r8 - 28 Feb 2010 - 10:48:52 - PavelGeorgievYou are here: Wiki >  AppLogic27 Web > CatWebServersIIS
ALERT! AppLogic 2.7/2.8 Documentation The latest production release is AppLogic 2.8.9

IIS03W/IIS03S/IIS03E/IIS03DC: Internet Information Server appliances

iis.PNG At a Glance
Catalog system_ms
Category Web Servers
User volumes yes
Min. memory 256 MB (x86), 768 MB (x64)
OS Windows
Constraints no
Questions/Comments Ask Forum

Functional Overview

IIS is a web server appliance based on the Microsoft Internet Information Server software (see http://www.iis.net).

IIS serves static web content and executes scripts from a user-configurable read-only content volume. The paths to the documents and scripts are configurable, so that the same volume can be shared between multiple web servers and/or other appliances serving different content.

IIS has three generic output terminals intended for accessing external services from scripts on the content volume. The db terminal is for accessing a database; the fs terminal is for accessing shared file storage (using CIFS); and the aux terminal is for sending e-mail messages to an SMTP server.

The log terminal can be used to connect IIS to a shared file system on which IIS can store its logs.

The configuration of the IIS server is provided through properties. The properties are designed to cover most uses in an easily configurable way. Typically, only a few need to be set to non-default values.

If the features provided by the IIS appliance do not meet your needs, please contact our TechnicalSupport to discuss the possible options. We may be able to extend the catalog by providing appliances that cover your needs.

ALERT! IIS03y is not distributed with AppLogic. Please see the installation reference for instructions on creating IIS03y from a base windows server appliance.

Name Latest Version OS IIS VB ASP.NET Notes
IIS03W 1.0.7-1 Windows Server 2003 "Web" SP2 (x86) 6 6 3.5 SP1  
IIS03S 1.0.7-1 Windows Server 2003 "Standard" R2 (x64) 6 6 3.5 SP1  
IIS03E 1.0.7-1 Windows Server 2003 "Enterprise" R2 (x64) 6 6 3.5 SP1  
IIS03DC 1.0.7-1 Windows Server 2003 "Datacenter" R2 (x64) 6 6 3.5 SP1  

Boundary

Resources

Resource Minimum Web (x86) Maximum Default Tested
CPU 0.1 2 0.25 2
Memory 256MB 2 GB 512 MB 2G
Bandwidth 1 Mbps 2 Gbps 100 Mbps 2 Gbps

Resource Minimum Standard (x64) Maximum Enterprise (x64) Maximum Datacenter (x64) Maximum Default Tested
CPU 0.25 4 8 32 0.5 8
Memory 768 MB 32 GB 64 GB 64 GB 1 GB 32G
Bandwidth 1 Mbps 2 Gbps 2 Gbps 2 Gbps 100 Mbps 2 Gbps

Terminals

Name Dir Protocol Description
in in http Serves HTTP requests coming from web clients. Serves the HTTP/1.1 and 1.0 protocols.
db out any Access to a database server. Usage is defined by whatever scripts reside on the content volume (if any). This terminal may be left unconnected if it is not used.
fs out cifs Access to a network file system for shared file storage, providing anonymous logins and a read-write share named share. Usage is defined by whatever scripts reside on the content volume (if any). Software on the content volume 'sees' the remote file system as \\fs\share in the appliance's filesystem space. This terminal may be left unconnected if it is not used.
log out cifs Access to a CIFS-based network file system for storing IIS logs. This terminal may be left unconnected if it is not used. The connected server must allow anonymous logins and have a read-write share named share.
aux out any Access to an SMTP server for sending outgoing e-mail. Usage is defined by whatever scripts reside on the content volume (if any). Note that 'IIS SMTP' is not configured on the appliance; any application that needs to send mail should simply use SMTP directly, using 'aux' as the target hostname.
This terminal may be left unconnected if it is not used.
net out any Gateway output for subnet access.
This terminal may be left unconnected if it is not used.
mon out cce Sends performance and resource usage statistics.
This terminal may be left unconnected if it is not used.

The default interface is enabled. The default interface is used by the appliance to report to AppLogic that it has booted successfully. It can also be used to log in over secure shell to the appliance from the AppLogic controller, primarily for diagnostic and troubleshooting purposes.

User Volumes

Volume Description
content Read-write volume providing the web content (documents, media and scripts) to be served by IIS.

