Note: Please go to docs.rightscale.com to access the current RightScale documentation set. Also, feel free to Chat with us!
Home > ServerTemplates > v13.5 LTS > ST > Microsoft IIS App Server (v13.5 LTS) > Microsoft IIS App Server (v13.5 LTS) - Runbook

Microsoft IIS App Server (v13.5 LTS) - Runbook

 

Table of Contents    

Long Term Support

Stable, tested ServerTemplate assets

   ►  Runbook

Common Operational Tasks

Update Application Code

Application code is typically downloaded at boot time when an application server is launched. However, you can manually update the application code on a running server by executing an operational script. For example, you may want to retrieve the latest version of your application from a different branch in your software repository.

  • To update the application code on a server run the IIS Download application code operational script.

Create a SQL Server User

Use the DB SQLS Create login operational script on your Microsoft SQL database server to create a new SQL Server user (login) and password for your application's use. Enter the following RightScript inputs before running this script.

Note: It's recommended that you set up credentials for password values and any other sensitive data as shown in the examples below.

Input Name Description Example Values
DB_NAME Default database to assign to the new SQL Server user. Text:MyDatabase
DB_NEW_LOGIN_NAME User name for the new SQL Server user.

Cred:SQL_SERVER_USER

DB_NEW_LOGIN_PASSWORD Password for the new SQL Server user. Cred:SQL_SERVER_PASSWORD
DB_REMOTE_SERVER_IP IP address of the target SQL Server. The script assumes that the default SQL Server port, 1433, is used for server communications. Text:180.100.100.38
DB_REMOTE_SQL_LOGIN Login ID for a SQL Server user with administrative permissions, used to create the new application-specific user account.  Cred:SQL_APPLICATION_USER
DB_REMOTE_SQL_PASSWORD Login password for a SQL Server user with administrative permissions (DB_REMOTE_SQL_LOGIN). Cred:SQL_APPLICATION_PASSWORD

Add a Connection String

Add a connection string to the database's web.config file that the IIS application server will use to securely connect to the database. Typically, the connection string is created at boot time, but you can also create a new connnection string, if desired.

Run the IIS Add connection string operational script on the IIS application server and specify values for the following inputs.

 

Input Name Description Example Value
OPT_CONNECTION_STRING_DB_NAME The name of the target Microsoft SQL database that the IIS application will connect to. (e.g., MyDatabase)

text:  DotNetNuke

OPT_CONNECTION_STRING_DB_SERVER_NAME

Fully qualified domain name or IP address of the (standalone or principal) Microsoft SQL database server that contains the target database (OPT_CONNECTION_STRING_DB_NAME). The application server will make a connection request to the database server using this value. It's recommended to establish connections using the server's private IP (if available).

If the database server uses a TCP communications port other than TCP 1433 (default), specify the desired port number after the server name, separated by a colon. (e.g., my-db1.example.com:56)

text:  my-db1.example.com

text:  180.12.34.567

OPT_CONNECTION_STRING_DB_USER_ID

The IIS application will connect to the database by logging in with a SQL user that has database privileges. Specify the username of this SQL Server user. 

Important!  If you previously created the SQL Server user on the database server using the 'DB SQLS Create login' operational script, use the same value that you used for the DB_NEW_LOGIN_NAME input. 

cred:  SQL_APPLICATION_USER
OPT_CONNECTION_STRING_DB_USER_PASSWORD

The password of the SQL Server user that the application will use to log into SQL database.

Important!  If you previously created the SQL Server user on the database server using the 'DB SQLS Create login' operational script, use the same value that you used for the DB_NEW_LOGIN_PASSWORD input. 

cred:  SQL_APPLICATION_PASSWORD
OPT_CONNECTION_STRING_NAME

The name of the connection string that the IIS application will use to connect to the database specified by the OPT_CONNECTION_STRING_DB_NAME input. 

text:  SiteSqlServer

Switch the Default Website Location

By default, the IIS Download application code boot script places the application code into the following directory by default: C:\inetpub\wwwroot\release\<GMT-timestamp>

If the application code is located in a different directory, run the IIS Switch Website operational script and specify the correct path using the OPT_DEFAULT_SITE_ROOT_PATH input so that IIS knows the new location of the application code.

