SharePoint 2010 Sandboxed Solutions

Präsentation zum Thema: "SharePoint 2010 Sandboxed Solutions"—  Präsentation transkript:

1 SharePoint 2010 Sandboxed Solutions
Presentation_title SharePoint 2010 Sandboxed Solutions Endlich kontrollierte SharePoint-Erweiterungen! Was ist neu für Entwickler und Administratoren? Michael Hofer 1stQuad Solutions dd/mm/yyyy, author_alias

2 Agenda Warum Sandboxed Solutions? 5‘ Die Sandbox-Architektur 5‘
Presentation_title Agenda Warum Sandboxed Solutions? 5‘ Die Sandbox-Architektur 5‘ Entwicklung (Demo) 15‘ Administration (Demo) 15‘ Full-Trust Proxies (Demo) 15‘ Wrap-Up 5‘ dd/mm/yyyy, author_alias

3 Wieso braucht SharePoint Sandboxed Solutions?
Warum? Wieso braucht SharePoint Sandboxed Solutions?

4 Erweiterungen unter MOSS 2007 / WSS 3.0
SharePoint 2010 Developer Workshop (Beta2) Erweiterungen unter MOSS 2007 / WSS 3.0 Entwickler entwerfen, entwickeln & testen individuelle Erweiterungen. Entwickler

5 Erweiterungen unter MOSS 2007 / WSS 3.0
SharePoint 2010 Developer Workshop (Beta2) Erweiterungen unter MOSS 2007 / WSS 3.0 Entwickler entwerfen, entwickeln & testen individuelle Erweiterungen. Administratoren stellen Applikations-Sicherheit mittels spezieller Code-Access-Security (CAS) sicher. Können individuellen Code (meist) nicht prüfen (lassen). Entwickler Administratoren

6 Erweiterungen unter MOSS 2007 / WSS 3.0
SharePoint 2010 Developer Workshop (Beta2) Erweiterungen unter MOSS 2007 / WSS 3.0 Entwickler entwerfen, entwickeln & testen individuelle Erweiterungen. Administratoren stellen Applikations-Sicherheit mittels spezieller Code-Access-Security (CAS) sicher. Können individuellen Code (meist) nicht prüfen (lassen). Site-Collection Besitzer aktivieren & benützen Erweiterungen. Melden schlechte Performance, Fehler und dergleichen. Entwickler Administratoren Site-Collection Besitzer

7 Erweiterungen unter MOSS 2007 / WSS 3.0
SharePoint 2010 Developer Workshop (Beta2) Erweiterungen unter MOSS 2007 / WSS 3.0 Entwickler entwerfen, entwickeln & testen individuelle Erweiterungen. Administratoren stellen Applikations-Sicherheit mittels spezieller Code-Access-Security (CAS) sicher. Können individuellen Code (meist) nicht prüfen (lassen). Site-Collection Besitzer aktivieren & benützen Erweiterungen. Melden schlechte Performance, Fehler und dergleichen. Entwickler Undisposed Objects? Memory Leaks? Performace? Stabilität? Der häufigste Grund für SharePoint Support Cases: CUSTOM CODE Administratoren Site-Collection Besitzer

8 Neu: Sandboxed Solutions
MS Confidential : SharePoint 2010 Developer Workshop (Beta1) Lecture 13: Sandboxed Solutions - 8 Neu: Sandboxed Solutions “Normale” SharePoint Solutions (WSP), aber Teilmenge (Subset) der SharePoint Funktionalität / Namespaces wird unterstützt. Code wird in einer geschützten “SandBox” in einem eigenen Prozess mit spezieller CAS ausgeführt: Mit Ressourcen verbinden, die nicht auf dem lokalen Server sind? Verboten! Das Threading-Modell ändern? Verboten! Auf das Datei-System schreiben? Verboten! Unmanaged Code aufrufen? Verboten! Ressourcen von anderen Site-Collections? Verboten! Werden von Site-Collection Administratoren in “Solution Gallery” installiert, aktiviert, überwacht, deaktiviert und –installiert.

