Part 5 covered setting up our SQL-Server Cluster, so now it’s time to do the same but this time for our BizTalk 2010 Server environment. Once again this post assumes you’ve followed all steps mentioned in the previous posts. All… Read more ›
Blog Post by: Ren%u00e9 Brauwers
Part 5 covered setting up our SQL-Server Cluster, so now it’s time to do the same but this time for our BizTalk 2010 Server environment.
Once again this post assumes you’ve followed all steps mentioned in the previous posts. All right let’s get on with it
Please note the following with regards to MSMQ: http://technet.microsoft.com/en-us/library/cc730960.aspx
In case you’ve already installed the MSMQ feature as instructed in part 4, please uninstall the MSMQ feature and then apply the AD modifications as mentioned here: http://technet.microsoft.com/en-us/library/cc730960.aspx . . Once done, add the MSMQ feature again as mentioned in part 4. Sorry for the inconvenience, but this part was unintended left out in the original part 4 (The current version of Part 4 has been updated)
Before we can actually start with Clustering BizTalk Server, we need to perform all kinds of other things, like:
Once these steps are done, we will create our BizTalk Cluster Group.
Logon to your first server on which BizTalk will be installed, in my case that would be BTS001. Once logged on; open the ‘server manager’ and expand the Roles node and ensure you’ve added the following roles:
Now select ‘Application Server’ and in the main pane in the Server Manager scroll down to the Role Services. In total you should see that 13 role services are installed.
if you’re missing any of the role-services mentioned above, add them by clicking on the ‘Add Role Services’
Once double-checked, select the ‘Web Server (IIS) role and in the main pane in the Server Manager scroll down to the Role Services. In total you should see that 36 role services are installed
if you’re missing any of the role-services mentioned above, add them by clicking on the ‘Add Role Services’
Once verified, expand the Features node in the Server Manager and select ‘features’. Ensure that you have the features as mentioned below in the image installed.
if you’re missing any of the features as mentioned above, add them by clicking on the ‘Add Features’
Open up the windows firewall, by going to Start and in the search box simple type: ‘Windows Firewall with Advanced Security’ followed by hitting ‘enter’
Within the MMC-Snap in, click on ‘Windows Firewall Properties’
A window will appear. Go to the first tab named ‘Domain Profile’ and ensure the firewall state is set to ‘Off’. If not turn it ‘Off’
Go to the second tab named ‘Private Profile’ and ensure the firewall state is set to ‘Off’. If not turn it ‘Off’
Go back to the Server manager, expand Roles –> Web Server (IIS) and select the ‘Internet Information Services (IIS) Manager’
The Internet Information Services (IIS) Manager will appear in the main pain. Expand the Server Node and select Application Pools.
In the Actions pane, click on the ‘Set Application Pool Defaults…’
Change the following settings and once done click on ‘ok’:
In the actions, select ‘Add Application Pool…’
Now we will add an application pool, which will be dedicated to BizTalk. In order to do so, enter a descriptive name (I’ve used BizTalkApplicationPool). Once done click on ‘ok’
In the main pane, right click on the newly created Application Pool and select ‘Advanced Settings’
Select the ‘Identity item’, and click on the ‘…’
Select ‘Custom Account’ and click on the ‘Set…’ button.
Fill out the details and use trusted BizTalk Service account you’ve set up earlier in Active Directory (in my case ‘srvc-bts-trusted@lab.motion10.com’) Once done, click ‘ok’, and once more ‘ok’.
Your screen should look similar to the picture shown below. Once verified, click ‘ok’
go to start and type into the search box ‘Component Services’ and hit enter.
the Component Services MMC snap in will open; now extend the ‘Component Service’ node, do the same for the node ‘Computers’ and ‘My Computer’
Expand the ‘Distributed Transaction Coordinator’ , right click on ‘local DTC’ and select ‘properties’
Within the Properties window go the the ‘Security Tab’
On this tab, check (enable) the following item:
Click on ‘Ok, a message box will appear stating that the MSDTC service needs to be stopped and started. Click on Yes
Close the Component Services Snap in.
