Connecting a PaaS application to an IaaS
Application with a Virtual Network
Source: Windows Azure Training Kit / modified by Ken Casada and Mikhail Chatillon
Overview
In this lab, you will learn how to connect an Azure WebSite to a virtual machine running SQL Server using a virtual
network. You will proceed in the following way:




Create and configure a simple virtual network
Create and configure a SQL Server virtual machine to use the virtual network
Configure a provided sample website to use the full SQL Server running in the virtual machine
Deploy the website to Microsoft Azure
Note: The created configuration is low latency and highly secure as the web site and virtual machine are on the
same virtual network.
1
Exercise 1: Configuring Virtual Networking
For this lab, you will define a virtual network where you can assign the virtual machines to specific subnets.
Task 1 - Creating a new Virtual Network
The first task is to create a new Virtual Network to your subscription with a new affinity group.
1.
Open a browser and go to https://manage.windowsazure.com/. When prompted, login with your Windows
Azure credentials. In the Windows Azure Portal, click New, select Network Services | Virtual Network and
then click Custom Create.
2.
Set a Name for the virtual network, for example MyVNET.
2
3.
Leave default settings (empty) for DNS Servers. Toggle the Point to site connectivity and click the arrow button
to continue to the next step.
Note:
Point to site connectivity will allow you to connect end devices to your Azure Virtual Private
Network. The Azure Website we will create in the following tutorial will be considered as an end
device and hence will connect to the VPN with a point to site connection. The Site-to-Site
connectivity will allow you to connect with an entire existing on Premise virtual Network.
3
4.
On the next screen, just let the configuration how it is set. This address spaces will be used for the remote
devices addresses, we will not need to configure further to be able to run the next steps of the lab.
4
5. Set the Address Space Starting IP value to 192.168.0.1 and its Address CIDR to /16. Finally, add a subnet
named AppSubnet with a Starting IP of 192.168.1.0 and an Address CIDR of /24. Click the finish button. You
have just created your first Virtual Network. This address space will be used for the machine in the
datacenter within Azure.
5
6.
Press on the button Add Gateway subnet and let it as it was configured. You will start the Gateway later.
6
7. Select the virtual network you just created, navigate to the dashboard section on the top menu and press
on Create Gateway on the bottom bar.
7
Exercise 2: Creating a SQL Server Virtual Machine
You have now created a virtual network on Azure and provided a Gateway in order to connect end devices to it
(the gateway creation will take some time but we can proceed to the next steps in the meanwhile). In this exercise,
you will create a new virtual machine with SQL Server.
Task 1 - Creating a Virtual Machine Using Windows Azure Portal
In this task, you will create a new virtual machine using the Windows Azure Portal.
1.
Navigate to the Windows Azure Portal using a Web browser and sign in using the Microsoft Account
associated with your Windows Azure account.
2.
Click New and select Compute Virtual Machine option and then From Gallery. Please, let the Virtual
Network creation finish before creating the VM.
Note:
It would have considered as best practice to instantiate a SQL Azure database (from the data
services menu) which would a managed PaaS version of SQL Server. However, we will be using full
text search queries in the next steps of the tutorial and this service is currently not supported by
SQL Azure. Hence we will be using a virtual machine with a full version of Microsoft SQL Server.
8
3.
In the Virtual machine image selection page, click Platform Images on the left menu and select the SQL
Server 2014 RTM Standard on Windows Server 2012 R2 OS image from the list. Click the arrow to continue.
9
4.
In the Virtual Machine Configuration page, enter a Virtual Machine Name, set the service tier to Standard
and set the Virtual Machine Size to A2. Then provide a user name for the New User Name field and a
password for the New Password and Confirm Password fields. Lastly, and click Next to continue.
Note:
you will use these credentials in future steps to connect to the virtual machine using remote
desktop connection.
10
5.
In the Virtual machine configuration page, select Create a new cloud service from the Cloud Service list and
provide a unique name for the Cloud Service DNS Name field (per default is using the virtual machine name
you set in the previous step).
Note:
A cloud service is a container for one or more virtual machines you create. You can create a cloud
service for a single virtual machine, or you can load balance multiple virtual machines by placing
them in the same cloud service.
Select the Virtual Network you created previously from the Region/Affinity Group/Virtual Network list and
then select the AppSubnet virtual network subnet from the Virtual Network Subnet list.
