building drupal web farms with iis - part 1

Building Drupal Web Farms with IIS - Part

1Alessandro Pilotti

@alexpilottiMVP ASP.NET / IIS

MCSD, MCAD, MCSE, MCDBA, MCTRed Hat Certified Engineer

Application Request Routing 2.5

IIS 7.x add-on installable via WebPI or setup available on http://iis.NET

Features HTTP based routing decisions Load balance algorithms Health monitoring Client affinity Host name Affinity Multiple server groups Managing and monitoring by using the UI Caching SSL offloading Failed Request Tracing rules

Web Farm Framework 2.1Features

Integration with ARRPlatform provisioning

Including frameworks (PHP, etc)Application provisioning via WebDeploySimplified farm managementRich UI for monitoring and

management

Architecture

Create a Server Farm

After installing ARR and/or WFF the node “Server Farms” shows up in the tree

Server FarmYou can enable independently

Load balancing Server farm provisioning

Enabling server farm provisioning only means that an alternative load balancing solution is planned, e.g.:

Hardware NLB

Varnish

Apache + HAProxy

WFF requires administrator credentials valid on all the hosts belonging to the farm

Creating an ARR farm via GUI creates also URL rewrite rules

Server Farm Details

WFF Server RolesWFF is based on the concept of a primary host and

multiple secondary hosts

Primary host Is the master Platform and applications get provisioned to

secondary hosts

Secondary hosts Are “clones” of the primary host

Roles can be switched A secondary host can become primary

Provisioning is customizable

Adding Servers

CLI To achieve the same result as seen before:

appcmd.exe set config -section:webFarms /+"[name='myServerFarm']" /commit:apphost

appcmd.exe set config -section:webFarms /+"[name='myServerFarm'].[address=’DrupalWeb1']" /commit:apphost

URL Rewrite rules: appcmd.exe set config

-section:system.webServer/rewrite/globalRules /+"[name='ARR_myServerFarm_loadbalance', patternSyntax='Wildcard',stopProcessing='True']" /commit:apphost

appcmd.exe set config -section:system.webServer/rewrite/globalRules /[name='ARR_myServerFarm_loadbalance',patternSyntax='Wildcard',stopProcessing='True'].match.url:"*" /commit:apphost

appcmd.exe set config -section:system.webServer/rewrite/globalRules /[name='ARR_myServerFarm_loadbalance',patternSyntax='Wildcard',stopProcessing='True'].action.type:"Rewrite" /[name='ARR_myServerFarm_loadbalance',patternSyntax='Wildcard',stopProcessing='True'].action.url:"http://myServerFarm/{R:0}" /commit:apphost

ARR Configuration

Health Test

Load Balance

Routing Rules

Server Affinity

CachingPrimary and secondary disk caches are configured at the server level

Add Drives

Cache Configuration

Cache Warm-up

Cache Rules

Enable Caching in the Farm

Platform Provisioning

Application Provisioning

Failed Request TracingDetailed requests log

Excellent troubleshooting tool

Launch IIS Manager

Select web site e.g. Default Web Site

Select Failed Request Tracing…

Enable Failed Request Tracing

Tracing RulesSelect Failed Request Tracing Rules in the

features pane

Add…

Trace Conditions

Select Providers

Analyze TracesTraces are located by default in

%SystemDrive%\inetpub\Logs\FailedReqLogFiles\

Sections to check:GENERAL_REQUEST_HEADERSARR_REQUEST_ROUTEDARR_SERVER_STATSGENERAL_RESPONSE_HEADERSGENERAL_RESPONSE_ENTITY_BUFFER

CLITo obtain what we did via GUI: appcmd set site "Default Web Site" -

traceFailedRequestsLogging.enabled:"true" /commit:apphost

appcmd.exe set config "Default Web Site" -section:system.webServer/tracing/traceFailedRequests /+"[path='*']”

appcmd.exe set config "Default Web Site" -section:system.webServer/tracing/traceFailedRequests /+"[path='*'].traceAreas.[provider='WWW Server',areas='Rewrite,RequestRouting',verbosity='Verbose']”

appcmd.exe set config "Default Web Site" -section:system.webServer/tracing/traceFailedRequests /[path='*'].failureDefinitions.statusCodes:"200-399"

Shared ConfigShare the same IIS server configuration among

two or more hosts

Obtained by saving the configuration files on a network share

An encryption key is set to protect sensitive data

Web sites reside on shared paths

Export Config

Enable Shared Config

Shared Config

Scenario

RolesLoad balancer / Farm controller (DrupalARR)

Web Server 1 (DrupalWeb1)

Web Server 2 (DrupalWeb2)

File Server (DrupalFileServer)

MySQL Server (DrupalDB) Note: In our demo and lab, we will install MySQL on

DrupalFileServer to limit the number of required VMs

DBMS Install MySQL on the DBMS server

Can be Windows, Linux, etc

CREATE DATABASE MyNewDrupalSite2;

