IT-Camp Azure Labs
Lab Home Page… Includes DOCx and PPTx |
Description and Live links to Series
|
Lab 5: Building Application Workloads – Deploy Data Access App
Configure endpoints for WEBFE01
In this task, you will configure the required public endpoints for WEBFE01.
Perform the following tasks in the Azure management portal.
- In the Azure management portal, click in VIRTUAL MACHINES.
- Click WEBFE01, and then click ENDPOINTS.
- Click ADD.
- In ADD ENDPOINT, click the Next arrow.
- In Name, select HTTP, and then click the Completed button.
- Click ADD.
- In ADD ENDPOINT, click the Next arrow.
- In Name, select HTTPS, and then click the Completed button.
- You will have to wait for the endpoint to be created then continue
- Click ADD.
- In ADD ENDPOINT, click the Next arrow.
- In NAME, type Custom5000.
- In PUBLIC PORT and PRIVATE PORT, type 5000, and then click the Completed button.
- Click ADD.
- In ADD ENDPOINT, click the Next arrow.
- In NAME, type Custom5001.
- In PUBLIC PORT and PRIVATE PORT, type 5001, and then click the Completed button.
- Click Dismiss Completed in Azure Portal after all are done
Configure firewall ports for WEBFE01
Next, you must enable WEBFE01 to communicate internally within the service. While general IP connectivity is provided by DHCP, both servers are workgroup members and have the public firewall profile enabled. You will enable Application ports and PING traffic on WEBFE01.
Perform the following tasks in an RDP connection to WEBFE01.
- In your RDP session to WEBFE01, open Server Manager.
- Click Local Server.
- Next to Windows Firewall, click Public: On.
- In Windows Firewall, click Advanced settings.
- In Windows Firewall with Advanced Security, click Inbound Rules, and then click New Rule.
- In Rule Type, click Port, and then click Next.
- In Specific local ports, type 80, 443, 5000, 5001, and then click Next.
- On the Action page, click Next.
- On the Profile page, click Next.
- In Name, type Allow WebApp, and then click Finish.
- In Windows Firewall with Advanced Security, click Inbound Rules, and then click New Rule.
- In Rule Type, click Custom, and then click Next.
- On the Program page, click Next. (All programs should be selected)
- On the Protocol and Ports page, in Protocol type, select ICMPv4, and then click Next.
- On the Scope page, click Next.
- On the Action page, click Next.
- On the Profile page, click Next.
- In Name, type Allow PING, and then click Finish.
- Disconnect from the RDP session.
Remotely enable Internet Information Services on WEBFE01 using Windows PowerShell
In this task, you will use Windows PowerShell remoting to install Internet Information Services on WEBFE01. To perform this task, you will use standard Windows PowerShell remoting and administration commands; however, you must first install the Windows PowerShell remoting self-signed certificate installed in your WEBFE01VM. This is because Windows PowerShell remoting relies on HTTPS connections by default.
Perform the following tasks on your SQL01 Server.
- In the Azure management portal, click VIRTUAL MACHINES, click SQL01, and then click Dashboard. On the bottom bar, click CONNECT, and then click Open. Click Connect.
- When prompted, log on as sysadmin using Passw0rd! as the password. Click yes.
- Click on the Folder on the task bar to open Computer. Double-Click Data (C:) Click Home | New Folder type AzureManagement press Enter. You can then close the computer window and the Server Manager window to continue.
- Open a web browser on SQL01.
- You need to Add sites to your trusted sites.
Start – Click Internet Explorer – Click Tools (Gear in upper right corner) – Internet Options – Security Tab – Trusted Sites – Sites –
Type: https://itcmaster.blob.core.windows.net then click Add
Type: https://manage.windowsazure.com then click Add
–Close – OK - Download and Extract https://itcmaster.blob.core.windows.net/fy15q3/AzureManagement.zip to your SQL01 server in the C:AzureMangement Folder
- NOTE: you can just click OK to any security warnings you get
- Download https://itcmaster.blob.core.windows.net/fy15q3/AzureManagement.zip by typing the URL into the address bar on your SQL01 server. Click Save as then save to C:AzureMangement Folder
- Using File Explorer open the c:AzureManagement folder, right-click on the AzureManagement.zip file; select Extract All. Change the path to C: then click Extract. Close “Local Disk (C:) window. You should have a window up still that is showing you C:AzureManagement
- On SQL01, in Server Manager, on the Tools menu, click Windows PowerShell ISE.On the View menu, click Show Scripting pane.
- On your SQL01 server, run the C:AzureManagementWindowsAzurePowerShell.3f.3f.3fnew.exe file to install Azure Powershell Extentions
- Click Install
- Click I Accept
- Click Finish
- Click Exit
- Open Windows PowerShell ISE as Administrator. (Start – Type PowerShell ISE, Right-Click Windows PowerShell ISE – Click Run as Administrator)
- From the menu choose File Open to open the script file C:AzureManagementRemote PowerShell Certificate Configuration.
