Export (0) Print
Expand All
This topic has not yet been rated - Rate this topic

Installation Instructions

This guide describes how to install Service Management components using the Express (single machine) install option as well as a Distributed (multiple machines) install option. The following Service Management components can be distributed across multiple machines:

  • Service Management Admin Portal

  • Service Management Tenant Portal

  • Service Management Admin API

  • Service Management Tenant API

  • Service Management Tenant Public API

Service Management API components support distributed installation primarily for reasons of security since the Service Management Admin API exposes a high level of access to the system relative to the Service Management Tenant API which in turn provides a somewhat higher level of access to the system than the Service Management Tenant Public API. For most deployments it is considered a best practice to deploy the Service Management Admin and Service Management Tenant API behind a firewall or other publicly inaccessible location and deploy the Service Management Tenant Public API on a publicly accessible machine. The particular deployment strategy used will of course depend on the Hosting Service Providers security requirements.

This guide also provides information for installing and configuring the Web Site Services required to provision a Web Site Cloud to host web sites for subscribing users.

Service Management Components and Certificates

Each Service Management component is installed on an IIS web site which by default is configured with a self-signed certificate. Because these self-signed certificates will not be among the certificates in the Trusted Root Certification Authorities store loaded by your browser upon startup, your browser will display a security warning when you attempt to connect to any of the sites. For any publicly facing services such as those running on the MgmtSvc-TenantSite and MgmtSvc-TenantPublicAPI web sites, it is recommended that these self-signed certificates be replaced with valid certificates issued by a Trusted Root Certificate Authority to ensure that end users avoid this experience. The MgmtSvc-AdminSite web site may also benefit from a replacement of the self-signed certificate. For more information about how to configure certificates for your Service Management Portal and Service Management API deployment please review recommendations in the Post Installation Best Practices section of this guide.

noteNote
Services which aren’t accessed by users, such as the Service Management APIs and Resource Providers, ignore certificate validation errors by default. This is done via the ServicePointManager.ServerCertificateValidationCallback Property. If this is a security concern, it is recommended that these self-signed certificates be replaced by valid certificates issued by a recognized Certificate Authority and that the validation override be turned off, or set to false.

Express Install

Use the Express Install option to install both Service Management Portals and all of the Service Management API onto a single machine. This option would typically only be used for proof of concept work or testing and is not recommended for production environments.

  1. Logon to the Service Management Portal machine (for example, SvcMgmtPortal ) and launch the Web Platform Installer.

  2. Click the Products tab and then click Windows Azure. Click Add next to Service Management Portal and Service Management API (Express), and click Install.

    Service Management Express Install
  3. Click I Accept on the Prerequisites screen and the installation will begin.

    Service Management Express Install The machine may reboot during the installation.

    Service Management Express Install
  4. When the installation is complete click Continue and Finish.

    Service Management Express Install
  5. Configuration will open the Service Management Configuration Site (https://localhost:30101/) in Internet Explorer. If the Internet Explorer security certificate warning page is displayed click Continue to this website (not recommended).

    Service Management Express Install
  6. If prompted enter Administrator credentials to connect to the Configuration site which will display the Database Server Setup page. On the Database Server Setup page enter sa credentials to connect to the SQL Server or SQL Server Express instance you installed, enter a passphrase for the Config store and then click the next arrow in the bottom right corner of the web page to continue.

    Service Management Express Install
  7. The features being installed are listed on the Features Setup page.

    After the features are successfully configured click the checkmark in the bottom right corner of the Features Setup page to launch the Service Management Admin Portal (https://localhost:30091/#Workspaces/WebSystemAdminExtension/quickStart).

    Service Management Express Install
  8. When prompted enter Administrator credentials and if presented with a security certificate warning page click Continue to this website (not recommended) to display the Service Management Portal Tour Welcome page.

    Service Management Express Install
  9. As you review the Portal Tour pages click the next arrow to proceed. On the last page click the checkmark to close the tour and display the Service Management Admin Portal.



    Service Management Admin Site Setup

Distributed Install

Per the Environment Topology section, you may deploy the Service Management Admin Site, Service Management Tenant Site and the Service Management API on separate machines. These components may be deployed on individual machines or in different combinations (for example, the Tenant Site and Service Management API on a machine that has internet access and Admin Site on a machine that has protected access).

