Deploying .NET applications with Chef Infracoders London, #infracoders 4th September, 2014 

About me… • Ex-Rackspace, couple of startups in UK and abroad • Professional (technology) ranter - Ops guy • Programming language tourist, currently in love with Go • I blog about Linux containers http://containerops.org/ • Currently freelancing • Twitter: @milosgajdos • Linkedin: http://uk.linkedin.com/in/milosgajdos 

Windows automation • Sucks! Fear not - things are improving! Rapidly! • Get ready for the world with almost NO standards • Having even basic Windows administration experience helps massively • You need at least basic knowledge of PowerShell or advanced Google skills, but ideally both! 

Very simple deployment pipeline 

Provisioning Windows servers tips • Bake your Windows AMIs - we used chef-solo (even better - use chef zero) to do the most time consuming stuff like installing IIS, cygwin + OpenSSH, etc. • Avoid installing too much stuff on your servers from scratch during provisioning - unless you have plenty of time or can afford to wait! • Access your servers via SSH - unless you understand RDP/ WinRM and have reliable clients (knife-ec2 --bootstrap-protocol ssh) 

Configuring Windows servers with Chef I. • Get familiar with the awesome windows, IIS and dsc cookbooks! • We wrote our own wrapper winsvc cookbook which: • installs MS .NET (versions 4 and 4.5) • installs MS Web Deploy • installs SQL Server CE • modifies various Windows registries • sets up Windows tasks (for scheduled jobs) ! • Majority of the above is baked into the AMI, but Chef resources in winsvc cookbook recipes are idempotent - useful to have the above recipes in run_lists of already running servers for upgrades triggered via Chef attributes 

Configuring Windows servers with Chef II. • Disable auto updates if you can - unless you enjoy some very unpleasant surprises! Find other ways to patch your servers. • Turn off Shutdown Tracker and IE enhanced security for both Administrators and Users - those are incredibly annoying! • Make sure you don’t open Remote Desktop access to the outside world - we controlled the access to RDP via AWS Security Groups 

Deploying .NET applications with Chef • chef-client + MS Web Deploy https://gist.github.com/milosgajdos83/b953462536dd52dedcdc • Deployments are idempotent - we don’t attempt to redeploy already deployed version to avoid unnecessary restarts: ! already_deployed = "((dir #{node['msapp']['deploy_path']}\\bin\\MsApp.dll).VersionInfo.FileVersion -eq \'#{version}\')" ! windows_batch "Deploy-MsApp" do code <<-EOH "#{node['msapp']['extract_path']}\\MsApp.deploy.cmd" /y EOH guard_interpreter :powershell_script notifies :restart, "iis_site[#{node['msapp']['iis']['site']}]" not_if "#{already_deployed}" end 

Useful links • https://github.com/opscode-cookbooks/windows • https://github.com/opscode-cookbooks/iis • https://github.com/opscode-cookbooks/dsc • https://github.com/Webtrends/ms_dotnet4 • https://github.com/Webtrends/ms_dotnet45 • https://github.com/Novakov/cookbook_msdeploy • https://github.com/joefitzgerald/sqlce • https://github.com/opscode/knife-windows • https://github.com/opscode/knife-ec2 • http://foodfightshow.org/2014/01/were-doing-it-wrong.html