Frequently Asked Questions for Microsoft Azure

How to connect to the server through SSH?

The first step is to ensure that you have the SSH credentials for your server.

  • If you are using the Bitnami Launchpad for Microsoft Azure, obtain the server's IP address and SSH username and password from the Launchpad detail page for your server.

    SSH credentials

  • If you are using the Azure Marketplace, you will have been presented with a choice of using either an SSH password or an SSH key pair at the time of deploying the server.

    SSH deployment

    Depending on which option you selected, you should have either the SSH username and password, or the SSH username and corresponding SSH private key in .ppk format (for Windows) or in .pem format (for Linux and Mac OS X).

Then, depending on your platform, follow the instructions below:

Using a Password

Windows

The easiest way to log in to your server is with PuTTY, a free SSH client for Windows and UNIX platforms.

  • Download the PuTTY ZIP archive from its website.
  • Extract the contents to a folder on your desktop.
  • Double-click the putty.exe file to bring up the PuTTY configuration window.
  • Enter the IP address of your server into the "Host Name (or IP address)" field, as well as into the "Saved Sessions" field.
  • Click "Save" to save the new session so you can reuse it later. PuTTY configuration
  • In the "Connection -> Data" section, enter the server username into the "Auto-login username" field. PuTTY configuration
  • Go back to the "Session" section and save your changes by clicking the "Save" button.
  • Click the "Open" button to open an SSH session to the server.
  • PuTTY will first ask you to confirm the server's host key and add it to the cache. Go ahead and click "Yes" to this request (learn more). PuTTY connection
  • PuTTY will prompt for your server password now. Enter this password.

You should now be logged in to your server.

Linux and Mac OS X

Linux and Mac OS X come bundled with SSH clients by default.

  • Open a new terminal window on your local system (for example, using "Finder -> Applications -> Utilities -> Terminal" in Mac OS X or the Dash in Ubuntu).

  • Connect to the server using the command below:

      $ ssh USERNAME@100.101.102.103
    

    Remember to replace USERNAME with the server username, and 100.101.102.103 with the public IP address or hostname of your server.

  • Your SSH client might ask you to confirm the server's host key and add it to the cache before connecting. Accept this request by typing or selecting "Yes" (learn more).
  • PuTTY will prompt for your server password now. Enter this password.

You should now be logged in to your server.

Using an SSH Key

Windows

The easiest way to log in to your server is with PuTTY, a free SSH client for Windows and UNIX platforms.

  • Download the PuTTY ZIP archive from its website.
  • Extract the contents to a folder on your desktop.
  • Double-click the putty.exe file to bring up the PuTTY configuration window.
  • Enter the IP address of your server into the "Host Name (or IP address)" field, as well as into the "Saved Sessions" field.
  • Click "Save" to save the new session so you can reuse it later. PuTTY configuration
  • In the "Connection -> SSH -> Auth" section, select your private key file (.ppk). PuTTY configuration
  • In the "Connection -> Data" section, enter the server username into the "Auto-login username" field. PuTTY configuration
  • Go back to the "Session" section and save your changes by clicking the "Save" button.
  • Click the "Open" button to open an SSH session to the server.
  • PuTTY will first ask you to confirm the server's host key and add it to the cache. Go ahead and click "Yes" to this request (learn more). PuTTY connection

You should now be logged in to your server.

Linux and Mac OS X

Linux and Mac OS X come bundled with SSH clients by default.

  • Set the permissions for your private key file to 0600 using a command like the one below:

     $ chmod 600 KEYFILE
    
  • Open a new terminal window on your local system (for example, using "Finder -> Applications -> Utilities -> Terminal" in Mac OS X or the Dash in Ubuntu).

  • Connect to the server using the command below:

      $ ssh -i KEYFILE USERNAME@100.101.102.103
    

    Remember to replace KEYFILE in the previous commands with the path to your private key file (.pem), USERNAME with the server username, and 100.101.102.103 with the public IP address or hostname of your server.

  • Your SSH client might ask you to confirm the server's host key and add it to the cache before connecting. Accept this request by typing or selecting "Yes" (learn more).

You should now be logged in to your server.

How to remove storage containers used by Bitnami applications?

