Not a developer? Go to MovableType.com

Documentation

Installing on Microsoft Azure

Introduction

This is a step by step guide for installing Deploy Kit on Microsoft Azure.

Azure Deploy Kit is a reference program designed to install Movable Type Advanced (MTA) on the Azure Cloud Services (PaaS). In order to support SLA 99.9 percent, a computing environment that can handle activating multiple instances in order to balance the load is required. Also, as the Shared Drive function is unavailable at this time, a public server separate from MTA is also required.

Optional customization for Deploy Kit is possible as long as basic system requirements are met.

For more information on purchasing the Deploy Kit, please contact us.

System Requirements

Microsoft Azure

Guest OS

  • OS Family: 4 (Windows Server 2012 R2)
  • OS Family: 3 (Windows Server 2012)
  • OS Family: 2 (Windows Server 2008 R2)

Database

  • SQL Azure / SQL Database

Storage

  • BLOB storage

Client PC

OS

  • Windows 7 or higher

Software

  • Azure PowerShell
  • Microsoft Windows SDK for Windows 7 and .NET Framework4
  • Windows Software Development Kit (SDK) for Windows 8.1

Installation Guide

These instructions assume your environment is the same as below. Replace filenames or other information where appropriate.

Assumed Environment

  • Cloud Service: mtdevcs01 (OS Family 4)
  • Database: mtdevdb01 (SQL_Latin1_General_CP1_CI_AS)
  • BLOB Storage: mtdevst01
  • Sub-Region: “East US”

Other Requirements

  • Basic authorization enabled
  • Can operate Movable Type scripts via FastCGI
  • Can protect Movable Type scripts via SSL

Contents

  1. Set up client environment
  2. Configure Microsoft Azure PowerShell
  3. Manage operations in the Azure management portal
  4. Upload to BLOB storage
  5. Create service certificate
  6. Create self-signed SSL certificate
  7. Upload certificate
  8. Create RDP encrypted password
  9. Modify ServiceDefinition.csdef
  10. Modify ServiceConfiguration.Cloud.cscfg
  11. Create package
  12. Upload package

Set up client environment

  1. Download and install Microsoft Azure PowerShell. During installation, select Web Platform Installer.
  2. The Web Platform Installer will launch. Once open, click Options.
  3. From the “Select your preferred language for software installation” column, select English and then click OK.
  4. Click Install and a dialogue box will appear.
  5. Click Accept to start installing Microsoft Azure PowerShell.
  6. Once Microsoft Windows Management Framework 3.0 has finished installing, a restart confirmation dialogue box will appear. Click Yes to restart the system.
  7. After the system restarts, the installation process will continue. Once the installation is finished, click Exit.
  8. Next, download and install Microsoft Windows SDK for Windows 7 and .NET Framework4.
  9. Add the following directories to your PATH. Your directories might differ, so verify the path matches your environment. In particular, Microsoft rebranded “Windows Azure” as “Microsoft Azure” in April 2014.
    • C:\Program Files\Microsoft SDKs\Windows Azure\.NET SDK\v2.2\bin
    • C:\Program Files\Microsoft SDKs\Windows Azure\AzCopy
    • C:\Program Files\Microsoft SDKs\Windows\v7.1\Bin
  10. Run a Windows Update to make sure your system is up to date.

Configure Microsoft Azure PowerShell

  1. Start up Microsoft Azure PowerShell.
  2. Run Add-AzureAccount.

    PS C:\> Add-AzureAccount
    
  3. Enter the email address associated with the Azure management portal account and then click Continue.

  4. The sign in window will appear. After entering your password, click Sign In.

    PS C:\> Add-AzureAccount
    VERBOSE: Account "xxxx@xxxx.xxx" has been added.
    VERBOSE: Subscription "xxxxxxxx" is selected as the default subscription.
    VERBOSE: To view all the subscriptions, please use Get-AzureSubscription.
    VERBOSE: To switch to a different subscription, please use Select-AzureSubscription.
    