Finally, select a Storage Account or leave the default value Use an automatically generated storage account
and click Next to continue.
Note:
We do not create any availability set. An availability set is a group of virtual machines that are
deployed across fault domains and update domains. An availability set makes sure that your
application is not affected by single points of failure, like the network switch or the power unit of a
rack of servers.
11
6.
In the Endpoints page, leave the default values and click the finish button to create the new virtual machine.
Note:
We are not creating a public endpoint, because we don’t need to connect the web application to
the SQL Server instance using a public endpoint. The communication is going through the virtual
network you previously created and therefore there is no need for a public endpoint.
12
7. In the Virtual Machine section, let the Install the VM agent option toggled and press the check button,
8.
In the Virtual Machines section, you will see the virtual machine you created displaying a Starting
(Provisioning) status. Wait until it changes to Running in order to continue.
Note:
It will take from 8 to 10 minutes for the virtual machine to complete the provisioning process. In
the meanwhile, you can watch or read the following resources:
http://msdn.microsoft.com/library/azure/jj156143.aspx
13
9.
Now, you will create and attach empty data disks to store the SQL Server logs and data files. To do this, in the
Virtual Machines section, select the SQL Server virtual machine you created in this task (as shown on the
picture here above).
10. In the virtual machine's Dashboard, click Attach in the menu at the bottom of the page and select Attach
empty disk.
11. In the Attach an empty disk to the virtual machine page, set the Size to 50 GB and create the Disk. Note
the storage location; it’s the same where the vhd image of your SQL Server virtual machine is stored.
12. Wait until the attach disk process finishes. Repeat the steps 9 and 10 to create a second disk.
13. You will see three disks for the virtual machine: one for the OS and other two for Data and Logs.
Note:
It might take a few minutes until the data disks appear in the virtual machine's dashboard within
the Windows Azure Portal.
Task 2 - Configuring SQL Server 2012 Instance
In this task, you will set up SQL Server and configure it to enable remote access.
1.
In the Windows Azure Management Portal, click Virtual Machines on the left menu.
2.
Select your virtual machine from the virtual machines list and click Connect to connect using Remote Desktop
Connection.
3.
When prompted to save or open the .rdp file, click Save As… and then save it on the desktop of your local
computer.
We will later change the Remote Desktop Connection properties in order to share folders from the local
computer with the virtual machine.
4.
Open the file you just saved by double clicking on it and then click on Connect.
Note:
5.
use the credentials that you inserted when creating the virtual machine in the previous task.
In the virtual machine, open Server Manager from the Start screen.
14
6.
Expand File and Storage Services node and select Disk Management option. [this option could take a few
seconds before it displays in the menu ]
15
7.
After selecting Disks, you will see the two disks you previously created in the Azure portal in the following
dialog.
8.
Right-click the first disk unallocated 50 GB space and select New Volume….
9.
Follow the New Volume Wizard. When asked for the Volume Label use SQLData and select the volume
letter”F”.
16
10. Wait until the process for the first disk is completed. Repeat the steps 7 to 9 but this time using the second
disk. Set the Volume Label to SQLLogs and select the volume letter “G:”.
11. Select Volumes. You should now see the SQLData and SQLLogs volume like in the following figure:
12. Open SQL Server Configuration Manager from the Start screen.
Tip: in order to search for a program you can press the Windows logo key
17
and just start typing.
13. Expand the SQL Server Network Configuration node and select Protocols for MSSQLSERVER (this option
might change if you used a different instance name when installing SQL Server). Make sure Shared Memory,
Named Pipes and TCP/IP protocols are enabled. To enable a protocol, right-click the protocol name and
select Enable.
14. Select the SQL Server Services node and right-click the SQL Server (MSSQLSERVER) item and select Restart.
18
Task 3 - Installing the AdventureWorks Database
You can gain access to your disk drives on the local computer from the Remote Desktop session. In order to do
that, close the Remote Desktop connection and edit the Remote Desktop Connection properties.
Then select the Local Resources tab and click on the More… button.
Select the Removable drive you received or your local drive where you copied the file from the USB stick before
and click OK.
19
Click on Connect and once connected, open Windows Explorer and get access to the Removable Disk connected
to your computer (or your computer files). Copy the file AdventureWorks2014.bak located in the folder Adventure
Works 2014 to C:\Program Files\Microsoft SQL Server\MSSQL12.MSSQLSERVER\MSSQL\Backup on the
remote computer (copy/paste possible). Right click the database file you just copied and open the properties. Click
Unblock in case it is available.
