Runtime Environments > Serverless runtime environments > Serverless runtime environment setup on Microsoft Azure

Serverless runtime environment setup on Microsoft Azure

You can host a serverless runtime environment on an Azure Virtual Network (VNet). You configure the serverless runtime environment in Azure Native ISV Services.

You must have the Intelligent Data Management Cloud subscription license to create serverless runtime environments.

To configure a serverless runtime environment in Azure, complete the following steps:

1Verify your user consent settings.
2Configure the subnet.
3Create an organization in Azure Native ISV Services.
4Create a serverless runtime environment.

Step 1. Verify your user consent settings

Your Azure administrator might need to approve the Informatica app, depending on your user consent settings.

1From the Azure Portal home page, select Enterprise applications.

2Expand Security and then click Consent and permissions.

The User consent settings page is displayed:

The graphic shows the User consent settings page in the Azure portal. Two options are highlighted: the option "Allow user consent for apps from verified publishers, for selected permissions" requires approval of the Informatica application from the Azure administrator. The option "Allow user consent for apps" does not require approval from the Azure administrator.

3Review the user consent setting assigned to you:

- If your User consent settings page is set to Allow user consent for apps from verified publishers, for selected permissions, you must ask your Azure administrator to approve the Informatica application before you can create serverless runtime environments.

For more information on approving an appliccation, see Review admin consent requests in the Microsoft documentation.

- If your consent settings show Allow user consent for apps, then no approval is required from the Azure administrator. You can proceed to create your serverless runtime environment.

Step 2. Configure the subnet

Assign a specific subnet for use with the Azure serverless runtime environment.

Ensure that the subnet has internet connectivity. There are several ways to achieve this connectivity, including configuring a NAT gateway with a public IP address.

Ensure that the service endpoint Microsoft.AzureActiveDirectory is enabled on the delegated subnet. This is not required if you have configured a NAT gateway with a public IP address.

There is no limit to the number of serverless runtime environments on the same subnet, provided there are enough IP addresses available.

The following table lists the regions for VNET/subnets linked via subnet delegation:

POD	Regions for VNET/subnets linked via subnet delegation
USW1-1 (US West)	West US East US2 US South Central US Central
CAC2 (Canada)	Canada Central Canada East
EMC1 (Germany)	West Europe Germany West Central North Europe
APAUC1 (Australia)	Australia Central Australia Southeast Australia East

1Use the Azure Cloud Shell to run the following command:

az provider register --namespace 'Informatica.DataManagement'

This command registers the "Informatica.DataManagement" resource provider in your subscription where your subnet is located.

2Create a new subnet and delegate this subnet to the following service: Informatica.DataManagement/organizations.

Note: Delegating the subnet to the service Informatica.DataManagement/organizations must be done after all subnet-related configuration is complete, otherwise issues might occur during subnet configuration.

Step 3. Create an Informatica organization

After you've subscribed to the Informatica single sign-on app and configured your subnet, you can create a new organization or link to an existing organization.

1From the Azure Portal home page, select Marketplace.

2Search for Informatica.

You might see several plans with "Informatica" in their names.

3Select the plan named Informatica Intelligent Data Management Cloud - An Azure Native ISV Service.

If you are in tile or list view, the name is truncated. To confirm that you've selected the correct plan, hover over the name. The following image shows the correct plan:

The Informatica plan highlighted on the Azure Marketplace. Attention is drawn to the correct plan, which is named "Informatica Intelligent Data Management Clound - An Azure Native ISV Service".

4Select the plan specified in your contract, click Subscribe > Yes, continue.

The Create an Informatica organization page appears.

5Enter the following information on the Basics tab:

Field	Value
Subscription	Select the Azure subscription you want to use to create the Informatica organization. You must have an owner or contributor role for this subscription.
Resource group	Select a resource group or create a new one. You must have a contributor role to this resource group. A resource group is a container that holds related resources for an Azure solution.
Resource Name	Enter a name for the Azure resource.
Region	Select the region where the resource of type "Informatica organization" will be provisioned.
Informatica Region	Select the region that is closest to you. This determines the POD that you'll connect to.
Organization	Choose whether to create a new organization or link to an existing organization. If you link to an existing organization, you can choose either to continue with an existing Informatica billing or use the Azure Marketplace billing. Note: You can only link to a parent organization that has a Production or Sandbox license type. You can't link to a sub-organization or if the license type is Trial. For more information, see Organization Administration.
Organization name	If you are linking to an existing organization, click Link to an existing Informatica organization and provide your login credentials. The Informatica organization created in the Azure portal automatically links to your existing organization.
Plan	The plan you selected earlier is displayed. If you decide to change it, click Change plan.

6Optionally, click Next: Tags to create tags to help you categorize Azure resources.

The following are examples of tags:

- Name: <name of admin>, Value: <email address>
- Name: <business unit>, Value: <user's business unit>

Creating an organization: defining tags.

