لطفا منتظر باشید ...
Configuring IIS 6.0 to Host ASP.NET Applications
If the newly upgraded IIS 6.0 server includes existing ASP.NET applications, you need to configure IIS to use the correct version of the .NET Framework, and you must configure the .NET Framework to support your applications. If IIS 6.0 is configured to run in worker process isolation mode, you need to migrate ASP.NET configuration settings from the Machine.config file to the equivalent settings in IIS 6.0.Figure 5.6 illustrates the process for configuring IIS for ASP.NET applications
Figure 5.6: Configuring IIS for ASP.NET Applications
Configuring IIS 6.0 to Use the Correct Version of the .NET Framework
Before upgrading a Web server that hosts ASP.NET applications, version 1.0 of the .NET Framework is installed on the server and the applications are configured to use that version of the .NET Framework. After upgrade, version 1.1 of the .NET Framework is installed and the applications are configured to use version 1.1 of the .NET Framework. However, version 1.0 of the .NET Framework is still installed, which is referred to as side-by-side support.Running versions 1.0 and 1.1 of the .NET Framework side-by-side is only supported when IIS is configured to run in IIS 5.0 isolation mode. If you have already configured IIS to run in worker process isolation mode, then you can only use version 1.1 of the .NET Framework. In most cases, ASP.NET applications function correctly with version 1.1 of the .NET Framework. For more information about possible application incompatibilities when upgrading from version 1.0 to version 1.1 of the .NET Framework, see "Determining Application Compatibility with the .NET Framework" earlier in this chapter. When your ASP.NET application is incompatible with version 1.1 of the .NET Framework, configure the application to use version 1.0 of the .NET Framework and configure IIS to run in IIS 5.0 isolation mode.You can configure each ASP.NET application to use a specific version of the .NET Framework by registering a script map in IIS for the application. A script map associates a file name extension and HTTP verb with the appropriate ISAPI for script handling. For example, when IIS receives a request for a .aspx file, the script map for the corresponding application directs IIS to forward the requested file to the appropriate version of the ASP.NET ISAPI for processing.The script map for each ASP.NET application can be applied directly to an application, or inherited from a parent application. However, ASP.NET supports only one version of the .NET Framework for each application pool. For more information about how to configure the script map for an ASP.NET application, see "Configure an ASP.NET Application for ASP.NET" in "IIS Deployment Procedures" in this book.
Configuring the .NET Framework
The configuration method for the .NET Framework is determined by the application isolation mode that you use to configure IIS 6.0. Table 5.9 lists the methods for configuring the .NET Framework that are associated with each IIS 6.0 application isolation mode.
Application Isolation Mode | Configuration Method for the .NET Framework |
|---|---|
IIS 5.0 isolation mode | Configured by making changes to the Machine.config file in the systemrooot\Microsoft.NET\Framework\ VersionNumber\Config folder. |
Worker process isolation mode | Configured by making changes to the IIS 6.0 metabase. |
When IIS 6.0 is configured to run in IIS 5.0 isolation mode, the .NET Framework uses the processModel section of the Machine.config file (in the systemroot\Microsoft.NET\Framework\versionNumber\Config folder) for its configuration and no additional steps are required.However, if you configured IIS 6.0 to run in worker process isolation mode, the .NET Framework largely ignores the <processModel> section of the Machine.config file, and instead gets its process configuration from the IIS 6.0 metabase. Because the upgrade process does not migrate the existing settings in the Machine.config file, you must manually convert any settings required by the ASP.NET applications.For information about how to convert the Machine.config attribute settings to IIS 6.0 metabase property settings, see "Migrating Machine.config Attributes to IIS 6.0 Metabase Property Settings" later in this chapter. For more information about configuring IIS 6.0 for ASP.NET applications, see "Deploying ASP.NET Applications in IIS 6.0" in this book.
Reviewing How ASP.NET Applications Run In Each Application Isolation Mode
When running in worker process isolation mode, ASP.NET applications use the W3wp.exe worker process and application pool properties, which are stored in the IIS 6.0 metabase. When you configure IIS 6.0 to run in IIS 5.0 isolation mode, ASP.NET applications use the ASP.NET request processing model, Aspnet_wp.exe, and configuration settings. These configuration settings are stored in the Machine.config file.
