Pages

Tuesday, November 13, 2012

IIS 6.0 Architecture


Internet Information Services (IIS) – formerly called Internet Information Server – is a web server application and set of feature extension modules created by Microsoft for use with Microsoft Windows. IIS have several version and widely used are 6.0,7.0 and 7.5.Here,in this article i will try to explain IIS6 internals and its relation with ASP.Net.
HTTP.sys (HTTP Protocol Stack)
The HTTP listener is implemented as a kernel-mode device driver called the HTTP protocol stack (HTTP.sys). IIS 6.0 uses HTTP.sys, which is part of the networking subsystem of the Windows operating system, as a core component to receive and serve HTTP requests. Earlier versions of IIS use Windows Sockets API (Winsock), which is a user-mode component, to receive HTTP requests.
Kernel & User Mode
On widows (or most of modern OS) the program is allowed to run in kernel mode or user mode. When OS is first loaded, the windows kernel is started. It runs in kernel mode and set up paging and virtual memory.
The CPU is actually spending time in two very distinct modes:
  • Kernel Mode: In Kernel mode, the executing code has complete and unrestricted access to the underlying hardware. It can execute any CPU instruction and reference any memory address. Kernel mode is generally reserved for the lowest-level, most trusted functions of the operating system. Crashes in kernel mode are catastrophic; they will halt the entire PC.
  • User Mode: In User mode, the executing code has no ability to directly access hardware or reference memory. Code running in user mode must delegate to system APIs to access hardware or memory. Due to the protection afforded by this sort of isolation, crashes in user mode are always recoverable. Most of the code running on your computer will execute in user mode.
In windows task manager, under performance chart, the green line is total CPU time; the red line is Kernel time. The gap between the two is User time.
The two modes are enforced by CPU hardware, x86 CPU hardware actually provides four protection rings: 0, 1, 2, and 3. only rings 0 (Kernel) and 3 (User) are typically used.
Most of system drivers runs in kernel mode for maximum performance and other programs runs in User mode (some drivers may run in user mode) for maximum stability. User mode is clearly a net public good, but it comes at a cost.  Transitioning between User and Kernel mode is expensive. It’s why software that throws exceptions is slow, for example. Exceptions imply kernel mode transitions. Granted, we have so much performance now that we rarely have to care about transition performance, but when you need ultimate performance, you definitely start caring about kernel mode.
How HTTP.sys Works
When you create a Web site, IIS registers the site with HTTP.sys, which then receives any HTTP requests for the site. HTTP.sys functions like a forwarder, sending the Web requests it receives to the request queue for the user-mode process that runs the Web site or Web application. HTTP.sys also sends responses back to the client.
Other than retrieving a stored response from its internal cache, HTTP.sys does not process the requests that it receives. Therefore, no application-specific code is ever loaded into kernel mode. As a result, bugs in application-specific code cannot affect the kernel or lead to system failures.
HTTP.sys provides the following services in IIS 6.0:
  • Routing HTTP requests to the correct request queue.
  • Caching of responses in kernel mode.
  • Performing all text-based logging for the WWW service.
  • Implementing Quality of Service (QoS) functionality, which includes connection limits, connection timeouts, queue-length limits, and bandwidth throttling.
When IIS 6.0 runs in worker process isolation mode, HTTP.sys listens for requests and queues those requests in the appropriate queue. Each request queue corresponds to one application pool. An application pool corresponds to one request queue within HTTP.sys and one or more worker processes.
When IIS 6.0 runs in IIS 5.0 isolation mode, HTTP.sys runs like it runs in worker process isolation mode, except that it routes requests to a single request queue.
If a defective application causes the user-mode worker process to terminate unexpectedly, HTTP.sys continues to accept and queue requests, provided that the WWW service is still running, queues are still available, and space remains in the queues.
When the WWW service identifies an unhealthy worker process, it starts a new worker process if outstanding requests are waiting to be serviced. Thus, although a temporary disruption occurs in user-mode request processing, an end user does not experience the failure because TCP/IP connections are maintained, and requests continue to be queued and processed.
Note : A web farm is a multi-server scenario. So we may have a multiple servers for an application. If the load on one server is in excess then the other servers step in to bear the brunt.How they bear it is based on various models.
  • RoundRobin. (All servers share load equally)
  • NLB (economical)
  • HLB (expensive but can scale up to 8192 servers)
  • Hybrid (of 2 and 3).
  • CLB (Component load balancer).
A web garden is a multi-processor setup. i.e. a single server . How to implement webfarms in .Net:
Go to web.config and here for mode you have 4 options.
  • Say mode inproc (non web farm but fast when you have very few customers).
  • Say mode StateServer (for webfarm).
  • Outproc
 Whether to use option b or c depends on situation. StateServer is faster but SqlServer is more reliable and used for mission critical applications.
IIS 6.0 provides four Internet services
  • WWWServices :The World Wide Web Publishing Service (WWW service) for hosting Internet and intranet content.
  • FTP Service :The File Transfer Protocol (FTP) service for hosting sites where users can upload and download files.
  • NNTP Service :The Network News Transfer Protocol (NNTP) service for hosting discussion groups.
  • SMTP Service :The Simple Mail Transfer Protocol (SMTP) service for sending and receiving e-mail messages.
The World Wide Web Publishing Service
The World Wide Web Publishing Service (WWW service) provides Web publishing for IIS, connecting client HTTP requests to Web sites running on an IIS-based Web server.
The WWW service manages and configures the IIS core components that process HTTP requests. These core components include the HTTP protocol stack (HTTP.sys) and the worker processes.
