Walkthrough: Deploying a new Sitecore environment to the Microsoft Azure App service

Current version: 9.0

Use this walkthrough to set up the right configuration for your solution, prepare the authentication certificate, configure an environment template, deploy a search provider and start provisioning.

This walkthrough describes how to:

Configure Sitecore

To configure Sitecore, you must use the right configuration to suit your Sitecore solution. Sitecore version 9.0 supports the following Sitecore configurations by default:

Configuration

Description

XP Single

This is the Sitecore Experience Platform configuration that runs:

Four Sitecore roles: Content DeliveryContent Management, Processing, and Reporting as a single WebApp instance.

Five xConnect roles: SearchCollectionReference DataMarketing Automation, and Marketing Automation Reporting as a single WebApp instance.

Use this configuration for development and testing. For security and scalability reasons, it is best practice to use the XM or XP configuration in production environments.

XP Scaled

This is the Sitecore Experience Platform configuration that runs:

Four Sitecore roles: Content DeliveryContent ManagementProcessing, and Reporting.

Five xConnect roles: SearchCollectionReference DataMarketing AutomationMarketing Automation Reporting.

Use this environment when you are planning a fully featured Sitecore Experience Platform installation.

XM Single

This is the Sitecore Experience Management configuration that runs the Content Delivery and Content Management roles as a single WebApp instance. Use this configuration for development and testing when you are not planning to use the Analytics and Marketing features of the Sitecore Experience Platform (that is, in CMS-only mode).

XM Scaled

This is the Sitecore Experience Management configuration that runs both the Content Delivery and Content Management roles. Use this environment when you are not planning to use the Analytics and Marketing features of the Sitecore Experience Platform (that is, in CMS-only mode).

xDB Single

This is the Sitecore Experience Database configuration that runs:

Two Sitecore roles: Processing and Reporting  as a single WebApp instance.

Five xConnect roles: SearchCollectionReference DataMarketing Automation, and Marketing Automation Reporting as a single WebApp instance.

Use this configuration for development and testing in combination with an on-prem Sitecore XM installation to provide the Experience Database features.

xDB Scaled

This is the Sitecore Experience Database configuration that runs:

Two Sitecore roles: Processing, and Reporting.

Five xConnect roles: SearchCollectionReference DataMarketing Automation, and Marketing Automation Reporting.

Use this environment in combination with an on-prem Sitecore XM installation to provide the Experience Database features.

When planning your topologies, and sizing as well as the type of environment you want to deploy, consult the Sitecore Azure Toolkit documentation on the Doc site.

Prepare the authentication certificate

To prepare the authentication certificate:

  1. Before starting a Sitecore 9.0 deployment, you must obtain or generate an authentication certificate and store it in PKCS #12 format (.pfx).

    Note

    XConnect requires client authentication certificates with a valid trust chain by default. Due to a limitation in the Azure App Service, a certificate can only have a valid trust chain if the root certificate for it is issued by a globally trusted Certificate Authority.

  2. If you use a self-signed certificate or a certificate issued by a private Certificate Authority, such as Active Directory Certificate Services, then you must set the allowInvalidClientCertificates parameter to true and extend the azuredeploy.parameters.json file with the following:

    RequestResponse
      "allowInvalidClientCertificates": {
          "value": true
        }

    More details on the parameters file and how to extend it are described in step 4 of the following section.

Download and configure an environment template

To download and configure the environment template for your planned Sitecore configuration:

  1. Go to the GitHub repository and locate the templates for your selected Sitecore configuration and version (for example, folder: Sitecore 9.0, subfolder: xp)

  2. In the relevant subfolder of your selected configuration and version, identify the azuredeploy.json file. This is the main ARM template that you use during the deployment process. Obtain the raw URL for this file from GitHub by selecting the file, then clicking Raw. The file opens in a new browser window. Copy the URL directly from the address bar and make a note of this for later use.

  3. In the relevant subfolder for your selected configuration and version, identify and download the azuredeploy.parameters.json file. To control the deployment process, the ARM templates use this file to pass parameters.

