Since i've been configuring WFF 2.2 on IIS7.5, i've stumbled upon many (undocumented) issues. So here, my (short) walkthrough on how to achieve a 2 tier ARR + NLB (for both the ARRs), shared config on these ARRs as well as platform and application provisioning
on the required amount of nodes!
The flow of this setup is as following:
Client request -----> NLB IP -----> ARR01 or ARR02 --> NodeXXX
Please note that the steps described might not be dead on, some config changes i've picked up from loose sites of which i cannot remember the source (e.g. the UAC disabling). This guide is intended to help people config their setups, please accept any flaws
in it.
My setup is as following:
-2x ARR controller server
-3x web nodes
This setup used 6 IP's (1x NLB adress, 2x ARR, 3x nodes) in the same subnet, preferably.
This setup uses Microsoft Windows Server 2008 R2 x64 for all it's servers.
All servers in this setup are a member of the same Active Directory. This makes file sharing and authentication a lot easier for me.
'Steps':
-Web Platform installer (i used 3.0) on the ARRs.
-Install Web Farm Framework via the Web Platform installer on both ARRs. This will install all needed modules in IIS. Also install Application Request Routing & URL Rewrite.
-Disable UAC on all the nodes. JTBS i've disabled it on the ARRs as well.
-Leave the Windows Firewall service running on all machines. I've read the WFF agent will generate exceptions if you don't . Be sure to enable the Agent ports ( 8173, 8675) and 'file sharing' and 'remote management' in the windows firewall.
-Enable the 'desktop experience' feature and install Windows Mobile Device Center on the ARR01. This will enable 'offline files', which will be used for ARR02's 'shared config'. Make sure ARR02 can reach the shared config folder whilst ARR01 is offline! If
not, make it so.
-Create an application in IIS on the ARRs (which doesnt need to do anything) and create bindings for it on port 80 and 443.
- Make sure you disable recycling for the used application pools. I've set timeout to 0 as well as Regular Time Interval. If you do not disable recycling, the web farm will fail and creates strange situations, like 'unknown' statusses in Monitoring and Management
tool.
-Create a server farm and add nodes, including a primairy node. After creating, agree to the popup IIS generates for the URL rewrite rules needed to route traffic to your server farm. I've adjusted the rule to rewrite to HTTPS instead of the default HTTP later.
-Make sure the farm is functional before you continue. If it's not, you've done something wrong/forgot something which might not be covered in my above steps.
-Create a file share on ARR01, and make all files in this share available offline for ARR02.
-If everything is working well, proceed by exporting the IIS configuration in 'shared configuration' to the shared folder (eg c:\inetpub\shareconfig)
-Enable 'shared configuration' on ARR01, pointing to the file path above.
-Enable 'Shared Config' for ARR02. This time use the UNC share path. (eg \\ARR01\SharedConfig$)
-Close and reopen InetMgr on ARR02 (and ARR01, for fun!). You will see the farm you created earlier on ARR01.
Now you've created a working Shared config Web Farm. This, unfortunately, will not load balance (and HA) the requests fired to the ARRs. Lacking a hardware load balancer, i've created a software NLB, which server 2008 (and NT4.0 from the looks of the application)
can provide.
-Enable Network Load Balancing feature on the ARR by adding both ARRs to a NLB cluster. Use NLB on port 443 with client affinity 'none'. I use Multicast, without IGMP. If you use Hyper-V, don't forget to enable 'mac adress spoofing' on the ARRs' virtual machine
settings.
Now, the Web farm is available on the NLB adress!
If i've missed something, please point it out to me so i can adjust the startpost. Good luck!
edit: i've also placed WFFextensions.dll to the (new) folder Extensions on the ARRs (http://forums.iis.net/t/1180751.aspx)
edit2: i've also added a runprovider to help applicationProvisioning without nodes going down (in the applicationHost.config of the ARRs):
<runProviders>
<runProvider name="msDeploy cmd" description="" commandToRun=""%programfiles%\iis\Microsoft Web Deploy V2\msdeploy.exe" -verb:sync -source:contentPath=c:\inetpub\wwwroot,computerName="web-node01-prd",userName=administrator,password=password -dest:contentPath=c:\inetpub\wwwroot"
dependants="ProvisionApplications" retryAttempts="5" retryInterval="1000" scriptType="command" operationType="Server">
</runProvider>
</runProviders>
edit: the damn markup isn't sticky on this forum fixed with HTML
Good presentation. Maybe a little shortened but the big points are there!
I prepared the same architecture by gathering information on my own (I didn't found your post before today) :
2 ARR Controllers, 1 Primary and 3 secondary nodes.
Everything in my setup confirms what you are explaining.
Only difference is that I created a share on a NAS to put the Shared Configuration files. So that no problem if the primary controller totally crashes.
