Performance

Using IIS7 And Application Request Routing as Load Balancer – Part 2

15. February 2010

In part 1 I explained why I needed a load balancer that was capable of doing smart balancing decisions using more than just IPs and why I decided to use IIS7 and Application Request Routing (ARR). In this part I will give a detailed explanation of how to setup ARR on Windows Server 2008 R2 Web Server Core.

Server Core provide the following benefits over traditional installations according to Microsoft:

• Reduced maintenance
• Reduced attack surface
• Reduced management
• Less disk space required

I concluded that the above points is quite important for a load balancer, as you don’t want it to spend its resources on anything else than load balancing.

In this guide I will walk you through the steps needed to install Windows Server 2008 Web Server Core. Secondly I will show you how to create the necessary scripts to automate about 99% of the installation and configuration of ARR.

Before we dig deep, here’s a short description of the setup I used for my ARR environment:

Two Web Servers with:

• 3 websites running both SSL and normal HTTP
• Each website needed its own IP
• Each website needed its own SSL certificate

ARR Server:

• In order to avoid the “clients NAT’ed behind one IP” problem, I needed to configure ARR Server Affinity to UseCookie.
• As for the Load Balancing Algorithm I used Weighted Round Robin (you should look into the other alternatives that suite your needs)
• The ARR server is responsible for distributing traffic to two web servers mentioned above

All of the above can of course be changed in the scripts that I’ll be showing later to suite your configuration needs. Below is an illustration of the infrastructure:



Installing Windows Server 2008 R2 Web Server Core:

1. Install Windows Server 2008 R2 Web – Server Core
2. Set password for admin (when prompted)
3. Rename server:
   NETDOM renamecomputer %computername% /newname:[nameOfServer]
4. Restart:
   shutdown /r /t 0
5. Set static IP:
   netsh interface ipv4 set address "Local Area Connection" static [IP] [Subnet] [Gateway]
6. Set Primary DNS server:
   netsh interface ipv4 add dnsserver "Local Area Connection" [IP]
7. Set Secondary DNS server:
   netsh interface ipv4 add dnsserver "Local Area Connection" [IP] index=2
8. If you want the server to join a domain:
   netdom join %computername% /domain:[domainname] /userd:[username] /passwordd:*
9. Restart:
   shutdown /r /t 0
10. If you want to enable Remote Desktop:

    For Vista/Win7/2008 clients:
    cscript %windir%\system32\SCRegEdit.wsf /ar 0
    
    For earlier clients:
    cscript %windir%\system32\SCRegEdit.wsf /cs 0
    
    For both new and earlier clients run both of the above

11. If you want to allow remote MMC management (e.g. to simplify managing users etc):
    netsh advfirewall firewall set rule group="Remote Administration" new enable=yes
12. Activate Windows:
    start /w slmgr.vbs –ipk [key]
    start /w slmgr.vbs –ato

Now the server is ready for ARR installation and configuration, but since the OS is a server core, creating some scripts to automate this procedure is very helpful. Next I will show you the scripts I created and used, which hopefully will make this task easier for you than for me :-) I’ve made all the files and scripts available in this zip file.

Creating script for installing SSL certificates (do this on some client computer, not the ARR Server):

Note: You can skip this section (except step 1 and 2) if you’re not using SSL.

1. Create a folder called ARRInstall
2. In the ARRInstall folder, create a new folder called Utils
3. Download capicom_dc_sdk.msi and place MSI in the Utils folder
4. Download winhttpcertcfg.msi and install with default options on a client computer
5. Browse to C:\Program Files (x86)\Windows Resource Kits\Tools\ and copy winhttpcertcfg.exe into your Utils folder
6. Create a folder called Certificates in your ARRInstall folder
7. The above folder must contain all your certificates (both with and without private keys). For my setup this looks like this:

   ARRInstall 
     |– Certificates 
           |– site1.torresdal.net.cer 
           |– site1.torresdal.net.pfx 
           |– site2.torresdal.net.cer 
           |– site2.torresdal.net.pfx 
           |– site3.torresdal.net.cer 
           |– site3.torresdal.net.pfx
   

8. Copy the script below, read comments in script and modify accordingly. Then save the script as _SetupCertificates.cmd in the ARRInstall folder:
   

   @echo off
   
   echo Installing CAPICOM...
   
   echo.
   
   msiexec /qn /i "%~dp0Utils\capicom_dc_sdk.msi"
   
   
   echo Removing existing certificate from store...
   