The WWW service includes these subcomponents: Active Server Pages (ASP), Internet Data Connector, Remote Administration (HTML), Remote Desktop Web Connection, server-side includes (SSI), Web Distributed Authoring and Versioning (WebDAV) publishing, and ASP.NET.
¦lt;br /> Worker Processes (IIS 6.0)
A worker process is user-mode code whose role is to process requests, such as processing requests to return a static page, invoking an ISAPI extension or filter, or running a Common Gateway Interface (CGI) handler.
In both application isolation modes, the worker process is controlled by the WWW service.  However, in worker process isolation mode, a worker process runs as an executable file named W3wp.exe
Worker processes use HTTP.sys to receive requests and to send responses by using HTTP.  Worker processes also run application code, such as ASP.NET applications and XML Web services. You can configure IIS to run multiple worker processes that serve different application pools concurrently. This design separates applications by process boundaries and helps achieve maximum Web server reliability.
By default, worker processes in worker process isolation mode run under the Network Service account, which has the strongest security (least access) compatible with the functionality that is required. IIS 5.0 isolation mode will be discussed later in this article.
Inetinfo.exe (IIS 6.0)
When IIS 6.0 runs in worker process isolation mode,Inetinfo.exe is a user-mode component that hosts the IIS metabase and that also hosts the non-Web services of IIS 6.0, including the FTP service, the SMTP service, and the NNTP service. Inetinfo.exe depends on IIS Admin service to host the metabase.
When IIS 6.0 runs in IIS 5.0 isolation mode, Inetinfo.exe functions much as it did in IIS 5.0. In IIS 5.0 isolation mode, however, Inetinfo.exe hosts the worker process, which runs ISAPI filters, Low-isolation ISAPI extensions, and other Web applications.
In IIS6.0, regardless of the application isolation mode used, the services that run in Inetinfo.exe run as dynamic-link libraries (DLLs) under the Local System account. Because a Local System account allows users access to every resource on the local computer.
IIS 5.0 isolation mode
IIS 5.0 isolation mode provides compatibility for applications that were designed to run in earlier versions of IIS. When IIS 6.0 is running in IIS 5.0 isolation mode, request processing is almost identical to the request processing in IIS 5.0. When a server is working in IIS 5.0 isolation mode, application pools, recycling, and health monitoring features are unavailable.
Figure 2 : below shows the IIS 5.0 isolation mode.
Note : Use IIS 5.0 isolation mode only if components or applications do not function in worker process isolation mode.
COM makes it possible to create DLL servers that can be loaded into a surrogate EXE process. This combines the ease of writing DLL servers with the benefits of executable implementation.The dllhost.exe process goes by the name COM Surrogate ,which is an general purpose executable to host dlls out of process.If there is any unhandlled error in user dll which may crash the COM Surrogate process leaving the originating process intact.
Application Pools
When you run IIS 6.0 in worker process isolation mode, you can separate different Web applications and Web sites into groups known as application pools.Every application within an application pool shares the same worker process. Because each worker process operates as a separate instance of the worker process executable, W3wp.exe, the worker process that services one application pool is separated from the worker process that services another. Each separate worker process provides a process boundary so that when an application is assigned to one application pool, problems in other application pools do not affect the application. This ensures that if a worker process fails, it does not affect the applications running in other application pools.
Use multiple application pools when you want to help ensure that applications and Web sites are confidential and secure.
Note : You can’t configure two diferent version of ASP.Net (say 1.1 and 2.0) application is single application pool (same IIS process) because different versions of the .NET Framework and run time cannot coexist side by side within the same process. For this to work you need to create atleast pools each version of ASP.net application.
ISAPI
Internet Server Application Programming Interface (ISAPI), is an API developed to provide the application developers with a powerful way to extend the functionality of Internet Information Server (IIS). ISAPI extensions are true applications that run on IIS and have access to all of the functionality provided by IIS. As an example of how powerful ISAPI extensions can be, ASP.Net pages are processed through an ISAPI extension called aspnet_isapi.dll. ISAPI extensions are implemented as DLLs that are loaded into a process that is controlled by IIS. Like ASP and HTML pages, IIS uses the virtual location of the DLL file in the file system to map the ISAPI extension into the URL namespace that is served by IIS.Extensions and filters are the two types of applications that can be developed using ISAPI.
Application mappings
Application mappings (or script mappings) are the Web server equivalent of file associations in Windows.In IIS, ASP.Net functionality is contained in an ISAPI extension called aspnet_isapi.dll. Any file that is requested from the IIS server that ends in “.aspx” is mapped to aspnet_isapi.dll which is assigned to process the file before displaying its output in the client’s window.On arrival of first request on IIS , IIS loads appropriates ISAPI extenstion dll and call  ISAPI extension’s HttpExtensionProcfunction,the ISAPI extension carries out the actions it was designed to perform: for example, reading more data from the client (as in a POST operation), or writing headers and data back to the client.For each request, IIS perform all initialization and uninitialization from within HttpExtensionProc.
In the next article of this series “ASP.Net Internals“ we will discuss in detail how ASP.Net is related to worker process and how it gets activated when HTTP.sys recieves an request for aspx resouce on you web server (IIS).
Reference:
http://www.rajneeshnoonia.com/blog/2010/05/iis6-architecture/

No comments:

Post a Comment