Skip to content

Microsoft Azure

The azure CPI can be used with Microsoft Azure.

Concepts

The following table maps BOSH concepts to their Azure-native equivalents.

BOSH Microsoft Azure
Availability Zone Availability Zone
Virtual Machine Virtual Machine
VM Config Metadata BOSH Registry
Network Subnet Virtual Network Subnet
Virtual IP Public IP
Persistent Disk Disk Storage and Managed Disks
Disk Snapshot Managed Disk Snapshot
Stemcell Disk Storage Blobs and Managed Disk Blobs

Feature Support

The following sections describe some specific BOSH features supported by the CPI.

Network

The CPI supports multiple NICs being attached to a single VM.

Network Type Support
Manual Multiple networks per instance
Dynamic Multiple networks per instance
VIP Single network per instance

Encryption

Managed Disks

When using Managed Disks, encryption is automatically used by all disks and cannot be disabled. All aspects of the encryption are internally managed by Azure.

Disk Type Encryption Customer-managed Keys
Root Disk Required, default Not Supported
Ephemeral Disk Required, default Not Supported
Persistent Disk Required, default Not Supported

Storage Accounts

When using Storage Accounts, encryption keys can be managed through the Azure Key Vault to ensure disks are encrypted. There are no specific properties which need to be configured through CPI configuration.

Disk Type Encryption Customer-managed Keys
Root Disk Required, default Supported
Ephemeral Disk Required, default Supported
Persistent Disk Required, default Supported

Key Rotation - encryption keys can be configured and rotated from within the Azure Portal (learn more), and Azure transparently handles re-encryption of data.

Miscellaneous

Feature Support
Multi-CPI Not Supported
Native Disk Resize Not Supported
Generic VM Resource Configuration Supported, v33+