In-depth analysis of IIS 6.0 (three)

Fourth, the application pool details
Earlier we learned about the key components of the IIS 6.0 architecture, let's take a look at some issues related to the application pool. The application pool's Properties dialog has four pages—recycling, performance, health, and identity, as shown in Figure 6. Perhaps the most compelling of these options pages is the Recycle page, which allows you to manage the recycling of worker processes. In worker process isolation mode, IIS can be configured to periodically restart worker processes in the application pool to better manage those worker processes that have errors. This ensures that the applications in the pool are functioning properly and that lost system resources can be recovered. In order to reclaim the worker process, the ability of the failed worker process to receive the request will be limited until it has processed all remaining requests stored in the request queue. In order to drain the current request, a process configuration limit can be given. A replacement worker process for the same namespace group is started before the old worker process stops, preventing service interruption. The old process completes its pending request and then shuts down gracefully, or explicitly terminates the process if it reaches the configured time limit, the number of requests, the set time schedule, or does not close after reaching the specified memory usage limit. . By default, the application pool is reclaimed every 1740 minutes (29 hours).

W3SVC judges whether the application pool runs normally according to the options on the Health page, including: Ping the work process every specified time, the time is in seconds, the default value is 30 seconds; the startup time limit (working The process must start within the specified time); the time limit is closed (the worker process must be shut down within the specified time); whether fast failure protection is initiated (if a certain number of worker processes fail within the specified time period, the application is disabled) Pool). In addition, ISAPI applications (including ASP.NET and asp.dll) can declare that they are no longer suitable for providing services and require recycling.

By default, when IIS 6.0 reclaims a pool, it uses a recycling technique called overlapped recycle. In this recycling mode, the failed worker process will remain running and a new worker process will be created. IIS 6.0 passes the new incoming request to the new worker process, but does not tear down the old worker process until the old worker process has processed the request in its queue or encountered a timeout error. During this time, the TCP/IP connection will not be lost because there is http.sys keeping the connection valid. When a failed worker process times out, the next request is passed to the worker process as a new request, so the session information originally saved in the process is lost. All such recycling operations are automated, without administrator intervention, and in most cases, do not cause significant service disruptions. If necessary, you can set the value of the configuration data property LogEventOnRecycle to 1, indicating that W3SVC generates an event log record when it performs a reclamation operation.

For applications that cannot run in multiple instances, the overlapped recycle recycling technique can cause problems. If you encounter such problems, you can set the value of the configuration data property DissallowOverlappingRotation to True (1) to close the process "overlap" phenomenon when an application pool recycle operation is closed. In addition, for a failed worker process, sometimes we may not want to remove it, still keep the process in order to detect and find the root cause of the problem, then you can set the configuration data property OrphanActionExe to the name of the execution file, so that the work process becomes " The orphans execution file remains running.

Another feature related to application pooling is that IIS 6.0 allows the application pool to be configured as a Web Garden. To understand the concept of Web garden, imagine a scenario where you have an IIS 5.0 server and three Web sites, each running the same application, if IIS 5.0 can automatically request in a circular loop mode. Sequentially sent to these functionally equivalent, virtually separate Web sites, separating the load into three different processes, you can form a small Web Farm - this is the Web Garden.

In the IIS 6.0 Web Garden, we don't have to create additional Web sites, just specify the number of worker processes for an application pool. The specific configuration steps are: open the "Properties" dialog box of the application pool, go to the "Performance" page, enter the number of processes in the "Maximum number of working processes" input box under "Web Garden", as shown in Figure 8. When the server load is small and no additional work processes are required, IIS 6.0 automatically reduces the actual number of worker processes after a certain amount of time (default 20 minutes, configurable); if the load becomes larger, additional work processes are required, IIS 6.0 again increases the number of work processes. All of this is done automatically and requires no administrator intervention. Figure VIII

two new configuration data and attributes --SMPAffinitze SMPAffinitzeCPUMask-- allows worker processes configured to assign a particular processor to: SMPAffinitized property set to true will be allocated to represent The specific worker process of the application pool is assigned to a specific CPU. The SMPProcessorAffinityMask attribute is used to configure the hexadecimal processor mask, which indicates which worker process in the application pool should be bound to. CPU.

Writing here, the length of the article seems to have been too long. This article mainly introduces the new features of IIS 6.0 from the perspective of architecture, and tries to be comprehensive, at least better than the introductions usually seen. The second part of the article will cover more of the new features of IIS 6.0, and you will find many new features that you have long hoped for.
The previous article introduced the installation of IIS 6.0 and the new architecture of the Web server. The number of new features in IIS 6.0 is amazing, and some of them are so compelling that most of the attention of people is attracted to them. In this second article on IIS 6.0, we will not only understand these features that have become "stars", but also focus on the various improvements that IIS 6.0 pays less attention to but are equally important.