The volume may provide static and/or dynamic content.

Properties

Property name Type Description
content_on_fs String Specifies whether the content is relative to the file system at the fs terminal or is on the content volume. Allowed values are on and off. If set to on, all content is relative to the file system at the fs terminal. If set to off, the content is on the content volume.
Default: off
docs_dir String Root directory on the content or remote NAS volume where the documents to be served are located. For example, it may be /mydocs. This property is convenient to use when more than one IIS server shares the content volume and each server needs its own documents. If docs_dir is set to /, the root directory of the content volume is used.
IDEA! The directory must be pre-existing on the content volume.
Default: /
logs_enabled String Controls whether IIS logging is enabled. Allowed values are on and off. If set to on and the log terminal is connected, then logs will be stored on the remote NAS appliance, on the cifs share. If set to on and the log terminal is not connected, then logs will be stored on the Windows boot drive, in the default location (C:\WINDOWS\system32\LogFiles\W3SVC1\*). If this is set to off, logs are completely disabled. Default: off
logs_base_dir String Directory where IIS's logs are stored. This propery has no effect if logs_enabled is set to 'off' or log terminal is not connected. Default: /

ALERT! All enumerated string properties are not case sensitive (lowercase). All other string properties are case sensitive.

Advanced Properties

These are additional properties that should normally not need to be configured. They can be used to tune up IIS in non-standard circumstances.

Property name Type Description
index_files String Ordered, space-seperated list of files to use as a directory index page in case the client requests a URL that refers to a directory name.
Default: default.htm default.asp default.aspx index.html
max_connections Integer Maximum number of concurrent active connections that IIS can handle (0 means unlimited). The actual number of concurrent connections may be limited to less than the value set for this property if there is not enough system memory. See the Memory Usage section below.
Default: 0
idle_timeout_sec Integer Timeout, in seconds, for keeping a client connection open if there is no request or response going through. Keeping this timeout short helps drop forgotten connections quickly. Default: 15
data_timeout_sec Integer Timeout, in seconds, for receiving or sending more data if a data transfer has started but is not completed. This timeout allows IIS to drop connections that have been forgotten while still allowing delays during the transfer. Default: 300

ALERT! All enumerated string properties are not case sensitive (lowercase). All other string properties are case sensitive.

Custom Counters

The IIS appliance reports the following custom counters through the mon terminal.

The following counters belong to the W3SVC counter group:

Counter name Description
Total hits Total number of hits
Total bytes Total number of bytes
Total NotFound requests Total number of NotFound responses generated by IIS
Active requests Number of active requests

ALERT! The counter's pace in the appliance is set to 2s. If you are using graphs via the MON appliance to monitor these counters, the pace for the graphs need to be set to 2s or multiple of 2s.

Error Messages

The following messages may appear in the appliance log file and the system log of the grid controller when the appliance fails to start:

Error message Description
Error: content_on_fs is off but the local content volume is missing The content_on_fs is set to off, specifying that the data volume must be mounted locally, but IIS cannot mount content volume. The probable cause is that the content volume is not formatted, or is not present in the IIS configuration.
Error: content_on_fs is on but the fs terminal is not connected The content_on_fs is set to on, specifying that a remote file system must be used for web content, but IIS cannot access the content share. The probable cause is that another appliance which exposes such a share is not connected to the IIS fs terminal.
Error: Failed to access fs share IIS can't access cifs share. The probable cause is that fs is not connected or IIS was started before the appliance which is connected to the fs terminal (e.g. a NAS appliance).
Error: docs directory docs_dir does not exist on content volume docs_dir folder, defined in IIS configuration, couldn't be found on the content volume.

Memory Usage

IIS configures itself automatically to run with a wide range of available memory in order to fit applications of different size and load. Despite this, please note that the configuration calculation cannot predict the memory usage of dynamic-content scripts that may be installed on the IIS's content volume, and a misbehaving script can cause the server to malfunction by overcomitting memory and causing the OS to kill processes.

By default, IIS configures the maximum number of active connections assuming (32-bit version):

  • 64MB for system use (OS kernel and system services) and 64MB for IIS core
  • 2.5MB per active connection

For example, in the 'sandbox' configuration with 256M, the max number of active connections will be set to 51.