You may also deploy the Service Management Admin API, Service Management Tenant API and Service Management Tenant Public API on separate machines. These components may also be deployed on individual machine or in different combinations (for example, the Service Management Tenant Public API may be installed on a machine that has internet access while the Service Management Admin API and Service Management Tenant API may be installed on machines that have protected access).

Service Management Admin Site

Follow these steps to install the Service Management Admin Site

  1. Logon to the Admin Site machine (for example, SvcMgmtAdmin) and launch the Web Platform Installer.

  2. Click the Products tab and then click Windows Azure to see the list of available install options. Click Add next to Service Management Admin Site, and click Install.

    Service Management Distributed Install
  3. Click I Accept on the Prerequisites screen and the installation will begin. The machine may reboot during the installation.

    Service Management Distributed Install
  4. When installation is complete click Continue. And then click Finish on the Finish screen.

    Service Management Distributed Install
  5. The Service Management Configuration Site (https://localhost:30101/) will launch with Internet Explorer. If the Internet Explorer security certificate warning page is displayed click Continue to this website (not recommended).

    Service Management Distributed Install
  6. If prompted enter Administrator credentials to connect to the Configuration site.

  7. The Configuration Site wizard will display the Database Server Setup page. On the Database Server Setup page enter sa credentials to connect to the SQL Server or SQL Server Express instance, enter a passphrase and passphrase confirmation for the Config store (make sure to use a strong passphrase) and then click the next arrow to continue.

    Service Management Express Install
  8. The Features Setup page will display the list of features to be configured, click the checkmark in the bottom right corner to continue and click the checkmark again when feature configuration is completed successfully.

    Service Management Distributed Install
  9. The Admin Site will launch. If the Service Management API has not yet been configured in the environment, you will see a notification on the Admin site asking you to configure the Service Management API.

    Service Management Distributed Install
  10. Once the Service Management API has been configured you may click Try Again to continue.

    noteNote
    Ensure that Service Management API is installed before completing setup for the Service Management Admin Site. If a distributed installation of the Service Management API was performed ensure that all 3 components of the API are installed.

Service Management Tenant Site

  1. Logon to the Tenant Site machine (for example, SvcMgmtTenant) and launch Web Platform Installer.

  2. Click the Products tab and then click Windows Azure to see the list of available installation options. Click Add next to Service Management Tenant Site and then click Install.

    Service Management Tenant Site
  3. Follow steps 3 to 9 in the Service Management Admin Site section above.

Service Management API

The Service Management API installation options are presented as three distinct components:

  • Service Management Admin API

  • Service Management Tenant API

  • Service Management Tenant Public API

While it is possible to install all of these components on a single machine, this would not be considered a best practice in a production environment because of the relatively high level of access exposed by the Service Management Admin API and to a lesser degree the level of access exposed by the Service Management Tenant API. Therefore, it is recommended that the Service Management Admin API and Service Management Tenant API are installed on machines that are behind a firewall or that are otherwise not accessible by the public. The Service Management Tenant Public API is designed to serve all of the needs of end users that subscribe to a Hosting Service Provider’s Cloud services.

To install the various Service Management API’s, complete the following steps on each machine that you are installing the Service Management Admin API, Tenant API, and Tenant Public API:

  1. Logon to the Service Management API/Tenant API/Tenant Public API machine (for example, SvcMgmtTenAPI) and launch the Web Platform Installer.

  2. Click the Products tab and then click Windows Azure to see the list of available install options. Click Add next to one of Service Management API/Tenant API/Tenant Public API, and click Install.

    Service Management API
  3. Click I Accept on the Prerequisites screen and the installation will begin. The machine may reboot during the installation.

    Service Management API
  4. When installation is complete click Continue on the Configure screen and Finish on the Finish screen.

    Service Management API
  5. Configuration will open the Service Management Configuration Site https://localhost:30101/ in Internet Explorer. If the Internet Explorer security certificate warning page is displayed click Continue to this website (not recommended).

