Please use the form below to provide your feedback. Because your feedback is valuable to us, the information you submit in this form is recorded in our issue tracking system (JIRA), which is publicly available. You can track the status of your feedback using the ticket number displayed in the dialog once you submit the form.

Couchbase Capella: Azure Cloud Connection Prerequisites

    +

    This information is for anyone still using Couchbase Server 6.6, hosted in their own cloud provider’s VPC. It does not apply to Couchbase 7.0, hosted in Couchbase’s VPC and fully managed for you.

    For further information contact Couchbase.

    The easiest way to get started with Capella, our fully managed DBaaS, is hosting in Couchbase’s Cloud.

    There are three prerequisites for the Azure Cloud connection with Couchbase Capella.

    1. You must register the Microsoft.ContainerService Resource Provider for your subscription. This provider is necessary to enable Capella to use the Azure Kubernetes Service (AKS).

    2. You must register the Enterprise Application from Couchbase Capella. This enables the registration of an Application in the Azure Tenant at the time of connecting Capella with Azure. The Application in the Tenant allows Capella to provision infrastructure within the Tenant level. There will be one Enterprise Application and one Application per Tenant that Capella has a cloud connection to.

    3. You must ensure that the Azure account used when making a connection between Couchbase Capella and Azure has “Owner” privilege on the subscription in that user’s tenant. This is necessary for the Azure Resource Manager (ARM) Template to execute and create the infrastructure necessary for Capella to use Azure.

    Before starting this process, make sure you have the following:

    • An Azure user account with the Global Administrator role on the tenant that will be used with Couchbase Capella.

    • An Azure user account that will be used when creating Azure cloud connections for Capella.

    • The Azure CLI installed or use of Azure Cloud Shell Feature (more information on the CLI here: https://docs.microsoft.com/en-us/azure/cloud-shell/overview).

    Register the Microsoft.ContainerService Resource Provider

    1. Go to the Azure portal and login with a user account that has the Global Administrator role.

    2. On the Home dashboard, click Subscriptions.

      Select subscriptions on the Home dashboard

    3. On the Subscriptions screen, select the subscription you want to use with Couchbase Capella by clicking its name.

      Select the subscription you want to use with Couchbase Capella

      The properties for your subscription will display.

    4. In the left side navigation, select “Resource Providers”. A list of resource providers will display in the main panel.

      In the “Filter by name” text box, type “Microsoft.ContainerService”, this will filter the list to just that service.

      Click on “Microsoft.ContainerService” in the Provider list, then click “Register” to register the service.

      Select the Microsoft.ContainerService from the list of resource providers and click "Register".

    Register the Couchbase Capella Enterprise Application

    1. Install the Azure CLI

      If you are using Azure Cloud Shell or the Azure CLI is already installed, this step can be skipped.

      Copy, paste and run the following code in a terminal shell:

      • Mac OS

      • Windows Powershell(as Administrator)

      brew update && brew install azure-cli
      Invoke-WebRequest -Uri https://aka.ms/installazurecliwindows -OutFile .\AzureCLI.msi; Start-Process msiexec.exe -Wait -ArgumentList '/I AzureCLI.msi /quiet'; rm .\AzureCLI.msi

      For more information on the Azure CLI or to install on other OS’s, go the Azure CLI page here.

    2. Login to Azure

      Once the CLI is installed, you can log in to Azure.

      At the command prompt, type az login and press the Enter key.

      Your browser window will open and you will be prompted to login to Azure. You must use an account that has the Global Administrator role for your Azure tenant.

      Once you are authenticated, the terminal window displays a message as shown:

      Upon successful authentication

    3. Register Couchbase Azure Enterprise Application

      The Couchbase Capella app needs to be registered as an Enterprise Application (service principal) in your Azure tenant.

      The Couchbase Azure App ID is: 8e365e8c-03f4-4f5e-ae3f-b432805a56e5

      At the command prompt, copy, paste and run the following command:

      az ad sp create --id 8e365e8c-03f4-4f5e-ae3f-b432805a56e5

      You should see information about the Couchbase Capella Enterprise App on the terminal window as shown:

      Information about the Couchbase Capella Enterprise App is displayed on the terminal
      An error message Insufficient privileges to complete the operation. at this point indicates that your Azure login lacks the Global Administrator role. You must try again with the appropriate role.

