Introducing Sitecore ARM Templates for IaaS Deployments
January 28, 2019
Everything you need to know about deploying a Sitecore ARM Template to an IaaS environment, including video walk-through guides with GeekHive Sitecore MVP John Rappel.
Our Geeks’ Latest Development: Sitecore ARM Templates for IaaS
While Platform as a Service (PaaS) has seen a considerable push lately, at GeekHive, we continue to see a reliance on Infrastructure as a Service (IaaS). In Azure, PaaS environments rely on App Services to host web products whereas IaaS relies on Virtual Machines (VMs). There are tradeoffs to both approaches. This post will cover assisting your IaaS DevOps by automating install and setup of Sitecore to mimic some of the biggest pros of PaaS.
Microsoft provides a mechanism to automate the deployment of resources to either environment type called Azure Resource Management (ARM) templates. Since the release of Sitecore 8.2, Sitecore has provided Sitecore ARM templates for PaaS deployments. But, until now, there has not been a similar approach that relies on IaaS. Due to consistent requests to utilize IaaS on Azure, we at GeekHive have developed a suite of ARM templates that support IaaS deployments. Currently, the repository has support for the following:
- Shared Solr server intended to be used by all resources.
- Sitecore 9.0.x Single, On-Prem deployment. Standalone server, SQL installed on single VM.
- Sitecore 9.0.x Scaled, On-Prem deployment. Individual VMs for Content Management (standalone), multiple Content Deliveries, SQL
Full detailed documentation can be found at the project repository: https://github.com/GeekHive/SitecoreIaaSArmTemplates.
How do these ARM templates differ from those provided by Sitecore?
Aside from the primary difference of IaaS vs. PaaS, the Sitecore templates are inclusive of all versions of Sitecore from 8.2 and up. While GeekHive has used a version of these templates since 8.2, this is the first public version of these templates. As many Sitecore developers are aware, the installation process differs drastically between 8.x and 9.x.
Due to the Sitecore ARM templates relying on PaaS, the deployment process is naturally more flexible. Similar flexibility is possible with the IaaS approach but would require additional updates to the current state of the templates. The GeekHive ARM templates were not designed to be production-ready. They are instead ideal for development environments. It is worth pointing out that if a Production environment is deployed to a PaaS infrastructure, the development environments should mirror this approach.
What exactly do these ARM templates do?
These ARM templates deploy all required resources to provide:
- Public URL(s)
- Remote Desktop Access
- Default size:
- CD web servers:
- CM (standalone) and SQL dedicated:
- CD web servers:
While the primary resources are the Virtual Machines created, the supporting resources make everything possible (these are deployed to the same resource group):
- Availability Sets
- Network Security Groups
- Load Balancers
- Network Interfaces
- Virtual Networks
- Public IP Addresses
- Storage Accounts
The deployment implements all prerequisites for Sitecore 9.0.x deployments, where applicable:
- IIS (all dependencies)
- URL Rewrite
- .Net Versions
- Java SDK
- Self-Signed Certs
- Solr as a Windows Service
- Config Sets (Sitecore vs xDB)
- Web Deploy
- DacFx requirements
- Modify permissions for Counters
All servers also get a small suite of nice-to-have’s:
Review the XXServerConfig.ps1 Desired State Configuration (DSC) scripts to see how these items are installed and modify to include other utilities as desired.
How secure are these ARM templates?
As mentioned above, these ARM templates deploy resources in a rather public fashion. For example, Solr and SQL include PublicIPAddress resources. The SQL VM is publicly available to remote into, however only provides a direct SQL connection for resources on the same Virtual Network (view DBNetworkSecurityGroups.json).
All deployed resources are manageable after deployment from the Azure Portal. If your security requirements are stricter than those present, modify the ARM templates or modify the resources after deployment. As an example, GeekHive requires Basic Authentication on development sites as a first line of defense.
What about Sitecore 9.1?
These templates were in development prior to the release of 9.1. Version 9.1 brought with it the Sitecore Installation Framework (SIF) 2.0.0. In fact, this deployment broke the minute 2.0.0 was released (you will see where the SIF version is specified, currently defaulting to 1.2.1). SIF 2.0.0 has a variety of updates that will assist in this style of deployment. Look for future updates to support 9.1 as well as more variety with server roles/configurations. GeekHive is always open to Pull Requests from the community, as well.
Video Deployment Guides
The video, below, walks you through a shared Solr deployment. This deployment results in a public Solr server/URL. This server is used by all subsequent deployments and, by default, only responds via SSL. All Sitecore prerequisites are installed and ready to be used by future XP0 and XP1 deployments. The idea is that all environments in this cluster share the same Solr server. Each core is prefixed with the environment name to differentiate them.
Shared Solr Server
Sitecore XP Single
The video, below, walks through an example deployment of Sitecore XP Single. The full deployment takes around 30 minutes.
Sitecore XP Scaled
The video, below, walks through an example deployment of Sitecore XP Scaled. The full deployment takes around 45 minutes.
We are anticipating some mixed reactions from the community, but are hopeful that others can benefit from these templates. As GeekHive continues to receive requirements for these styles of deployment, we will continue to update this resource. Feel free to reach me directly on Sitecore Slack (jraps) or Twitter if you have any questions or comments.
Lastly, the concept for this effort was largely facilitated by the previous efforts of other GeekHive members- too many to name in fact. Thank you!
Stay up to date with our email updates!
Never miss out on a Sitecore update again!
Our newsletter features a blog roundup of our top posts so you can stay up to date with industry trends, tutorials, and best practices.