{"id":19495,"date":"2016-08-18T10:41:50","date_gmt":"2016-08-18T14:41:50","guid":{"rendered":"https:\/\/blogs.msdn.microsoft.com\/visualstudioalm\/?p=19495"},"modified":"2024-06-12T08:32:09","modified_gmt":"2024-06-12T16:32:09","slug":"deploying-an-azure-ubuntu-linux-vm-running-apache-tomcat-for-use-with-visual-studio-team-services-and-team-foundation-server","status":"publish","type":"post","link":"https:\/\/devblogs.microsoft.com\/devops\/deploying-an-azure-ubuntu-linux-vm-running-apache-tomcat-for-use-with-visual-studio-team-services-and-team-foundation-server\/","title":{"rendered":"Deploying an Azure Ubuntu Linux VM Running Apache Tomcat for use with Visual Studio Team Services and Team Foundation Server"},"content":{"rendered":"<p><a href=\"https:\/\/www.visualstudio.com\/products\/visual-studio-team-services-vs\">Visual Studio Team Services<\/a> and <a href=\"https:\/\/www.visualstudio.com\/products\/tfs-overview-vs\">Team Foundation Server (TFS)<\/a>\u00a0now have at least three mechanisms (i.e. deployment and utility\u00a0tasks) for deploying to a Linux host or virtual machine (VM).\u00a0 This walkthrough will show specifically how to setup and configure an Ubuntu (v16) VM on <a href=\"https:\/\/azure.microsoft.com\/\">Azure <\/a>to run Tomcat and other necessary services to support three different and distinct Team Services deployment tasks to enable continuous integration and deployment (CI\/CD).\u00a0 We will\u00a0configure the VM to enable the Apache Tomcat Deployment task, the Copy Files\u00a0over SSH\u00a0task, and the FTP Upload task (using ftps) to enable deployment of web applications from Team Services and TFS.<\/p>\n<p>The <a href=\"https:\/\/marketplace.visualstudio.com\/items?itemName=ms-vscs-rm.apachetomcat\">Apache Tomcat Deployment task <\/a>is available on the <a href=\"https:\/\/marketplace.visualstudio.com\/vsts\">Visual Studio Marketplace<\/a>.\u00a0 The\u00a0Copy Files over SSH\u00a0and FTP Upload tasks have just been released with their respective blog announcements below:<\/p>\n<ul>\n<li><a href=\"https:\/\/blogs.msdn.microsoft.com\/visualstudioalm\/2016\/08\/18\/copy-files-over-ssh-during-continuous-integration-and-deployment\/\">https:\/\/blogs.msdn.microsoft.com\/visualstudioalm\/2016\/08\/18\/copy-files-over-ssh-during-continuous-integration-and-deployment\/<\/a><\/li>\n<li><a href=\"https:\/\/blogs.msdn.microsoft.com\/visualstudioalm\/2016\/08\/18\/upload-files-with-ftp-ftps\/\">https:\/\/blogs.msdn.microsoft.com\/visualstudioalm\/2016\/08\/18\/upload-files-with-ftp-ftps\/<\/a><\/li>\n<\/ul>\n<h2>Get going quickly<\/h2>\n<p>If you want a quick and simple method for deploying an Azure Ubuntu Linux VM with Tomcat, SSH and FTP for use with Visual Studio Team Services and TFS, then you can use the Azure QuickStart ARM template found here:<\/p>\n<ul>\n<li><a href=\"https:\/\/github.com\/Azure\/azure-quickstart-templates\">https:\/\/github.com\/Azure\/azure-quickstart-templates<\/a><\/li>\n<\/ul>\n<p>Using the above template and script, you can configure and deploy a new Azure Ubuntu Tomcat server in a matter of minutes by providing a few required parameters.\u00a0 Be sure to allow the full Azure deployment to complete before logging into the VM (as logging in to soon can cause permission issues).<\/p>\n<p>On the other hand, if you want to setup and tailor\u00a0the Azure Ubuntu VM yourself, then follow the detailed instructions below.\u00a0 Following these instructions, you can setup Tomcat for deploying from Team Services \/ TFS with either or all of the Apache Tomcat extension deployment task, the built-in Copy Files over SSH deployment task or the built-in FTP Upload task.<\/p>\n<p>If you would prefer to setup an Azure Red Hat VM (instead of or in addition to\u00a0Ubuntu)\u00a0running Tomcat, then follow the instructions in this sister blog post:<\/p>\n<ul>\n<li><a href=\"https:\/\/blogs.msdn.microsoft.com\/visualstudioalm\/2016\/08\/18\/deploying-an-azure-red-hat-linux-vm-running-apache-tomcat-for-use-with-visual-studio-team-services-and-team-foundation-server\">https:\/\/blogs.msdn.microsoft.com\/visualstudioalm\/2016\/08\/18\/deploying-an-azure-red-hat-linux-vm-running-apache-tomcat-for-use-with-visual-studio-team-services-and-team-foundation-server<\/a><\/li>\n<\/ul>\n<h2>Deploy a Linux Ubuntu VM on Azure<\/h2>\n<p>The first step for our walkthrough is to create a Linux Ubuntu VM running in Azure.