Behavior of ASP.NET Applications that Are Running in IIS 5.0 Isolation Mode
By default, ASP.NET applications are configured to run in worker process isolation mode. If your application can only run in the ASP.NET process model, you must configure the server to run in IIS 5.0 isolation mode to be able to run the application on IIS 6.0. When IIS 6.0 is configured to run in IIS 5.0 isolation mode, ASP.NET applications behave as follows:
The applications run within Aspnet_wp.exe.Aspnet_wp.exe is a request processing model similar to worker process isolation mode and contains similar worker process management capabilities as the WWW service in IIS 6.0. Aspnet_wp.exe includes most of the IIS application management features, such as recycling, health detection, and processor affinity — the ability to force worker processes to run on specific microprocessors.
The configuration settings are stored in the Machine.config file.When configured in IIS 5.0 isolation mode, the configuration settings for ASP.NET applications are managed by modifying the Machine.config file, not the IIS metabase file. Because there is no administrative console for the Machine.config settings, any configuration settings for ASP.NET must be made directly to the Machine.config file.
| Important | In IIS 5.0 isolation mode, the .NET Framework ignores any configuration changes made in the IIS metabase. Administrative consoles, such as IIS Manager, make changes to the IIS 6.0 metabase, but those changes are not read by the .NET Framework. |
When IIS 6.0 is configured in IIS 5.0 isolation mode, your ASP.NET applications should behave as they did in IIS 5.0. However, incompatibilities can result when running version 1.1 of the .NET Framework. For more information about configuring IIS to support ASP.NET applications that use version 1.0 of the .NET Framework, see "Configuring IIS 6.0 to Use the Correct Version of the .NET Framework" earlier in this chapter.
Behavior of ASP.NET Applications that Are Running in Worker Process Isolation Mode
When IIS 6.0 is configured to run in worker process isolation mode, ASP.NET applications behave as follows:
The process model within the ASP.NET ISAPI extension is disabled and ASP.NET applications run using worker process isolation mode in IIS 6.0.In this configuration, the ASP.NET application runs in worker process isolation mode like any other application, such as an ASP application. In addition, IIS 6.0 provides all of the management features, such as recycling, health detection, and processor affinity.
The ASP.NET ISAPI extension is configured by a combination of configuration settings that are stored in the IIS metabase (MetaBase.xml) and configuration settings in the Machine.config file.When configured in worker process isolation mode, the majority of the configuration settings are stored in the IIS metabase. You can adjust these settings directly in MetaBase.xml or from administrative consoles, such as IIS Manager, or scripts.However, if there are existing settings in the <processModel> section of the Machine.config file, those configuration settings must be converted to the appropriate application pool settings when the Web server is configured to run in worker process isolation mode Additionally, there are other configuration settings that are still made through the Machine.config file, regardless of the application mode. For more information about converting Machine.config attributes to worker process isolation mode settings, see "Migrating Machine.config Attributes to IIS 6.0 Metabase Property Settings" later in this chapter.
When IIS 6.0 is configured in worker process isolation mode, your ASP.NET applications should behave as they did on IIS 5.0. Before deploying your ASP.NET applications on your production Web servers, test compatibility with IIS 6.0 running in worker process isolation mode and version 1.1 of the .NET Framework. For more information about determining application compatibility with IIS 6.0 running in worker process isolation mode, see "Determining Application Compatibility with Worker Process Isolation Mode" earlier in this chapter. For more information about determining compatibility with version 1.1 of the .NET Framework see "Determining Application Compatibility with the .NET Framework" earlier in this chapter.If you determine that your ASP.NET applications are incompatible with IIS 6.0 running in worker process isolation mode, reconfigure IIS to run in IIS 5.0 isolation mode. If your ASP.NET applications are incompatible with version 1.1 of the .NET Framework, configure IIS to use version 1.0 of the .NET Framework with your ASP.NET application.For more information about configuring IIS 6.0 to run in IIS 5.0 isolation mode, see "Configure Application Isolation Modes" in "IIS Deployment Procedures" in this book.
