Azure VM Deployment
How to deploy OpenOps on Azure Virtual Machines
This guide is for testing and evaluation purposes only and is not intended for production deployments. Please reach out to us at support@openops.com if you’d like to learn how to set up OpenOps in a production environment.
This guide explains how to install the OpenOps Docker Compose release on a newly created Azure VM.
You’ll need relevant permissions to create a new VM, edit its networking settings, and set up required permissions for Cloud Shell.
Initial deployment
Create a new virtual machine
- Navigate to Create a virtual machine in Azure.
- Name your machine and select the latest Ubuntu Server as the image. Choose a size with at least 2 CPUs and 8GB of RAM. Other settings can be left as default.
- Click Review + create at the bottom, then Create to create the machine. You will be asked to download the private key. You may see a warning about leaving port 22 (SSH) open. For production use, it’s recommended to open this port only to relevant IPs, depending on your network configuration. In this guide, we’re using CloudShell to connect to the machine, so the port needs to remain open.
- Once the machine is created, click Go to resource, then navigate to Networking > Network settings and Create port rule > Inbound port rule to set the required destination port to 80. You can open the port to everyone, to your personal IP address only, or to a preferred range. Click Add to create the rule.
Connect to the virtual machine with Cloud Shell
- Under Overview, select Connect and SSH using Azure CLI to open the Cloud Shell inside Azure Portal. After a quick validation and setup, CloudShell should open and connect to the machine.
- Ensure you’re using the Bash shell by running the following command (you may need to paste it using a right-click instead of Ctrl+V):
Automatically install OpenOps
Run the following command to install, configure and run OpenOps:
Manually install OpenOps
Alternatively, you can follow the manual installation steps:
- Install the
unzip
utility: - Create a new directory and download the OpenOps release files:
- Edit the application URL to use the machine’s public IP address:
- Open the
.env
file in the OpenOps installation folder. Change the values of the following variables that represent credentials. Do it now, as you won’t be able to change these values after the initial deployment:OPS_OPENOPS_ADMIN_EMAIL
: the email of your OpenOps installation’s root admin account.OPS_OPENOPS_ADMIN_PASSWORD
: the password of your OpenOps installation’s root admin account.OPS_POSTGRES_USERNAME
: the username of the Postgres database that OpenOps uses.OPS_POSTGRES_PASSWORD
: the password of the Postgres database that OpenOps uses.OPS_ANALYTICS_ADMIN_PASSWORD
: the password of the OpenOps Analytics admin account (the username is hardcoded toadmin
).
- Install Docker using Snap:
- Pull the images and run the Docker containers (rerun the pull command if you encounter a rate limit):
You can now access the application by navigating to the public IP address of your virtual machine, for example, http://20.20.20.20
. If you did not update credentials in the .env
file, the default username is admin@openops.com
and the password is please-change-this-password-1
.
Getting credentials for Azure connections
See this guide.
Using Azure CLI in workflows: running with local credentials
It is possible to share your local Azure session with the OpenOps platform for local applications.
To do this, set the following environment variables in the .env
file in the installation folder:
OPS_ENABLE_HOST_SESSION=true
. This enables sharing of the host session with the platform container.HOST_AZURE_CONFIG_DIR=/root/.azure
. This defines the path to the host machine’s Azure configuration folder that will be shared with the platform container.
Before running OpenOps, log in to Azure from your VM:
After making any changes to the .env
file, restart the OpenOps containers:
TLS
For production usage, it’s recommended to enable TLS (HTTPS). You can achieve this by adding an Azure Application Gateway to serve traffic to your VM.
Without TLS, cloud templates may not load properly when using the Safari browser.
Updating OpenOps to a newer version
See Updating OpenOps.
Support
Feel free to join our Slack community if you have any questions or need help with the installation.