TFS – Release automation – IIS based Websites

Here is the best practice for the release automation of IIS based applications –

Scenario 1 –

New Web applications –

Add below tasks in the given order –

  1. Copy task – Copy the website published code from build drop location to web server.
  2. Tokenization task – task for replacing required values in different environments.
  3. Any other requirement on the web folder like subfolder creation or folder permissions
  4. IIS Website creation task – Task to create website and its application pool. It also configures various required settings in IIS like authentication etc.
  5. Application pool start/stop task – Select the “Restart” option to restart the application pool.

Scenario 2 –

Upgrade Web applications –

Add below tasks in the given order –

  1. Application pool start/stop task – Select the “STOP” option to stop the application pool.
  2. Backup utility task – Take the backup of the existing web folder.
  3. Copy task – Copy the website updated published code from build drop location to web server.
  4. Tokenization task (If there are changes in config files)– task for replacing required values in different environments.
  5. Any other requirement on the web folder like subfolder creation or folder permissions
  6. Application pool start/stop task – Select the “START” option to start the application pool.

Please use below tasks for –

  1. IIS Website Application pool start/stop/restart (https://marketplace.visualstudio.com/items?itemName=mohdaslamansari.build-task)
  2. Folder permissions (https://marketplace.visualstudio.com/items?itemName=mohdaslamansari.FolderPermissions)
  3. Backup utility (https://marketplace.visualstudio.com/items?itemName=mohdaslamansari.backuputility)

clip_image001

 

            —–End of Article—–

Advertisements

Microsoft Marketplace Extension – Backup Utility

******Making Automation easy – Plug & Play Plugins********

In many releases, we get requirement to take the backup of all the files and folders of website before performing any updates on them. I have implemented this requirement using PowerShell in TFS. It needs source location from where to take the backup and the destination location where the backup will be placed.

To make it simple and easy to use, I created MS marketplace extension and published the same in the Microsoft marketplace.

It is now available publically to everyone to download and use.

Direct link – https://marketplace.visualstudio.com/items?itemName=mohdaslamansari.backuputility

Marketplace link – https://marketplace.visualstudio.com/

I have copied the sourcecode to GitHub for getting code contribution from public.

GitHub link – https://github.com/mdaslamansari/backuputility

clip_image001

clip_image001[4]

Task (UI) in release definition –

clip_image001[6]

Here is the PowerShell script at its core –

image

 

    —End of Article—-

Ansible–Windows Firewall Module

Many times, we have requirements to enable some ports (let’s say 2222) on inbound/outbound windows server firewall.

I have implemented it using “win_firewall_rule” windows module in Ansible as shown in below playbook –

 

clip_image001

On running the above playbook as shown below, below are the output from both LINUX console and the windows machine –

image

Note – refer to the article (https://mdaslam.wordpress.com/2017/08/24/tfs-ansible-integration/) for inventry file and the variables for winrm.

From LINUX –

image

image

From Windows –

clip_image001[9]

clip_image001[11]

clip_image001[13]

              ————End of Article————

TFS–Ansible | Integration

Requirement is to integrate TFS release process with Ansible so that we can run Ansible playbook as a task in release.

I have created below architecture to implement it. In this architecture, TFS release task will send request to Ansible control machine (LINUX) to run the playbook on one of the target machine. Target machine could be LINUX based or Windows based. For LINUX, Ansible uses SSH for pushing the commands and for Windows, Ansible uses WinRM for pushing the commands.

image

To setup the above architecture, follow the below steps –

  1. Configure TFS agent on one of the build/release servers.
  2. Download and configure Ansible plugin from the MS Marketplace. Link – https://marketplace.visualstudio.com/items?itemName=ms-vscs-rm.vss-services-ansible
  3. Create SSH based service endpoint in TFS. It will be used to connect to the Ansible Control machine. SSH Connection Window image
  4. Enable/configure WinRM on the target Windows machine. To automate the setup of WinRM, you can run the examples/scripts/ConfigureRemotingForAnsible.ps1 script on the remote machine in a PowerShell console as an administrator.
  5. Create release definition and add “Run Playbook” task in it and configure as shown below –image

Steps to be done on the Ansible control machine –

  1. Create the below structure. It has “group_vars” folder for holding all the group variables.image
  2. Below is the content of web.yml. Ansible_user should be the local admin on the server. image                                Note – Do not use “ignore” for ansible_winrm_server_cert_Validation” in production.
  3. Below is the content of inventry.yml. It will hold all target host name/IP address.                   image
  4. Below is the content of the main playbook – image
  5. To test the above playbook, run the below command -   ansible-playbook FirstPlayBook.yml -i inventry.yml –vvv
  6. If the above playbook has executed successfully, TFS release task is ready to use. Run the TFS release and it should be completed successfully. It will generate log as shown below – image

                   ——-End of Article——-

My First Release Extension in Microsoft Marketplace

I am extremely happy to share with you that I have published my first release task extension (IIS Website Application Pool Start Stop) to the Microsoft Marketplace. It is now available publically to everyone to download and use as I am now verified published from MS.

