Survey
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
主辦單位: 協辦單位: 贊助廠商: Architecting A Web-Enabled Solution Miles Sun 孫三才 技術副總 恆逸資訊股份有限公司 目標 本場次將包含 架構 Web-based Application 主要設計目標 如何應用 Windows® 2000 以及 .NET Enterprise Servers 來達成相關設計目標 架構 Windows-based Web Solution 時應注 意事項 本場次議程 Application Architecture 介紹 針對管理性 (Manageability)架構設計 針對安全性 (Security)架構設計 針對延展性 (Scalability/availability)架構 設計 如同架構一個建築物 建築物必須 夠大 夠堅固耐用 夠安全 容易維護與管理 建築物通常也必須整合 既有的基礎架構. 例如: 水, 電 ,瓦斯等等 架構一個 Application Applications必須充 分提供 Scalability Availability Security Manageability Applications通常也 必須整合既有的系統 微軟N-Tier應用程式架構 Presentation Business Data 微軟N-Tier應用程式架構 – 平 台服務 MSCS DCOM Win 32 DHTML HTTP NLB XML ASP ISAPI HTML ODBC ADO ADSI COM+ OLE-DB 微軟N-Tier應用程式架構 .NET Enterprise Servers Presentation Tier Options <> XSL DHTML ASP ISAPI HTML Business Logic Options + ASP COM+ Interpreted Re-use within application Compiled Re-use by any application Deploy in Web site Deploy anywhere Can use COM+ Transactions Can use ALL COM+ services Script Any COM language Data Tier Options SQL Server Active Directory Exchange Server W OLE-DB OLE-DB CDO ADSI OLE-DB HTTP HTTP FILE HTTP-DAV 本場次議程 Application Architecture 介紹 針對管理性 (Manageability)架構設計 針對安全性 (Security)架構設計 針對延展性 (Scalability/availability)架構 設計 管理性 (Manageability)需求 身為一個系統開發者, 我需要管理快速的系 統開發以及系統需求 變更維護 身為一個系統管理 者, 我必須管理系統 的deployment , 以及系統的監控 身為一個企業經理人, 我需要快 速的回應市場需求變化以及 business data 的分析 E-Commerce Site 開發 Commerce Server 2000 solution sites SQL Server Virtual Root Pipelines Global.asa Components ASPs Templates Active Directory Business Management Commerce Server Business Desk Internet Explorer 5.5 based admin UI Business Desk 管理範例 Targeting Define custom properties for users, pages, products, etc. Create Expressions based on the properties 學員認證= MCSE Create target groups based on Expressions 學員認證 學員認證= MCSE + MCSD Target advertisements and discounts at specific profiles Show Porsche advert to wealthy drivers 應用系統管理 Application Center 2000 Windows Network Load Balancing (NLB) 展示範例 以 Application Center 2000 管理 Web Farm DDCS DDCS2 Application Center 2000 可以協助您… COM+ 叢集 前端網站叢集 開發環境 SQL叢集服務 SQL Internet 網 路 負 載 平 衡 元 件 負 載 平 衡 Stager 轉驛站 SQL Dev Servers 開發伺服器 VSS 程式碼控制 防火牆 防火牆 Application Center 2000 Application Center 2000 本場次議程 Application Architecture 介紹 針對管理性 (Manageability)架構設計 針對安全性 (Security)架構設計 針對延展性 (Scalability/availability)架構 設計 安全性 (Security)需求 應用系統放上 Internet 後, 我們將面臨許多與安 全性相關的問題 我們也想要透過 Active Directory 或 是 資料庫對使用者 身分辨識 我們必須確保沒有任何 人能夠透過 Internet 來 存取我們內部網路的機 密資料 同時我們必須對機密性資 料(sensitive data)作加 密 網路連結安全性 Internet security and Acceleration Server 2000 Multi-layered firewall protection Packet , protocol, content type, intruder detection High Performance cache Use two firewalls to create a DMZ 防火牆(Firewall)實作 Single ISA Server Installation ISA Domain? Internal Network DMZ Dual ISA Server Installation ISA Domain? ISA DMZ Internal Network 使用者認證 Anonymous login Custom form-based authentication Can still use cookies for non-intrusive profiling Suitable for content publishing sites User data stored in any data source Most common solution for e-commerce sites Windows integrated login User data stored in Active Directory™ Digest authentication from any browser 利用 SSL作資料加密 Public key encryption used to pass the session key Session key used to encrypt all traffic Browser makes an HTTPS connection and the level of encryption is negotiated Server sends the browser