First verify that we’ve set-up our link with our Fileserver. Do this by clicking on Start and in the search box type ‘iSCSI Initiator’ and hit ‘enter’ (a pop-up might appear, just click ‘ok’)
In the ‘iSCSI Initiator Properties’ screen, go to the ‘Discovery’ tab and click on ‘Discover Portal…’
Type in the DNS name of your File Server (in my case that is ‘EUROPOORT’) and press ‘ok’
Now click on the ‘Targets’ tab and checking the status
The status should say ‘Inactive’, in order to use this Target we have to Connect to it. Do so by Clicking on the ‘Connect’ button.
A popup will appear, check the setting and press ‘ok’
You should now be connected to the File Server. Once verified, press ‘ok’
Go back to your ‘Server Manager’, expand the ‘Storage’ node and select ‘Disk Management’
At this point you should notice several disks which are not online.
If they are ‘offline’ bring them ‘online’ by right clicking on a disk and selecting ‘Online’ (repeat this step for all offline disks)
You now should have the availability of your additional storage devices.
Once done, repeat all the steps mentioned above starting with ‘Verifying the required Server Roles and Features’ on your other BizTalk server (in my case this would be BTS002)
Well at this point we are still not quite ready to install BizTalk and to Cluster BizTalk. Before we can actually start with this, we need to perform the following actions:
Once these steps are done, we will install Biztalk, configure BizTalk and last but not least Cluster BizTalk.
Log on to your ‘Master’ Server on which you want to install BizTalk. In my case that would be BTS001.
Go to start and in the search box type ‘Failover Cluster Manager’ and then hit ‘enter’
In your Failover Cluster Manager, first click on ‘Validate a configuration’
On the ‘Before you begin’ screen, press ‘next’
Now Enter the server names (or browse) which you want to be part of your cluster. In my case that would be ‘BTS001 and BTS002’ and then select ‘Next’
on the ‘Testing Options’ screen, select the ‘Run all tests’ option and select ‘next’
Confirm the settings and then select ‘Next’
Once the validation has completed, it should show a summary which should not include any warnings. Examine the report (View Report) click on Finish.
From within your ‘Failover Cluster Manager’ select the ‘Create a Cluster’ link
On the ‘Before you begin’ screen, press ‘next’
Now Enter the server names (or browse) which you want to be part of your cluster. In my case that would be ‘BTS001 and BTS002’ and then select ‘Next’
On the ‘Access Point for Administering the Cluster’ enter a Cluster name, and a designated IP Address and click ‘next’ once done.
I’ve used the following:
Cluster Name: CLUSTER_BIZTALK
IP Address: 192.168.8.32
Confirm your settings and then click ‘next’
On the ‘Summary’ screen, press ‘Finish’
Open up the ‘Cluster Manager’, right click on your cluster node (my case: CLUSTER_BIZTALK ) and select ‘More Actions’ –> ‘Configure Cluster Quorum Setting’
On the ‘Select Quorum Configuration’ screen, select the option ‘Node and File Share Majority’ and press ‘Next’
On the ‘Configure File Share Witness’ screen, browse to your Shared ‘Wittness’ Folder which you’ve created earlier (see previous part). In my case I’ve selected the folder ‘Majority_BTS’ on the EUROPOORT server. Once done press ‘Ok’ and then ‘Next’
Conform the settings and press ‘next’
On the ‘Summary’ screen, press ‘Finish’
Open up the ‘Cluster Manager’, expend the CLUSTER_BIZTALK node and right click on Storage and select ‘Add a disk’
A list of available disks will appear, ensure that they are all selected and press ‘ok’
Now for each disk add a logical name, this is done by right clicking on a disk and selecting ‘properties’
Change the Resource Name to a logical Name; I’ve set it up as follow
Cluster_Disk 1 – DTC_STORE
Cluster_Disk 2 – MSMQ_STORE
Cluster_Disk 3 – FILE_STORE
Go back to the ‘Failover Cluster Manager’ and expand your created Cluster (my case: CLUSTER_BIZTALK) and right click on ‘Services and Applications’ and select ‘Configure a Service or Application…’
On the ‘Select Service or Application’ screen, select ‘Other Server’ and then press ‘next’
On the ‘Client Access Point’ screen, fill out the actual name of your BizTalk Cluster Name and assign it an IP and once done press ‘Next’. I’ve used the following settings:
Name: BTS2010
IP: 192.168.8.33
On the ‘Select Storage’ screen, add the required DATA Stores and press ‘Next’
On the ‘Confirmation’ screen, review the settings and press ‘Next’
On the ‘Summary’ screen, press ‘Finish’
In the ‘Failover Cluster Manager’ right-click your newly created ‘BizTalk Cluster Resource’ and select ‘properties’
On the ‘Properties’ screen, ensure to Check your main server as being the ‘Preferred owner’; in my case this is BTS001. Once done click ‘ok’.
