Frequently Asked Questions for Microsoft Azure

How to connect to the server through SSH?

Obtaining your SSH credentials for your client

Obtaining your SSH credentials from the Bitnami Launchpad

The Bitnami Launchpad for Microsoft Azure automatically injects an auto-generated public SSH key for the bitnami user and allows the user to download the private SSH key. To do so, follow these steps:

  • Browse to the Bitnami Launchpad for Microsoft Azure and sign in if required using your Bitnami account.
  • Select the "Virtual Machines" menu item.
  • Select your cloud server from the resulting list.
  • Download the SSH key for your server (.pem for Linux and Mac OS X, .ppk for Windows). Note the server IP address on the same page.

SSH key

Obtaining your SSH credentials from the Azure marketplace

If you are using the Microsoft Azure Marketplace, you will have been presented with a choice of using either an SSH password or an SSH key pair at the time of deploying the server as shown below:

SSH deployment

  • Option 1: SSH key pair

    If you have copied and pasted your SSH key file during the deployment of the server, you can retrieve your key in the "Resource Group -> Deployments" section. Click on your deployment, you will see a summary with the related information:

    SSH key deployment

  • Option 2: SSH password

    The SSH password that you have entered during the server deployment is the same thet you will use to access your server through an SSH client and to access the server through an SSH tunnel.

Connecting with an SSH client

Connecting with an SSH client on Windows using an SSH password

In order to access your server via SSH tunnel you need an SSH client. In the instructions below we have selected PuTTY, a free SSH client for Windows and UNIX platforms. To access the server via SSH tunnel using PuTTY on a specific port using an SSH tunnel, you need to have it configured in order to allow connections to your server.

  • Step 1: Obtain PuTTY

    • Download the PuTTY ZIP archive from its website.
    • Extract the contents to a folder on your desktop.
    • Double-click the putty.exe file to bring up the PuTTY configuration window.
  • Step 2: Configure PuTTY

    • In the PuTTY configuration window, enter the host name or public IP address of your server into the "Host Name (or IP address)" field, as well as into the "Saved Sessions" field. Then, click "Save" to save the new session so you can reuse it later.

    PuTTY configuration

    • In the "Connection -> Data" section, enter the server username into the "Auto-login username" field (bitnami by default or the username you have entered during the creation of the server), under the "Login details" section.

      PuTTY configuration

  • In the "Session" section, click on the "Save" button to save the current configuration.
  • Select the session you want to start (in case that you have saved more than one session) and click the "Open" button to open an SSH session to the server.

    PuTTY configuration

PuTTY will first ask you to confirm the server's host key and add it to the cache. Go ahead and click "Yes" to this request (learn more).

PuTTY connection

  • Enter the SSH password when prompted. Refer to the FAQ to learn how to obtain your SSH credentials for your client.

You should now be logged in to your server. Here is an example of what you'll see:

PuTTY connection

Connecting with an SSH client on Windows using an SSH key

In order to access your server via SSH tunnel you need an SSH client. In the instructions below we have selected PuTTY, a free SSH client for Windows and UNIX platforms. To access the server via SSH tunnel using PuTTY on a specific port using an SSH tunnel, you need to have it configured in order to allow connections to your server.

  • Step 1: Obtain PuTTY

    • Download the PuTTY ZIP archive from its website.
    • Extract the contents to a folder on your desktop.
    • Double-click the putty.exe file to bring up the PuTTY configuration window.
  • Step 2: Convert your PEM private key to PPK format (optional)

    If your private key is in .pem format, it is necessary to convert it to PuTTY's own .ppk format before you can use it with PuTTY. If your private key is already in .ppk format, you may skip this step.

    Follow the steps below to convert your .pem private key to .ppk format:

    • Launch the PuTTY Key Generator by double-clicking the puttygen.exe file in the PuTTY installation directory.
    • Click the "Load" button and select the private key file in .pem format.

      PuTTY key conversion

    • Once the private key has been imported, click the "Save private key" button to convert and save the key in PuTTY's .ppk key file format.

      PuTTY key conversion

  • Step 3: Configure PuTTY

    • In the PuTTY configuration window, enter the host name or public IP address of your server into the "Host Name (or IP address)" field, as well as into the "Saved Sessions" field. Then, click "Save" to save the new session so you can reuse it later.

    PuTTY configuration

    • Obtain your SSH credentials in order to allow the authentication against the server. Refer to the FAQ to learn how to obtain your SSH credentials for your client.
    • In the "Connection -> SSH -> Auth" section, browse to the private key file (.ppk) you've previously obtained in the step above.

    PuTTY configuration

    • In the "Connection -> Data" section, enter the server username into the "Auto-login username" field (bitnami by default or the username you have entered during the creation of the server), under the "Login details" section.

      PuTTY configuration

  • In the "Session" section, click on the "Save" button to save the current configuration.
  • Select the session you want to start (in case that you have saved more than one session) and click the "Open" button to open an SSH session to the server.

    PuTTY configuration

PuTTY will first ask you to confirm the server's host key and add it to the cache. Go ahead and click "Yes" to this request (learn more).

PuTTY connection

You should now be logged in to your server. Here is an example of what you'll see:

PuTTY connection

Connecting with an SSH client on Linux and Mac OS X using an SSH password

Linux and Mac OS X come bundled with SSH clients by default. In order to log in to your server, follow the steps below:

  • Open a new terminal window on your local system (for example, using "Finder -> Applications -> Utilities -> Terminal" in Mac OS X or the Dash in Ubuntu).

