290 likes | 534 Views
IIS/ASP.NET Best Practices. Clint Edmonson Architect Evangelist Microsoft Corporation. Advice for IT Pros. Offer a menu of server configurations to developers (and create using separate app pools) Provide a copy of server's ASP.NET config files to developers
E N D
IIS/ASP.NET Best Practices Clint Edmonson Architect Evangelist Microsoft Corporation
Advice for IT Pros... • Offer a menu of server configurations to developers (and create using separate app pools) • Provide a copy of server's ASP.NET config files to developers • Require a load test before allowing apps into production (at least the home page) • Implement a server change request and tracking system • Don't allow developer access to production servers
Advice for Architects... • Use an n-tiered architecture (e.g. web tier, service tier, and database tier) • Keep your UIs dumb • Develop a set of shared enterprise components & services • Security (Authorization, Authentication) • Event Logging & Notification • Database Location & Access • Service Location & Access • Encryption
Advice for Developers... • Don't hard code IP addresses, use DNS names • Assume your app will be running in a web farm • Assume you'll be sharing resources with other web apps • Assume your app will be restarted on a regular basis • Minimize your web.config complexity
IIS/ASP.NET Best Practices Shawn Travers IT Pro Evangelist Microsoft Corporation http://blogs.technet.com/shawnt
IIS7 Security • Architecture changes • Componentization • Componentization reduces attack surface and allows for server “hardening” according to business needs • Built-in accounts and groups • SID injections for IIS_IUSRS group and worker process to help with site migration without security compromise • Application Pool Isolation by default • New security management features for IT Pros • Request Filtering rules • URL Authorization rules • Secure remote management via HTTPS • Allow fine-grained control over feature delegation to non-web server administrators
XML Config Files Replace Metabase IIS 7.0 IIS 6.0, 5.0, 4.0, 3.0 IIS_schema.xml metabase.xml machine.config applicationHost.config web.config • Difficult to manage • Difficult to replicate • Machine-level depository • Requires direct server access • Decentralized • Text based • Scriptable • Extensible • Understandable • Easy to deploy • Easy to delegate
Hierarchyof Configuration Files .NET Framework settings Main IIS 7.0 settings machine.config ASP.NET settings applicationHost.config root web.config web.config web.config web.config Applications Sites Virtual Directories
Deploying Datacenters and Hosts • Minimum Install by Default • XCopy Deployment • Built-in User Accounts • Shared Hosting
Installing Modules Using Modules Selecting Modules IIS 7.0 Modules Overview • Install a module on the server (native modules only) • Enable the module in an application • Manually edit the configuration store • Use IIS Manager or appcmd.exe • Use only the modules you need • Replace core server modules with custom modules
Monitoring Performance Automatic Failed Request Tracing Reliability and PerformanceMonitor NetworkMonitor Tracing Log File
IIS7 Performance Improvements • Microsoft.com sees a 10% performance improvement overall • More powerful compression • For static and dynamic content • Default Document optimization • Output Caching • Per URL, query string and/or request headers • APIs for putting responses in the output cache • Kernel mode SSL and Windows authentication • Performance improvements • Improved Scalability • Host thousands of sites for multi-tenancy scenarios • FastCGI • Great way to run PHP on IIS
Performance Best Practices • Enable Output Caching for semi-dynamic pages • Low bandwidth Branch Offices? • Enable Dynamic Compression (~ 5% CPU overhead) • Need to run many web apps on a single box? • Run IIS worker processes in Wow64 mode • Room for the OS, scalability for your web apps • It’s an per-AppPool setting now: Enable32BitAppOnWow64 • Thinking about buying new Web Server hardware? • W2K8 scales extremely well on new multi-proc boxes (4 and 8 core) • ASP.NET op caching vs. IIS op caching vs. KM output caching
Performance Best Practices • 1000s of requests per second? • Remove modules you don’t need • You don’t know why some pages are so slow? • Turn on Failed Request Tracing and the “time-taken” feature to investigate • You * script-mapped all requests to ASP.NET in IIS6? • Integrated Pipeline is much faster than an IIS6 * scriptmap solution • Try together with IIS7 URL Authorization.
Performance Best Practices • PHP applications? • PHP on top of FastCGI is much faster than traditional CGI • The majority of your requests go to your Default Document? • Put it on top of the list • Otherwise IIS7 has to check every time • Static default documents will be cached in kernel-mode • Looking for tools to measures web server performance? • Try WCAT 6.3 from www.iis.net/downloads
IIS Summary • Better compression for static and dynamic content, as well as output caching • Kernel-mode improvements • Security by default with application isolation and built-in accounts and groups • Best practices for IT pros like putting default documents at the top of the list • Improved scalability for multi-tenancy scenarios (high site density) • Improved support for application frameworks like PHP and Python with FastCGI
TechNet Plus TechNet Plus is an essential premium web-enabled and live support resource that provides IT Professionals with fast and easy access to Microsoft experts, software and technical information, enhancing IT productivity, control and planning. Evaluate & Learn Plan & Deploy Support & Maintain • 2 complimentary Professional Support incidents for use 24/7 (20% discount on additional incidents) • Access over 100 managed newsgroups and get next business day response--guaranteed • Use the TechNet Library to maintain your IT environment with security updates, service packs and utilities • Evaluate full versions of all Microsoft commercial software for evaluation—without time limits. This includes all client, server and Office applications. • Try out all the latest betas before public release • Keep your skills current with select Microsoft E-Learning courses free each quarter • Use the TechNet Library to plan for deployment using the Knowledge Base, resource kits, and technical training • Use exclusive tools like System Center Capacity Planner to accurately plan for and deploy Exchange Server and System Center Operations Manager • Stay informed with your free subscription to TechNet Magazine. Get all these resources and more with a TechNet Plus subscription. For more information visit: technet.microsoft.com/subscriptions CODE: TMSAM12