Creating an Azure account

In order to set up your first Grid Node on Microsoft Azure cloud, you first need to create a new Microsoft Azure account.

Microsoft Azure offers a free 30-day trial period to all new account holders. Go to https://www.azure.com and click the green “Start free” button.

You’ll need to supply a valid credit card. There is no charge involved with the setting up of a trial account, however Microsoft will need a card to verify your identity.

High-level architecture

The following diagram depicts high level architecture for Azure-based grid nodes. ​​

You can control the scheduling of grid nodes from your browser within the Flood UI. Flood uses credentials you provide to manage access to Azure resources using role-based access control (RBAC).

Grid node provisioning is achieved using Azure virtual machine scale sets (VMSS) and virtual networks (VNET) which let Flood manage a group of identical grid nodes in your chosen region.

A grid node is provisioned as a Standard D4 v3 VM (4xCPU + 16GiB RAM), and depending on target region and number of instances, averages 3 – 5 minutes to reach a deployed state within Azure. You can choose larger instance types depending on your tool requirements. You can also choose from different Azure-based regions.

Role Based Access Control (RBAC)

To set up RBAC for your Azure account, please use the Azure CLI and manage Azure Active Directory needed for Role Based Access Control. You will need to create service principal for your account. We suggest a name like flood-hosted-demo to differentiate Flood related services from your other resources.

Note: For better logical isolation of Flood from your other Azure services, we recommend provisioning this service principal within a separate subscription. This can help you to avoid hitting subscription limits, keeping separate environments for security, or to isolate load test infrastructure and data for compliance reasons.

az ad sp create-for-rbac --name flood-hosted-demo

You should see the following response when creating a service principal.

{
  "appId": "07742ece-acdc-436a-94af-5ddee03b8084",
  "displayName": "flood-hosted-demo",
  "name": "http://flood-hosted-demo",
  "password": "94c601ed-95db-482c-8eea-378231b2d093",
  "tenant": "8e8630be-1052-4e3a-c3p0-5eae0c503b8c"
}

Take note of the appId , password and tenant values as you will need these when configuring Flood.

Next you will need to assign the Contributor role to your service principal using the appId from the previous step as your --assignee

az role assignment create --assignee 07742ece-acdc-436a-94af-5ddee03b8084 --role Contributor

You should see something like the following response when assigning the Contributor role.

{
  "canDelegate": null,
  "id": "/subscriptions/61f9c3p0-c3p0-4e75-b39a-23fca24c154f/providers/Microsoft.Authorization/roleAssignments/da743725-a2e6-4ad0-b00f-3ca5024ccd5f",
  "name": "da743725-a2e6-4ad0-b00f-3ca5024ccd5f",
  "principalId": "f2e19908-71ca-44c1-b7fc-ac6fc8477aaf",
  "principalName": "http://flood-hosted-demo",
  "principalType": "ServicePrincipal",
  "roleDefinitionId": "/subscriptions/61f9c3p0-c3p0-4e75-b39a-23fca24c154f/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c",
  "roleDefinitionName": "Contributor",
  "scope": "/subscriptions/61f9c3p0-c3p0-4e75-b39a-23fca24c154f",
  "type": "Microsoft.Authorization/roleAssignments"
}

Take note of the subscriptions value which is 61f9c3p0-c3p0-4e75-b39a-23fca24c154f in this example.

Configuring Flood

In your integrations page, add an Azure credential, using the values you copied during RBAC creation above.

Launching Grids

You should now be able to launch hosted grid nodes in your Flood dashboard.​

Checking for Successful Deployment

A sucessful deployment of Grid nodes from the Flood dashboard will be the creation of a dynamic resource group for the Grid in your Azure portal, which will include a Virtual Machine Scale Set and a Virtual Network. You should also see a deployment flag indicating 2 sucessful deployments. We recommend not modifying any of the resources in the portal itself, as Flood will manage the complete lifecycle (creation and termination) of resources for you automatically.

Once the Grid nodes have been succesfully deployed in the Azure portal, they will report back to Flood and indiate a green, "started" status. You will then be able to select those Grids for running Flood load tests.

​Least Privileged Roles

You can further restrict a role's administrator permissions by assigning least privileged roles in Azure Active Directory (Azure AD). This can be achieved in a number of ways such as creating a custom role other than the built-in Contributor role, granting it permission and then assigning it using role assignment. This may require a Premium P1 or P2 subscription in order to create and manage the custom role(s).

By default, Flood will automatically create and tear down grid nodes at the resource group level, meaning the resource groups that contain the virtual machine scale sets will be created and destroyed whenever you start and stop a grid. These resource groups are easily identifable in your resource manager with the following naming convention: <grid-name-production-UUID>

Flood will only use the Contributor role for the resource groups that match that naming convention.