The only thing left to do is set up NLB that I just installed today on my ARR's.
I tested to have the two controller sharing the same confirguration files for two weeks now to be sure they didn't messed up the files.
All ok untill yesterday. What happened yesterday : suddenly the web sites where not served anymore and both ARR's where reporting the servers as NO @ "ready for loadbalancing". In Monitoring section, the four nodes were set to Healthy but Unavailable.
I tried to set them all manually to Available and it worked. All websites were served back normally. BUT webfarm server display still says NO at "ready for loadbalancing" until I restarted the webfarmservice on both ARR's. Now everything back to normal ...
I'm trying to analyse logs to see what could have happenned but until now : no clue!
Are you still working wuth this structure ? Experienced problems ?
No, not actively (since it was too unstable). However, i will try again soon. In the meanwhile, i wanted to point out you should be using the Web Platform Installer 4.0, since this tool helps getting the right hotfixes for WFF, WD, etc
Thanks for the tip. I'm installing the version 4 right now. So no new version of the WFF since 2.2 ? Just hotfixes ?
I still am testing for stability. NLB not up yet. But everything fine until know. Just once all my nodes got in status unknown but it happened in the weekend and i'm not sure about the cause. It seems to have been a problem with contact to the shared config
on our NAS.
I have similar problem. After Controller service restart sometimes it cannot read shared configuration. I don't know what is the case, UNC path is available through DFS namespace so it's always available.
I've had similar issues using this setup. You can try using a mapped network drive as shared config location (so no UNC path..). What i did: Install Desktop Experience along with MS Sync (mobile sync center it is called i believe). Then, create an 'always available
offline copy' of the server configs (in your case, your UNC namespace). Above might function a bit better
I specified the complete downlevel path to my shared configuration files and since then I only had the problem once (in 1 month time)) but it happend at night and the controller found his way back on its own to the files after like 15 minutes ...
Hi there,
Interesting conversation. I'd like to join in and ask some questions, because I have a similar set-up, but I'm not happy with either redundancy or stability of this system, though potential for this set-up seems high.
Observation:
For those ARR's one would need to install Web Deployment before they change them to shared configuration for IIS, because once in shared configuration in IIS, Web Platform Installer (as well as Web Farm Framework) won't install.
Question:
If you first install your Web Platform Installer and then use shared configuration for IIS, will you be able to still add extensions like PHP or Perl using Web Platform installer (granted, that you can't install Web Platform installer on an already shared IIS
7.5)?
In my set-up, I have 1 x controller, 1 x primary node, 1 x secondary node and I am looking for a way to add a second controller for redundancy. I also have NLB between my primary node and my secondary node, but my controller is not part of the NLB.
This way, I use WFF to replicate IIS settings and web folder contents between primary and secondary nodes and I use NLB to balance the load, decide which server will have what % of the load, set-up affinity, multicast, etc. The set-up is working, but I am still
not fully satisfied with redundancy and stability.
If I understand your set-up correctly, here is the difference:
Yours (pasting):
Client request -----> NLB IP -----> ARR01 or ARR02 --> NodeXXX
Mine:
Client request -----> Node NLB IP -----> NodeXXX (with controller watching that any changes on primary node be replicated.
Do you see any major problems with that set-up, with the exception that I am strongly dependent on the controller?
Some other differences between my set-up and yours are that:
- I didn't install ARR extension separately and I'm wondering if any of you did. I just installed Web Platform Installer on the controller, then using it added Web Farm Framework and then using it created a farm adding my primary and secondary nodes. This works
fine, but I am wondering if I am missing something buy not installing and configuring ARR extension. Can someone elaborate on that?
- My NLB is working only between the web nodes. It seems to me you have also used NLB to load balance between ARR servers, so they both are in active-active mode, instead of being in active-passive mode, where second controller works only if the first one is
down. Did I understand you correctly?
There could be two main configuration using WFF:
1. Only WFF, 1xController, 1xPrimary, and a lot of Secondaries servers with NLB.
2. WFF + ARR, 2xWFF&ARR (in NLB), 1xPrimary and a lot of Secondaries without any load balancing (all traffic is targeted trough ARR)
I have both configuration deployed in production and both have some pros and cons
The question should be: do you want do load balance using NLB, or more configurable ARR? Both answers are correct ;) (or it depend on your needs)
sam jongenel...
10 Posts
Step to achive 2tier WebFarmFramework with ARR including HA using NLB
May 02, 2012 02:13 PM|LINK
Since i've been configuring WFF 2.2 on IIS7.5, i've stumbled upon many (undocumented) issues. So here, my (short) walkthrough on how to achieve a 2 tier ARR + NLB (for both the ARRs), shared config on these ARRs as well as platform and application provisioning on the required amount of nodes!