9 SharePoint 2010 Sandboxed Solutions
SharePoint 2010 Developer Workshop (Beta2) SharePoint 2010 Sandboxed Solutions Entwickler entwerfen, entwickeln & testen individuelle Erweiterungen. Entwickler

10 SharePoint 2010 Sandboxed Solutions
SharePoint 2010 Developer Workshop (Beta2) SharePoint 2010 Sandboxed Solutions Entwickler entwerfen, entwickeln & testen individuelle Erweiterungen. Site-Collection Besitzer installieren und aktivieren die Erweiterungen. Überwachen und deaktivieren Erweiterungen falls nötig. Entwickler Site-Collection Besitzer

11 SharePoint 2010 Sandboxed Solutions
SharePoint 2010 Developer Workshop (Beta2) SharePoint 2010 Sandboxed Solutions Entwickler entwerfen, entwickeln & testen individuelle Erweiterungen. Site-Collection Besitzer installieren und aktivieren die Erweiterungen. Überwachen und deaktivieren Erweiterungen falls nötig. Administratoren überwachen die Gesamtheit der Erweiterungen. Automatisches “Throttling” & Abstellen von problematischen Erweiterungen. Entwickler Site Collection Besitzer Administratoren

12 Die Architektur der Sandbox

13 Die Sandbox-Architektur
3/28/2017 8:10 PM Die Sandbox-Architektur FRONT END BACK END Execution Manager (Inside Application Pool) Host Services (SPUCHostService.exe) IIS (WPW3.EXE) Worker Service (SPUCWorkerProcess.exe) Untrusted Code Subset Object Model Full Object Model © 2007 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

14 Die Sandbox-Architektur
3/28/2017 8:10 PM Die Sandbox-Architektur FRONT END BACK END Execution Manager (Inside Application Pool) Host Services (SPUCHostService.exe) IIS (W3WP.EXE) Worker Service (SPUCWorkerProcess.exe) Untrusted Code Subset Object Model Subset-Model Request Full Object Model © 2007 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

15 Die Sandbox-Architektur
3/28/2017 8:10 PM Die Sandbox-Architektur FRONT END BACK END Execution Manager (Inside Application Pool) Host Services (SPUCHostService.exe) IIS (W3WP.EXE) Worker Service (SPUCWorkerProcess.exe) Untrusted Code Subset Object Model Full-Model Request Full Object Model © 2007 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

16 Die Sandbox-Architektur
3/28/2017 8:10 PM Die Sandbox-Architektur FRONT END BACK END Execution Manager (Inside Application Pool) Host Services (SPUCHostService.exe) IIS (W3WP.EXE) Worker Service (SPUCWorkerProcess.exe) while(true) { //Do a Bad Bad Thing! } Untrusted Code Run for 30sec Subset Object Model Resource Wasting Call Full Object Model © 2007 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

17 12/02/08 SharePoint Developer Workshop: MS Confidential
Code Access Security AspNetHostingPermission, Level=Minimal SharePointPermission, ObjectModel=true SecurityPermission, Flags=Execution Sandbox User Code My.dll wss_usercode.config Other.dll System DLL Framework Code SharePoint DLL Full Trust SharePoint OM Subset OM

18 Entwicklung von Sandboxed Solutions

19 Microsoft SharePoint Conference 2009
3/28/2017 Was geht und was nicht Geht: Content Types, Site Columns List Definitions & Instances Web Templates Site Pages Navigation ASP.NET web parts Deklarative Workflows Event Receivers, Feature Receivers Custom Actions InfoPath Forms Services (not admin-appr) JavaScript, AJAX, jQuery, Silverlight Module / Dateien Geht NICHT Farm & Web Application Features Timer Jobs SharePoint/Visuelle Web Parts Verwenden der WebPartManager Programmatische Workflows Dateien im Dateisystem / SharePoint Root Content Type Binding Custom Action groups HideCustomAction element WebParts in der Sandbox: Müssen von System.Web.UI.WebControls.WebParts.WebPart abgeleitet sein Keine WebPart-Connections Keine asynchronen Post-Backs Client-Scripts müssen beim ScriptManager registriert werden. © 2009 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

20 Einschränkungen im Objektmodell
Microsoft SharePoint Conference 2009 3/28/2017 Einschränkungen im Objektmodell Microsoft.SharePoint ausser (einige) SPSite Konstruktor SPSecurity Objekt SPWorkItem and SPWorkItemCollection Objekte SPAlertCollection.Add Methode SPAlertTemplateCollection.Add Methode SPUserSolution and SPUserSolutionCollection Objekte SPTransformUtilities Microsoft.SharePoint.Navigation Microsoft.SharePoint.Utilities ausser SPUtility.Send Methode SPUtility.GetNTFullNameand FromLogin Methode Microsoft.SharePoint.Workflow Microsoft.SharePoint.WebPartPages ausser SPWebPartManager Objekt SPWebPartConnection Objekt WebPartZone Objekt WebPartPage Objekt ToolPane Objekt ToolPart Objekt Referenz: © 2009 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