At this point we’ve created our BizTalk Cluster Group and BizTalk Cluster Resource. The later one will actually host all services required for our BizTalk Failover Cluster.
Now it is time to add those cluster resources which are required in our BizTalk Failover Cluster.
The first cluster resource we will add to our BizTalk Cluster Group will be the IIS. As we are not using a NLB, we have to perform a few tricks which enable us at least to Cluster out to use BizTalk Web Application and our BizTalk Application Pool. The next steps will explain how to achieve this.
Go back to the Server manager, expand Roles –> Web Server (IIS) and select the ‘Internet Information Services (IIS) Manager’
The Internet Information Services (IIS) Manager will appear in the main pain. Expand the Server Node and select the ‘Server Name’ (in my case BTS001)
In the main pane, go to the IIS Section and double click on ‘HTTP Response Headers’
In the actions pane, click on ‘Add..’
The ‘Add Custom HTTP Response Header’ windows will appear. In this window we will add a custom header which will ensure that all trafic redirected to our BizTalk Cluster Group will point to the Localhost. In my case I filled out the following information. Once done press ok.
Name: BTS2010
Value: http://localhost
Now go to your second server (in my case BTS002) and perform the above mentioned step ‘Adding HTTP Response Header’. Once done; return to your main server (BTS001)
On your main server (BTS001), open your nest friend ‘Notepad’ and copy and paste the following code to it:
'<begin script sample>
'This script provides high availability for IIS websites
'By default, it monitors the "Default Web Site" and "DefaultAppPool"
'To monitor another web site, change the SITE_NAME below
'To monitor another application pool, change the APP_POOL_NAME below
'More thorough and application-specific health monitoring logic can be added to the script if needed
Option Explicit
DIM SITE_NAME
DIM APP_POOL_NAME
Dim START_WEB_SITE
Dim START_APP_POOL
Dim SITES_SECTION_NAME
Dim APPLICATION_POOLS_SECTION_NAME
Dim CONFIG_APPHOST_ROOT
Dim STOP_WEB_SITE
'Note:
'Replace this with the site and application pool you want to configure high availability for
'Make sure that the same web site and application pool in the script exist on all cluster nodes. Note that the names are case-sensitive.