Migrating Machine.config Attributes to IIS 6.0 Metabase Property Settings
When you upgrade a server running IIS 5.0 and version 1.0 of the .NET Framework, the ASP.NET applications can depend on specific attribute settings in the <processModel> section of the Machine.config file. The <processModel> section configures the ASP.NET process model settings and therefore affects all ASP.NET applications running on an IIS Web server. If any of the following Machine.config attributes exist, you must migrate the attribute configuration settings to their equivalent metabase property settings in IIS 6.0.
| Note | Follow the deployment steps in this section only when IIS 6.0 is configured to run in worker process isolation mode. When IIS 6.0 is configured to run in IIS 5.0 isolation mode, IIS 6.0 reads the ASP.NET settings from the Machine.config file, and you do not need to migrate the Machine.config attribute settings. Thus, you can continue to the next step in the upgrade process. |
Migrate the Machine.config attributes by adjusting the configuration settings in the Application Pools node in IIS Manager. Table 5.10 lists the Machine.config attributes and where to find more information about how to migrate the attributes.
Machine.config Attribute | Migrating This Attribute |
|---|---|
cpuMask | See "Migrating Performance Related Attributes later in this chapter. |
idleTimeout | See "Migrating Performance Related Attributes" later in this chapter. |
memoryLimit | See "Migrating Recycling Related Attributes later in this chapter. |
password | See "Migrating Identity Related Attributes later in this chapter. |
pingFrequency | See "Migrating Health Related Attributes later in this chapter. |
pingTimeout | See "Migrating Health Related Attributes later in this chapter. |
requestLimit | See "Migrating Recycling Related Attributes later in this chapter. |
restartQueueLimit | See "Migrating Performance Related Attributes later in this chapter. |
shutdownTimeout | See "Migrating Health Related Attributes later in this chapter. |
timeout | See "Migrating Recycling Related Attributes later in this chapter. |
username | See "Migrating Identity Related Attributes later in this chapter. |
webGarden | See "Migrating Performance Related Attributes later in this chapter. |
The Machine.config attribute settings in Table 5.10 must be migrated to IIS 6.0 settings. However, you must still configure the following attribute settings in the Machine.config file:
maxWorkerThreads
maxIoThreads
responseDeadlocklnterval
When configured to run in worker process isolation mode, IIS 6.0 and the .NET Framework ignore any <processModel> section Machine.config attribute settings that are not in the previous list or in Table 5.10.
| Note | The <processModel> section of the Machine.config file configures the ASP.NET process model settings on an IIS Web server. The <processModel> section provides global configuration settings for all of the ASP.NET applications running on the server. |
Migrating Recycling-Related Attributes
In worker process isolation mode, you can assign one or more Web sites or applications to an application pool. Each application pool has one or more worker processes that process client requests for the Web sites and applications in the application pool. You can configure IIS to periodically recycle worker processes assigned to an application pool, which in turn recycles the Web sites and applications running in that application pool. Recycling worker processes keeps problematic Web sites and applications running smoothly, especially when it is not feasible to modify the application code. Recycling worker processes within an application pool ensures that the Web sites and applications in the application pools remain healthy, and that system resources can be recovered.The Machine.config attributes that affect recycling-related metabase properties include:
timeout
requestLimit
memoryLimit
Migrating the timeout Attribute
The timeout Machine.config attribute, default value infinite, specifies the time limit after which ASP.NET starts a new worker process to take the place of the current one. The attribute is a string value in the format of hr:min:sec. To configure this value in IIS 6.0, you need to convert this format to time in minutes.Configure the Recycling Worker Processes (in minutes) setting in IIS 6.0 to the same time value, in minutes, that is configured in the timeout Machine.config attribute.For more information about how to configure the Recycling Worker Processes (in minutes) setting, see "Configure Application Pool Recycling" in "IIS Deployment Procedures" in this book.
Migrating the requestLimit Attribute
The requestLimit Machine.config attribute, default value infinite, specifies the number of requests after which ASP.NET starts a new worker process to take the place of the current one.Configure the Recycling Worker Processes (in requests) setting in IIS 6.0 to the same value, in number of requests, that is configured in the requestLimit Machine.config attribute.For more information about how to configure the Recycling Worker Processes (in requests) setting, see "Configure Application Pool Recycling" in "IIS Deployment Procedures" in this book.
Migrating the memoryLimit Attribute
The memoryLimit Machine.config attribute, default value 60 percent, specifies the percentage of physical memory that the worker process can consume before ASP.NET starts a new worker process to take the place of the current one.
Recycling based on memory consumption works slightly different in IIS 6.0, where worker processes can be recycled based on both virtual memory and physical memory. Also, the memory limit is not a percentage value, but is specified as a value in megabytes.Configure the Maximum used memory (in megabytes) setting in IIS 6.0 to the amount of physical memory represented by the percentage specified in the memoryLimit Machine.config attribute.Also, adjust the Maximum virtual memory (in megabytes) settings in IIS 6.0 if necessary. The Maximum virtual memory (in megabytes) is the maximum amount of virtual memory, which includes the used memory plus the reserved memory,For more information about how to configure the Maximum used memory (in megabytes) setting, see "Configure Application Pool Recycling" in "IIS Deployment Procedures" in this book.
Migrating Performance-Related Attributes
In worker process isolation mode, IIS 6.0can be configured to optimize the performance of an application pool, allowing you optimize the performance of your Web applications. Migrating the performance-related Machine.config attributes helps ensure that your Web applications perform as they did on IIS 5.0.
| Note | In addition to the configuration settings mentioned in this section, IIS 6.0 provides CPU utilization monitoring for worker processes. For more information, see "Configuring Applications Pools and Worker Processes for ASP.NET Applications" in "Deploying ASP.NET Applications in IIS. 6.0" in this book. |
The Machine.config attributes that affect performance-related metabase properties include:
webGarden and cpuMask
idleTimeout
restartQueueLimit
Migrating the webGarden and cpuMask Attributes
The combination of the webGarden and cpuMask Machine.config attributes provide configuration for ASP.NET on IIS 5.0 for Web gardens. Web gardens are created when there is more than one worker process servicing applications. In IIS 5.0, Web gardens are created for use by all applications running on the Web server. In IIS 6.0, Web gardens are created within each application pool.
Web gardens in IIS 5.0 allow ASP.NET to schedule a separate worker process for each microprocessor on a Web server with multiple microprocessors. In contrast, you can create a Web garden on IIS 6.0 by specifying multiple worker processes for an application pool, regardless of the number of microprocessors in the Web server. For more information about Web gardens in IIS 6.0, see "Configuring Web Gardens" in "Ensuring Application Availability" in this book.The webGarden Machine.config attribute, which has a default value of False, controls CPU affinity when used in conjunction with the cpuMask attribute. When the webGarden attribute is set to:
True. ASP.NET creates a separate worker process for each processor specified in the cpuMask Machine.config attribute.
False. ASP.NET creates only one worker process and the cpuMask Machine.config attribute is ignored.
The cpuMask Machine.config attribute, default value 0xffffffff, specifies which microprocessors on a multiprocessor Web server are able to run worker processes initiated by ASP.NET. By default, all processors are able to run worker processes initiated by ASP.NET. The cpuMask attribute also contains a bitmask value that indicates the microprocessors that are able to run ASP.NET processes. When a bit in the cpuMask bitmask value is set to 1, the corresponding microprocessor is able to run ASP.NET processes. You need to record the number of bitmasks enabled to convert this to the correct number of application pools.For example, if cpuMask is set to a value of 0x0d, the equivalent of the binary bit pattern is 1101. If your Web server has four microprocessors, the bitmask value 1101 indicates that you need three worker processes.Configure the Maximum number of worker processes setting in IIS 6.0 to the number of microprocessors that are enabled in the cpuMask Machine.config attribute. The default value for Maximum number of worker processes is 1, indicating that Web gardens are not enabled.For more information about how to configure the Maximum number of worker processes setting, see "Configure Application Pool Performance" in "IIS Deployment Procedures" in this book.
Migrating the restartQueueLimit Attribute
The restartQueueLimit Machine.config attribute, which has a default value of 10, specifies the maximum number of requests that will be queued in ASP.NET while waiting for the worker process to recycle after an abnormal termination.Configure the Limit the kernel request queue to setting in IIS 6.0 to the same value that is configured in the restartQueueLimit Machine.config attribute.
