Enable PaaS (Web Apps) in Azure Stack TP1 – Part II

PART I: Enable PaaS (Web Apps) in Azure Stack TP1

Welcome back at part 2 of the Web App Service deployment in Azure Stack. We left off on the part where the deployment of the SQL VM is finished and the WebSites VM’s are being deployed. When that’s finished log in to the portal and go to the WebsitesSQL resource group. In the resources section select the front-end loadbalancer and make note of the IP address:

clip_image001

Create an DNS wildcard record for the websites on the ADVM. The A record should be *.webapps.azurestack.local:

clip_image002

Go back to the portal and select the ManagementServerLoadBalancer and take note of the IP address:

clip_image003

Create for the IP an A record management.azurestack.local:

clip_image004

If you have followed the SQL tutorial there is already a *.azurestack.local wildcard certificate. Grab it from D:\SQLRP\AzureStack.SqlRP.Deployment.5.11.61.0\content\Deployment\Certificate. If you haven’t follow it, create one on the PORTALVM using the first part of the SQL Provider blog post. Also grab the Root CA from the ADVM (\\advm\c$\Windows\System32\CertSrv\CertEnroll\ADVM.AzureStack.local_AzureStackCertificationAuthority.crt) When done open on the Hyper-V host the console session to the MN0-VM (you can see in the description in Hyper-V manager what the machine name is. The VM names are all guids for Web Apps. When logged in the VM copy from the portal or CLIENTVM the certificate to the box and import it:

clip_image006

clip_image007

clip_image008

clip_image009

Place the RootCA in the Trusted Root:

clip_image010

clip_image011

On the Controller VM (CN0-VM) run this script:

clip_image012

You can check the websites installation by opening the MMC and verify that the status under Managed Servers is ready :

clip_image013

In my install I had a continues repair of the Management VM and the FrontEnd VM. It turned out they needed a reboot for a windows feature installation. In my opinion this should have happen automatically as I can recall the same behavior when installing websites in Windows Azure Pack. When a failed attempt is reach to many times a reboot is initiated. This didn’t happen in my case. So if you experience issues with the website roles – reboot.

clip_image014

When all servers are in a “Ready” state open the Azure Stack Portal and log in as Service Admin and register the resource provider:

clip_image015

clip_image016

Or use Powershell:

clip_image017

clip_image018

When the resource provider is registered deploy a A2 VM in the same Resource group as the WebSitesSQL resource group and in the same network as the other websites machines (ServicesVirtualNetwork should be listed as default network when you select that resource group). This VM will be a shared website worker role that we will add to the deployment as no workers are deployed at this moment. We need at least one for websites to run on and I never found the parameter in the script for the # shared workers (it should have according to the documentation), so will do it now manually. Now we also know how to scale workers in the future.

clip_image019

When the deployment is finished log in to the VM and rename the admin account you specified to admin. This is required as the deployment credentials we specified in the deployment didn’t allowed to be “admin”. Now back in the Azure Stack Portal as Service Admin look up the IP address from the VM:

clip_image020

Next go to the Resource Providers blade and choose the WebApp-LOCAL. Then go to the Resource Provider Management and go to Roles. Then choose Add Role:

clip_image021

Notice we need to run one command on the worker before we can install the worker. Run this command, after it, reboot the vm.

clip_image022

So before click on OK run this on the worker VM and reboot:

clip_image023

Back in the portal click OK. But very short after the creation I got this error:

clip_image024

But when I looked in the Controller VM I see it is added and deploying the worker role. So I waited the installation to be finished installing the worker role from the console:

clip_image025

In the meantime i was checking back in the portal. I also see there that the worker role is added:

clip_image026

In the meantime the worker is being deployed(Can take up to 60 min) I added the Web App service to a plan. Go to the “POCPlan” we created after the initial deployment of Azure Stack. Choose services and add Microsoft.WebApps. Configure quota’s (I used unlimited).

clip_image027

And finally login as tenant user and create a Web App. But… before you do, make sure the deployment is finished for the shared web worker role:

clip_image028

Create a web app:

clip_image029

And voila:

clip_image030

clip_image031

UPDATE 15-2: Florent mentioned to me that when you try to deploy websites with dependencies on SQL that the deployment failed. The cause was that the Worker VMs where not able to resolve the DB server name. Its trying to resolve on netbios name only. We had the same issue in Azure Pack when adding SQL AO to the Admin site for DBaaS. The solution is simple. On the worker vm open the network settings and go to properties:

sqlrpworkerdns

Select Advanced and under the DNS tab add the azurestack.local to the search suffix.

Have fun with your Web App Service!

Mark Scholman
@MarkScholman

Spread the word. Share this post!

  • Cyrill Hug

    Hi there, thanks a lot for your great posts. I followed your CentOS configuration and the WebApps deployment. CentOS is working like a charm. However, I have an issue with the WebApps part. I’m not able to deploy any WebApp. The tile for the configuration of the service just keeps loading without an error. Everything else worked as you described it. All servers are in the ready state in the Microsoft Azure Stack App Service Console. The Endpoint registration and the deployment of a new Web Worker was successful as well. Do you have any idea what I’m missing? Any suggestion is welcome. Cheers.

    • Mark Scholman

      Hi, Did you also import the RootCA in the Management (MN0-VM) in the trusted store? Start from here (Also grab the Root CA from the ADVM …)

      • Cyrill Hug

        Hi Mark, Thanks for your hint. You were right. I forgot the RootCA. It was getting late that evening 😉
        Solved the problem for me.

        • Mark Scholman

          Good to hear it worked out for you! Have fun with the web App Service

  • Kyle Engibous

    Mark thank you so much for so many wonder posts. I have been working through this post but I am stuck at adding roles the the webapp-local resource provider, I am getting the following error when click the Go To Resource Provider Management button. Any thoughts? Thanks much!

  • Mark Dommisse

    Hi Mark, the PowerShell script to add the resource provider fails at $azAccount = Add-AzureRmAccount -Environment $azEnvironment”

    The error is: Add-AzureRmAccount : Cannot bind parameter ‘Environment’. Cannot convert the “AzureStack” value of type “System.String” to type “Microsoft.Azure.Common.Authentication.Models.AzureEnvironment”.

    I solved this using $azAccount = Add-AzureRmAccount -EnvironmentName $azEnvironment

    • Mark Scholman

      Hi Mark, Thanks for you comment, You did installed the latest version of the PowerShell tools on the machine where you run the cmd?

      • Mark Dommisse

        Yes, Azure Powershell February 2016 is installed. The version number is 1.2.1.

      • Mark Dommisse

        Oh well, I just tried again. Now it works flawlessly.

  • Mark Dommisse

    Another note: During my attempt of deploying WebApps, a worker role was deployed automatically. The VM-name is WW0-VM.

    • Mark Scholman

      Ah that is great news. I don’t know what caused mine to decide not deploy it 🙂 will add this to the blog to check if it exist.