21 Sandboxed Solutions entwickeln
Gleiches Vorgehen wie bei Farm Solutions: Gleiche Projekt-/Package Struktur, gleiches Objekt- und Deklarationsmodell. ACHTUNG: Visual Studio 2010 braucht IntelliSense um Full-Trust Typen zu verstecken, aber der Code wird gegen die volle API kompiliert! Workaround: Microsoft.SharePoint.dll Projekt-Reference auf Version der SandBox ändern: [..]\14\UserCode\Assemblies\Microsoft.SharePoint.dll ACHTUNG: Wieder zurücksetzten vor dem Deployment Full Object Model Subset Object Model MyWebPart.dll Proxy Runtime

22 Sandboxed Solution entwickeln
Demo Sandboxed Solution entwickeln

23 Sandboxed Solutions administrieren & validieren
Administration Sandboxed Solutions administrieren & validieren

24 Farm-Architektur & Skalierung
Ausführung von User-(Sandboxed)-Solutions ist ein Farm-Server Service. Skalierbar! Load-Balancing Aufgerufener Server, oder Umleitung auf Server nach “Solution Affinity” Eigene Regeln möglich!

25 Administration von Sandboxed Solutions
In Central Administration Einzelne Solutions komplett blockieren Quotas setzen Pro Site Collection In Quota Template Maximum & Warning Ressource Usage per day Mit Power Shell Get-SPSite | foreach-object {$_.Quota.UserCodeMaximumLevel = 300} Get-SPSite | foreach-object {$_.Quota.UserCodeWarningLevel = 100}

26 Wie funktionieren Resource Quotas?
Bei der Ausführung einer Sandboxed Solution werden best. Metriken erfasst z.B. % Prozessor-Zeit oder Nr. von unbehandelten Exceptions Timer Jobs kompilieren die Metriken und berechnen einen Ressourcen-Verbrauch im Punktesystem Wenn alle Sandboxed Solutions einer Site Collection zusammen die täglich möglichen Ressourcen-Punkte verbraucht haben wird die gesamte Sandbox der Site Collection abgestellt. Benutzer sehen den gesamten Verbrauch sowie den individuellen Verbrauch je Solution in der Solution-Gallery:

27 Überwachte Ressourcen
Microsoft SharePoint Server 2010 Ignite! 3/28/2017 Überwachte Ressourcen Metric Name Description Units Resources Per Point Hard Limit AbnormalProcessTerminationCount Process gets abnormally terminated Count 1 CPUExecutionTime CPU exception time Seconds 3,600 60 CriticalExceptionCount Critical exception fired Number 10 3 InvocationCount Number of times solution has been invoked N/A PercentProcessorTime Note: # of cores not factored in Percentage Units of Overall Processor Consumed 85 100 ProcessCPUCycles CPU Cycles 1E+11 ProcessHandleCount Windows Handles 10,000 1,000 ProcessIOBytes (Hard Limit Only) Bytes written to IO Bytes 1E+08 ProcessThreadCount Number of Threads in Overall Process Threads 200 ProcessVirtualBytes (Hard Limit Only) Memory consumed 1E+09 SharePointDatabaseQueryCount SharePoint DB Queries Invoked 20 SharePointDatabaseQueryTime Amount of time spent waiting for a query to be performed 120 UnhandledExceptionCount Unhanded Exceptions 50 UnresponsiveprocessCount We have to kill the process because it has become unresponsive 2 © 2009 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

28 Validatoren Erlauben, Sandboxed Solutions vor der Aktivierung zu überprüfen Code-Klassen, die von SPSolutionValidator ableiten: Registrieren: public class PublicKeyTokenSolutionValidator : SPSolutionValidator { public const string InternalName = "PublicKeyTokenSolutionValidator"; public PublicKeyTokenSolutionValidator() { ... } public PublicKeyTokenSolutionValidator(SPUserCodeService sandboxService) : base(InternalName, sandboxService) { ... } public override void ValidateSolution(SPSolutionValidationProperties properties) { ... } public override void ValidateAssembly(SPSolutionValidationProperties properties, SPSolutionFile assembly) {...} } SPUserCodeService sandboxService = SPUserCodeService.Local; SPSolutionValidator publicKeyTokenSolutionValidator = new PublicKeyTokenSolutionValidator(sandboxService); sandboxService.SolutionValidators.Add(publicKeyTokenSolutionValidator);