Direct link – https://marketplace.visualstudio.com/items?itemName=mohdaslamansari.build-task

Marketplace link – https://marketplace.visualstudio.com/

I have copied the sourcecode to both GitHub for getting code contribution from public.

GitHub link – https://github.com/mdaslamansari/ApplicationPoolStartStop

clip_image001

Technology used –

Front-End (UI) – JSON (Extension manifest and Build task)

Back-End – PowerShell script

clip_image001[5]

 

Benefits of marketplace extensions –

1. With it, we don’t need to copy PowerShell scripts to each and every team projects. We just need to install extension on Team Collection level and it will be available in the available task list of all the team projects under it and you can then add it to the release definition.

2. By making it public, we have increased its reach and testing scope. People can contribute with code and testing results and it will make plugin robust.

TFS–RM–Website configurations

In TFS Release management automation, we are using “Manage IIS App” plugin to create/configure websites and their application pool.

clip_image002

Many times, depending on the application requirements, we need to do many website based configurations. They are documented below –

Requirement 1 – How to set “Enable 32-bit Application” to true in the application pool using TFS RM automation.

Solution – Using AppCmd.exe, it can be done by adding the below line in the advanced tab of above plugin –

set apppool /apppool.name:"$(WebURL)" /enable32bitapponwin64:true

Once executed successfully, it can be verified using the below screen (Application Pool -> Advanced Settings)

clip_image004

Requirement 2 – Enable/disable the below authentication methods –

1) Disable Anonymous Authentication – Using AppCmd.exe, it can be done by adding the below line in the advanced tab of above plugin –

unlock config /section:AnonymousAuthentication

set config "$(WebURL)" /section:AnonymousAuthentication /enabled:false

Note – $(WebURL) – It is variable for website URL.

2) Disable Basic Authentication – Using AppCmd.exe, it can be done by adding the below line in the advanced tab of above plugin –

unlock config /section:BasicAuthentication

set config "$(WebURL)" /section:BasicAuthentication /enabled:false

Note – $(WebURL) – It is variable for website URL.

3) Enable Windows Authentication – Using AppCmd.exe, it can be done by adding the below line in the advanced tab of above plugin –

unlock config /section:windowsAuthentication

set config "$(WebURL)" /section:windowsAuthentication /enabled:true

Note – $(WebURL) – It is variable for website URL.

Once executed successfully, it can be verified using the below screen (Website -> Authentication)

clip_image006

Requirement 3 – .Net Trust Levels needs to set to “Full”.

Solution –

Using AppCmd.exe, it can be done by adding the below line in the advanced tab of above plugin –

set config /commit:WEBROOT /section:trust /level:Full

Once executed successfully, it can be verified using the below screen (Website -> .Net Trust Levels)

clip_image008

Requirement 4 – Disable required SSL in Forms Authentication.

Solution –

Using AppCmd.exe, it can be done by adding the below line in the advanced tab of above plugin –

set config "$(WebURL)" /section:system.web/authentication /forms.requireSSL:false

Note –

$(WebURL) – It is variable for website URL.

To enable, change the value to true.

Once executed successfully, it can be verified using the below screen (Website -> Authentications -> Forms Authentication -> Edit)

clip_image010

Docker–How to move container from one Windows host to another

In my article on docker container (https://mdaslam.wordpress.com/2017/05/24/windows-server-2016-docker-container-dockerfile/), I described how to create docker container.

Now docker container is created and you want to migrate/copy it from one windows server machine/host to another.

You cannot copy the running container from one host to another, rather you need to follow the following steps –

  1. Commit it
  2. Export the docker image to the local drive using the command – docker save –o <Path of the output file location> <Image ID or Name> Example – docker save –o “d:\temp\images\dotnetsamples” d242f2db7922
  3. It will copy the image on the given location. In the above example, it will be “d:\temp\images”.
  4. Now copy the above newly exported image to the target windows 2016 server.
  5. Once copied there successfully, load it onto that server using the command – docker load –i <Path of the output file location> Example – docker load –i “d:\temp\images\dotnetsamples”
  6. On the successful execution of the above command, image will be restored successfully. To verify it, run the command – docker images and it should display the imported image name in the results.
  7. Finally, Once image is created successfully, we need to create the container. It can be created using the command – docker run -d -p 80:80 [ImageName] ping -t localhost
  8. It will create the container. You can get the list of running containers using the command – docker container ls

               ——-End Of Article—–