Phase 05: Cluster Deployment
DOCUMENT CATEGORY: Runbook
SCOPE: Azure Local cluster deployment
PURPOSE: Deploy the cluster through Azure Portal or ARM templates
MASTER REFERENCE: Microsoft Learn - Deploy Azure Local
Status: Active Estimated Time: 1.5-3 hours Last Updated: 2026-03-08
Overview
This stage deploys the Azure Local cluster using the configured infrastructure. Deployment can be performed through the Azure Portal (GUI-based) or ARM templates (infrastructure-as-code). Azure Local Cloud supports both Active Directory and Local Identity authentication methods.
Deployment Methods
Storage Spaces Direct (S2D) — Hyperconverged
| Method | Authentication | Use Case |
|---|---|---|
| Portal - Active Directory | Domain-joined | Standard enterprise deployment |
| ARM Template - Active Directory | Domain-joined | Automated/repeatable deployment |
| Portal - Local Identity | Local accounts | Edge/disconnected scenarios |
| ARM Template - Local Identity | Local accounts | Automated edge deployment |
Storage Area Network (SAN) — Disaggregated
| Method | Authentication | Use Case |
|---|---|---|
| Portal - Active Directory (SAN) | Domain-joined | SAN with enterprise AD |
| ARM Template - Active Directory (SAN) | Domain-joined | SAN with automated deployment |
| Portal - Local Identity (SAN) | Local accounts | SAN at edge without AD |
| ARM Template - Local Identity (SAN) | Local accounts | SAN with automated edge |
- S2D (Hyperconverged): Local NVMe/SSD/HDD in each node, up to 16 nodes. Compute and storage scale together.
- SAN (Disaggregated): External SAN via Fiber Channel, up to 64 nodes. Compute and storage scale independently. See SAN Deployment for prerequisites and FC patterns.
For Azure Local Cloud Azure Local deployments, Active Directory with ARM Template is the recommended approach for consistency and repeatability.
Prerequisites
All Deployment Methods
| Requirement | Validation |
|---|---|
| Arc registration complete (Phase 04) | All nodes show "Connected" in Azure Portal |
| Network infrastructure configured | Management, storage, and compute networks ready |
| Required Azure permissions | Contributor + User Access Administrator on resource group |
| Storage infrastructure ready | Physical disks and enclosures configured |
Active Directory Deployments Only
| Requirement | Validation |
|---|---|
AD pre-created with New-HciAdObjectsPreCreation | OU exists, LCM user created in OU, GPO inheritance blocked at OU level |
| Nodes NOT pre-joined to domain | (Get-WmiObject Win32_ComputerSystem).Domain returns WORKGROUP |
| DNS resolves the AD domain FQDN from all nodes | Resolve-DnsName <domain.fqdn> succeeds on each node |
Local Identity Deployments Only
| Requirement | Validation |
|---|---|
| Non-built-in local admin account with identical credentials on ALL nodes | Account is NOT the built-in Administrator; login succeeds on each node |
| Azure Key Vault available | Existing KV accessible, or will be created during portal deployment |
| DNS server with zone configured for cluster nodes | Resolve-DnsName <node-fqdn> succeeds for each node |
Deployment Workflow
graph TD
A[Start Deployment] --> B{Authentication Type?}
B -->|Active Directory| C[AD Pre-checks]
B -->|Local Identity| D[Local Admin Setup]
C --> E{Deployment Method?}
D --> E
E -->|Portal| F[Portal Wizard]
E -->|ARM Template| G[ARM Deployment]
F --> H[Validation]
G --> H
H --> I{Deployment Successful?}
I -->|Yes| J[Phase 16: Post-Deployment]
I -->|No| K[Troubleshooting]
K --> E
Azure Portal Deployment Overview
The Azure Portal deployment wizard guides you through:
- Basics - Subscription, resource group, cluster name, region
- Configuration - Node configuration, witness, and storage settings
- Networking - Management, compute, and storage network settings
- Management - Update settings, key vault integration
- Tags - Resource tagging for governance
- Validation - Pre-deployment checks
- Review + Create - Final review and deployment
ARM Template Deployment Overview
ARM template deployments provide:
- Repeatability - Consistent deployments across environments
- Version Control - Track infrastructure changes in Git
- Automation - Integrate with CI/CD pipelines
- Compliance - Audit trail of infrastructure changes
Azure Local Cloud parameter templates are maintained in the Azure Local Toolkit:
Toolkit location: configs/azure/arm-templates/04-cluster-deployment/
azuredeploy.parameters.ad.json— Active Directory authenticationazuredeploy.parameters.local-identity.json— Local Identity authentication
Microsoft official template: Pull at deploy time from the Azure Quickstart Templates repository. Do not modify the main template — customize only via the parameters file.
Estimated Deployment Time
| Phase | Duration |
|---|---|
| Pre-deployment validation | 15-30 minutes |
| Cluster deployment | 45-90 minutes |
| Extension installation | 15-30 minutes |
| Post-deployment validation | 15-30 minutes |
| Total | 1.5-3 hours |
Next Steps
Select your deployment method:
S2D (Hyperconverged)
| Authentication | Method | Link |
|---|---|---|
| Active Directory | Portal | Portal Instructions |
| Active Directory | ARM Template | ARM Template Instructions |
| Local Identity | Portal | Portal Instructions |
| Local Identity | ARM Template | ARM Template Instructions |
SAN (Disaggregated)
| Authentication | Method | Link |
|---|---|---|
| Active Directory | Portal | Portal Instructions (SAN) |
| Active Directory | ARM Template | ARM Template Instructions (SAN) |
| Local Identity | Portal | Portal Instructions (SAN) |
| Local Identity | ARM Template | ARM Template Instructions (SAN) |
After completing cluster deployment, proceed to Phase 16: Post Deployment.
Navigation
| Previous | Up | Next |
|---|---|---|
| Phase 14: Arc Registration | Cluster Deployment Index | Phase 16: Post-Deployment |
References: