I've posted this in the Umbraco forums but haven't gotten much feedback there yet. We are in the process of setting up Umbraco 7 in the following environment:
- Two Windows Server 2008 R2 Web Server edition systems in a Windows Network Load Balanced (NLB) cluster (two NICs each with unique private management IP addresses)
- Nodes use an IIS 7.5 shared configuration
- Content is maintained on a clustered Windows file server and accesed by the web servers via a UNC share
We are planning on hosting the Umbraco files/content on the network share (as opposed to the extra overhead of setting up a file replication system).
I have followed this document - http://our.umbraco.org/documentation/installation/load-balancing - as best I could, but it doesn't directly address the issue of using an IIS shared configuration. Given that, can anyone help with the following questions?
1) Since there’s no mention in the documentation of operating in an IIS shared configuration, I see some potential problems, especially regarding the section that talks about assigning unique host headers to each server in the cluster:
- With an IIS shared configuration host headers are shared among the participating hosts
- Host headers don’t really mean anything in an HTTPS environment anyway (we are planning to operate the site as 100% HTTPS)
- It’s not clear how much this matters because each cluster node does have a unique backend IP address which, as far as I can tell, is the important part
2) The documentation stresses designating a single server as the “back office server” for administration of content and states that this is even more important when using a shared content arrangement like we are planning to do. The issue seems to be with preventing file locks from interfering with each other.
- Could this be handled in the NLB configuration by making sure the admin traffic site is only ever handled by a single host at any given time? (This would be similar to how we manage SMTP traffic in the cluster – when the first node is up it always handles SMTP traffic. If that node is down at any point, the second node handles SMTP traffic until the first node rejoins the cluster.)
- Or is it crucial that one node always handles admin/content update traffic and content updating will simply not be available if that node is down at any given time?
- How is the admin server identified? What prevents a secondary server from providing access to the administration pages?
Thanks for any and all feedback!
UPDATE: Dealing with #1 hasn't been too hard - I'm not using host headers but that doesn't seem to matter. I've bound each of the nodes' unique IP addresses to the site in IIS so they each respond as needed (and effectively ignore IP addresses that don't apply). Using a wildcard certificate has simplified this as well.
Handling #2 has been a little trickier. There's nothing in Umbraco that looks at the hostname being used so each node will provide access to the admin pages if they receive requests for them. As mentioned in my comment below I've been looking at the URL Rewrite module in IIS to ensure admin traffic only goes to one host, but what gets redirected is an additional question. See the thread I have at the Umbraco forums for more on that.