    Service Management API
  6. If prompted enter Administrator credentials to connect to the Configuration site which will display the Database Server Setup page. On the Database Server Setup page enter sa credentials to connect to the SQL Server or SQL Server Express instance you installed, enter a passphrase for the Config store and then click the next arrow in the bottom right corner of the web page to continue.

    Service Management API
  7. After features are configured successfully click the checkmark in the bottom right corner of the Features Setup page. This will prompt you to close your browser window.

    Service Management API

Complete Service Management Admin Site Setup

noteNote
Ensure that Service Management API is installed before completing setup for the Service Management Admin Site. If a distributed installation of the Service Management API was performed ensure that all 3 components of the API are installed.

  1. Go back to the Service Management Admin Site machine, and refresh the Service Management Admin Site page described at the end of the Service Management Admin Site section. If the Service Management Admin Site is no longer open on the machine, open https://localhost:30091/#Workspaces/WebSystemAdminExtension/quickStart in Internet Explorer.

  2. If presented with a security certificate warning page click Continue to this website (not recommended) and enter Administrator credentials to display the Service Management Portal Tour Welcome page.

    Service Management Admin Site Setup
  3. Click through the Portal Tour pages by clicking the next arrow and click the checkmark to close the tour and display the Service Management Admin Portal.

    Service Management Admin Site Setup

Install and Configure the Web Sites Cloud Controller

The Web Sites Cloud controller provides the logic to monitor the state of and maintain the health of all the roles in a Web Sites Cloud. The Web Sites Cloud controller must be installed before installing any other Web Site Cloud roles.

Launch the Web Site Cloud Setup

  1. Logon to the Web Sites Controller machine (for example, SitesController) and launch the Web Platform Installer.

  2. Click the Products tab and then click Windows Azure. Click Add next to Web Sites service and third party dependencies, and click Install.

    Service Management Web Site Cloud Setup
  3. Click I Accept to accept license terms and launch setup.

    Service Management Web Site Cloud Setup
  4. Setup will display the progress of the installation.

    Service Management Web Site Cloud Setup
  5. After installation is complete, click Continue to open the Service Management Configuration site.

    Service Management Web Site Cloud Setup
  6. Your browser may display a certificate security warning. Click Continue to the website (not recommended) and provide necessary Administrator credentials when prompted to continue to the Web Site Cloud Controller configuration page.

    Service Management Web Site Cloud Setup

Configure the Web Site Cloud Service

  1. On the Database Server Setup page provide the following information and click the next arrow in the bottom right of the page:

    • Server Name – name of the SQL Server Instance used by the controller to store web site hosting and resource usage information.

    • Database Server Admin Username - sa

    • Database Server Admin Password – password for the sa account

    • DNS Suffix – Enter value determined by Public DNS Mappings

    Service Management WebSite Management Portal Setup
  2. Provide the requested information for the Management Server / Web Site cloud REST API server:

    • Server Name - Name of machine that will run the management server role, e.g. SitesRESTAPI

    • Machine Credentials to install Management roles

      Admin Username to be either:

      • Domain account that is member of local Administrators group on all web site cloud role machines, excluding the web worker(s)

      • Local account that is a member of local Administrators group on all web site cloud role machines, excluding the web worker(s). If using a local account, the account name and password must be identical on all machines, excluding the web worker(s).

      Admin Password - Password for the domain or local account that is a member of the local administrators account on all web site cloud management role machines, excluding the web worker(s).

    • Machine Credentials to install Worker roles

      Admin Username to be one of either:

      • A domain account that is member of local Administrators group on all web worker(s)

      • A local account that is a member of local Administrators group on all web worker(s). If using a local account the account name and password must be identical on all machines.

      Admin Password - Password for the domain or local account that is a member of the local administrators account on all web worker(s).

      Service Management WebSite Management Portal Setup
  3. Service Endpoint Credentials

    Scroll down to provide Service End Point credentials and then click the next arrow on the bottom right corner of the page. Make a note of these credentials as they will be required when registering your Web Sites REST endpoint in the Service Management Portal Admin site.

    • Username - Provide a username for connecting to the web site rest endpoint.

    • Password - Provide a password for the service endpoint credentials.

    ImportantImportant
    Ensure that you make a note of these credentials. If you do not have these credentials when you attempt to register your Web Sites REST endpoint in the Service Management Portal Admin Site you will be unable to complete configuration of your Web Sites Cloud.