\u00a0 If you don&#8217;t yet have an Azure account, you can <a href=\"https:\/\/azure.microsoft.com\/en-us\/free\/\">sign up for one free<\/a>.<\/p>\n<p>Login to Azure and go to the Azure Portal, <a href=\"https:\/\/portal.azure.com\">https:\/\/portal.azure.com<\/a>.\u00a0\u00a0 In the left-hand navigation panel, click on Virtual machines.\u00a0 Under the Virtual Machines panel, click &#8220;+ Add&#8221;.\u00a0 This brings up the Virtual Machines marketplace window.\u00a0 In the search window (by the magnifying glass), enter &#8220;Ubuntu&#8221; and press Enter.\u00a0 Find and click on the line containing &#8220;Ubuntu Server 16.04 LTS&#8221;.\u00a0\u00a0\u00a0 Ensure the &#8220;Resource Manager&#8221; deployment model is selected and press the &#8220;Create&#8221; button.<\/p>\n<p>Under the &#8220;Basics&#8221; panel,\u00a0\u00a0choose and enter a &#8220;Name&#8221; for your VM and a\u00a0&#8220;User name&#8221;.\u00a0 Select &#8220;Password&#8221; as the Authentication type, and enter and confirm a password for your VM.\u00a0 Create a new Resource group (e.g. &#8220;demo&#8221;) and select a Location nearest to your physical location.\u00a0 Other values can remain as their defaults.\u00a0 When you are ready, press the &#8220;OK&#8221; button.<\/p>\n<p>Under the &#8220;Choose a size&#8221; panel, click on the option to &#8220;View all.&#8221;\u00a0 For the purposes of this walkthrough, we recommend choosing a size of &#8220;F1S Standard&#8221; but any will work.\u00a0 It is easy to upgrade to a more powerful VM later if you like.\u00a0 Click on the size you want to use and then press the &#8220;Select&#8221; button at the bottom of the panel.<\/p>\n<p>Under the &#8220;Settings&#8221; panel, the defaults should all work for this demo, so just press the &#8220;OK&#8221; button at the bottom of the panel.<\/p>\n<p>Assuming all the parameters for the VM are OK, you should see a blue banner stating &#8220;Validation passed&#8221;.\u00a0 If you are satisfied with the setup displayed, press the &#8220;OK&#8221; button at the bottom of the panel to actually start the deployment of the VM.<\/p>\n<p>To view the progress with deploying the VM, you can click on the bell looking icon in the upper right of the dark blue menu bar and then click on the &#8220;Deployment started&#8230;&#8221; message.\u00a0 A panel will be displayed showing the status of the deployment, likely with a blue banner stating the VM is &#8220;Deploying.&#8221;\u00a0 You can &#8220;Refresh&#8221; to see current status or even &#8220;Cancel&#8221; the request to create the VM from this panel.\u00a0 After a few minutes, press &#8220;Refresh&#8221; to see of the deployment is finished (i.e. Status is Succeeded).\u00a0 Once the VM is deployed, click on the &#8220;Virtual machines&#8221; in the far-left navigation panel and then click on your newly created VM in the list under the Virtual machines panel.<\/p>\n<p>Note (and record) the Public UP address of your new VM.\u00a0 We will use it to login and configure the VM.\u00a0 If you like, you can give your VM a public DNS name.\u00a0 To do this, click on the word &#8220;<none>&#8221; which appears beside the public IP address.\u00a0 Then click on &#8220;Configuration&#8221;, and finally enter the DNS name label in the text box provided.\u00a0 You should write down and note the name you entered as well as the data center (i.e. myVM.southcentralus.cloudapp.azure.com).\u00a0 When you have entered the name of your choosing, press &#8220;Save&#8221; by the disk icon near the top of the panel.\u00a0 You can use either the public IP address or DNS name to refer to your VM using popular tools.\u00a0 If you have noted and saved\u00a0the IP and DNS names, you can close the Azure portal in the web browser.<\/p>\n<h2> <\/h2>\n<h2>Login to your Apache Tomcat Azure Linux Ubuntu VM<\/h2>\n<p>Using a tool of your choosing, log in to your newly created Ubuntu 16 Server VM.\u00a0 Free tools are available such as <a href=\"http:\/\/mobaxterm.mobatek.net\/download.html\">MobaXterm<\/a>.\u00a0 You can also use a Windows Command prompt and use the command:\u00a0 <em><span style=\"color: #000000\">ssh <hostname> -l <username><\/span><\/em><\/p>\n<p>You will need to know how to use a basic text editor (such as &#8216;vi&#8217;, &#8216;vim&#8217; or &#8216;nano&#8217;)\u00a0in order to edit files to configure your server.