 

Restart Application

Run the IIS Restart application operational script on an application server to restart the IIS application by touching the web.config file.

Input Name Description Example Values
WEB_SITE_NAME Name of the web site for the application. Default value is 'Default web site'. Text:MyWebsite

Restart Webserver

Run the IIS Restart web server operational script on an application server to restart the IIS web server.

Input Name Description Example Values
WEB_SITE_NAME Name of the web site for the application. Default value is 'Default web site'. Text:MyWebsite
 

Support for Amazon Elastic Load Balancers (ELB)

To run your IIS server in conjunction with an Amazon Elastic Load Balancer (ELB), you must follow the steps below:

  1. Set up your Elastic Load Balancer. See Create a New AWS Elastic Load Balancer.
  2. If needed, Clone the IIS Application ServerTemplate so that you can modify its list of scripts. By default, the application ServerTemplate is designed to work with an HAProxy load balancer. In order for the application server to automatically connect and disconnect with an ELB at boot and decommission time, you must make a few modifications to the template, which requires a cloned, editable HEAD copy of the template.
  3. Navigate to the your cloned template > Scripts tab and replace the LB Register with HAProxy script in the Boot Script list with the AWS Register with ELB script.
  4. On the same Scripts tab, replace the LB Deregister from HAProxy script in the Decommission Script list with the AWS Deregister from ELB script.
  5. Proceed to add a server from your cloned template, then set the 'ELB_NAME' input on the deployment or server's Inputs tab to the named value of your ELB server.
     

Note: If your ELB will use the HTTPS protocol, refer to the next section for information on generating the required server certificate and private key files in PEM format.

Support for Rackspace Cloud Load Balancers (CLB)

To run your IIS server in conjunction with a Rackspace Cloud Load Balancer (CLB), you must follow the steps below:
  1. If needed, Clone the IIS Application ServerTemplate so that you can modify its list of scripts. By default, the application ServerTemplate is designed to work with an HAProxy load balancer. In order for the application server to automatically connect and disconnect with a CLB at boot and decommission time, you must make a few modifications to the template, which requires a cloned, editable HEAD copy of the template.
  2. Navigate to the your cloned template > Scripts tab and replace the LB Register with HAProxy script in the Boot Script list with the LB Register with CLB script.
  3. On the same Scripts tab, replace the LB Deregister from HAProxy script in the Decommission Script list with the LB Deregister from CLB script.
  4. Set up your Cloud Load Balancer in the Rackspace Cloud Management Console. See Create a new Rackspace Cloud Load Balancer (CLB).
  5. Create a server or server array using the modified ServerTemplate and ensure that the RACKSPACE_CLB_NAME and RACKSPACE_CLB_REGION inputs are defined on the deployment or server level with the appropriate values for your CLB, then launch the server.

Generate a Server Certificate for SSL/TLS

To use the HTTPS (HTTP with SSL/TLS) protocol, the ELB and HAProxy load balancers require a server certificate and private key in X.509/PEM format.

IIS server certificates are typically exported in .pfx (PKCS#12) format. However, you can generate a PEM-formatted certificate and private key files for the load balancers using the SYS Convert PFX operational script, in conjunction with a .pfx (PKCS#12 format) server certificate file and the following inputs:

  • CERT_FILE_PATH - The full path to the .pfx certificate file stored on local file system of the instance.
  • CERT_PASSWORD - If the .pfx file is password protected, specify the password.
    Note: It's recommended that you create a credential to hide the sensitive value for this input for security reasons.

The SYS Convert PFX script saves your PEM-formatted certificate and key files in the same directory as the original .pfx file with a .crt and .pem extension on the IIS server.

Manually Archive IIS Logs

In Amazon and Rackspace environments, the SYS Configure IIS logs rotation policy boot script sets up a Windows scheduled task on your IIS server, which runs daily and archives any log entries older than one day to an ROS container based on the REMOTE_STORAGE_* inputs.

