accelerate it!€¦ · .net integration forms + .net role membership providers application pool...
TRANSCRIPT
![Page 1: accelerate it!€¦ · .NET integration Forms + .NET role membership providers Application Pool Isolation by default. Ultimate low footprint web server Lower memory requirement Lean](https://reader034.vdocuments.mx/reader034/viewer/2022042115/5e91b8307713444a8853314e/html5/thumbnails/1.jpg)
![Page 2: accelerate it!€¦ · .NET integration Forms + .NET role membership providers Application Pool Isolation by default. Ultimate low footprint web server Lower memory requirement Lean](https://reader034.vdocuments.mx/reader034/viewer/2022042115/5e91b8307713444a8853314e/html5/thumbnails/2.jpg)
{ accelerate it! }
Jorke OdolphiWeb Platform Architect EvangelistMicrosoft Australia
![Page 3: accelerate it!€¦ · .NET integration Forms + .NET role membership providers Application Pool Isolation by default. Ultimate low footprint web server Lower memory requirement Lean](https://reader034.vdocuments.mx/reader034/viewer/2022042115/5e91b8307713444a8853314e/html5/thumbnails/3.jpg)
IIS yesterday and today
PHP and FastCGI
Configuration
Security
Management
Performance
![Page 4: accelerate it!€¦ · .NET integration Forms + .NET role membership providers Application Pool Isolation by default. Ultimate low footprint web server Lower memory requirement Lean](https://reader034.vdocuments.mx/reader034/viewer/2022042115/5e91b8307713444a8853314e/html5/thumbnails/4.jpg)
![Page 5: accelerate it!€¦ · .NET integration Forms + .NET role membership providers Application Pool Isolation by default. Ultimate low footprint web server Lower memory requirement Lean](https://reader034.vdocuments.mx/reader034/viewer/2022042115/5e91b8307713444a8853314e/html5/thumbnails/5.jpg)
Send Response
Log Compress
NTLM Basic
Determine
Handler
CGI
Static File
Authentication
Anon
Monolithic implementation
Install all or nothing
Extend server functionality
only through ISAPI
ASP.NET
PHPISAPI
![Page 6: accelerate it!€¦ · .NET integration Forms + .NET role membership providers Application Pool Isolation by default. Ultimate low footprint web server Lower memory requirement Lean](https://reader034.vdocuments.mx/reader034/viewer/2022042115/5e91b8307713444a8853314e/html5/thumbnails/6.jpg)
Send Response
Log Compress
NTLM Basic
Determine
Handler
CGI
Static File
ISAPI
Authentication
Anon
SendResponse
Authentication
Authorization
ResolveCache
ExecuteHandler
UpdateCache
Server functionality is
split into ~ 40
modules...Modules plug into a generic
Modules extend server functionality through a public module API
![Page 7: accelerate it!€¦ · .NET integration Forms + .NET role membership providers Application Pool Isolation by default. Ultimate low footprint web server Lower memory requirement Lean](https://reader034.vdocuments.mx/reader034/viewer/2022042115/5e91b8307713444a8853314e/html5/thumbnails/7.jpg)
• Runtime limitations
• Only sees ASP.NET requests
• Feature duplication
Send Response
Log Compress
NTLM Basic
Determine
Handler
CGI
Static File
ISAPI
Authentication
Anon
Authentication
Forms Windows
Map Handler
ASPX
Trace
aspnet_isapi.dll
![Page 8: accelerate it!€¦ · .NET integration Forms + .NET role membership providers Application Pool Isolation by default. Ultimate low footprint web server Lower memory requirement Lean](https://reader034.vdocuments.mx/reader034/viewer/2022042115/5e91b8307713444a8853314e/html5/thumbnails/8.jpg)
Classic Mode• runs as ISAPI
Integrated Mode• .NET modules / handlers
plug directly into pipeline
• Process all requests
• Full runtime fidelity
Log
Compress
Basic
Static File
ISAPI
Anon
SendResponse
Authentication
Authorization
ResolveCache
ExecuteHandler
UpdateCache
Authentication
Forms Windows
Map Handler
ASPX
Trace
aspnet_isapi.dll
![Page 9: accelerate it!€¦ · .NET integration Forms + .NET role membership providers Application Pool Isolation by default. Ultimate low footprint web server Lower memory requirement Lean](https://reader034.vdocuments.mx/reader034/viewer/2022042115/5e91b8307713444a8853314e/html5/thumbnails/9.jpg)
Collaboration with Zend
Develop and deploy on the same platform
Built in support for FastCGI
Reuse of CGI processes, PHP, PERL, Ruby
much faster than standard CGI
Integrated Fast CGI Module part of IIS 7.0
![Page 10: accelerate it!€¦ · .NET integration Forms + .NET role membership providers Application Pool Isolation by default. Ultimate low footprint web server Lower memory requirement Lean](https://reader034.vdocuments.mx/reader034/viewer/2022042115/5e91b8307713444a8853314e/html5/thumbnails/10.jpg)
NET
global settings
.NET Framework
Global web.configmachine.config
IIS 7applicationHost.config
Site Root web.config
<system.web>
.NET settings
..