1.
Open the SQL Server Management Studio, connect to your database (just press on connect without changing
the credentials in the menu). Create a new query (in the ribbon menu, new query button) with the following
syntax.
RESTORE DATABASE AdventureWorks2014
FROM disk= 'C:\Program Files\Microsoft SQL
Server\MSSQL12.MSSQLSERVER\MSSQL\Backup\AdventureWorks2014.bak'
WITH MOVE 'AdventureWorks2014_data'
TO 'C:\Program Files\Microsoft SQL
Server\MSSQL12.MSSQLSERVER\MSSQL\DATA\AdventureWorks2014.mdf',
MOVE 'AdventureWorks2014_Log'
TO 'C:\Program Files\Microsoft SQL
Server\MSSQL12.MSSQLSERVER\MSSQL\DATA\AdventureWorks2014.ldf'
Note:
It would be considered as best practice to put the logs and the data of the database on the two
different disks we created before. For simplicity, we will not do it in this tutorial, but you should
have seen how to create and handle the disk so you could transfer knowledge quite easily.
2.
Wait that the backup has finished working, the message “Query executed successfully” should then appear at
the bottom of the screen. You can press refresh in order to see the files being added in the database.
3.
Create a Full Text Catalog for the database. You will consume this feature with an MVC application you will
deploy in the next exercise. To do this, expand Storage node within AdventureWorks2012 database.
20
4.
Right-click Full Text Catalogs folder and select New Full-Text Catalog.
5.
In the New Full-Text Catalog dialog, set the Name value to AdventureWorksCatalog and press OK.
21
6.
Right-click the created AdventureWorksCatalog you just created and select Properties. Select the
Tables/Views menu item. Add the Production.Product table to the Table/view objects assigned to the
catalog list. Check Name from Eligible columns, select English in Language for Word Breaker column and
click OK.
7.
Enable Mixed Mode Authentication to the SQL Server instance. To do this, in the SQL Server Management
Studio, right-click the server instance and click Properties.
22
Select the Security page in the left side pane and then select SQL Server and Windows Authentication
mode under Server Authentication section. Click OK to save changes.
8.
Restart the SQL Server instance. To do this, right-click the SQL Server instance and click Restart.
9.
Add a new user for the MVC4 application you will deploy in the following exercise. To do this, expand Security
folder within the SQL Server instance. Right-click Logins folder and select New Login.
10. In the General section, set the Login name to CloudShop. Select SQL Server authentication option and set
the Password to Azure$123. Click the OK button.
Note:
If you entered a different username or password than those suggested in this step you will need to
update the web.config file for the MVC 4 application you will use in the next exercise to match
those values
23
11. Uncheck Enforce password policy option to avoid having to change the User's password the first time you
log on and set the Default database to AdventureWorks2012.
24
12. Go to User Mapping section. Map the user to the AdventureWorks2012 database and click OK.
Note:
in case you get an error telling you that the CloudShop user already exists, expand
AdventureWorks2012 database within Databases folder; in the Security folder, expand Users
and remove the CloudShop user.
13. Expand AdventureWorks2012 database within Databases folder. In the Security folder, expand Users and
double-click CloudShop user.
25
14. Select the Membership page, and select the db_owner role checkbox for the CloudShop user and click OK.
Note:
The application you will deploy in the next exercise uses Universal Providers to manage sessions.
The first time the application run the Provider will create a Sessions table within
AdventureWorks2012 database. For that reason, you are assigning db_owner role for the
CloudShop user. Once you run the application for the first time, you can remove this role for the
user as it will not need those permissions anymore.
15. Close the SQL Server Management Studio.
16. In order to allow the MVC4 application access the SQL Server database you will need to add an Inbound Rule
for the SQL Server requests in the Windows Firewall. To do this, open Windows Firewall with Advance
Security from the Start | Administrative Tools.
17. Select Inbound Rules node, right-click it and select New Rule.
26
18. In the New Inbound Rule Wizard, select Port as Rule Type and click Next.
In Protocols and Ports step, select Specific local ports and set its value to 1433. Click Next to continue.
Note:
SQL Server listens for incoming connections on a particular port. The default port for SQL Server is
1433. The port doesn't need to be 1433, but 1433 is the official Internet Assigned Number Authority
(IANA) socket number for SQL Server.