<\/p>\n<h2> <\/h2>\n<h2>0&#46;\u00a0 Install\u00a0Apache Tomcat On\u00a0Your Azure Linux Ubuntu VM<\/h2>\n<p>To get Tomcat running, we will install the standard\u00a0Apache2, Tomcat7, and mod-jk packages.<\/p>\n<p><span style=\"text-decoration: underline\">0.1:\u00a0<\/span> From a terminal window running on your newly created Ubuntu 16 Server, enter the following commands (you will need to allow each command to complete before entering the next command):<\/p>\n<p><strong><em>sudo apt update<\/em><\/strong><\/p>\n<p><strong><em>sudo apt upgrade -y<\/em><\/strong><\/p>\n<p><strong><em>sudo apt-get install -y apache2<\/em><\/strong><\/p>\n<p><strong><em>sudo apt-get install -y tomcat7<\/em><\/strong><\/p>\n<p><strong><em>sudo apt-get install -y tomcat7-admin<\/em><\/strong><\/p>\n<p><strong><em>sudo apt-get install -y libapache2-mod-jk<\/em><\/strong><\/p>\n<p>Now that the required packages are installed on your VM, you need to configure the services.<\/p>\n<p>\u00a0<\/p>\n<p><span style=\"text-decoration: underline\">0.2:<\/span>\u00a0 Edit the file \/etc\/tomcat7\/server.xml (e.g. sudo vi \/etc\/tomcat7\/server.xml) and<\/p>\n<p>Uncomment the following line and save the file:<\/p>\n<p><em><Connector port=\"8009\" protocol=\"AJP\/1.3\" redirectPort=\"8443\" \/><\/em><\/p>\n<p>\u00a0<\/p>\n<p><span style=\"text-decoration: underline\">0.3:<\/span>\u00a0 Create a new file \/etc\/apache2\/workers.properties (e.g. sudo vi \/etc\/apache2\/workers.properties) and<\/p>\n<p>Add\/insert the following 5 lines and save the file:<\/p>\n<p><em># Define 1 real worker using ajp13<\/em><\/p>\n<p><em>worker.list=worker1<\/em><\/p>\n<p><em>worker.worker1.type=ajp13<\/em><\/p>\n<p><em>worker.worker1.host=localhost<\/em><\/p>\n<p>*worker.worker1.port=8009\u00a0 *<\/p>\n<p>\u00a0<\/p>\n<p><span style=\"text-decoration: underline\">0.4:\u00a0<\/span> Edit the file \/etc\/apache2\/mods-available\/jk.conf (e.g. sudo vi \/etc\/apache2\/mods-available\/jk.conf) and<\/p>\n<p>Change the line for the \u00a0JkWorkersFile property and save the file:<\/p>\n<p><em>JkWorkersFile\u00a0 \/etc\/apache2\/workers.properties<\/em><\/p>\n<p>\u00a0<\/p>\n<p><span style=\"text-decoration: underline\">0.5:\u00a0<\/span> Edit the file \/etc\/apache2\/sites-enabled\/000-default.conf (e.g. <span>sudo vi \/etc\/apache2\/sites-enabled\/000-default.conf) and<\/span><\/p>\n<p>Add the following line just above the <\/VirtualHost> tag line (near the bottom of the file) and save the file:<\/p>\n<p><em>JkMount \/<\/em> worker1*<\/p>\n<p>\u00a0<\/p>\n<p><span style=\"text-decoration: underline\">0.6:\u00a0<\/span> Create a symbolic link to the Tomcat manager:<\/p>\n<p><strong><em>cd \/var\/lib\/tomcat7\/webapps<\/em><\/strong><\/p>\n<p><strong><em>sudo ln -s \/usr\/share\/tomcat7-admin\/manager manager<\/em><\/strong><\/p>\n<p>\u00a0<\/p>\n<p><span style=\"text-decoration: underline\">0.7:<\/span>\u00a0 Update the permissions on the Tomcat webapps and install directory:<\/p>\n<p><strong><em>sudo chown -R tomcat7.tomcat7 \/var\/lib\/tomcat7\/webapps<\/em><\/strong><\/p>\n<p><strong><em>sudo chown tomcat7.tomcat7 \/usr\/share\/tomcat7<\/em><\/strong><\/p>\n<p>\u00a0<\/p>\n<p><span style=\"text-decoration: underline\">0.8:<\/span> Set the default Tomcat\u00a0umask to enable owner and group access by editing \/etc\/init.d\/tomcat7 (e.g. sudo vi \/etc\/init.d\/tomcat7):<\/p>\n<p>Change the line containing &#8220;umask 022&#8221; to instead be:<\/p>\n<p><em>umask 002<\/em><\/p>\n<p>Save the file.<\/p>\n<p>\u00a0<\/p>\n<p><span style=\"text-decoration: underline\">0.9:<\/span>\u00a0 Restart the Tomcat7 and Apache2 servers:<\/p>\n<p><strong><em>sudo systemctl daemon-reload<\/em><\/strong><\/p>\n<p><strong><em>sudo \/etc\/init.d\/tomcat7 restart<\/em><\/strong><\/p>\n<p><strong><em>sudo \/etc\/init.d\/apache2 restart<\/em><\/strong><\/p>\n<p>Each service should have reported OK for the above restart commands when they started successfully.<\/p>\n<p>\u00a0<\/p>\n<p><span style=\"text-decoration: underline\">0.10:<\/span>\u00a0 Your Ubuntu Server is now running Tomcat, but Azure needs to be configured to allow incoming traffic to reach your server.\u00a0 To do this:<\/p>\n<ol>\n<li>Open Azure portal: <a href=\"https:\/\/portal.azure.com\">https:\/\/portal.azure.com<\/a><\/li>\n<li>Select &#8220;Virtual machines&#8221; in the left-hand navigation panel (not Virtual machines (classic))<\/li>\n<li>Under the &#8220;Virtual machines&#8221; panel, select the machine you want to update<\/li>\n<li>Click on &#8220;Network interfaces&#8221; under Settings<\/li>\n<li>Click on the network interface to be updated<\/li>\n<li>Click on &#8220;Network security group&#8221; under Settings<\/li>\n<li>Click on the network security group to be updated<\/li>\n<li>Click on &#8220;Inbound security rules&#8221; under Settings<\/li>\n<li>&#8220;+Add&#8221; a new rule with Name &#8220;default-allow-tomcat&#8221; on Destination port range 80, and click the &#8220;OK&#8221; button.\u00a0 The other default values should be sufficient.<\/li>\n<\/ol>\n<p>The VM will show as &#8220;Updating&#8221; and then reports back the rule has been added.\u00a0\u00a0 Your Azure Ubuntu 16 Server is now fully configured for Tomcat.<\/p>\n<p>The image below shows the final state for the Inbound Security Rules at the completion of this entire walkthrough.\u00a0 Only the first two rules\u00a0(default-allow-ssh and default-allow-tomcat) will be configured initially after step 0.10 is completed.\u00a0 The &#8220;default-allow-ftps&#8221; and &#8220;default-allow-ftp&#8221; rules are configured later in steps 3.6 and 3.7 and are only needed if you want to deploy using FTP (ftps).<\/p>\n<p><img decoding=\"async\" width=\"879\" height=\"311\" class=\"size-large wp-image-19635 aligncenter\" alt=\"Azure inbound security rules\" src=\"https:\/\/devblogs.microsoft.com\/devops\/wp-content\/uploads\/sites\/6\/2016\/08\/Azure-inbound-security-rules-1024x362.png\" \/><\/p>\n<p>\u00a0<\/p>\n<p><span style=\"text-decoration: underline\">0.11:<\/span>\u00a0 To verify the operation, open a web browser window pointing to your new server&#8230;<\/p>\n<p>Example:\u00a0 http:\/\/raisatomcat.southcentralus.cloudapp.azure.com\/<\/p>\n<p>The webpage should display &#8220;It works !&#8221; with some other text (as shown below).\u00a0 If not, go back and make sure all of the above steps were completed in the order specified.<\/p>\n<p><img decoding=\"async\" width=\"892\" height=\"371\" class=\"size-full wp-image-19636 aligncenter\" alt=\"Tomcat Works\" src=\"https:\/\/devblogs.microsoft.com\/devops\/wp-content\/uploads\/sites\/6\/2016\/08\/Tomcat-Works.png\" \/><\/p>\n<p>In the next sections, we will describe three different deployment methods for deploying web applications\u00a0to this Tomcat server in Azure from Team Services (or TFS).\u00a0 Each section is independent of the other section so you can choose to configure only one option, any two options, or all three as your needs require.\u00a0 That is, Option 2 is not dependent on Option 1, Option 3 is not dependent on options 2 and 3, etc.<\/p>\n<p>\u00a0<\/p>\n<h2>Option 1:\u00a0 Configure Tomcat Azure VM for Web UI Manager\u00a0Access\u00a0and the Team Services Apache Tomcat Deployment Task<\/h2>\n<p>Add permissions to be able to access the Tomcat manager (Web UI and\/or Team Services task).<\/p>\n<p><span style=\"text-decoration: underline\">1.1:<\/span>\u00a0* *Edit the file <span>\/etc\/tomcat7\/tomcat-users.xml<\/span> \u00a0(e.g. sudo vi <span>\/etc\/tomcat7\/tomcat-users.xml<\/span>) and add the following lines between the <tomcat-users> and <\/tomcat-users> tags \u00a0and save the file:<\/p>\n<p><em><role rolename=\"tomcat\"\/><\/em><\/p>\n<p><em><role rolename=\"manager-script\"\/><\/em><\/p>\n<p><em><role rolename=\"manager-gui\"\/>:q<\/em><\/p>\n<p><em><role rolename=\"manager\"\/><\/em><\/p>\n<p><em><role rolename=\"admin-gui\"\/><\/em><\/p>\n<p><em><user username=\"tomcat\" password=\"tomcat\" roles=\"tomcat\"\/><\/em><\/p>\n<p><em><user username=\"<span style=\"color: #ff0000;text-decoration: underline\"><strong>manager<\/strong><\/span>&#8221; password=&#8221;<span style=\"color: #ff0000;text-decoration: underline\"><strong>bitnami<\/strong><\/span>&#8221; roles=&#8221;tomcat,manager-script,manager-gui,admin-gui&#8221;\/><\/em><\/p>\n<p>Use your own values for the Tomcat <span style=\"color: #ff0000\">username<\/span> and <span style=\"color: #ff0000\">password<\/span>.\u00a0 You will need to note and save these values as you will need to them to access the Tomcat manager web UI and also to setup Team Services to deploy with the Tomcat Deployment Task.<\/p>\n<p>\u00a0<\/p>\n<p><span style=\"text-decoration: underline\">1.2:<\/span>\u00a0 Restart the Tomcat7 and Apache2 servers:<\/p>\n<p><strong><em>sudo \/etc\/init.d\/tomcat7 restart<\/em><\/strong><\/p>\n<p><strong><em>sudo \/etc\/init.d\/apache2 restart<\/em><\/strong><\/p>\n<p>Each service should have reported OK for the above commands when they started successfully.<\/p>\n<p>\u00a0<\/p>\n<p><span style=\"text-decoration: underline\">1.3<\/span>:\u00a0 To verify you have Tomcat manager permissions configured, open a web browser to the your host&#8217;s URL but add &#8220;manager&#8221; to the end&#8230;<\/p>\n<p>Example:\u00a0 http:\/\/raisatomcat.southcentralus.cloudapp.azure.com\/manager<\/p>\n<p>When prompted, enter the username and password you used when editing the <span>\/etc\/tomcat7\/tomcat-users.xml<\/span>\u00a0\u00a0file above.<\/p>\n<p>The webpage should successfully\u00a0display the Tomcat Web Application Manager page as partially shown below:<\/p>\n<p><img decoding=\"async\" width=\"879\" height=\"389\" class=\"size-large wp-image-19645 aligncenter\" alt=\"Tomcat Manager\" src=\"https:\/\/devblogs.microsoft.com\/devops\/wp-content\/uploads\/sites\/6\/2016\/08\/Tomcat-Manager-1024x453.png\" \/><\/p>\n<p>\u00a0<\/p>\n<p>You can now install the <a href=\"https:\/\/marketplace.visualstudio.com\/items?itemName=ms-vscs-rm.apachetomcat\">Apace Tomcat Deployment<\/a> task from your Team Services project to deploy to your Tomcat server:<\/p>\n<p><img decoding=\"async\" width=\"695\" height=\"533\" class=\"size-full wp-image-19575 aligncenter\" alt=\"tomcat install\" src=\"https:\/\/devblogs.microsoft.com\/devops\/wp-content\/uploads\/sites\/6\/2016\/08\/tomcat-install.png\" \/><\/p>\n<p>\u00a0<\/p>\n<p>Then create a build or release definition containing the Deploy Application to a Tomcat Server deployment task &#8212; you <span style=\"text-decoration: underline\">should not<\/span> specify port 8080 as the task documentation mentions (you do not need to specify a port at all) and use the username and password\u00a0from step 1.1 above (note: most applications have an Application Context of &#8220;\/&#8221; which is different than what is shown below):<\/p>\n<p><span style=\"color: #ff0000\"><img decoding=\"async\" width=\"511\" height=\"391\" class=\"size-full wp-image-19565 aligncenter\" alt=\"tomcat deploy\" src=\"https:\/\/devblogs.microsoft.com\/devops\/wp-content\/uploads\/sites\/6\/2016\/08\/tomcat-deploy.png\" \/><\/span><\/p>\n<p>\u00a0<\/p>\n<p>\u00a0<\/p>\n<h2>Option 2:\u00a0 Configure Tomcat Azure VM\u00a0for Team Services Built-in <em>Copy Files Over SSH<\/em> Deployment Task<\/h2>\n<p><span style=\"text-decoration: underline\">2.1:<\/span>\u00a0 Create an account (tcdeploy)\u00a0on the server with the same group ID as the Tomcat service to enable easier deployments into the Tomcat webapps directory:<\/p>\n<p><strong><em>sudo adduser &#8211;ingroup tomcat7 tcdeploy<\/em><\/strong><\/p>\n<p>(select a password and then hit enter to default other options\/parameters and then type &#8216;Y&#8217; when asked if the information is correct)<\/p>\n<p>\u00a0<\/p>\n<p><span style=\"text-decoration: underline\">2.2:\u00a0<\/span> Configure the default umask for SSH to enable RW for user and group<\/p>\n<p><strong><em>sudo vi \/etc\/pam.d\/sshd<\/em><\/strong><\/p>\n<p>Add the following line right after the line containing &#8220;@include common-session&#8221; and then save the file:<\/p>\n<p><em>session\u00a0optional\u00a0pam_umask.so umask=002<\/em><\/p>\n<p>\u00a0<\/p>\n<p><span style=\"text-decoration: underline\">2.3:<\/span>\u00a0 Then restart the SSH daemon:<\/p>\n<p><strong><em>sudo systemctl daemon-reload<\/em><\/strong><\/p>\n<p><strong><em>sudo service sshd restart<\/em><\/strong><\/p>\n<p>\u00a0<\/p>\n<p><span style=\"text-decoration: underline\">2.4:<\/span>\u00a0 Create an RSA public and private key for SSH:<\/p>\n<p><strong><em><span>su tcdeploy <\/span><\/em><\/strong>(enter password you selected for the tcdeploy account above in step 2.1)<\/p>\n<p><strong><em>cd<\/em><\/strong><\/p>\n<p>***ssh-keygen ***(use defaults for all prompts except DO\u00a0pick a passphrase and choose one that you will remember)<\/p>\n<p><strong><em>cd .ssh<\/em><\/strong><\/p>\n<p><strong><em>cp id_rsa.pub authorized_keys<\/em><\/strong><\/p>\n<p><strong><em>cat id_rsa<\/em><\/strong><\/p>\n<p>You will need to <span style=\"text-decoration: underline\">cut-n-paste this RSA private key to save later<\/span>.