Chapter 3 - The Application Center Architecture

  • Article

This chapter provides information about the product architecture and identifies the key underlying technologies that Microsoft Application Center 2000 (Application Center) uses to support its feature set.

On This Page

The Architecture Layers
The User Interface
The Feature Set
The Operating System
Health Monitor version 2.1
SQL Server 2000 Desktop Engine
Resources

The Architecture Layers

Bb734908.spacer(en-us,TechNet.10).gif Bb734908.spacer(en-us,TechNet.10).gif

The architecture for Application Center, illustrated in Figure 3.1, consists of three major layers:

  • User Interface 

  • Feature Set 

  • Operating System 

Bb734908.f03uj01(en-us,TechNet.10).gif

Figure 3.1 The ApplicationCenter architecture 

Let's look at these layers in more detail, beginning with the User Interface layer.

The User Interface

Bb734908.spacer(en-us,TechNet.10).gif Bb734908.spacer(en-us,TechNet.10).gif

The Application Center user interface provides access to the product feature set via a Microsoft Management Console (MMC) snap-in, the Web browser, and the Microsoft Windows command prompt. (For more detailed information about the MMC, see "MMC version 1.2" later in this chapter.) The MMC provides full access to the product feature set, but access to cluster administration and monitoring tasks is also possible—although to a lesser extent—by using Microsoft Internet Explorer and the Application Center command-line tool. Table 3.1 compares these three interfaces.

Several administrative tasks can be accomplished via parameterized commands that are executed from the Windows command prompt. These commands, which are described in detail in Chapter 11, "Working with the Command Line Tool and Scripts," provide a robust command subset that supports both remote and automated cluster administration.

Table 3.1 A Comparison of the ApplicationCenter User Interfaces 

Task

MMC snap-in

Web browser

Command-line tool

Create a cluster

Yes

No

No

Add/remove server

Yes

No

Yes

Restart a server

Yes

No

No

Reset Web services

Yes

No

No

Connect to server (controller or member)

Yes

No

No

Change the cluster controller

Yes

No

Yes

Set offline/online

Yes

No

Yes

Set server drain time

Yes

No

Yes

Change load balancing options

Yes

No

No

Edit cluster IP addresses

Yes

Yes

No

Specify load balancing address

Yes

No

Yes

Change load balancing weight

Yes

No

Yes

Change component services routing

Yes

No

Yes

Change request forwarding options

Yes

No

No

Synchronize the cluster

Yes

No

Yes

Change synchronization options

Yes

No

No

Disable server synchronization

Yes

No

Yes

Applications (view, create, edit, delete, rename, and synchronize)

Yes

No

View applications on controller

Deploy applications

Yes

No

Yes

Add/remove performance counters

Yes

Yes

No

View events

Yes

Yes

No

Edit event properties

Yes

No

No

Monitoring (edit, enable, disable)

No

Yes

No

As you can see, each interface has its merits. The command-line tool, for example, is particularly useful for automating cluster tasks through the use of scripting—a topic that is covered extensively in Chapter 11.

The Feature Set

Bb734908.spacer(en-us,TechNet.10).gif Bb734908.spacer(en-us,TechNet.10).gif

This layer is divided into the following broad categories:

  • Cluster services 

  • Load balancing 

  • Synchronization and deployment 

  • Monitoring 

Note The health aspect of server and cluster monitoring is enabled by the Health Monitor snap-in, which is described in "Health Monitor version 2.1" later in this chapter.

Each of the feature set categories are described extensively in later chapters.

The Operating System

Bb734908.spacer(en-us,TechNet.10).gif Bb734908.spacer(en-us,TechNet.10).gif

The main elements of the operating system that the User Interface and Feature Set layers interact with are: the MMC, Microsoft Internet Information Services (IIS) version 5.0, the metabase, COM+, Network Load Balancing (NLB), and Microsoft Windows Management Instrumentation (WMI). Microsoft SQL Server 2000 (SQL Server) is outside this layer; however, it is integrated with the operating system and used solely for handling cluster-related data storage and retrieval.

MMC version 1.2

The primary view of the cluster administration tool is an MMC snap-in. The snap-in requires WMI and will run on any version of Windows 2000 if the Application Center Administrative client is installed. The MMC itself doesn't provide any management behavior but acts as a host for management applications. It provides a multi-document interface in which each window is a console. Each console can contain one or more administrative components (snap-ins) that supply the management behavior.