   REM Example:
   
   REM certutil -delstore Root "blog.torresdal.net"
   
   certutil -delstore Root "[certificate name]"
   
   
   echo Removing SSL certificate from IIS...
   
   netsh http delete sslcert ipport=0.0.0.0:443
   
   
   echo Installing certificates...
   
   echo.
   
   
   REM Example:
   
   REM certutil -f -addstore Root "%~dp0Certificates\blog.torresdal.net.cer"
   
   certutil -f -addstore Root "%~dp0Certificates\[certificate name].cer"
   
   
   IF EXIST "%PROGRAMFILES%\Microsoft CAPICOM 2.1.0.2 SDK" (
   
       SET capicompath="%PROGRAMFILES%\Microsoft CAPICOM 2.1.0.2 SDK\Samples\vbs\cstore.vbs"
   
       SET cscript=%windir%\system32\cscript.exe
   
   )
   
   
   IF EXIST "%PROGRAMFILES(x86)%\Microsoft CAPICOM 2.1.0.2 SDK" (
   
       SET capicompath="%PROGRAMFILES(x86)%\Microsoft CAPICOM 2.1.0.2 SDK\Samples\vbs\cstore.vbs"
   
       SET cscript=%windir%\syswow64\cscript.exe
   
   
       ECHO Setting up CAPICOM for 64 bits environment...
   
       copy /y "%PROGRAMFILES(x86)%\Microsoft CAPICOM 2.1.0.2 SDK\Lib\X86\capicom.dll" %windir%\syswow64
   
       %windir%\syswow64\regsvr32.exe /s %windir%\syswow64\capicom.dll
   
   )
   
   
   REM Example:
   
   REM %cscript% /nologo %capicompath% delete -l LM -subject "blog.torresdal.net" -noprompt
   
   %cscript% /nologo %capicompath% delete -l LM -subject "[certificate name]" -noprompt
   
   
   REM Example:
   
   REM %cscript% /nologo %capicompath% import -l LM "%~dp0Certificates\blog.torresdal.net.pfx" "somePassword"
   
   %cscript% /nologo %capicompath% import -l LM "%~dp0Certificates\[certificate name].pfx" "[password]"
   
   
   REM Example:
   
   REM "%~dp0Utils\winhttpcertcfg.exe" -g -c LOCAL_MACHINE\My -s blog.torresdal.net -a "IIS_IUSRS"
   
   "%~dp0Utils\winhttpcertcfg.exe" -g -c LOCAL_MACHINE\My -s [certificate name] -a "IIS_IUSRS"
   
   
   echo.
   
   echo ============================
   
   echo Certificates Setup finished!
   
   echo ============================
   
   
   REM pause
   
   :end
   

9. Your folder structure should now look like this:
   
   ARRInstall 
     |– Certificates 
           |– site1.torresdal.net.cer 
           |– site1.torresdal.net.pfx 
           |– site2.torresdal.net.cer 
           |– site2.torresdal.net.pfx 
           |– site3.torresdal.net.cer 
           |– site3.torresdal.net.pfx

     |– Utils

           |– capicom_dc_sdk.msi

           |– winhttpcertcfg.exe

     |– _SetupCertificates.cmd

Create script for installing and configuring ARR:

1. Download the x64 installer for ARR from the ARR website: http://www.iis.net/expand/ApplicationRequestRouting
2. Copy the downloaded file (ARRv2_setup_x64.EXE) into the Utils folder
3. Download IIS7Util.exe which I’ve made available for you on my site. (The source code can be found at the foaf-ssl-dotnet project. Just browse code and search for “iis7util”, to make it clear where I got it from :-))
4. Copy the IIS7Util.exe into the Utils folder
5. Copy the script below, read comments in script and modify accordingly. Then save the script as InstallARR.cmd in the ARRInstall folder. You should then have this file structure:

   ARRInstall 
     |– Certificates 
           |– site1.torresdal.net.cer 
           |– site1.torresdal.net.pfx 
           |– site2.torresdal.net.cer 
           |– site2.torresdal.net.pfx 
           |– site3.torresdal.net.cer 
           |– site3.torresdal.net.pfx

     |—Utils

           |– ARRv2_setup_x64.EXE

           |– capicom_dc_sdk.msi

           |– IIS7Util.exe

           |– winhttpcertcfg.exe

     |– _SetupCertificates.cmd

     |– InstallARR.cmd

   Note: If you’re not using SSL, comment out this line in your script:
   
   call %~dp0_SetupCertificates.cmd

   @echo off
   
   REM =====================
   
   REM 	CONFIGURATION
   
   REM =====================
   
   
   REM =============================================
   
   REM IP's for the different sites on the LB Server
   
   REM =============================================
   
   SET Site1IPNLB=10.0.0.51
   
   SET Site2IPNLB=10.0.0.52
   
   SET Site3IPNLB=10.0.0.53
   
   
   REM =============================
   
   REM IP's for back end web servers
   
   REM =============================
   
   SET Site1IPWeb01=10.137.13.61
   
   SET Site2IPWeb01=10.137.13.62
   
   SET Site3IPWeb01=10.137.13.63
   
   
   SET Site1IPWeb02=10.137.13.71
   
   SET Site2IPWeb02=10.137.13.72
   
   SET Site3IPWeb02=10.137.13.73
   
   
   REM ==============================
   
   REM Host names for different sites
   
   REM ==============================
   
   SET Site1HostName=site1.torresdal.net
   
   SET Site2HostName=site2.torresdal.net
   
   SET Site3HostName=site3.torresdal.net
   
   
   REM ==================================
   
   REM Name of Server Farms for each site
   
   REM ==================================
   
   SET ARRServerFarm1=Site1
   
   SET ARRServerFarm2=Site2
   
   SET ARRServerFarm3=Site3
   
   
   REM ============================
   
   REM File locations for web sites
   
   REM ============================
   
   SET Site1FileLoc=C:\%ARRServerFarm1%
   
   SET Site2FileLoc=C:\%ARRServerFarm2%
   
   SET Site3FileLoc=C:\%ARRServerFarm3%
   
   
   REM ==========
   
   REM AppCmd.exe
   
   REM ==========
   
   SET AppCMD=%windir%\system32\inetsrv\appcmd.exe
   
   
   
   REM =========================
   
   REM	INSTALLATION
   
   REM =========================
   
   
   Echo Installing IIS...
   
   start /w pkgmgr /l:log.etw /iu:IIS-WebServerRole;WAS-WindowsActivationService;WAS-ProcessModel;WAS-NetFxEnvironment;WAS-ConfigurationAPI;NetFx2-ServerCore;NetFx2-ServerCore-WOW64;IIS-ManagementService
   
   
   Echo Enabling remote management of IIS...
   
   reg add HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WebManagement\Server /v EnableRemoteManagement /t REG_DWORD /d 1 /f
   
   sc config WMSVC start= auto
   
   
   Echo Installing Application Request Routing (ARR)...
   
   net stop was /y
   
   net stop wmsvc /y
   
   "%~dp0utils\ARRv2_setup_x64.EXE" /Q
   
   net start was
   
   net start wmsvc
   
   
   Echo Disable Idle Timeout on Application Pool...
   