When you deploy a Bitnami application on Microsoft Azure using the Bitnami Launchpad for Microsoft Azure, the Bitnami Launchpad creates a virtual machine and associated resources, including a storage container and virtual disk image. If you later decide to remove the Bitnami application, you may encounter errors when deleting the storage container such as "Failed to delete storage account" or "Unable to delete storage account".

Microsoft Azure supports launching virtual machines following two approaches: using the new Azure Resource Manager or using the "classic" approach. Images launched using the Bitnami Launchpad for Microsoft Azure use the "classic" approach. Even though the Azure Portal has views for showing all the "classic" resources, it does not show all of them. Therefore, there may be some virtual disk images that are still attached to your storage container but not visible in the Azure Portal, and these images will block deletion of the storage container.

To resolve this issue, follow the steps below:

  • Log in to the older version of the Azure Console using the same account credentials you use for the Azure Portal.
  • Select the "Virtual Machines" menu item.
  • Select the "Images" tab.

    Disk images

  • Delete any leftover disk images corresponding to the Bitnami application you removed.

Once the leftover disk images are removed, you should also be able to remove the storage container using the Azure Portal.

How to access a server using an SSH tunnel?

Bitnami strongly discourages you from opening server ports apart from those defined by default. In case you need to access a server on a specific port remotely, Bitnami recommends creating an SSH tunnel instead of opening the port in the server firewall.

Depending on your operating system, follow these instructions to create an SSH tunnel and ensure secure access to the application.

IMPORTANT: Before following the steps below, ensure that your application server is running.

Windows

To access the server on a specific port using an SSH tunnel, follow the steps below.

  • Download PuTTY and make sure you can log in to the server console with it following the instructions in the FAQ. Once you have confirmed you are able to log in successfully, log back out.

  • Reconnect to the server using PuTTY, this time adapting the steps to include an additional SSH tunnel. When configuring the new SSH session in PuTTY, additionally navigate to the "Connection -> SSH -> Tunnels" section and create a secure tunnel by forwarding a port (the "destination port") on the remote server to a port (the "source port") on the local host (127.0.0.1 or localhost).

  • Click the "Add" button to add the secure tunnel configuration to the session. An example of configuring an SSH tunnel between remote port 80 and local port 8888 is displayed below.

    PuTTY safe tunneling

  • Go back to the "Session" section and save your changes by clicking the "Save" button.

  • Click the "Open" button to open an SSH session to the server. The SSH session will now include a secure SSH tunnel between the two specified ports.

While the tunnel is active, you should be able to access the application through the secure SSH tunnel you created, by browsing to http://127.0.0.1:PORT/ or http://localhost:PORT/. Remember to replace PORT with the source port number specified.

Linux and Mac OS X

To access the server on a specific port using an SSH tunnel, follow the steps below.

  • Open a new terminal window on your local system (for example, using "Finder -> Applications -> Utilities -> Terminal" in Mac OS X or the Dash in Ubuntu).

  • Make sure you can log in to the server console following the instructions in the FAQ. Once you have confirmed you are able to log in successfully, log back out.

  • Run the following command to configure the SSH tunnel. Remember that LOCAL-PORT, REMOTE-PORT, USERNAME and SERVER-IP are placeholders for local port number, remote port number, server SSH username and remote server IP address, respectively and should be replaced with correct values. Enter your SSH password when prompted.

     $ ssh -N -L LOCAL-PORT:127.0.0.1:REMOTE-PORT USERNAME@SERVER-IP
    

    If you are using a private key to connect to the server, use the following command instead, remembering to replace KEYFILE with the path to your private key:

     $ ssh -N -L LOCAL-PORT:127.0.0.1:REMOTE-PORT -i KEYFILE USERNAME@SERVER-IP
    
    NOTE: If successful, the above commands will create an SSH tunnel but will not display any output on the server console.

While the tunnel is active, you should be able to access the server through the secure SSH tunnel you created, by browsing to http://127.0.0.1:LOCAL-PORT. Remember to replace LOCAL-PORT with the local port number specified.

What is the directory structure?

