Azure hosting environment

This page describes the steps how to install Thriot in Azure environment with fully MS SQL (Express)-based Mesaging environment. It means that all management data and telemetry data are stored in Azure Table Storage while messages are stored in a Microsoft SQL Express 2014 database.

In this tutorial we will configure the domain so this tutorial will not only guide through the configuration steps for creating an Azure-based hosting environment but will show you the configuration for the site.

We will discuss the installation procedure of a two-box environment, where the boxes and their responsibilities are the following:

  • Web frontend server
    • Central website
    • Management API
    • Platform API
    • Platform Websocket Service
    • Reporting API
  • SQL backend server
    • Messaging API (private)
    • Messaging database

Moreover we will create two storage accounts:

    • Management Table Storage
    • Telemetry Table Storage

Based on this description with quite minimal phantasy you can find out how to install the system on a single box or even scale it out to more servers. When scaling out please consider the following rules:

  • The APIs can be freely scaled out except for the Messaging API
  • Messaging API should run in single instance mode (failover clustering is OK)
  • The Websocket service can be freely scaled out

For easier configuration please refer to the following page:

Server names used in this tutorial

This tutorial basically describes the installation procedure of the demo environment behind the site.

This tutorial assumes that the target servers are the following: – Web frontend server – SQL Backend server

As a prerequisite create the VMs having the names selected by you on the Azure Portal,

For it looks like this:


The VMs are provisioned in West Europe and have the size of A1 (1 Core, 1.75 GB).

Of course you will install servers with different names, these are just examples. Ensure to use the correct names in all configurations and settings.

Look at the following DNS CNAME configuration:



Since CNAMEs were configured for the domains, it means that

  • will be the website
  • will host the APIs (management, platform, reporting)
  • the websocket service will be also accessible through (preferred)

The exact public endpoints will be configured after going through the tutorial:

Url Function Central management website Management API Platform API
ws:// Platform websocket service Reporting API



This tutorial supposes the release v0.6 of source code.

Having the source code you can use the following command the produce the binaries with Azure default configuration:

src\Service\Build> .\build.ps1 -config azure -configtmt azure -configmsg sql -copyConfigs yes -linuxify no

The results will go to the output\{CURRENTDATE}_azure folder.

Please note that in case of upgrading (to be discussed in the Upgrading section below) the -copyConfigs parameter must not be used to ensure that no config files are accidentally overwritten.

The output folder contains the following subfolders:

Folder Description Type
api Management API REST API
msvc Messaging Service API REST API
papi Platform API REST API
rapi Reporting API REST API
web Central website Thin website
websocketservice Websocket Service Windows Service
install install\configtemplates – Configuration templatesinstall\storage\management – Program that initializes management storageinstall\storage\messaging – Script to create Message database storage Templates, scripts and applications
plugings Plugins for telemetry data and queueing Plugins

Please take into account that the rest of this page will assume that the build output is installed to the c:\Thriot folder on the target servers.

Install SQL backend server

In the example we are using Windows Server 2012 R2 running as Azure VM – Small instance.


As a Prerequisite to successfully install Microsoft SQL Server Express 2014 you must first ensure the .NET 3.5 is installed on the system.


Installing Microsoft SQL Express 2014

After you’ve successfully installed the prerequisites it’s high time to download SQL Express 2014 (with Tools) installation package.

Download location:

For a 64 bit system you must choose ExpressAndTools 64BIT\SQLEXPRWT_x64_ENU.exe.



Double click on the installation execute to start the wizard. Here choose “New SQL Server stand-alone installation …”.


Always consider using the default settings while ensuring that all the required components are set up:


If the servers are not in Windows AD Domain environment you must ensure that mixed mode authentication is enabled (this is the current situation). In case you are is a domain environment you should consider using Windows authentication only.

In case of mixed mode authentication you are to set the password for the sa user that is a full-permission sysadmin user in the system so that it’s super-important to choose a highly secure password. Ensure to add some windows user to the SQL server admins role.


You may select data directories here. For example you may choose a high-performance disk to storage the databases.

After setting all these parameters you should start and wait for to finish the installation process.

SQL server won’t be reached from the outside word (just from the Messaging API running on the same box) so there is no need to open the 1433 (SQL) port.

Configuring the messaging database

Open SQL Management Studio and connect to the SQL Backend server using the sa or an Admin user.

Create a database named ThriotMessaging – for messaging.



