Note: Please go to docs.rightscale.com to access the current RightScale documentation set. Also, feel free to Chat with us!
Home > ServerTemplates > Infinity > ST > Microsoft IIS App Server (v14 Infinity) > Microsoft IIS App Server (v14 Infinity) - Tutorial

Microsoft IIS App Server (v14 Infinity) - Tutorial

 

Table of Contents    

Infinity

Leading edge features

   ►  Tutorial

Objective

To set up a Microsoft Internet Information Services (IIS) web application server that connects to a Microsoft SQL database server that was launched using RightScale's Database Manager for Microsoft SQL Server (v14 Infinity) ServerTemplate. The server can also connect to either an HAProxy load balancer (such as the Load Balancer with HAProxy (v14 Infinity) ServerTemplate) or a cloud load balancing service such as Amazon's Elastic Load Balancers or Rackspace Cloud Load Balancers. 

Note: The ServerTemplate can be used to launch an IIS application server in one of the supported public or private cloud infrastructures.

Prerequisites

The following are prerequisites for completing this tutorial:

  • Required user roles: actor, designer, security_manager, and library 
  • For clouds that support security groups (Amazon EC2, Cloudstack and Openstack based clouds), you must have a security group defined with TCP port 3389 open for Remote Desktop Connection (RDC), and any other ports required by the server for the required security groups and IP addresses.

          Note: All images > v13.5 have Windows Firewall enabled, but allow ports 80 and 443 by default.

  • We strongly recommend that you set up credentials for password values and any other sensitive data included as inputs. See the "Create Credentials" section below.
  • This tutorial assumes that you are connecting the Microsoft SQL database server that was launched with RightScale's Database Manager for Microsoft SQL Server (v14 Infinity) ServerTemplate.
  • If you are going to connect the application server to an Amazon Elastic Load Balancer (ELB) or Rackspace Cloud Load Balancer (CLB), you should create it before starting this tutorial. Note: Both the ELB/CLB and application servers must be launched into the same cloud/region.

Overview

This tutorial describes the steps for launching a single Microsoft IIS application server. If you are launching multiple IIS application servers, you should launch them in different data centers / availability zones for high availability purposes. To launch an IIS application server in the context of a multi-tier deployment, please see the 3 Tier Deployment Setup (HAProxy-IIS-SQL) tutorial.

Create Credentials

Prerequisite: Requires 'actor' user role privileges in the RightScale account.

In order to securely pass sensitive information to a script at runtime, you can use Credentials as a means of variable substitution. Later in this tutorial you will select these credentials when you define your inputs. Create the following credentials.  See Create a New Credential for more information.

General

  • WINDOWS_ADMIN_PASSWORD - Password for the Windows 'Administrator' user (default) or specified user with administrative privileges. You must specify a value that satisfies the minimum password requirements, otherwise the initial Windows password will be used instead. For example, a valid password should contain at least 7 characters and include at least one uppercase letter, one lowercase letter, and one digit. See Password Policy for details.
  • DB_CONNECTION_STRING - Use this input to specify the database connection string, which is assigned to 'Database Connection String' parameter of the package file. (e.g. Server=mydb.example.com;Database=mydb;User ID=myuser;Password=MyPassword123;)
  • SQL_APPLICATION_USER - A SQL database user with login privileges for the specified database.
  • SQL_APPLICATION_PASSWORD - The password for the SQL database user with login privileges for the specified database.
  • PACKAGE_ENCRYPTION_PASSWORD - (Optional) Password to encrypt secure elements of WebDeploy package, for example passwords of domain accounts. This input should only be set if encrypted elements are present in the application package.

Application Code Retrieval 

Create the appropriate credentials depending where the application code will be retrieved.

Load Balancing

If you are going to use a cloud load balancing service such as Amazon Elastic Load Balancers (ELB) or Rackspace Cloud Load Balancers (CLB), you will should create the required cloud credentials.