The maximum number of connections can be limited below the automatically computed value using the max_connections property. Note that if max_connections is above the limit imposed by the available system memory, it is trimmed without warning.

TIP: If a memory-heavy application starts misbehaving under load (drops connections), and increasing the available memory is not an option, try setting the max_connections property to a lower value. This will reduce the possible number of script instances that run at the same time, giving each instance more memory to run in.

Setting Up The Content, Shared File Storage

This section provides useful information for configuring scripts that serve dynamic content.

Fixed Directory Names

On starting the HTTP server, the following directories and files are available within the filesystem space of the IIS instance (using absolute directory names outside of these locations in any script or configuration file is not recommended):

D:\ - web root, visible as '/' to the client. This refers to a location on the content volume and is read-only.

\\fs\share - root of the shared read/write file storage provided by a NAS server connected to the fs terminal.

Access Control

Files on the content volume should have 'read' permission for Everyone, to be eligible for serving through HTTP.

To serve dynamic content from the remote file system share, IIS03y appliance in the application must be configured as follows:

  • Verify that required web service extensions are enabled:
    • in the IIS manager, select Web Service Extensions and set Allowed for Active Server Pages, ASP.NET v2.0.50727 and Server Side Includes
  • Set Full Trust on the remote filesystem:
    • in a cmd shell execute: 
            x86: C:\Windows\Microsoft.NET\Framework\v2.0.50727\CasPol.exe -m -ag 1 -url "file:////\\fs\share\*" FullTrust -exclusive on

      or

      x64: C:\Windows\Microsoft.NET\Framework64\v2.0.50727\CasPol.exe -m -ag 1 -url "file:////\\fs\share\*" FullTrust -exclusive on
  • Restart IIS:
    • In the IIS manager, select Local Computer=>All Tasks=>Restart IIS

ALERT! Replace "file:////\\fs\share\*" with a correct path if required (repeat the command for multiple folders)

Web Service Extensions

IIS03y appliances are configured with the following Web Service Extension settings, which can be modified in the IIS manager:

Extension Setting
All Unknown CGI Extensions Prohibited
All Unknown ISAPI Extensions Prohibited
Active Server Pages Allowed
ASP .NET v2.0.50727 Allowed
Internet Data Connector Prohibited
RPC Proxy Server Extension Allowed
Server Side Includes Prohibited
WebDAV Prohibited

Sending E-mail

The 'IIS SMTP' system is not configured on IIS. Do not use it for sending e-mail from this appliance. In all cases, your SMTP mailer should be set up to use aux as the hostname of the SMTP server. See the use cases for examples on how to use IIS03y with email.

Typical Usage

Static web site


Static_iis_site.PNG

Appliances in use:

  • usr - input gateway for user requests
  • iis - web server with static and/or dynamic content (e.g., ASP.NET scripts)

Client requests arrive on the usr gateway. The gateway forwards the requests to the iis web server.

Example property configuration:

Property name Value Notes
content_on_fs no Using local volume.
docs_dir / Website files are located in the root of the content volume.
logs_enabled no We do not need log files.
logs_base_dir / We do not need log files.
index_files default.htm default.asp default.aspx index.html Most popular index files.
max_connections 0 Do not use artificial limit.
idle_timeout_sec 15 Default timeout for idle connections.
data_timeout_sec 300 Default timeout.

2-tier application with database


2-tier_iisapp_with_database.PNG

Appliances in use:

  • usr - input gateway for user requests
  • iis - web server with static and/or dynamic content (e.g., ASP.NET scripts)
  • sql - database

Client requests arrive on the usr gateway. The gateway forwards the requests to the iis web server. The web server accesses the sql database.

Example property configuration:

Property name Value Notes
content_on_fs no Using local volume.
docs_dir / Website files are located in the root of the content volume.
logs_enabled no We do not need log files.
logs_base_dir / We do not need log files.
index_files default.htm default.asp default.aspx index.html Most popular index files.
max_connections 20 Use at most 20 simultaneous connections.
idle_timeout_sec 15 Default timeout for idle connections.
data_timeout_sec 300 Default timeout.

2-tier application with database and log


2-tier_iisapp_with_database_and_log.PNG

Appliances in use:

  • usr - input gateway for user requests
  • iis - web server with static and/or dynamic content (e.g., ASP.NET scripts)
  • db - database
  • logs - storage for web and database log files

Client requests arrive on the usr gateway. The gateway forwards the requests to the iis web server. The web server accesses the db database. iis and db both write their logs to the logs appliance through their log terminals.

