Provisioning on Microsoft Azure

The following is a step-by-step tutorial to get you started with ComodIT and provision your first host on Microsoft Azure. If you get into troubles while following this guide, have a look at our support section for help.

Warning! Keep in mind that provisioning machines on Azure may cost money. It is a good practice to keep an eye on your Azure dashboard to be sure you do not have unwanted instances running.

1. Pre-requisites

a. You have a ComodIT account

We assume that you already have created an account on ComodIT and verified your email by clicking the link we sent you. If you have issues subscribing to our service, please contact support.

b. You have a Microsoft Azure account

We also assume that you have a Microsoft Azure account you access via At this stage, you can already take note of some parameters that will be needed later:

  • The subscription ID
    • In Azure dashboard’s main menu, select “Billing” (you might have to click on “More services”) and, in “My subscriptions” panel, locate the subscription you want to use and copy related subscription ID.
  • The tenant ID
    • In Azure dashboard’s main menu, select “Azure Active Directory” (you might have to click on “More services”) and, in the sub-menu, select “Properties”. The value named “Directory ID” is your tenant ID

c. Registered resources provider

When create subscription (free or paid) make sure every needed “resources provider” are registered within your subsciption. (A Resource Provider (RP, for short) is simply an HTTPS RESTful API contract that Add-on owners will implement so a trusted Azure endpoint can provision, delete, and manage services on a user’s behalf.).

You can see the registration status and register a resource provider namespace through the portal.

Select “All services” and click on Subscriptions.

For your subscription, select Resource providers.

Look at the list of resource providers, and if necessary, select the Register link to register the resource provider of the type you are trying to deploy (ad minima : Microsoft.Network, Microsoft.Storage,Microsoft.Compute).

d. You have a Resource Group defined in your Azure account

In order to define a clear scope for the resources managed by ComodIT, you should define a Resource Group ComodIT will manage.

In Azure dashboard’s main menu, select “Resource Groups” (you might have to click on “More services”). If none is listed, please create one. Take note of the Resource Group’s name and location, you will need them later. Also, all resources created below should be located in the same location as the Resource Group.

e. You have an Application with proper access to above Resource Group

In order to grant a secure access to your Resource Group, you’ll need to define an Application and its associated key.

  • In Azure dashboard’s main menu, select “Azure Active Directory” (you might have to click on “More services”) and, in the sub-menu, select “App registrations”.
  • Click on “New application registration” to define a ComodIT Application.
    • Enter name “ComodIT” (or whatever name that suits you the best),
    • select Application type “Web app / API” and
    • enter “” as sign-on URL.
  • Once the application has been created, select it:
    • In the details, copy the application ID for later.
    • In the settings, go to “Keys” section
      • Enter a description and an expiration date
      • Save the key and take note of the generated token, this is the application key.
  • Grant the application access to above Resource Group:
    • Select the Resource Group,
    • in the “Access Control (IAM)” section, add ComodIT Application as a Contributor.

e. You have a Virtual Network and at least one Subnet defined

To define the network the virtual machines created by ComodIT will be attached to, a virtual network and a subnet should be created.

  • In Azure dashboard’s main menu, select “Virtual Networks”,
  • If none is already defined and attached to your Resource Group, create one and attach it to the Resource Group. We recommend the address space for the virtual network and for the sub-net. Copy the subnet name for later, it will used to configure your host.

f. You have a Network Security Group defined

To secure the remote access to the virtual machines created by ComodIT, a Network Security Group (NSG) should be defined.

  • In Azure dashboard’s main menu, select “Network Security Groups” (you might have to click on “More services”),
  • If no NSG is available in your Resource Group, create one and attach it to existing Resource Group.
  • Review your inbound and outbound security rules. You might for instance only allow (i.e. add) SSH and HTTP in-bound traffic.

2. Log-in to ComodIT

If you log-in for the first time in ComodIT, a dialog pops up and invites you to create your first organization. It will keep on re-appearing as long as you don’t have at least one organization in your account (either you have created it, or someone adds you to an existing organization).

2.1. Create your first organization

If you don’t yet have one, you first have to create a new organization. This organization will act as a container for your ComodIT resources. The organization can be shared between multiple users. Pick a name (has to be unique within the whole of ComodIT) and enter a short description (this is not required). When your new organization is created, it will also be populated with a sample distribution and application so that you can quickly start provisioning your first host.

3. Create your Azure platform

Now that you have an organization, you can add an Azure platform to it. A platform describes a target (physical, virtual or cloud) where hosts can be deployed by ComodIT. To add a new one to your organization, go within the ‘Platforms’ section and click the Add button.

Pick a name and enter a description for this new platform. Then select the ‘Azure Compute’ driver in the drop down list and add requested data (see above sections). If you want to work with multiple Resource Groups and locations, you will have to create additional platforms later. When done, click Add.

Warning! If you get an error message at this stage; it probably means that ComodIT failed to contact Azure's API. Check entered parameters.

4. Create your Azure distribution

The final step before you can create a new host to deploy on Azure is to define the operating system you want to install. To do so, you have to define a new ComodIT distribution. Go to section “Distributions” in ComodIT dashboard and click the ‘Add’ button. Enter a name, a description and select the ‘Azure Image’ flavor.

An Azure image is identified by a publisher, an offer, an SKU and a version. You can obtain a list of images by using Azure’s CLI. You can, for instance, use the official Ubuntu 16.04 image from Canonical Ltd with the following parameters:

  • Offer name: UbuntuServer
  • Publisher name: Canonical
  • SKU name: 16.04-LTS
  • version: latest

The newly created distribution allows you to deploy a host in Azure. However, we still need a little bit of additional work to install ComodIT’s agent on it. The following instructions are valid for above image parameters and might need to be adapted for other images.

In the distribution, click on the ‘Files’ tab and add the 2 files below.

Warning! File names are case sensitive.


register = True
host =
username = ${_org.access_key}
password =  ${_org.secret_key}
uuid= ${_host.uuid}



locale: en_US.UTF-8

  - path: /tmp/comodit.gpg
    content: |
       Version: GnuPG v1

       -----END PGP PUBLIC KEY BLOCK-----

<#if _applications.packages??>
<#list _applications.packages as _pack>
 - ${_pack}

 - add-apt-repository "deb xenial main"
 - apt-key add /tmp/comodit.gpg
 - apt-get update
 - apt-get install -y comodit-agent
 - wget "${_urls["agent.conf"]}" -O /etc/comodit-agent/comodit-agent.conf
 - /usr/bin/comodit-agent --uri ${_setup_url}
 - systemctl start comodit-agent

5. Create a new host

You are now ready to provision your first host with ComodIT. Go to the ‘Hosts’ section and click the Add button. A wizard will guide you to prepare your host configuration.

You can leave the environment as Default, pick a name and enter a short description. Environments help you group hosts within your organization (e.g. by type, geographies, teams, etc.). The name of the host has to be unique within a given environment. When you are done, click Next.

6. Pick a platform

The next step in the host creation process is to decide where you want to deploy the machine and its hardware characteristics. In this case, pick the Azure platform you have just created. Complete requested parameters and click Next.

7. Pick a distribution

You must now pick a distribution (i.e. an operating system) to install on this machine. Just select the one create previously (which has no parameters) and click Finish.

8. Deploy the host

Your host is now ‘defined’ within ComodIT. This means that the description (platform, distribution, settings) has been stored in your organization. The next step for you is to trigger the deployment process. To do so, click on the host and pick the ‘Deploy’ action from the ‘Host Actions’ menu. Click Ok and ComodIT will start the deployment. If you double check within your Azure dashboard, you should see that additional resources are being created.

Warning! This process might take several minutes. Do not interrupt it, otherwise ComodIT will not be able to manage the resources created before the interruption.

9. Host is ready for use

At the end of the install process, the machine reboots. When ready, a green light appears in the State column and the host becomes ‘ready’. This means that the machine has been successfully deployed, our ComodIT agent has been installed, and is now connected. If we loose the connection, the State turns into a orange light. If compliance issues are detected on the host, it turns into a red light.

Note You may still have to wait a couple of minutes before the green light actually appears. Do not forget to click on the 'Refresh' button.