  4. Save the file locally and fill in the parameters within the file, according to the configuration that is described in the relevant table:

    XP Single

    Parameter

    Description

    location

    The geographical region of the current deployment.

    sqlServerLogin

    The name of the administrator account being created for Azure SQL server.

    sqlServerPassword

    The password for the administrator account being created for Azure SQL server.

    sitecoreAdminPassword

    The password for the administrator account for your instance of XP.

    singleMsDeployPackageUrl

    The HTTP(s) URL for a Sitecore XP Single Web Deployment package (WDP).

    xcSingleMsDeployPackageUrl

    The HTTP(s) URL for an XConnect Single WDP.

    authCertificateBlob

    A Base64-encoded blob of the authentication certificate in PKCS #12 format (.pfx). See the deployment command example in the next section for encoding instructions.

    authCertificatePassword

    The password for the authentication certificate.

    templateLinkAccessToken

    The access token for the nested infrastructure and application templates. For example, Azure Storage Explorer can generate a SAS token for you to access the location where the templates were uploaded.

    XP Scaled

    Parameter

    Description

    location

    The geographical region of the current deployment.

    sqlServerLogin

    The name of the administrator account being created for Azure SQL server.

    sqlServerPassword

    The password for the administrator account being created for Azure SQL server.

    sitecoreAdminPassword

    The password for the administrator account for your instance of XP.

    repAuthenticationApiKey

    A unique value, for example, a GUID, which is used to authenticate when communicating from Content Management role to the Reporting Web App. The minimum length required is 32 characters.

    cmMsDeployPackageUrl

    The HTTP(s) URL for a Sitecore XP Content Management Web Deploy package (WDP).

    cdMsDeployPackageUrl

    The HTTP(s) URL for a Sitecore XP Content Delivery WDP.

    prcMsDeployPackageUrl

    The HTTP(s) URL for a Sitecore XP Processing WDP.

    repMsDeployPackageUrl

    The HTTP(s) URL for a Sitecore XP Reporting WDP.

    xcRefDataMsDeployPackageUrl

    The HTTP(s) URL for an XConnect Reference Data service WDP.

    xcCollectMsDeployPackageUrl

    The HTTP(s) URL for an XConnect Collection service WDP.

    xcSearchMsDeployPackageUrl

    The HTTP(s) URL for an XConnect Collection Search service WDP.

    maOpsMsDeployPackageUrl

    The HTTP(s) URL for a Marketing Automation service WDP.

    maRepMsDeployPackageUrl

    The HTTP(s) URL for a Marketing Automation Reporting service WDP.

    authCertificateBlob

    A Base64-encoded blob of the authentication certificate in PKCS #12 format (.pfx). See the deployment command example in the next section for encoding instructions.

    authCertificatePassword

    The password for the authentication certificate.

    templateLinkAccessToken

    The access token for the nested infrastructure and application templates. For example, Azure Storage Explorer can generate a SAS token for you to access the location where the templates were uploaded.

    XM Single

    Parameter

    Description

    location

    The geographical region of the current deployment.

    sqlServerLogin

    The name of the administrator account being created for Azure SQL server.

    sqlServerPassword

    The password for the administrator account being created for Azure SQL server.

    sitecoreAdminPassword

    The password for the administrator account for your instance of XM.

    singleMsDeployPackageUrl

    The HTTP(s) URL for a Sitecore XM Single deployment package (WDP).

    authCertificateBlob

    A Base64-encoded blob of the authentication certificate in PKCS #12 format (.pfx). See the deployment command example in the next section for encoding instructions.

    authCertificatePassword

    The password for the authentication certificate.

    templateLinkAccessToken

    The access token for the nested infrastructure and application templates. For example, Azure Storage Explorer can generate a SAS token for you to access the location where the templates were uploaded.

