Microsoft IIS App Server (v12.11 LTS) - Runbook

Create a SQL Server User

Use the DB SQLS Create login operational script to create a new SQL Server user (login) and password for your application's use. Enter the following RightScript inputs before running this script.

Note: It's recommended that you set up credentials for password values and any other sensitive data as shown in the examples below.

Support for Amazon Elastic Load Balancers (ELB)

To run your IIS server in conjunction with an Amazon Elastic Load Balancer (ELB), you must follow the steps below:

1. Set up your Elastic Load Balancer. See Create a New AWS Elastic Load Balancer.
2. Set the ELB_NAME input to the name of your designated ELB. (AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY are also required, and default to the corresponding environment variables.)
3. Clone the IIS Application ServerTemplate so that you can modify its list of scripts. By default, the application ServerTemplate is designed to work with an HAProxy load balancer. In order for the application server to automatically connect and disconnect with an ELB at boot and decommission time, you must make a few modifications to the template.
4. Replace the LB Register with HAProxy script in the Boot Script list with the AWS Register with ELB script.
5. Replace the LB Deregister from HAProxy script in the Decommission Script list with the AWS Deregister from ELB script.
    

Note: If your ELB will uses the HTTPS protocol, refer to the next section for information on generating the required server certificate and private key files in PEM format.

Support for Rackspace Cloud Load Balancers (CLB)

1. Clone the IIS Application ServerTemplate so that you can modify its list of scripts. By default, the application ServerTemplate is designed to work with an HAProxy load balancer. In order for the application server to automatically connect and disconnect with a CLB at boot and decommission time, you must make a few modifications to the template.
2. Replace the LB Register with HAProxy script in the Boot Script list with the LB Register with CLB script.
3. Replace the LB Deregister from HAProxy script in the Decommission Script list with the LB Deregister from CLB script.
4. Set up your Cloud Load Balancer in the Rackspace Cloud Management Console. See Create a new Rackspace Cloud Load Balancer (CLB).
5. Create a server or server array using the modified ServerTemplate and launch a server.

Generate a Server Certificate for SSL/TLS

To use the HTTPS (HTTP with SSL/TLS) protocol, the ELB and HAProxy load balancers require a server certificate and private key in X.509/PEM format.

IIS server certificates are typically exported in .pfx (PKCS#12) format. However, you can generate a PEM-formatted certificate and private key files for the load balancers using the SYS Convert PFX operational script, in conjunction with a .pfx (PKCS#12 format) server certificate file, included as a script attachment, and the following inputs:

• CERT_FILE_NAME - The name of the .pfx certificate file attached to the SYS Convert PFX script.
• CERT_PASSWORD - If the .pfx file is password protected, specify the password.
   

It's recommended that you create credentials to hide the sensitive values for these inputs for security reasons.

The SYS Convert PFX script saves your PEM-formatted certificate and key files as public.crt and private.pem, in the C:\Certificates directory on the IIS server.

Manually Archive IIS Logs

In Amazon and Rackspace environments, the SYS Configure IIS logs rotation policy boot script sets up a Windows scheduled task on your IIS server, which runs daily and archives any log entries older than one day to an ROS container (e.g. Amazon S3 bucket or Rackspace Cloud Files container) based on the REMOTE_STORAGE_ACCOUNT_PROVIDER input.

The SYS upload IIS logs operational script lets you manually run an IIS log archive on demand. The same inputs that are used for the SYS Configure IIS logs rotation policy script are used.

Switch the Default Website Location

By default, the IIS Download application code boot script places the application code into the following directory by default: C:\inetpub\wwwroot\release\<GMT-timestamp>

If the application code is located in a different directory, run the IIS Switch default website operational script and specify the correct path using the OPT_DEFAULT_SITE_ROOT_PATH input so that IIS knows the new location of the application code.

Windows Base

To learn more about the following topics that apply to all Windows-based ServerTemplates published by RightScale, please see Base ServerTemplate for Windows - Overview. 

• Windows Firewall
• Windows Automatic Updates
• Knowledge Base (KB) Articles 
• Microsoft Key Management Server (KMS)

Other Administrative Tasks

• Run the SYS Install Web Deploy 2.0 operational script to install the Microsoft Web Deployment Tool Version 2.0 (http://www.microsoft.com/download/en/details.aspx?id=25230).
• Run the SYS Install .NET Framework 4 operational script to install the Microsoft .NET Framework 4 (http://www.microsoft.com/download/en/details.aspx?id=17718).
• Run the SYS install ASP.NET MVC 3 operational script to install the Microsoft ASP.NET MVC 3 Tools Update (http://www.microsoft.com/download/en/details.aspx?id=1491). (Be sure to install Microsoft .NET Framework 4 first since this is a prerequisite.)