    Once the Couchbase Capella Enterprise Application is registered, you must grant Admin Consent for the application. This enables the registration of an Application in the Azure Tenant at the time of connecting Couchbase Capella with Azure. The Application in the Tenant allows Couchbase Capella to provision infrastructure within the Tenant level.

    1. Log in to the Azure Portal as a user who has the Global Administrator role.

    2. In the portal, select Enterprise Applications , in the left side navigation select “All Applications”.

      All Enterprise Applications will be listed.

      The Enterprise Applications are listed

    3. In the filter text box above the list of Enterprise Applications, enter the application ID 8e365e8c-03f4-4f5e-ae3f-b432805a56e5.

      The "Couchbase Capella" Enterprise Application will be listed.

      The Couchbase Capella Enterprise Application is listed

    4. Click on the "Couchbase Capella" Enterprise Application in the list, the Overview screen displays.

      Click "Permissions"” in the left side navigation.

      Click "Permissions" on the Overview screen

    5. Click the button labeled "Grant Admin Consent for Couchbase, Inc."

      Click the button "Grant Admin Consent for Couchbase

    6. You will be prompted to log in to your account again. Ensure that you are using the same Azure user account with the Global Administrator role. After logging in, you will see a permission acceptance dialog.

      After logging in

      Click "Accept".

    7. In the Azure portal on the Enterprise Applications Permissions screen, click "Refresh". The permissions for the Couchbase Capella Enterprise Application are displayed.

      The permissions for the Couchbase Capella Enterprise Application are displayed.

    Grant Azure User Owner Privilege to Subscription

    Lastly, you must grant the "Owner" privilege to the Azure user account that will be creating the connection to Azure in Couchbase Capella (this assumes that you will be using a different Azure user account to create a connection in Couchbase Capella).

    1. Login to your Azure Cloud Portal as an existing administrator of the subscription that will be used with Couchbase Capella.

    2. Click "Subscriptions".

      Select subscriptions on your Azure Cloud Portal home

    3. On the Subscriptions screen, click on your account subscription name in the subscriptions list.

      Select your account subscription

      The properties for your subscription are displayed.

      The properties for your subscription are displayed

    Add Azure User as an Owner of the Subscription

    1. In the left side navigation, select “Access Control (IAM)" and click “Add”.

      Select “Access Control (IAM)" in the left navigation and click “Add”

    2. In the dropdown menu select “Add role assignment”.

      Select “Add role assignment” from the drop-down menu

      The Add Role Assignment fly-out displays.

    3. Under “Role” select “Owner”, then search for and select the user you want to grant the “Owner” role to from the list.

      Select the user you want to grant the owner role to.

    4. Click Save.

      Click Save

    5. To verify, select Access Control (IAM ) once more and then click View from the View access to this resource box.

      Verify by clicking View from the "View access to this resource" box

      You should see the user listed as an Owner.

      Verify that the user is listed as an Owner

      Use this account when adding an Azure cloud to Couchbase Capella.

    Here are some additional notes on this process:

    • Couchbase Capella Enterprise Application has the following roles assigned to it

      • Application administrator

      • Cloud application administrator

      • Reports reader

    • The Application, created from the Couchbase Capella Enterprise Application, has the following roles assigned to it:

      • Application administrator

      • Cloud application administrator

    • The Application is created at the moment when you connect your Azure cloud to Couchbase Capella.

    • If the Couchbase Capella Enterprise Application is later deleted, no new Cloud connections can be created to your Azure Cloud; existing connections will still function so long as the Application within each Tenant has also not been deleted.

    Well done! Now you are ready to go through the Getting Started with Couchbase Capella Free Trial tutorial and deploy a cloud on your Azure account -- if you have already followed the Create Account step, jump straight in to the Deploy Your First Cluster page, and follow the Azure instructions there.