  • Connect to the server using the following command:

      $ ssh USERNAME@SERVER-IP
    

    Remember to replace USERNAME with the server username (bitnami by default or the username you have entered during the creation of the server), and SERVER-IP with the public IP address or hostname of your server.

  • Your SSH client might ask you to confirm the server's host key and add it to the cache before connecting. Accept this request by typing or selecting "Yes" (learn more).

  • Enter your SSH password when prompted. Refer to the FAQ to learn how to obtain your SSH credentials for your client.

You should now be logged in to your server. Here is an example of what you'll see:

SSH connection

Connecting with an SSH client on Linux and Mac OS X using an SSH key

Linux and Mac OS X come bundled with SSH clients by default. In order to log in to your server, follow the steps below:

  • Open a new terminal window on your local system (for example, using "Finder -> Applications -> Utilities -> Terminal" in Mac OS X or the Dash in Ubuntu).
  • Set the permissions for your private key file (*.pem) to 600 using a command like the one below. Refer to the FAQ to learn how to obtain your SSH credentials.

      $ chmod 600 KEYFILE
    
  • Connect to the server using the following command:

      $ ssh -i KEYFILE USERNAME@SERVER-IP
    

    Remember to replace KEYFILE in the previous commands with the path to your private key file (.pem), USERNAME with the server username (bitnami by default or the username you have entered during the creation of the server), and SERVER-IP with the public IP address or hostname of your server.

  • Your SSH client might ask you to confirm the server's host key and add it to the cache before connecting. Accept this request by typing or selecting "Yes" (learn more).

You should now be logged in to your server. Here is an example of what you'll see:

SSH connection

Forwarding your key using SSH Agent

Forward your key it is an easy way to connect to a host (host A) with your SSH key, and from there, to connect to another host (host B) using the same key.

Forwarding your key using SSH Agent on Windows

To access the server via SSH forwarding your key using PuTTY you must have it configured. Please, check the how to connect to the server through SSH using an SSH client on Windows section for more information on this.

Once you have your SSH client correctly configured, you need to enable the SSH Agent forwarding. For doing so, follow these steps:

  • In the "Connection -> SSH -> Auth" section, activate the "Allow agent forwarding" checkbox.

PuTTY forward agent

  • In the "Session" section, save your changes by clicking the "Save" button.
  • Click the "Open" button to open an SSH session to the server. The SSH session will now forward your key, you can check it by running the following:

      $ ssh-add -L
    
Forwarding your key using SSH Agent on Linux and Mac OS X

To access the server forwarding SSH keys, follow the steps below.

  • Open a new terminal window on your local system (for example, using "Finder -> Applications -> Utilities -> Terminal" in Mac OS X or the Dash in Ubuntu).
  • To access the server forwarding your key, you need to have the following information:
  • Run the following command to add the SSH key to the agent. Remember to replace KEYFILE with the path to your private key:

      $ ssh-add KEYFILE
    
  • Connect to the server using -A option, remember to replace SERVER-IP with the public IP address or hostname of your server:

      $ ssh -A bitnami@SERVER-IP
    
  • The SSH session will now forward your key, you can check it by running the following:

      $ ssh-add -L
    

How to access a server using an SSH tunnel?

Bitnami strongly discourages you from opening server ports apart from those defined by default. In case you need to access a server on a specific port remotely, Bitnami recommends creating an SSH tunnel instead of opening the port in the server firewall.

Depending on your operating system, follow these instructions to create an SSH tunnel and ensure secure access to the application.

IMPORTANT: Before following the steps below, ensure that your application server is running.

Accessing a server using an SSH tunnel on Windows

In order to access your server via SSH tunnel you need an SSH client. In the instructions below we have selected PuTTY, a free SSH client for Windows and UNIX platforms.

Once you have your SSH client correctly configured and you tested that you can successfully access to your instance via SSH, you need to create an SSH tunnel. For doing so, follow these steps:

  • In the "Connection -> SSH -> Tunnels" section, create a secure tunnel by forwarding a port (the "destination port") on the remote server to a port (the "source port") on the local host (127.0.0.1 or localhost). An example of configuring an SSH tunnel between remote port 80 and local port 8888 is displayed below.

    PuTTY safe tunneling

  • Click the "Add" button to add the secure tunnel configuration to the session. (You'll see the added port in the list of "Forwarded ports"). An example of configuring an SSH tunnel between remote port 80 and local port 8888 is displayed below.

    PuTTY safe tunneling

  • In the "Session" section, save your changes by clicking the "Save" button.
  • Click the "Open" button to open an SSH session to the server. The SSH session will now include a secure SSH tunnel between the two specified ports.

While the tunnel is active, you should be able to access the application through the secure SSH tunnel you created, by browsing to http://127.0.0.1:SOURCE-PORT/ or http://localhost:SOURCE-PORT/. Remember to replace SOURCE-PORT with the source port number specified.

Accessing a server using an SSH tunnel on Linux and Mac OS X

To access the server on a specific port using an SSH tunnel, you need to have the following information:

  • Server's IP address
  • Username and password (if you want to connect the server using the SSH username and password).
  • Server username and corresponding SSH private key in .pem format for Linux and Mac OS X (if you have deployed your server using an SSH key pair).

Learn more about how to obtain your SSH credentials for your client.