  • AWS ELB  (Note: You do not have to create these credentials because they are automatically created for your use when you add AWS to a RightScale account.)
    • AWS_ACCESS_KEY_ID
    • AWS_SECRET_ACCESS_KEY
  • Rackspace CLB

Steps

Upload the Application

The ServerTemplate contains scripts that can retrieve application code from either an SVN or Git repository, or from an ROS container. If you do not have an application, you can upload the example below to an ROS container. If you used the 'DotNetNuke.bak' example to launch the Microsoft SQL database server, use the matching sample application below.


Upload the sample application to the ROS container you created above.

Import the ServerTemplate

  1. Go to the MultiCloud Marketplace (Design > MultiCloud Marketplace > ServerTemplates) and import the most recently published revision of the Microsoft IIS App Server (v14.x) Server ServerTemplate into your RightScale account.

Customize the ServerTemplate

By default, the application ServerTemplate is configured to connect to an HAProxy load balancer server launched with the Load Balancer with HAProxy ServerTemplate. The ServerTemplate contains scripts that will connect to the load balancers at boot time and disconnect from the load balancers at decommission time when the server is terminated. If you are going to connect to an HAProxy load balancer or launch a standalone application server, no customizations are required. Please proceed to the next step.

If you are going to connect the IIS application server to either an Amazon Elastic Load Balancer (ELB) or a Rackspace Cloud Load Balancer (CLB), you must customize the ServerTemplate's scripts accordingly. Follow the instructions below.

For ELB 

  1. Clone and rename the ServerTemplate.
  2. Go the Scripts tab of the cloned ServerTemplate.
  3. Replace the LB Register with HAProxy script in the Boot Script list with the AWS Register with ELB script.
  4. Replace the LB Deregister from HAProxy script in the Decommission Script list with the AWS Deregister from ELB script.


For CLB 

  1. Clone and rename the ServerTemplate.
  2. Go the Scripts tab of the cloned ServerTemplate.
  3. Replace the LB Register with HAProxy script in the Boot Script list with the LB Register with CLB script.
  4. Replace the LB Deregister from HAProxy script in the Decommission Script list with the LB Deregister from CLB script.

Add a Server

When you create a server, you will first need to select a deployment and the cloud where the server will eventually be launched into (e.g. AWS us-east). Based on the chosen cloud provider, you will need to complete the configuration process that's specific for that cloud. For example, some cloud providers support features that are unique to their specific cloud.

  1. Go to the imported or cloned ServerTemplate's show page.
  2. To create a server, click the Add Server button and complete the steps in the wizard. See Add Server Assistant for details. If you are setting up a multi-tier deployment, it's strongly recommended that you create at least two application servers for high availability purposes.
    • The easiest way to create the second server is to clone the first one. Be sure to change the name of the server accordingly (e.g. app2) and its availability zone (if available) under the Info tab.

Configure Inputs

The next step is to define the properties of your IIS server or servers by entering values for inputs. It is simplest and best to do this at the deployment level. For a detailed explanation of how inputs are defined and used in Chef recipes and RightScripts, see Understanding Inputs.

The inputs that you need to provide values for will depend on which options you're going to use. The ServerTemplate is very flexible and supports a variety of different configurations. You will need to provide the necessary values as inputs based on which options you want to use.

Set Inputs at the Deployment Level

Go to the deployment's Inputs tab (Manage > Deployments > your deployment) and click Edit.

Although you can enter text values for all missing inputs, it's strongly recommended that you set up credentials for passing sensitive information to scripts such as passwords or any other sensitive data.

APPLICATION

The application code can be retrieved from several different location. You must specify the appropriate inputs depending on the option.

  • ROS Container (e.g. S3 bucket or Cloud Files container) - A zip file of the application code is retrieved from an ROS container. Cloud credentials may be required for authentication purposes.
Input Name Description Example Value
APPLICATION_LISTENER_IP_ADDRESS

The IP protocol that the application service listens on for accepting inbound connections. 

