Part I: Introduction and installing the first servers
Part II Adding secondary Website Controller
Part III: Adding Website Front Ends and Publishers
Part IV: Adding Website Worker Roles
Part V: Post configuring Azure Pack Websites
In this blogpost we are going to build a highly available Azure Pack Websites Cloud. Azure Pack websites is the website platform as a service for hosting providers and you can compare this setup with the public Microsoft Azure Website service. Let’s take a look at the overview for Azure Pack Website. You see on the picture below on the left part we have the management part for the website farm. On the right side you will see the core services for running the websites.
In this blogpost I configured 11 servers for the Azure Pack websites. The only part that isn’t HA is my Fileserver. You can also choose to use a NAS device. Otherwise you should create a HA Fileserver and the server count will be 12 servers. The SQL Runtime DB is in my environment is collocated on the Azure Pack Database server that is hosting the databases for my Azure Pack server. All my website servers are running in a workgroup for security purposes. I recommend to use workgroup or build a separate domain for your website servers. The websites core services part I configured is as following:
|MS-FTE01 and 02||Front End Server|
|MS-IIS01 and 02||Web Worker Role|
|MS-PUB01 and 02||Publishing server|
The websites management part I configured is this:
|MS-WMG01 and 02||Management Server|
|MS-WCT01 and 02||Controller Server|
Prior to this setup I have built an Azure Pack environment containing a Domain (Azure.Cloud), a SQL Server (MS-SQL01), and a Azure Pack Express install (MS-WAP01).
So deploy your new windows 2012r2 servers in your environment and follow the next steps:
#On all your Azure Pack website servers run:
Install-WindowsFeature NET-Framework-Core -Source 'path to sxs folder on DVD'
netsh advfirewall firewall set rule group = "windows management instrumentation (wmi)" new enable = yes
netsh advfirewall firewall set rule group = "File and Printer Sharing" new enable = yes
reg add HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\system /v LocalAccountTokenFilterPolicy /t REG_DWORD /d 1 /f
#On the Frontend, Management, Publisher, File Servers run:
net user admwebmgt P@ssw0rd /add
net localgroup administrators admwebmgt /add
#On Fileserver run:
#On Worker Servers Run:
net user admwebworker P@ssw0rd /add
net localgroup administrators admwebworker /add
#Reboot all the servers:
I created a new zone for testing purposes in my domain. I created azurewebsites.cloud as a new DNS zone. In that zone I created the following records:
|*.azurewebsites.cloud||172.30.119.70 (Frontend Server NLB IP)|
|*.scm.azurewebsites.cloud||172.30.119.70 (Frontend Server NLB IP)|
|ftp.azurewebsites.cloud||172.30.119.80 (Publisher Server NLB IP)|
|Publish.azurewebsites.cloud||172.30.119.80 (Publisher Server NLB IP)|
I created for testing purposes a self-signed certificate:
.\makecert.exe -n CN=*.azurewebsites.cloud -r -pe -b 01/01/2013 -e 01/01/2039 -eku 188.8.131.52.184.108.40.206.1 -ss My -sky exchange -sp "Microsoft RSA SChannel Cryptographic Provider" -sy 12 -len 2048
When the command has ran export it from your personal(user) store including the private key. We need this to upload later on into the websites cloud.
I do recommend to buy a wildcard certificate in production environments.
Let’s start the installation. Install the First Web Site Controller (MS-WCT01). Go to http://microsoft.com/web/download and download the Web Platform Installer. When that’s done open it and search for Azure Pack in the top right corner. Look for the Windows Azure Pack Websites V2 Update 4 and click install:
Choose I Accept to start the installation.
When it is finished installing hit continue and then finish. The configuration site will open.
Choose to configure now:
You need to specify the runtime DB server. In my case I collocated it on my SQL that is hosting Azure Pack database. Enter in the name of the SQL server and the user credentials to use for authenticating against the SQL server.
Next step is to configure the root domain where websites will be hosted on. When a tenant creates a website there is no magic happening to create extra DNS record to point to the front end servers. In my case I created the *.azurewebsites.cloud. As I defined a * in front it will redirect all queries before the .azurewebsites.cloud to the ip address I have specified in the DNS on *.azurewebsites.cloud. This is like a catch all for a record. If you are going to create this in your public DNS make sure your DNS provider supports wildcard DNS records or catch all records.
So I entered azurewebsites.cloud as dns suffix:
Now we need to configure Management and Worker for Azure Pack Websites. Enter the first management server name and the credentials we created in the script we ran earlier. Next enter the credentials to deploy worker roles. This is the user we also created earlier in the script:
The service Endpoint Credentials are used to register this webfarm into Azure Pack. When the installation is finished we only have a websites farm but not yet connected it to the Azure Pack admin portal. The credentials below are going to beused for that registration. I used CloudAdmin and made up a password. (write it down for later use)
The next step is to configure the Fileserver. The fileserver is used to hold all the website content for all the provisioned websites. It also holds a folder with all the certificates uploaded by tenants. (Tenants can also configure SSL on their websites)
I choose for create a new standalone windows fileserver in my environment and left default sharename and content path. If you have attached a extra disk for holding data specify the correct drive letter:
Next specify the Fileshare Owner and password. This will be created by the Azure Pack installer so you can make up this account and it will be automatically provisioned. Do the same for the FileShare User
Next part is to setup the Certificate directory and user. Specify again a file share and path and made up a user for that directory
Next step is to configure Customer Experience Improvement Program and Updates
Now the Azure Pack installer will install all components on the servers specified in the wizard:
When done it will ask to close the page.
Now we have finished installing the Fileserver, the first controller server and first management server.
Now we need to add the second management server:
Open a Powershell on the Controller server (where we just finished the installation) to execute the following lines to install the second Management server:
New-WebSitesServer -Name MS-WMG02 -ServerType ManagementServer -Verbose
It will return quickly but the installation has started remotely on the server.
On the second server you won’t see anything, but when looking in the task manager there is an installation running:
I didn’t read anywhere for configuring NLB but I tested it without and it failed when turning off 1 server so I configured NLB on my management servers. The management server URL will be webmgt.azure.cloud (172.30.119.60). You need to populate this record in your DNS to match the NLB Cluster IP.
Now Install and Configure NLB on the first management server:
Install-WindowsFeature NLB -IncludeManagementTools
Open NLB manager and create a new cluster
Specify the first Management server as host:
Add the IP address you reserved for the NLB IP:
I used multicast and entered the DNS name:
The load balancing port is 443:
Hit finish and right click the NLB name and choose add host to cluster.
Make sure the installation for the 2nd management server has finished before continuing with adding the second node:
Enter the second management server name:
Hit Next, Next and Finished:
Now it is time to add the Azure Pack Websites farm to Azure Pack. Open the admin portal and click on Website Clouds. Choose connect to a website cloud Enter the URL we created for the NLB https://webmgt.azure.cloud Here you need to enter the credentials we created earlier in the setup in my case CloudAdmin and my super-secret password:
Click on connect and we have our Website Cloud connected to Azure Pack
Stay tuned for the next posts!