Setup
Prerequisites
- Latest Azure SDK
- Azure Subscription
- Visual Studio 2012 or 2013 (2010 may work but is untested. Ultimate is required for architecture models)
- Chutzpah Visual Studio Extension (Javascript testing integration)
- Web Essentials 2012 Visual Studio Extension (Not required for VS 2013)
- Typescript SDK (Not required for VS 2013)
Setting up Azure
Before deploying to Azure, you’ll need to set up your subscription with all necessary services. Before continuing with this setup guide, ensure that you have a valid Azure subscription and that you are logged in to the Management Portal.
Cloud Service
The Student Success Dashboard runs as a Web Role instance in an Azure Cloud Service. Create a Cloud Service using the URL domain of your choice in the data center location that would best serve your user base.
Storage Account
Much like the Azure Cloud Service, create a Storage Account by specifying the URL domain of your choice. The data center location should be the same as you chose for the Cloud Service in order to ensure the best performance. Connectivity between services within a data center is incredibly fast.
Database Server
The first step here is to set up the server you want to deploy to in your Azure subscription. To do this, navigate to the SQL Databases section and click the Servers tab:
Click the Add button on the bottom command panel and enter the administrator credentials and select the region. Again, the region should match the Cloud Service to achieve the highest performance. The server name will be created for you after submitting this information; there is no way to specify a name.
NOTE: The "SSD" database utilized by the application will be created automatically for you when running the application, thanks to the use of the Entity Framework Code-first technology. See Configuration below for information on setting the application's database connection string.
Access Control Service (ACS)
Next, create the ACS namespace you wish to authenticate against. Enter the namespace DNS domain name and select the region closest to the majority of your users.
Select the newly created namespace and click the Manage button. This will open a new tab to the Access Control Service management portal.
First, add the identity providers you wish to support via the "Identity providers" tab. By default, ACS allows you to configure authentication through Windows Live ID (automatically configured), Yahoo!, Google, and Facebook. With Facebook, you must configure an application within Facebook as well in order for ACS to successfully broker the authentication request through Facebook.
Next click the "Relying party applications" tab to make ACS aware of the Student Success Dashboard. Click Add and fill in the following settings.
- Name The name of the relying party. This must be unique, so a convention might be to use the URL.
- Realm The URL of the homepage from which authentication requests will come.
- Return URL The URL to which the user will be sent back into the application after a successful authentication. For the Student Success Dashboard, this should be the same as the Realm.
- Token Lifetime Generally, you should set this value to beyond the default 10 minutes. It is important to remember that this is not a sliding expiration so user activity does not automatically extend this lifetime.
- Rule groups For now, just uncheck this option and we'll create the rules later in this setup guide.
A relying party should be created for both the http and https endpoints of the application.
Finally, go to the "Rule groups" tab and click Add. Enter "Student Success Dashboard rule group" and click Save. Select all relying parties. Click the Generate button and generate the default rules for each identity provider. Save again to complete setup of the ACS namespace.
SendGrid
The last Azure service to setup is SendGrid, a third-party cloud service for handling emails. The Azure Cloud Service does not have an SMTP server running, so we need an external provider to send the confirmation emails from within the Student Success Dashboard. You are free to choose a different provider, but SendGrid is integrated into the Azure management experience and is free up to 25,000 emails per month.
First, click New in the Azure Management Portal and click the Store option, which is in preview as of the time of this writing, and may be subject to change slightly.
This will present you with a modal window where you can select and configure the third-party cloud service. Find SendGrid in the list and proceed to the next page. Next, select the plan (start with Free), enter a unique name for your email service, and select the data center region.
Once the service is created you can see it from the Add-ons section of the Azure Management Portal. Select it and click the Connection Info button to view information necessary to send email using this service. You will need this information to complete the Configuration defined below.
Configuration
StudentSuccessDashboard/Web.config
FederationMetadataLocation
Enter the namespace name you wish to authenticate against when running locally into this setting in configuration/appSettings.