<system.webServer>
IIS 7 Delegated settings
ASP.NET
global settings
Global settings
and location tags
![Page 11: accelerate it!€¦ · .NET integration Forms + .NET role membership providers Application Pool Isolation by default. Ultimate low footprint web server Lower memory requirement Lean](https://reader034.vdocuments.mx/reader034/viewer/2022042115/5e91b8307713444a8853314e/html5/thumbnails/11.jpg)
{configuring Windows 2008 for web workloads }
![Page 12: accelerate it!€¦ · .NET integration Forms + .NET role membership providers Application Pool Isolation by default. Ultimate low footprint web server Lower memory requirement Lean](https://reader034.vdocuments.mx/reader034/viewer/2022042115/5e91b8307713444a8853314e/html5/thumbnails/12.jpg)
appcmd set config
/section:system.webServer/fastCGI
/+[fullpath='c:\php\php-cgi.exe']
appcmd set config /section:handlers
/+[name='PHP5',path='*.php',verb='GET,HEAD,PO
ST',modules='FastCgiModule',scriptProcessor='
c:\php\php-cgi.exe',resourceType='File']
![Page 13: accelerate it!€¦ · .NET integration Forms + .NET role membership providers Application Pool Isolation by default. Ultimate low footprint web server Lower memory requirement Lean](https://reader034.vdocuments.mx/reader034/viewer/2022042115/5e91b8307713444a8853314e/html5/thumbnails/13.jpg)
Secure by default
Modular thus smaller attack surface
.NET integration
Forms + .NET role membership providers
Application Pool Isolation by default
![Page 14: accelerate it!€¦ · .NET integration Forms + .NET role membership providers Application Pool Isolation by default. Ultimate low footprint web server Lower memory requirement Lean](https://reader034.vdocuments.mx/reader034/viewer/2022042115/5e91b8307713444a8853314e/html5/thumbnails/14.jpg)
Ultimate low footprint web server Lower memory requirement
Lean OS configuration
Minimize attack and maintenance surface
architecture
Powerful IIS command-line management interface
AppCmd scripts and batch files
![Page 15: accelerate it!€¦ · .NET integration Forms + .NET role membership providers Application Pool Isolation by default. Ultimate low footprint web server Lower memory requirement Lean](https://reader034.vdocuments.mx/reader034/viewer/2022042115/5e91b8307713444a8853314e/html5/thumbnails/15.jpg)
IIS 7 integrates URLScan style rules
config
Rules stored in web.config for portability
User access to sites, folders, or files without using NTFS
URL auth inspired by ASP.NET URL authorization, but designed for admins
Rules are stored in .config files for portability
All applications can use due to integrated pipeline
![Page 16: accelerate it!€¦ · .NET integration Forms + .NET role membership providers Application Pool Isolation by default. Ultimate low footprint web server Lower memory requirement Lean](https://reader034.vdocuments.mx/reader034/viewer/2022042115/5e91b8307713444a8853314e/html5/thumbnails/16.jpg)
Each pool with unique identity
Anon user assumes pool identity
Application Pool SandboxConfiguration Isolation: secure config for pool
SID Injection: unique SID for each pool
Easier configuration and management
App pool ID auto joins IIS_USR (was IIS_WPG)
![Page 17: accelerate it!€¦ · .NET integration Forms + .NET role membership providers Application Pool Isolation by default. Ultimate low footprint web server Lower memory requirement Lean](https://reader034.vdocuments.mx/reader034/viewer/2022042115/5e91b8307713444a8853314e/html5/thumbnails/17.jpg)
Worker Process
(W3WP.EXE)Service Host (SVCHost.EXE)
Windows
Process
Activation
Service
(WAS)
World Wide
Web Service
(W3SVC)
applicationhost.config
SID Injection
AppPool: newPool
username:
newPoolUser
password:
<password>
Active Directory
Token
Token
UsersDomain
Users
EveryoneLOGON_
BATCH
HRGroup <others>
IIS_
IUSRS newPoolNewPool\
Wwwroot\
default.htm
ACLAdministrator:F
System:F
SiteOwner:F
newPool:F
OK
Otherpool\
Wwwroot\
default.htm
ACLAdministrator:F
System:F
SiteOwner:F
otherPool:F
Denied