   %AppCMD% set apppool "DefaultAppPool" -processModel.idleTimeout:"00:00:00" /commit:apphost
   
   %AppCMD% set config -section:system.applicationHost/applicationPools /[name='DefaultAppPool'].recycling.periodicRestart.time:"00:00:00" /commit:apphost
   
   
   Echo Installing certificates...
   
   call %~dp0_SetupCertificates.cmd
   
   
   Echo Adding aditional IPs for web sites...
   
   netsh interface ipv4 add address "Local Area Connection" %Site1IPNLB% 255.255.255.0
   
   netsh interface ipv4 add address "Local Area Connection" %Site2IPNLB% 255.255.255.0
   
   netsh interface ipv4 add address "Local Area Connection" %Site3IPNLB% 255.255.255.0
   
   
   Echo Creating folders for web sites...
   
   md %Site1FileLoc%
   
   md %Site2FileLoc%
   
   md %Site3FileLoc%
   
   
   Echo Creating web sites in IIS...
   
   %AppCMD% add site /name:%site1HostName% /bindings:"http/%Site1IPNLB%:80:,https/%Site1IPNLB%:443:" /physicalPath:"%Site1FileLoc%"
   
   %AppCMD% add site /name:%site2HostName% /bindings:"http/%Site2IPNLB%:80:,https/%Site2IPNLB%:443:" /physicalPath:"%Site2FileLoc%"
   
   %AppCMD% add site /name:%site3HostName% /bindings:"http/%Site3IPNLB%:80:,https/%Site3IPNLB%:443:" /physicalPath:"%Site3FileLoc%"
   
   
   Echo Adding farms and servers to ARR...
   
   %AppCMD% set config  -section:webFarms /+"[name='%ARRServerFarm1%']" /commit:apphost
   
   %AppCMD% set config  -section:webFarms /+"[name='%ARRServerFarm1%'].[address='%Site1IPWeb01%']" /commit:apphost
   
   %AppCMD% set config  -section:webFarms /+"[name='%ARRServerFarm1%'].[address='%Site1IPWeb02%']" /commit:apphost
   
   
   %AppCMD% set config  -section:webFarms /+"[name='%ARRServerFarm2%']" /commit:apphost
   
   %AppCMD% set config  -section:webFarms /+"[name='%ARRServerFarm2%'].[address='%Site2IPWeb01%']" /commit:apphost
   
   %AppCMD% set config  -section:webFarms /+"[name='%ARRServerFarm2%'].[address='%Site2IPWeb02%']" /commit:apphost
   
   
   %AppCMD% set config  -section:webFarms /+"[name='%ARRServerFarm3%']" /commit:apphost
   
   %AppCMD% set config  -section:webFarms /+"[name='%ARRServerFarm3%'].[address='%Site3IPWeb01%']" /commit:apphost
   
   %AppCMD% set config  -section:webFarms /+"[name='%ARRServerFarm3%'].[address='%Site3IPWeb02%']" /commit:apphost
   
   
   REM ==============================================================================
   
   REM ALERT!: REMEMBER THAT SSL RULES FOR EACH SITE MUST BE BEFORE THE HTTP RULES!!!
   
   REM 	    E.g. 1) Rules for Site1 SSL
   
   REM              2) Rules for Site1 HTTP
   
   REM		 3) Rules for Site2 SSL
   
   REM		 4) Rules for Site2 HTTP
   
   REM		 5) etc.
   
   REM
   
   REM	    If we had switched 1 and 2, it would match on HTTP first, and would
   
   REM	    have redirected to a non SSL site, resulting in SSL offloading.
   
   REM
   
   REM	    If SSL offloading is the wanted behaviour, only the HTTP rule is
   
   REM	    nessesary.
   
   REM ==============================================================================
   
   
   echo Adding rewriting rules to ARR...
   