    XM Scaled

    Parameter

    Description

    location

    The geographical region of the current deployment.

    sqlServerLogin

    The name of the administrator account being created for Azure SQL server.

    sqlServerPassword

    The password for the administrator account being created for Azure SQL server.

    sitecoreAdminPassword

    The password for the administrator account for your instance of XM.

    cmMsDeployPackageUrl

    The HTTP(s) URL to a Sitecore XM Content Management deployment package (WDP).

    cdMsDeployPackageUrl

    The HTTP(s) URL for a Sitecore XM Content Delivery WDP.

    authCertificateBlob

    A Base64-encoded blob of the authentication certificate in PKCS #12 format (.pfx). See the deployment command example in the next section for encoding instructions.

    authCertificatePassword

    The password for the authentication certificate.

    templateLinkAccessToken

    The access token for the nested infrastructure and application templates. For example, Azure Storage Explorer can generate a SAS token for you to access the location where the templates were uploaded.

    xDB Single

    Parameter

    Description

    location

    The geographical region of the current deployment.

    sqlServerLogin

    The name of the administrator account being created for Azure SQL server.

    sqlServerPassword

    The password for the administrator account being created for Azure SQL server.

    sitecoreAdminPassword

    The password for the administrator account for your instance of XP.

    singleMsDeployPackageUrl

    The HTTP(s) URL for a Sitecore xDB Single Web Deployment package (WDP).

    xcSingleMsDeployPackageUrl

    The HTTP(s) URL for an XConnect Single (WDP).

    authCertificateBlob

    A Base64-encoded blob of the authentication certificate in PKCS #12 format (.pfx). See the deployment command example in the next section for encoding instructions.

    authCertificatePassword

    The password for the authentication certificate.

    templateLinkAccessToken

    The access token for the nested infrastructure and application templates. For example, Azure Storage Explorer can generate a SAS token for you to access the location where the templates were uploaded.

    xDB Scaled

    Parameter

    Description

    location

    The geographical region of the current deployment.

    sqlServerLogin

    The name of the administrator account being created for Azure SQL server.

    sqlServerPassword

    The password for the administrator account being created for Azure SQL server.

    sitecoreAdminPassword

    The password for the administrator account for your instance of XP.

    repAuthenticationApiKey

    A unique value, for example, a GUID, which is used to authenticate when communicating from Content Management role to the Reporting Web App. The minimum length required is 32 characters.

    prcMsDeployPackageUrl

    The HTTP(s) URL for a Sitecore xDB Processing WDP.

    repMsDeployPackageUrl

    The HTTP(s) URL for a Sitecore xDB Reporting WDP.

    xcRefDataMsDeployPackageUrl

    The HTTP(s) URL for an XConnect Reference Data service WDP.

    xcCollectMsDeployPackageUrl

    The HTTP(s) URL for an XConnect Collection service WDP.

    xcSearchMsDeployPackageUrl

    The HTTP(s) URL for an XConnect Collection Search service WDP.

    maOpsMsDeployPackageUrl

    The HTTP(s) URL for a Marketing Automation service WDP.

    maRepMsDeployPackageUrl

    The HTTP(s) URL for a Marketing Automation Reporting service WDP.

    authCertificateBlob

    A Base64-encoded blob of the authentication certificate in PKCS #12 format (.pfx). See the deployment command example in the next section for encoding instructions.

    authCertificatePassword

    The password for the authentication certificate.

    templateLinkAccessToken

    The access token for the nested infrastructure and application templates. For example, Azure Storage Explorer can generate a SAS token for you to access the location where the templates were uploaded.

  5. Optionally, you can also append additional parameters to the azuredeploy.parameters.json file by extending it with any parameter declared in azuredeploy.json. The README.md file in the root folder for each Sitecore environment configuration gives additional information.