27
19. In the Action step, make sure Allow the connection option is selected and click Next.
20. In the Profile step, leave the default values and click Next.
21. Finally, set the Inbound Rule's Name to SQLServerRule and click Finish.
22. Close Windows Firewall with Advanced Security window.
28
Exercise 3: Deploying a Simple MVC4 Application
In this exercise, you will configure a simple Website to connect to the SQL Server instance you created in the
previous exercise and publish the application to Windows Azure and run it in the Cloud.
Task 1 – Creating the Website and connect it with our virtual network
1.
We are now going to create the user website. Go to https://portal.azure.com (this is the new Azure portal,
which is now in preview phase, but the functionality we are going to use to connect the website to the virtual
network is only available there)
2.
Press on the new button on the bottom left corner and then on Website
29
3.
Provide an URL to the website. Make sure it is deployed in the same region as your database. Then press on
create.
4.
You will then see a tile with your new website being created, wait until it has been fully created.
5.
Click on the tile of your website and scroll until you see the category Networking and press on the Virtual
Networking tile.
30
6.
Select here the Virtual Network you created in the first part of this tutorial. Once the operation is finished the
tile will display a green ok. You have now a website on the same Virtual network as the database.
Task 2 - Configuring the MVC4 Application to Connect to an SQL Server Instance
In this task, you will change the connection string to point to the SQL Server instance created in the previous
exercise and update the configuration settings to enable network communication between the Web Role and the
SQL Server instance.
1. Navigate to the Windows Azure Portal using a Web browser and sign in using the Microsoft Account
associated with your Windows Azure account.
2.
In the left side pane, click on Virtual Machines and locate the SQL Server virtual machine you created in the
previous exercise. Select the virtual machine and then click Connect.
3.
When prompted to save or open the .rdp file, click Open and then log on using the Admin credentials you
defined when you created the virtual machine.
4.
You should be logged into the SQL Server virtual machine. Now open a Command Prompt window and type
ipconfig to display the machine's IP configuration.
5.
Take note of the machine's IP address as you will use it later. Note that it is within the subnet range you
defined during the virtual network process creation.
6.
Open Visual Studio as administrator.
31
7.
Open the solution IaasDeploySimpleApp.sln located in the folder Ex02-DeploySampleApp under the
Source folder of this lab. This is a prebuilt ASP.NET solution that you will deploy on your website.
8.
Compile the solution by pressing F6.
9.
Open the Web.config file and locate the connectionStrings node. Replace the Data Source attribute values
with the IP address of the SQL Server virtual machine you copied in step 5. Please also note that the Uid
(CloudShop) and the Password (Azure$123) are those that have been defined in the first part of the lab.
XML
<connectionStrings>
<add name="DefaultConnection" connectionString="Data Source=[ENTER-IPADDRESS];initial
catalog=AdventureWorks2012;Uid=CloudShop;Password=Azure$123;MultipleActiveResultSet
s=True" providerName="System.Data.SqlClient" />
<add name="AdventureWorksEntities"
connectionString="metadata=res://*/Models.AdventureWorks.csdl|res://*/Models.Advent
ureWorks.ssdl|res://*/Models.AdventureWorks.msl;provider=System.Data.SqlClient;prov
ider connection string=&quot;data source=[ENTER-IP-ADDRESS];initial
catalog=AdventureWorks2012;Uid=CloudShop;Password=Azure$123;multipleactiveresultset
s=True;App=EntityFramework&quot;" providerName="System.Data.EntityClient" />
</connectionStrings>
32
Task 3 - Publishing the MVC4 Application to Windows Azure
In this task, you will publish the Web Application to Windows Azure using Visual Studio.
1.
In Visual Studio, right-click the CloudShop project and select Publish.
2.
Select Microsoft Azure Websites as a publish target.
33
3.
Enter your azure credentials and select the website you created in the previous Section. Press ok.
4.
Visual Studio will then autofill all the publish settings, just press on publish.
5.
Your website will now be launched in your browser. Congratulations, you just made your first cloud app!
34
Summary
By completing this hands-on lab, you have learnt how to:




Directly connect a Web site to a SQL Server running in a virtual machine through a simple virtual network
Configure a SQL Server virtual machine
Configure a Point to site Virtual Network
Update and deploy the sample Web application to a website in Microsoft Azure
35