   %AppCMD% clear config -section:system.webServer/rewrite/globalRules
   
   
   REM Site1 SSL
   
   %AppCMD% set config  -section:system.webServer/rewrite/globalRules /+"[name='%ARRServerFarm1%_SSL', patternSyntax='Wildcard',stopProcessing='True']" /commit:apphost
   
   %AppCMD% set config  -section:system.webServer/rewrite/globalRules /[name='%ARRServerFarm1%_SSL',patternSyntax='Wildcard',stopProcessing='True'].match.url:"*"  /commit:apphost
   
   %AppCMD% set config  -section:system.webServer/rewrite/globalRules /+"[name='%ARRServerFarm1%_SSL',patternSyntax='Wildcard',stopProcessing='True'].conditions.[input='{HTTPS}',pattern='on']" /commit:apphost
   
   %AppCMD% set config  -section:system.webServer/rewrite/globalRules /+"[name='%ARRServerFarm1%_SSL',patternSyntax='Wildcard',stopProcessing='True'].conditions.[input='{HTTP_HOST}',pattern='*%Site1HostName%*']" /commit:apphost
   
   %AppCMD% set config  -section:system.webServer/rewrite/globalRules /[name='%ARRServerFarm1%_SSL',patternSyntax='Wildcard',stopProcessing='True'].action.type:"Rewrite" /[name='%ARRServerFarm1%_SSL',patternSyntax='Wildcard',stopProcessing='True'].action.url:"https://%ARRServerFarm1%/{R:0}" /commit:apphost
   
   
   REM Site1 HTTP
   
   %AppCMD% set config  -section:system.webServer/rewrite/globalRules /+"[name='%ARRServerFarm1%', patternSyntax='Wildcard',stopProcessing='True']" /commit:apphost
   
   %AppCMD% set config  -section:system.webServer/rewrite/globalRules /[name='%ARRServerFarm1%',patternSyntax='Wildcard',stopProcessing='True'].match.url:"*"  /commit:apphost
   
   %AppCMD% set config  -section:system.webServer/rewrite/globalRules /+"[name='%ARRServerFarm1%',patternSyntax='Wildcard',stopProcessing='True'].conditions.[input='{HTTP_HOST}',pattern='*%Site1HostName%*']" /commit:apphost
   
   %AppCMD% set config  -section:system.webServer/rewrite/globalRules /[name='%ARRServerFarm1%',patternSyntax='Wildcard',stopProcessing='True'].action.type:"Rewrite" /[name='%ARRServerFarm1%',patternSyntax='Wildcard',stopProcessing='True'].action.url:"http://%ARRServerFarm1%/{R:0}" /commit:apphost
   
   
   REM Site2 SSL
   
   %AppCMD% set config  -section:system.webServer/rewrite/globalRules /+"[name='%ARRServerFarm2%_SSL', patternSyntax='Wildcard',stopProcessing='True']" /commit:apphost
   
   %AppCMD% set config  -section:system.webServer/rewrite/globalRules /[name='%ARRServerFarm2%_SSL',patternSyntax='Wildcard',stopProcessing='True'].match.url:"*"  /commit:apphost
   
   %AppCMD% set config  -section:system.webServer/rewrite/globalRules /+"[name='%ARRServerFarm2%_SSL',patternSyntax='Wildcard',stopProcessing='True'].conditions.[input='{HTTPS}',pattern='on']" /commit:apphost
   
   %AppCMD% set config  -section:system.webServer/rewrite/globalRules /+"[name='%ARRServerFarm2%_SSL',patternSyntax='Wildcard',stopProcessing='True'].conditions.[input='{HTTP_HOST}',pattern='*%Site2HostName%*']" /commit:apphost
   
   %AppCMD% set config  -section:system.webServer/rewrite/globalRules /[name='%ARRServerFarm2%_SSL',patternSyntax='Wildcard',stopProcessing='True'].action.type:"Rewrite" /[name='%ARRServerFarm2%_SSL',patternSyntax='Wildcard',stopProcessing='True'].action.url:"https://%ARRServerFarm2%/{R:0}" /commit:apphost
   
   
   REM Site2 HTTP
   
   %AppCMD% set config  -section:system.webServer/rewrite/globalRules /+"[name='%ARRServerFarm2%', patternSyntax='Wildcard',stopProcessing='True']" /commit:apphost
   