The flow of this setup is as following:
Client request -----> NLB IP -----> ARR01 or ARR02 --> NodeXXX
Please note that the steps described might not be dead on, some config changes i've picked up from loose sites of which i cannot remember the source (e.g. the UAC disabling). This guide is intended to help people config their setups, please accept any flaws in it.
My setup is as following:
-2x ARR controller server
-3x web nodes
This setup used 6 IP's (1x NLB adress, 2x ARR, 3x nodes) in the same subnet, preferably.
This setup uses Microsoft Windows Server 2008 R2 x64 for all it's servers.
All servers in this setup are a member of the same Active Directory. This makes file sharing and authentication a lot easier for me.
'Steps':
-Web Platform installer (i used 3.0) on the ARRs.
-Install Web Farm Framework via the Web Platform installer on both ARRs. This will install all needed modules in IIS. Also install Application Request Routing & URL Rewrite.
-Disable UAC on all the nodes. JTBS i've disabled it on the ARRs as well.
-Leave the Windows Firewall service running on all machines. I've read the WFF agent will generate exceptions if you don't . Be sure to enable the Agent ports ( 8173, 8675) and 'file sharing' and 'remote management' in the windows firewall.
-Enable the 'desktop experience' feature and install Windows Mobile Device Center on the ARR01. This will enable 'offline files', which will be used for ARR02's 'shared config'. Make sure ARR02 can reach the shared config folder whilst ARR01 is offline! If not, make it so.
-Create an application in IIS on the ARRs (which doesnt need to do anything) and create bindings for it on port 80 and 443.
- Make sure you disable recycling for the used application pools. I've set timeout to 0 as well as Regular Time Interval. If you do not disable recycling, the web farm will fail and creates strange situations, like 'unknown' statusses in Monitoring and Management tool.
-Create a server farm and add nodes, including a primairy node. After creating, agree to the popup IIS generates for the URL rewrite rules needed to route traffic to your server farm. I've adjusted the rule to rewrite to HTTPS instead of the default HTTP later.
-Make sure the farm is functional before you continue. If it's not, you've done something wrong/forgot something which might not be covered in my above steps.
-Create a file share on ARR01, and make all files in this share available offline for ARR02.
-If everything is working well, proceed by exporting the IIS configuration in 'shared configuration' to the shared folder (eg c:\inetpub\shareconfig)
-Enable 'shared configuration' on ARR01, pointing to the file path above.
-Enable 'Shared Config' for ARR02. This time use the UNC share path. (eg \\ARR01\SharedConfig$)
-Close and reopen InetMgr on ARR02 (and ARR01, for fun!). You will see the farm you created earlier on ARR01.
Now you've created a working Shared config Web Farm. This, unfortunately, will not load balance (and HA) the requests fired to the ARRs. Lacking a hardware load balancer, i've created a software NLB, which server 2008 (and NT4.0 from the looks of the application) can provide.
-Enable Network Load Balancing feature on the ARR by adding both ARRs to a NLB cluster. Use NLB on port 443 with client affinity 'none'. I use Multicast, without IGMP. If you use Hyper-V, don't forget to enable 'mac adress spoofing' on the ARRs' virtual machine settings.
Now, the Web farm is available on the NLB adress!
If i've missed something, please point it out to me so i can adjust the startpost. Good luck!
edit: i've also placed WFFextensions.dll to the (new) folder Extensions on the ARRs (http://forums.iis.net/t/1180751.aspx)
edit2: i've also added a runprovider to help applicationProvisioning without nodes going down (in the applicationHost.config of the ARRs):
<runProviders>
<runProvider name="msDeploy cmd" description="" commandToRun=""%programfiles%\iis\Microsoft Web Deploy V2\msdeploy.exe" -verb:sync -source:contentPath=c:\inetpub\wwwroot,computerName="web-node01-prd",userName=administrator,password=password -dest:contentPath=c:\inetpub\wwwroot" dependants="ProvisionApplications" retryAttempts="5" retryInterval="1000" scriptType="command" operationType="Server">
</runProvider>
</runProviders>
edit: the damn markup isn't sticky on this forumfixed with HTMLIIS7 ARR WFF URl Rewrite
yvanm
13 Posts
Re: Step to achive 2tier WebFarmFramework with ARR including HA using NLB
Aug 24, 2012 02:41 PM|LINK
Hi,
Good presentation. Maybe a little shortened but the big points are there!
I prepared the same architecture by gathering information on my own (I didn't found your post before today) :
2 ARR Controllers, 1 Primary and 3 secondary nodes.
Everything in my setup confirms what you are explaining.
Only difference is that I created a share on a NAS to put the Shared Configuration files. So that no problem if the primary controller totally crashes.
