1 / 19

Windows Server AppFabric Cache

Windows Server AppFabric Cache. Security & Management. Outline. AppFabric + Powershell Security Performance monitoring Logging. Setting up PowerShell. Two PowerShell Modules are installed with AppFabric Cache DistributedCacheAdministration DistributedCacheConfiguration

suzy
Télécharger la présentation

Windows Server AppFabric Cache

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Windows Server AppFabric Cache Security & Management

  2. Outline • AppFabric + Powershell • Security • Performance monitoring • Logging

  3. Setting up PowerShell • Two PowerShell Modules are installed with AppFabric Cache • DistributedCacheAdministration • DistributedCacheConfiguration • Bring them into PowerShell by using Import-Module • Get-Commands –module DistributedCacheAdministration • Returns list of Cache specific CmdLets

  4. Loading configuration • Use-CacheCluster loads the cluster configuration into your PowerShell context • Defaults to configuration for the current machine • Use parameters to load different configuration • If you specify parameters you must specify both

  5. Customizing your profile • On a development machine its useful to preconfigure your shell • Type $profile in your shell to return profile file path (it may not exist yet!) • Open or create file the ps1 file (one for shell and one for ISE) • Add imports and Use-CacheCluster Import-Module DistributedCacheAdministration Import-Module DistributedCacheConfiguration Use-CacheCluster

  6. Control cmdlets

  7. Configuration cmdlets

  8. Cache cmdlets

  9. Security • Domain Based Security Option • On by default • Domain Account / Local Account based Authentication • Only authorized servers can join the cluster • Only authorized clients can connect to the cluster • Transport Level Security • Turn on/off Signing or Encryption • Can turn off Cache Security • Use Firewalls, IPSec, VLANs to protect cache grant-cacheallowedclientaccountMyDomain\Machine1$ grant-cacheallowedclientaccountMyDomain\Jon

  10. Security cmdlets

  11. Security configuration • Cache security settings tweak underlying WCF binding that is used • NetTcpBinding • Mode and ProtectionLevelcontrol same settings at the WCF binding level

  12. Mode and ProtectionLevel

  13. Client security configuration <?xmlversion="1.0"?> <configuration> <configSections> <!-- required to read the <dataCacheClient> element --> <sectionname="dataCacheClient" type="Microsoft.ApplicationServer.Caching.DataCacheClientSection, Microsoft.ApplicationServer.Caching.Core, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" /> </configSections> <dataCacheClient> <securityPropertiesmode="None" protectionLevel="None" /> <localCache isEnabled="true" sync=“Timeoutbased" objectCount="100000" ttlValue="300" /> <hosts> <hostname="Demo2010a"cachePort="22233" /> </hosts> </dataCacheClient> </configuration>

  14. Changing cluster security • Must be done after installation and configuration • Cluster must be stopped • Clients must match configuration exactly – or else they cannot connect! … <advancedProperties> <securityPropertiesmode="None" protectionLevel="None" /> </advancedProperties> …

  15. Performance monitoring

  16. Logging • Cache participates in ETW tracing • Use logman to enabled • Also supports explicit log files • Use Set-CacheLogging cmdlet • Logging available on both client and server

  17. Enabling ETW • logman create trace MySessionName –o test.etl –p {A77DCF21-545F-4191-B3D0-C396CF2683F2} 0x00000005 -ets Set-CacheLogging –LogLevel VERBOSE –File c:\cache.log

  18. Summary • The AppFabric Powershellcmdlets provide a powerful way to manage your Cache Cluster • Security configuration can be managed through cmdlets or by changing cluster configuration • Performance monitoring and logging can give you enhanced visibility into the activity and health of your cluster

  19. Questions?

More Related