Deploy da aplicação Web
Desenvolvi uma aplicação Web utilizando o webserver virtual do Visual Studio 2008. Agora preciso fazer o deploy da mesma para colocá-la no ar. Tenho um servidor com Windows 2003 e o IIS instalado. Quais são os arquivos que preciso copiar para a pasta do site do IIS?
Obrigado
Obrigado
Eduardo Pereira
Curtidas 0
Respostas
Fabio Mans
08/06/2009
Olá você pode colocar todos os arquivos na pasta, não tem problema, aspx e cs ou utilizar o Web Deployment project.
Abaixo vou deixar algumas dicas que copiei de um artigo.
Deixei em negrito os pontos importantes.
Tips for Deploying ASP.Net Application in Production
++++++++++++++++++++++++++++++++++++++++++++++++++++
One of my previous article Deploying ASP.Net Applications discussed about how to deploy asp.net applications in IIS. In this article, we will see some of useful tips that can help us in deploying application efficiently in production.
ComponentArt
Deploy application with debug="false"
When we develop asp.net application using Visual Studio, the default value for debug attribute is true. This setting will help developers to debug the application in development environment. For example, executing the application in this mode will not cache the resource files rendered by WebResources.axd handler. This prevents the need to clear the temporary cache every time when the developer needs to check the changes done. There will be other useful things done for developers for debugging like debug symbols, settings that will enable breakpoints etc. These setting will give a poor performance in production if released in the default debug mode (false).
So, never release your website with debug mode set to true. It should be set to false in web.config when moving to production.
<compilation debug=”false”/>
Disadvantages of debug = “true”
Ø Code execution will be slow.
Ø Compilation will be slow since batch compilation is disabled.
Ø Memory consumption is higher since there are additional debug symbols, etc.
Ø Resources downloaded with webresources.axd will not be cached.
Alternate will be <deployment retail=”true”/> in machine.config. If you are a server administrator, make this change in machine.config so that it will enforce the debug attribute in the application’s web.config to false. It also disables the page output tracing and the ability to show the detailed exception report to the remote users when there is an exception.
Read Scott Guthrie’s post about this,
http://weblogs.asp.net/scottgu/archive/2006/04/11/442448.aspx
Encrypt the Sensitive data in Web.Config
Sometimes, you will have some sensitive information stored on web.config. For example: SQL Userid and Password if you use SQL authentication to connect to database. Since, the information stored in web.config is clear text then it poses a security risk.
Even though, users can't access web.config file, it is still not safe because the server admins can still see the userid and password from web.config files. For example, in shared hosting environments. So, it will be better if we encrypt the connection string in web.config file in these scenarios.
Understanding this need, Microsoft introduced a new technique to encrypt and decrypt the Web.Config sections in Asp.Net 2.0. ASP.Net 2.0 has 2 providers for encrypting and decrypting config sections,
Ø RSA(RSAProtectedConfigurationProvider)
Ø DPAPI(DataProtectionConfigurationProvider)
To encrypt a connection string section,
protected void btnEncrypt_Click(object sender, EventArgs e)
{
Configuration config = WebConfigurationManager.OpenWebConfiguration(Request.ApplicationPath);
ConfigurationSection section = config.GetSection("connectionStrings");
if (!section.SectionInformation.IsProtected)
{ section.SectionInformation.ProtectSection("DataProtectionConfigurationProvider");
config.Save();
}
}
To use RSA algorithm, use RSAProtectedConfigurationProvider in the place of DataProtectionConfigurationProvider in the above code snippet.
Once encrypted, this section will have encrypted data which is not readable by humans.
The connection string can be still accessed in code by regular ways,
SqlConnection con = new SqlConnection(ConfigurationManager.ConnectionStrings["Sql"].ConnectionString);
To see back the original connection string we need to decrypt it.
To decrypt a connection string section,
protected void btnDecrypt_Click(object sender, EventArgs e)
{
Configuration config = WebConfigurationManager.OpenWebConfiguration(Request.ApplicationPath);
ConfigurationSection section = config.GetSection("connectionStrings");
if (section.SectionInformation.IsProtected)
{
section.SectionInformation.UnprotectSection();
config.Save();
}
}
Use App_Offline.htm to make application Offline
When performing an upgradation of an existing website and if you expect a downtime, then it will be good if we give a generic message to the users accessing the site at that time instead of an error.
The trick is, just include a HTML file called App_Offline.htm in the root directory and include some messages on the page. Anyone trying to access the site at that time will be presented with the content in the App_Offline.htm file. ASP.Net will shutdown the app domain and sends back the content of this html file instead for every request.
App_Offline.htm
<html xmlns="http://www.w3.org/1999/xhtml" >
<head>
<title>Untitled Page</title>
</head>
<body>
<h3>We are Upgrading!!! Please visit us later!!!</h3>
</body>
</html>
If the above page content is not showing up on your browser, then just do the following changes in your IE. Open IE > Tools >Internet Options> Advanced > Uncheck "Show Friendly Http error messages".