  6. You can override the default “Extra Small” value of the sitecoreSKU parameter for any scaled topology (XP, XM, xDB), and change it to "Small", "Medium", "Large" and "Extra Large". For example, to change it to Medium, use the following:

    RequestResponse
     "sitecoreSKU": {
          "value": "Medium"
        }

Deploy with Solr as a search provider (only applies to 9.0.2 and later)

Azure Cognitive Search is the default provider for Azure deployments. From version 9.0.2 and later, you can choose to use Solr as an alternative to Azure Cognitive Search. The Solr server is not provisioned by an ARM template, therefore, after deploying to Azure, you must manually create a template and populate it with with Solr cores.

To use the Solr server when the Azure Cognitive Search resource is not being provisioned, pass the parameters in the following tables:

XM Scaled and XM Single

Parameter

Description

solrConnectionString

The connection string to the existing Solr server that passes to the Sitecore Platform roles.

XP Scaled

Parameter

Description

solrConnectionString

The connection string to the existing Solr server that passes to the Sitecore Platform roles.

xcSearchMsDeployPackageUrl

A blob storage (HTTPS) URL to the Solr XConnect Search web deploy package.

xcSolrConnectionString

(Optional) The connection string to your existing Solr server that passes to the  XConnect roles. If you do not specify the parameter, the default value is: solrConnectionString.

XP Single

Parameter

Description

solrConnectionString

The connection string to an existing Solr server that passes to the Sitecore Platform roles.

xcSolrConnectionString

(Optional) The connection string to your existing Solr server that passes to the XConnect roles. If you do not specify the parameter, the default value is: solrConnectionString.

xcSingleMsDeployPackageUrl

The HTTP(s) URL to a Solr XConnect Single web deploy package.

xDB Scaled

Parameter

Description

xcsolrConnectionString

The connection string to the existing Solr server that passes to the XConnect roles. If you do not specify the parameter, the default value is: solrConnectionString.

xcSearchMsDeployPackageUrl

A HTTPS URL to the Solr XConnect Search web deploy package. 

xDB Single

Parameter

Description

xcsolrConnectionString

The connection string to the existing Solr server that passes to the XConnect roles.

xcSingleMsDeployPackageUrl

The HTTP(s) URL to a Solr XConnect Single web deploy package.

Invoke the deployment command and start provisioning

To invoke the PowerShell command and initiate provisioning:

Note

If you use SAT version 2.5, refer to this section: Invole the deployment command and start provisioning if using SAT 2.5

  1. In PowerShell, in the Sitecore Azure Toolkit folder, load the Sitecore Azure Toolkit module: Import-Module .\tools\Sitecore.Cloud.Cmdlets.psm1.

  2. Add the following Azure account to your PowerShell session: Add-AzureRMAccount.

  3. If you have access to multiple subscriptions, select the subscription that you want to deploy to: Set-AzureRMContext -SubscriptionName "<name of the subscription>".

  4. Start provisioning by using the Start-SitecoreAzureDeployment commandlet:

    Start-SitecoreAzureDeployment [-location] <String> [-Name] <String> [-ArmTemplateUrl] <String> [-ArmParametersPath] <String> [-LicenseXmlPath] <String>; [-SetKeyValue] <Hashtable>

    The Start-SitecoreAzureDeployment commandlet accepts the following parameters:

    Parameter

    Description

    Location

    The name of the Azure datacenter where you want the resources deployed. The Azure datacenter compatibility table lists the Microsoft Azure datacenters that the Sitecore Experience Platform supports deployment to.

    Name

    The name of the resource group for the new environment. It can refer to a new or an existing resource group, and is usually the same as the deployment ID.

    ArmTemplateUrl

    The URL of the ARM template file for the environment configuration that you want to deploy. It points to the HTTP(S) location that is hosting the templates.

    If you are pointing to GitHub, use raw links, for example: https://raw.githubusercontent.com/Sitecore/Sitecore-Azure-Quickstart-Templates/master/Sitecore%209.0.0/xp/azuredeploy.json

    Note

    For nested templates to work, you must deploy them to storage available for the Azure ARM engine.

    ArmParametersPath

    The path to the populated azuredeploy.parameters.json file for the template that you selected.

    LicenseXmlPath

    The path to the Sitecore license file that you want to deploy to the environment.

