managing php and php applications on windows drew robbins developer evangelist microsoft corporation
Post on 19-Dec-2015
232 views
TRANSCRIPT
Managing PHP and PHP Managing PHP and PHP Applications on WindowsApplications on Windows
Drew RobbinsDrew RobbinsDeveloper EvangelistDeveloper EvangelistMicrosoft CorporationMicrosoft Corporation
Today’s Agenda…Today’s Agenda…
IIS 6.0 and IIS 7.0 PillarsIIS 6.0 and IIS 7.0 Pillars
Configuring PHP ApplicationsConfiguring PHP Applications
Securing PHP on WindowsSecuring PHP on Windows
Extending PHP ApplicationsExtending PHP Applications
Managing your IIS 7.0 SystemsManaging your IIS 7.0 Systems
Troubleshooting & DiagnosticsTroubleshooting & Diagnostics
SummarySummary
Scale-up/scale-outScale-up/scale-outKernel-mode cachingKernel-mode cachingIntegrated application platformIntegrated application platform
ScalabilityScalability
XML-based configurationXML-based configurationCommand line administrationCommand line administrationRemote administrationRemote administration
SystemSystemManagementManagement
Fault tolerant architectureFault tolerant architectureHealth monitoringHealth monitoringIntelligent queuingIntelligent queuing
ReliabilityReliability
Secure by defaultSecure by defaultSecure by designSecure by designSecure in deploymentSecure in deployment
SecuritySecurity
IIS 6.0 PillarsIIS 6.0 Pillars
To the Next Level, IIS 7.0 PillarsTo the Next Level, IIS 7.0 Pillars
Distributed, delegatable configurationDistributed, delegatable configurationRich ExtensibilityRich ExtensibilityIntegrated Configuration for Web PlatformIntegrated Configuration for Web Platform
ConfigConfig
Innovative, Brand-new IIS ManagerInnovative, Brand-new IIS ManagerAppCmd.exe: Command line administrationAppCmd.exe: Command line administrationHttp & Https Remote administrationHttp & Https Remote administration
SystemSystemManagementManagement
Brand-new State APIBrand-new State APIEasy-to-setup & Use Failed Request TracingEasy-to-setup & Use Failed Request TracingIIS & ASP.NET Integrated DiagnosticsIIS & ASP.NET Integrated Diagnostics
DiagnosticsDiagnostics
Customized, Componentized Web ServerCustomized, Componentized Web ServerReduced management of PatchesReduced management of PatchesURLScan built-in FunctionalityURLScan built-in Functionality
SecuritySecurity
Brand new Win32 APIBrand new Win32 APIIntegrated support for iHttpModules (ASP.NET)Integrated support for iHttpModules (ASP.NET)ExtensibilityExtensibility
SecureSecure
ReliableReliable
ScalabilityScalability
IIS 7.0
Metabase is goneMetabase is gone
Central File: ApplicationHost.configCentral File: ApplicationHost.configStrongly typed SchemaStrongly typed Schema
Uses ASP.NET semantics for .config filesUses ASP.NET semantics for .config files
Full Distributed ConfigurationFull Distributed ConfigurationUse only ApplicationHost.config using IIS 7 defaultsUse only ApplicationHost.config using IIS 7 defaults
Unlock: Give application developers control of Unlock: Give application developers control of individual sections, collections, elements, and more!individual sections, collections, elements, and more!
New scripting and command line tools for New scripting and command line tools for configuration.configuration.
