Home > ServerTemplates > Infinity > ST > Base ServerTemplate for Windows (v14 Infinity)

MindTouch
Copyright (c) 2006-2014 MindTouch Inc.
http://mindtouch.com

This file and accompanying files are licensed under the MindTouch Master Subscription Agreement (MSA).

At any time, you shall not, directly or indirectly: (i) sublicense, resell, rent, lease, distribute, market, commercialize or otherwise transfer rights or usage to: (a) the Software, (b) any modified version or derivative work of the Software created by you or for you, or (c) MindTouch Open Source (which includes all non-supported versions of MindTouch-developed software), for any purpose including timesharing or service bureau purposes; (ii) remove or alter any copyright, trademark or proprietary notice in the Software; (iii) transfer, use or export the Software in violation of any applicable laws or regulations of any government or governmental agency; (iv) use or run on any of your hardware, or have deployed for use, any production version of MindTouch Open Source; (v) use any of the Support Services, Error corrections, Updates or Upgrades, for the MindTouch Open Source software or for any Server for which Support Services are not then purchased as provided hereunder; or (vi) reverse engineer, decompile or modify any encrypted or encoded portion of the Software.

A complete copy of the MSA is available at http://www.mindtouch.com/msa

Base ServerTemplate for Windows (v14 Infinity)

Table of Contents    

 

Infinity

Leading edge features

   ►  Overview

Description

The "Base" ServerTemplate is specifically designed for developing custom ServerTemplates that include best practices for deploying Windows servers with the RightScale management platform.

Features

  • Multi-cloud Support - Launch a server into one several supported cloud infrastructures. Check the ServerTemplate's Images tab to see which MultiCloud Images (MCIs) are included by default. However, additional MCIs can be added to the ServerTemplate, if desired.
  • Basic set of PowerShell scripts for setting up a custom Windows administrator password, system monitoring, and alerts.
  • Examples of system-required input variables.

Technical Overview

Software Application Versions

Note: Some versions are not available in all clouds. Check the ServerTemplate's Images tab for details.

  • Windows Server 2012
  • Windows Server 2008R2 Service Pack 1

Database Filesystem

For Windows servers, the root filesystem (C:\) is located on a mounted volume (if volumes are supported). In the example screenshot below, an EBS volume is used as the root filesystem for an EC2 instance. Note: The instance's AWS ID (i-904c37c9) is used in the nickname of the volume.

screen-C_drive-v1.png

Windows Updates

The 'SYS Set Windows Automatic Updates Policy' and 'SYS Install All Windows Updates' scripts control whether or not Automatic Windows Updates will be applied to a running server, as well as how the updates will be applied. Some updates require the server to be rebooted in order to complete the update. In such cases, you can use the WINDOWS_UPDATES_REBOOT_SETTING input to either allow is disallow an automatic reboot of the instance. By default, servers will NOT be rebooted so that you can pick a more convenient time to reboot the server in order to minimize the affect on your application and its users.

See Base ServerTemplate for Windows - Runbook for details.

Microsoft Knowledge Base (KB) Article Updates

Use the 'SYS Install Microsoft update by KB number' script and the KB_ARTICLE_NUMBER and WINDOWS_UPDATES_REBOOT_SETTING inputs to selectively pick which KB updates to apply to the server. See Base ServerTemplate for Windows - Runbook for details.

Microsoft Key Management Server (KMS)

Use the 'SYS Activate Windows with KMS server' script with the KMS_HOST and KMS_PORT inputs to use a Microsoft Key Management Server (KMS) to activate volume licensed Microsoft products like a Windows 2008 Server.

See Base ServerTemplate for Windows - Runbook for details.

Monitoring

The 'SYS Monitoring install Windows' script is used to enable the instance for real-time monitoring by the RightScale management platform. DO NOT CHANGE the values for the SKETCHY and SERVER_UUID inputs because they are used to properly connect the instance to RightScale's Monitoring system so that you can view real-time monitoring graphs (under the Monitoring tabs) in the dashboard and set up alerts for automation. If the script is executed successfully, you will see the following machine tag on the instance.

  • rs_monitoring:state=active

Firewall Management

Use Powershell functions to add and remove firewall rules for specific IP addresses and ranges, ports and TCP and UDP protocols.

  • For Windows 2012, these functions use native Windows 2012 network security cmdlets. (http://technet.microsoft.com/en-us/l...ps.620%29.aspx)
  • For Windows 2008R2, RightScale Powershell library defines functions with cmdlet bindings that match Windows 2012 network security cmdlets.
    (Note: Only a limited set of cmdlets is defined and supported.)

 

Firewall management functions are located in the following two files:

 

Powershell Function

Main function to add and remove firewall rules is located in file win/Firewall.ps1 and called RsSetupFirewallRule. This function should be used in RightScripts and ServerTemplates.

Declaration:

function RsSetupFirewallRule([string]$action, [string]$cidrIpAddress, [string]$ports, [string]$protocols)

Parameters:

  • [string]$action - Action to perform - enable or disable access. Valid values for this parameter are 'enable' and 'disable'.
  • [string]$cidrIpAddress - IP address or range of IP addresses in CIDR notation with optional inversion flag. This parameter could be of one of the formats below:
    • Individual IP address in dot-decimal notation, ex: 10.10.1.32
    • IP address followed by a slash and decimal number of leading bits in subnet mask. Ex: 92.16.2.0/24
    • IP address followed by a slash and subnet mask in 4-dots decimal format. 92.16.2.0/255.255.255.0
    • Any of the format above with preceding exclamation mark so the whole thing represents inverted set of IP addresses (i.e. all IPs except specified by IP address or range). Ex: !92.16.2.0/24
    • 'Any' keyword, case insensitive.
  • [string]$ports - Comma-separated list of ports. Each port should be integer value in range 1..65535.
  • [string]$protocols - Firewall rule's protocol(s). Supported protocols are TCP and UDP. Valid values are 'tcp', 'udp', 'both'.

Return value:

No return value, throws exception in case of error.

Examples:

  • RsSetupFirewallRule 'enable' 192.168.1.1 5022 'tcp' - Enables incoming SQL Server mirroring traffic on port 5022 for IP address 192.168.1.1
  • RsSetupFirewallRule 'enable' 'any' 80 'tcp' - Enables incoming HTTP traffic from any IP address on port 80

 

RightScripts

See the Base ServerTemplate for Windows (v14 Infinity) - Runbook.

You must to post a comment.
Last Modified
15:20, 20 May 2014

Tags

Classifications

This page has no classifications.

Announcements

None

Glossary | 用語용어 Site Map | Site Help Community Corporate Site Get Support Dashboard Login
Doc Feedback Product Feedback Resources MultiCloud Marketplace Forums

Dashboard Status


© 2006-2014 RightScale, Inc. All rights reserved.
RightScale is a registered trademark of RightScale, Inc. All other products and services may be trademarks or servicemarks of their respective owners.