Hi guys,
Since i've been configuring WFF 2.2 on IIS7.5, i've stumbled upon many (undocumented) issues. So here, my (short) walkthrough on how to achieve a 2 tier ARR + NLB (for both the ARRs), shared config on these ARRs as well as platform and application provisioning on the required amount of nodes!
The flow of this setup is as following:
Client request -----> NLB IP -----> ARR01 or ARR02 --> NodeXXX
Please note that the steps described might not be dead on, some config changes i've picked up from loose sites of which i cannot remember the source (e.g. the UAC disabling). This guide is intended to help people config their setups, please accept any flaws in it.
My setup is as following:
-2x ARR controller server
-3x web nodes
This setup used 6 IP's (1x NLB adress, 2x ARR, 3x nodes) in the same subnet, preferably.
This setup uses Microsoft Windows Server 2008 R2 x64 for all it's servers.
All servers in this setup are a member of the same Active Directory. This makes file sharing and authentication a lot easier for me.
'Steps':
-Web Platform installer (i used 3.0) on the ARRs.
-Install Web Farm Framework via the Web Platform installer on both ARRs. This will install all needed modules in IIS. Also install Application Request Routing & URL Rewrite.
-Disable UAC on all the nodes. JTBS i've disabled it on the ARRs as well.
-Leave the Windows Firewall service running on all machines. I've read the WFF agent will generate exceptions if you don't . Be sure to enable the Agent ports ( 8173, 8675) and 'file sharing' and 'remote management' in the windows firewall.
-Enable the 'desktop experience' feature and install Windows Mobile Device Center on the ARR01. This will enable 'offline files', which will be used for ARR02's 'shared config'. Make sure ARR02 can reach the shared config folder whilst ARR01 is offline! If not, make it so.
-Create an application in IIS on the ARRs (which doesnt need to do anything) and create bindings for it on port 80 and 443.
- Make sure you disable recycling for the used application pools. I've set timeout to 0 as well as Regular Time Interval. If you do not disable recycling, the web farm will fail and creates strange situations, like 'unknown' statusses in Monitoring and Management tool.
-Create a server farm and add nodes, including a primairy node. After creating, agree to the popup IIS generates for the URL rewrite rules needed to route traffic to your server farm. I've adjusted the rule to rewrite to HTTPS instead of the default HTTP later.
-Make sure the farm is functional before you continue. If it's not, you've done something wrong/forgot something which might not be covered in my above steps.
-Create a file share on ARR01, and make all files in this share available offline for ARR02.
-If everything is working well, proceed by exporting the IIS configuration in 'shared configuration' to the shared folder (eg c:\inetpub\shareconfig)
-Enable 'shared configuration' on ARR01, pointing to the file path above.
-Enable 'Shared Config' for ARR02. This time use the UNC share path. (eg \\ARR01\SharedConfig$)
-Close and reopen InetMgr on ARR02 (and ARR01, for fun!). You will see the farm you created earlier on ARR01.
Now you've created a working Shared config Web Farm. This, unfortunately, will not load balance (and HA) the requests fired to the ARRs. Lacking a hardware load balancer, i've created a software NLB, which server 2008 (and NT4.0 from the looks of the application) can provide.
-Enable Network Load Balancing feature on the ARR by adding both ARRs to a NLB cluster. Use NLB on port 443 with client affinity 'none'. I use Multicast, without IGMP. If you use Hyper-V, don't forget to enable 'mac adress spoofing' on the ARRs' virtual machine settings.
Now, the Web farm is available on the NLB adress!
If i've missed something, please point it out to me so i can adjust the startpost. Good luck!
edit: i've also placed WFFextensions.dll to the (new) folder Extensions on the ARRs (http://forums.iis.net/t/1180751.aspx)
edit2: i've also added a runprovider to help applicationProvisioning without nodes going down (in the applicationHost.config of the ARRs):
<runProviders>
<runProvider name="msDeploy cmd" description="" commandToRun=""%programfiles%\iis\Microsoft Web Deploy V2\msdeploy.exe" -verb:sync -source:contentPath=c:\inetpub\wwwroot,computerName="web-node01-prd",userName=administrator,password=password -dest:contentPath=c:\inetpub\wwwroot" dependants="ProvisionApplications" retryAttempts="5" retryInterval="1000" scriptType="command" operationType="Server">
</runProvider>
</runProviders>
edit: the damn markup isn't sticky on this forum fixed with HTML
Since i've been configuring WFF 2.2 on IIS7.5, i've stumbled upon many (undocumented) issues. So here, my (short) walkthrough on how to achieve a 2 tier ARR + NLB (for both the ARRs), shared config on these ARRs as well as platform and application provisioning on the required amount of nodes!
