1 / 31

DESY WindowsNT Web-Services

DESY WindowsNT Web-Services. Henner Bartels DESY WindowsNT Group. Abstract. I will present the DESY WindowsNT solution for providing web services to our NT community.

watson
Download Presentation

DESY WindowsNT Web-Services

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. DESY WindowsNT Web-Services Henner Bartels DESY WindowsNT Group SLAC HEPNT / HEPIX Meeting October 4. - 8. 1999

  2. Abstract • I will present the DESY WindowsNT solution for providing web services to our NT community. • As an example for web-based computing an intranet application scenario displaying our NT domain management tools will be reviewed. SLAC HEPNT / HEPIX Meeting October 4. - 8. 1999

  3. Topics of Discussion • Motivations for implementing NT-based web-services • Implementation of our IIS-cluster • Application design considerations • NT domain management scenario SLAC HEPNT / HEPIX Meeting October 4. - 8. 1999

  4. Motivations for Implementing NT-based Web-services • Demands of the WindowsNT group • Requests of DESY groups • End-user support SLAC HEPNT / HEPIX Meeting October 4. - 8. 1999

  5. Demands of the WindowsNT Group • Increasing demands for web-based, cross-platform capable computing • NT domain administration • MS BackOffice family relies on services provided by IIS • Exchange, Office, WebDAV • MTS, MSMQ • Simplified global collaboration and data exchange SLAC HEPNT / HEPIX Meeting October 4. - 8. 1999

  6. Requests of DESY Groups • Complex web sites needed without having to setup a dedicated web server • None or minimal management overhead desired • Server-side scripting (e.g. CGI, ASP) • Access to other domain resources • Secured and closed forums SLAC HEPNT / HEPIX Meeting October 4. - 8. 1999

  7. Group Webs • Group web spaces appear as sub-directories in the WindowsNT web • Full server-side scripting support including Perl, VBScript and others • Domain resources can be accessed using ActiveX, ADO, ADSI and MTS • No management overhead • No support for https (using NT ACLs) SLAC HEPNT / HEPIX Meeting October 4. - 8. 1999

  8. End-User Support • Personal web pages(e.g. www.desy.de/~hbartels) • Available to users with Unix accounts • No solution for non-Unix users or those preferring to create content on NT without the hassle of file-transfer SLAC HEPNT / HEPIX Meeting October 4. - 8. 1999

  9. Personal WebPages • Now fully supported(e.g. desyntwww.desy.de/~hbartels) • Web content located in the user home directory • No server-side scripting (security!) • No support for https (using NT ACLs) • A platform-independent solution is still pending SLAC HEPNT / HEPIX Meeting October 4. - 8. 1999

  10. Implementation of Our IIS-cluster • Key requirements • Server configuration • Cluster setup • Data flow • Manageability • Drawbacks SLAC HEPNT / HEPIX Meeting October 4. - 8. 1999

  11. Key Requirements • Scalable and robust solution • Simple to manage • Highly integrated with MS BackOffice • Security using SSL, NTFS • Content stored where user and group data are located • Server-side scripting using WSH SLAC HEPNT / HEPIX Meeting October 4. - 8. 1999

  12. Server Configuration • Compatible industry PC equipped with: • Pentium II running at 350 MHz • 256 MB RAM • 2 IDE Disks (mirrored, < 1 GB used) • 2 NICs (1 onboard / 1 PCI card) • NT Enterprise Server, SP 5 • IIS, Index Server, related Hot-Fixes • Active State Perl SLAC HEPNT / HEPIX Meeting October 4. - 8. 1999

  13. Cluster Considerations To provide service reliability clustering technologies are employed • MS Cluster Server (Wolf Pack) • Fail-Over Server without load-balancing • Requires (expensive) hardware • Windows Load Balancing Service • No Fail-Over • IP-based load-balancing (up to 32 nodes) • In case a node fails only those connections will have to reconnect SLAC HEPNT / HEPIX Meeting October 4. - 8. 1999

  14. How WLBS Works • Cluster NIC sharesIP address andMAC on all nodes • Handles Clustertraffic and inboundconnections • The dedicatedNIC manages theestablished connections SLAC HEPNT / HEPIX Meeting October 4. - 8. 1999

  15. Switch Hub Cluster Setup SLAC HEPNT / HEPIX Meeting October 4. - 8. 1999

  16. Switch Hub Client Data Flow SLAC HEPNT / HEPIX Meeting October 4. - 8. 1999

  17. Manageability • Cluster nodes can be managed using MS Management Console • Configuration changes have to be replicated using scripts (ADSI) • Management of Group Webs will be implemented using a web interface • Setting / Removing IP restrictions • Enabling / Disabling HTTPS • Set directory access rights SLAC HEPNT / HEPIX Meeting October 4. - 8. 1999

  18. Drawbacks • IIS 4.0 is designed to store content on local disks • Some ISAPI filters (e.g. .hqx) will not work properly • FrontPage Server extensions can not be used • When using HTTPS connections no ACL check is performed, however delegation is properly handled SLAC HEPNT / HEPIX Meeting October 4. - 8. 1999

  19. Application Design Considerations • Supported clients • Client requirements • Maintaining state information • Using XML / XSL SLAC HEPNT / HEPIX Meeting October 4. - 8. 1999

  20. Supported Clients • Netscape 3 • Windows 3.11 (NICE) • Netscape 4+ • Standard Unix Browser • Internet Explorer 4+ • Standard(?) NT Browser • Internet Explorer 5 is expected to be the next standard viewer on NT SLAC HEPNT / HEPIX Meeting October 4. - 8. 1999

  21. Client Requirements To provide a visually appealing and dynamic environment clients have to support: • Frames • At least JavaScript 1.1 • Layers (used in some applications) • No Plug-Ins • No Java /ActiveX SLAC HEPNT / HEPIX Meeting October 4. - 8. 1999

  22. Maintaining State Information • Use of Cookies • Cookies are usually disabled • Abuse URLs search part to communicate session state • Difficult to maintain with static pages • Interference when search part is used to transport queries or form data • Use global JavaScript variables stored in top-level frame-set • JavaScript has to be enabled SLAC HEPNT / HEPIX Meeting October 4. - 8. 1999

  23. Using XML / XSL • XML data and accompanying DTDs are used to: • Provide data used in multiple pages • Store configuration information • Markup data displayed by scripts • XML data is processed on the server • XSL will be used to transform data for clients with disabled scripting engines SLAC HEPNT / HEPIX Meeting October 4. - 8. 1999

  24. NT Domain Management Scenario • DESY requirements • Commercial solutions • Application design • Remote scripting object • Live demonstration SLAC HEPNT / HEPIX Meeting October 4. - 8. 1999

  25. DESY Requirements (I) • Computer and user management at DESY is handled by three groups • User Consulting Office (UCO) • Group administrators • WindowsNT domain administrators • Tasks and scope of authorization vary slightly • Changes of user properties • Removing a computer from the domain • Creation of new groups SLAC HEPNT / HEPIX Meeting October 4. - 8. 1999

  26. DESY Requirements (II) • Setting of license-, inventory- and other management information Most of these tasks require elevated privileges, however the number of staff with administrative rights must be small SLAC HEPNT / HEPIX Meeting October 4. - 8. 1999

  27. Commercial Solutions • Commercial solutions (e.g. TEM) are providing: • Fine-grained control over the various NT management options • NT based management clients • They require time to setup and maintain proper configuration • They do not come with a web-based client • They can not be adopted to reflect site-specific or non-NT related tasks SLAC HEPNT / HEPIX Meeting October 4. - 8. 1999

  28. Application Design • We have implemented a framework that dynamically adopts to the privileges of the connecting user • Different views exist for managing users, web configuration and miscellaneous tools • Dynamic HTML, client and server-side scripting are providing an advanced and consistent user interface • The DESY Scripting Host (DSH) is used to gather data and perform requested actions with the required privileges SLAC HEPNT / HEPIX Meeting October 4. - 8. 1999

  29. Usage SLAC HEPNT / HEPIX Meeting October 4. - 8. 1999

  30. Summary • We have implemented an IIS-based web server using current clustering and load-balancing technologies • We were able to show the availability of our solution by hosting multiple Group Webs over a period of several month • Web-based applications have been successfully implemented and demonstrated no undesired behavior even after forcing cluster nodes to shut down SLAC HEPNT / HEPIX Meeting October 4. - 8. 1999

  31. Next Steps • Automation of cluster management • Extending available tools • Better modularization of components • Migration to IIS 5.0 • Support for WebDAV SLAC HEPNT / HEPIX Meeting October 4. - 8. 1999

More Related