  5. It is possible to register multiple subscriptions. With the list of registered subscriptions displayed, specifications for each subscription can be set using Get-AzureSubscription and Select-AzureSubscription:

    PS C:\> Get-AzureSubscription
    SubscriptionName  : xxxxxxxx
    SubscriptionId  : xxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
    ServiceEndpoint  : https://management.core.windows.net/
    ActiveDirectoryEndpoint  : https://login.windows.net/
    ActiveDirectoryTenantId  : xxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
    IsDefault  : True
    Certificate  :
    CurrentStorageAccountName  :
    CurrentCloudStorageAccount :
    ActiveDirectoryUserId  : xxxx@xxxx.xxx
    SubscriptionName  : xxxxxxxx
    SubscriptionId  : xxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
    ServiceEndpoint  : https://management.core.windows.net/
    ActiveDirectoryEndpoint  : https://login.windows.net/
    ActiveDirectoryTenantId  : xxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
    IsDefault  : False
    Certificate  :
    CurrentStorageAccountName  :
    CurrentCloudStorageAccount :
    ActiveDirectoryUserId  : xxxx@xxxx.xxx
    
    
    PS C:\> Select-AzureSubscription -SubscriptionName "xxxxxxxx"
    

Manage operations in Azure management portal

Signing in to the Azure management portal

First, access the Microsoft Azure web page. You will be automatically transferred to the sign in screen if you are not already signed in. Once signed in, you will then be automatically moved to the management portal screen.

Creating a new database

  1. Click the Create new link at the bottom left.
  2. Select Data Service.
  3. Select SQL Database.
  4. Select Create custom, and a module window will appear:
    • Name: Enter the database name, such as mtdevdb01.
    • Edition: Select WEB.
    • Database Size Limit: 1GB (or more, depending on your requirements)
    • Collating Sequence: Select SQL_Latin1_General_CP1_CI_AS.
    • Server: Select an existing server or New SQL database server.
  5. After entering all required information, click the arrow at the bottom right.
  6. Next, set up the database server:
    • Log In Name: Enter the administrator account name.
    • Password: Enter the administrator account password.
    • Region: Select US.
    • Allow Microsoft Azure Service to access the server: Enable
  7. After entering all required information, click the checkmark at the bottom right.
  8. The database should now be created.

Creating a new BLOB storage

  1. Click the Create new link located in the bottom left.
  2. Select Data Service.
  3. Next, select Storage.
  4. Select Basic create and enter the following information:
    • URL: Enter the storage URI, such as mtdevst01.
    • Region/Affinity–Group: Select US or a group of your choosing.
    • Enable Geographic Replication: Enable
  5. Once the required information is entered, click Create storage account.
  6. A new BLOB storage should now be created.
  7. Now, select Storage from the left menu to open the storage listing screen.
  8. Select the storage for which you want an access key and then click Manage access key from the menu near the bottom.
  9. A modal window should appear. Make note of the following information:
    • Storage account name
    • Primary access key
    • Secondary access key
  10. Once you have this information, click the checkmark in the bottom right.

Creating a new cloud service

  1. Click the Create new link located in the bottom left.
  2. Select Computing.
  3. Select Cloud Service.
  4. Select Create Custom and a module window will open. Enter the following information:
    • URL: Enter the cloud service URI, such as mtdevcs01.
    • Region/Affinity–Group: Select US or a group of your choosing.
    • Deploy the Cloud Service Package: Disable
  5. Once the required information is entered, click the checkmark in the bottom right.
  6. The cloud service should now be created.