Once you have the information above, follow these instructions to access the server using an SSH tunnel:

  • Open a new terminal window on your local system (for example, using "Finder -> Applications -> Utilities -> Terminal" in Mac OS X or the Dash in Ubuntu).
  • You have two options to configure the SSH tunnel: connect to the server using a private key (recommended) or connect to the server using a SSH password. Follow the instructions below per each option:

    • Option 1: Connect to the server using a private key

      • Make sure that you have your SSH credentials (.pem key file) in hand.
      • Run the following command to configure the SSH tunnel. Remember to replace SOURCE-PORT with the source port, DESTINATION-PORT with the destination port, KEYFILE with the path to your private key, and SERVER-IP with the public IP address or hostname of your server:

          $ ssh -N -L SOURCE-PORT:127.0.0.1:DESTINATION-PORT -i KEYFILE bitnami@SERVER-IP
        
    • Option 2: Connect to the server using a SSH password

      • Run the following command. Remember to replace SOURCE-PORT with the source port, DESTINATION-PORT with the destination port, USERNAME (bitnami by default or the username you have entered during the creation of the server) and SERVER-IP with the public IP address or hostname of your server. Enter your SSH password when prompted.

          $ ssh -N -L SOURCE-PORT:127.0.0.1:DESTINATION-PORT USERNAME@SERVER-IP
        
NOTE: If successful, the above commands will create an SSH tunnel but will not display any output on the server console.

While the tunnel is active, you should be able to access the application through the secure SSH tunnel you created, by browsing to http://127.0.0.1:SOURCE-PORT/ or http://localhost:SOURCE-PORT/. Remember to replace SOURCE-PORT with the source port number specified.

How to find application credentials?

Using the Microsoft Azure Marketplace

Administrator username

The default administrator username to log in to your application is different depending on the application you have deployed. It can be obtained browsing to the IP address of your Microsoft Azure server to access the application, clicking the Bitnami banner at the bottom right corner of the application index page and viewing the resulting information screen.

Application credentials

You will see the credentials for your application:

Application credentials

If the Bitnami banner is not visible, the same information can also be accessed by browsing to http://SERVER-IP-ADDRESS:PORT/bitnami.

Administrator password

You have two options for obtaining your application credentials:

  • Checking the System Log on the Microsoft Azure management console.
  • Connecting to your application through SSH.
Option 1: Find password by checking the System Log on the Microsoft Azure management console

IMPORTANT: This password is only available in the system log for the first 24 hours after you first start the instance. We strongly recommend that you note it down immediately on the first boot and save it in a safe place, as you will be unable to access the instance console without it. We also recommend that you change it as soon as possible for security reasons.

The administrator password to log in to your application is randomly generated during the first boot. This password can be viewed as follows:

  • Log in to the Microsoft Azure management console.
  • Click the "Virtual machines" icon in the toolbar and select your server from the resulting list.
  • In the "Support + Troubleshooting" menu, select the "Boot diagnostics" option.

    Application credentials

  • Review the system log until you find the password.

    Application credentials

The following video shows you the process to obtain the application credentials on the Microsoft Azure management console:

Option 2: Find password by connecting to your application through SSH

The application credentials are also stored in your application files. To obtain the password at any time, follow these instructions:

In case that you can not see the content of the above file, check the following file:

$ sudo cat /opt/bitnami/var/data/bitnami_credentials/credentials

Using the Bitnami Launchpad

Your default credentials become available once you create a cloud server. To find them, follow these steps:

  • Browse to the Bitnami Launchpad for Microsoft Azure and sign in if required using your Bitnami account.
  • Select the "Virtual Machines" menu item.
  • Select your cloud server from the resulting list.
  • The "Application Info" section in the left panel contains the credentials for your instance. The password is hidden by default but will be displayed in plain text when the "Show" button, adjacent to the password input, is clicked.

Server credentials

How to find database credentials?

Database username

If you started a server (for example, MongoDB or similar) that isn't a Web application server or your application includes a database server, you can use the default administrator user to log in to the database (for example, root). In the table below you will find the username for the most popular databases:

Database Username
MySQL, MariaDB, MongoDB root
PostgreSQL postgres

You can find more information for each specific server in our documentation.

Database password

The database password is the same as the administrator password you use to log in to your application.

How to create a Microsoft organizational account?

To link the Bitnami Launchpad for Microsoft Azure with your Microsoft Azure subscription, you will need either a "Microsoft work or school account" or a Microsoft organizational account with permission to access your Microsoft Azure subscription.

To create a new Microsoft organizational account, follow the steps below:

NOTE: You may need to request your system administrator to create the Microsoft organizational account for you if you don't have administrative permissions on your Microsoft Azure account.
  • Log in to the Microsoft Azure portal.
  • From the left navigation menu, select the "Azure Active Directory -> Users and groups -> All users" menu item.

    Microsoft organizational account creation

  • Click the "New user" button and create a new Microsoft organizational account by entering a name and email address. Ensure that the "Directory role" is set to "User" and click the "Show Password" checkbox at the bottom to view and make a note of the auto-generated password. Click the "Create" button to save the new user.

    Microsoft organizational account creation

    NOTE: The email address for the user account must be a verified domain name in your directory. You can list all the verified domains in your directory using the "Azure Active Directory -> Domain names" menu item.

The new Microsoft organizational account will now be created. You must also grant it permission to access your Microsoft Azure subscription following the instructions in our FAQ.

How to configure a Microsoft organizational account to access your Microsoft Azure subscription?