\u00a0 You will need this private key and the passphrase when setting\u00a0up your SSH endpoint in Team Services.<\/p>\n<p>The key will look something like this:<\/p>\n<p>&#8212;&#8211;BEGIN RSA PRIVATE KEY&#8212;&#8211; Proc-Type: 4,ENCRYPTED DEK-Info: AES-128-CBC,D4E587DECFADB218703A5431F7CFD6F7<\/p>\n<p>PwkwPlFpm7JAT8Oc7pLpTzXEL9bl8LiDl8nnhuC9VZSOU58+cyR5m\/e+6Odfx9eU RUyhInyFm2D9y9ud79GgCW9aUR2aH61L1TgoZjM1aNWlIYvDr+Eq63yNfZHvz1C\/ plDkEPp0qOrmYdzL38hxG8c8y8TPjpqSxeITVu9Ql+S5Jz\/BodNQPvqOnR\/\/3SgI E3ur2XxSkgvLg02k4XS8q4J3jJksZ5SW+qvkdpeGIl1GwBeHBlqBs9xjcRoZhdOZ 6\/QSor0RkbKaUUCQ9cLouSkIKCqVzDqecjOsIC4QdcXI6jP1MBQSdmsRylIa1KXC htxyBpB4sQc+wnEBiMy7dzPC9mBKb5Yc816jPTS54kfUZgvOsJNpe\/5GMDjyV5r8 MjNkyguEFC35fgNeTBXZFI\/JumQcWRt8A8myFv73ETUKRZ9\/\/tICclTO3uE6ZJD+ K6KohoYWRvj3dMrPPu\/PP2091ygwO2BRO4vEC3qIoIis4tR0X3jM\/HOtzARDXdVG 6k13CSQDq7zBj4zmHu4XVoaIA1mFpYuqYOR5hRMDhV5UTIEiKKDCh+YREaD6EEFE lB6cy4tuLnbcOdj7xphXkCh+tWUD+MVAPmBk\/EcDH1efKl8Iv4RK2UYRJyQi5nx\/ bhU621WlO8jQTs9yHWjkc4\/eJIzCPvmfZDFYpF+vSDQz9U\/X\/XhFfJQs0JCIBQgU \/ZLIdIrQiSylVsviQmQKfxLtO28YxvVYWZZwqVWwnviDF3XCWCin6FNSGOXRzchS cvTp+Srp5i3ON0I+ZlVI4JW7EccrjTQa+ZK\/1p1s06JhBbt8dlL8rgbbGBeJ\/L3w o878ZRq+LRjlCCwwS4xhSQJkOtd9sJ\/kzfOB+UIEkp6nGUmTjp9uC+Ca5T6EYn6Z a7AZyZrkW9gM0CFiBG\/aVTnE70bcTKxLwi4CppUGddyVBjY+7LcD9fPEtqujxr6z f+ARCuJpwlRa7PVdfKrOHOHppZfbnRObWFu7qjhIan02hm3lUiZ4ndVThcjsXVD+ c\/XEWVbqd1w1tGzJ2FJC8yLxCb4cY7H0Uoi8\/iq0vLs912Wi8Fe6J0f4\/3Mh1c\/y YgvIUNZi8keJhxONgBjKCRDrtn6LB\/\/VmBYfLlTY6G9rMoPrjDM4Q5DA60X7nUbI FyieUIV46KZhk1RrPKtvF8NhJhZcHHTlbd1yUCKRR58ygMwBuKtwvhTjvf\/dkm\/6 taBED4hhjPCJ\/1fF0zcYmcbAMzB6wY1+EHuUgPyOouvZvagTipJBe6o\/6R1gSCIE glNXmTozK4Gz1D42JnNog2O3p\/5NdCZ6vdiwQLNFHOM38z9OM6l0SXuxgEXBImoC tmRMbuM8ag+PtN8LnZGDDgv4ez7B1UQ5b0V7aZ6Dk5biU6YrGLAD6d\/7BN5MWgSL +ZoF7SUYJF\/E8FUy0i6ZLtMHnLEnlroCOH0D4p\/yJuCbgTKyrnn+taW6lNNKxaFT xERRRIaV+bdo07NkHpFTBYNy6biTR5Mht1uZmBZbDqDhCcP1uCJCTUUqSh5tMSNi AHajG40V+sJjDCvlOmbvd0rTK8XRMn4WAEnbHWoZx93GuZNMhQdLfsDRPKZshpTV &#8212;&#8211;END RSA PRIVATE KEY&#8212;&#8211;<\/p>\n<p>\u00a0<\/p>\n<p>Your VM is now setup and configured to enable deployment using the Team Services Copy Files Over SSH built-in deployment task.<\/p>\n<p>To learn more about the Copy Files Over SSH task, read the <strong><a href=\"https:\/\/blogs.msdn.microsoft.com\/visualstudioalm\/2016\/08\/18\/copy-files-over-ssh-during-continuous-integration-and-deployment\/\">announcement blog\u00a0<\/a><\/strong>and the <a href=\"https:\/\/youtu.be\/9R027dWJjqo\"><strong>how-to video<\/strong><\/a>.<\/p>\n<p>To use\u00a0Copy Files over SSH\u00a0with this server in Team Services, first, setup an SSH endpoint (using the SSH endpoint option) &#8211; make sure to use User Name &#8220;tcdeploy&#8221; (from step 2.1 above), the passphrase you chose in step 2.4 above, and cut-n-paste the entire RSA private key you generated in step 2.4 above into the Private key field:<\/p>\n<p><img decoding=\"async\" width=\"680\" height=\"610\" class=\"size-full wp-image-19527 aligncenter\" alt=\"SSH endpoint\" src=\"https:\/\/devblogs.microsoft.com\/devops\/wp-content\/uploads\/sites\/6\/2016\/08\/SSH-endpoint.png\" \/><\/p>\n<p>\u00a0<\/p>\n<p>Then create a build or release definition containing the Copy Files over SSH deployment task &#8211; make sure the\u00a0Target folder\u00a0is &#8220;\/var\/lib\/tomcat7\/webapps&#8221; to deploy to the Tomcat server:<\/p>\n<p><img decoding=\"async\" width=\"539\" height=\"460\" class=\"size-full wp-image-19555 aligncenter\" alt=\"scp upload\" src=\"https:\/\/devblogs.microsoft.com\/devops\/wp-content\/uploads\/sites\/6\/2016\/08\/scp-upload.png\" \/><\/p>\n<p>\u00a0<\/p>\n<h2>Option 3:\u00a0 Configure Tomcat Azure VM for Team Services Built-in FTP (ftps)\u00a0Upload Utility Task<\/h2>\n<p><span style=\"text-decoration: underline\">3.0<\/span>:\u00a0 ONLY IF you are proceeding here as a continuation from Option 2, make sure you have &#8220;exited&#8221; the shell for the tcdeploy account login:<\/p>\n<p><strong><em>exit<\/em><\/strong><\/p>\n<p><strong><em>whoami<\/em><\/strong><\/p>\n<p>The output of the whoami command should indicate you are the Username you initially selected when you setup the VM (not &#8216;tcdeploy&#8217;).