  • private
  • public
text: private
APPLICATION_LISTENER_PORT The TCP port that the application service will listen on to receive requests from the load balancing servers/service. Ex: 8000 text: 8000
PACKAGE_FILE_NAME File name of WebDeploy package to download from Remote Storage and sync with IIS instance on the server. Ex: mypackage.zip

For the provided sample file use:

text:  DotNetNuke_msdeploy.zip

REMOTE_STORAGE_ACCOUNT_ID_APP

In order to retrieve a tarball of the application code that's a "private" object within the specified Remote Object Storage (ROS) location, you must provide proper cloud authentication credentials. For security reasons, it's recommended that you create and use credentials for these values instead of entering the text value.

Specify the Account ID or name of the Remote Storage account. 

  • Amazon S3 - Amazon Access Key ID (e.g. cred: AWS_ACCESS_KEY_ID)
  • Rackspace Cloud Files - Rackspace login username (e.g. cred: RACKSPACE_USERNAME)
  • Microsoft Azure Blob Storage - Azure Storage Account Name (e.g. cred: AZURE_ACCOUNT_NAME)
  • SoftLayer Object Storage - SoftLayer Account ID (e.g. cred: SOFTLAYER_USER_ID)
  • OpenStack Object Storage (Swift) - OpenStack Object Storage (Swift) Account Password (e.g. SWIFT_ACCOUNT_PASSWORD)
cred: AWS_ACCESS_KEY_ID
REMOTE_STORAGE_ACCOUNT_PROVIDER_APP

Name of Remote Storage provider. Amazon S3, Rackspace Cloud Files, Windows Azure Storage, Softlayer Object Storage and OpenStack Swift are currently supported. Please select appropriate value from the dropdown. 

  • Amazon_S3 - Amazon S3 
  • Rackspace_Cloud_Files_US - Rackspace Cloud Files (United States)
  • Rackspace_Cloud_Files_UK - Rackspace Cloud Files (United Kingdom)
  • Windows_Azure_Storage - Microsoft Azure Blob Storage
  • SoftLayer_Object_Storage_Dallas - SoftLayer's Dallas (USA) cloud
  • SoftLayer_Object_Storage_Singapore - SoftLayer's Singapore cloud
  • SoftLayer_Object_Storage_Amsterdam - SoftLayer's Amsterdam cloud
  • OpenStack_Swift - OpenStack Object Storage (Swift)
text: Amazon_S3
REMOTE_STORAGE_ACCOUNT_SECRET_APP

The Secret Key or Password of the Remote Storage account which is used to authenticate your requests to Remote Storage services. For security reasons, it's recommended that you create and use credentials for these values instead of entering the text value.

Specify the Secret Key or password of the Remote Storage account. 

  • Amazon_S3 - AWS Secret Access Key (e.g. cred: AWS_SECRET_ACCESS_KEY)
  • Rackspace_Cloud_Files_US - Rackspace Account API Key US (e.g. cred: RACKSPACE_AUTH_KEY)
  • Rackspace_Cloud_Files_UK - Rackspace Account API Key UK (e.g. cred: RACKSPACE_AUTH_KEY)
  • Windows_Azure_Storage - Microsoft Primary Access Key (e.g. cred: AZURE_PRIMARY_ACCESS_KEY)
  • SoftLayer_Object_Storage - SoftLayer API Access Key (e.g. cred: SOFTLAYER_API_KEY)
  • OpenStack_Swift - OpenStack Object Storage (Swift) Account Password (e.g. SWIFT_ACCOUNT_PASSWORD)
cred: AWS_SECRET_ACCESS_KEY
WEB_SITE_NAME Name of the web site for the application. Default value is 'Default web site'. Ex: MyWebsite

For the provided sample file use:

text:  Default web site

REMOTE_STORAGE_CONTAINER_APP Name of Remote Storage container (S3 bucket name, Rackspace Cloud Files, Windows Azure Storage or SoftLayer Storage container to be used as storage web application code. Ex: mycontainer text: my_app