Machine Keys
Enter the validationKey and decryptionKey attribute values you wish to use for your deployments. These attributes are found on the configuration/system.web/machineKey element.
Trusted Issuer Name
Set the Azure ACS namespace name you wish to authenticate against when running locally into the name attribute of the configuration/system.identityModel/identityConfiguration/securityTokenHandlers /securityTokenHandlerConfiguration/issuerNameRegistry/trustedIssuers/add element.
wsFederation Issuer
Set the Azure ACS namespace name you wish to authenticate against when running locally into the issuer attribute of the configuration/system.identityModel.services/federationConfiguration/wsFederation element.
StudentSuccessDashboard/Web.*.config Transforms
The Web.config file has a Debug and Release transform which modifies the configuration for deployment environments. The Web.Debug.config file corresponds to the Staging deployment of the Azure Cloud Service, while Web.Release.config corresponds to the Production deployment.
FederationMetadataLocation
Enter the namespace name you wish to authenticate against when running in the Azure Cloud Service deployment into this setting in configuration/appSettings.
Audience URIs
Enter the DNS name of Azure Cloud Service deployment into the configuration/system.identityModel/ identityConfiguration/audienceUris/add elements.
wsFederation Issuer
Enter the namespace name you wish to authenticate against when running in the Azure Cloud Service deployment into the issuer attribute of the configuration/system.identityModel.services/federation Configuration/wsFederation element. Also, enter a valid realm for the ACS namespace (it should match one of the audienceUris) into the realm attribute.
SSD.Azure/ServiceConfiguration.*.cscfg
There are 3 Azure Cloud Service configuration files that correspond to running Local (emulated), in Debug (Staging deployment), and Release (Production deployment). There are a number of ConfigurationSettings that need to be adjusted to the environment.
Microsoft.WindowsAzure.Plugins.Diagnostics.ConnectionString
The connection string to the Azure Storage Account where diagnostic data will be added. NOTE: Local uses the emulated development storage by default and may not need to be changed.
Microsoft.WindowsAzure.Plugins.Caching.ConfigStoreConnectionString
The connection string to the Azure Storage Account where caching configuration will be stored. NOTE: Local uses the emulated development storage by default and may not need to be changed.
AdministratorEmailAddresses
These are the email addresses that will set a user as an administrator when the email is registered and confirmed. These settings are important to ensure upon initial install a user has appropriate access to setup the initial user base.
AcsNamespace
The ACS namespace name that handles authentication requests from this environment.
StorageConnectionString
The connection string to the Azure Storage Account the application works with for user functionality. NOTE: Local uses the emulated development storage by default and may not need to be changed.
DatabaseConnectionString
The Data Source server name, User ID, and Password must be set for the Azure Database to
connect to for this environment.
NOTE: Local uses a local instance of SQLEXPRESS by default and may not need to be changed.
SmtpUserName
The username of the SendGrid account that handles the email confirmations.
SmtpPassword
The password of the SendGrid account that handles the email confirmations.
SupportEmailAddress
The email address users can send support requests to. This email address is accessible to users via the Support page.
SupportHelpDesk
The URL to a support helpdesk to assist users with the application. This URL is accessible to users via the Support page.
SSD.Azure/Profiles/*.azurePubxml
The publish profiles for the Staging and Production Azure Cloud Service deployments are maintained separately for the Debug and Release build configurations. The best way to set these values is by running the publish wizard from within Visual Studio.
Deployment Setup
There are currently 3 existing service configurations in the application, 2 of which are linked to publish profiles, Debug and Release. If you wish to create more, you can do “Create a Copy” from the Publish dropdown. Settings for these accounts like the connection string can be modified to match your newly created servers from the Azure project -> Roles -> SSD and then clicking on the Settings section:
Additionally, it is suggested that any time you move to Production, or are preparing a Staging environment, that you create a backup of your production database. Information on how to do that can be found here: http://technet.microsoft.com/en-us/library/ms187510.aspx
Return to the wiki Home.