The installation process will create several sub-directories under the /opt/bitnami directory:

  • Servers and related tools: apache2/, mysql/, postgresql/, apache-tomcat/, etc.
  • Languages: php/, python/, ruby/, tcl/, etc.
  • Application files: apps/phpMyAdmin/, apps/drupal/, apps/joomla/, apps/redmine/, etc.
  • Common libraries: common/
  • Licenses of the components included in the stack: licenses/

Application files are stored in the /opt/bitnami/apps/APPNAME/htdocs directory. The configuration file for the Apache Web server is stored in the /opt/bitnami/apps/APPNAME/conf/ directory.

What is a Bitnami image?

A Bitnami image includes everything you need to run your Bitnami-packaged application of choice. The installation and configuration of all of the software included in the stack is completely automated, making it easy for everyone, including those who are not very technical, to get them up and running.

All Bitnami images are completely self-contained and run independently of the rest of the software or libraries installed on your system. This means that you don't have to worry about installing any other software on your system to make the new application work. They also won't interfere with any software already installed on the system, so everything will continue to work normally.

How to start or stop the servers?

Each Bitnami stack includes a control script that lets you easily stop, start and restart servers. The script is located at /opt/bitnami/ctlscript.sh. Call it without any service name arguments to start all services:

$ sudo /opt/bitnami/ctlscript.sh start

Or use it to restart a single service, by passing the service name as argument. For example, if the stack uses the Apache Web server, use the command below to restart it:

$ sudo /opt/bitnami/ctlscript.sh restart apache

Or, if the stack uses the Nginx server, use the command below to restart it:

$ sudo /opt/bitnami/ctlscript.sh restart nginx

Use this script to stop all services:

$ sudo /opt/bitnami/ctlscript.sh stop

Restart the services by running the script without any arguments:

$ sudo /opt/bitnami/ctlscript.sh restart

Obtain a list of available services and operations by running the script without any arguments:

$ sudo /opt/bitnami/ctlscript.sh  

How to find application credentials?

Using the Azure Marketplace

  • The application username is specified on the Bitnami information page for the application. Browse to the server's public IP address to access your application, and click the Bitnami badge on the bottom right corner of the page.

    Application credentials

    The resulting page shows the application username.

    Application credentials

    In case the Bitnami badge is not present, you can also obtain the application username from the application page in our documentation.

    If you started a server (for example, MongoDB or similar) that isn't a Web application server, you can use the default administrator user to log in to the database (for example, root). You can find more information for each specific server in our documentation.

  • The application password is randomly generated during the first boot. This password can be viewed as follows:

    • Log in to the Microsoft Azure management console.

    • Click the "Virtual machines" icon in the toolbar and select your server from the resulting list.

    • In the "Support + Troubleshooting" menu, select the "Boot diagnostics" option.

      Application credentials

    • Review the system log until you find the application password.

      Application credentials

      IMPORTANT: This password is only shown the first time you start the image. Please save your password in a safe place. We also recommend changing it in your application to a different value.

Using the Bitnami Launchpad

Your default credentials become available once you create a cloud server. To find them, follow these steps:

  • Browse to the Bitnami Launchpad for Microsoft Azure and sign in if required using your Bitnami account.

  • Select the "Virtual Machines" menu item.

  • Select your cloud server from the resulting list.

  • The "Application Info" section in the left panel contains the credentials for your instance. The password is hidden by default but will be displayed in plain text when the "Show" button, adjacent to the password input, is clicked.

    Server credentials

How to block a suspicious IP address?

If you have detected an IP address that is collapsing your server or just making suspicious requests, block it using iptables. To do this, run the following command:

$ sudo su
$ iptables -A INPUT -s 1.2.3.4 -j DROP

Remember to replace 1.2.3.4 with the IP address you want to block.

IMPORTANT: Use with caution. If you don't specify an IP address, you will block yourself.

This will block all requests from that IP address. To have your iptables rules active even after rebooting the server, follow these steps:

  • Execute these commands:

     $ sudo su
     $ iptables-save > /opt/bitnami/iptables-rules
     $ crontab -e
    
  • Edit the above file with your favourite editor and include this line at the end of the file:

     @reboot /sbin/iptables-restore < /opt/bitnami/iptables-rules
    
  • Save the file and exit.

