization pass.
Support for Interacting with the Windows Azure Environment
The Windows Azure Integration Components install the service runtime APIs to the image, so that the server instance may gather dynamic information from the Windows Azure environment. The service runtime APIs provide access to service configuration information such as the values of configuration settings; to role instance information such as the role instance ID and the upgrade domain that the instance belongs to; and to network address information for all server instances and web and worker role instances in the service deployment.
Note that the service runtime API is accessible only to code that's running under an Administrator or LocalSystem account in your server instance.
Support for Local Storage Resources
The Windows Azure Integration Components create any named local storage resources that you have defined in your service model for your VM role. You can access local storage resources from within your server instance at c:\Resources\<resource-name>.
When your server instance is first brought online, access to the local resource directory is restricted to the Administrator account. Your code should modify the security settings for the directory if a process running in a lower-privilege account will need to access it.
The Integration Components also create the system local storage resources where diagnostic data is written while your server instance is online.
Support for Certificate Installation
The Windows Azure Integration Components install any certificates that you have specified in your service definition to the LocalMachine store location for your server instance. You can specify that a certificate should be installed to a preexisting certificate store name, or you can specify a custom store name. For details on specifying certificate store location and name in your service definition file, see Windows Azure Service Definition Schema.
Note
All certificates are installed to the LocalMachine store location; it's not possible to install certificates to the CurrentUser store location or any other store location.
A certificate that you install to your server instance must first be uploaded to your Windows Azure certificate store for your hosted service. All certificates must be installed from the Windows Azure certificate store.
Note
Installing a certificate to your image is not recommended. The System Preparation Tool (sysprep), which must be run to generalize your image before it is deployed to Windows Azure, destroys private key information.
Any obsolete or expired certificates are archived on your server instance. An archived certificate is still accessible via its thumbprint. When the server instance is reimaged, any archived certificates are installed to the new incarnation of the server instance as archived certificates.