<\/p>\n<p>\u00a0<\/p>\n<p><span style=\"text-decoration: underline\">SKIP<\/span> this first step <span style=\"text-decoration: underline\">IF<\/span> you already created the tcdeploy account as the first step in Option 2 (i.e. Step 2.1) above&#8230;<\/p>\n<p><span style=\"text-decoration: underline\">3.1:<\/span>\u00a0 Create an account (tcdeploy)\u00a0on the server with the same group ID as the Tomcat service to enable easier deployments into the Tomcat webapps directory:<\/p>\n<p><strong><em>sudo adduser &#8211;ingroup tomcat7 tcdeploy<\/em><\/strong><\/p>\n<p>(select a password and then hit enter to default other options\/parameters and then type &#8216;Y&#8217; when asked if the information is correct)<\/p>\n<p>You have now configured &#8220;tcdeploy&#8221; to be your ftps username and the password you entered in this step as your ftps password.<\/p>\n<p>\u00a0<\/p>\n<p><span style=\"text-decoration: underline\">3.2:\u00a0<\/span> Install the vsftp package (i.e. FTP):<\/p>\n<p><strong><em>sudo apt-get install -y vsftpd<\/em><\/strong><\/p>\n<p>\u00a0<\/p>\n<p><span style=\"text-decoration: underline\">3.3<\/span>:\u00a0 Generate an SSL self-signed certificate:<\/p>\n<p><strong><em>sudo openssl req -x509 -nodes -days 365 -newkey rsa:1024 -keyout \/etc\/ssl\/private\/vsftpd.pem -out \/etc\/ssl\/private\/vsftpd.pem<\/em><\/strong><\/p>\n<p>(answer all relevant questions when prompted as to your organization, name, etc.)<\/p>\n<p>You will use the new SSL certificate filename you just created in two locations (shown in red)\u00a0below when setting up the configuration file.<\/p>\n<p>\u00a0<\/p>\n<p><span style=\"text-decoration: underline\">3.4:<\/span>\u00a0 Edit the vsftpd configuration file \/etc\/vsftpd.conf\u00a0to ensure the following parameters are set in the file (e.g. sudo vi \/etc\/vsftpd.conf):<\/p>\n<p>(another option for this step 3.4 is to move the original \/etc\/vsftpd.conf file and then create a new one with the contents below).<\/p>\n<p><em>listen=NO<\/em><\/p>\n<p><em>listen_ipv6=YES<\/em><\/p>\n<p><em>anonymous_enable=NO<\/em><\/p>\n<p><em>local_enable=YES<\/em><\/p>\n<p><em>write_enable=YES<\/em><\/p>\n<p><em>local_umask=002 # this is different than the default 022<\/em><\/p>\n<p><em>dirmessage_enable=YES<\/em><\/p>\n<p><em>use_localtime=YES<\/em><\/p>\n<p><em>xferlog_enable=YES<\/em><\/p>\n<p><em>connect_from_port_20=YES<\/em><\/p>\n<p><em>xferlog_file=\/var\/log\/vsftpd.log<\/em><\/p>\n<p><em>ls_recurse_enable=YES<\/em><\/p>\n<p><em>secure_chroot_dir=\/var\/run\/vsftpd\/empty<\/em><\/p>\n<p><em>pam_service_name=vsftpd<\/em><\/p>\n<p><em># ftps\/ssl specific cofig stuff below this line<\/em><\/p>\n<p><em>rsa_cert_file<span style=\"color: #ff0000\">=\/etc\/ssl\/private\/vsftpd.pem<\/span><\/em><\/p>\n<p>*rsa_private_key_file<span style=\"color: #ff0000\">=\/etc\/ssl\/pr<\/span>**<span style=\"color: #ff0000\">ivate\/vsftpd.pem<\/span>*<\/p>\n<p><em>ssl_enable=YES<\/em><\/p>\n<p><em>allow_anon_ssl=NO<\/em><\/p>\n<p><em>force_local_data_ssl=YES<\/em><\/p>\n<p><em>force_local_logins_ssl=YES<\/em><\/p>\n<p><em>ssl_tlsv1=YES<\/em><\/p>\n<p><em>ssl_sslv2=NO<\/em><\/p>\n<p><em>ssl_sslv3=NO<\/em><\/p>\n<p><em>require_ssl_reuse=NO<\/em><\/p>\n<p><em>ssl_ciphers=HIGH<\/em><\/p>\n<p><em>debug_ssl=YES<\/em><\/p>\n<p><em>pasv_enable=YES<\/em><\/p>\n<p><em>pasv_address=<strong><span style=\"color: #ff0000\">168.61.54.109<\/span><\/strong><\/em><\/p>\n<p><em>pasv_min_port=13450<\/em><\/p>\n<p><em>pasv_max_port=13454<\/em><\/p>\n<p>\u00a0<\/p>\n<p>Make sure to use the path\/name of the self-signed certificate you created in step 3.3 above on the rsa_cert_file and ras_private_key_file lines in this config file.<\/p>\n<p>Make sure to use the public IP address of your VM on the pasv_address line in the config file.<\/p>\n<p>\u00a0<\/p>\n<p><span style=\"text-decoration: underline\">3.5:<\/span>\u00a0 Restart the ftp service:<\/p>\n<p><strong><em>sudo service vsftpd restart<\/em><\/strong><\/p>\n<p>\u00a0<\/p>\n<p><span style=\"text-decoration: underline\">3.6:<\/span>\u00a0 Open ports 13450-13454 on the Azure VM using a similar process to that used above as the final step (i.e. Step 0.10)\u00a0in setting up Tomcat on your server.<\/p>\n<p>Name the inbound security rule &#8220;default-allow-ftps&#8221; and set the allowed Destination port range to be 13450-13454 and specify &#8220;Any&#8221; protocol.<\/p>\n<p><span style=\"text-decoration: underline\">3.7:<\/span>\u00a0 Open port 21 as well using the inbound security rule name &#8220;default-allow-ftp&#8221; and set the Protocol to &#8220;TCP&#8221; and the Destination port range to 21.