SITE_NAME = "Default Web Site"
APP_POOL_NAME = "DefaultAppPool"
START_WEB_SITE = 0
START_APP_POOL = 0
STOP_WEB_SITE = 1
SITES_SECTION_NAME = "system.applicationHost/sites"
APPLICATION_POOLS_SECTION_NAME = "system.applicationHost/applicationPools"
CONFIG_APPHOST_ROOT = "MACHINE/WEBROOT/APPHOST"
'Helper script functions
'Find the index of the website on this node
Function FindSiteIndex(collection, siteName)
Dim i
FindSiteIndex = -1
For i = 0 To (CInt(collection.Count) - 1)
If collection.Item(i).GetPropertyByName("name").Value = siteName Then
FindSiteIndex = i
Exit For
End If
Next
End Function
'Find the index of the application pool on this node
Function FindAppPoolIndex(collection, appPoolName)
Dim i
FindAppPoolIndex = -1
For i = 0 To (CInt(collection.Count) - 1)
If collection.Item(i).GetPropertyByName("name").Value = appPoolName Then
FindAppPoolIndex = i
Exit For
End If
Next
End Function
'Get the state of the website
Function GetWebSiteState(adminManager, siteName)
Dim sitesSection, sitesSectionCollection, siteSection, index, siteMethods, startMethod, executeMethod
Set sitesSection = adminManager.GetAdminSection(SITES_SECTION_NAME, CONFIG_APPHOST_ROOT)
Set sitesSectionCollection = sitesSection.Collection
index = FindSiteIndex(sitesSectionCollection, siteName)
If index = -1 Then
GetWebSiteState = -1
End If
Set siteSection = sitesSectionCollection(index)
GetWebSiteState = siteSection.GetPropertyByName("state").Value
End Function
'Get the state of the ApplicationPool
Function GetAppPoolState(adminManager, appPool)
Dim configSection, index, appPoolState
set configSection = adminManager.GetAdminSection(APPLICATION_POOLS_SECTION_NAME, CONFIG_APPHOST_ROOT)
index = FindAppPoolIndex(configSection.Collection, appPool)
If index = -1 Then
GetAppPoolState = -1
End If
GetAppPoolState = configSection.Collection.Item(index).GetPropertyByName("state").Value
End Function
'Start the w3svc service on this node
Function StartW3SVC()
Dim objWmiProvider
Dim objService
Dim strServiceState
Dim response
'Check to see if the service is running
set objWmiProvider = GetObject("winmgmts:/root/cimv2")
set objService = objWmiProvider.get("win32_service='w3svc'")
strServiceState = objService.state
If ucase(strServiceState) = "RUNNING" Then
StartW3SVC = True
Else
'If the service is not running, try to start it
response = objService.StartService()
'response = 0 or 10 indicates that the request to start was accepted
If ( response <> 0 ) and ( response <> 10 ) Then
StartW3SVC = False
Else
StartW3SVC = True
End If
End If
End Function
'Start the application pool for the website
Function StartAppPool()
Dim ahwriter, appPoolsSection, appPoolsCollection, index, appPool, appPoolMethods, startMethod, callStartMethod
Set ahwriter = CreateObject("Microsoft.ApplicationHost.WritableAdminManager")
Set appPoolsSection = ahwriter.GetAdminSection(APPLICATION_POOLS_SECTION_NAME, CONFIG_APPHOST_ROOT)
Set appPoolsCollection = appPoolsSection.Collection
index = FindAppPoolIndex(appPoolsCollection, APP_POOL_NAME)
Set appPool = appPoolsCollection.Item(index)
'See if it is already started
If appPool.GetPropertyByName("state").Value = 1 Then
StartAppPool = True
Exit Function
End If
'Try To start the application pool
Set appPoolMethods = appPool.Methods
Set startMethod = appPoolMethods.Item(START_APP_POOL)
Set callStartMethod = startMethod.CreateInstance()
callStartMethod.Execute()
'If started return true, otherwise return false
If appPool.GetPropertyByName("state").Value = 1 Then
StartAppPool = True
Else
StartAppPool = False
End If
End Function
'Start the website
Function StartWebSite()
Dim ahwriter, sitesSection, sitesSectionCollection, siteSection, index, siteMethods, startMethod, executeMethod
Set ahwriter = CreateObject("Microsoft.ApplicationHost.WritableAdminManager")
Set sitesSection = ahwriter.GetAdminSection(SITES_SECTION_NAME, CONFIG_APPHOST_ROOT)
Set sitesSectionCollection = sitesSection.Collection
index = FindSiteIndex(sitesSectionCollection, SITE_NAME)
Set siteSection = sitesSectionCollection(index)
if siteSection.GetPropertyByName("state").Value = 1 Then
'Site is already started
StartWebSite = True
Exit Function
End If
'Try to start site
Set siteMethods = siteSection.Methods