![Page 18: accelerate it!€¦ · .NET integration Forms + .NET role membership providers Application Pool Isolation by default. Ultimate low footprint web server Lower memory requirement Lean](https://reader034.vdocuments.mx/reader034/viewer/2022042115/5e91b8307713444a8853314e/html5/thumbnails/18.jpg)
{ server core + forms auth }
![Page 19: accelerate it!€¦ · .NET integration Forms + .NET role membership providers Application Pool Isolation by default. Ultimate low footprint web server Lower memory requirement Lean](https://reader034.vdocuments.mx/reader034/viewer/2022042115/5e91b8307713444a8853314e/html5/thumbnails/19.jpg)
APPCMDCommand line
Managed CodeMicrosoft.Web.Administration
WMIIIS Namespace
Powershell with managed API and WMI
![Page 20: accelerate it!€¦ · .NET integration Forms + .NET role membership providers Application Pool Isolation by default. Ultimate low footprint web server Lower memory requirement Lean](https://reader034.vdocuments.mx/reader034/viewer/2022042115/5e91b8307713444a8853314e/html5/thumbnails/20.jpg)
View detailed errors in the browser with prescriptive guidance
New APIs expose runtime diagnostic informationE.g. See all currently executing requests
Rapidly troubleshoot faulty applications
Configurable per application or URL
Failed request log chronicles events for trigger
Extensible eventing system
![Page 21: accelerate it!€¦ · .NET integration Forms + .NET role membership providers Application Pool Isolation by default. Ultimate low footprint web server Lower memory requirement Lean](https://reader034.vdocuments.mx/reader034/viewer/2022042115/5e91b8307713444a8853314e/html5/thumbnails/21.jpg)
{ management + troubleshooting }
![Page 22: accelerate it!€¦ · .NET integration Forms + .NET role membership providers Application Pool Isolation by default. Ultimate low footprint web server Lower memory requirement Lean](https://reader034.vdocuments.mx/reader034/viewer/2022042115/5e91b8307713444a8853314e/html5/thumbnails/22.jpg)
appcmd list requests
appcmd list requests /site.id:1
[system.reflection.assembly]::LoadFrom(“c:\windows\system32\i
netsrv\Microsoft.Web.Administration.dll”)
$rq = new-object Microsoft.Web.Administration.ServerManager
$rq.workerprocesses | foreach-object {$._GetRequests(0)}
![Page 23: accelerate it!€¦ · .NET integration Forms + .NET role membership providers Application Pool Isolation by default. Ultimate low footprint web server Lower memory requirement Lean](https://reader034.vdocuments.mx/reader034/viewer/2022042115/5e91b8307713444a8853314e/html5/thumbnails/23.jpg)
Better compression for static and dynamic
Output caching a module
Per URL / query string / request headers
Huge improvements to allow for high density or high availability
![Page 24: accelerate it!€¦ · .NET integration Forms + .NET role membership providers Application Pool Isolation by default. Ultimate low footprint web server Lower memory requirement Lean](https://reader034.vdocuments.mx/reader034/viewer/2022042115/5e91b8307713444a8853314e/html5/thumbnails/24.jpg)
Multiple servers sharing the same config
Updates to config occur in one place
No config sync required
Config cached in case of disconnect
Generally for homogeneous farms
installs,modules, certs
![Page 25: accelerate it!€¦ · .NET integration Forms + .NET role membership providers Application Pool Isolation by default. Ultimate low footprint web server Lower memory requirement Lean](https://reader034.vdocuments.mx/reader034/viewer/2022042115/5e91b8307713444a8853314e/html5/thumbnails/25.jpg)
{ performance + scaling }
![Page 26: accelerate it!€¦ · .NET integration Forms + .NET role membership providers Application Pool Isolation by default. Ultimate low footprint web server Lower memory requirement Lean](https://reader034.vdocuments.mx/reader034/viewer/2022042115/5e91b8307713444a8853314e/html5/thumbnails/26.jpg)
Enable Output Caching for semi-dynamic pages
Low bandwidth Branch Offices?
Enable Dynamic Compression (~ 5% CPU overhead)
Need to run many web apps on a single box?