The snap-in consists of a user interface that you can use to configure the majority of Application Center's settings. However, there are some properties that are configurable only through scripts or the command line.

Note Because the goal of Application Center is Web server independence between the different versions of IIS, the Administrative client cannot be completely integrated with the IIS snap-in code base. It's recognized that configuring the settings on the Web server is an integral part of an administrator's daily job. To facilitate these activities and still achieve the design goal of Web server independence, Application Center allows the launching of external tools from within its own space.

The Application Center MMC provides several key elements:

  • The console window, which is the main viewing area for the console. 

  • The console tree pane, which is the leftmost pane of the console window. 

  • The details pane, which is the rightmost pane of the console window. 

  • The namespace, which collectively describes the console tree and details pane for a given snap-in, such as Application Center or IIS. 

  • Property dialog boxes, which are used to perform tasks such as alter server settings or launch a wizard. 

  • Wizards, which step a user through complex tasks. 

  • HTML-based and Windows Help, which provide context-sensitive Help. 

  • Links to appropriate external resources, such as articles related to a specific error message. 

The console tree is hierarchical and displays nodes that represent a cluster, cluster members, applications, events, and monitors. Derived by using Microsoft Win32 API code, these nodes support right-click pop-up menus and scoping. In the Web-based Administrative client, the console tree is presented, but it does not support pop-up menus or scoping.

The details pane provides a Web-based (HTML, Active Server Pages [ASP page], XML, DHTML, Vector Markup Language [VML]) view of information. These pages are used in both the Web-based Administrative client and the MMC-based Administrative client, and adjust according to the view that is in use. For example, the status pages in the Web-based Administrative client do not allow launching of external snap-ins such as Health Monitor or IIS. The details pane displays performance graphs and statistics, provides current status reports for the cluster and its members, and displays a list of certain tasks for a selected object, such as member synchronization.

Note The Web-based Administrative client does not provide access to property dialog box-based configuration.

Application Center depends on several other tools for complete configuration and management of its services. These tools enable you to administer IIS, use COM+ services, and customize Health Monitor settings.

WMI

Of the numerous elements that constitute Application Center, WMI is perhaps the heart and soul of the product. WMI is a set of extensions to the Windows Driver Model (WDM) that provide an operating system interface through which components can provide information and notification. Using a bi-directional access mechanism, WMI brings together the management data from the hardware platform, drivers, and applications and passes consolidated data to a management information store. This store uses the Common Information Model (CIM) as the basis for exposing and interacting with the data it holds. In combination, WMI and CIM provide a mechanism that enables management applications, platforms, and consoles to perform the following types of tasks:

  • Monitoring and reconciliation of hardware/software faults and alerts 

  • Preemptive maintenance 

  • Upgrade management and version control 

  • Capacity planning and performance management 

  • Enhanced security and asset management 

  • Operations management 

  • Automated management 

The architecture of the WMI technology consists of the following elements:

  • Management infrastructure—which comprises the WMI Service and CIM Repository. The WMI Service directly or indirectly coordinates all other WMI components. The CIM Repository holds static management data that changes infrequently. 

  • Managed objects—which consist of pieces of the enterprise network; they range from small devices, such as a disk drive, to a large software application, such as a database system. These objects, most of which existed before WMI, are modeled by using the CIM. 

  • WMI providers—which are components that supply dynamic management data about managed objects, handle object-specific requests, or generate WMI events. Providers communicate with the WMI service by using the COM/DCOM API and are typically written in C or C++. 

  • Management applications—which are client programs that use WMI information to carry out a variety of tasks, such as examining and reconfiguring managed objects or static data and measuring performance. These applications can be stand-alone applications, Microsoft ActiveX controls, scripts, and MMC snap-ins. Management applications can be written in any programming language that can communicate with the WMI Service by using a WMI-supported API. Among the supported APIs are the COM-based API for C/C++ and the scripting API for the Microsoft Visual Basic development system, DHTML, ASP, and Windows Script Host (WSH). 

Figure 3.2 shows a simple model of the WMI architecture, including its relationship to MMC snap-ins.

Bb734908.f03uj02(en-us,TechNet.10).gif

Figure 3.2 The WMI technology architecture 

As Figure 3.2 illustrates, MMC snap-ins such as Application Center can be used to display any information that is stored in WMI. The snap-in can also receive WMI event notification when information changes in the CIM Repository. Subsequent chapters deal with accessing WMI data in more detail, as well as placing information in the CIM Repository by using the Managed Object Format (MOF) language and its compiler.