- Highlight the script under Part 1, and then press F8.
- In the presented web page, log on using your Microsoft Azure account, and then download the PublishSettings file that is presented.
- Save the PublishSettings file in the C:AzureManagement folder on the computer.
- In the script file, in part 2, replace the text ##Your Script File Path Here## with the full path to your downloaded file, such as “C:AzureManagementFree Trial-6-4-2014-credentials.publishsettings”.
NOTE: If there are spaces in your file name, you will have to wrap the path and filename in quotes (“) as shown in the example - Highlight the script under Part 2, and then press F8.
- You should see basic information on your subscription in the output.
- Highlight the script under Part 3, and then press F8. When prompted, type your unique ID.
- You will now have installed the certificate used by the WEBFE01 VM, which will enable remote Windows PowerShell access.
- In Windows PowerShell, type the following command, and then press ENTER. Replace <ID> with your unique identifier.
- Get-AzureVM –Name WEBFE01 –ServiceName ITCService<ID> | Get-AzureEndPoint | Select Name, Port | FT –AutoSize
- You are now presented with a list of ports that are open on WEBFE01. Using the output of the command above, identify the port used for Windows PowerShell.
- In Windows PowerShell (or in the PowerShell window of ISE), type the following command, and then press ENTER. Replace <ID> with your unique identifier. Replace <PORT> with the Windows PowerShell port from the previous command output.
- Enter-PSSession –ComputerName ITCService<ID>.cloudapp.net –Port <PORT> -Credential sysadmin –UseSSL
- In the Password dialog box, type Passw0rd!, and then click OK. Note: if you changed the username and password when you created the machine, you will have to use the username and password you used to create the machine.
- In Windows PowerShell, type Hostname, and then press ENTER.
- You are now in a Windows PowerShell session on your Azure WEBFE01 VM from SQL01.
- In Windows PowerShell, type the following command, and then press ENTER. This will install a full IIS server.
- Get-WindowsFeature Web-Server | Add-WindowsFeature –IncludeAllSubfeature
- Wait for the command to complete before proceeding. BE PATIENT. It takes several minutes.
- In Windows PowerShell, type the following command, and then press ENTER. This will restart IIS
- Iisreset
- Wait for the command to complete before proceeding.
- On your Local Laptop, using Internet Explorer, navigate to Error! Hyperlink reference not valid. where <ID> is your unique identifier.
- You have now connected to your running web server and are ready to hand off this environment for installation of your company’s software.
- If you cannot connect, wait 2 mins and try the IISReset again. if that still does not work, check to make sure your firewall ports and endpoints were not skipped or botched.
Deploy and test the Contoso Data Access sample site
In this task, you will deploy a sample site. The sample web site simulates the types of tasks the Contoso production application performs, and will prove that the Azure infrastructure meets the base technical requirements of the production system.
Perform the following tasks in RDP sessions to WEBFE01.
- Switch to the RDP session for WEBFE01.
- Using File Explorer, navigate to c:inetpubwwwroot.
- Delete all files and folders in this folder.
- Using File Explorer, navigate to Navigate to C:AzureMangementWebsite.
- Copy all Files and folders from C:AzureMangementWebsite[Website] to C:inetpubwwwroot.
- The global.asax file should be directly in the C:inetpubwwwroot folder, not a subfolder.
- Open the Web.Config file in Notepad, and then locate the following lines.
This connection string provided by the developer of the application assumes a locally installed SQL database, and assumes the locally logged on user has permission to access the database. This is not appropriate for a distributed web application and you will be updating the database location, name, and the credentials used.<connectionStrings>
<add name=”AdventureWorksConnection” connectionString=”data source=.MSSQL14;initial catalog=AdventureWorks;integrated security=True;multipleactiveresultsets=True;application name=EntityFramework” providerName=”System.Data.SqlClient” />
</connectionStrings> - Edit the line so that it reads as follows. Changed information is highlighted in yellow, new information is highlighted in green, and removed information is highlighted in red (in above).
- This configures the sample application to use the database stored on SQL01 named Test. There are three changes that are made. You change the SQL Server Name (data source), you change the database name (initial catalog), and you replace the credential with a fixed username and password (integrated security replaced with user and password) If you changed your password for DataManagementApp SQL user you will need to change it here too.
- You can optionally, copy the following XML from this document to web server’s web.config file. Note that there should only be three lines in the final file for <connectionStrings> the open (<conn…), <add name…, and close (</conn…)
<connectionStrings>
<add name=”AdventureWorksConnection” connectionString=”data source=SQL01;initial catalog=test;user id=DataManagementApp;
password=Passw0rd!;multipleactiveresultsets=True;application name=EntityFramework” providerName=”System.Data.SqlClient” />
</connectionStrings> - On your Local Laptop computer, using Internet Explorer, navigate to Error! Hyperlink reference not valid..
NOTE: You may have to refresh your browser. - Under Data Management Login, type 12345, and then click Login.
- Click Product Listings.
- The result set indicates the web application is communicating with the hosted SQL database correctly.