    SetKeyValue

    A dictionary of environment-specific parameters that are in addition to the parameters in the azuredeploy.parameters.json file. You can use this to pass the client authentication certificate while encoding it to Base64, as shown in the following full script example. This ensures it meets the parameters requirement.

    Full script example:

    RequestResponse
    $SCSDK="Path to Sitecore Azure Toolkit"
    $SCTemplates="https://raw.githubusercontent.com/Sitecore/Sitecore-Azure-Quickstart-Templates/master/Sitecore%209.0/xp/"
    $DeploymentId = "Deployment ID"
    $LicenseFile = "Path to the Sitecore license.xml file"
    $SubscriptionId = "Microsoft Azure SubscriptionId"
    $Location="Target location of deployment"
    $ParamFile="Path to filled-in azuredeploy.parameters.json file"
    $Parameters = @{
         #set the size of all recommended instance sizes   
         "sitecoreSKU"="Medium";
         #by default this installs azuresearch
         #if you uncomment the following it will use an existing solr connectionstring that
         # you have created instead of using AzureSearch
         #"solrConnectionString"= "https://myinstancesomewhere/solr";
    }
    Import-Module $SCSDK\tools\Sitecore.Cloud.Cmdlets.psm1
    Add-AzureRMAccount
    Set-AzureRMContext -SubscriptionId $SubscriptionId
    Start-SitecoreAzureDeployment -Name $DeploymentId -Location $Location -ArmTemplateUrl "$SCTemplates/azuredeploy.json"  -ArmParametersPath $ParamFile  -LicenseXmlPath $LicenseFile  -SetKeyValue $Parameters
  5. Run the script and wait while the environment fully provisions.

Invoke the deployment command and start provisioning using SAT 2.5

If you use SAT version 2.5, you must follow a slightly different procedure to initiate provisioning:

  1. Import the required module Az.Accounts: Import-Module Az.Accounts.

  2. Connect the following Azure account to your PowerShell session: Connect-AzAccount.

  3. If you have access to multiple subscriptions, select the subscription that you want to deploy to: Set-AzContext -SubscriptionId "id of the subscription".

  4. Start provisioning by using the Start-SitecoreAzureDeployment commandlet:

    Start-SitecoreAzureDeployment [-location] <String> [-Name] <String> [-ArmTemplateUrl] <String> [-ArmParametersPath] <String> [-LicenseXmlPath] <String>; [-SetKeyValue] <Hashtable>

    Full script example:

    RequestResponse
    $SCSDK="Path to Sitecore Azure Toolkit"
    $SCTemplates="https://raw.githubusercontent.com/Sitecore/Sitecore-Azure-Quickstart-Templates/master/Sitecore%209.0/xp/"
    $DeploymentId = "Deployment ID"
    $LicenseFile = "Path to the Sitecore license.xml file"
    $SubscriptionId = "Microsoft Azure SubscriptionId"
    $Location="Target location of deployment"
    $ParamFile="Path to filled-in azuredeploy.parameters.json file"
    $Parameters = @{
         #set the size of all recommended instance sizes   
         "sitecoreSKU"="Medium";
         #by default this installs azuresearch
         #if you uncomment the following it will use an existing solr connectionstring that
         # you have created instead of using AzureSearch
         #"solrConnectionString"= "https://myinstancesomewhere/solr";
    }
    Import-Module $SCSDK\tools\Sitecore.Cloud.Cmdlets.psm1
     Import-Module Az.Accounts
           Connect-AzAccount
           Set-AzContext -SubscriptionId $SubscriptionId
    Start-SitecoreAzureDeployment -Name $DeploymentId -Location $Location -ArmTemplateUrl "$SCTemplates/azuredeploy.json"  -ArmParametersPath $ParamFile  -LicenseXmlPath $LicenseFile  -SetKeyValue $Parameters
  5. Run the script and wait while the environment fully provisions.

Do you have some feedback for us?

If you have suggestions for improving this article,