its public key Browser creates session key and encrypts it with server’s public key Session key is now used for all traffic in this (stateful) session 本場次議程 Application Architecture 介紹 針對管理性 (Manageability)架構設計 針對安全性 (Security)架構設計 針對延展性 (Scalability/availability)架構 設計 延展性(Scalability)與 Availability 需求 本系統必須能夠同 時支援大量使用者 而且必須在可接受的成 本下完成 我們也必須提供 24x7 零當 機存取 向上延展 Scaling Up 與 向外 延展 Scaling Out Scaling Up: 增加同一台伺服器的 資源 Scaling Out: 增加多台伺服器以達到負 載平衡 (load balance) Windows 2000 Clustering Network Load Balancing 用戶端 IIS Web 伺服器或 其他以 IP 為基礎的服務 Component Load Balancing (COM+) COM+ Components 應用程式伺服器 叢集式服務 Cluster Service SQL, Exchange, File 資料庫伺服器 Windows Clustering 應用時機 技術 應用時機 Web Server Farm Terminal Services VPN Connections Streaming Media Services COM+ Applications Applications auto Sync File/Print Servers Database/Messaging E-Commerce Sites Network Load Balancing 網路負載平衡 Component load Balancing 元件負載平衡 Cluster Service (WolfPack) 叢集式服務 Application Center 2000 Single Application Image Deployment Management MMC console to control entire Web Farm Monitoring Wizard interface to deploy new server Seamless replication of services Event Logs and System Status Clustering for scalability Components and Web Farms State Management Storing state on the Web server Storing state on the client Restricts ability to load balance ASP Session object does not provide adequate scalability Cookies URL parameters, hidden form fields XML Data Islands Storing state on the database server Key used to map user session to database records Database caching will improve performance State 與 Server Affinity No Affinity Client IP Affinity Request Forwarding ASP Sessions on a Cluster state ? =A Server A Server B Server C 3.3.3.3 3.3.3.3 3.3.3.3 Application Center Cluster using NLB A INTERNET A A Proxy 1 Proxy 2 4.4.4.4 5.5.5.5 A A A 1.1.1.1 2.2.2.2 A Proxy Farm (AOL) 展示範例 Network Load Balance - Request forwarding DDCS DDCS2 Defining Process Boundaries Performance versus fault-tolerance Performance IIS IIS IIS ASP ASP COM+ IIS ASP ASP COM+ COM+ COM+ (Default) Fault Tolerance Component Load Balancing 55% 85% 34% Application Center Cluster using NLB 62% 27% 9% 90% 76% 22% 12% Server A Server B Server C 3.3.3.3 3.3.3.3 3.3.3.3 1.1.1.1 2.2.2.2 COM+ Cluster using COM+ Load Balancing Component Load Balancing (CLB) Provided by Application Center Server Only activations are load balanced Based on response time and round-robin AppServer1 AppServer1: 10ms AppServer2: 15ms AppServer3: 20ms Web Farm AppServer2 AppServer3 展示範例 Component Load Balancing DDCS DDCS2 ™ SQL Server Failover Clustering Active/passive clustering Active/active clustering SQL Server Standby Servers Log Shipping used to apply transaction log to standby server Can be used as a read-only data source On failure of the primary server, rename the standby server RO SQL Server Data Partitioning Partitioned views are updateable Queries are optimised for distributed data Sales (台北) Sales (台中) Sales Sales (高雄) Partitioned View 注意事項 只有對非常大的資料有幫助 Partitioning should be designed from the outset 小資料庫 performance反而降低 Keep as much related data on the same physical server as possible 在 Application Server 中建立與資料相關 的 routing logic Try to connect to the server storing most of the required data 立刻行動 盡量減少將 business logic 寫在 ASPs, 最 好用 components 來代替 盡量減少out of process/remote calls 盡量利用 Scale out , -而不是 Scale up 盡量減少application tier state 只有在必要處使用 SSL Partition 非常大量的資料