architecting a web-enabled application

8/7/2019 Architecting a Web-enabled application

1/42


2/42

Sponsored BySponsored By


3/42

Architecting AArchitecting AWebWeb--Enabled SolutionEnabled Solution


4/42

ObjectivesObjectives

In this session we will examineIn this session we will examine

The main goals in designing andThe main goals in designing andarchitecting a Webarchitecting a Web--based applicationbased application

How WindowsHow Windows2000 and the .NET2000 and the .NETEnterprise Servers can help you reachEnterprise Servers can help you reachthose goalsthose goals

Key decisions and tradeKey decisions and trade--offs in the designoffs in the design

of a Windowsof a Windows--based Web solutionbased Web solution


5/42

AgendaAgenda

Introduction to application architectureIntroduction to application architecture

Architecting for manageabilityArchitecting for manageability

Architecting for securityArchitecting for security

Architecting for scalabilityArchitecting for scalabilityand availabilityand availability


6/42

Architecting A BuildingArchitecting A Building

A building must beA building must be

Big enoughBig enough

Strong enoughStrong enough

Secure enoughSecure enough MaintainableMaintainable

The building shouldThe building shouldusually integrateusually integrate

with existingwith existinginfrastructureinfrastructureservices such asservices such aswater, gas,water, gas,and electricityand electricity


7/42

Architecting An ApplicationArchitecting An Application

Applications mustApplications mustprovide sufficientprovide sufficient

ScalabilityScalability

A

vailabilityA

vailability SecuritySecurity

ManageabilityManageability

They often need toThey often need to

integrate withintegrate withexisting systemsexisting systems


8/42

Services And TiersServices And TiersPresentationPresentation BusinessBusiness DataData


9/42

MSCSMSCS

NLBNLB

Windows 2000 InfrastructureWindows 2000 Infrastructure

ASPASP

ISAPIISAPI

DHTMLDHTML

HTMLHTML

Win 32Win 32

COM+COM+

HTTPHTTP

DCOMDCOM

ADOADO

OLEOLE--DBDB

ADSIADSI

ODBCODBC

XMLXML


10/42

The .NET Enterprise ServersThe .NET Enterprise Servers


11/42

Presentation TierOptionsPresentation TierOptions

ASPASP

ISAPIISAPI

HTMLHTML

DHTMLDHTML

XSLXSL


12/42

Business Logic OptionsBusiness Logic Options

++ASPASP COM+COM+

InterpretedInterpreted CompiledCompiled

ScriptScript Any COM languageAny COM language

ReRe--use within applicationuse within application ReRe--use by any applicationuse by any application

Deploy in Web siteDeploy in Web site Deploy anywhereDeploy anywhere

Can use COM+ TransactionsCan use COM+ Transactions Can useALL COM+ servicesCan useALL COM+ services


13/42

Data TierOptionsData TierOptions

OLEOLE--DBDB

HTTPHTTP

SQL ServerSQL Server Active DirectoryActive Directory

OLEOLE--DBDB

ADSIADSI

OLEOLE--DBDB

CDOCDO

HTTPHTTP

HTTPHTTP--DAVDAV

FILEFILE

Exchange ServerExchange Server

WW


14/42

AgendaAgenda






15/42

Manageability RequirementsManageability Requirements

As a developer, IAs a developer, I

need to manageneed to manage

the rapidthe rapid

development anddevelopment and

maintenance of themaintenance of the

applicationapplication

As anAs an

administrator,administrator,

I need to manageI need to manage

the deploymentthe deployment

and monitoring ofand monitoring of

the applicationthe application

As a business manager IAs a business manager I

need to be able to respond toneed to be able to respond to

a changing market anda changing market and

analyse business dataanalyse business data


16/42

SQL ServerSQL Server

Site DevelopmentSite DevelopmentCommerce Server 2000 solution sitesCommerce Server 2000 solution sites

Active DirectoryActive Directory

PipelinesPipelinesVirtual RootVirtual Root

ASPsASPs

Global.asaGlobal.asa

TemplatesTemplates

ComponentsComponents


17/42

Business ManagementBusiness Management

Commerce Server Business DeskCommerce Server Business Desk

Internet Explorer 5.5 based admin UIInternet Explorer 5.5 based admin UI


18/42

Business Desk ExampleBusiness Desk ExampleTargetingTargeting

Define custom properties for users, pages,Define custom properties for users, pages,products, etc.products, etc.