I. Security

Microsoft has done the same thing over and over again - a software product has gone wrong, and people have been criticized, so quickly release a new version to solve the problem . For example, after the release of Windows NT 4.0, it was criticized for stability problems; so Microsoft released Windows 2000, the stability of the new operating system is well received, but the default installation of IIS 5.0 on Win 2K server has become a huge security risk. It takes a lot of effort to rectify the problem. IIS 6.0 is not installed by default. If you install it by default, the web server can only provide static content services. Therefore, from this perspective, IIS 6.0 greatly reduces the security risk even if the IIS 6.0 application engine and components suddenly have problems. In addition, Windows Server 2003 also has a new group policy "Forbidden to install IIS". With this group policy, we can prohibit Windows 2003 from installing IIS on the machine that is not ready for Web server in Active Directory (AD) forest. 6.0, to prevent the use of IIS 6.0 servers that are useless and insecure on the network. However, this group policy is currently only valid for Windows 2003 servers and does not prevent Windows XP Pro and Win 2K machines from installing IIS 5.0.

Of course, since the newly installed IIS 6.0 does not support dynamic content, there is a second question that people often ask: "Why can't my server run ASP?" (Previously, first The question people often ask is: "Can IIS 6.0 run on a Win 2K server?" The answer is "no"). To run a program on IIS 6.0, you must use a new feature of IIS 6.0, the Web Service Extension, or the Web Service Extension (this name seems to imply that it has some relationship with the XML Web service, which is not the case.)

If you want to enable Web service extension for a program, first open IIS Manager (in "Control Panel" → "Administrative Tools". Previously called Internet Service Manager or ISM), as shown in Figure 1, click "Add a new web service extension" and launch the wizard to create a new rule. Give the rule a name and find the executable you want to enable. In addition, there is an iisext.vbs script under \\system32\\inetsrv, which also configures and manages web service extensions, applications, and individual files running Windows Server 2003 with IIS 6.0. Administrators can use this script to enable and list applications; add and remove applications

In Figure 1, note that "all unknown ISAPI extensions" and "All Unknown CGI Extensions" Both Web Service Extensions . By default, these two extensions are disabled, meaning that an application cannot run unless it is explicitly allowed to run on IIS 6.0. If a user requests a file that is not enabled, IIS 6.0 will return a 404 error to the user - the file or directory was not found, and the "404.2 file or directory could not be found in the W3SVC log: the lock policy prohibits the request". In IIS 6.0, 404.2 and other sub-status codes are an optional feature of the W3SVC log file to help troubleshoot and troubleshoot (there are sub-status codes in IIS 5.0 and IIS 4.0, but they are not recorded in the log file. But you can turn them to a custom error page to perform special processing based on the sub-status code). IIS 6.0 sub-status code is useful, they provide detailed information describing the problem, for example: 403.20, no access: Passport login failed; 403.18, no access: unable to execute the requested URL in the current application pool; 404.3, file or The directory could not be found: the MIME mapping policy forbids the request; 500.19, server error: The data for this file is not configured correctly in the configuration database. All of these and other errors are mapped to a custom error page that does not send the sub-status code to the user, and the attacker cannot know the specific error message. Another security improvement is that IIS 6.0 allows the assignment of a Cryptographic Service Provider (CSP) that integrates a hardware-based Secure Sockets Layer (SSL) accelerator into IIS 6.0. The encryption task moves from the server's general purpose CPU to a dedicated device optimized for cryptographic operations, which improves performance and reliability.

Second, configuration data

In IIS 5.0 and IIS 4.0, the configuration database uses a binary file structure, but IIS 6.0 gave up this practice. The configuration data of IIS 6.0 consists of two XML files: one is Metabase.xml, which contains the configuration information of the IIS 6.0 server; the other is mbschema.xml, which contains the schema definition of the configuration data. IIS Manager provides a new feature that allows you to save a copy of the configuration data by right-clicking on the Web site and selecting "All Tasks" → "Save Configuration to a File", then specify the file name and save path of the configuration data copy. Just fine. When saving configuration data in this way, IIS 6.0 uses the system's Machine Key to encrypt portions of the configuration data, so a copy of the configuration data is only useful for the machine that created the copy.

However, in the "Save configuration to a file" dialog box, we can select the "Encrypt configuration with password" option, then specify the password, and use the password to protect the exported configuration file. If a password is provided, IIS 6.0 will replace the machine code with a password, and you can import the configuration data to another server by providing the same password in the future. Alternatively, we can use the command line script iisback.vbs (in systemroot\\System32) to create and manage backup copies of IIS configurations for remote or local computers. Administrators can use this script tool to create backup copies of their IIS configurations from backup copies. Restore IIS configuration and list and delete backup copies.

Sometimes, we only need to save the configuration of an application pool, Web site or virtual directory instead of saving all the configuration information. In this case, you can follow the steps below: Right click on the object to keep the configuration information. , select menu "All Tasks" → "Save configuration to a file", as shown in Figure 2, if you are ready to import configuration data to another server, you must provide the password for the encrypted file