IIS version 5.0

The primary role of IIS is serving Web content in response to client requests. This service includes the provision of server-side processing for ASP pages. Additionally, IIS supports Application Center administration by providing content for the MMC details pane as well as Web-based administration by providing pages served from port 4242 of any cluster member. Application Center uses port 4242 by default, but you can reassign this port number. Another thing to be aware of is that although this site is installed on each cluster member, all requests should be forwarded to the cluster controller, so the site is "served" by the controller alone.

There are substantial differences between Microsoft Internet Information Server version 4.0 and IIS 5.0, both in terms of feature changes and added features. Since IIS 5.0 is a core requirement for Application Center-managed clusters, these distinctions are very important, particularly when it comes to server performance tuning and application design.

The differences between the two versions are summarized in Table 3.2 and Table 3.3. Additionally, you can obtain detailed information about individual features in the IIS 5.0 Help.

Table 3.2 Changed Features in IIS 

Category

Description

Administration

· IIS supports running applications in pooled processes, providing increased performance and improved scalability.
· The Application Mappings dialog box contains a list of HTTP verbs that will be processed by an application, which is mapped to certain file types, rather than excluding verbs.
· The location of custom error messages is changed.
· The Web-based Internet Services manager is no longer available on the Start menu.

Programmatic administration

· Numerous Active Directory Service Interfaces (ADSI) changes are implemented, including site socket pooling, the removal/addition of ADSI properties, altered metabase key types for some properties, and different behavior for some properties.

ASP

· File system security is improved.
· Security is provided for local COM objects.
· Selected configurable entries now reside in the metabase.
· Several default settings and flags are changed.
· COM objects are released earlier.

Registry

· A collection of registry keys is removed.

Security

· Script source access is provided but disabled by default.
· Index this resource is enabled by default.
· The Microsoft FrontPage Web site creation and management tool is no longer set in the IIS snap-in but it is enabled by default.
· Security features are simplified and the following task wizards are provided: Permissions, Web Server Certificate, and certification trust lists (CTLs).

Performance

· Socket pooling is provided and enabled by default.
· In addition to supporting in-process and out-of-process ISAPI models, there is a pooled out-of-process model that provides increased performance, scalability, and security.
· Memory allocation is limited by new default values for cache sizes for ASP pages and script engines.

Table 3.3 New Features in IIS 

Category

Description

Administration

· IIS can be restarted without rebooting the server.
· Process accounting provides information about how individual Web sites use CPU resources on the server.
· Process throttling lets you limit the percentage of time the CPU spends processing out-of-process ASP, ISAPI, and Common Gateway Interface (CGI) applications for individual Web sites. In addition, misbehaving processes can be stopped and restarted.
· Custom error message capability is improved.

Programmability

· New ASP features enhance performance and streamline server-side scripts.
· Application protection is provided by support for both pooled and isolated processes.
· ADSI 2.0 allows the addition of custom objects, properties, and methods to the ADSI provider.

Security

· Digest authentication allows secure and robust authentication of users across proxy servers and firewalls.
· Server gated cryptography (SGC), an extension of Secure Sockets Layer (SSL), allows financial institutions with export versions of IIS to use 128-bit encryption.
· Security wizards for permissions, server certificates, and CTL are available.
· IIS is fully integrated with the Kerberos V5 authentication protocol.
· IIS certificate storage is integrated with the Windows cryptography API (CAPI) storage.
· IIS supports Fortezza.

Internet

· Web Distributed Authoring and Versioning (WebDAV) allows remote authors to create, move, or delete files, file properties, directories, and directory properties on a Web server over an HTTP connection.
· FTP restart allows FTP downloads to be resumed without having to download the entire file, if the download is interrupted.
· HTTP compression enables faster transmission of pages between the Web server and compression-enabled clients. It compresses and caches static files and performs on-demand compression of dynamically generated files.
The IIS Metabase

Application Center uses the IIS metabase to store server and cluster configuration settings.

If you haven't used IIS 5.0 extensively, you should refer to the IIS documentation to see how this information store operates, how it is structured, and how you can access it programmatically. The key aspects of the metabase are summarized next.