Set startMethod = siteMethods.Item(START_WEB_SITE)
Set executeMethod = startMethod.CreateInstance()
executeMethod.Execute()
'Check to see if the site started, if not return false
If siteSection.GetPropertyByName("state").Value = 1 Then
StartWebSite = True
Else
StartWebSite = False
End If
End Function
'Stop the website
Function StopWebSite()
Dim ahwriter, sitesSection, sitesSectionCollection, siteSection, index, siteMethods, startMethod, executeMethod, autoStartProperty
Set ahwriter = CreateObject("Microsoft achat viagra 50.ApplicationHost.WritableAdminManager")
Set sitesSection = ahwriter.GetAdminSection(SITES_SECTION_NAME, CONFIG_APPHOST_ROOT)
Set sitesSectionCollection = sitesSection.Collection
index = FindSiteIndex(sitesSectionCollection, SITE_NAME)
Set siteSection = sitesSectionCollection(index)
'Stop the site
Set siteMethods = siteSection.Methods
Set startMethod = siteMethods.Item(STOP_WEB_SITE)
Set executeMethod = startMethod.CreateInstance()
executeMethod.Execute()
End Function
'Cluster resource entry points. More details here:
'http://msdn.microsoft.com/en-us/library/aa372846(VS.85).aspx
'Cluster resource Online entry point
'Make sure the website and the application pool are started
Function Online( )
Dim bOnline
'Make sure w3svc is started
bOnline = StartW3SVC()
If bOnline <> True Then
Resource.LogInformation "The resource failed to come online because w3svc could not be started."
Online = False
Exit Function
End If
'Make sure the application pool is started
bOnline = StartAppPool()
If bOnline <> True Then
Resource.LogInformation "The resource failed to come online because the application pool could not be started."
Online = False
Exit Function
End If
'Make sure the website is started
bOnline = StartWebSite()
If bOnline <> True Then
Resource.LogInformation "The resource failed to come online because the web site could not be started."
Online = False
Exit Function
End If
Online = true
End Function
'Cluster resource offline entry point
'Stop the website
Function Offline( )
StopWebSite()
Offline = true
End Function
'Cluster resource LooksAlive entry point
'Check for the health of the website and the application pool
Function LooksAlive( )
Dim adminManager, appPoolState, configSection, i, appPoolName, appPool, index
i = 0
Set adminManager = CreateObject("Microsoft.ApplicationHost.AdminManager")
appPoolState = -1
'Get the state of the website
if GetWebSiteState(adminManager, SITE_NAME) <> 1 Then
Resource.LogInformation "The resource failed because the " & SITE_NAME & " web site is not started."
LooksAlive = false
Exit Function
End If
'Get the state of the Application Pool
if GetAppPoolState(adminManager, APP_POOL_NAME) <> 1 Then
Resource.LogInformation "The resource failed because Application Pool " & APP_POOL_NAME & " is not started."
LooksAlive = false
Exit Function
end if
' Web site and Application Pool state are valid return true
LooksAlive = true
End Function
'Cluster resource IsAlive entry point
'Do the same health checks as LooksAlive
'If a more thorough than what we do in LooksAlive is required, this should be performed here
Function IsAlive()
IsAlive = LooksAlive
End Function
'Cluster resource Open entry point
Function Open()
Open = true
End Function
'Cluster resource Close entry point
Function Close()
Close = true
End Function
'Cluster resource Terminate entry point
Function Terminate()
Terminate = true
End Function
'<end script sample>
script source credits: http://support.microsoft.com/kb/970759/
Once you’ve copied the code into notepad, look for the following two lines
SITE_NAME = “Default Web Site”
APP_POOL_NAME = “DefaultAppPool”
Change both the values of SITE_NAME and APP_POOL_NAME to your corresponding settings in IIS; in my case:
SITE_NAME = “Default Web Site”
APP_POOL_NAME = “BizTalkApplicationPool”
Save the file as ‘BizTalk_IIS_Script_Resource.vbs’ and store it on one of your Clustered Disks (I used the DATA_STORE (F:)
Go back to the ‘Failover Cluster Manager’, expand Services and Applications and ‘right click’ the BizTalk Cluster Resource (in my case: BTS2010). Select ‘Add a resource’ –> ‘3 – Generic Script’
On the ‘Generic Script Info’ screen enter the complete file path to your ‘BizTalk_IIS_Script_Resource.vbs’ file. Once done press ‘next’
.