To link the Bitnami Launchpad for Microsoft Azure with your Microsoft Azure subscription, you will need either a "Microsoft work or school account" or a Microsoft organizational account with permission to access your Microsoft Azure subscription.

Find instructions to create a new Microsoft organizational account in our FAQ. Once the Microsoft organizational account has been created, follow the steps below to grant it access to your Microsoft Azure subscription:

  • Log in to the Microsoft Azure portal using your primary account.
  • From the left navigation menu and select the "Subscriptions" menu item. Select the subscription you wish to use when launching servers through the Bitnami Launchpad for Microsoft Azure.

    Subscription selection

  • In the resulting menu, select the "Access Control (IAM)" menu item. On the resulting page, click the "Add" button.

    User-subscription permission

  • On the "Add permissions" page, select the new Microsoft organizational account created above and assign it the "Contributor" role. Click "Save" to save the new permissions.

    User-subscription permission

NOTE: Log out of the Microsoft Azure portal before linking the Bitnami Launchpad for Microsoft Azure with your Microsoft organizational account, as you will encounter problems if you remain signed in with your primary account credentials.

What resources does the Bitnami Launchpad for Microsoft Azure create in my Microsoft Azure account?

The Bitnami Launchpad for Microsoft Azure creates the following resources in your Microsoft Azure account:

  • A storage account for each region in which the user launches an instance.
    • Application images are added to that storage account when the user launches instances.
    • Machine disks are created in that storage account when the user launches instances.
  • A resource group with the rest of the resources needed by the instance.
  • A resource group for the various storage accounts.

How to remove storage containers used by Bitnami applications?

When you deploy a Bitnami application on Microsoft Azure using the Bitnami Launchpad for Microsoft Azure, the Bitnami Launchpad creates a virtual machine and associated resources, including a storage container and virtual disk image. If you later decide to remove the Bitnami application, you may encounter errors when deleting the storage container such as "Failed to delete storage account" or "Unable to delete storage account".

Microsoft Azure supports launching virtual machines following two approaches: using the new Microsoft Azure Resource Manager or using the "classic" approach. Images launched using the Bitnami Launchpad for Microsoft Azure use the "classic" approach. Even though the new Microsoft Azure management console has views for showing all the "classic" resources, it does not show all of them. Therefore, there may be some virtual disk images that are still attached to your storage container but not visible in the Microsoft Azure management console, and these images will block deletion of the storage container.

You can resolve this issue either by using the older version of the Microsoft Azure console, or by using the Microsoft Azure Storage Explorer.

Removing disk images using the Microsoft Azure console

To resolve this issue, follow the steps below:

  • Log in to the older version of the Microsoft Azure console using the same account credentials you use for the new Microsoft Azure console.
  • Select the "Virtual Machines" menu item.
  • Select the "Images" tab.

    Disk images

  • Delete any leftover disk images corresponding to the Bitnami application you removed.

Once the leftover disk images are removed, you should also be able to remove the storage container using the Microsoft Azure management console.

Removing disk images using the Microsoft Azure Storage Explorer

  • Download and install the Microsoft Azure Storage Explorer for your operating system.
  • Log in to the Microsoft Azure Storage Explorer using the same account credentials you use for the Azure Portal.
  • Navigate to the bucket created for your images. Typically, this bucket will be named using a bitnami prefix, as shown below:

    Storage bucket

    TIP: In case you cannot find the correct bucket, log in to the Microsoft Azure management console and look in the "Disks" section of your virtual machine configuration. This includes a "Location" field which holds the bucket name.
  • Within the bucket, navigate to the "Blob Containers -> bitnami-images (Leased)" node and delete the Bitnami disk image corresponding to the Bitnami application you removed. Repeat this step for the "Blob Containers -> vhds (Leased)" node.

    Image deletion

Once the leftover images are removed, you should also be able to remove the storage container using the Microsoft Azure management console.

How to find deployment and resource group ID?

Follow these steps to find the deployment ID and resource group ID for your deployment or resource group:

  • Log in to the Microsoft Azure Portal.
  • In the left navigation bar, select the "Resource groups" menu item.
  • Select the resource group containing your deployment.
  • From the resource group's "Settings -> Deployments" menu, select a deployment to view a summary of the deployment details, including its deployment ID and resource group ID.

    Find deployment and resource group ID

How to find my subscription ID?

The subscription ID is a unique alphanumeric string that identifies your Azure subscription. Follow these steps to find it:

  • Log in to the Microsoft Azure Portal.
  • In the left navigation bar, select the "Subscriptions" menu item to obtain a list of all the subscriptions associated with your Microsoft Azure account. The list includes the subscription ID for each subscription.

    Find Azure Subscription ID

  • To see detailed information related to a specific subscription, select it from the list and you will be redirected to a detail page with additional information:

    Find Azure Subscription ID

How to install the Azure Command Line Interface (CLI)?

You can create, manage, and delete services from your terminal with the Azure CLI. Follow the instructions below to install and to activate the Microsoft Azure Cross-Platform Command Line Interface on your device:

  • Run the following command to install the CLI. Select the operating system of your choice:

    • Mac OS X and Linux:

      $ curl -L https://aka.ms/InstallAzureCli | bash
      
    • Windows:

      $ pip install --user azure-cli
      
      NOTE: To install the Azure CLI in Windows requires Python. You can download it from Python's downloads page.

You will be prompted to select the installation directories. Select the options shown by default or change them if you want to install it in a different location.