Upload to BLOB storage

  1. Unzip the Movable Type Advanced file to a directory, such as C:\tmp\MTA-6.0.2, on your local PC.
  2. Delete any unnecessary plugins or scripts from the unzipped location.
  3. Start the command prompt.
  4. Run this command:

    AzCopy UPLOAD_SOURCE UPLOAD_DESTINATION /destKey:PRIMARY_ACCESS_KEY /S /Y /XO
    

    Example:

    C:\tmp>AzCopy C:\tmp\MTA-6.0.2\ https://mtdevst01.blob.core.windows.net/mta/ ^ /destKey:RxwfwsDMkHWyjfLfQVon5zbnekWEDIA0BIpb2EwSSKlw5F9qNk9DpG4qfIREGtXMz0AAfASBN0GmxDJtzQyqRw== /S /Y /XO
    
  5. Next, run this command:

    C:\tmp>AzCopy C:\tmp\tools\ https://mtdev.blob.core.windows.net/tools/ ^ /destKey:c8lEO+2rwLr9VGiu6ncxJOS+VHJ8eun518JkOGoaJiQviEOopdFaDsUP/tzdQW+rGC2ly9LV6usdFNvcNCM/oQ== /S /Y
    

About AzCopy

Neither rsync nor robocopy has a delete option. We recommend using CloudXplorer or Azure Storage Explorer to delete any files located in storage.

Create service certificate

The service certificate is issued by the Cloud service allowing for an RDP connection with the Azure Deploy Kit. A service certificate can be created using the following steps.

  1. Open a command prompt.
  2. Run this command:

    makecert.exe -a sha1 -b [ start date MM/DD/YYYY ] -len 2048 -n "CN=[ ID ]" -pe -r -sky exchange -ss My "[ filename ].cer" -sv "[ filename ].pvk"
    

    Example:

    C:\tmp>makecert.exe -a sha1 -b 11/01/2013 -len 2048 -n "CN=AzureRDPCert" -pe -r -sky exchange -ss My "AzureRDPCert-mtdevcs01.cer" -sv "AzureRDPCert-mtdevcs01.pvk"
    
  3. Next, run this command:

    pvk2pfx.exe -pvk "FILENAME.pvk" -pi "PASSWORD" -spc "FILENAME.cer" -pfx "FILENAME.pfx"
    

    Example:

    C:\tmp>pvk2pfx.exe -pvk "AzureRDPCert-mtdevcs01.pvk" -pi "Mel0dyNels0n" -spc "AzureRDPCert-mtdevcs01.cer" -pfx "AzureRDPCert-mtdevcs01.pfx"
    

Create self signed SSL certificate

  1. Open a command prompt.
  2. Run this command:

    makecert.exe -a sha1 -b [ start date MM/DD/YYYY ] -len 2048 -n "CN=[ ID ]" -pe -r -sky exchange -ss My "[ filename ].cer" -sv "[ filename ].pvk"
    

    Example:

    C:\tmp>makecert.exe -a sha1 -b 11/01/2013 -len 2048 -n "CN=SSLCert" -pe -r -sky exchange -ss My "SSLCert-mtdevcs01.cer" -sv "SSLCert-mtdevcs01.pvk"
    
  3. Next, run this command:

    pvk2pfx.exe -pvk "FILENAME.pvk" -pi "PASSWORD" -spc "FILENAME.cer" -pfx "FILENAME.pfx"
    

    Example:

    C:\tmp>pvk2pfx.exe -pvk "SSLCert-mtdevcs01.pvk" -pi "Mel0dyNels0n" -spc "SSLCert-mtdevcs01.cer" -pfx "SSLCert-mtdevcs01.pfx"
    

Upload certificate

  1. Sign in to the Azure management portal.
  2. From the left-hand menu, select Cloud Service to open the service listing screen.
  3. Select the Cloud Service to which you want to upload the certificate. Once selected, the Quick Start screen should appear.
  4. Click Certificate.
  5. Select Upload from the menu near the bottom.
  6. A modal window will appear. Enter the following information.
    • File: Specify the certificate file (.PFX) you want to upload.
    • Password: Enter the certificate password.
  7. Once the required information is entered, click the checkmark at the bottom right.
  8. Your certificate file should now be uploaded.
  9. Make a note of the thumbprint value located on the certificate listing screen.