   %AppCMD% set config  -section:system.webServer/rewrite/globalRules /[name='%ARRServerFarm2%',patternSyntax='Wildcard',stopProcessing='True'].match.url:"*"  /commit:apphost
   
   %AppCMD% set config  -section:system.webServer/rewrite/globalRules /+"[name='%ARRServerFarm2%',patternSyntax='Wildcard',stopProcessing='True'].conditions.[input='{HTTP_HOST}',pattern='*%Site2HostName%*']" /commit:apphost
   
   %AppCMD% set config  -section:system.webServer/rewrite/globalRules /[name='%ARRServerFarm2%',patternSyntax='Wildcard',stopProcessing='True'].action.type:"Rewrite" /[name='%ARRServerFarm2%',patternSyntax='Wildcard',stopProcessing='True'].action.url:"http://%ARRServerFarm2%/{R:0}" /commit:apphost
   
   
   REM Site3 SSL
   
   %AppCMD% set config  -section:system.webServer/rewrite/globalRules /+"[name='%ARRServerFarm3%_SSL', patternSyntax='Wildcard',stopProcessing='True']" /commit:apphost
   
   %AppCMD% set config  -section:system.webServer/rewrite/globalRules /[name='%ARRServerFarm3%_SSL',patternSyntax='Wildcard',stopProcessing='True'].match.url:"*"  /commit:apphost
   
   %AppCMD% set config  -section:system.webServer/rewrite/globalRules /+"[name='%ARRServerFarm3%_SSL',patternSyntax='Wildcard',stopProcessing='True'].conditions.[input='{HTTPS}',pattern='on']" /commit:apphost
   
   %AppCMD% set config  -section:system.webServer/rewrite/globalRules /+"[name='%ARRServerFarm3%_SSL',patternSyntax='Wildcard',stopProcessing='True'].conditions.[input='{HTTP_HOST}',pattern='*%Site3HostName%*']" /commit:apphost
   
   %AppCMD% set config  -section:system.webServer/rewrite/globalRules /[name='%ARRServerFarm3%_SSL',patternSyntax='Wildcard',stopProcessing='True'].action.type:"Rewrite" /[name='%ARRServerFarm3%_SSL',patternSyntax='Wildcard',stopProcessing='True'].action.url:"https://%ARRServerFarm3%/{R:0}" /commit:apphost
   
   
   REM Site3 HTTP
   
   %AppCMD% set config  -section:system.webServer/rewrite/globalRules /+"[name='%ARRServerFarm3%', patternSyntax='Wildcard',stopProcessing='True']" /commit:apphost
   
   %AppCMD% set config  -section:system.webServer/rewrite/globalRules /[name='%ARRServerFarm3%',patternSyntax='Wildcard',stopProcessing='True'].match.url:"*"  /commit:apphost
   
   %AppCMD% set config  -section:system.webServer/rewrite/globalRules /+"[name='%ARRServerFarm3%',patternSyntax='Wildcard',stopProcessing='True'].conditions.[input='{HTTP_HOST}',pattern='*%Site3HostName%*']" /commit:apphost
   
   %AppCMD% set config  -section:system.webServer/rewrite/globalRules /[name='%ARRServerFarm3%',patternSyntax='Wildcard',stopProcessing='True'].action.type:"Rewrite" /[name='%ARRServerFarm3%',patternSyntax='Wildcard',stopProcessing='True'].action.url:"http://%ARRServerFarm3%/{R:0}" /commit:apphost
   
   
   REM ===============
   
   REM Server Affinity
   
   REM ===============
   
   Echo Adding Server Affinity...
   
   %AppCMD% set config  -section:webFarms /[name='%ARRServerFarm1%'].applicationRequestRouting.affinity.useCookie:"True"  /commit:apphost
   
   %AppCMD% set config  -section:webFarms /[name='%ARRServerFarm2%'].applicationRequestRouting.affinity.useCookie:"True"  /commit:apphost
   
   %AppCMD% set config  -section:webFarms /[name='%ARRServerFarm3%'].applicationRequestRouting.affinity.useCookie:"True"  /commit:apphost
   
   
   REM ========================
   
   REM Load Balancing Algorithm
   
   REM ========================
   
   Echo Adding Load Balancing Algorithm...
   