  • Log in to the CLI by executing the following:

    $ az login
    

    You will see a URL and a code:

    Install the Azure CLI

  • Open your preferred browser and enter this URL. Then, enter the code that you have already received, and click on "Continue":

    Sign in the Azure CLI

  • Select the Microsoft account you want to sign in to:

    Sign in the Azure CLI

Once you have signed in with your account, you can close this window and start to work directly from the Azure CLI.

How to download the deployment template?

Azure provides you with a set of templates that consist of expressions that you can use to construct values for your deployment. Bitnami applications include a ready-made JSON template that you can download both from the Azure Portal and from the Azure CLI.

Download from the Microsoft Azure portal

To download the deployment template from the Microsoft Azure portal, follow the instructions below:

  • Log in to the Microsoft Azure Portal.

  • In the left navigation bar, go to the "Resource groups" menu.

  • Select the Resource Group which your application is located in.

  • Click the virtual machine you want to manage. You will see essential information in the right-side of screen. Click the "Deployments" section.

    Download the deployment template

  • Select the deployment you want to download its template, then click the "View template" option in the top menu.

    Download the deployment template

  • In the template preview screen, click the "Download" option located in the left upper corner of the screen. The template will be downloaded.

    Download the deployment template

Download from the Azure CLI

NOTE: Find instructions on how to install the Azure CLI.

To download the deployment template using the Azure CLI, run the following command, remembering to replace the DEPLOYMENT-ID and RESOURCE-GROUP-ID placeholders with your actual deployment and resource group identifiers:

$ az group deployment export --name DEPLOYMENT-ID --resource-group RESOURCE-GROUP-ID > template.json

How to create a Virtual Network peering?

To connect two instances internally you can enable a Virtual Network (VNet) peering from the Azure Portal. Depending if the instances were launched in the same or in different resource groups, there are two methods for performing a internal connection: sharing a virtual network or enabling a virtual network peering.

How to obtain the deployment event logs?

You can obtain a detailed report of the activity and events of your server using the Microsoft Azure management console.

To check the deployment event logs, follow these steps:

  • Log in to the Microsoft Azure management console.
  • Navigate to the "Resource groups" menu and click on the resource group you want to check.
  • In the resulting sub-menu, select the "Activity log" menu option.

    Azure VM activity logs menu

  • Adjust the appropriate timespan and apply the query. You will see a list of the resulting events. You can download that information as a .csv file.

    Azure VM logs options

What is a Bitnami image?

A Bitnami image includes everything you need to run your Bitnami-packaged application of choice. The installation and configuration of all of the software included in the stack is completely automated, making it easy for everyone, including those who are not very technical, to get them up and running.

All Bitnami images are completely self-contained and run independently of the rest of the software or libraries installed on your system. This means that you don't have to worry about installing any other software on your system to make the new application work. They also won't interfere with any software already installed on the system, so everything will continue to work normally.

How to start or stop the services?

Each Bitnami stack includes a control script that lets you easily stop, start and restart services. The script is located at /opt/bitnami/ctlscript.sh. Call it without any service name arguments to start all services:

$ sudo /opt/bitnami/ctlscript.sh start

Or use it to restart a single service, such as Apache only, by passing the service name as argument:

$ sudo /opt/bitnami/ctlscript.sh restart apache

Use this script to stop all services:

$ sudo /opt/bitnami/ctlscript.sh stop

Restart the services by running the script without any arguments:

$ sudo /opt/bitnami/ctlscript.sh restart

Obtain a list of available services and operations by running the script without any arguments:

$ sudo /opt/bitnami/ctlscript.sh

What is the directory structure?

The installation process will create several sub-directories under the /opt/bitnami directory:

  • Servers and related tools: apache2/, mysql/, postgresql/, apache-tomcat/, etc.
  • Languages: php/, python/, ruby/, tcl/, etc.
  • Application files: apps/phpMyAdmin/, apps/drupal/, apps/joomla/, apps/redmine/, etc.
  • Common libraries: common/
  • Licenses of the components included in the stack: licenses/

Application files are stored in the /opt/bitnami/apps/APPNAME/htdocs directory. The configuration file for the Apache Web server is stored in the /opt/bitnami/apps/APPNAME/conf/ directory.

How to troubleshoot Gmail SMTP issues

If you are using Gmail as the outbound email server and you are not able to send email correctly, Google may be blocking sign-in attempts from your apps or devices. Depending on whether or not you use Google Apps, the steps to correct this will differ.

For Google Apps users

If you are a Google Apps user, you will need your administrator to allow users to change the policy for less secure apps. If you are a Google Apps administrator, follow these steps:

  • Browse to the Google Apps administration panel.
  • Click on "Security" and then "Basic settings".
  • Look for the section "Less secure apps" and then click on "Go to settings for less secure apps".
  • Select "Allow users to manage their access to less secure apps".

For other Google users

If you do not use Google Apps, follow the steps in the following sections, depending on whether 2-step verification has been enabled on the account or not.

If 2-step verification has not been enabled on the account, follow these steps:

  • Browse to the "Less secure apps" page and log in using the account you are having problems with. This option is typically required by many popular email clients, such as Outlook and Thunderbird, and should not be considered unsafe.
  • Select the "Turn on" option.

    Security settings

If 2-step verification has been enabled on the account, you have to generate an app password. Follow these steps:

  • Browse to the "App passwords" page.
  • Click "Select app" and choose the app you're using.
  • Click "Select device" and choose the device you're using.
  • Click the "Generate" button.
  • Enter the app password on your device.
  • Click the "Done" button.