<\/p>\n<p>\u00a0<\/p>\n<p><span style=\"text-decoration: underline\">3.8:<\/span>\u00a0 To verify your system is configured correctly, use a tools such as FileZilla to connect to your server using ftps.\u00a0 You would specify the Host name of your VM, the username of &#8220;tcdeploy&#8221; and the password you used when creating the tcdeploy account above in the first step in this section.<\/p>\n<p>\u00a0<\/p>\n<p>Your VM is now setup and configured to enable deployment using the Team Services FTP Upload built-in utility task.<\/p>\n<p>To learn more about the FTP Upload task, read the <strong><span style=\"color: #ff6600\"><a href=\"https:\/\/blogs.msdn.microsoft.com\/visualstudioalm\/2016\/08\/18\/upload-files-with-ftp-ftps\/\"><span style=\"color: #000000\">announcement blog<\/span><\/a>\u00a0<\/span><\/strong>\u00a0and the <a href=\"https:\/\/youtu.be\/oPnVyXlku4I\"><span style=\"color: #000000\"><strong>how-to video<\/strong><\/span><\/a>.<\/p>\n<p>\u00a0<\/p>\n<p>To use ftps with this server in Team Services, first, setup an sftp endpoint (using the Generic endpoint option) &#8211; make sure to prefix the Server URL to your server with &#8220;ftps&#8221; to use secure ftp:<\/p>\n<p><img decoding=\"async\" width=\"547\" height=\"307\" class=\"size-full wp-image-19515 aligncenter\" alt=\"sftp endpoint\" src=\"https:\/\/devblogs.microsoft.com\/devops\/wp-content\/uploads\/sites\/6\/2016\/08\/sftp-endpoint.png\" \/><\/p>\n<p>Then create a build or release definition containing the FTP Upload utility task &#8211; make sure the Remote directory is &#8220;\/var\/lib\/tomcat7\/webapps&#8221; to deploy to the Tomcat server and also that the &#8220;Trust server certificate&#8221; Advanced option is selected so that your self-signed certificate (from step 3.3 above)\u00a0will be trusted:<\/p>\n<p><img decoding=\"async\" width=\"709\" height=\"522\" class=\"size-full wp-image-19525 aligncenter\" alt=\"ftps upload\" src=\"https:\/\/devblogs.microsoft.com\/devops\/wp-content\/uploads\/sites\/6\/2016\/08\/ftps-upload.png\" \/><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Visual Studio Team Services and Team Foundation Server (TFS)\u00a0now have at least three mechanisms (i.e. deployment and utility\u00a0tasks) for deploying to a Linux host or virtual machine (VM).\u00a0 This walkthrough will show specifically how to setup and configure an Ubuntu (v16) VM on Azure to run Tomcat and other necessary services to support three different [&hellip;]<\/p>\n","protected":false},"author":178,"featured_media":45953,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[224,253,226,1,225,249],"tags":[],"class_list":["post-19495","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-azure","category-azure-devops-server","category-ci","category-devops","category-git","category-open-source"],"acf":[],"blog_post_summary":"<p>Visual Studio Team Services and Team Foundation Server (TFS)\u00a0now have at least three mechanisms (i.e. deployment and utility\u00a0tasks) for deploying to a Linux host or virtual machine (VM).\u00a0 This walkthrough will show specifically how to setup and configure an Ubuntu (v16) VM on Azure to run Tomcat and other necessary services to support three different [&hellip;]<\/p>\n","_links":{"self":[{"href":"https:\/\/devblogs.microsoft.com\/devops\/wp-json\/wp\/v2\/posts\/19495","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/devblogs.microsoft.com\/devops\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/devblogs.microsoft.com\/devops\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/devops\/wp-json\/wp\/v2\/users\/178"}],"replies":[{"embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/devops\/wp-json\/wp\/v2\/comments?post=19495"}],"version-history":[{"count":0,"href":"https:\/\/devblogs.microsoft.com\/devops\/wp-json\/wp\/v2\/posts\/19495\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/devops\/wp-json\/wp\/v2\/media\/45953"}],"wp:attachment":[{"href":"https:\/\/devblogs.microsoft.com\/devops\/wp-json\/wp\/v2\/media?parent=19495"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/devops\/wp-json\/wp\/v2\/categories?post=19495"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/devops\/wp-json\/wp\/v2\/tags?post=19495"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}