Az-HOP in the Azure Marketplace

This post has been republished via RSS; it originally appeared at: New blog articles in Microsoft Community Hub.

Az-HOP in the Azure Marketplace




Azure HPC On-Demand Platform, or Az-HOP, provides an end-to-end deployment mechanism for a base HPC infrastructure on Azure. The platform includes a Terraform and Bicep version for deploying the infrastructure and Ansible is used for configuration and setup. An Azure Marketplace deployment has been created to simplify the deployment process. This is based on the Bicep version and will deploy a virtual machine that will automatically run the Ansible deployment.


This document describes the steps for how to deploy Az-HOP from the Azure Marketplace. For more information on the features and capabilities of Az-HOP, please refer to this Blog post or the Az-HOP documentation.




Navigate to the Azure portal. Click on Marketplace and search for azhop.


Az-HOP deployment wizard: Home DirectoryAz-HOP deployment wizard: Home Directory


Click on Create to open the deployment wizard. Az-HOP resources will all be deployed into a single resource group. However, the deployment is at the subscription scope as it will add subscription reader access to the Azure Cyclecloud managed identity and can peer to another network if that option is chosen. The subscription reader permission is required by Azure Cyclecloud to accept an image plan when deploying virtual machines. By deploying at the subscription scope will mean everything is deployed in a single step.


Az-HOP Wizard: Basics


Az-HOP deployment wizard: Home DirectoryAz-HOP deployment wizard: Home Directory


The Basics tab is where the subscription, region, resource group name. The admin user is local admin user on the virtual machines that are deployed.


The default option is to autogenerate ssh keypairs and passwords required. If this option is chosen they will be stored in the Azure Key Vault that is created in the Az-HOP resource group. Alternatively, this option can be unchecked and the ssh keypair and password can be provided.


They Azure Key Vault requires the access policies to include any users that will need to access the key vault. Add the Object ID of the in the Additional Keyvault Reader input box. To get the currently signed in user with the Azure CLI use the following command:


az ad signed-in-user show --query id -o tsv


The Branch Name reflects the branch in the Az-HOP git repository. Leave this as main or set to one of the release branches.


Az-HOP Wizard: Home Directory


Az-HOP Wizard: Home DirectoryAz-HOP Wizard: Home Directory


Select the storage type, mount point and capacity of the file system for the home directories. Either Azure Files or Azure Netapp Files can be selected.


Az-HOP Wizard: Network


Az-HOP Wizard: NetworkAz-HOP Wizard: Network


The default network option is to create a public IP address for the On-Demand portal and another for the deployer virtual machine. Choose the CIDR prefix for the network and the base IP address. The CIDR prefix will determine how large your compute can scale as half the IP range will be allocate for the compute virtual machine subnet.


If public IP addresses are not enabled there will be an option to peer to an existing network. This requires the addition information for resource group and virtual network name. This can be used where a virtual network is already available with access through either a VPN or ExpressRoute.


Az-HOP Wizard: Review + create


Review the options and click Create to start the deployment.


Monitoring the Installation


The infrastructure should deploy in around 10 minutes and, while it will show Your deployment is complete, it will take up to 40 minutes to run ansible to perform the installation and configuration of the virtual machines.


The progress of the installation can be monitored by loggin in to the deployer virtual machine. The deployer virtual machine uses port 8822 for ssh. The private key is either the one generated by the deployment or the one provided. The autogenerated one will be a secret in the Azure Keyvault that has been created (${ADMIN_USER}-privkey). Copy the contents into a file and make sure to set the correct permissions before running ssh (chmod 600 $SSH_PRIVATE_KEY_FILE). The $ADMIN_USER is the admin user provided in the deployment wizard.




The install script is run as a cloud-init script and the output is written to /var/log/cloud-init-output.log. The log file can be tailed to monitor the progress:


tail -f /var/log/cloud-init-output.log


The ansible log will be in the output and, once the script has completed, cloud-init will report the script has completed:


Command succeeded!
Cloud-init v. 23.1.2-0ubuntu0~20.04.1 running 'modules:final' at Mon, 22 May 2023 14:17:14 +0000. Up 894.13 seconds.


Accessing the On-Demand portal


The marketplace image creates two Az-HOP users: a regular user called hpcuser and an admin user called clusteradmin. The password for these users will be store as a secret in the Azure KeyVault that has been created. First get the password and then navigate to the On-Demand portal. The URL for the On-Demand portal is the IP address or FQDN of the ondemand virtual machine.


Az-HOP PortalAz-HOP Portal


The best place to get started is with one of the Az-HOP tutorials.


Updating the Configuration


The Az-HOP configuration is stored on the deployer virtual machine where the git repository and config is all located in /az-hop. The configuration can be updated by logging in to the deployer virtual machine, editing /az-hop/config.yml and re-running the script. For more details refer to the Az-HOP documentation.


Reporting Issues


Az-HOP is an Open Source project hosted on GitHub and, while this is not an officially supported Microsoft product, the project is actively being maintained. If you experience any issues please open an issue on the Az-HOP GitHub repository.


Learn More


Leave a Reply

Your email address will not be published. Required fields are marked *


This site uses Akismet to reduce spam. Learn how your comment data is processed.