Mostafa Elzoghbi: SharePoint 2010 Sandbox Solutions Best Practices

©2010 Microsoft Corporation. All rights reserved. RTM Content - Published May 2010

SP 2010 Sandboxed Solutions

Mostafa ElzoghbiSr. Software Engineer - C# MVPMetroStar Systems


AgendaSandbox Solutions OverviewSharePoint 2007 Challenges for Farm SolutionsSharePoint 2010 Approach for Sandbox SolutionsSandbox Solutions LifecycleExecuting Code in the SandboxSandbox Solutions LimitationsSandbox Resource MonitoringLoad balancing Sandbox solutionsSolution Validation


Overview of the Sandbox

Allows a subset of the full capabilities in the SharePoint APISecure – enforcing the sandbox

Execute in a partially trusted environmentCode executes in a special service processSubject to CASValidation framework

Provides way to do custom farm wide validation for the deployed packages

Each solution is isolated to its site collection


Defining the Sandbox

Solution Administration - Quota/Blocked SolutionsSubset Object ModelExternal ProcessCode Access Security (CAS Policies)


SharePoint 2007 Challenge

Developers build custom solutionsAdministrators can only secure solutions with CAS

Hard to control what is being done in custom code

Biggest cause of SharePoint support cases: custom code

Developer • Design, build and test customizations

Administrator• Install and monitor customizations

Site Collection Owner• Activate and use customizations


SharePoint 2010 Approach

Developers build custom solutionsSite collection owners deploy, activate and implement the customizationsAdministrators leverage resource monitors to check site collection usage

Automatic triggers “turn off” custom solutions in a site collection that are too expensive and taxing on the server

Developer • Design, build and test

customizations

Administrator• Monitor customizations

Site Collection Owner• Activate and use

customizations• Install customizations


Sandboxed Solutions Help Enterprises

Sandboxed solutions are important becauseHosted environments much easier to manage

Reduces time to deploying custom solutionsRemoving process of getting code approved and deployed by IT (Dev-Staging-Production)

Improves stability of SharePoint serversNow badly performing code isolated to site collection rather than potentially bringing down an entire server


Create/Deploy Sandbox solution

demo


Site Collection Administration

Solution Gallery -- _catalogs/solutionsEmpower Site Collection administrators


Sandboxed Solution LifecycleInstallation• Upload into Solution Gallery

Activation• Auto-activates features

Deactivation• Inert operation, extended by developer • Web Parts no longer execute

Deletion


Managing Sandbox Solutions

demo


Solution Administration

Central AdministrationBlock SolutionsQuota Templates


The Subset Object Model

In generalSPSite and below

No SPSecurityNo SPSite constructionCommon namespaces not available

Microsoft.SharePoint.AdministrationMicrosoft.SharePoint.WebControls

SPSite

SPWeb

SPList

SPListItem


A Separate Process

User Code Service : Started where WFE configured to run sandbox solutions.(SPUCHostService.exe)Sandbox Worker Process: where your actual code runs(SPUCWorkerProcess.exe)Sandbox Worker Process Proxy(SPUCWorkerProcessProxy.exe)


Sandbox

Sandbox and Code Access Security AspNetHostingPermission, Level=Minimal

SharePointPermission, ObjectModel=trueSecurityPermission, Flags=Execution

Full Trust

wss_usercode.config

My.dll

Other.dllSystem

DLL

SharePoint DLL

SharePoint OM

Subset OM


Front end Back end

Host ServiceExecutionManager

Sandboxing Architecture

Worker Process

Untrusted Code

Subset Object Model

Full Object Model


Sandboxed Solutions Process

Root SPWeb of SPSite

Solution galleryWebParts.wsp

Web Part gallery

Per-WFE AssemblyCache

<siteguid>\company.intranet.webpart.wsp\foo.dll

Sandboxed Worker Process

1

2 5

6

7

4

3


Types of Sandboxed SolutionsSandboxed Solutions SupportSandboxed solutions

offer developers a subset of the SharePoint API available fully trusted solutions

Site collection and site scoped FeaturesMany XML constructs available: Modules, Lists, ContentTypes, etc.

