Web303
-
Upload
information-technology -
Category
Technology
-
view
1.328 -
download
0
description
Transcript of Web303
Administering Sites That Scale Using Internet Information Services (IIS) 7.5, ARR and URL RewriteScott ForsythSenior Systems ArchitectOrcsWeb, Incweblogs.asp.net/[email protected]
SESSION CODE: WEB303
Web farms of the past tended to be …Complex
Web farms of the past tended to be …Expensive (up-front plus annual support contracts)
Web farms of the past tended to be …Fully or semi black-boxed. Difficult to customize or extend.
With IIS 7.5, Web Farms can be …Easier (more approachable)
With IIS 7.5, Web Farms can be …Affordable, both up-front and annually
With IIS 7.5, Web Farms can be …Configurable
With IIS 7.5, Web Farms can be …Highly Scalable
Learning the Tools of the TradeToday’s Roadmap
Web Nodes – Syncing the Web ServersLoad Balancing - ARRURL Rewrite – Directing Traffic
What is a Web Farm?
Part 1 – Syncing the Web Servers
Web ContentKeeping the Data in Sync
Local vs. SMB vs. SANLocal = Disk IO distributed, but so is content sizeSMB = Still need to replicate for redundancySAN = NTFS doesn’t support multi-access. Consider MelioFS from Sanbolic
Replication via DFS-R, Robocopy, 3rd party tools‘Write’ content has good chance of locks. Move dynamic content to database.
IIS Shared ConfigKeeping IIS in Sync
No ACLs or per-server information to worry aboutEnvironment variables supportedUse shared location (i.e. UNC) or replicated configEncryption key only needed once per joined serverLocal = no u/p required. Remote = custom permissionsTurn off during software installs. Rolling upgrades.
Session StateKeeping Session Data in Sync
InProc - Fast but localized per web serverStateServer - Shared but not redundant and doesn’t scaleSqlServer - Shared. Higher latency but will scale. Onus on you for redundancyAppFabric Caching - Still in beta. Holds good potential. SessionStoreProviderThird Party Options - ScaleOut StateServer, nCache (Alachisoft)
Certs; GAC; COM+Keeping the Rest in Sync
Sync manually on a small server farm – document wellWebDeploy for full synchronization
Command line toolTakes some learning but has a lot of flexibility
ASP.NET MachineKey should be specifically set at server or site level
Part 2 – Load Balancing - ARR
Load BalancingIntroducing ARR
Managed with IIS7 ManagerTiny footprintExtremely efficient and scalable
ARR 2.0 + URL Rewrite 2.0
IIS 7.xWindows Server 2008 (R2)
ARR Offers …Core Features
Load Balancing AlgorithmsHealth ChecksCaching (in-memory or on disk)Client affinity / sticky sessionsServer affinity – primarily for bulk hostingSSL Offloading
Three Touch-PointsPath Through IIS
#2 URL Rewrite Rule
#3 ARR Server Farm
#1 Website
IIS Bindings Through the Proxy
ARR Servers(IP=206.72.119.69) Web Servers
Host Header
IP Address
Port
www.site1.com
71.75.85.45
80/443
www.site1.com (untouched)
206.72.119.69
80 (you set)
SSL OffloadingFreeing the Web Servers
Optionally Terminate SSL at ARR (on by default)Moves SSL processing off the web boxesEasier config on web nodes – only bind to HTTPConsiderations:
ARR cannot pass-through SSLIf no SSL Offloading, it decrypts+re-encrypts at ARRCerts maintained on ARR boxesEnsure switched or trusted network to Web nodes
502.3/502.4 ErrorsHandling Errors Gracefully
Customizable – IIS Error PagesPlanned and unplanned “Down for maintenance” pages502.3 = WinHttp Operation Cancelled – usually means a timeout502.4 = Bad Gateway – no available healthy servers
Overcoming the Proxy EffectHiding the Middle-Man
ARR Helper: http://tinyurl.com/arrhelper Port/IP related
REMOTE_ADDR, REMOTE_HOST, REMOTE_PORT, SERVER_PORTSSL related
HTTPS, CERT_SERVER_ISSUER, CERT_SERVER_SUBJECT, CERT_KEYSIZE, CERT_SECRETKEYSIZE, HTTPS_* (same as CERT_*)
ARR createsHTTP_X_FORWARDED_FOR, HTTP_X_ORIGINAL_URL, HTTP_X_ARR_SSL
You can completely fool the web servers into thinking it’s a direct request
High Availability for the Load BalancerEven a Load Balancer Can Fail
HA OptionsHardware Load BalancerNetwork Load Balancer (NLB)Windows Clustering (requires Windows Enterprise+ Edition)
Replicate IIS Config – Shared ConfigurationReplicate SSL Certs – WebDeploy
Part 3 – URL Rewrite – Directing Traffic
URL RewriteEndless Options
Rewrite/redirect…By IP AddressBy URL or QuerystringBy Browser AgentList of URL MappingsAny Server Variable
URL Rewrite‘Compare’ Options
Regular Expressions – full flexibility, but requires knowing some RegexWildcards – easy to use, but minimal flexibilityExact Match – dead easy, no flexibilityRewrite Maps
9 things You Should Know About RegExURL Rewrite’s Powerful Syntax
^ to Start; $ to End. (dot) for any single char (not line break characters \r and \n)\ to escape special characters* to repeat 0 to ~; + to repeat 1 to ~| for “or”? for optional() to create sections for back references or decisions [] for character class{R:0} {C:0} are url and condition references (URL Rewrite)
URL Rewrite URL PartsCommon Server Variables
http://www.bing.com/search?q=IIS+url+rewritehttp(s)://<host>:<port>/<path>?<querystring>
<host> HTTP_HOST
www.bing.com
Two Useful Scripts (VB.NET)ServerVars.aspx (shows all Server Variables)<% For Each var as String in Request.ServerVariables Response.Write(var & " " & Request(var) & "<br>") Next%>
Node.aspx (machine name of web node)<% Response.Write (System.Environment.MachineName)%>
ReviewApproachable, Affordable, Configurable and Scalable
Web Servers – Mature and accessible tools to keep them in syncARR – Load balanced and cached on the front endURL Rewrite – Virtually unlimited rewrite options
Track ResourcesASP.NET – http://www.asp.net/ Silverlight – http://silverlight/ Expression – http://www.microsoft.com/expression/ Internet Explorer – http://www.microsoft.com/windows/internet-explorer/default.aspx
Resources
www.microsoft.com/teched
Sessions On-Demand & Community Microsoft Certification & Training Resources
Resources for IT Professionals Resources for Developers
www.microsoft.com/learning
http://microsoft.com/technet http://microsoft.com/msdn
Learning
Complete an evaluation on CommNet and enter to win!
Sign up for Tech·Ed 2011 and save $500 starting June 8 – June 31st
http://northamerica.msteched.com/registration
You can also register at the
North America 2011 kiosk located at registrationJoin us in Atlanta next year
© 2010 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to
be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
JUNE 7-10, 2010 | NEW ORLEANS, LA