Home > ServerTemplates > Infinity > ST > Base ServerTemplate for Windows (v14 Infinity)

Base ServerTemplate for Windows (v14 Infinity)

Table of Contents    

 

Infinity

Leading edge features

   ►  Overview

Description

The "Base" ServerTemplate is specifically designed for developing custom ServerTemplates that include best practices for deploying Windows servers with the RightScale management platform.

Features

  • Multi-cloud Support - Launch a server into one several supported cloud infrastructures. Check the ServerTemplate's Images tab to see which MultiCloud Images (MCIs) are included by default. However, additional MCIs can be added to the ServerTemplate, if desired.
  • Basic set of PowerShell scripts for setting up a custom Windows administrator password, system monitoring, and alerts.
  • Examples of system-required input variables.

Technical Overview

Software Application Versions

Note: Some versions are not available in all clouds. Check the ServerTemplate's Images tab for details.

  • Windows Server 2012
  • Windows Server 2008R2 Service Pack 1

Database Filesystem

For Windows servers, the root filesystem (C:\) is located on a mounted volume (if volumes are supported). In the example screenshot below, an EBS volume is used as the root filesystem for an EC2 instance. Note: The instance's AWS ID (i-904c37c9) is used in the nickname of the volume.

screen-C_drive-v1.png

Windows Updates

The 'SYS Set Windows Automatic Updates Policy' and 'SYS Install All Windows Updates' scripts control whether or not Automatic Windows Updates will be applied to a running server, as well as how the updates will be applied. Some updates require the server to be rebooted in order to complete the update. In such cases, you can use the WINDOWS_UPDATES_REBOOT_SETTING input to either allow is disallow an automatic reboot of the instance. By default, servers will NOT be rebooted so that you can pick a more convenient time to reboot the server in order to minimize the affect on your application and its users.

See Base ServerTemplate for Windows - Runbook for details.

Microsoft Knowledge Base (KB) Article Updates

Use the 'SYS Install Microsoft update by KB number' script and the KB_ARTICLE_NUMBER and WINDOWS_UPDATES_REBOOT_SETTING inputs to selectively pick which KB updates to apply to the server. See Base ServerTemplate for Windows - Runbook for details.

Microsoft Key Management Server (KMS)

Use the 'SYS Activate Windows with KMS server' script with the KMS_HOST and KMS_PORT inputs to use a Microsoft Key Management Server (KMS) to activate volume licensed Microsoft products like a Windows 2008 Server.

See Base ServerTemplate for Windows - Runbook for details.

Monitoring

The 'SYS Monitoring install Windows' script is used to enable the instance for real-time monitoring by the RightScale management platform. DO NOT CHANGE the values for the SKETCHY and SERVER_UUID inputs because they are used to properly connect the instance to RightScale's Monitoring system so that you can view real-time monitoring graphs (under the Monitoring tabs) in the dashboard and set up alerts for automation. If the script is executed successfully, you will see the following machine tag on the instance.

  • rs_monitoring:state=active

Firewall Management

Use Powershell functions to add and remove firewall rules for specific IP addresses and ranges, ports and TCP and UDP protocols.

  • For Windows 2012, these functions use native Windows 2012 network security cmdlets. (http://technet.microsoft.com/en-us/l...ps.620%29.aspx)
  • For Windows 2008R2, RightScale Powershell library defines functions with cmdlet bindings that match Windows 2012 network security cmdlets.
    (Note: Only a limited set of cmdlets is defined and supported.)

 

Firewall management functions are located in the following two files:

 

Powershell Function

Main function to add and remove firewall rules is located in file win/Firewall.ps1 and called RsSetupFirewallRule. This function should be used in RightScripts and ServerTemplates.

Declaration:

function RsSetupFirewallRule([string]$action, [string]$cidrIpAddress, [string]$ports, [string]$protocols)

Parameters:

  • [string]$action - Action to perform - enable or disable access. Valid values for this parameter are 'enable' and 'disable'.
  • [string]$cidrIpAddress - IP address or range of IP addresses in CIDR notation with optional inversion flag. This parameter could be of one of the formats below:
    • Individual IP address in dot-decimal notation, ex: 10.10.1.32
    • IP address followed by a slash and decimal number of leading bits in subnet mask. Ex: 92.16.2.0/24
    • IP address followed by a slash and subnet mask in 4-dots decimal format. 92.16.2.0/255.255.255.0
    • Any of the format above with preceding exclamation mark so the whole thing represents inverted set of IP addresses (i.e. all IPs except specified by IP address or range). Ex: !92.16.2.0/24
    • 'Any' keyword, case insensitive.
  • [string]$ports - Comma-separated list of ports. Each port should be integer value in range 1..65535.
  • [string]$protocols - Firewall rule's protocol(s). Supported protocols are TCP and UDP. Valid values are 'tcp', 'udp', 'both'.

Return value:

No return value, throws exception in case of error.

Examples:

  • RsSetupFirewallRule 'enable' 192.168.1.1 5022 'tcp' - Enables incoming SQL Server mirroring traffic on port 5022 for IP address 192.168.1.1
  • RsSetupFirewallRule 'enable' 'any' 80 'tcp' - Enables incoming HTTP traffic from any IP address on port 80

 

RightScripts

See the Base ServerTemplate for Windows (v14 Infinity) - Runbook.

You must to post a comment.
Last Modified
15:20, 20 May 2014

Page Rating

Was this article helpful?

Tags


Announcements

None

Glossary | 用語용어 Site Map | Site Help Community Corporate Site Get Support Dashboard Login
Doc Feedback Product Feedback Resources MultiCloud Marketplace Forums

Dashboard Status


© 2006-2014 RightScale, Inc. All rights reserved.
RightScale is a registered trademark of RightScale, Inc. All other products and services may be trademarks or servicemarks of their respective owners.