Note: See Initializing BOSH environment on Azure for using bosh-init instead of CLI v2. (Not recommended)

This document shows how to initialize new environment on Microsoft Azure.

Step 1: Prepare an Azure Environment

If you do not have an Azure account, create one.

Then follow this guide to create your Azure service principal.

We strongly recommend you to use Azure template bosh-setup to initialize the new environment on Microsoft Azure.

To prepare your Azure environment find out and/or create any missing resources in Azure. If you are not familiar with Azure take a look at Creating Azure resources page for more details on how to create and configure necessary resources:

Step 2: Deploy

  1. Install CLI v2.

  2. Use bosh create-env command to deploy the Director.

    # Create directory to keep state
    $ mkdir bosh-1 && cd bosh-1
    # Clone Director templates
    $ git clone
    # Fill below variables (replace example values) and deploy the Director
    $ bosh create-env bosh-deployment/bosh.yml \
        --state=state.json \
        --vars-store=creds.yml \
        -o bosh-deployment/azure/cpi.yml \
        -v director_name=bosh-1 \
        -v internal_cidr= \
        -v internal_gw= \
        -v internal_ip= \
        -v vnet_name=boshnet \
        -v subnet_name=bosh \
        -v subscription_id=3c39a033-c306-4615-a4cb-260418d63879 \
        -v tenant_id=0412d4fa-43d2-414b-b392-25d5ca46561da \
        -v client_id=33e56099-0bde-8z93-a005-89c0f6df7465 \
        -v client_secret=client-secret \
        -v resource_group_name=bosh-res-group \
        -v storage_account_name=boshstore \
        -v default_security_group=nsg-bosh

    If running above commands outside of a connected Azure network, refer to Exposing environment on a public IP for additional CLI flags.

    See Azure CPI errors for list of common errors and resolutions.

  3. Connect to the Director.

    # Configure local alias
    $ bosh alias-env bosh-1 -e --ca-cert <(bosh int ./creds.yml --path /director_ssl/ca)
    # Log in to the Director
    $ export BOSH_CLIENT=admin
    $ export BOSH_CLIENT_SECRET=`bosh int ./creds.yml --path /admin_password`
    # Query the Director for more info
    $ bosh -e bosh-1 env
  4. Save the deployment state files left in your deployment directory bosh-1 so you can later update/delete your Director. See Deployment state for details.

Back to Table of Contents

Previous: Create an environment

Contribute changes to this page