Here are other options you may try:

  • Browse to the web version of Gmail and sign in to your account. Once you're signed in, try to enable access for the application again.
  • Browse to the "Unlock Captcha" function page and sign in with your Gmail username and password.
  • Disable IMAP from the Gmail web server interface and enable it again.

    IMAP settings

How to open the server ports for remote access?

IMPORTANT: Making this application's network ports public is a significant security risk. You are strongly advised to only allow access to those ports from trusted networks. If, for development purposes, you need to access from outside of a trusted network, please do not allow access to those ports via a public IP address. Instead, use a secure channel such as a VPN or an SSH tunnel. Follow these instructions to remotely connect safely and reliably.

NOTE: The steps below use the newer version of the Microsoft Azure management console.

By default, cloud servers launched through the Azure management console have their ports closed to secure them against external attacks. This is done for all ports apart from ports 22 (SSH), 80 (HTTP) and 443 (HTTPS). If you need to access your server remotely using a different port, you must first open the necessary port(s) using the Azure management console.

For servers launched through the Bitnami Launchpad for Microsoft Azure, select the cloud server you wish to modify in the Bitnami Launchpad and click the "Manage in the Microsoft Azure Console" button to access the Microsoft Azure management console.

Follow these steps:

  • Log in to the Azure management console.
  • Click the "Virtual machines" icon in the toolbar and select your server from the resulting list.
  • Click the "Settings -> Networking" link for the server in the menu.
  • Select the network interface (there will typically only be one).
  • In the "Inbound port rules" section, click the "Add inbound port" link.

    Add inbound port

  • On the "Add inbound port" page, click "Advanced" to show more firewall options.

    Advanced options

  • In the "Source" section, click "CIDR block" and enter the following information:

    • Source IP address range: specify an IP range to allow inbound connections only from known and trusted IP addresses.

      IMPORTANT: Entering "All" allows access by anyone on the Internet. This is strongly discouraged and may result in unknown parties gaining access to your application and data.
    • Source port range: specify the port number/range. As an example, review the image below which demonstrates opening port 21 for FTP access.

    Rule configuration

  • Click "OK" to save the changes. Your new firewall rule will come into effect immediately.

How to close the server ports and deny remote access?

NOTE: The steps below use the newer version of the Azure management console.

For servers launched through the Bitnami Launchpad for Microsoft Azure, select the cloud server you wish to modify in the Bitnami Launchpad and click the "Manage in the Microsoft Azure Console" button to access the Microsoft Azure management console.

There are two options for closing the server ports: selecting the action "Deny" when adding a firewall rule (recommended for development environments) or deleting an existing one.

  • Option 1: Deny remote access to a specific port

    Follow these steps:

    • Log in to the Azure management console.
    • Click the "Virtual machines" icon in the toolbar and select your server from the resulting list.
    • Click the "Settings -> Networking" link for the server in the menu.
    • Select the network interface (there will typically only be one).
    • In the "Inbound port rules" section, click the "Add inbound port" link.

    Add inbound port

    • On the "Add inbound port" page, click "Advanced" to show more firewall options.

    Advanced options

    • In the "Source port range" field specify the port number/range on which you wish to deny the remote access to your server. As an example, review the image below which demonstrates closing a port.

    • In the "Action" section, select "Deny".

    Deny remote access

    • Click "OK" to save the changes. Your new firewall rule will come into effect immediately.
  • Option 2: Delete an existing inbound security rule

To close definitely a port for inbound traffic, delete it from the "Inbound security rules" section. To do so, find the security rule(s) you wish to close and click the "Delete" button next to each. The changes will come into effect immediately.

Close remote access

How to upload files to the server with SFTP?

NOTE: Bitnami applications can be found in /opt/bitnami/apps.

First, obtain your SSH credentials by following these steps:

  • Browse to the Bitnami Launchpad for Microsoft Azure and sign in if required using your Bitnami account.
  • Select the "Virtual Machines" menu item.
  • Select your cloud server from the resulting list.
  • Note the server IP address and SSH credentials on the resulting page. Your server may have been deployed using either an SSH password or an SSH key.

    SSH credentials with password

    SSH credentials with key

Although you can use any SFTP/SCP client to transfer files to your server, this guide documents FileZilla (Windows, Linux and Mac OS X), WinSCP (Windows) and Cyberduck (Mac OS X).

Using an SSH Key

Once you have your server's SSH key, choose your preferred application and follow the steps below to connect to the server using SFTP.

FileZilla
IMPORTANT: To use FileZilla, your server private key should be in PPK format.

Follow these steps:

  • Download and install FileZilla.
  • Launch FileZilla and use the "Edit -> Settings" command to bring up FileZilla's configuration settings.
  • Within the "Connection -> SFTP" section, use the "Add keyfile" command to select the private key file for the server. FileZilla will use this private key to log in to the server.

    FileZilla configuration

  • Use the "File -> Site Manager -> New Site" command to bring up the FileZilla Site Manager, where you can set up a connection to your server.
  • Enter your server host name and specify bitnami as the user name.
  • Select "SFTP" as the protocol and "Ask for password" as the logon type.

    FileZilla configuration

  • Use the "Connect" button to connect to the server and begin an SFTP session. You might need to accept the server key, by clicking "Yes" or "OK" to proceed.

You should now be logged into the /home/bitnami directory on the server. You can now transfer files by dragging and dropping them from the local server window to the remote server window.