Create RDP encrypted password

  1. Open a command prompt.
  2. Run this command:

    csencrypt.exe Encrypt-Password -CopyToClipboard -Thumbprint SERVICE_CERT_THUMBPRINT
    

    Example:

    C:\tmp>csencrypt.exe Encrypt-Password -CopyToClipboard -Thumbprint XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
    
  3. Copy the encrypted password to the clipboard. The generated encrypted password contains unnecessary newline characters which need to be removed. Once these newline characters are deleted, save the password in a secure location.

Modify ServiceDefinition.csdef

Open ServiceDefinition.csdef in an editor and make the following changes in accordance with your computing environment:

ServiceDefinition

name: Enter a service name of your choosing

ServiceDefinition/WebRole/Startup/Task/Environment

name=”PERL_MSI”

If you have a version of Perl installed that differs from the Perl packaged with Deploy Kit, you must set the installer’s file name. Otherwise, the name can be left as is. The file that is specified must be uploaded to BLOB storage.

Modify ServiceConfiguration.Cloud.cscfg

Open ServiceConfiguration.Cloud.cscfg in an editor and make the following changes in accordance with your computing environment:

  • serviceName: Should be the same as the Name defined in ServiceDefinition.csdef.
  • osFamily: The classification of the cloud service applied to the guest OS. Typical classification of osFamily is 4.
  • osVersion: Specify the guest OS release version. For automatic updates, use *.
  • MovableType.Role: In general, cms is set for Movable Type installation mode. Different values can be used for different installation modes.
  • MovableType.AppsURI: The URI of the BLOB storage used for uploading Movable Type.
  • MovableType.DataURI: The URI of the BLOB storage used as the scheduled tasks backup destination.
  • MovableType.ToolURI: The URI of the BLOB storage used for uploading software other than Movable Type.
  • MovableType.AppsKey: The primary access key for the BLOB storage used for uploading Movable Type.
  • MovableType.DataKey: The primary access key for the BLOB storage used as the scheduled tasks backup destination.
  • MovableType.ToolKey: The primary access key for the BLOB storage specified for MovableType.ToolURI.
  • MovableType.AppPath: The Movable Type installation destination directory path. In most cases, the default path can be left as is.
  • MovableType.DataPath: The data directory used by Movable Type. In most cases, the default path can be left as is.
  • MovableType.SubDirectories: Specify subdirectories created in the Movable Type data directory, separating multiple entries with commas. In most cases, the default sub-directories can be left as is.
  • MovableType.Domain: The domain that contains Movable Type.
  • MovableType.AdminName: The system administrator’s name. This name is used if the upgrade tool is activated on start-up.
  • MovableType.NotifyTo.Deploy: The email used when sending out a deployment notification mail.
  • Perl.Modules: The Perl modules that must be added upon startup, separating multiple entries with commas.
  • MovableType.ODBCDriver: The driver necessary for database server connections with Movable Type. In most cases, the default driver can be left as is.
  • MovableType.Database: The name of the Movable Type database.
  • MovableType.DBHost: The Movable Type database server.
  • MovableType.DBUser: Username of the user that has access to the Movable Type database.
  • MovableType.DBPassword: Password required for accessing the Movable Type database.
  • MovableType.EmailAddressMain: Email address used for receiving messages from Movable Type.
  • MovableType.MailTransfer: The method used by Movable Type for sending mail. In most cases, the default method can be left as is.
  • MovableType.SMTPAuth: Encryption method for the mail server that processes mail from Movable Type.
  • MovableType.SMTPServer: SMTP server address for the mail server that processes mail from Movable Type.