Example property configuration:

Property name Value Notes
content_on_fs no Using local volume.
docs_dir / Website files are located in the root of the content volume.
logs_enabled yes Preserve log files.
logs_base_dir /iis_logs Put log files into /iis_logs subdirectory.
index_files default.htm default.asp default.aspx index.html Most popular index files.
max_connections 20 Use at most 20 simultaneous connections.
idle_timeout_sec 15 Default timeout for idle connections.
data_timeout_sec 300 Default timeout.

2-tier application with shared file system and e-mail gateway


2-tier_iisapp_with_shared_file_system_and_e-mail_gateway.PNG

Appliances in use:

  • usr - input gateway for user requests
  • iis - web server with static and/or dynamic content (e.g., ASP.NET scripts)
  • config - storage for web content
  • mail - a firewalled output gateway to an e-mail server

Client requests arrive on the usr gateway. The gateway forwards the requests to the iis web server. The web server's content is located on config and is being accessed from iis though the fs terminal. iis writes its logs to the config appliance through the log terminal.

The web application is able to send outbound e-mails through the aux terminal of iis via the mail gateway.

Example property configuration:

Property name Value Notes
content_on_fs yes Content is located on mounted NAS volume.
docs_dir /website Website files are located in the /website directory of the content volume.
logs_enabled yes Preserve log files.
logs_base_dir /iis_logs Keep log files in the /iis_logs directory.
index_files default.htm default.asp default.aspx index.html Most popular index files.
max_connections 0 Do not use artificial limit.
idle_timeout_sec 15 Default timeout for idle connections.
data_timeout_sec 300 Default timeout.

Scalable 2-tier application


Scalable_2-tier_iisapp.PNG

Appliances in use:

  • usr - input gateway for user requests
  • webs - web load-balancer for user requests
  • iis1 and iis2 - web servers with static and/or dynamic content (e.g., ASP.NET scripts)
  • db - database
  • config - storage for web content
  • logs - storage for web and database log files
  • mail - a firewalled output gateway to an e-mail server

Client requests arrive on the usr gateway. The gateway forwards the requests to the webs load balancer, which directs the request to one of the web servers iis1 or iis2. The web servers access the db database. The web servers' content is located on the shared config appliance and is being accessed though the fs terminals. Both web servers write their logs to the logs appliance through their log terminals.

The web application is able to send outbound e-mails through the aux terminal of iisy via the mail gateway.

In addition, an administrator can log in through the admin gateway to the logs appliance and view log files.

Example property configuration:

Property name Value Notes
content_on_fs yes Content is located on mounted NAS volume.
docs_dir /website_files Website files are located in the /website_files directory of the content volume.
logs_enabled yes Preserve log files.
logs_base_dir /website_logs Keep log files in the /website_logs directory.
index_files default.htm default.asp default.aspx index.html Most popular index files.
max_connections 0 Do not use artificial limit.
idle_timeout_sec 15 Default timeout for idle connections.
data_timeout_sec 300 Default timeout.

Notes and Links

ALERT! The appliance hostname (set to appliance instance name) cannot be longer than 15 characters. Setting the appliance instance name to more than 15 characters will result in a hostname truncated to the 15th character.

Open source and 3rd party software used inside of the appliance

IIS03x uses the following 3rd party open source packages in addition to the 3rd party open source packages used by its base class WIN03x.

Software Version Modified License Notes
F5XForwardedFor 1.0.0 No iControl EULA http://devcentral.f5.com/downloads/codeshare/F5XForwardedFor.zip
KB942589 N/A No eula_KB942589 http://support.microsoft.com/kb/942589; for x64 only.
dotnetfx 3.5 No eula_dotnetfx .NET Framework 3.5 full package
mysql-connector-odbc 5.1.5 No GPLv2 download page on MySQL website
psqlodbc 08.03.0400 No LGPLv2.0 download page on PgFoundry
perl-libwin32 0.27-1 No GPLv2 download page

To see the full list of open source packages used in this appliance, please see its implementation design.

Related Documents

Questions and Comments

IDEA! To post a question or comment on this appliance, visit our forum.

-- OlegSmolov - 07 Oct 2009

 
Copyright © 2005-2010 3tera, Inc. All Rights Reserved.
%