REMOTE_STORAGE_BLOCK_SIZE_APP

(For Amazon S3 and Windows Azure Storage only)
Size of upload block in megabytes (currently supported by Amazon S3 and Windows Azure Storage only). Default and recommended value is 10 (10MB). Supported ranges are 1..5024 for S3 and 1..64 for Windows Azure Storage. text: 10

REMOTE_STORAGE_ENDPOINT_URL_APP

(For Swift storage only)
The endpoint URL for the Remote Storage provider. Currently this is used to specify an endpoint for OpenStack Swift.  text: http://myswift.com:5000/v2.0/tokens

REMOTE_STORAGE_THREAD_COUNT_APP

(For Windows Azure Storage only)
Number of parallel threads to be used for file downloads and uploads.  text: 2

REMOTE_STORAGE_USE_INTERNAL_NETWORK_APP

(For Swift storage only)
Set this input to True to force network connection to remote storage service using private interface (if the server is located in the same cloud/datacenter as remote storage service). This input is supported for Rackspace Open cloud, SoftLayer and OpenStack. Default is False (uses public network interface).  text: False

CLOUD

(For ELB or CLB only)

If the application server is going to connect to one of the supported cloud load balancing services such as Amazon Elastic Load Balancers (ELB) or Rackspace Cloud Load Balancers (CLB), you must specify the following cloud credentials so that the application servers has the necessary credentials (for authentication purposes) to interact with the cloud services.

 

Input Name Description Example Value

AWS_ACCESS_KEY_ID

AWS_SECRET_ACCESS_KEY

(For ELB only)

Specify the following Amazon EC2 cloud credentials to interact with an ELB.

cred:  AWS_ACCESS_KEY_ID

cred:  AWS_SECRET_ACCESS_KEY

RACKSPACE_USERNAME
RACKSPACE_AUTH_KEY
(For CLB only)

Specify the following Rackspace cloud credentials to interact with a CLB.

cred:  RACKSPACE_USERNAME
cred:  RACKSPACE_AUTH_KEY

RACKSPACE_REGION
(For CLB only)

The location of the Cloud Load Balancer (CLB) that the IIS application server will connect to for load balancing purposes. If you are not using a CLB, this input is ignored.

  • us - Rackspace US
  • uk - Rackspace UK
text: us

DATABASE

Input Name Description Example Value
DB_CONNECTION_STRING

Use this input to specify database connection string which is assigned to 'Database Connection String' parameter of the package file.

It's recommended that you create a credential for this value because it contains sensitive data that you may not want to disclose to your end users. 

  • Server - The hostname (e.g. mydb.example.com) or IP address (e.g. 184.106.99.159) that points to the standalone/principal SQL database server.
  • Database - The name of the database. It should match the value specified for the DB_NAME input if you are using the "Database Manager for Microsoft SQL Server" ServerTemplate.
  • User - The SQL user that the application will use to access the database. It should match the value specified for the DB_NEW_LOGIN_NAME input if you are using the "Database Manager for Microsoft SQL Server" ServerTemplate.
  • Password - The password of the SQL user that the application will use to access the database. It should match the value specified for the DB_NEW_LOGIN_PASSWORD input if you are using the "Database Manager for Microsoft SQL Server" ServerTemplate.

Example:

Server=184.106.99.159;Database=mydb;User ID=myuser;Password=MyPassword123;

cred: DB_CONNECTION_STRING

LOAD BALANCER

If you are launching a standalone application server that will not connect to any load balancing tier, ignore the inputs below.

Input Name Description Example Value

ELB_NAME

(For ELB only)

The name of the Amazon Elastic Load Balancer (ELB) that the IIS application server will connect to for load balancing purposes.

Important! You must launch the IIS application server into the same EC2 region as the ELB.