 

The SYS Upload IIS Logs operational script allows you to manually run an IIS log archive on demand. The same inputs (REMOTE_STORAGE_*) used by the 'SYS Configure IIS Logs Rotation Policy' script will also be used by the 'SYS Upload IIS Logs' manual script.

 

  1. Verify that the required REMOTE_STORAGE_* inputs are set under the "Remote Storage" section.
  2. Run the SYS upload IIS logs operational script.

 

 

Enable or Disable Windows Firewall

Use the 'SYS Enable Windows Firewall' and 'SYS Disable Windows Firewall' operational scripts to enable or disable Windows firewall settings. Add the script to the "Boot Scripts" list to enable Windows Firewall by default at boot time when a new instance is launched.

Configure the Windows Updates Policy

By default, no Windows updates are applied to a running server. However, you can set the following input and run the 'SYS Set Windows Automatic Updates Policy' operational script to define how Windows automatic updates should be applied to an operational Windows server.

Input Name Description Example Values
WINDOWS_AUTOMATIC_UPDATES_POLICY

Define the Windows automatic updates policy. Default is no auto updates.

  • Disable automatic updates
  • Install updates automatically
  • Notify before download
  • Notify before installation
text: Install updates automatically

Configure the Windows Reboot Policy

Some Windows updates require a server to be rebooted in order to complete the installation process. However, you might want to reboot the instance at a more convenient time in order to reduce the amount of site downtime or negative impact to your end users. In such cases, you can set the following input before running either the 'SYS Install All Windows Updates' or 'SYS Install Microsoft update by KB number' operational script to specify whether or not an instance is allowed to reboot after the script is run. Reboot is not allowed by default.

Input Name Description Example Values
WINDOWS_UPDATES_REBOOT_SETTING

Defines whether or not the instance is rebooted after installing a Windows update. 

  • Do Not Allow Reboot
  • Allow Reboot
text: Allow Reboot

Install Windows Updates

Run the 'SYS Install All Windows Updates' operational script to download and install all new Windows updates. Any updates that require a user to accept a EULA are NOT installed. Use the WINDOWS_UPDATES_REBOOT_SETTING input to control whether or not the instance is rebooted after the updates are installed, if required.

Input Name Description Example Values
WINDOWS_UPDATES_REBOOT_SETTING

Defines whether or not the instance is rebooted after installing a Windows update. 

  • Do Not Allow Reboot
  • Allow Reboot
text: Allow Reboot

Install Microsoft Knowledge Base (KB) Article Updates

Set the following input and run the 'SYS Install Microsoft update by KB number' operational script to install a specific KB update.

To apply the KB updates to the running server at boot time, add the script to the end of the "Boot Scripts" list.

Input Name Description Example Values
KB_ARTICLE_NUMBER

Microsoft KB number of update to be installed. Use format KBxxxxxx (x is digit) or just xxxxxx to specify the number. You can either specify a single KB article number or a comma-separated list.

text: 961402
WINDOWS_UPDATES_REBOOT_SETTING

Defines whether or not the instance is rebooted after installing a Windows update. 

  • Do Not Allow Reboot
  • Allow Reboot
text: Allow Reboot

Register with a Windows KMS Server

Set the following inputs and run the 'SYS Activate Windows with KMS server' operational script to activate the instance's license with a Microsoft Key Management Server (KMS). Before you run the script, make sure that the KMS server's firewall settings are configured to accept a request from the instance. 

Input Name Description Example Values
KMS_HOST

Specify the FQDN or IP address of the KMS server with whom the instance will activate its license e.g., kms.mydomain.com

text: kms.example.com

text: 10.567.333.45

KMS_PORT The port number that the instance will use to connect to the KMS server. Default value is 1688 e.g., 1688 text: 1688

Other Administrative Tasks

​          Note: Be sure to install Microsoft .NET Framework 4 first since it is a prerequisite.

 

You must to post a comment.
Last modified
13:53, 11 Sep 2013

Tags

Classifications

This page has no classifications.

Announcements

None


© 2006-2014 RightScale, Inc. All rights reserved.
RightScale is a registered trademark of RightScale, Inc. All other products and services may be trademarks or servicemarks of their respective owners.