   %AppCMD% set config  -section:webFarms /[name='%ARRServerFarm1%'].applicationRequestRouting.loadBalancing.algorithm:"WeightedRoundRobin" /commit:apphost
   
   %AppCMD% set config  -section:webFarms /[name='%ARRServerFarm2%'].applicationRequestRouting.loadBalancing.algorithm:"WeightedRoundRobin" /commit:apphost
   
   %AppCMD% set config  -section:webFarms /[name='%ARRServerFarm3%'].applicationRequestRouting.loadBalancing.algorithm:"WeightedRoundRobin" /commit:apphost
   

Installing Application Request Routing:

1. From the ARR server connect to your client containing the script files:
   
   net use [some drive letter]: \\clientComputerName\[drive on client]$ /user:domain\user
   
   Example:

   net use r: \\myClient\c$ /user:torresdal\jon

2. Make a directory on the server to copy the files to:
   
   E.g.: md c:\temp\arr
3. Copy the ARRInstall folder from your client to C:\temp\arr on your server
4. Run InstallARR.bat, watch for errors and wait for it to finish
5. Install Remote IIS Manger on a PC that will administrate IIS and connect to the ARR server: http://www.iis.net/expand/IISManager
6. In Internet Information Services Manager connected to ARR do:
   1. Select Sites->Site1
   2. Click Bindings (upper right corner)
   3. Click https –> Edit
   4. Select proper certificate
   5. Repeat for all other sites
7. Under Sites:
   1. For each site that require SSL:
      1. Click SSL Settings
      2. Check Require SSL
8. Start IIS on ARR server:
   
   iisreset /start
9. Using Internet Information Services Manager:
   
   Stop “Default Web Site”
10. You’re done!

I hope this helped in making the installation and configuration of the ARR server easier, and that my scenario is applicable to others except me :-) Let me know if I can help with questions or if you find any errors.

Next time I will talk about how to avoid the ARR server being the Single Point of Failure.

Using IIS7 And Application Request Routing as Load Balancer – Part 1

10. February 2010

A few weeks back I had to solve a performance problem at work. For some of our applications most of our users are NAT’ed behind the same IP, making the default load balancer (NLB) in Windows direct the majority of all traffic to one server. NLB in Windows work on layer 3 (network layer) in the OSI model (that thing you learned at uni), meaning we can only take advantage of IP stuff. So usually you use what’s often called Sticky Sessions (Single Affinity) to keep track of which IP’s got redirected to which server, and keep doing that from that point on for that IP. This was the setup we had.

You can work around that problem by disabling Sticky Sessions, but it might influence performance and could give you unwanted consequences. As an example, if you use ASP.NET Web Forms you will probably run into an issue with ViewState and possibly session issues. For SSL however (which was the case for us), Sticky Session is not recommended.

Other “smarter” load balancers work on layer 7 (application layer), providing us with a much bigger toolbox to inspect traffic and make smarter choices for where to redirect traffic. So I started to look for a load balancer on layer 7. The obvious first choice was hardware LB. This is often the quickest solution, but also the most expensive. I looked at Cisco’s Application Control Engine Module (ACE) and F5 BigIP, but the price was and issue as well as the lack of people with know-how inside our organization of how to configure them.

My next option was setting up a Linux server running Apache and LB, but then I came across a Microsoft module on IIS7: Application Request Routing (ARR). I found some really good documentation and it looked quite easy to set up. Since I (and others in my organization) are used to working with IIS, this seamed to be worth investigating.

In my next post I’ll go trough all the details of setting up ARR on Windows 2008 R2 Server Core. Everything from installing and configuring the OS to automate installation of ARR by scripts.