Client technologies to access external data – JavaScript, Silverlight etc.

Offloading resource usage and access handling to client

Non-Visual Web Parts- and Visual

WP is now available with VS 2010 SP Power

Tools

Event/Feature Receivers

Feature Activation Events

Custom Workflow Actions

InfoPath Forms Services List Definitions

Custom Actions Site Pages

Site Columns Content Types


Best Practices: Sandbox Boundaries

Off-box connections, http, web services, etcADO.netEnterprise features (Search, BCS, etc.)Threading (No complex processing)P-InvokeIOOther sites

x

xxx

x

xx


Compiling vs. Executing Sandboxed Solutions

Visual Studio 2010uses IntelliSense tohide full-trust typesAll code is compiled against the full APIThus, no “sandbox” check at compile time… only at runtimeWorkaround: change the Microsoft.SharePoint.dll project reference to reference the sandbox’s version

[..]\14\UserCode\Assemblies\Microsoft.SharePoint.dllNOTE: Switch it back before deployment!

Use this as a temporary test - do not deploy code that references the sandbox’s assembly

This is valid if you don’t have VS 2010 SP Power tools.

Full Object Model Subset Object Model

MyWebPart.dll

Proxy

Runtime


Execution vs. Compilation in Sandbox

Demo


Load Balancing

Sandboxed solutions can be run in two modes

Local ModeExecute code on the SharePoint WFELow administration overheadLower scalability

Remote ModeExecution on back-end farm machine

Via dedicated service applications

Load balanced distribution of code execution requests


Load balancing Sandbox Solutions & Blocking

demo

©2010 Microsoft Corporation. All rights reserved. RTM Content - Published April 2010

Solution Validation

[GuidAttribute("34805697-1FC4-4b66-AF09-AB48AC0F9D97")]public class PublisherValidator : SPSolutionValidator{

public override void ValidateSolution( SPSolutionValidationProperties properties){ properties.Valid = [true || false]; properties.ValidationErrorMessage = “no soup for you”; }

public override void ValidateAssembly( SPSolutionValidationProperties properties, SPSolutionFile assembly){ }}


Solution Validator

demo


Monitored Resources

Metric Name Description UnitsResources Per Point

Hard Limit

AbnormalProcessTerminationCount

Process gets abnormally terminated

Count 1 1

CPUExecutionTime CPU exception time Seconds 200 60CriticalExceptionCount Critical exception fired Number 10 3

InvocationCountNumber of times solution has been invoked

Count N/A N/A

PercentProcessorTimeNote: # of cores not factored in

Percentage Units of Overall Processor Consumed

85 100

ProcessCPUCycles CPU Cycles 1E+111E+11

ProcessHandleCount Windows Handles 10,000 5,000

ProcessIOBytes(Hard Limit Only) Bytes written to IO

Bytes 1E+07 1E+08

ProcessThreadCountNumber of Threads in Overall Process

Threads 10,000 200

ProcessVirtualBytes(Hard Limit Only) Memory consumed

Bytes 1E+094E+09

SharePointDatabaseQueryCount

SharePoint DB Queries Invoked

Number 400 100

SharePointDatabaseQueryTimeAmount of time spent waiting

for a query to be performedSeconds 20 60

UnhandledExceptionCount Unhanded Exceptions 50 3

UnresponsiveprocessCountWe have to kill the process because it has become unresponsive

Number 2 1You can tweak these values to fit your need…


Manage Sandbox solution resources

demo


Summary

Sandbox Solutions OverviewSharePoint 2007 Challenges for Farm SolutionsSharePoint 2010 Approach for Sandbox SolutionsSandbox Solutions LifecycleExecuting Code in the SandboxSandbox Solutions LimitationsSandbox Resource MonitoringLoad balancing Sandbox solutionsSolution Validation


Blog: http://moustaga-arafa.blogspot.comTwitter: @mostafaelzoghbi

http://moustaga-arafa.blogspot.com/

Mostafa Elzoghbi: SharePoint 2010 Sandbox Solutions Best Practices

Documents

Transcript of Mostafa Elzoghbi: SharePoint 2010 Sandbox Solutions Best Practices