lap around iis7 ashish jaiman isv ae [email protected] microsoft confidential
Post on 18-Dec-2015
217 views
TRANSCRIPT
IIS 6 Today: A Proven Platform• Proven Scalability• MySpace - 23 Billion Page* Views/Month• Microsoft.com - 10k Req/sec & 300K Connections• Match.com 30 million page view daily
• Proven Security• No critical IIS 6 hotfixes since RTM*
• Proven Trust• 54% of Fortune 1000 use IIS
(port80software.com)
• A solid foundation to build on. *(as of Nov 28th 2006)
Internet Information Services (IIS) 7.0More than a Web server, Internet Information Services 7.0 provides an accessible, extensible platform for developing and reliably hosting Web applications and services.
IIS 7.0 IIS 7.0 EnhancementsEnhancements
Reduced Reduced Attack Attack SurfaceSurface
Create Create StreamlinStreamlined Serversed Servers
Rapid Rapid Application Application DeploymentDeployment
Extend/Modify Extend/Modify IIS FeaturesIIS Features
Fast Fast DiagnosticsDiagnostics
Modular ArchitectureModular Architecture
Extensible DesignExtensible Design
Integrated with .NETIntegrated with .NET
ManageableManageable
Built in Request Built in Request TracingTracing
Modular Design• Modular Pipeline• Features are provided in discrete modules• Remove or replace modules as you see fit
• Reduce security exposure• Reduce memory footprint• Increase performance
• Add Custom Modules in native or manage code• Leverage the power of .NET for all content• Integrate with specialized infrastructure• Easily incorporate new technologies
• Modular UI• Add custom pages to UI (Winforms)• Integrate Application configuration with IIS
AuthenticationAuthentication
IIS6 Request Processing
Send ResponseSend ResponseLogLogLogLog CompresCompres
ssCompresCompres
ss
NTLMNTLMNTLMNTLM BasicBasicBasicBasic
Determine
Handler
Determine
Handler
CGICGICGICGI
StatiStatic Filec FileStatiStatic Filec File
AnonAnonAnonAnon
Monolithic Monolithic implementationimplementation Install Install all or all or nothing…nothing…
Extend server functionality Extend server functionality only through only through ISAPI…ISAPI…
ASP.NET
ASP.NET
PHPPHPISAPIISAPIISAPIISAPI
…
…
IIS7 Request Processing
Send ResponseLogLogLogLog CompresCompres
ssCompresCompres
ss
NTLMNTLMNTLMNTLM BasicBasicBasicBasic
Determine
Handler
Determine
Handler
CGICGICGICGI
StatiStatic Filec FileStatiStatic Filec File
ISAPIISAPIISAPIISAPI
AnonAnonAnonAnon
Authentication
SendResponse
Authentication
Authorization
ResolveCache
ExecuteHandler
UpdateCache
…
…
Server functionality is Server functionality is split into ~ 40split into ~ 40 modulesmodules......
Modules plug into a Modules plug into a generic request generic request pipeline…pipeline…
ModulesModules extend extend server functionality server functionality through a public through a public module API.module API.