A few interesting tings about Visual Studio 2010

20. December 2008

A few years ago I did some presentations on memory leaks in .Net. I pointed out a few things you needed to be aware of even though you have a garbage collector. Like how you manage your events in .Net. Anyway, back then Rico Mariani was a great source for me (or actually his blog was)with all his knowledge about memory and performance stuff.

Summer 2007 Rico became Chief Architect of Visual Studio which gave me hope :-) I think we already start to see his impact on the product. If you have been following Rico’s blog you know that he has been working with performance for almost 30 years!

Anyway, on his blog he have a few articles about where VS 2010 is heading and what we can or cannot expect. He also talks about the overall plans for Visual Studio (and not only 2010) which I found to be interesting reading. Here’s a couple of links from his blog:

http://blogs.msdn.com/ricom/archive/2008/11/18/the-visual-studio-tech-roadmap-starring-visual-studio-2010.aspx

http://blogs.msdn.com/ricom/archive/2008/11/25/visual-studio-dialogue-with-wpf-performance-emphasis.aspx

One of the things that have come up is the use of WPF. WPF in Visual Studio? Is that a good idea? Well, as Rico says: Do you really think GDI is the last word in computer graphics for the next 10 years?

Check this video out where he more or less summarize what he said on his blog about VS: http://channel9.msdn.com/shows/Going+Deep/Rico-Mariani-Visual-Studio-Today-Tomorrow-and-Beyond/

Below is a couple of other interviews he have done lately:

http://channel9.msdn.com/posts/VisualStudio/Paramesh-Vaidyanathan-and-Rico-Mariani-The-Future-of-Visual-Studio-Extensibility/

http://deepfriedbytes.com/podcast/episode-21-talking-performance-with-performance-preacher-rico-mariani/

• Recent Posts

  • How ConDep came to life
  • Introducing ConDep
  • Lightning Talk: Why you shouldn’t track bugs
  • How Do We Track Bugs? Check In a Failing Test!
  • Stepping Down from NNUG Bergen, Still Chairman of NNUG National

• Archives

  • March 2013
  • February 2013
  • November 2012
  • January 2012
  • June 2011
  • May 2011
  • September 2010
  • August 2010
  • June 2010
  • April 2010
  • March 2010
  • February 2010
  • January 2010
  • December 2009
  • August 2009
  • July 2009
  • June 2009
  • May 2009
  • April 2009
  • March 2009
  • February 2009
  • January 2009
  • December 2008
  • November 2008
  • October 2008
  • September 2008
  • August 2008
  • July 2008
  • June 2008
  • May 2008
  • April 2008
  • March 2008
  • February 2008
  • January 2008
  • December 2007
  • November 2007
  • October 2007
  • September 2007
  • August 2007
  • July 2007
  • June 2007
  • May 2007
  • April 2007
  • March 2007
  • February 2007
  • January 2007
  • December 2006
  • November 2006
  • October 2006
  • September 2006

• Categories

  • .Net
  • ADFS
  • Agile
  • Ajax
  • Architecture
  • Articles
  • ASP.NET
  • ASP.NET-MVC
  • Blogging
  • Books
  • BPEL
  • CleanCode
  • CloudComputing
  • Community
  • ContinuousDelivery
  • ContinuousDeployment
  • CSharp
  • DasBlog
  • Database
  • DDD
  • Deployment
  • DevOps
  • DSL
  • Events
  • ExtremeProgramming
  • Fun
  • Gadgets
  • IIS
  • InfoQ
  • Java
  • Kanban
  • Lean
  • Linq
  • MemoryLeaks
  • Microsoft
  • MVC
  • NDC
  • NNUG
  • Other
  • Patterns
  • Performance
  • Scrum
  • Security
  • Silverlight
  • Software
  • TeamManagement
  • TechEd
  • Testing
  • Tools
  • TvGuide
  • Uncategorized
  • Vista
  • VisualStudio
  • WCF
  • Web
  • WebDeploy
  • WIF
  • Windows
  • WiX
  • Work
  • Workflow

• Meta

  • Log in
  • Entries RSS
  • Comments RSS
  • WordPress.org