The only thing left to do is set up NLB that I just installed today on my ARR's.
I tested to have the two controller sharing the same confirguration files for two weeks now to be sure they didn't messed up the files.
All ok untill yesterday. What happened yesterday : suddenly the web sites where not served anymore and both ARR's where reporting the servers as NO @ "ready for loadbalancing". In Monitoring section, the four nodes were set to Healthy but Unavailable.
I tried to set them all manually to Available and it worked. All websites were served back normally. BUT webfarm server display still says NO at "ready for loadbalancing" until I restarted the webfarmservice on both ARR's. Now everything back to normal ... I'm trying to analyse logs to see what could have happenned but until now : no clue!
Are you still working wuth this structure ? Experienced problems ?
Bye
sam jongenel...
10 Posts
Re: Step to achive 2tier WebFarmFramework with ARR including HA using NLB
Aug 26, 2012 10:01 PM|LINK
yvanm
13 Posts
Re: Step to achive 2tier WebFarmFramework with ARR including HA using NLB
Sep 13, 2012 09:11 AM|LINK
Thanks for the tip. I'm installing the version 4 right now. So no new version of the WFF since 2.2 ? Just hotfixes ?
I still am testing for stability. NLB not up yet. But everything fine until know. Just once all my nodes got in status unknown but it happened in the weekend and i'm not sure about the cause. It seems to have been a problem with contact to the shared config on our NAS.
LukaszH
25 Posts
Re: Step to achive 2tier WebFarmFramework with ARR including HA using NLB
Sep 26, 2012 06:33 AM|LINK
sam jongenel...
10 Posts
Re: Step to achive 2tier WebFarmFramework with ARR including HA using NLB
Sep 30, 2012 06:14 PM|LINK
yvanm
13 Posts
Re: Step to achive 2tier WebFarmFramework with ARR including HA using NLB
Oct 12, 2012 09:01 AM|LINK
Hi all,
I specified the complete downlevel path to my shared configuration files and since then I only had the problem once (in 1 month time)) but it happend at night and the controller found his way back on its own to the files after like 15 minutes ...
znerses
18 Posts
Re: Step to achive 2tier WebFarmFramework with ARR including HA using NLB
Oct 29, 2012 08:48 PM|LINK
Interesting conversation. I'd like to join in and ask some questions, because I have a similar set-up, but I'm not happy with either redundancy or stability of this system, though potential for this set-up seems high.
Observation:
For those ARR's one would need to install Web Deployment before they change them to shared configuration for IIS, because once in shared configuration in IIS, Web Platform Installer (as well as Web Farm Framework) won't install.
Question:
If you first install your Web Platform Installer and then use shared configuration for IIS, will you be able to still add extensions like PHP or Perl using Web Platform installer (granted, that you can't install Web Platform installer on an already shared IIS 7.5)?
znerses
18 Posts
Re: Step to achive 2tier WebFarmFramework with ARR including HA using NLB
Oct 29, 2012 09:16 PM|LINK
This way, I use WFF to replicate IIS settings and web folder contents between primary and secondary nodes and I use NLB to balance the load, decide which server will have what % of the load, set-up affinity, multicast, etc. The set-up is working, but I am still not fully satisfied with redundancy and stability.
If I understand your set-up correctly, here is the difference:
Yours (pasting):
Client request -----> NLB IP -----> ARR01 or ARR02 --> NodeXXX
Mine:
Client request -----> Node NLB IP -----> NodeXXX (with controller watching that any changes on primary node be replicated.
Do you see any major problems with that set-up, with the exception that I am strongly dependent on the controller?
=============================== ===============================
Some other differences between my set-up and yours are that:
- I didn't install ARR extension separately and I'm wondering if any of you did. I just installed Web Platform Installer on the controller, then using it added Web Farm Framework and then using it created a farm adding my primary and secondary nodes. This works fine, but I am wondering if I am missing something buy not installing and configuring ARR extension. Can someone elaborate on that?
- My NLB is working only between the web nodes. It seems to me you have also used NLB to load balance between ARR servers, so they both are in active-active mode, instead of being in active-passive mode, where second controller works only if the first one is down. Did I understand you correctly?
LukaszH
25 Posts
Re: Step to achive 2tier WebFarmFramework with ARR including HA using NLB
Nov 01, 2012 11:02 PM|LINK
1. Only WFF, 1xController, 1xPrimary, and a lot of Secondaries servers with NLB.
2. WFF + ARR, 2xWFF&ARR (in NLB), 1xPrimary and a lot of Secondaries without any load balancing (all traffic is targeted trough ARR)
I have both configuration deployed in production and both have some pros and cons
The question should be: do you want do load balance using NLB, or more configurable ARR? Both answers are correct ;) (or it depend on your needs)