Skip to content

Microsoft Azure

This document shows how to initialize new environment on Microsoft Azure.

Step 1: Prepare an Azure Environment

If you do not have an Azure account, create one.

Then follow this guide to create your Azure service principal.

We strongly recommend you to use Azure template bosh-setup to initialize the new environment on Microsoft Azure.

To prepare your Azure environment find out and/or create any missing resources in Azure. If you are not familiar with Azure take a look at Creating Azure resources page for more details on how to create and configure necessary resources:

Step 2: Deploy

  1. Install CLI v2.

  2. Use bosh create-env command to deploy the Director.

    # Create directory to keep state
    mkdir bosh-1 && cd bosh-1
    # Clone Director templates
    git clone
    # Fill below variables (replace example values) and deploy the Director
    bosh create-env bosh-deployment/bosh.yml \
        --state=state.json \
        --vars-store=creds.yml \
        -o bosh-deployment/azure/cpi.yml \
        -v director_name=bosh-1 \
        -v internal_cidr= \
        -v internal_gw= \
        -v internal_ip= \
        -v vnet_name=boshnet \
        -v subnet_name=bosh \
        -v subscription_id=3c39a033-c306-4615-a4cb-260418d63879 \
        -v tenant_id=0412d4fa-43d2-414b-b392-25d5ca46561da \
        -v client_id=33e56099-0bde-8z93-a005-89c0f6df7465 \
        -v client_secret=client-secret \
        -v resource_group_name=bosh-res-group \
        -v storage_account_name=boshstore \
        -v default_security_group=nsg-bosh

    If running above commands outside of a connected Azure network, refer to Exposing environment on a public IP for additional CLI flags.

    See Azure CPI errors for list of common errors and resolutions.

  3. Connect to the Director.

    # Configure local alias
    bosh alias-env bosh-1 -e --ca-cert <(bosh int ./creds.yml --path /director_ssl/ca)
    # Log in to the Director
    export BOSH_CLIENT=admin
    export BOSH_CLIENT_SECRET=`bosh int ./creds.yml --path /admin_password`
    # Query the Director for more info
    bosh -e bosh-1 env
  4. Save the deployment state files left in your deployment directory bosh-1 so you can later update/delete your Director. See Deployment state for details.