1 / 33

VS2010 Sandboxed Solutions

Dave Milner Blog: www.davemilner.com Twitter: @ davemilner Email: dave@deluksolutions.com. VS2010 Sandboxed Solutions. Outline. MOSS2007 / WSS3.0 & Application Customization 2010 Sandboxed Solutions Executing Code in the Sandbox Sandbox Resource Monitoring.

berny
Download Presentation

VS2010 Sandboxed Solutions

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Dave Milner Blog: www.davemilner.com Twitter: @davemilner Email: dave@deluksolutions.com VS2010 Sandboxed Solutions

  2. Outline • MOSS2007 / WSS3.0 & Application Customization • 2010 Sandboxed Solutions • Executing Code in the Sandbox • Sandbox Resource Monitoring

  3. MOSS 2007 / WSS 3.0 Challenge • Developers – design, build, test custom solutions Developer

  4. MOSS 2007 / WSS 3.0 Challenge • Developers – design, build, test custom solutions • Administrators can only secure solutions through CAS • Administrators can’t see into custom code Developer Administrator

  5. MOSS 2007 / WSS 3.0 Challenge • Developers – design, build, test custom solutions • Administrators can only secure solutions through CAS • Administrators can’t see into custom code • Site collection owners activate & use customizations Developer Administrator Site Collection Owner

  6. MOSS 2007 / WSS 3.0 Challenge • Memory leaks • Undisposed objects • Resource consumption issues • Site outages / farm down scenarios • Single largest cause of SharePoint support cases: Custom Code Farm / Site Issues

  7. Outline • MOSS2007 / WSS3.0 & Application Customization • 2010 Sandboxed Solutions • Executing Code in the Sandbox • Sandbox Resource Monitoring

  8. Sandboxed Solutions • Allow a subset of ‘full’ solution features • Code executes in sandbox • Are deployed by a Site Collection administrator • Stored in the Solution Gallery

  9. SharePoint 2010 Solution • Developers – design, build, test custom solutions Developer

  10. SharePoint 2010 Solution • Developers – design, build, test custom solutions • Site collection owners deploy, activate, implement customizations Developer Site Collection Owner

  11. SharePoint 2010 Solution • Developers – design, build, test custom solutions • Site collection owners deploy, activate, implement customizations • Administrators leverage resource monitors to check usage • Automatic “throttling” & turning off of problem solutions Developer Site Collection Owner Administrator

  12. 10 Reasons for Sandboxed Solutions • More secure • Can be monitored • Do not affect other site collections • Do not touch file system • Skip application pool recycles – easier debugging • Management migrates to site collection owner. • Easier to manage than CAS policies • Extensible Solution validation framework – inherit from SPSolutionValidator • Remove need for pre-deploy code review. • Allow different SLA’s to site collections via Resource Quotas

  13. Best Practices • As of #SPC – Sandboxed solutions are recommended more and more over farm solutions • Sandboxed solutions are portable to SharePoint online environment • Where limitations are found – farm solutions • New Education for Devs & Admins

  14. Installing & Running Sandboxed Solution demo

  15. Outline • MOSS2007 / WSS3.0 & Application Customization • 2010 Sandboxed Solutions • Executing Code in the Sandbox • Sandbox Resource Monitoring

  16. 2 • 1 • 5 • 6 • 7 • 4 • 3 Sandboxed Solutions Process Per-WFE AssemblyCache RootSPWeb of SPSite <siteguid>\company.intranet.webpart.wsp\company.intranet.dll Solution gallery Web Part gallery Sandboxed Code Serice WebParts.wsp

  17. Sandbox Solution Execution Details

  18. The Subset Object Model • In general • SPSite and below • No SPSecurity • No SPSite construction SPSite SPWeb SPList SPListItem

  19. Sandbox and Code Access Security AspNetHostingPermission, Level=Minimal SharePointPermission, ObjectModel=true SecurityPermission, Flags=Execution Sandbox My.dll wss_usercode.config Other.dll System DLL User Code SharePoint DLL Full Trust Framework Code SharePoint OM API Block List

  20. Compiling vs. Executing Sandboxed Solutions MyWebPart.dll • Visual Studio 2010uses IntelliSense tohide full-trust types • All code is compiled against the full API • Thus, no “sandbox” check at compile time… only at runtime • Workaround: change the Microsoft.SharePoint.dll project reference to reference the sandbox’s version • [..]\14\UserCode\Assemblies\Microsoft.SharePoint.dll • NOTE: Switch it back before deployment! • Use this as a temporary test - do not deploy code that references the sandbox’s assembly Runtime Full Object Model Subset Object Model Proxy

  21. Supported in Sandbox Solutions • List definitions • List instances • Onet.xml • WebTemplate Feature element instead of Webtemp.xml • Content Types / Fields • Navigation • Module / Files • Feature Callouts • Web Parts (not Visual Web Parts) • Event receivers • Custom Actions • Workflows

  22. Not supported in Sandbox Solutions • Custom Action groups • HideCustomAction element • Content Type Binding • Web Application scoped Features • Farm scoped Features • Programmatic workflow • Event Receivers • SPLimitedWebPartManager • Timer Jobs • Visual Web Parts

  23. Creating a Sandboxed Solution with VS 2010 demo

  24. Outline • MOSS2007 / WSS3.0 & Application Customization • 2010 Sandboxed Solutions • Executing Code in the Sandbox • Sandbox Resource Monitoring

  25. Sandbox Solution Monitoring • Site collection quotas specify the warning and hard limits for number of resources that can be used per day • Sum of resource measures are taken across solutions deployed to site collection • i.e.: add up CPU Points for all solutions • Max of resource utilization measures checked against site collection quota to determine if it should be throttled/blocked

  26. Resource Monitoring Processing

  27. Monitored Resources

  28. Sandbox Solution MonitoringCase Study • Web Part in a sandbox solution executes 40 SQL queries (via the SharePoint OM) • 20 SQL Queries = 1 point (default) • Resource usage for this Web Part for the day: • = (2 points * # of executions throughout the day) + other counters • OOTB resource quota = 300, so one execution of this Web Part = 0.67% of site collection’s daily allocation

  29. Managing Sandbox Solutions • Configure site collection quotas from Central Administration • Site collection owners can manage and view resource usage from Site Settings » Solution Gallery • PowerShell administration  • Get-SPSite | foreach-object {$_.Quota.UserCodeMaximumLevel = 300} • Get-SPSite | foreach-object {$_.Quota.UserCodeWarningLevel = 100} • You can also block completely certain solutions in farm level • Can be managed from Central Admin level

  30. Load Balancing Sandboxed solutions can be run in two modes: • Local Mode: • Execute code on Web front end • Low administration overhead • Lower scalability • Remote Mode: • Execute on dedicated SharePoint servers • Load balanced distribution of code execution requests • Create custom Load balancers

  31. Solution Validation • Restrict the solutions that are allowed to run • Install with a farm level feature [GuidAttribute("34805697-1FC4-4b66-AF09-AB48AC0F9D97")] • publicclassPublisherValidator:SPSolutionValidator{ [Persisted] List<string>_allowedPublishers; publicoverridevoidValidateSolution( SPSolutionValidationProperties properties){ } publicoverridevoidValidateAssembly( SPSolutionValidationPropertiesproperties, SPSolutionFileassembly){ } }

  32. Exploring Central Administration & Solution Gallery demo

  33. Sandboxed Solutions Q & A

More Related