If you have problems accessing your server, get extra information by use the "Edit -> Settings -> Debug" menu to activate FileZilla's debug log.

FileZilla debug log

WinSCP
IMPORTANT: To use WinSCP, your server private key should be in PPK format.

Follow these steps:

  • Download and install WinSCP.
  • Launch WinSCP and in the "Session" panel, select "SCP" as the file protocol.
  • Enter your server host name and specify bitnami as the user name.

    WinSCP configuration

  • Click the "Advanced…" button and within the "SSH -> Authentication -> Authentication parameters" section, select the private key file for the server. WinSCP will use this private key to log in to the server.

    WinSCP configuration

  • From the "Session" panel, use the "Login" button to connect to the server and begin an SCP session.

You should now be logged into the /home/bitnami directory on the server. You can now transfer files by dragging and dropping them from the local server window to the remote server window.

If you need to upload files to a location where the bitnami user doesn't have write permissions, you have two options:

  • Once you have configured WinSCP as described above, click the "Advanced…" button and within the "Environment -> Shell" panel, select sudo su - as your shell. This will allow you to upload files using the administrator account.

    WinSCP configuration

  • Upload the files to the /home/bitnami directory as usual. Then, connect via SSH and move the files to the desired location with the sudo command, as shown below:

     $ sudo mv /home/bitnami/uploaded-file /path/to/desired/location/
    
Cyberduck
IMPORTANT: To use Cyberduck, your server private key should be in PEM format.

Follow these steps:

  • Select the "Open Connection" command and specify "SFTP" as the connection protocol.

    Cyberduck configuration

  • In the connection details panel, under the "More Options" section, enable the "Use Public Key Authentication" option and specify the path to the private key file for the server.

    Cyberduck configuration

  • Use the "Connect" button to connect to the server and begin an SFTP session.

You should now be logged into the /home/bitnami directory on the server. You can now transfer files by dragging and dropping them from the local server window to the remote server window.

Using a Password

Once you have your server's SSH credentials, choose your preferred application and follow the steps below to connect to the server using SFTP.

FileZilla

Follow these steps:

  • Download and install FileZilla.
  • Launch FileZilla and use the "File -> Site Manager -> New Site" command to bring up the FileZilla Site Manager, where you can set up a connection to your server.
  • Enter your server host name.
  • Select "SFTP" as the protocol and "Ask for password" as the logon type. Use bitnami as the server username and the password generated during the server deployment process.

    FileZilla configuration

  • Use the "Connect" button to connect to the server and begin an SFTP session. You might need to accept the server key, by clicking "Yes" or "OK" to proceed.

You should now be logged into the /home/bitnami directory on the server. You can now transfer files by dragging and dropping them from the local server window to the remote server window.

If you have problems accessing your server, get extra information by use the "Edit -> Settings -> Debug" menu to activate FileZilla's debug log.

FileZilla debug log

WinSCP

Follow these steps:

  • Download and install WinSCP.
  • Launch WinSCP and in the "Session" panel, select "SCP" as the file protocol.
  • Enter your server host name and set bitnami as the server username. Enter the corresponding password as well.

    WinSCP configuration

  • From the "Session" panel, use the "Login" button to connect to the server and begin an SCP session.

You should now be logged into the /home/bitnami directory on the server. You can now transfer files by dragging and dropping them from the local server window to the remote server window.

Cyberduck

Follow these steps:

  • Select the "Open Connection" command and specify "SFTP" as the connection protocol.

    Cyberduck configuration

  • In the connection details panel, enter the server IP address, bitnami as the username, and the password generated during the deployment process.

    Cyberduck configuration

  • Use the "Connect" button to connect to the server and begin an SFTP session.

You should now be logged into the /home/bitnami directory on the server. You can now transfer files by dragging and dropping them from the local server window to the remote server window.

How to block a suspicious IP address?

NOTE: The steps below should be performed on all instances that receive inbound Internet traffic.

If you have detected an IP address that is collapsing your server or just making suspicious requests, block it using iptables. To do this, run the following command:

$ sudo su
$ iptables -A INPUT -s 1.2.3.4 -j DROP

Remember to replace 1.2.3.4 with the IP address you want to block.

IMPORTANT: Use with caution. If you don't specify an IP address, you will block yourself.

This will block all requests from that IP address. To have your iptables rules active even after rebooting the server, follow these steps:

  • Execute these commands:

     $ sudo su
     $ iptables-save > /opt/bitnami/iptables-rules
     $ crontab -e
    
  • Edit the above file with your favourite editor and include this line at the end of the file:

     @reboot /sbin/iptables-restore < /opt/bitnami/iptables-rules
    
  • Save the file and exit.

Now, on every boot, the system will load and apply the iptables rules.

To delete a rule, run the following command:

$ sudo su
$ iptables -D INPUT -s 1.2.3.4 -j DROP

This will delete the rule. Remember to replace 1.2.3.4 with a valid IP address.

Rerun the iptables-save command shown previously to make the new rules active even after rebooting the server.

How to change the server type or resize the server?

The Bitnami Launchpad for Microsoft Azure only supports server sizing during the initial server build process. Since the server is accessible via the Azure management console, you can get a resized version of the server from there afterwards if needed.

Follow these steps:

  • Log in to the Microsoft Azure management console.

  • Using the "Virtual machines (classic)" menu, find your server in the list and select it.

  • In the resulting sub-menu, select the "Size" menu option.

    Azure VM size options

  • Browse the list of available server sizes and select the one that best matches your requirements. Click the "Select" button to proceed.