Now, on every boot, the system will load and apply the iptables rules.

To delete a rule, run the following command:

$ sudo su
$ iptables -D INPUT -s 1.2.3.4 -j DROP

This will delete the rule. Remember to replace 1.2.3.4 with a valid IP address.

Rerun the iptables-save command shown previously to make the new rules active even after rebooting the server.

How to open the server ports for remote access?

NOTE: The steps below use the newer version of the Azure management console.

By default, Microsoft Azure cloud servers have some or all of their ports closed to secure them against external attacks. In some cases, ports needed for specific applications to operate properly are also left open by default.

If you need to access your server remotely using a different port, you must first open the necessary port(s) using the Azure Console.

NOTE: For servers launched through the Bitnami Launchpad for Microsoft Azure, select the cloud server you wish to modify in the Bitnami Launchpad and click the "Manage in the Azure Console" button to access the Microsoft Azure management console.

To open other ports for remote access, follow these steps:

  • Using the "Virtual machines (classic)" menu, find your server in the list using the name and select it.

  • Click the "Settings" button for the server in the toolbar.

    Azure firewall configuration

  • Select the "Endpoints" menu item for the server.

  • On the "Endpoints" page, click the "Add" button.

  • Enter a name for the new endpoint and specify the port number in the "Public port" and "Private port" fields. As an example, review the image below which demonstrates opening port 21 for FTP access.

    Azure firewall configuration

  • Click "OK" to save your changes. Your new firewall rule will come into effect immediately.

    Azure firewall configuration

How to close the server ports and deny remote access?

NOTE: The steps below use the newer version of the Azure management console.
NOTE: For servers launched through the Bitnami Launchpad for Microsoft Azure, select the cloud server you wish to modify in the Bitnami Launchpad and click the "Manage in the Azure Console" button to access the Microsoft Azure management console.

To close a server port and deny remote access on that port, follow these steps:

  • Using the "Virtual machines (classic)" menu, find your server in the list using the name and select it.

  • Click the "Settings" button for the server in the toolbar.

    Azure firewall configuration

  • Select the "Endpoints" menu item for the server.

  • On the "Endpoints" page, find the endpoint(s) you wish to close. Select them and, on each endpoint's detail page, click the "Delete" button. The changes will come into effect immediately.

    Azure firewall configuration

How to upload files to the server with SFTP?

NOTE: Bitnami applications can be found in /opt/bitnami/apps.

First, obtain your SSH credentials by following these steps:

  • Browse to the Bitnami Launchpad for Microsoft Azure and sign in if required using your Bitnami account.
  • Select the "Virtual Machines" menu item.
  • Select your cloud server from the resulting list.
  • Note the server IP address and SSH credentials on the resulting page.

    SSH credentials

Although you can use any SFTP/SCP client to transfer files to your server, this guide documents FileZilla (Windows, Linux and Mac OS X), WinSCP (Windows) and Cyberduck (Mac OS X).

Using a Password

Once you have your server's SSH credentials, choose your preferred application and follow the steps below to connect to the server using SFTP.

FileZilla

Follow these steps:

  • Download and install FileZilla.
  • Launch FileZilla and use the "File -> Site Manager -> New Site" command to bring up the FileZilla Site Manager, where you can set up a connection to your server.
  • Enter your server host name.
  • Select "SFTP" as the protocol and "Ask for password" as the logon type. Use bitnami as the server username and the password generated during the server deployment process. FileZilla configuration
  • Use the "Connect" button to connect to the server and begin an SFTP session. You might need to accept the server key, by clicking "Yes" or "OK" to proceed.

You should now be logged into the /home/bitnami directory on the server. You can now transfer files by dragging and dropping them from the local server window to the remote server window.

If you have problems accessing your server, get extra information by use the "Edit -> Settings -> Debug" menu to activate FileZilla's debug log.

FileZilla debug log

WinSCP

Follow these steps:

  • Download and install WinSCP.
  • Launch WinSCP and in the "Session" panel, select "SFTP" as the file protocol.
  • Enter your server host name and set bitnami as the server username. WinSCP configuration
  • From the "Session" panel, use the "Login" button to connect to the server and begin an SCP session. Enter the password when prompted. WinSCP configuration

You should now be logged into the /home/bitnami directory on the server. You can now transfer files by dragging and dropping them from the local server window to the remote server window.