7Click Next: Review + create.

Review the information for accuracy and ensure that Validation passed displays at the top of the page.

During service creation, the process validates your Active Directory properties according to the information in the following table:

Field	Validation
First Name	The first name can contain only letters, hyphens, and single quotation marks (').
Last Name	The last name can contain only letters, hyphens, and single quotation marks (').
Company	Company name must be 255 characters or less.
Country	Company name must be 255 characters or less.
Email	The email must be in a valid email format.
Phone Number	A phone number must contain 10-25 characters. It can contain only numbers, spaces, parentheses, hyphens, periods, and a plus sign as the first character.

If any field fails validation, then the service creation fails.

8To begin the deployment process, click Create.

The deployment is complete when you see Deployment succeeded.

9To see the resource dashboard for your organization, click Go to resource.

10Click Login to IDMC organization on the resource dashboard.

The resource dashboard in Azure, with the "Login to IDMC organization" link highlighted.

Note: It is important to log in to Informatica Intelligent Cloud Services before you create a serverless runtime environment.

11Verify that your personal information is accurate and confirm that you agree to the subscription agreement.

12Click Confirm to log in to Informatica Intelligent Cloud Services.

This step is necessary to add you as a user to the system.

Step 4. Create a serverless runtime environment

When you use Azure Native ISV Services, you create and maintain your serverless runtime environments in the Azure portal instead of in Informatica Intelligent Cloud Services.

Note: The System Disk and Proxy Servers features are currently not supported in Azure serverless runtime environments.

1On your organization's resource page in the Azure portal, click Serverless Runtime Environment.

Right now, the list is empty since you have no serverless runtime environments.

2Click Create New Serverless Environment.

The configuration is divided across four tabs: Basics, Platform details, Runtime configuration, and Tags.

3On the Basics tab, enter the following information:

Field	Description
Name	Name of the serverless runtime environment.
Description	Description of the serverless runtime environment.
Task type	Type of tasks that run in the serverless runtime environment: - Select Data Integration to run mappings outside of advanced mode. - Select Advanced Data Integration to run mappings in advanced mode.
Maximum computer units per task	Maximum number of serverless compute units corresponding to machine resources that a task can use.
Task time out (Minutes)	By default, the timeout is 2880 minutes (48 hours). You can set the timeout to a value that is less than 2880 minutes.

4On the Platform Detail tab, enter the following information:

Field	Description
Region	Select the region where the serverless runtime environment is hosted.
Virtual network	Select a virtual network to use.
Subnet	Select a subnet within the virtual network to use. Note: Be sure you've completed Step 2. Configure the subnet .
Supplementary file location	ADLS Gen2 location of any supplementary files. Use the following format: abfs://<file_system>@<account_name>.dfs.core.windows.net/<path> For example, to use a JDBC connection, you place the JDBC JAR files in the supplementary file location and then enter this location: abfs://discaleqa@serverlessadlsgen2acct.dfs.core.windows.net/serverless If you intend to run command tasks within the Azure serverless runtime environment, create a folder named command_scripts within supplementary file location. For example, you would create the folder here: abfs://discaleqa@serverlessadlsgen2acct.dfs.core.windows.net/serverless/command_scripts For more information about command tasks, see "Command task steps" in Taskflows. Note: Ensure that there are no extra spaces or special characters in the supplementary file location, because this might cause the deployment to fail.
Data disks	Access files in an NFS file system. Configuring a data disk in your serverless runtime environment allows you to access files in NFS directories. For more information about configuring data disks, see Working with data disks. Configure the following properties to configure a data disk: - Type. Only NFS directories are currently supported. - Server host/IP. The hostname or IP address of the NFS server. - Source mount. File system path to be mounted in the serverless runtime environment. - Target mount. File system to be mounted on the Secure Agent. - Mount options. If mount options are required, enter them in a comma-separated list in the following format: <key1>=<value1>, <key2>=<value2>
Custom properties	Specific properties required for accessing the supplementary file location. Add the following custom properties and their appropriate values: - ServicePrincipalId - ServicePrincipalSecret. Check for accuracy, as the secret is masked once the configuration is saved. Informatica Global Customer Support might direct you to add other custom properties. Note: If you clone an Azure serverless runtime environment, you need to re-enter the ServicePrincipalSecret because the original value is replaced by a masked string.

Note: You can't change the supplementary file location and custom properties once the configuration is saved. If you need to make corrections, clone the configuration. For more information about cloning, see Manage the serverless runtime environment.

5On the Runtime Configuration tab, enter properties that determine how the serverless runtime environment behaves.

Don't make any changes to this tab unless directed by Informatica Global Customer Support.

6On the Tags page, create tags that help you categorize Azure resources and view consolidated billing.

Enter as many tags as necessary as name-value pairs.

7On the Review+Create page, verify that all entries are correct and then click Create.