    Azure VM size selection

The server should restart using the new type.

How to configure a static IP address?

Microsoft Azure instances are launched with a dynamic IP address by default, which means that the IP address changes every time the server is stopped and restarted. It is not possible to configure a static IP address for these instances.

What is the Bitnami Vault?

The Bitnami Vault is a secure password storage area associated with your Bitnami account. It stores all your Launchpad passwords (needed to deploy or manage servers from the various Bitnami Launchpads).

To use it, log in to your Bitnami account once. Once logged in, you can gain access to one or more Launchpads simply by providing the corresponding Bitnami Vault password as needed.

How to configure your application to use a third-party SMTP service for outgoing email?

Bitnami applications can be configured to use a third-party SMTP service for outgoing email. Examples of such third-party SMTP services are SendGrid and Mandrill. Instructions for using both these are provided below.

SendGrid

SendGrid's SMTP service can be accessed using your SendGrid account credentials. These credentials can be obtained by logging in to the SendGrid website and visiting the "Account Details" page.

SendGrid configuration

To configure your application to send email through SendGrid's SMTP service, use the settings below. Replace USERNAME with your SendGrid account username and PASSWORD with your SendGrid account password.

  • SMTP host: smtp.sendgrid.net
  • SMTP port: 25 or 587 for unencrypted/TLS email, 465 for SSL-encrypted email
  • SMTP username: USERNAME
  • SMTP password: PASSWORD

Here's an example of configuring WordPress to use SendGrid:

WordPress with SendGrid

More information is available in the SendGrid documentation.

Mandrill

Mandrill's SMTP service requires an API key for access. To obtain this key, log in to the Mandrill website, navigate to the "SMTP & API" section and create an API key. Note the SMTP server name, username and API key, as these serve as your credentials for accessing the Mandrill SMTP server.

Mandrill configuration

To configure your application to send email through Mandrill's SMTP service, use the settings below. Replace USERNAME with your SMTP username and API-KEY with the generated API key.

  • SMTP host: smtp.mandrillapp.com
  • SMTP port: 25, 587 or 2525 for unencrypted/TLS email, 465 for SSL-encrypted email
  • SMTP username: USERNAME
  • SMTP password: API-KEY

Here's an example of configuring WordPress to use Mandrill:

WordPress with Mandrill

More information is available in the Mandrill documentation.

Similar steps can be followed for other third-party SMTP services as well. Consult your service provider's documentation to obtain details on authentication credentials and available ports.

Does Bitnami collect any data from deployed Bitnami stacks?

Yes. Bitnami cloud images and virtual machines include a small agent that starts on boot and collects a few pieces of information about the system. For users of Bitnami Virtual Machine Images, Cloud Templates, and Container Images we may also collect information from downloaded, pulled or deployed images or instances, such as the instance type, IP address and operating system version or the Bitnami account used to launch the image in order to improve our product offerings.

We encourage you to leave this tracking on, but if you would like to turn it off, you can comment out or delete the following line in the /etc/crontab file:

X * * * * bitnami cd /opt/bitnami/stats && ./agent.bin --run -D

(where X is a random number for each instance generated at the boot time)

Our complete privacy policy is available online. If you have any questions, please feel free to contact us at hello@bitnami.com.

What does the SSH warning 'REMOTE HOST IDENTIFICATION HAS CHANGED' mean?

This warning is normal when trying to connect to the same IP address but a different machine - for instance, when you assign the same static IP address to another server. You can fix the problem by removing the IP address that you are trying to connect to from your ~/.ssh/known_hosts file.

If you use PuTTY, the SSH key mismatch warning looks like the image below:

SSH warning

In this case, click "Yes" if you know the reason for the key mismatch (IP address reassigned to another server, machine replaced, and so on).

How to troubleshoot server performance problems?

There are several possible reasons why your server might be under-performing. Use the list below to identify what could be affecting it.

  • Check the server type and ensure that it has the necessary CPU and RAM resources to meet your application requirements and user load.

  • Check if your application is using a cache. Consider enabling a cache if one is not already present. For applications like WordPress, caching plugins like W3 Total Cache can produce a significant improvement in performance.

  • Check if there are any cron jobs running on the server and consuming resources.

  • Review the server dashboard or monitoring page and check the list of processes consuming CPU and memory. Alternatively, log in to the machine console via SSH and execute the following command to see a list of running processes:

     $ ps -e -orss=,args= | sort -b -k1,1n | pr -TW$COLUMNS
     $ ps -e -o pcpu,nice,state,cputime,args --sort -pcpu | head -10
    
  • In case of problems with the disk size, check the free disk space and which directories have a large number of files:

     $ df -ih
     $ df -h
     $ cd /opt/bitnami
     $ sudo find . -type f | cut -d "/" -f 2 | sort | uniq -c | sort -n
     $ du -h -d 1
    

How to improve server performance?

Consider the following tips to improve the performance of your server.

What are the Bitnami Cloud Tools?

Bitnami Cloud Tools are a multi platform, self-contained and easy-to-use prepackaged software that allows you to manage and monitor your cloud deployments.

By downloading it, you will obtain a wide range of command line utilities and a pre-configured version of the major programming languages such as Python or Perl. These tools are really useful for those developers that want to use, in a more advanced way, the Cloud APIs offered by different cloud providers.

Select your cloud platform and download from the Bitnami official web page the package that corresponds to your operating system.

azure

Bitnami Documentation