Cyberduck

Follow these steps:

  • Select the "Open Connection" command and specify "SFTP" as the connection protocol. Cyberduck configuration

  • In the connection details panel, enter the server IP address, bitnami as the username, and the password generated during the deployment process. Cyberduck configuration

  • Use the "Connect" button to connect to the server and begin an SFTP session.

You should now be logged into the /home/bitnami directory on the server. You can now transfer files by dragging and dropping them from the local server window to the remote server window.

What is the Bitnami Vault?

The Bitnami Vault is a secure password storage area associated with your Bitnami account. It stores all your Launchpad passwords (needed to deploy or manage servers from the various Bitnami Launchpads).

To use it, log in to your Bitnami account once. Once logged in, you can gain access to one or more Launchpads simply by providing the corresponding Bitnami Vault password as needed.

How to configure your application to use a third-party SMTP service for outgoing email?

Bitnami applications can be configured to use a third-party SMTP service for outgoing email. Examples of such third-party SMTP services are SendGrid and Mandrill. Instructions for using both these are provided below.

SendGrid

SendGrid's SMTP service can be accessed using your SendGrid account credentials. These credentials can be obtained by logging in to the SendGrid website and visiting the "Account Details" page.

SendGrid configuration

To configure your application to send email through SendGrid's SMTP service, use the settings below. Replace USERNAME with your SendGrid account username and PASSWORD with your SendGrid account password.

  • SMTP host: smtp.sendgrid.net
  • SMTP port: 25 or 587 for unencrypted/TLS email, 465 for SSL-encrypted email
  • SMTP username: USERNAME
  • SMTP password: PASSWORD

Here's an example of configuring WordPress to use SendGrid:

WordPress with SendGrid

More information is available in the SendGrid documentation.

Mandrill

Mandrill's SMTP service requires an API key for access. To obtain this key, log in to the Mandrill website, navigate to the "SMTP & API" section and create an API key. Note the SMTP server name, username and API key, as these serve as your credentials for accessing the Mandrill SMTP server.

Mandrill configuration

To configure your application to send email through Mandrill's SMTP service, use the settings below. Replace USERNAME with your SMTP username and API-KEY with the generated API key.

  • SMTP host: smtp.mandrillapp.com
  • SMTP port: 25, 587 or 2525 for unencrypted/TLS email, 465 for SSL-encrypted email
  • SMTP username: USERNAME
  • SMTP password: API-KEY

Here's an example of configuring WordPress to use Mandrill:

WordPress with Mandrill

More information is available in the Mandrill documentation.

Similar steps can be followed for other third-party SMTP services as well. Consult your service provider's documentation to obtain details on authentication credentials and available ports.

Does Bitnami collect any data from deployed Bitnami stacks?

Yes. Bitnami cloud images and virtual machines include a small agent that starts on boot and collects a few pieces of information about the system. For users of Bitnami Virtual Machine Images, Cloud Templates, and Container Images we may also collect information from downloaded, pulled or deployed images or instances, such as the instance type, IP address and operating system version or the Bitnami account used to launch the image in order to improve our product offerings.

We encourage you to leave this tracking on, but if you would like to turn it off, you can comment out or delete the following line in the /etc/crontab file:

X * * * * bitnami cd /opt/bitnami/stats && ./agent.bin --run -D

(where X is a random number for each instance generated at the boot time)

Our complete privacy policy is available online. If you have any questions, please feel free to contact us at hello@bitnami.com.

What does the SSH warning 'REMOTE HOST IDENTIFICATION HAS CHANGED' mean?

This warning is normal when trying to connect to the same IP address but a different machine - for instance, when you assign the same static IP address to another server. You can fix the problem by removing the IP address that you are trying to connect to from your ~/.ssh/known_hosts file.

If you use PuTTY, the SSH key mismatch warning looks like the image below:

SSH warning

In this case, click "Yes" if you know the reason for the key mismatch (IP address reassigned to another server, machine replaced, and so on).