For more information about how to configure the Limit the kernel request queue to setting, see "Configure Application Pool Performance" in "IIS Deployment Procedures" in this book.
| Note | When application pool queue length limits are enabled, IIS monitors the number of requests for a designated application pool queue before queuing a new request. If adding a new request to the queue causes it to exceed the queue length limit, the server rejects the request and sends a 503-error response (that cannot be customized) to the client. However, requests that are already queued remain in the queue even if the limit is changed to a value that is less than the current queue length. |
Migrating the idleTimeout Attribute
The idleTimeout Machine.config attribute, default value infinite, specifies the maximum number of minutes that a worker process can be inactive before it is automatically shut down by ASP.NET. The attribute is a string value in the format of hr:min:sec. To configure this value in IIS 6.0, you need to convert this format to time in minutes.Configure the Shutdown worker processes after being idle for setting in IIS 6.0 to the same time value, in minutes, that is configured in the idleTimeout Machine.config attribute.For more information about how to configure the Shutdown worker processes after being idle for setting, see "Configure Application Pool Performance" in "IIS Deployment Procedures" in this book.
Migrating Health-Related Attributes
By detecting the degree of stability (or health) of an ASP.NET application, IIS determines whether corrective action is required. In IIS 5.0, ASP.NET detects an unhealthy worker process. In IIS 6.0, the WWW service detects an unhealthy worker process that has terminated abnormally if all of the available IIS threads in the worker process assigned to the application pool are blocked.The Machine.config attributes that affect health-related metabase properties include:
shutdownTimeout
pingFrequency and pingTimeout
Migrating the shutdownTimeout Attribute
The shutdownTimeout Machine.config attribute, default value five seconds, specifies the maximum number of seconds allotted for a worker process to shut down before ASP.NET automatically shuts it down. The attribute is a string value in the format of hr:min:sec. To configure this value in IIS 6.0, you need to convert this format to time in seconds.
Configure the Worker process must shutdown setting in IIS 6.0 to the same time value, in minutes, that is configured in the shutdownTimeout Machine.config attribute.For more information about how to configure the Worker process must shutdown setting, see "Configure Application Pool Health" in "IIS Deployment Procedures" in this book.
Migrating the pingFrequency and pingTimeout Attributes
In IIS 5.0, the combination of the pingFrequency and pingTimeout Machine.config attributes specifies whether ASP.NET should monitor the health of worker processes. If IIS 6.0 is running in worker process isolation mode, the WWW service periodically monitors the health of a worker process.The pingFrequency Machine.config attribute, default value 30 seconds, specifies the interval at which ASP.NET queries the worker processes to determine if each worker process is still operating correctly. The pingFrequency Machine.config attribute is a string value in the format of hr:min:sec. To configure this value in IIS 6.0, you need to convert this format to time in seconds.The pingTimeout Machine.config attribute, default value five seconds, specifies the interval after which ASP.NET restarts a worker process if there was no response to the most recent query. If a worker process does not respond to the "ping" within the value set by the pingTimeout Machine.config attribute, the worker process is restarted. The pingTimeout Machine.config attribute is a string value in the format of hr:min:sec. To configure this value in IIS 6.0, you need to convert this format to time in seconds.You can configure the equivalent settings in IIS 6.0 by making changes to the equivalent IIS metabase properties, listed in Table 5.11.
Machine.config Attribute | Equivalent IIS Metabase Property |
|---|---|
pingFrequency | PingInterval |
pingTimeout | PingResponseTime |
| Note | Unless required by your ASP.NET applications, use the default settings in IIS 6.0. In IIS 6.0, the default setting for Pinglnterval is 30 seconds and the default setting for PingResponseTime is 90 seconds. |
You can configure the PingInterval metabase property through the Ping worker process setting for application pools in IIS 6.0 Manager. For more information about how to configure the Ping worker process setting, see "Configure Application Pool Health" in "IIS Deployment Procedures" in this book.
You can only configure PingResponseTime by directly modifying the metabase or programmatically through Windows Management Instrumentation (WMI) or ADSI. For more information about directly modifying the metabase, see "Modify the IIS Metabase Directly" in "IIS Deployment Procedures" in this book.