Income (currency), driving license (Boolean)Income (currency), driving license (Boolean)

Create Expressions based on the propertiesCreate Expressions based on the properties

High earner = income > 20000High earner = income > 20000

Driver = driving licence is trueDriver = driving licence is true

Create target groups based on ExpressionsCreate target groups based on Expressions

Wealthy drivers = high earner + driverWealthy drivers = high earner + driver

Target advertisements and discounts atTarget advertisements and discounts atspecific profilesspecific profiles

Show Porsche advert to wealthy driversShow Porsche advert to wealthy drivers


19/42

Application Center 2000Application Center 2000

Application AdministrationApplication Administration

Windows Network Load Balancing (NLB)Windows Network Load Balancing (NLB)


20/42

DemonstrationDemonstration

Managing a Web farm withManaging a Web farm withApplication Center 2000Application Center 2000

Server 1Server 1 Server 2Server 2


21/42

AgendaAgenda






22/42

Security RequirementsSecurity Requirements

By exposing ourBy exposing our

application to the Web,application to the Web,

were creating manywere creating many

security issuessecurity issues

Well also want toWell also want to

authenticate users, eitherauthenticate users, either

usingActive Directory or ausingActive Directory or a

custom databasecustom database

We need to ensure thatWe need to ensure thatnono--one can accessone can access

sensitive data on oursensitive data on our

internal network via theinternal network via the

InternetInternet

And we need to useAnd we need to useencryption forencryption for

sensitive datasensitive data


23/42

Network ConnectivityNetwork Connectivity

SecuritySecurity Internet security and Acceleration Server 2000Internet security and Acceleration Server 2000

MultiMulti--layered firewall protectionlayered firewall protection

High Performance cacheHigh Performance cache

Use two firewalls to create a DMZUse two firewalls to create a DMZ


24/42

Domain?Domain?

Domain?Domain?

Firewall ImplementationFirewall Implementation

Single ISA

Server InstallationSingle ISA

Server InstallationISAISA

DMZDMZ InternalInternal

NetworkNetworkDual ISA Server InstallationDual ISA Server Installation

ISAISAISA

ISA

DMZDMZInternalInternal

NetworkNetwork


25/42

UserAuthenticationUserAuthentication

Anonymous loginAnonymous login

Can still use cookies for nonCan still use cookies for non--intrusive profilingintrusive profiling

Suitable for content publishing sitesSuitable for content publishing sites

Custom formCustom form--based authenticationbased authentication User data stored in any data sourceUser data stored in any data source

Most common solution for eMost common solution for e--commerce sitescommerce sites

Windows integrated loginWindows integrated login

User data stored in Active DirectoryUser data stored in Active Directory

Digest authentication from any browserDigest authentication from any browser


26/42

Using SSL For EncryptionUsing SSL For Encryption

Public key encryption used to pass thePublic key encryption used to pass thesession keysession key

Session key used to encrypt all trafficSession key used to encrypt all traffic

Browser makes an HTTPS connection and the level of encryptionBrowser makes an HTTPS connection and the level of encryption

is negotiatedis negotiated

Server sends the browser its public keyServer sends the browser its public key

Session key is now used for all traffic in this (stateful) sessionSession key is now used for all traffic in this (stateful) session

Browser creates session key and encrypts it with servers public keyBrowser creates session key and encrypts it with servers public key


27/42

AgendaAgenda






28/42

Scalability And AvailabilityScalability And Availability

RequirementsRequirementsThe site will need toThe site will need to

support concurrentsupport concurrent

access by a considerableaccess by a considerablenumber of usersnumber of users

And it must still provideAnd it must still provide

acceptable performance inacceptable performance ina cost effective waya cost effective way

Weve also got toWeve also got to

provideprovide 2424xx77 accessaccess

Basically, we need toBasically, we need to

please all of the people, allplease all of the people, all

of the time!of the time!