Create a user called thriotmessaging with a strong password. Disabled “Enforce password policy” otherwise you must change the password at next logon. It’s recommended to set the default database to ThriotMessaging.


Ensure to provide db_owner role for thriotmessaging user to the ThriotMessaging database.


To prepare the ThriotMessaging database load the install\storage\messaging\CreateDB.sql script and run it against the ThriotMessaging database.



Creating Management and Telemetry Storage accounts – for Table Storages

Navigate to the Azure portal on site.

Create two Storage accounts:

  • One for the device structure management
  • One for storing telemetry data


As you have previously built the application, you will find the following configuration file: install\storage\management \Thriot.CreateAzureStorage.exe.config. Modify the connection string called ManagementConnection to point to the Management storage by copying the appropriate (Primary or Secondary) connection string. Run the Thriot.CreateAzureStorage.exe program which will create all the tables in the Management storage that is used by the system.



Open the Settings table in Visual Studio or any other tool that’s suitable for editing ATS tables. Ensure to correctly modify the configuration settings like this:



Explanation of the configuration settings:

Category Setting Value
Connection TelemetryConnection Telemetry connection string for Windows Azure Table Storage for telemetry data.e.g. connection string of the telemetry storage.
Microservice MessagingServiceApiKey Shared secret for authenticating to the messaging service.It’s an automatically generated value.
Microservice MessagingServiceEndpoint Messaging service url.e.g.
Microservice TelemetrySetupServiceApiKey Shared secret for authenticating to the telemetry setup service.It’s an automatically generated value.
Microservice TelemetrySetupServiceEndpoint Telemetry setup service endpoint.e.g.
PublicUrl ManagementApiUrl Management API url.e.g.http://
PublicUrl PlatformApiUrl Platform API url.e.g.
PublicUrl PlatformWsUrl Platform Websocket
PublicUrl ReportingApiUrl Reporting API url.e.g.
PublicUrl WebsiteUrl Central website url.e.g.
Runtime EmailActivation Specify If email activation is required.For production environment should be true.e.g.true
Runtime ServiceProfile ServiceProvider, SingleCompany or SingleService.ServiceProvider


Install IIS

In Server Manager select Add roles and features.

Here tick the Web Server (IIS) Role.


Select the following role services:





Hit Next and do the installation.

Install HttpPlatformHandler

Follow this page to add HttpPlatformHandler:

On some environments it may be preinstalled.

Installing Messaging Service application in IIS

On the target server create the c:\Thiort\msvc folder and copy the content of the msvc folder here created by the build described on the top of this page.

In the config folder (located at C:\Thriot\msvc\approot\packages\Thriot.Messaging.WebApi\1.0.0\root\config) edit the connectionstring.json and the connectionstringmsg.json config files to configure the main and the messaging connection strings respectively.


connectionstring.json should look like this:

    "ConnectionString": {
        "ManagementConnection": {
            "ConnectionString": "DefaultEndpointsProtocol=https;AccountName=********;AccountKey=***********************",
            "ProviderName": ""

connectionstringmsg.json should look like this:

    "ConnectionString": {
        "MessagingConnection": "Server=*******;Database=ThriotMessaging;User=thriotmessaging;Password=********************"

Ensure to have the correct connection string instead of the examples above.

Please refer to the vdir config below if your choose to deploy messaging into a virtual directory.

web.nlog config is fine if your logging directory is C:\Thriot\log, too.

Create a new website called Thriot and point it to the c:\Thriot\msvc\wwwroot folder. Ensure that you delete or disable the Default Website first.


Create a folder named: c:\Thriot\log

Add Modify permissions to the c:\Thriot\log folder to the iis apppool\thriot user.




On the Azure Portal open the HTTP – 80 port for the thriotbe VM. SQL port shouldn’t be opened as we don’t communicate directly with the SQL server just the local IIS application  just installed which counts as internal communication.


Do a quick test. Navigate to the

folder. If the messaging is HTTP 405 (or 404) – Method not allowed then the IIS Application is working properly.


Install Web frontend server

Install IIS

Follow exactly the same steps as you’ve completed for the SQL backend server in case of IIS installation procedure.

Do not forget to install HttpPlatformHandler, also.

