IIS Web Farm Exclusions using SkipDirectives

It is possible to exclude both a web site and/or directory from a Web Farm sync using the SkipDirectives tag via the ApplicationHost.config file for IIS. Keep in mind that excluding a website only prevents the site from being listed in IIS on the Secondary nodes, however, the exclusion will not prevent the website’s content from being copied to the Secondary node if the content exists within the web root folder which by default is C:\inetpub\wwwroot. To exclude the site content you must use the ‘dirPath’ attribute in the Skip Name.

These changes will occur between the WebFarms tags located in ApplicationHost.config which by default is saved to C:\Windows\System32\Intesrv\Config\ApplicationHost.config.

This is a sample of the webFarms tag and the subtags that it will typically contain.

<webFarm name=”TestFarm” enabled=”true” adminUserName=”*****” adminPassword=”*****” primaryServer=”Pri”>
<server address=”Pri” enabled=”false” />
<server address=”Sec” enabled=”false” />
<platformProvision stopOnInstall=”false” periodicSync=”00:05:00″ syncPlatformFromPrimary=”true” />
<applicationProvision offlineWhileSync=”false” syncWebServerFromPrimary=”true” periodicSync=”00:00:30″>
<skip name=”Test” skipDirective=”objectName=dirPath,absolutePath=.*test.*” />

Skipping a Website
Skipping a web site is fairly straight-forward. You will simply use the SkipDirectives and Skip Name tags as listed below by replacing “skipwebsite” with the name you would like to give the skip rule and replace “websitename” with the name of the web site as it appears in IIS.

<skip name=”skipwebsite” skipDirective=”objectName=site,absolutePath=websitename”/>

Skipping a folder or sub-folder
Skipping a folder from the web farm sync is all about the formatting of the file path. Even though the tag shows this as [absolutePath] in the parameters, you do not actually use the absolute path which would look like this “C:\inetpub\wwwroot\website”. Instead you separate the directories with a period “.” starting from the Web root directory (default is C:\inetpub\wwwroot) and can only exclude from the wwwroot path, which would look something like this…

<skip name=”path” skipDirective=”objectName=dirPath,absolutePath=.*MyWebSiteDirectory.*” />

Essentially what we are doing is replacing C:\inetpub\wwwroot\MyWebSiteDirectory with .*MyWebSiteDirectory.*

example of a folder

<skip name=”skipfolder” skipDirective=”objectName=dirPath,absolutePath=.*folder.*” />

example of a sub folder

<skip name=”skipsubfolder” skipDirective=”objectName=dirPath,absolutePath=.*folder.subfolder.*” />

Installing and Configuring a IIS 7 Web Farm Framework

Before you begin the installation of a IIS Web Farm please be aware of the following caveats.

  • IMPORTANT: The only supported version of Web Deploy for use with WFF in IIS is 2.0. Do NOT install Web Deploy 3.0, it will break the Web Farm which may result in a complete re-configuration of the farm. For more information on this please see the following Microsoft KB Article 2772386
  • The Primary Server’s main role should be replication. As such, it is recommended that the primary server NOT serve content, and should not be included in the load balanced rotation.
  • The Web Farm is intended to ‘mirror’ the configuration and data from the Primary Server to the Secondary nodes. As such you must keep in mind that if the Secondary servers contain web sites in IIS and data within the root IIS directory prior to the configuration of the Web Farm then the sites and IIS root directory will be overwritten with that of the Primary server when the ‘sync’ occurs.
  • When uploading content to the farm, always upload to the Primary Server. Otherwise, the content will simply be over-written during the next ‘sync’.
  • Bindings: These will need to be set to “All Unassigned” for the “IP Address” field. For example, if you have a site “testsite.com” that specifies the IP, then this IP will not exist on any of the secondary servers, which will cause binding errors on those Secondary servers.
  • Always make changes to the Primary server only. Changes to the Secondary servers will result in a roll back to what is configured on the Primary Server when the next ‘sync’ occurs. This is also true of FTP sites.
  • A dynamic website that has many changes per hour may not be a good fit for WFF, this is because the farm will constantly be in a repair status as new content is being published to the Primary node.
  • By default, the log directory will be overwritten using what is on the Primary server. If you are following best practices, your Primary server will not be hosting any content, therefore, you will have no useful IIS logs. To work around this, you would need to setup an exclusion for the log file directory. Go to the following link on how-to add exclusions to the farm replication, IIS Web Farm Exclusions using SkipDirectives

Now that you are aware of the risks and if you are still inclined to run with the IIS Web Farm install, here is my recommended process.