29/42

Scaling Up And Scaling OutScaling Up And Scaling Out

Scaling Up: Increasing resourcesScaling Up: Increasing resourcesin a serverin a server

Scaling Out: Adding serversScaling Out: Adding servers

to balance the loadto balance the load


30/42

State Management ChoicesState Management Choices

Storing state on the Web serverStoring state on the Web server

Restricts ability to load balanceRestricts ability to load balance

ASP Session object does not provideASP Session object does not provideadequate scalabilityadequate scalability

Storing state on the clientStoring state on the client

CookiesCookies

URL parameters, hidden form fieldsURL parameters, hidden form fields

XML Data IslandsXML Data Islands Storing state on the database serverStoring state on the database server

Key used to map user session toKey used to map user session todatabase recordsdatabase records

Database caching will improve performanceDatabase caching will improve performance


31/42

State And ServerAffinityState And ServerAffinityNo AffinityNo Affinity Client IPAffinityClient IPAffinity

Request ForwardingRequest Forwarding Multiple Web FarmsMultiple Web Farms


32/42


Request forwardingRequest forwarding

Server 1Server 1 Server 2Server 2


33/42

Deploying ComponentsDeploying Components

OptimalOptimal

performanceperformanceSensitive/Sensitive/

rere--usableusable

businessbusiness

logiclogic

DataData

intensiveintensive

logiclogic

WebWeb

FarmFarm

ApplicationApplication

ClusterCluster

DatabaseDatabase

ClusterCluster

WMIWMI


34/42

Defining ProcessDefining Process

BoundariesBoundaries Performance versus faultPerformance versus fault--tolerancetolerance

IISIIS

ASPASP

COM+COM+

IISIIS

ASPASP

COM+COM+

IISIIS

ASPASP

COM+COM+

IISIIS

ASPASP

COM+COM+

PerformancePerformance

Fault ToleranceFault Tolerance

((Default)Default)


35/42

Component Load BalancingComponent Load Balancing

(CLB)(CLB) Provided by Application Center ServerProvided by Application Center Server

Only activations are load balancedOnly activations are load balanced

Based on response time and roundBased on response time and round--robinrobin

AppServer1AppServer1



Web FarmWeb Farm

AppServer1: 10msAppServer1: 10ms




36/42

SQL ServerSQL Server FailoverFailover

ClusteringClustering Active/passive clusteringActive/passive clustering

Active/active clusteringActive/active clustering


37/42

SQL Server Standby ServersSQL Server Standby Servers

Log Shipping used to applyLog Shipping used to applytransaction log to standby servertransaction log to standby server

Can be used as a readCan be used as a read--only data sourceonly data source

On failure of the primary server,On failure of the primary server,rename the standby serverrename the standby server

RORO


38/42

SQL Server Data PartitioningSQL Server Data Partitioning

Partitioned views are updateablePartitioned views are updateable

Queries are optimised forQueries are optimised fordistributed datadistributed data

Sales (US)Sales (US) Sales (UK)Sales (UK) Sales (Asia)Sales (Asia)

SalesSales


39/42


Partitioned viewsPartitioned views


40/42

Partitioned View IssuesPartitioned View Issues

Only very large databases will benefitOnly very large databases will benefit

Small database performance will sufferSmall database performance will suffer

Partitioning should be designed fromPartitioning should be designed from

the outsetthe outset Keep as much related data on the sameKeep as much related data on the same

physical server as possiblephysical server as possible

Build data dependant routing logic intoBuild data dependant routing logic intothe application serverthe application server

Try to connect to the server storing mostTry to connect to the server storing mostof the required dataof the required data


41/42

Call To ActionCall To Action

Minimize business logic in ASPs, useMinimize business logic in ASPs, usecomponents insteadcomponents instead

Minimize out of process/remote callsMinimize out of process/remote calls

Scale out rather than upScale out rather than up

Minimize application tier stateMinimize application tier state

Use SSL only where requiredUse SSL only where required

Partition large volumes of dataPartition large volumes of data


42/42

architecting a web-enabled application

Documents