Configuration & IIS 7.0Configuration & IIS 7.0
Demonstration OneDemonstration One
Configuring PHPConfiguring PHP
Slim & EfficientSlim & EfficientInstall only the components you needInstall only the components you need
Reduce attack surface to minimumReduce attack surface to minimum
Five timesFive times more granular than existing IIS more granular than existing IIS versionsversions
Servicing and patching on a per component Servicing and patching on a per component basisbasis
If you don’t install it, you If you don’t install it, you won’twon’t need to patch it need to patch it
Security & IIS 7.0Security & IIS 7.0
Demonstration TwoDemonstration Two
Securing PHP on WindowsSecuring PHP on Windows
Core ServerCore ServerBrand new Win32 Native InterfaceBrand new Win32 Native Interface
ALL IIS modules written using this interfaceALL IIS modules written using this interfaceUnlike ISAPI, IIS team uses this very API just like you willUnlike ISAPI, IIS team uses this very API just like you will
Full ASP.NET 2.0 SupportFull ASP.NET 2.0 SupportiHttpModule Interface available TODAY supportediHttpModule Interface available TODAY supportedASP.NET 2.0 Handlers run exactly as they do todayASP.NET 2.0 Handlers run exactly as they do today
ConfigurationConfigurationFully extensible using XML schema filesFully extensible using XML schema files
IIS Manager (User Interface)IIS Manager (User Interface)Using .NET 2.0, extend IIS Manager capabilitiesUsing .NET 2.0, extend IIS Manager capabilities
DiagnosticsDiagnosticsAdd your events directly into our pipelineAdd your events directly into our pipeline
Extensibility & IIS 7.0Extensibility & IIS 7.0
Today’s “Request Pipeline”Today’s “Request Pipeline”
w3svc
http.sys
cgicgi staticstaticfilefile
IsapiIsapiextsexts
handlershandlers
Pre-proc headersPre-proc headers
auth’c reqauth’c req
url mapurl map
loglog
End net sessionEnd net session
ISAPI Filter ISAPI Filter NotificationsNotifications
aspnet_isapi.aspnet_isapi.dlldll
IHttpModule EventsIHttpModule Events
url mapurl map
begin reqbegin req
auth’c reqauth’c req
auth’z reqauth’z req
resolve cacheresolve cache
handler maphandler map
handler exechandler exec
update req cacheupdate req cache
rel req staterel req state
end reqend req
IHttpHandlersIHttpHandlers
Trace.axdTrace.axd PageHandlerPageHandler
w3wp.exew3wp.exe
custom errorscustom errors
authenticationauthentication
logginglogging
compressioncompression
determine handlerdetermine handler
beginbegin
authenticateauthenticate
authorizeauthorize
resolve cacheresolve cache
map handlermap handler
acquire stateacquire state
pre-execute handlerpre-execute handler
executeexecute handlerhandler
release staterelease state
update cacheupdate cache
loglog
endend
forms authforms authwindows authwindows auth
digest authdigest auth
basic authbasic auth
IHttpModuleIHttpModule
*.aspx*.aspx trace.axdtrace.axd
IHttpHandlerIHttpHandler
isapi extisapi extstatic filestatic file
Native ModuleNative Module
Native HandlerNative Handler
native modulesnative modulesmanaged modulesmanaged modules
role mgrrole mgr
url auth’zurl auth’z
The New The New MergedMerged IIS7 Pipeline IIS7 Pipeline
was
http.sys
Demonstration ThreeDemonstration Three
Extending PHPExtending PHP
Wizards that Wizards that fully-complete fully-complete common taskscommon tasksFully delegable Fully delegable support to support to Windows/Non-Windows/Non-Windows Windows accountsaccountsEnhanced Enhanced support for support for common common ASP.NET ASP.NET configurationconfigurationWizard-based Wizard-based support for IIS support for IIS Troubleshooting Troubleshooting featuresfeatures
System Management & IIS 7.0: User InterfaceSystem Management & IIS 7.0: User Interface
Re-built WMI Re-built WMI provider provider offering full offering full support for support for new new configurationconfiguration
Fully Fully extensible to extensible to allow support allow support for your for your custom codecustom code
System Management & IIS 7.0: WMI ProviderSystem Management & IIS 7.0: WMI Provider
Set oService = GetObject("winmgmts:root\WebAdministration")
' Create binding for siteSet oBinding = oService.Get("BindingElement").SpawnInstance_oBinding.BindingInformation = "*:80:www.site.com"oBinding.Protocol = "http"
' Create site oService.Get("Site").Create _ "NewSite", array(oBinding), "C:\inetpub\wwwroot"
' Create application oService.Get("Application").Create _ "/foo", "NewSite", "C:\inetpub\wwwroot\foo"
AppCmd.exe offers quick access to new AppCmd.exe offers quick access to new IIS 7 configurationIIS 7 configuration
Quick, efficient access to new IIS 7 Quick, efficient access to new IIS 7 configurationconfiguration
Mirrors *.vbs files from IIS 6.0Mirrors *.vbs files from IIS 6.0
Built-in “pipe” supportBuilt-in “pipe” support
System Management & IIS 7.0: AppCmd.exeSystem Management & IIS 7.0: AppCmd.exe
C:\> C:\> appcmd list sitesappcmd list sitesSITE "Default Web Site" (id:1,bindings:HTTP/*:80:,state:Started)SITE "Default Web Site" (id:1,bindings:HTTP/*:80:,state:Started)SITE "Site1" (id:2,bindings:http/*:81:,state:Started)SITE "Site1" (id:2,bindings:http/*:81:,state:Started)SITE "Site2" (id:3,bindings:http/*:82:,state:Stopped)SITE "Site2" (id:3,bindings:http/*:82:,state:Stopped)