Confirm the changes, and press ‘Next’
On the ‘summary’ screen, press ‘finish’
Now right click on your Script File (Other Resources in the main pane of the Failover Cluster Manager) and select ‘properties’
Go to the ‘Dependencies’ tab, and add dependencies for the resources : ‘Name’ and ‘File Store’. Once done press ‘Ok’
Now right click on your Script File (Other Resources in the main pane of the Failover Cluster Manager) and select ‘bring this resource online’
Now that we’ve clustered IIS, we can move to our next challenge. Clustering the ‘Microsoft Distributed Transaction Coordinator’. Actually this is quite straightforward.
Go back to your Main Server (BTS001). Open the Failover Cluster Manager, ‘right click’ on your BizTalk Cluster Resource and select ‘Add a resource’ –> ‘More Resources’ –> ‘2- Add Distributed Transaction Coordinator’
A new resource has been added; ‘right click’ it and select ‘properties’
Go to the ‘Dependencies’ tab and add dependencies for the resources : ‘Name’ and ‘File Store’. Once done press ‘Ok’
Now right click on your DTC Resource and select ‘bring this resource online’
Now go to ‘Start’ and in the search box type: ‘Component Services’ and press ‘enter’
on the ‘Component Services’ screen, expand ‘Component Services’ –> ‘Computers’ –> ‘My Computer’ –> ‘Distributed Transaction Coordinator’ –> ‘Clustered DTCs’. Right click on your BizTalk Cluster Resource Name (BTS2010) and select ‘properties’
Now select the ‘Security Tab’ and ensure that the follow settings are checked / enabled. Once done press ‘Ok’
Now that we’ve clustered our DTC, we can move to our next challenge. Clustering MSMQ. Actually this is quite straightforward.
Go back to your Main Server (BTS001). Open the Failover Cluster Manager, ‘right click’ on your BizTalk Cluster Resource and select ‘Add a resource’ –> ‘More Resources’ –> ‘8- Add Message Queuing’
A new resource has been added; ‘right click’ it and select ‘properties’
Go to the ‘Dependencies’ tab and add dependencies for the resources : ‘Name’, ‘MSMQ Store’ and ‘MSDTC-BTS2010’ . Once done press ‘Ok’
Now right click on your MSMQ Resource and select ‘bring this resource online’
Now go to ‘Start’ and in the search box type: ‘Computer Management’ and press ‘enter’
On the ‘Computer Management’ screen, click on ‘Actions’ –> ‘Connect to another computer…’
In the ‘another computer’ box type the name of your BizTalk Cluster Resource (in my case: BTS2010) and press ‘ok’
Expand ‘Services and Applications’ and right click on ‘Message Queuing’ and select ‘properties’
On the ‘Message Queuing Properties’ screen, select the ‘security’ tab and click ‘add’
On the ‘Select Users, Computers, Service Accounts, or groups’ screen, enter this BizTalk Untrusted Service Account (in my case srvc-bts-untrusted@lab.motion10.com) and press ‘ok’ once done
Select the just added Service Account and grant this user ‘Full Control’, once done press ‘ok’
Well it has been another long read but this sums up part 6. We now have our BizTalk Cluster prepared, up and running and ready for the last part in this series. Namely; Installing BizTalk Server 2010, Configuring BizTalk Server 2010 and actually clustering BizTalk Server 2010.
