1 / 45

Microsoft IIS7 for IT Professionals

Marcel Trümpy Platform Technology Advisor Microsoft Switzerland marcel.truempy@microsoft.com http://blogs.technet.com/chitpro-de. Microsoft IIS7 for IT Professionals. Windows Server 2008 – for the Web. Large focus on Web Workload in the enterprise and hosting world Web 2.0, SaaS , SOA

leora
Download Presentation

Microsoft IIS7 for IT Professionals

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Marcel TrümpyPlatform Technology AdvisorMicrosoft Switzerland marcel.truempy@microsoft.comhttp://blogs.technet.com/chitpro-de Microsoft IIS7 for IT Professionals

  2. Windows Server 2008 –for the Web • Large focus on Web Workload in the enterprise and hosting world • Web 2.0, SaaS, SOA • New version of Windows Web Server 2008 • Redesigned IIS7 Web Server • Deep integration with ASP.net • Interoperability with non-Microsoft languages • IIS on Windows Server Core

  3. Windows Web Server 2008: Rebuilt • Windows Web Server 2008 is built for Internet Web serving • Increased hardware limits: • 4 processors and 4GB of RAM (32 GB on x64 version) • Removed features unnecessary for web severing • Web (IIS) is only default role (two others possible): • Windows SharePoint Services, Windows Media Services (download and install) • Benefits • Small footprint, Lower Cost • Supports More Web Application Scenarios • SQL Server allowed for local Web applications • Full use rights for IIS, ASP.NET and .NET FX 3.0

  4. IIS7

  5. IIS 6 facts: A Proven Platform • Proven Scalability • MySpace - 23 Billion Page* Views/Month • Microsoft.com - 10k Req/sec & 300K Concurrent Connections • Match.com -30 million page view daily • Proven Security • No critical IIS 6 hotfixes since RTM • Proven Trust • 54% of Fortune 1000 use IIS (port80software.com) A solid foundation to build on.

  6. IIS 6: No Critical fixes since RTM* *As of 4/4/07

  7. What You Have Taught UsIIS 6.0 Customer feedback revealed: • Site density on shared servers is too low • Configuration corruption and replication issues • Too few options for site owner administration • Site/server failures too difficult or too long to troubleshoot • Not enough flexibility for customization • Current support for PHP apps is inadequate

  8. IIS7: Major Changes • New Modular Architecture and Request Pipeline • Redesigned Configuration System • New UI and Suite of Management Tools • Deep ASP.Net Integration • Detailed Tracing and Troubleshooting Tools • Delegated Remote Administration • Granular Feature Delegation • Shared Configuration for Web farms • FastCGI Module for PHP Hosting

  9. IIS6 Architecture - Request Processing Monolithic implementationInstall all or nothing… Authentication NTLM Basic Anon … Determine Handler CGI Static File ASP.NET ISAPI PHP … Send Response Extend server functionality only through ISAPI… Log Compress

  10. IIS7 Architecture - Request Processing Server functionality is split into ~ 40 modules... Authentication Authentication NTLM Basic Anon Authorization Modules plug into a generic request pipeline… … ResolveCache Determine Handler CGI … Static File Modules extend server functionalitythrough a public module API. ExecuteHandler ISAPI … … UpdateCache Send Response SendResponse Log Compress

  11. Many, Many Modules Install, manage, and patch only the modules you use… • Reduces attack surface (10 modules installed by default) • Reduces in-memory footprint • Provides fine grained control • Replace server modules provided by Microsoft with your own customcomponents, or add new components from  IIS.NET • BEWARE of how to take them off!Server Manager & OCSetup vs. IIS Manager

  12. Installing IIS7 & Modules demo

  13. IIS7 on Windows Server Core

  14. Under the Hood: IIS7 Components Not on Server Core

  15. IIS on Server Core Scenarios IIS Server Core installation Classic ASP Web Server PHP Web Server CGI and ISAPI Web Server Static file Web Server (images, Office documents, etc.) Lean, efficient footprint Minimal surface of attack and maintenance Headless (remote) management

  16. IIS Support on Server Core • Ultimate low footprint web server • Lower memory requirement • Lean OS configuration • Minimize attack and maintenance surface • Seamless integration with IIS7’s new componentized architecture • Powerful IIS command-line management interface • “Reusable” WMI and AppCmd scripts and batch files