If you need to go back to make corrections, click Previous to return to the appropriate tab.

For more information on using and managing serverless runtime environments, see Serverless Runtime Environments on the Informatica Documentation Portal.

Working with data disks

Create a data disk in your serverless runtime environment if you have files in NFS directories that you want to use in the serverless runtime environment without needing to update all your mappings. This feature works only with the NFS version 4.x protocol.

Once you mount your NFS location in a data disk, you have access to the following capabilities:

•Flat file support. You can use flat files from the mounted NFS location in your mappings.
•Parameter file support. You can use parameter files stored in the mounted NFS location. This simplifies migrating jobs from a Secure Agent group to a serverless runtime environment, since you don't need to modify your mappings.

When using existing NFS directories as data disks in an Azure serverless runtime environment, ensure that the user with ID=501 has permissions to read and write from the mount directory of the NFS storage. User ID 501 is the cldagnt user, which the Azure serverless runtime environment uses to access mounted NFS directories.

If user 501 doesn't exist, create that user and assign the appropriate permissions.

Note: If you have a network firewall that prevents access to the NFS Server, you must allow access to the NFS Server from the delegated subnet used to create the Azure serverless runtime environment.

Manage the serverless runtime environment

After you create a serverless runtime environment in Azure, you can perform management tasks such as editing, deleting, or cloning the serverless runtime environment. You perform these tasks through the Azure portal.

Editing the serverless runtime environment

The properties that you can edit in a serverless runtime environment vary, depending on the environment's status.

You can edit the following properties, based on the status of the serverless runtime environment:

•Up and Running. You can only update the following fields: Max Compute Units Per Task and Task Timeout. The updated values take effect for subsequent task runs.
•Failed. You can update all the properties. The updated properties take effect once you use the Start environment action in the Azure portal or the Redeploy action in the Runtime Environments page in Administrator.

If the serverless runtime environment shows any other status, you must delete the serverless runtime environment and create a new one.

You can edit a serverless runtime environment either through the Azure portal or the Runtime Environments page in Administrator.

Deleting the serverless runtime environment

Delete a serverless runtime environment when it's no longer required.

Before you delete a serverless runtime environment, perform the following tasks:

•Use Monitor to make sure that the environment is not running any jobs.
•Use the Show Dependencies action to see if the environment is being used by any tasks, mappings, or connections. If dependencies exist, remove them before deleting the environment.

To delete a serverless runtime environment, use the Azure portal.

Starting the serverless runtime environment

Start a serverless runtime environment that wasn't running because it had failed.

After you Editing the serverless runtime environment of the serverless runtime environment, start the environment through the Azure portal.

Cloning the serverless runtime environment

Clone a serverless runtime environment to quickly create another environment that has a similar configuration. For example, you want to create a similar serverless runtime environment that connects to a different subnet in your cloud environment.

To clone a serverless runtime environment, use the Azure portal.

Tip: If your cloned environment doesn't display right away, click Refresh on the Serverless Runtime Environment page in the Azure portal.

Configure VNet for databases or endpoints outside of Azure

You need to perform additional configuration on the VNet if you use Oracle or any database or endpoint hosted on-premises or outside of the Azure ecosystem.

Perform the following tasks:

•Add trusted IP addresses. If your organization filters based on IP addresses, add the safe Informatica addresses so that they won't get blocked by the firewall. For more information, see Adding trusted Informatica IP addresses.
•Create a supplementary file location. If your mappings use JAR files and external libraries, set up a location on an Azure storage account with either Gen2 or blob. Use the following format:

abfs://<file_system>@<account_name>.dfs.core.windows.net/<path>

For example, to use a JDBC connection, you place the JDBC JAR files in the supplementary file location and then enter this location:

abfs://discaleqa@serverlessadlsgen2acct.dfs.core.windows.net/serverless

•Configure TLS to authenticate REST APIs. If you use a REST V3 Connector, you can configure TLS to authenticate REST APIs. For more information, see Configuring TLS to authenticate REST APIs.

Run command tasks

To run command tasks in an Azure serverless runtime environment, you must place the shell scripts in a specific folder.

Ensure that there is a folder named /command_scripts within the Step 4. Create a serverless runtime environment of the Azure serverless runtime environment.

1Place the script files that you want to run in the command task in the /command_scripts folder. The /command_scripts folder can have its own subfolders.

The files placed in the /command_scripts folder are synchronized to the Secure Agent machine, to following folder in the Secure Agent installation directory:

apps/Common_Integration_Components/data/command/serverless/command_scripts

2Add a command task step to your taskflow. The script specified in the command task is executed in the Secure Agent Docker container.

The files under apps/Common_Integration_Components/data/command/serverless/command_scripts are mounted under the /command_scripts folder inside docker container. You can reference any other files by using the relative path. The script working directory is set to /command_scripts.

For more information about command tasks, see "Command task step" in Taskflows.