C:\> C:\> appcmd list requestsappcmd list requestsREQUEST "fb0000008000000e" (url:GET /wait.aspx?REQUEST "fb0000008000000e" (url:GET /wait.aspx?time=10000,time:4276 msec,client:localhost) time=10000,time:4276 msec,client:localhost)
WMIv2 & ADSI WMIv2 & ADSI SupportSupport
Existing Scripts will Existing Scripts will “just work”“just work”
Installing Metabase Installing Metabase support is easysupport is easy
Low-level interface Low-level interface to “re-route” Admin to “re-route” Admin Base Object (ABO) Base Object (ABO) calls to new calls to new configurationconfiguration
Relies on Relies on Inetinfo.exe service Inetinfo.exe service be presented and be presented and loadedloaded
System Management & IIS 7.0: CompatibilitySystem Management & IIS 7.0: Compatibility
Demonstration FourDemonstration Four
Managing IIS 7.0Managing IIS 7.0
New, in-process state information availableNew, in-process state information availableCurrent processes runningCurrent processes running
Application Pools Process Id (PID)Application Pools Process Id (PID)
Currently executing requestsCurrently executing requests
AppDomains loadedAppDomains loaded
Real-time starting & stopping of sitesReal-time starting & stopping of sites
Troubleshooting & Diagnostics in IIS 7.0: RSCATroubleshooting & Diagnostics in IIS 7.0: RSCA
Coolest feature of Coolest feature of ‘em all…‘em all…
Failed Request Failed Request Tracing traces all Tracing traces all requests through IIS requests through IIS pipelinepipelineAutomatically Automatically enabled on IIS 7enabled on IIS 7Easily identifies Easily identifies requests that are requests that are stuck, or failingstuck, or failingIdentifies time taken Identifies time taken in each module, in each module, helping analyzing helping analyzing long running long running requestsrequests
Begin RequestBegin Request
Read MetadataRead Metadata
AuthenticateAuthenticate
AuthorizeAuthorize
CachedCached
ISAPI FilterISAPI Filter
Determine Determine HandlerHandler
Troubleshooting & Diagnostics in IIS 7.0: FREBTroubleshooting & Diagnostics in IIS 7.0: FREB
Demonstration FiveDemonstration Five
Failed Request Event BufferFailed Request Event Buffer
IIS 7 ExtensibilityIIS 7 Extensibility
Maximum Maximum extensibilityextensibility
Native & Managed Native & Managed Code supportCode support
Platform extensibility Platform extensibility in Core Server, WMI, in Core Server, WMI, User Interface, and User Interface, and DiagnosticsDiagnostics
Putting it all Together…SummaryPutting it all Together…SummaryIIS 7.0IIS 7.0
SecuritySecurity
ReliabilityReliability
ScalableScalable
ExtensibleExtensible
ConfigConfig
SystemSystemManagementManagement
DiagnosticDiagnostic IIS 7 ManagementIIS 7 Management• IIS Manager rebuilt IIS Manager rebuilt
from ground upfrom ground up• Built in delegation Built in delegation
supportsupport• Support Windows & Support Windows &
non-Windows accountsnon-Windows accounts• Remote admin supportRemote admin support• Fully extensibleFully extensible
IIS 7 Security:IIS 7 Security:Very strong Very strong customized web customized web serversserversLightweight Lightweight processes for processes for minimum footprintminimum footprintStrong Request Strong Request Filtering to push Filtering to push URLScan into URLScan into productproduct
IIS 7 DiagnosticsIIS 7 DiagnosticsReal-time state Real-time state information exposed information exposed via script & managed via script & managed codecodeView currently View currently executing requests in executing requests in IIS Manager or ScriptIIS Manager or ScriptFailed Request Failed Request Tracing: Zero-repro Tracing: Zero-repro diagnosticsdiagnostics
IIS 7 ConfigurationIIS 7 ConfigurationMetabase…GONE!Metabase…GONE!Strongly Strongly SchematizedSchematized Configuration ConfigurationDistributed & Distributed & Delegation built Delegation built directly into new directly into new configurationconfigurationFull support for Full support for previous versions previous versions usage of ABOusage of ABO
IIS’s new home for the IIS’s new home for the community…community…
ResourcesResourcesTechnical Chats and Webcastshttp://www.microsoft.com/communities/chats/default.mspx http://www.microsoft.com/usa/webcasts/default.asp
Microsoft Learning and Certificationhttp://www.microsoft.com/learning/default.mspx
MSDN & TechNet http://microsoft.com/msdnhttp://microsoft.com/technet
Virtual Labshttp://www.microsoft.com/technet/traincert/virtuallab/rms.mspx
Newsgroupshttp://communities2.microsoft.com/communities/newsgroups/en-us/default.aspx
Technical Community Siteshttp://www.microsoft.com/communities/default.mspx
User Groupshttp://www.microsoft.com/communities/usergroups/default.mspx
© 2006 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.
The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation.
MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.