Organization

The metabase is organized in a hierarchical structure that mirrors the structure of the IIS installation. Figure 3.3 shows a portion of the IIS structure, which is arranged by key types. The metabase structure of your IIS and Application Center installation can consist of a varied number of elements, depending on your installation choices.

Bb734908.f03uj03(en-us,TechNet.10).gif

Figure 3.3 The IIS metabase hierarchy 

Metabase Properties and the Namespace

Each node in the metabase structure is called a key, and each key can contain one or more configuration values (Figure 3.4), called metabase properties. The Application Center metabase keys correspond to the elements of Application Center, and each key contains properties that affect the configuration of its associated element.

Bb734908.f03uj04(en-us,TechNet.10).gif

Figure 3.4 Using the IIS metabase to store property values 

Metabase keys that are associated with specific elements are referenced by their paths, which are analogous to a directory in a file system, within the metabase. The metabase path, or namespace, specifies the location of metabase properties. It is organized as follows:

LM/Service/Website/Root/virtual_directory/dir/file 

Where:

  • LM is the local computer 

  • Service is the Internet Service (W3SVC or MSFTPSVC) 

  • Website is the Web site 

  • Root is the virtual directory root 

  • virtual_directory is a virtual directory 

  • dir is a directory 

  • file is a file 

For example, if the namespace of the metabase path LM/W3SVC/Website1/Root is associated with the path C:\Inetpub\WWWrooot, the URL https://domain.com/default.htm can be mapped to the physical file path C:\Inetpub\WWWroot\Default.htm.

Note Key names in the metabase are not unique unless qualified by their metabase paths, just as different files with the same name can exist in different directories.

Figure 3.5, which provides a view of the metabase on an Application Center server, shows a highlighted metabase path.

Bb734908.f03uj05(en-us,TechNet.10).gif

Figure 3.5 A view of the ApplicationCenter metabase 

Property Inheritance

You can use the property inheritance feature of the metabase to configure your installation with few settings and to minimize the amount of memory required for the metabase. Most metabase properties are inheritable, meaning that they are not explicitly set at a specific key and will inherit values assigned at higher-level keys. For example, you can set file and directory permissions such as AccessScript, AccessExecute, and AccessWrite at the W3SVC level to apply to all files and directories in all server instances, or you can set them at the W3SVC/2/ROOT level to apply to all files and directories for the second Web server only. Then, you can set different permissions for individual subdirectories and files by explicitly setting them at lower levels. For example, you might set the AccessExecute permission property to TRUE for specific directories, virtual directories, or files, such as ...W3SVC/1/ROOT/VDir1/VDir1a, ...W3SVC/1/ROOT/VDir2/Dir2d, and ...W3SVC/1/ROOT/VDir2/Dir3/File1, and so on.

Most metabase properties are inheritable, except for a few that are used only at specific keys. Some properties in the metabase are lists of values, such as the ServerBindings property.

Flag properties, such as file access permissions, are often combined into one DWORD by use of bitmasking. The entire set of flags is stored together and inherits together. For example, if you change one of the file access permissions, such as AccessExecute, for a directory, the entire set of file access permissions is stored at the metabase key for that directory.

Metabase Access Control

The metabase key values are stored in a disk file, which is named Metabase.bin by default. The metabase is loaded from disk when IIS starts, stored to disk when IIS shuts down, and saved periodically while IIS is running. It is important to protect this file from unauthorized use. Additionally, it is recommended that you store this file on an NTFS partition protected by Windows security mechanisms.

Warning You can edit the metabase directly—a metabase editor (MetaEdit 2.0) ships with the Microsoft Windows 2000 Server Software Development Kit—but exercise extreme caution if you choose to do this. An incorrect value or deleted key could totally destroy your cluster configuration.

NLB

Network Load Balancing (NLB) is available with Microsoft Windows 2000 Advanced Server and supports clusters of up to 32 servers. NLB makes it possible to evenly distribute incoming traffic while also monitoring server and network adapter health across a server group. The NLB scaling out model, sometimes called software scaling, provides the dual benefits of simple, incremental scalability and high availability. For more information about NLB scalability and performance, see Network Load Balancing Technology Overview in the Appendix.

Note the following points regarding Windows NLB:

  • Although Application Center is fully integrated with NLB, the use of NLB is not mandatory, and support is provided for third-party load balancing solutions. 