If you are not using an ELB, set this input to 'ignore'. 

text:  my-elb

LB_POOLS

(For HAProxy only)

The name of the load balancing pool that the application server will connect to. If you are connecting to a load balancer launched with RightScale's 'Load Balancer with HAProxy' ServerTemplate, this value should match one or more values in the 'Load Balance Pools' input for the load balancer servers. You can specify an application listener name (e.g. default) or hostname of the load balancer servers (e.g. my-www.example.com)

Machine tags are used to establish a connection between an application server and the HAProxy load balancer servers. For example, if you are using the 'default' pool name, the tag on the application server would be 'loadbalancer:default=app'.

If you are not using HAProxy for load balancing, set this input to 'ignore'.  

text:  default

RACKSPACE_CLB_NAME

(For CLB only)

The name of the Rackspace Cloud Load Balancer (CLB) that the IIS application server will connect to for load balancing purposes. If you are not using a CLB, set this input to 'ignore'. 

text:  my-clb

RACKSPACE_CLB_REGION

(For CLB only)

The location of the Rackspace Cloud Load Balancer (CLB). If you are not using a CLB, set this input to 'ignore'.

Important! You must launch the IIS application server into the same datacenter as the CLB.

  • lon - London (UK)
  • ord - Chicago (US)
  • dfw - Dallas / Fort Worth (US)

text:  ord

 

REMOTE STORAGE

The SYS Configure IIS logs rotation policy boot script configures a scheduled task (that runs once per day) on the server, which creates a .zip of IIS application server logs (older than one day) and uploads it to a container in a supported ROS service (e.g., Amazon S3, Windows Azure Storage). If you do not want to upload IIS logs to an ROS container, leave the following inputs set to 'no value' (default).

Input Name Description Example Value
REMOTE_STORAGE_ACCOUNT_ID

In order to upload IIS log files to an ROS location, you must provide proper cloud authentication credentials. For security reasons, it's recommended that you create and use credentials for these values instead of entering the text value. This input is also used for specifying the ROS container for database initialization and ROS-based backups.

Specify the Account ID or name of the Remote Storage account. 

  • Amazon S3 - Amazon Access Key ID (e.g. cred: AWS_ACCESS_KEY_ID)
  • Rackspace Cloud Files - Rackspace login username (e.g. cred: RACKSPACE_USERNAME)
  • Microsoft Azure Blob Storage - Azure Storage Account Name (e.g. cred: AZURE_ACCOUNT_NAME)
  • SoftLayer Object Storage - SoftLayer Account ID (e.g. cred: SOFTLAYER_USER_ID)
  • OpenStack Object Storage (Swift) - OpenStack Object Storage (Swift) Account Password (e.g. SWIFT_ACCOUNT_PASSWORD)
cred: AWS_ACCESS_KEY_ID
REMOTE_STORAGE_ACCOUNT_PROVIDER

Name of Remote Storage provider. Amazon S3, Rackspace Cloud Files, Windows Azure Storage, Softlayer Object Storage and OpenStack Swift are currently supported. Please select appropriate value from the dropdown. 

  • Amazon_S3 - Amazon S3 
  • Rackspace_Cloud_Files_US - Rackspace Cloud Files (United States)
  • Rackspace_Cloud_Files_UK - Rackspace Cloud Files (United Kingdom)
  • Windows_Azure_Storage - Microsoft Azure Blob Storage
  • SoftLayer_Object_Storage_Dallas - SoftLayer's Dallas (USA) cloud
  • SoftLayer_Object_Storage_Singapore - SoftLayer's Singapore cloud
  • SoftLayer_Object_Storage_Amsterdam - SoftLayer's Amsterdam cloud
  • OpenStack_Swift - OpenStack Object Storage (Swift)
text: Amazon_S3
REMOTE_STORAGE_ACCOUNT_SECRET

The Secret Key or Password of the Remote Storage account which is used to authenticate your requests to Remote Storage services. For security reasons, it's recommended that you create and use credentials for these values instead of entering the text value.