  • MovableType.SMTPPort: Communication port for the mail server that processes mail from Movable Type.
  • MovableType.SMTPUser: User name for the mail server that processes mail from Movable Type.
  • MovableType.SMTPPassword: Password for the mail server that processes mail from Movable Type.
  • MovableType.DefaultLanguage: The default language for the Movable Type admin screen.
  • MovableType.AdditionalDirectives: Specify additional mt-config.cgi configuration directives in a CONFIG_DIRECTIVE_NAME VALUE format, separating multiple entries with commas. Configuration directives with values that contain commas cannot be used.
  • MovableType.CGI: Any scripts that run on normal CGI, separating multiple entries with commas.
  • MovableType.FastCGI: Any scripts that run on FastCGI, separating multiple entries with commas.
  • Microsoft.IIS.BasicAuthCredentials: Specify basic authentication information in a “USERNAME:PASSWORD” format, separating multiple entries with commas.
  • Microsoft.IIS.ForceSSL: Set a value of 1 if you want to force SSL when a connection to Movable Type is attempted. Default value is 0.
  • Microsoft.IIS.IPSecurity: Specify allowable IP addresses if access is restricted to specific IP addresses only, separating multiple entries with commas.
  • Microsoft.Tasks.Backup.Schedule: Specify the timing (Daily, Minute, etc.) for scheduled tasks (backup). The default value is Daily.
  • Microsoft.Tasks.Backup.StartTime: Specify the start time for scheduled tasks (backup) in a hh:mm:ss format. Note that the system is UTC based.
  • Microsoft.Tasks.Backup.TimePeriod: Specify the time period for scheduled tasks (backup). Daily timing cannot be used.
  • Microsoft.Tasks.RPT.StartTime: Specify the start time for scheduled tasks (run-periodic-tasks) in a hh:mm:ss format. Note that the system is UTC based.
  • Microsoft.Tasks.RPT.TimePeriod: Specify the time period for scheduled tasks (run-periodic-tasks).
  • Microsoft.Tasks.AzcopyLogs.StartTime: Specify the start time for scheduled tasks (AZCopy Log) in a hh:mm:ss format. Note that the system is UTC based.
  • Microsoft.WindowsAzure.Plugins.RemoteAccess.AccountEncryptedPassword: The encrypted password used with RDP connections.
  • Microsoft.WindowsAzure.Plugins.RemoteAccess.AccountExpiration: The RDP connection account’s expiration date in an ISO 8601 format, such as 2011-12-17T23:59:59.0000000-00:00.
  • Microsoft.WindowsAzure.Plugins.RemoteAccess.AccountUsername: The username required for RDP connections.
  • Microsoft.WindowsAzure.Plugins.RemoteAccess.Enabled: A value of true will enable RDP connections.
  • Microsoft.WindowsAzure.Plugins.RemoteForwarder.Enabled: A value of true will enable RDP forwarding.

Create package

  1. Start up Microsoft Azure PowerShell.
  2. Move to the directory that contains ServiceDefinition.csdef. Make sure the MovableTypeOnAzure directory and ServiceConfiguration.cloud.cscfg are also located in this directory.
  3. Run Save-AzureServiceProjectPackage. If successful, a cloud_package.cspkg file should be created.

Upload package

  1. Sign in to the Azure management portal.
  2. Select Cloud Service from the left hand menu, and a list of all available Cloud Services for the specified subscription will appear.
  3. Select the service you want to upload the package to.
  4. Click the Instance tab.
  5. Click either the Operate or Staging tabs. If uploading a new item, select Operate.
  6. From the menu near the bottom, click the Upload button, and a module window will appear. Enter the following information:
    • Deploy Label: Used for version management. Enter a unique nickname.
    • Package: The previously created package.
    • Configuration: Service.Configuration.cloud.cscfg
    • Deploy even if a single instance is included in more than 1 role: Enable
    • Start Deploy: Enable
  7. Once the required information has been entered, click the checkmark on the bottom right, then check the management portal status. If the status is “Running,” an RDP connection is now possible.
Back