Migrating Identity-Related Attributes
In IIS 5.0, specifying an identity allowed a worker process in ASP.NET to use a Windows identity other than that of the default process identity. Process identity is an operating system term used to denote the account that a process runs under. Every running process on a Windows Server 2003 has a process identity that is used to control access to resources on the Web server.
| Note | In IIS 6.0, the application pool identity allows worker processes servicing the application pool to use an identity other than the default identity NetworkService. In IIS 5.0, the default identity is LocalSystem. |
The Machine.config attributes that affect identity-related metabase properties include:
username
password
Migrating the username Attribute
The username Machine.config attribute specifies the user account used by ASP.NET as an identity for worker processes. The attribute is a string value and does not exist in Machine.config by default.In IIS 5.0, the username Machine.config attribute has the following values:
No entry. When the username attribute does not exist in the Machine.config file, this causes ASP.NET to run worker processes under the identity of LocalSystem.
Machine. Causes ASP.NET to run worker processes under a user account named ASPNET that is created automatically when ASP.NET is installed. This is the default configuration.
System. Causes ASP.NET to run worker processes under a user account named System that is created automatically when ASP.NET is installed and allows ASP.NET processes to have full administrative privileges. Applications running under the identity of the System account have unconstrained privileges on the Web server. Run applications under the identity of the System account only when required by your applications.
Configured account. When the username attribute contains a service account, this causes ASP.NET to run worker processes under the identity of the service account.
Configure the equivalent settings in IIS 6.0 by selecting an IIS 6.0 configuration setting that allows the ASP.NET application to run properly while not compromising the security of the Web server. This selection is done in an order of preference, from most secure to least secure.
Configure the User name settings in IIS 6.0 by selecting one of the following in order of security preference:
Option 1. Configure IIS 6.0 to use NetworkService.
Option 2. Configure IIS 6.0 to use a new service account and grant the account the minimal user rights or group membership to allow the applications to run successfully.
Option 3. Configure IIS 6.0 to use a new service account that belongs to the local Administrators group.
Option 1: Configure IIS 6.0 to use NetworkService
This is the default identity for IIS 6.0 and is the recommend identity. Most ASP.NET applications can run by using this configuration. Test your ASP.NET application to ensure proper operation with NetworkService as the identity.For more information about how to configure the username setting, see "Configure Application Pool Identity" in "IIS Deployment Procedures" in this book.
Option 2: Configure IIS 6.0 to use a new service account and grant the account the minimal user rights or group membership to allow the applications to run successfully
Select this option when the ASP.NET application is unable to run under the NetworkService identity. You might need to do this when the username Machine.config attribute does not exist or is set to Machine, System, or to a configured account.For more information about how to create an account see "Create a Service Account" in "IIS Deployment Procedures" in this book. For more information about how to grant user rights, see "Grant User Rights to a Service Account" in "IIS Deployment Procedures" in this book. For more information about how to configure the username setting, see "Configure Application Pool Identity" in "IIS Deployment Procedures" in this book.
Option 3: Configure IIS 6.0 to use a new service account that belongs to the local Administrators group
As a last resort, select this option when the ASP.NET application requires an identity that is a member of the local Administrators group. You might need to do this when the username Machine.config attribute does not exist, is set to System, or is set to a configured account that is a member of the local Administrators group.For more information about how to create an account see "Create a Service Account" in "IIS Deployment Procedures" in this book. For more information about how to make a service account a member of the local Administrators group, see "Make a Service Account a Member of the Local Administrators Group" in "IIS Deployment Procedures" in this book. For more information about how to configure the username setting, see "Configure Application Pool Identity" in "IIS Deployment Procedures" in this book.
Migrating the password Attribute
The password Machine.config attribute specifies the password for the user account used by ASP.NET as an identity for worker processes. The attribute is a string value and does not exist in Machine.config by default, which indicates that the worker processes should run under the default identity of LocalSystem in IIS 5.0.If you selected NetworkService for the identity for the worker processes, then no password is required. If you decided to create a service account, then configure the Password setting in IIS 6.0 with the password for the service account.For more information about how to configure the Password setting, see "Configure Application Pool Identity" in "IIS Deployment Procedures" in this book.