Specify the Secret Key or password of the Remote Storage account. 

  • Amazon_S3 - AWS Secret Access Key (e.g. cred: AWS_SECRET_ACCESS_KEY)
  • Rackspace_Cloud_Files_US - Rackspace Account API Key US (e.g. cred: RACKSPACE_AUTH_KEY)
  • Rackspace_Cloud_Files_UK - Rackspace Account API Key UK (e.g. cred: RACKSPACE_AUTH_KEY)
  • Windows_Azure_Storage - Microsoft Primary Access Key (e.g. cred: AZURE_PRIMARY_ACCESS_KEY)
  • SoftLayer_Object_Storage - SoftLayer API Access Key (e.g. cred: SOFTLAYER_API_KEY)
  • OpenStack_Swift - OpenStack Object Storage (Swift) Account Password (e.g. SWIFT_ACCOUNT_PASSWORD)
cred: AWS_SECRET_ACCESS_KEY
REMOTE_STORAGE_CONTAINER

The name of the container in the specified Remote Storage provider where the IIS log files will be stored. This input is also used for specifying the ROS container for database initialization and ROS-based backups.

text: my_iis_logs

REMOTE_STORAGE_BLOCK_SIZE

(For Amazon S3 and Windows Azure Storage only)
Size of upload block in megabytes (currently supported by Amazon S3 and Windows Azure Storage only). Default and recommended value is 10 (10MB). Supported ranges are 1..5024 for S3 and 1..64 for Azure. text: 10

REMOTE_STORAGE_ENDPOINT_URL

(For Swift storage only)
The endpoint URL for the Remote Storage provider. Currently this is used to specify an endpoint for OpenStack Swift.  text: http://myswift.com:5000/v2.0/tokens

REMOTE_STORAGE_THREAD_COUNT

(For Windows Azure Storage only)

Number of parallel threads to be used for file downloads and uploads. text: 2

REMOTE_STORAGE_USE_INTERNAL_NETWORK

(For Swift storage only)
Set this input to True to force network connection to remote storage service using private interface (if the server is located in the same cloud/datacenter as remote storage service). This input is supported for Rackspace Open cloud, SoftLayer and OpenStack. Default is False (uses public network interface).  text: False

Launch the Application Server

After configuring your inputs, launch the application server. 

  1. Go to the deployment's Servers tab and launch the server.
  2. When you view the input confirmation page, there should not be any required inputs with missing values.  If there are any required inputs that are missing values (highlighted in red), cancel the launch and add the missing values at the deployment level before launching the server again. Refer to the instructions in Launch a Server if you are not familiar with this process. Because there are no required inputs that are missing values for any boot scripts, you can click the Launch button at the bottom of the input confirmation page. 

Update the Website Bindings

Once the package has been loaded you may need to run the following script if the package (being deployed) was built on a different server. If you find that it's necessary to run this operational script for deploying your application you should modify the ServerTemplate and add the script to the end of the Boot Scripts phase.

  1. Go to the Scripts tab of the running application server.
  2. Run the IIS Configure website bindings (v14.x) operational script.

Launch Additional Application Servers (Optional)

  1. Clone the current application server to launch another application server. As a best practice, you should launch application servers into different availability zones for high-availability purposes. Repeat the process to launch additional application servers or configure a server array for autoscaling purposes.

Post Tutorial Steps

Launch Load Balancer Servers

If you are connecting the IIS application servers to an HAProxy load balancer, see the 3 Tier Deployment Setup (HAProxy-IIS-SQL) tutorial.

Create a Server Array

If you want to create a server array for the application tier, see Add a Scalable Application Server Array to a Deployment.

You must to post a comment.
Last modified
13:44, 23 Jan 2015

Tags

Classifications

This page has no classifications.

Announcements

None


© 2006-2014 RightScale, Inc. All rights reserved.
RightScale is a registered trademark of RightScale, Inc. All other products and services may be trademarks or servicemarks of their respective owners.