The flow of this setup is as following:
Client request -----> NLB IP -----> ARR01 or ARR02 --> NodeXXX
Please note that the steps described might not be dead on, some config changes i've picked up from loose sites of which i cannot remember the source (e.g. the UAC disabling). This guide is intended to help people config their setups, please accept any flaws in it.
My setup is as following:
-2x ARR controller server
-3x web nodes
This setup used 6 IP's (1x NLB adress, 2x ARR, 3x nodes) in the same subnet, preferably.
This setup uses Microsoft Windows Server 2008 R2 x64 for all it's servers.
All servers in this setup are a member of the same Active Directory. This makes file sharing and authentication a lot easier for me.
'Steps':
-Web Platform installer (i used 3.0) on the ARRs.
-Install Web Farm Framework via the Web Platform installer on both ARRs. This will install all needed modules in IIS. Also install Application Request Routing & URL Rewrite.
-Disable UAC on all the nodes. JTBS i've disabled it on the ARRs as well.
-Leave the Windows Firewall service running on all machines. I've read the WFF agent will generate exceptions if you don't . Be sure to enable the Agent ports ( 8173, 8675) and 'file sharing' and 'remote management' in the windows firewall.
-Enable the 'desktop experience' feature and install Windows Mobile Device Center on the ARR01. This will enable 'offline files', which will be used for ARR02's 'shared config'. Make sure ARR02 can reach the shared config folder whilst ARR01 is offline! If not, make it so.
-Create an application in IIS on the ARRs (which doesnt need to do anything) and create bindings for it on port 80 and 443.
- Make sure you disable recycling for the used application pools. I've set timeout to 0 as well as Regular Time Interval. If you do not disable recycling, the web farm will fail and creates strange situations, like 'unknown' statusses in Monitoring and Management tool.
-Create a server farm and add nodes, including a primairy node. After creating, agree to the popup IIS generates for the URL rewrite rules needed to route traffic to your server farm. I've adjusted the rule to rewrite to HTTPS instead of the default HTTP later.
-Make sure the farm is functional before you continue. If it's not, you've done something wrong/forgot something which might not be covered in my above steps.
-Create a file share on ARR01, and make all files in this share available offline for ARR02.
-If everything is working well, proceed by exporting the IIS configuration in 'shared configuration' to the shared folder (eg c:\inetpub\shareconfig)
-Enable 'shared configuration' on ARR01, pointing to the file path above.
-Enable 'Shared Config' for ARR02. This time use the UNC share path. (eg \\ARR01\SharedConfig$)
-Close and reopen InetMgr on ARR02 (and ARR01, for fun!). You will see the farm you created earlier on ARR01.
Now you've created a working Shared config Web Farm. This, unfortunately, will not load balance (and HA) the requests fired to the ARRs. Lacking a hardware load balancer, i've created a software NLB, which server 2008 (and NT4.0 from the looks of the application) can provide.
-Enable Network Load Balancing feature on the ARR by adding both ARRs to a NLB cluster. Use NLB on port 443 with client affinity 'none'. I use Multicast, without IGMP. If you use Hyper-V, don't forget to enable 'mac adress spoofing' on the ARRs' virtual machine settings.
Now, the Web farm is available on the NLB adress!
If i've missed something, please point it out to me so i can adjust the startpost. Good luck!
edit: i've also placed WFFextensions.dll to the (new) folder Extensions on the ARRs (http://forums.iis.net/t/1180751.aspx)
edit2: i've also added a runprovider to help applicationProvisioning without nodes going down (in the applicationHost.config of the ARRs):
<runProviders>
<runProvider name="msDeploy cmd" description="" commandToRun=""%programfiles%\iis\Microsoft Web Deploy V2\msdeploy.exe" -verb:sync -source:contentPath=c:\inetpub\wwwroot,computerName="web-node01-prd",userName=administrator,password=password -dest:contentPath=c:\inetpub\wwwroot" dependants="ProvisionApplications" retryAttempts="5" retryInterval="1000" scriptType="command" operationType="Server">
</runProvider>
</runProviders>