At the end of part 5, I mentioned that part 7 would be most likely about playing around with the BizTalk Best Practices Analyzer. Well I guess you’ve noticed by now that this will most likely be a Part 8
Well I hope you enjoyed the posts so far, check back soon and feel free to leave any comments, remarks and/or suggestions with regards to Blog posts you would like to see in the future.
Cheers
René
Ive recently just setup BizTalk 360 (http://www.biztalk360.com/)to try out the monitoring capabilities. I also thought it would be interesting to see how things go since this given environment was a BizTalk 2006R2 environment and fairly old stuff now.
I had a couple of issues during the install/setup but i was able to solve all of these using the troubleshooting page on the BizTalk 360 website and a little common sense. To be honest a couple of them were me being a bit lazy and not reading the install notes properly.
The changes I had to make were as follows:
1. Changed connection string to the biztalk 360 database as described on the troubleshooting website to integrated security
2. Change the IIS6 virtual directory to .net 4 rather than .net 2
3. Add the full trust element to the web.config file for BizTalk 360
4. Add the IIS NT Authentication providers as described on the troubleshooting page
Bearing in mind this was a CTP release I was very pleased with the support on the website which helped me to get this setup andeven with these problems it still took less than 20 minutes. I would expect BizTalk 2006 to be a slightly less target for the BizTalk 360 team than BizTalk 2010 but it goes to prove it can be installed pretty easily and im not enjoying the management features which I think are a big opportunity for lots of organisations to really get their production operations of biztalk working in secure and effective way
Good job guys
In the past, while testing with large volume of messages in a lab environment in one of my client machines, the processes started to get suspended with the following error: Uncaught exception (see the ‘inner exception’ below) has suspended an instance of service ‘MyAssembley.Orchestrations.Service (6dbc699a-a109-9141-f05e-444b065a1a09)’. The service instance will remain suspended until administratively resumed or […]
Blog Post by: Sandro Pereira
News is a bit old now, but Ihave been awarded an MVP from Microsoft for the second year in a row.
The MVPprogramme is a superb offering from Microsoft, and it’s a great community to be a part of, so thanks again guys!
At the UK Connected Systems User Group meeting yesterday we had a good session from Imran on Azure AppFabric. We ran out of evening before the end of the session, so I didn’t get to raise this question, but it’s a crucial point for me. The Service Bus exists to easily expose internal services to the outside world. It’s an easy sell to tech guys, but I haven’t yet worked with a client’s security team who are open to the concept.
Ithink the security guys have a good point: the status quo for exposing internal services to business partners involves VPNs, DMZs, NAT, firewall exceptions etc. Imran described this as “complex”, and from a delivery point of view it may be. But from a security point of view, it’s not complex, it’s just what they do. And there are two reasons why the security guys are happy with the status quo: 1) they understand the attack surface; 2) they own the attack surface.
Understanding the Attack Surface
Microsoft have a very detailed and approachable whitepaper on how secure Azure is: Windows Azure Security Overview (PDF, login required). There are a lot of familiar and reassuring security technologies and practices in the Azure stack. It’s a shift from the attack surface they know and understand, but there should be enough for security guys to agree that the model is enterprise-grade. I would say the end-to-end is more secure than most enterprises can realistically achieve – but I’m not a security guy.
Owning the Attack Surface
This is far more important. When you’re securing your own infrastructure, the payback for all the effort is that you own the attack surface. If an attack is mounted then you should have the tools and the access needed to deal with it, which means: 1) being able to see that you are under attack; 2) being able to identify the nature of the attack and (eventually) its source; 3) having the ability to contain the attack, routing past weaknesses or (at worst) taking the service down.
With Azure playing Service Bus, the only part of the attack surface you own is your internal endpoint. Hopefully you’d see obvious things like DDOS attacks and certificate hacks, but hopefully they wouldn’t get to you anyway.
