Posted by on Mar 21, 2015 in #Azure, #PowerShell, Visual Studio, Windows Server | 0 comments

[This is part 2 of 4 in this series about securing a load-balanced API hosted on Azure VMs with Azure API Management and an Azure Virtual Network. You’ll find the table of contents at the bottom of this post.]

Be sure to have the RDP and Web Deploy endpoints configured on your VMs (in the Azure portal). If you haven’t already configured them, have a look in the first part of this series.

Install IIS

The first step is to RDP into your machines, head to the blade for each of your VMs in the Azure Portal and tap the Connect button.

connecttovm

This will download the connection settings for the RDP connection – open it and enter your administrator credentials for the VM. You may also need to trust a couple of certificates in order to establish the connection.

Once you’re in the VM; the quickest way to install IIS is simply to open PowerShell and run the following:

Install-WindowsFeature -Name Web-Server

While you’re installing IIS, open the Server Manager and click on Local Server in the side-menu. Locate the IE Enhanced Security Configuration label, tap on it and turn off IE Enhanced Security for administrators (you can turn it back on once your VM is configured).

ieenchanced

Once your installation has completed, open up Internet Explorer and browse to http://localhost/ – if IIS was successfully installed you should be prompted with the following view:

iissuccess

Install IIS Configurations, Web Deploy and ASP.NET

Now let’s make sure our ASP.NET Web API can run on our IIS server and that we can use Web Deploy to push our code to it. I’ll be using a tool called Web Platform Installer – it’s a very rapid and lightweight way of getting the necessities in place.

Use Internet Explorer in your VM and browse to:
http://www.microsoft.com/web/downloads/platform.aspx 

Download Web Platform Installer and run it!

Next up (in Web Platform Installer), use the search function to locate and add a couple of components:

  • IIS Recommended Configuration
  • Recommended Server Configuration for Web Hosting Providers
  • Web Deploy 3.5 for Hosting Servers
  • IIS: ASP.NET 4.5

When you add these components you’ll get a pretty solid list of items that will be downloaded and installed. Tap the Install button (in the bottom right corner) to continue – you’ll most likely not need all of these items and you’ll get a chance to remove some of them before the installation begins.

wpicart

In my experience this can actually take some time to complete (obviously depending on what type of pricing tier you’re running your VMs on).

Deploying the API using Web Deploy (in Visual Studio 2013)

It’s very straight forward to deploy your API to an Azure VM using Web Deploy once you have the connection settings available. To get a hold of these, open your project (the ASP.NET Web API in my case) in Visual Studio and right-click it in the Solution Explorer. In the context menu, hit the Publish option.

webdeploypublish

In the dialog, expand More Options, select Microsoft Azure Virtual Machines, sign in with your Azure account and select the target VM.

publishtarget

The port in the server field will default to 8172 – which might not be correct for the selected VM. Be sure to double-check this and adjust if needed (view the public port for the Web Deploy endpoint in the Azure portal).

To authenticate the connection you’ll need to fill out the User name and Password for the VM. You could use the administrator credentials for the VM – however best practice would be to set up a separate deploy-only account in the VM with restricted permissions.

publishtarget2

Click the Validate Connection button and accept any certificate error prompts.

certerror

The validation may still throw an error, if you don’t have an available destination URL which the VM responds to. In my case I didn’t, so I simply used the RDP connection and navigated to http://localhost/ using Internet Explorer to confirm that my API was deployed successfully.

deployedapi

Deploy the API to all of your VMs and let’s move on to setting up the internal load-balancer in order to distribute workloads across them!

You can navigate within the entries of this series here:

-Simon Jäger