  17. Installing IIS7 & Moduleson Windows Server Core demo

  18. Getting Started with IIS on Server Core OCList OCSetup PKGMGR OCSetup AppCmd MWA WMI AppCmd MWA

  19. Best Practices: Deployment • Installing IIS 7.0 features • OCList for dependencies • OCSetup to install components + dependencies • Enable remote acess and configuration start /wait ocsetup IIS-WebServerRole;WAS-WindowsActivationService;WAS-ProcessModel;IIS-WebServer netshadvfirewall firewall set rule group="Remote Administration" new enable=yes winrm set winrm/config/client @{TrustedHosts="iiscoredemo"}

  20. Configuration & Management

  21. Config System – Redesigned, Portable • No more metabase.bin or metabase.xml files! • Configure IIS and ASP.NET properties in the same file • Built for simple, schema-based extensibility • Machine Independent • Can be shared across multiple machines Metabase .Config XML

  22. Sever and Site Config Files Server • ApplicationHost.config • Administration.config • Server Wide Settings • Global Feature Delegation • IIS Manager Users Individual Site Changes Sites Server Changes “Global”

  23. Configuration System .NET + IIS7 .NET Framework Web.config Machine.config Global web.config ASP.net global settings .NET global settings <system.web>.NET settings IIS 7 Server Applicationhost.config <system.webServer>IIS7 Delegated settings Global settings and location tags

  24. IIS 7.0 Management PowerShell appcmd.exe XML config files

  25. Management / Admin Tools demo • IIS Manager- Notepad- Windows PowerShell • Appcmd

  26. Centralized Configuration

  27. Shared Configuration for Web Farms demo

  28. Remote Administration &Feature Delegation

  29. DCOM only, not a firewall-friendly protocol No way to delegate control of sites or applications Windows administrators only IIS 6.0 Remote Administration XML MetaBase Developers Site Owners Application Owners Administrator

  30. IIS7 Remote Administration IIS7 XML XML Internet applicationHost.config web.config • Administrators can manage entire Web server • Almost the same as sitting at the box • Managing sites and applications • Admins and non-admins • Windows users and IIS manager users • Control of site and application settings • Administrator decides what non-admins can view/change (feature delegation) • HTTPS based • Secure firewall-friendly protocol Developers Site Owners Application Owners Administrator

  31. Delegating Permissions App2 App1 wwwroot

  32. Administrator decides which features non-admins can control Site owners control delegated settings No elevated privileges required! Delegated settings are in web.config Site or nested at application level Shares web.config with ASP.NET configuration Xcopy deploy configuration and content Take precautions to protect overwrites Feature Delegation

  33. Delegated Not delegated Hidden and not delegated

  34. Feature Delegation &Remote Administration demo

  35. Web Publishing

  36. Web Publishing in IIS Overview • Microsoft ships the following for Windows Server 2008: • A brand-new, feature-rich FTP service • An updated, feature-compatible version of FPSE • A redesigned WebDAV implementation • All are available as free downloads: • http://www.iis.net

  37. FTP 7; Integration with IIS 7.0 Configuration • Current Scenario: IIS administrators needed to create two sites in the past. • Cause: HTTP and FTP sites stored their settings separately. • Solution: FTP 7 integrates with the IIS 7.0 configuration system.

  38. FTP 7; Hosting Improvements: Virtual Hosts • Current Scenario: Hosting multiple FTP sites requires unique IP addresses. • Cause: FTP protocol architecture lacks the flexibility of HTTP’s host headers. • Solution: FTP 7 introduces “virtual host” support.

  39. FTP 7; Hosting Improvements: User Isolation • Current Scenario: FTP user isolation in IIS 6 required physical directories. • Cause: FTP user isolation infrastructure could not support virtual directories. • Solution: FTP 7 user isolation allows both virtual and physical directories.

  40. FTP 7; Hosting Improvements: Disk Quotas • Current Scenario: Server administrators have no way to limit disk usage for FTP sites. • Cause: FTP does not support quotas. • Solution: FTP 7 integrates with File Server Resource Manager directory quotas in Windows Server 2008.

  41. FTP with IIS7 demo

  42. IIS.NET: Home for IIS Community! • In-depth technical articles and samples • Connect with other IIS experts on blogs & forums • Free advice and assistance in forums • Download centre with IIS solutions

  43. Non-Microsoft Publications These books can be found at all major book stores and online retailers

  44. Training Resources For training information and availability:www.microsoft.com/learning

  45. © 2007 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

More Related