question

NajeebullaKhan-5763 avatar image
0 Votes"
NajeebullaKhan-5763 asked NajeebullaKhan-5763 answered

IIS WEB SERVER FARM CONFIGURATION

Setting up a IIS WEB SERVER FARM

Hardware setup: I have 6 Servers,
i) Server A, is File Server for Shares - hosting WEBCONTENT, WEBCONFIG, CERTSTORE & ARRCONFIG shares.
ii) Server B, C & D - are IIS Web Servers in shared configuration and using the directories, WEBCONFIG & WEBCONTENT.
iii) Server E & F - are 2 Web Servers running Application Routing Request and URL Rewrite. These two servers are running NLB and and having a shared configuration using the directory, ARRCONFIG.
Also, on these servers Centralized Certificate Store is configured.

Scenario:
I installed WEB SERVER Role on all WEB SERVERS (B, C & D) and accessed http://localhost & it opened IIS Default page. I added a Demo Site to Server B and it was working fine (http://demosite.com:90) . I copied the contents of Demo Site to WEBCONTENT folder and enabled Shared configuration. I later added other two servers to shared configuration.

I installed WEB SERVER Role on Servers E & F. After that installed URL Re-write & ARR Module. On Server E, I created a Web Server FARM and added the servers B, C & D to the Farm. I enabled Server Proxy and added the URL to the "Health" Check option of Web Server Farm. I verified the URL and the Test was passed as 'OK'.

My Question, how do I configure URL Rewrite or Reverse Proxy so that clients connecting to ARR servers using the URL should open the page. I have a added a DNS entry to AD, pointing the web url to NLB IP of ARR.

Let me know which part I'm missing or needs to be configured.

For URL Rewrite I read some links,
https://docs.microsoft.com/en-us/iis/extensions/url-rewrite-module/reverse-proxy-with-url-rewrite-v2-and-application-request-routing

I was not able to see Web.config file since it is a Shared Configuration. I edited the Administration.config file in ARRCONFIG Share. I added the URL Re-write code within <System.webserver> </System.webserver> as per step 2 of that post above. AM I doing it correctly?

I have configured Centralized Certificate Store and still not yet used because my demo sites are still not using https. So If I plan to use HTTPS, do I just store my certificates in CERTSTORE or do i need to do additional bindings?

Please guide me as to what I'm missing.

windows-server-iis
· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

@NajeebullaKhan-5763 About how to configure URL Rewrite or Reverse Proxy you can also refer to this link: reverse proxy. Web.config is in your reverse proxy server, you need to ad the URL Rewrite rule in the reverse proxy server instead of Administration.config file. about how to use the https in iis, you can refer to this link: how-to-set-up-ssl-on-iis.


0 Votes 0 ·
NajeebullaKhan-5763 avatar image
0 Votes"
NajeebullaKhan-5763 answered

Thank you SamWu - for your reply.109624-iis-design.jpg



I have attached the design diagram.

My Question:
1. Do I need Forward Proxy or Reverse Proxy? My understanding is Reverse Proxy. If I'm wrong, guide me.
2. How do I configure Reverse Proxy so that clients connecting to ARR servers using the URL should open the page. I have a added a DNS entry to AD, pointing the web url to NLB IP of ARR. ex: demosite.com - 192.168.10.90

When You open IIS, When the Server Name is selected - URL rewrite - Add Rule - I don't see Reverse Proxy Option; Where as, when I select the Default Web Site, - URL rewrite - Add Rule - I see Reverse Proxy Option; Where should I exactly create a rule.

In My domain DNS, should I create an "A" record for the website pointing to the NLB VIP of the ARR Servers and also create another "A" record for the NLB VIP pointing to the Server Farm (zoneops.webfarm.spring.com).

For URL Rewrite I read some links,
https://docs.microsoft.com/en-us/iis/extensions/url-rewrite-module/reverse-proxy-with-url-rewrite-v2-and-application-request-routing

When I was editing the Web.config file in ARR Servers for URL Rewrite, it kept giving me syntax error. Do I need to add the Reverse Proxy rule under Inbound Rule or Outbound Rule.


iis-design.jpg (71.4 KiB)
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

NajeebullaKhan-5763 avatar image
0 Votes"
NajeebullaKhan-5763 answered SamWu-MSFT commented

The question is same but i was trying to post with design diagram..

I'm a little confused so I was trying to post the question in at least 2 places to get an answer.
I will list all the steps as I have undertood, please let me know if I'm correct or wrong.

Step 1: Create a Web Server Farm (say, zoneops.webfarm.spring.com) and add backend Web Servers (WEBSVR01, WEBSVR02 & WEBSVR03) to it. When creating the Farm, go under advanced and add the port HTTP: 8080 and HTTP: 443 etc

Step 2: Enable Server Proxy and give Reverse Proxy Server name as "zoneops.webfarm.spring.com:8080". Here Do I need to specify anything under "Proxy Server" section.

