Scott Forsyth's Blog

Postings on IIS, ASP.NET, SQL Server, Webfarms and general system admin.

.

  • Scott Forsyth

Hosting Needs

Training and Dev Labs

IIS 7 Shared Configuration–Week 28

You can find this week’s video here.

IIS 7 (and 7.5) offers an extremely useful and easy to use feature for shared web farm situations, called Shared Configuration. This week walks through how to setup IIS Shared configuration, along with a few considerations necessary to administer web farms.

This is a mini sub-series on web farms. Last two weeks covered setting up a domain and setting up DFS-R for content and folder replication. This week starts in on keeping Internet Information Systems’s (IIS) configuration in sync between multiple web servers.

This is week 28 of a 52 week series for the Web Pro. Past and future videos can be found here: http://dotnetslackers.com/projects/LearnIIS7/

You can find this week’s video here.

Posted: Jul 14 2011, 10:52 AM by OWScott | with 8 comment(s)
Filed under: , , ,

Comments

RichardM said:

Hi,

All our web servers run Windows Web Server 2008 R2, which doesnt have access to File Servers to set up DFS.

This does mean that we need to use UNC for our Shared Config.

Offline files is only accessible on Server 2008 R2 if you enable Desktop Experience - which I dont want to do on a web server!

Do you have any advice on how to ensure maximum uptime for the IIS configs?

# July 26, 2011 7:07 AM

OWScott said:

Hi RichardM,

You have a couple good options still.  Using a UNC path is acceptable. If the server hosting the config goes down, the other one will keep a cached version (as long as it doesn't also reboot).  

In that case you'll need to use pass-through authentication since you don't have domain accounts.  Create the exact same user and password on the various servers and it will pass through to the others.  Make sure to lock down both the share and NTFS permissions so that only the web servers can access it for this purpose.

Another option is to use something like robocopy.  You can have it run with a scheduled task every minute.  It's lighting fast for 2 files so it won't add any strain to the server.  You can either consider 1 server a master server which pushes to the others, or you can have multiple commands in a batch file, which push each server to every other server.  There's a flag to only copy the most recent version over the others.

Personally I like to keep the config local to remove network issues from impacting your server, so I would lean towards robocopy.  But both options are fully acceptable.

# July 26, 2011 11:51 AM

AJ Bothe said:

What do you do if you're trying to use sharedconfig but have different IP addresses on each server? Is there a way to override parts of the shared config? I currently have it set to * (all available), but we have machines that have multiple IPs and want them to be static.

# March 29, 2012 4:05 PM

OWScott said:

Hi AJ,

Unused IP addresses are non-harmful so what you can do is add the IP addresses for all of the servers to the site.  Then only the relevant one will be used while the others will be ignored.

# March 29, 2012 4:16 PM

AJ Bothe said:

Awesome. That works! Thanks again for the work you do on this series. I've found myself recommending this series to the new guys in our group and they all find it very helpful.

# March 30, 2012 11:00 AM

OWScott said:

Thanks for the great feedback AJ!

# March 30, 2012 3:01 PM

fredbarbier said:

Hello scott

I have setup 2 iis 7.0 share config servers on win2008r2. on the first server i have many ip, ssl bindings and normal 80 bindings, how can i replicate this info on the second server. ( may i have to define other ip adresses on the second server ( i can't define the same ip because i will have a conflict ) , export my ssl certificates ?)

If the first server goes down, in a nlb environment how the second server will manage the traffic.

thanks in advance for your answer

# April 30, 2012 8:22 AM

OWScott said:

Hi Fred,

IIS doesn't mind if you have unused bindings, so for the IP addresses you can assign them to each server locally and assigning all bindings for all servers to your web farm.  Then no matter which server a user visits, it will work for them.  

Mind you, with NLB I would have assumed that the binding is the same already since NLB exposes one or more IPs that look the same on all nodes.  Regardless, just assign all bindings to all nodes (or the first node and it will replicate)

For SSL, that's more difficult.  If you don't have a lot to manage then it's probably easier just to assign them once each per server.  Just don't forget to do that one step on all servers in your server farm when you have an SSL binding change.

# April 30, 2012 9:08 AM
Leave a Comment

(required) 

(required) 

(optional)

(required)