See, "Performance and Reliability," (Chapter 5, p. The second stage, the processing of the request and the response, is handled by a new system, called the application pool, which is in turn serviced by one or more worker processes. This first component, the HTTP request mechanism, is supported by HTTP.sys?otherwise known as the Kernel Mode Driver. The solution within IIS 6 is to separate the two core stages in any HTTP request, the actual request and the response, and provide protected and independent areas for executing user sourced applications. When scaling up to multiple processors or machines, the same basic bottleneck remains.Īlthough previous versions gave the impression of being integrated into the OS, the reality is that IIS was just another application. Performance can be significantly impaired.īecause a single process is responsible both for accepting and processing many of the requests, clients can be waiting to communicate a request while another user is still being serviced. One top-heavy process has to deal the majority of the processing because a rogue user-mode application could be sapping CPU and memory from the other requests. If the application provides a method for accessing the application in a nondocumented fashion, you have a potentially lethal security breach that could be used to access your entire network. If an application supported through IIS crashes, the chances are that either it will crash IIS or it will 'steal' resources from other Web sites and applications. The effect is to introduce a number of largely uncontrollable problems: Supporting most Web applications relies on using untrusted, third-party applications, often written by inexperienced programmers even when developing within a corporate environment.
To add complications to this, the very nature of supporting Web applications means that you are immediately open to potential abuse from programmers and Web designers. The primary problem with IIS 5 and lower is that it was always a bolt-on attachment to the original operating system?although it was integrated into the security systems, operated as a service, and it was never truly an operating system component, such as the file service or active directory. If you take a closer look at how previous versions of IIS have worked, you can see that IIS has always being trying to ice-skate uphill.
0 kommentar(er)