Install Thriot applications as IIS websites and Applications

Since we suppose that the servicing DNS names will be and for the APIs and the Central website respectively, create the following folder structure (except for


From the build output

  1. copy the content of the api folder to the c:\Thriot\\management folder,
  2. copy the content of the papi folder to the c:\Thriot\\platform folder,
  3. copy the content of the rapi folder to the c:\Thriot\\reporting folder,
  4. copy the content of the web folder to the c:\Thriot\,
  5. copy the content of the websocketservice folder to the c:\Thriot\websocketservice folder,
  6. copy the content of the plugins folder to the c:\Thriot\plugins folder.
The configuration files folder is located at the following places respectively:
  1. c:\Thriot\\management\approot\packages\Thriot.Management.WebApi\1.0.0\root\config\
  2. c:\Thriot\\platform\approot\packages\Thriot.Platform.WebApi\1.0.0\root\config\
  3. c:\Thriot\\reporting\approot\packages\Thriot.Reporting.WebApi\1.0.0\root\config\
  4. c:\Thriot\\wwwroot\config\
  5. c:\Thriot\websocketservice\config\

Prepare the config files in the following way:

connectionstring.json should look like this:

    "ConnectionString": {
        "ManagementConnection": {
            "ConnectionString": "DefaultEndpointsProtocol=https;AccountName=********;AccountKey=***********************",
            "ProviderName": ""

Ensure to have the correct connection string instead of the examples above.


siteroots.js (for the central website):

app.constant('siteRoots', {
   managementRoot: '',
   reportingRoot: ''

Ensure to have the correct HTTP endpoints instead of the examples above.


smtpsettings.json (for management api):

    "SmtpSettings": {
        "FromAddress": "",
        "FromName": "Thriot",
        "BouncesAddress": "",
        "Host": "",
        "Port": "587",
        "UserName": "***",
        "Password": "***"

Ensure to have the correct SMTP settings instead of the examples above.

If you are running an asp.net5 rc1 app under a virtual directory in IIS you need to do some workaround to support virtual directories. Thriot implements this by vdir.json config files.

vdir.json shoud look like this:

{"VDIR": "/management"}
{"VDIR": "/platform"}
{"VDIR": "/reporting"}

respectively for management, platform and reporting services (they are reachable under api,, etc). The vdir.json has to be put under the regular config directory as the other configurations.


Create a website called and point it to the c:\Thriot\ folder and set the hostname to the hostname you’ve chosen (in our case Ensure to delete or disable the Default Website first.


Convert the management, platform and reporting folders to Applications.


After successful convert you should see the following:


The management, the platform and the reporting folders must point to the appropriate wwwroot folders of the applications.

In Basic settings change

  1. the management application’s path to c:\thriot\\management\wwwroot,
  2. the platform’s path to c:\thriot\\platform\wwwroot,
  3. the reporting’s path to c:\thriot\\reporting\wwwroot.



Create the website in similar way as you’ve done for (it’s important to point the site to the wwwroot folder):


Installing the Websocket service

In the c:\Thriot\websocketservice run c:\Windows\Microsoft.NET\Framework64\v4.0.30319\InstallUtil.exe Thriot.Platform.WebsocketService.exe


To provide more reliability set recovery settings in the service control manager. Start Service Control Manager (services.msc), locate the Thriot Websocket Service, and on the Recovery tab select “Restart the service” option for all occurrences.

Setting up logging

Create a folder named c:\Thriot\log.

Add Modify permissions to this folder for the iis apppool\ user.



Do the same for the nt service\ThriotWebSocketService user.


Final steps

HTTP endpoint will be opened by default on the firewall, you should open the 8080 port for the websocket service as an inbound rule.


To start the Windows service you can use the Service Control Manager (services.msc) or issue the following command from the command line:

net start ThriotWebSocketService

Do not forget to Add open Endpoints to the VM on Azure Portal for the 80 and 8080 ports in the same way you’ve completed for the 80 port of the backend service.

Testing if everything works fine

Now navigate to the address of the web frontend server (, register a new user, accept the registration, login with the user, create new company, service, network and device. If everything works fine you can start using the .NET or Linux C++ client libraries.


To upgrade to a newer/newest version do the following steps:

  1. Get the latest source snapshot
  2. Do a full rebuild with the same parameters as for the first time but ensure that you specify -copyConfig no setting.
  3. Update the binaries
  4. Execute the Management storage creator application with the same connectionstring settings (CreateAzureStorage) which won’t delete any data just upgrade the DB schema
  5. For the Messaging storage execute the appropriate CreateDB.sql script, which won’t delete any data just upgrade the DB schema
  6. Do a smoke test