What if the attack happens outside of your infrastructure – say an attacker is able to record your service requests and responses as they route through Azure*? And say they gain access to your keys so they can decrypt the content? Ignore for the moment how difficult that would be, and the chain of failures it would need to support that attack. The question is: how do you know about it? Maybe Microsoft will send a friendly email – “hey, your service has been compromised and someone’s reading all of your traffic right now. Do you want us to take the service down or just let it run?”. Maybe it’ll take a couple of hours before they discover the attack, and a series of meetings escalating up the veep chain before clearance is given to send that email. Maybe it would take far longer to identify an attack and identify who’s been compromised.
And that’s what I think is stopping the security guys from signing off this approach. You don’t own the attack surface, so you don’t know if you’re being attacked. And if your provider does get attacked, there’s a massive public relations and commercial incentive for them to keep quiet about it.
So, steer clear of the Service Bus then?
I’d say “no, but think about what you’re exposing”. I don’t imagine we will never see a security exploit in Azure. The same is true for AWS and any other cloud service, and the worst scenarios will have to be supported by poor security practices in the exploited party. What makes the Service Bus different is that you’re dealing with core business functionality.
If someone hacks Dropbox, quietly copies all of my documents and the provider doesn’t know or doesn’t tell me, that’s bad news. But it’s static content and in any case if it’s confidential, I shouldn’t be storing it on the Internet. But if someone hacks Azure AppFabric and can read Service Bus payloads, then they know my contracts and can potentially send in their own requests to my core systems. If that’s a service exposing reference data so a business partner can show my product list, it may not be an issue. If it’s a service for business partners to submit an invoice which my financial system processes, it may be more of an issue.
This isn’t an anti-Azure post and I have no significant concerns about the security model on offer in Azure AppFabric. I use Azure for my own business services and I’m happy to recommend it to clients. The Service Bus gives you a fantastic path to getting properly connected within and between enterprises. The issue is about recognising that no system is 100% secure, understanding the worst case scenario and factoring that into your decision matrix for publishing services on the Internet.
* – relay bindings will use direct connections if possible, but it’s not always possible so you can assume a worst case that all calls will route through Azure
I’m on the Cloud Foundry bandwagon a bit and thought that I’d demonstrate the very easy steps for you all to try out this new platform-as-a-service (PaaS) from VMware that targets multiple programming languages and can (eventually) be used both on-premise and in the cloud. To be sure, I’m not “off” Windows Azure, but the […]
Blog Post by: Richard Seroter
Today after I deploy and configure a new version of an existence solution, I tried to start the application and it gave me the following error: TITLE: BizTalk Server 2006 Administration Console —————————— Could not enlist orchestration ‘MyAssembley, Version=1.0.0.0, Culture=neutral, PublicKeyToken=776eb620b83c3d30′. Could not enlist orchestration ‘MyAssembley, Version=1.0.0.0, Culture=neutral, PublicKeyToken=776eb620b83c3d30′. Object reference not set to an […]
Blog Post by: Sandro Pereira
This blog post is about migrating an EPiServer database from SQL Server 2008 to SQL Server 2005. We’ll also briefly address an issue with LINQ to Entities when going from SQL Server 2008 to SQL…
Daniel Berg’s blog about ASP.NET, EPiServer, SharePoint, BizTalk
If you are in and around London, you got an opportunity to see the potential of BizTalk 360 live demo at London Connected Systems user group meeting tonight. There are still few tickets available for the event, you can register at http://ukcsbugmay2011.eventbrite.com/
Apart from BizTalk 360, there are two more interesting talks
Session 1
Topic: BizTalk Appfabric Connect (the need and the solution) by Imran Shafqat
In this session Imran will talk about the need of using WCF services in an environment already hosting BizTalk Server. Imran will then highlight some of the pain points that developers have to go through using this approach followed by discussion on how App Fabric connect provides a solution to some of these concerns.
Session 2
Topic: Behaviour Driven BizTalk Development by Michael Stephenson
In this session Michael will discuss how BDD can be used to help deliver successful BizTalk projects. Michael will also show how SpecFlow and BizUnit can be combined in your development processes to create testable behaviours to drive your development on BizTalk 2010.
See you all tonight.
Nandri!
Saravana