1. Install IIS 7 on the Primary Server, directions on how to do so are located at the following link. Why re-invent the wheel, right?

Download Link: http://www.iis.net/learn/install/installing-iis-7/installing-iis-7-and-above-on-windows-server-2008-or-windows-server-2008-r2

2. Install Web Platform Installer (WPI) version 3 with the default configuration on the Primary Server. The WPI v3 installer can be downloaded from the link below.

Download Link: http://www.microsoft.com/en-us/download/details.aspx?id=6164

3. Install Web Deploy 2.0 on the Primary Server. Make sure to perform a ‘Custom Install’ and select all sub-components. If any of the features and/or sub-features contain a red ‘x’ indicating that the feature will not be installed then [click] on the feature and from the drop-down list [select] “entire feature will be installed on the local hard drive”. Continue with the install using the default settings for the remainder of the installation.

Web Deploy Features Selection

Download Link: http://www.microsoft.com/en-us/download/details.aspx?id=25230

4. Install the Web Farm Framework (WFF) v 2.2 on all nodes in the farm.  Although the WFF should be capable of installing across all nodes in the farm there have been some instances where this does not replication properly.  To address possible synchronization issues with WFF I recommend installing this component on all nodes.  Use the default settings. The WFF installer can be downloaded from the link below.

Download Link:http://www.iis.net/downloads/microsoft/web-farm-framework

CONFIGURATION “User Account Creation and Windows Firewall Rules”

1. On all Web Farm nodes; Primary and Secondary, configure a local admin user for use with the Web Farm. Use the same username and password on all web farm nodes. Take note of the username and password as it will be essential when adding servers to the farm at a later date.

2. Create Firewall rules between all web farm nodes that will allow for replication to occur.  The following protocols will need to be allowed between the nodes.

  • webfarmAgentService
  • Remote Administration (RPC-EPMAP) and (RPC-NP-In) and (RPC)
  • File and Printer Sharing (SMB-In)

The following screen caps are for adding the Remote Administration Rules. You can use a similar process for adding the webFarmAgentService and File and Printer Sharing (SMB-In) rules.

Windows Firewall - Remote Administration 1

Windows Firewall - Remote Administration 2

Windows Firewall - Remote Administration 3

Windows Firewall - Remote Administration 4

CONFIGURATION “IIS: Creating The Farm”
Now that we have installed all the necessary components, created our logins and amended the firewall it is time to set-up IIS and create the farm.

1. Login to the IIS Server

2. Launch IIS (start -> run -> “inetsrv”)

3. In the IIS tree expand down to Server Farms (ServerHostName/Server Farms)

4. [Right-Click] on ‘Server Farms’ and [Select] ‘Create Server Farm’.

5. Specify the server farm name and [Select] “Server farm is available for load balancing” and “Provision server farm”.

6.Fill-in the “User name or credential store target”, “Password” and “Confirm Password” fields with the username and password that we created above. [Click] “Next”

Creating the Farm

7. In the “Add Servers” box type in the Primary Server’s hostname or IP Address where indicated. [Select] “Server is available for Load Balancing” if the server will be load balanced. [Select] “Primary Server” as this will be the Primary server of our Farm.

Add Primary Server

8. [Click] “Add” then [Click] “Finish”

CONFIGURATION “IIS: Adding Servers To The Farm”
CONGRATULATIONS!!! The Farm is now created and you can join additional servers to the farm.

1. In the IIS tree expand down to Servers under the Server Farm Name (ServerHostName/Server Farms/Server Farm Name/Servers)

2. [Right-Click] on ‘Servers’ and [Select] ‘Add Servers’.

3. In the Server name or address field enter the server hostname or IP address of the server that you are adding to the farm.

4. [Select] the “Server is available for Load Balancing” option.

5.[Click] “Add” then [Click] “OK”

Add Secondary Server - Step 1

Add Secondary Server - Step 2

6.Wait for the Web Farm sync to complete and then confirm the new server has been added to the farm and status shows as ‘Yes’ under “ready for load balancing”.

Ready for Load Balancing

7.Choose Provisioning options.


8.[Double-Click] Application Provisioning. Enable “application” by checking the box where indicated. Disable “Take server offline while syncing applications” by removing the check mark (if applicable). [Click] “Apply”.

Application Provisioning

9.[Double-Click] Platform Provisioning. Disable “platform provisioning” and “Take server offline while syncing applications” by removing the check marks (if applicable). [Click] “Apply”.

Disable Platform Provisioning