29 Sandboxed Solutions administrieren & validieren
Demo Sandboxed Solutions administrieren & validieren

30 Die Sandbox mit Full-Trust Proxies erweitern

31 Microsoft SharePoint Conference 2009
3/28/2017 Full-Trust Proxy Erlauben den Zugriff auf Sandbox-geschützte Ressourcen SPProxyOperationsArgs = Bindeglied zwischen Farm und Sandbox SPProxyOperation = Farm-Seitig registrierte Full-Trust Operationen Worker Service (SPUCWorkerProcess.exe) GAC Untrusted Code SPProxyOperationsArgs SPProxyOperationsArgs SPUtility. ExecuteRegisteredProxyOperation SPProxyOperation Secured Resource © 2009 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

32 Die Sandbox mit Full-Trust Proxies erweitern
Demo Die Sandbox mit Full-Trust Proxies erweitern

33 Top 10 Gründe für Sandboxed Solutions
SharePoint 2010 Developer Workshop (Beta2) Top 10 Gründe für Sandboxed Solutions Neue Möglichkeiten: Hoster, MS-Online etc. Sicherer, stabiler und überwachbar. Verändern und installieren keine System-Files. Beeinträchtigen keine anderen Site-Collections. Kein Application Pool Recycling, separate Prozesse. Verwaltung delegiert zu Site-Collection Besitzer. Skalierbare Service-Architektur & Load-Balancing. Erweiterbar dank Validatoren und Full-Trust-Proxies. (Fast) keine komplexen CAS-Policies mehr. Erlauben SLA’s via Resource Quotas.

34 Vielen Dank für Ihre Aufmerksamkeit
Für mehr Informationen kontaktieren Sie bitte: Michael Hofer Solution Architect Tel Mobile 1stQuad Solutions Sonnenbergstrasse 32 8603 Schwerzenbach

35 Links & Ressourcen MSDN Other What‘s new: Sandboxed Solutions
Sandboxed Solution Considerations Plan for Sandboxed Solutions Sandboxed Solutions Architecture Configure a farm for Sandboxed Solutions Developing, Deploying and Monitoring Sandboxed Solutions Other Channel 9 Sandbox Solutions Videos SharePointDev Wiki – Sandboxed Solutions

36 Presentation_title dd/mm/yyyy, author_alias

37 Über mich Michael Hofer, 34 Jahre, Zürich, Schweiz
Presentation_title Über mich Michael Hofer, 34 Jahre, Zürich, Schweiz Mitbegründer 1stQuad Solutions «Spezialisten für Beratung, Software-Architektur und -Entwicklung sowie Schulungen rund um die Microsoft SharePoint Server Produkte & Technologien sowie Microsoft .NET.» Seit 7 Jahren „SharePoint“-All-Rounder Sprecher an verschiedenen Konferenzen und Events Kontakt: Blog: dd/mm/yyyy, author_alias

38 Resource Monitoring Processing
MS Confidential : SharePoint 2010 Developer Workshop (Beta1) Resource Monitoring Processing

39 Sandbox Solution Monitoring Case Study
Web Part in a sandbox solution executes 40 SQL queries (via the SharePoint OM) 20 SQL Queries = 1 point (default) Resource usage for this Web Part for the day: = (2 points * # of executions throughout the day) + other counters OOTB resource quota = 300, so one execution of this Web Part = 0.67% of site collection’s daily allocation

40 Timer Jobs Name Frequenz Beschreibung Solution Resource Usage Log Processing Alle 5 Minuten Extrahiert und aggregiert den Ressourcen-Verbrauch der Sandboxed Solutions aus den Log-Files. Solution Resource Usage Update Alle 15 Minuten Protokolliert den Ressourcen-Verbrauch der Sandboxed Solutions, schreibt Warn- s und blockiert wenn die tägliche Ressource-Quota überschritten wurde. Solution Daily Resource Usage Update Täglich Markiert die Tages-Grenze für die tägliche Ressourcen-Quota für Sandboxed Solutions je Site Collection. Hmm… Dann merkt SharePoint erst in 15 Minuten, wenn eine Sandboxed Solution über die Stränge schlägt!? …