Enable access to the MySQL database from the web servers. E.g.:  CREATE USER 'MyNewDrupalSite2'@'%'

IDENTIFIED BY 'Passw0rd'; GRANT ALL On MyNewDrupalSite2.* TO

'MyNewDrupalSite2'@'%’;

Note: in the Drupal web apps, connecting to MySQL using an IP address is preferred Avoid name resolution

Web Farm HostsWeb farm hosts (DrupalWeb1 and

DrupalWeb2)Install Web Deploy via WebPI, if not already

installedDisable UAC (User Account Control)Enable the following feature through the

local firewallCore NetworkingFile And Printer SharingRemote Administration

Web Farm HostsWe need a common account with administrator

rights on the hosts. It can be:A domain userA user with same username/password on all hostsMust be a member of the “Administrators” groupCheck that the user password is not set to expire

net user wfadmin Passw0rd /addwmic path Win32_UserAccount where

Name='wfadmin' set PasswordExpires=falsenet localgroup administrators wfadmin /add

Drupal Web SiteCreate a Drupal web site on the primary server

(DrupalWeb1)Via WebPI or manually

As seen in the previous lessons Install all necessary components

PHP 5.3, PHP Manager, WinCache, URL RewritePoint the Drupal DB configuration to the database on

the DBMS serverFor performance reasons, consider using an IP address

instead of name resolution

WFF will later use WebDeploy to replicate the site to the secondary servers (DrupalWeb2 in our case)

Load Balancer ARRInstall ARR 2.5 and WFF 2.1 via WebPI

ARROpen IIS Manager and create Web Farm. 

Note: if IIS Manager was open during the setup of ARR, it needs to be closed and reopened to be able to access the installed features.

Server Farm DetailsSet the wfadmin user you created in the

previous steps

Add Primary Host to the Farm

In our case, DrupalWeb1 will become the primary server

This host contains the Drupal web site(s) to be served by the farm (can be added later)

Add Secondary Hosts to the Farm

URL Rewrite RulesCreate local URL Rewrite rules. This is the base

of the redirection process!

Platform ProvisioningAt this point, platform and application

synchronization between the hosts takes place.

Platform tools and frameworks that are available on the primary server get installed on the other servers.

Afterwards, application pools, sites and applications will be synchronized

Provisoning can be started manually

Check secondary web farm hosts afterwards

Platform Provisioning

ARR – Configure Health Test

ARR – Check Health Test

ARR – Set Affinity Cookie

Note: a distributed session management should also be evaluated.

The “drupalwp” User Create a common user on:

DrupalFileServerDrupalWeb1DrupalWeb2

No privileges requirednet user drupalwp Passw0rd /addwmic path Win32_UserAccount where

Name=’drupalwp' set PasswordExpires=falseCheck that the user password is not set to expire

Repeat on all the above hosts

WP IdentityOn the primary server, in IIS Manager, open the

server node, click on Application Pools and on the Drupal web site application pool.

Click on “Advanced Settings…”

Change the Identity to the drupalwp user and set it to “drupalwp”

In the PHP.ini configuration file on the PHP version used by the Drupal web site, set fastcgi.impersonate = 0

For performance, make sure also that WinCache is enabled.

Shared Storage AccessDrupal requires a shared “files” directory accessed by

the web farm hosts

Can be hosted on a SMB share

As an alternative FS sync solutions could be applied DFS, rsync, WebDeploy, etc

A valid user must exist on the web farm hosts and on the file server. It can be: A domain account A local user with same username and password

Proper permissions need to be set on the SMB share

Folder PermissionsCreate a directory where you want to store your

Drupal shared dataE.g: C:\Data\MyNewDrupalSiteAdd write permissions for the user “drupalwp”

SMB ShareCreate an SMB share for the directory and add

read/write permissions for the user “drupalwp”

CLImd C:\Data\MyNewDrupalSite

icacls C:\Data\MyNewDrupalSite /grant drupalwp:(OI)(CI)(RX,W)

net share MyNewDrupalSite=C:\Data\MyNewDrupalSite /grant:wpuser,Change

Troubleshoot SMB Access From the web farm hosts (DrupalWeb1, DrupalWeb2) try to

access the shared folder with the identity of the WP user:

Runas /u:drupalwp cmd

In the drupalwp command prompt:

net use \\drupaltest05\MyNewDrupalSite\

echo test > \\drupaltest05\MyNewDrupalSite\test.txt

dir \\drupaltest05\MyNewDrupalSite\

File exists: ok

del \\drupaltest05\MyNewDrupalSite\test.txt

Drupal ConfigurationLog on the drupal web site as administrator and

go to: Administer -> Site Configuration -> File System

Set the “File System”, “Temp” path on the shared storage area.Create a separate share on the file server for the

“Private” path if necessary

Drupal Configuration

Drupal 6 CaveatDrupal 6.19 published on WebPI doesn’t support

UNC paths. This can be easily solved with the following code patch:

File includes/file.inc

Line 126

Original if (!is_writable($directory)) {

Modified if (!touch($directory)) {