Step 3: Edit the web.config file to add the URL Rewrite section to Outbound Rules. I need help here in configuring correctly.

Step 4: Add DNS entry to the Active Directory pointing website name to nlb ip of ARR Server so that when any request comes to ARR it should be forwarded to Server Farm and subsequently to WEB SERVERs in the backend,

Step 5: on ARR Servers, expand IIS, under Default Web Site - url rewrite and add Reverse Proxy Rule - I need help here .in configuring correctly.

Step 6: on ARR Servers, what bindings should I specify?

· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

@NajeebullaKhan-5763

under Default Web Site - url rewrite and add Reverse Proxy Rule - I need help here .in configuring correctly.


Don't you know how to create your url rule?

on ARR Servers, what bindings should I specify?

You configured the arr according to the link above. Do you have any questions about where to configure it? Maybe you should learn Application Request Routing from the beginning: application-request-routing-version-2-overview


0 Votes 0 ·
NajeebullaKhan-5763 avatar image
0 Votes"
NajeebullaKhan-5763 answered SamWu-MSFT commented

I made a small change. On all IIS Servers, I edited the default photo of IIS Page and added the local server name, so that when I open http://localhost I see the default IIS image with Server Name on it.

After this I re-created the Server Farm and from my client side when I open the URL like http://demosite.spring.com it loads the IIS Page of either websvr01, or websvr02 or websvr03.

now I tried re-creating the URL Rewrite rule under IIS- Default WebSite-AddRule- (here I tried user friendly url, Inbound rule, outbound rule etc) but still same page opens.


client inputs http://demosite.spring.com.local
redirect to website url: demosite.spring.com:90

I need a little guidance here.


· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

@NajeebullaKhan-5763 I suggest you use failed request tracking to view the detailed process.


0 Votes 0 ·
NajeebullaKhan-5763 avatar image
0 Votes"
NajeebullaKhan-5763 answered

hello SamWu,
Before I start troubleshooting with "Failed Request Tracing" i want to understand the logic in this URL Rewrite. This is because I can only troubleshoot something which I have understood logically correct.

so far what i have achieved is, when the webfarm is listening on port 80, without creating any rules manually (one rule gets created automatically) the request is forwarded to the 3 web servers and default IIS page opens up because on all respective servers, the default web site is running on port 80.

what further rule should I create so that when I accessed the page "http://demosite.spring.com" it should be redirect or rewritten to "http://demosite.spring.com:90"
Where should I create this Rule? on ARR Server, under Servername -Rules (global section) - Inbound or Outbound
OR under Default Web Site on ARR Servers?

I was even thinking should I install url rewrite on Web Servers itself and redirect incoming URL's to appropriate URLs. Is there any documentation, video (paid/unpaid), or blog/forum where they have explained URL Rewrite with examples.

Since there are few sites only to begin with I want to understand in detail so that I don't face any issues..



5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

SamWu-MSFT avatar image
0 Votes"
SamWu-MSFT answered

@NajeebullaKhan-5763

what further rule should I create so that when I accessed the page "http://demosite.spring.com" it should be redirect or rewritten to "http://demosite.spring.com:90"

The rule action should look like this: <action type="Redirect" url="http://demosite.spring.com:90" />

Where should I create this Rule? on ARR Server, under Servername -Rules (global section) - Inbound or Outbound OR under Default Web Site on ARR Servers?

You should create this rule in arr service.

I was even thinking should I install url rewrite on Web Servers itself and redirect incoming URL's to appropriate URLs. Is there any documentation, video (paid/unpaid), or blog/forum where they have explained URL Rewrite with examples.

These links should help you:

  1. Creating Rewrite Rules for the URL Rewrite Module

  2. 10 URL Rewriting Tips and Tricks


If the answer is helpful, please click "Accept Answer" and upvote it.

Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.


5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

NajeebullaKhan-5763 avatar image
0 Votes"
NajeebullaKhan-5763 answered

i finally made it working by following this method.

  1. When I created the Server Farm, I added all the servers using the port 8080.

  2. In the Web Servers, I added the Site "demosite.spring.com:8080"

  3. I made a small change in the application.config file manually and it started working.

  4. Now I added a second site to the Web Servers "action.spring.com:8085" and "adventure.spring.com:8090"

  5. I created two new Server Farms on ARR, one pointing to 8085 & another pointing to 8090.

  6. I made the same small change in application.config file & this time it is not working.

What I'm thinking is, I should uncheck the option "stop processing more rules" and most importantly "in the default rules that are created on ARR, modify the pattern from to match these respectively
^demosite.

^action.
^adventure.

Let me know if you have any other ideas for 2nd & 3rd farm.

Thanks



5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.