Run IIS worker processes in Wow64 mode
Room for the OS, scalability for your web apps
-AppPool setting now: Enable32BitAppOnWow64
Thinking about buying new Web Server hardware?
W2K8 scales extremely well on new multi-proc boxes (4 and 8 core)
ASP.NET op caching vs. IIS op caching vs. KM output caching
![Page 27: accelerate it!€¦ · .NET integration Forms + .NET role membership providers Application Pool Isolation by default. Ultimate low footprint web server Lower memory requirement Lean](https://reader034.vdocuments.mx/reader034/viewer/2022042115/5e91b8307713444a8853314e/html5/thumbnails/27.jpg)
1000s of requests per second?
-investigate
You * script-mapped all requests to ASP.NET in IIS6? Integrated Pipeline is much faster than an IIS6 * scriptmapsolution
Try together with IIS7 URL Authorization.
![Page 28: accelerate it!€¦ · .NET integration Forms + .NET role membership providers Application Pool Isolation by default. Ultimate low footprint web server Lower memory requirement Lean](https://reader034.vdocuments.mx/reader034/viewer/2022042115/5e91b8307713444a8853314e/html5/thumbnails/28.jpg)
PHP applications?PHP on top of FastCGI is much faster than traditional CGI
The majority of your requests go to your Default Document?
Put it on top of the list
Otherwise IIS7 has to check every time
Static default documents will be cached in kernel-mode
Looking for tools to measures web server performance? Try WCAT 6.3 from www.iis.net/downloads
![Page 29: accelerate it!€¦ · .NET integration Forms + .NET role membership providers Application Pool Isolation by default. Ultimate low footprint web server Lower memory requirement Lean](https://reader034.vdocuments.mx/reader034/viewer/2022042115/5e91b8307713444a8853314e/html5/thumbnails/29.jpg)
Supports more web application scenarios
Fully featured Web server supporting IIS7,SharePoint and the .NET framework
Windows Media Services 2008
SQL Server allowed for local web applications
Enhanced hardware specification
Up to 4 processors
Up to 32GB RAM on x64 Servers
Streamlined server with small footprint
Only includes Web components and role
Server Core installation for minimal footprint
![Page 30: accelerate it!€¦ · .NET integration Forms + .NET role membership providers Application Pool Isolation by default. Ultimate low footprint web server Lower memory requirement Lean](https://reader034.vdocuments.mx/reader034/viewer/2022042115/5e91b8307713444a8853314e/html5/thumbnails/30.jpg)
![Page 31: accelerate it!€¦ · .NET integration Forms + .NET role membership providers Application Pool Isolation by default. Ultimate low footprint web server Lower memory requirement Lean](https://reader034.vdocuments.mx/reader034/viewer/2022042115/5e91b8307713444a8853314e/html5/thumbnails/31.jpg)
{ Jorke Odolphi}
![Page 32: accelerate it!€¦ · .NET integration Forms + .NET role membership providers Application Pool Isolation by default. Ultimate low footprint web server Lower memory requirement Lean](https://reader034.vdocuments.mx/reader034/viewer/2022042115/5e91b8307713444a8853314e/html5/thumbnails/32.jpg)
© 2007 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the
U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this
presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft,
and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation.
MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
![Page 33: accelerate it!€¦ · .NET integration Forms + .NET role membership providers Application Pool Isolation by default. Ultimate low footprint web server Lower memory requirement Lean](https://reader034.vdocuments.mx/reader034/viewer/2022042115/5e91b8307713444a8853314e/html5/thumbnails/33.jpg)
Common HTTP Web Server Components
DirectoryListingModule
CustomErrorModule
StaticFileModule DefaultDocumentModule
HttpRedirect
Security
BasicAuthModule
DigestAuthModule
WindowsAuthModule
CertificateAuthModule
AnonymousAuthModule
IPSecurityModule
UrlAuthorizationModule
RequestFilteringModule
Health and
Diagnostics
HttpLoggingModule
CustomLoggingModule
RequestMonitorModule
HTTPTracingModule
ODBCLogging
LoggingLibraries
Application
Development
ISAPIModule
ISAPIFilterModule
CGIModule
ServerSideIncludeModule
NetFxExtensibility
ASP
ASP.NET
Performance
HTTPStaticCompression
HTTPDynamicCompression
Management
ManagementConsole
ManagementService
ManagementScripting
Metabase
WMICompatibility
LegacyScripts
LegacySnap-in
FTP Publishing
FTPServer
FTPManagement
Windows Process Activation Service
ConfigurationAPIProcessModel NetFxEnvironment