    Service Management WebSite Management Portal Setup
  4. If using a standalone file server:

    • Select the option to Create a New Standalone Windows File Share.

    • File Server Name – Enter the name of the file server machine, for example FileServer.

    • Content Share Network Path – \\<Server name>\WebSites, for example, \\FileServer\WebSites.

    • Content Share Physical Path – <Drive letter>:\WebSites, for example, C:\WebSites.

    • File Share Owner Username – Specify the FileShareOwner account you created.

    • File Share Owner Password – Specify the FileShareOwner account you created.

    • File Share Owner Password Confirmation – Confirm the password of the FileShareOwner account.

      Service Management WebSite Management Portal Setup Scroll down and specify the following information to finish filling out the File Server Setup page and then click the next arrow at the bottom right of the page.

      • File Share User Username – Specify the FileShareUser account you created.

      • File Share User Password – Specify the password of the FileShareUser account.

      • File Share User Password Confirmation – Confirm the password of the FileShareUser account.

      • Certificate Share Network Path – \\<Server name>\Certificates, for example, \\FileServer\WebSites

      • Certificate Share Physical Path – <Drive letter>:\Certificates, for example, C:\Certificates

      • Certificate Store Account Username – Specify the CertificateShareUser account you created.

        noteNote
        Scroll down to enter the Certificate Store Account Password and Certificate Store Account Password Confirmation.

      • Certificate Store Account Password – Specify the password of the CertificateShareUser account.

      • Certificate Store Account Password Confirmation – Confirm the password of the CertificateShareUser account.

      Service Management WebSite Management Portal Setup
    Click the checkmark on the bottom right of the Ready to configure page for the Web Sites service feature.

    Service Management WebSite Management Portal Setup After you accept the specified configuration settings Web Site Setup will complete installation, adding the servers and getting the hosting controller ready. Click the checkmark again on the bottom right of the Ready to configure page to finalize configuration of the Web Sites service feature.

    Service Management WebSite Management Portal Setup
    noteNote
    To follow the progress of the configuration open Internet Information Services (IIS) manager - Expand Server Farms, Management Servers, click Servers and monitor the trace messages section. Upon successful completion of configuration the last Trace Message should read Server successfully started.

  5. If using a pre-configured file server, file server cluster, or NAS device:

    • Select the option to Use a Pre-configured File Server.

    • Content Share Network Path - \\<Server name>\WebSites, for example, \\FileServer\WebSites.

    • File Share Owner Username – Specify the FileShareOwner account you created.

    • File Share Owner Password – Specify the password of the FileShareOwner account.

    • File Share Owner Password Confirmation – Confirm the password of the FileShareOwner account.

    Service Management WebSite Management Portal Setup Scroll down and specify the following information to finish filling out the File Server Setup page and then click the next arrow at the bottom right of the page.

    • File Share User Username – Specify the FileShareUser account you created.

    • File Share User Password – Specify the password of the FileShareUser account.

    • Certificate Share Network Path – \\<Server name>\Certificates, for example, \\FileServer\WebSites

    • Certificate Store Account Username – Specify the CertificateShareUser account you created.

    • Certificate Store Account Password – Specify the password of the CertificateShareUser account.

    • Certificate Store Account Password Confirmation – Confirm the password of the CertificateShareUser account.

    Service Management WebSite Management Portal Setup Click the checkmark on the bottom right of the Ready to configure page for the Web Sites service feature.

    Service Management WebSite Management Portal Setup After you accept the specified configuration settings Web Site Setup will complete installation, adding the servers and getting the hosting controller ready. Click the checkmark again on the bottom right of the Ready to configure page to finalize configuration of the Web Sites service feature.

    Service Management WebSite Management Portal Setup
    noteNote
    To follow the progress of the configuration open Internet Information Services (IIS) manager - Expand Server Farms, Management Servers, click Servers and monitor the trace messages section. Upon successful completion of configuration the last Trace Message should read Server successfully started.

Did you find this helpful?
(1500 characters remaining)
Thank you for your feedback

Community Additions

ADD
Show:
© 2014 Microsoft. All rights reserved.