…
…
IIS 7 Modularity
Extensibility• IIS 6 • IIS 6 extensibility limited to ISAPI filter and
extensions• UI modifications in MMC are challenging• Difficult to extend IIS 6 Schema• Web service activation using http only
• IIS 7• Custom native or manage code modules and
handlers• Easy to add your apps to UI• Simple to extend IIS 7 schema• Instrument apps to integrate with IIS 7 tracing• Host web services using non-http protocols
IIS 7 Extensibility
.NET Integration
• Simplifies security and administration• Leverage the power of .NET for all
content with managed global modules• Forms Authentication• URL Authorization• .NET Caching• .NET Role and Membership Providers
• New APIs manage both IIS 7 and .NET• Enables Xcopy deployment scenarios
AuthenticationAuthentication
IIS6 ASP.NET Integration• Runtime limitations• Only sees ASP.NET
requests• Feature duplication
Send ResponseSend ResponseLogLogLogLog CompresCompres
ssCompresCompres
ss
NTLMNTLMNTLMNTLM BasicBasicBasicBasic
Determine
Handler
Determine
Handler
CGICGICGICGI
StatiStatic Filec FileStatiStatic Filec File
ISAPIISAPIISAPIISAPI
AnonAnonAnonAnon
…
…
AuthenticationAuthenticationAuthenticationAuthenticationFormForm
ssFormForm
ssWindowWindow
ssWindowWindow
ss
Map Map HandlHandl
erer
Map Map HandlHandl
erer
ASPXASPXASPXASPX
TraceTraceTraceTrace
……………
…
aspnet_isapi.daspnet_isapi.dllll
IIS7 ASP.NET Integration
• Classic Mode• runs as ISAPI
• Integrated Mode• .NET modules /
handlers plug directly into pipeline
• Process all requests
• Full runtime fidelity
LogLogLogLog
CompresCompresss
CompresCompresss
BasicBasicBasicBasic
StatiStatic Filec FileStatiStatic Filec File
ISAPIISAPIISAPIISAPI
AnonAnonAnonAnon
SendResponseSendResponse
AuthenticationAuthentication
AuthorizationAuthorization
ResolveCacheResolveCache
ExecuteHandlerExecuteHandler
UpdateCacheUpdateCache
…
…AuthenticationAuthenticationAuthenticationAuthenticationFormForm
ssFormForm
ss WindowsWindowsWindowsWindows
Map Map HandlHandl
erer
Map Map HandlHandl
erer
ASPXASPXASPXASPX
TraceTraceTraceTrace
……………
…
aspnet_isapi.daspnet_isapi.dllll
IIS 7 .NET Integration
Management Tools
• Manage IIS and ASP.NET• View enhanced runtime data • worker processes, appdomains, executing requests
• Manage delegation• Use whichever management tool suits your needs…• Note: Powershell has recently been added to the
tools you can use! See http://iis.net for details
GUIGUICommand LineCommand LineScriptScriptManaged CodeManaged Code
IIS ManagerIIS ManagerappcmdappcmdWMI (root\WMI (root\WebAdministration)WebAdministration)Microsoft.Web.AdministraMicrosoft.Web.Administrationtion
Coding: Microsoft.Web.Administration
ServerManager iisManager = new ServerManager();
foreach(WorkerProcess w3wp in iisManager.WorkerProcesses) { Console.WriteLine("W3WP ({0})", w3wp.ProcessId); foreach(Request request in w3wp.GetRequests(0)) { Console.WriteLine("{0} - {1},{2},{3}", request.Url, request.ClientIPAddr, request.TimeElapsed, request.TimeInState); }}
New APIs enable developers to write tools to deploy, manage, and troubleshoot ASP.NET and IIS
IIS 7 Management
Rapid Troubleshooting with Failed Request Tracing• Significantly reduce need for “crash dump
analysis” • Configure custom failure definitions per URL• Time taken • “Write Trace log for 200 (ok) response taking over 15
seconds
• HTTP Status/substatus codes • “Write Trace log when you see a 500 error for
Invoice.aspx”
• Error level
• Manage with UI, WMI, API, Appcmd• Instrument applications with custom trace
event
Failed Request Tracing
Hosting Web Services in IIS 7• Windows Communication Foundation (WCF)
is part of .NET 3.0• IIS 7 will host web service in worker process• Health of worker process is managed by
Web Activation Service (WAS)• Provides “external” monitoring and recycling • Activate over TCP, Named Pipe, MSMQ, or HTTP
• Web Service can share state with an ASP.net application
• Provides high availability, managed process for web service based applications
Web Service Activation
Summary• Custom modules and handlers• Create new IIS 7 modules for the public• Provide solutions for customers with unique
requirements (ie. Custom authentication, auditing …)
• Extend reach of existing .NET handlers and modules to non ASP.NET content
• Quickly integrate new technologies
• Extend UI / Schema: integrated administration
• Deploy using new APIs • Manage with delegated administration• Diagnose with built in / extensible tracing• Provide high availability host for web
services