  • NLB is backward compatible with the Microsoft Windows NT Load Balancing Service (WLBS) that runs on Windows NT Server 4.0. 

Because of its level of integration with Windows NLB, the Application Center interface provides a single point for configuring and managing NLB on a cluster. This level of integration ensures that all cluster services, such as replication, are fully aware of each other.

COM+

In addition to providing full support for COM+, Application Center provides Component Load Balancing (CLB) as one of its core services. Application Center uses a common interface for configuring and managing load-balanced component servers in the same manner as NLB. This unified view of cluster load balancing makes it very easy to manage cluster subsets that need to use either type of load balancing.

Health Monitor version 2.1

Bb734908.spacer(en-us,TechNet.10).gif Bb734908.spacer(en-us,TechNet.10).gif

Because Health Monitor is used extensively by Application Center, it's worthwhile noting the changes and enhancements to the new version of this tool. Table 3.4 summarizes the new features in Health Monitor 2.1.

Table 3.4 A Summary of the New Features in Health Monitor 2.1 

Category

Description

Data sources

Health Monitor now supports the following data sources:
· WMI instances
· WMI event queries
· WMI data queries
· Performance Monitor counters
· Windows NT events
· Application services and processes
· File or folder properties
· HTTP addresses
· FTP addresses
· Internet Control Message Protocol (ICMP) properties
· Simple Mail Transfer Protocol (SMTP) server properties
· COM+
· SQL-DMO (requires SQL Server 7.0, Service Pack 2)

User interface

The user interface provides more flexibility in customizing and configuring monitoring than was in Health Monitor 2.0. The major enhancements are:
· A redesigned console tree and details pane that supports more logical groupings of monitored items.
· A split pane view in the details pane.
· Advanced sorting capabilities.
· Support for column header customization.
· Support for resetting data collection values to zero and for manually resetting the state of any item back to Normal.

Actions

You can configure Health Monitor 2.1 to automatically perform an action when the conditions for a threshold are met.

Thresholds

This version of Health Monitor provides flexibility in configuring thresholds for applications—you can now modify existing thresholds and you can create new ones. Some examples of configuration flexibility are:
· Scheduling a threshold to run only at specific times.
· Creating thresholds that trigger events based on the current value, average value, or difference between established values.

SQL Server 2000 Desktop Engine

Bb734908.spacer(en-us,TechNet.10).gif Bb734908.spacer(en-us,TechNet.10).gif

The SQL Server version 2000 desktop engine is a run-time version of SQL Server that's used extensively by Application Center Event and Performance Logging and Application Center monitoring features. The SQL Server 2000 engine makes up the core of SQL Server technology. The following limitations and restrictions apply to the engine:

  • It does not include its own user interface or tools. Users interact with the SQL Server data engine through the application in which it is embedded. 

  • It has a 2-GB database size limit. 

  • It doesn't support symmetric multiprocessing (SMP) on Microsoft Windows 95 or later. 

  • It is optimized for five concurrent users. 

  • The Online Analytical Processing (OLAP) server is not included. 

This database stores and provides access to health and performance data for cluster members and the cluster as a whole. Chapter 7, "Monitoring," covers the role of this database in more detail. In Chapter 11, "Working with the Command Line Tool and Scripts," you'll see how you can use ASP scripts to access the database and build custom reports by using historical data.

Note Installation of Application Center Event and Performance Logging is not mandatory. However, the Application Center-specific data that's collected will not be available to you if it isn't installed.

Resources

Bb734908.spacer(en-us,TechNet.10).gif Bb734908.spacer(en-us,TechNet.10).gif

The following book and Web sites provide additional information about Windows 2000 Advanced Server and Application Center.

Book

The Internet Information Services Resource Guide (Microsoft Press, 2000).

This guide is one of the volumes that make up the Microsoft Windows 2000 Resource Kit. The guide provides information not found in the core documentation as well as software tools on a CD.

https://www.microsoft.com/windows2000/default.asp 

The Windows 2000 Web site provides the most up-to-date information about Windows 2000 Server and Application Center, as well as other server products.

https://www.microsoft.com/windows2000/techinfo/howitworks/iis/iis5techoverview.asp 

The site provides a technical overview of IIS 5.0.

https://www.microsoft.com/sql 

This Web site provides the most current information about the SQL Server 2000 product line.

Bb734908.spacer(en-us,TechNet.10).gif