Use Web Deployment Project to Create Release files
Ø For Visual Studio 2005, the plug-in can be downloaded here.
Ø For Visual Studio 2008, the plug-in can be downloaded here.
Features of the Plug-in
The Web Deployment project will provide the following features for building and deploying ASP.NET Web sites:
1. ASP.NET 2.0 precompilation as part of the build process.
2. More flexible options for generating compiled assemblies from a Web project, including these alternatives:
Ø A single assembly for the entire Web site.
Ø One assembly per content folder.
Ø A single assembly for all UI components.
Ø An assembly for each compiled file in the Web site.
3. Assembly signing options.
4. The ability to define custom pre-build and post-build actions.
5. The ability to exclude folders from the build.
6. The ability to modify settings in the Web.config file, such as the <connectionString> element, based on the Visual Studio build configuration.
7. Support for creating .msi files with setup projects.
Abaixo vou deixar algumas dicas que copiei de um artigo.
Deixei em negrito os pontos importantes.
Tips for Deploying ASP.Net Application in Production
++++++++++++++++++++++++++++++++++++++++++++++++++++
One of my previous article Deploying ASP.Net Applications discussed about how to deploy asp.net applications in IIS. In this article, we will see some of useful tips that can help us in deploying application efficiently in production.
ComponentArt
Deploy application with debug="false"
When we develop asp.net application using Visual Studio, the default value for debug attribute is true. This setting will help developers to debug the application in development environment. For example, executing the application in this mode will not cache the resource files rendered by WebResources.axd handler. This prevents the need to clear the temporary cache every time when the developer needs to check the changes done. There will be other useful things done for developers for debugging like debug symbols, settings that will enable breakpoints etc. These setting will give a poor performance in production if released in the default debug mode (false).
So, never release your website with debug mode set to true. It should be set to false in web.config when moving to production.
<compilation debug=”false”/>
Disadvantages of debug = “true”
Ø Code execution will be slow.
Ø Compilation will be slow since batch compilation is disabled.
Ø Memory consumption is higher since there are additional debug symbols, etc.
Ø Resources downloaded with webresources.axd will not be cached.
Alternate will be <deployment retail=”true”/> in machine.config. If you are a server administrator, make this change in machine.config so that it will enforce the debug attribute in the application’s web.config to false. It also disables the page output tracing and the ability to show the detailed exception report to the remote users when there is an exception.
Read Scott Guthrie’s post about this,
http://weblogs.asp.net/scottgu/archive/2006/04/11/442448.aspx
Encrypt the Sensitive data in Web.Config
Sometimes, you will have some sensitive information stored on web.config. For example: SQL Userid and Password if you use SQL authentication to connect to database. Since, the information stored in web.config is clear text then it poses a security risk.
Even though, users can't access web.config file, it is still not safe because the server admins can still see the userid and password from web.config files. For example, in shared hosting environments. So, it will be better if we encrypt the connection string in web.config file in these scenarios.
Understanding this need, Microsoft introduced a new technique to encrypt and decrypt the Web.Config sections in Asp.Net 2.0. ASP.Net 2.0 has 2 providers for encrypting and decrypting config sections,
Ø RSA(RSAProtectedConfigurationProvider)
Ø DPAPI(DataProtectionConfigurationProvider)
To encrypt a connection string section,
protected void btnEncrypt_Click(object sender, EventArgs e)
{
Configuration config = WebConfigurationManager.OpenWebConfiguration(Request.ApplicationPath);
ConfigurationSection section = config.GetSection("connectionStrings");
if (!section.SectionInformation.IsProtected)
{ section.SectionInformation.ProtectSection("DataProtectionConfigurationProvider");
config.Save();
}
}
To use RSA algorithm, use RSAProtectedConfigurationProvider in the place of DataProtectionConfigurationProvider in the above code snippet.
Once encrypted, this section will have encrypted data which is not readable by humans.
The connection string can be still accessed in code by regular ways,
SqlConnection con = new SqlConnection(ConfigurationManager.ConnectionStrings["Sql"].ConnectionString);
To see back the original connection string we need to decrypt it.
To decrypt a connection string section,
protected void btnDecrypt_Click(object sender, EventArgs e)
{
Configuration config = WebConfigurationManager.OpenWebConfiguration(Request.ApplicationPath);
ConfigurationSection section = config.GetSection("connectionStrings");
if (section.SectionInformation.IsProtected)
{
section.SectionInformation.UnprotectSection();
config.Save();
}
}
Use App_Offline.htm to make application Offline
When performing an upgradation of an existing website and if you expect a downtime, then it will be good if we give a generic message to the users accessing the site at that time instead of an error.
The trick is, just include a HTML file called App_Offline.htm in the root directory and include some messages on the page. Anyone trying to access the site at that time will be presented with the content in the App_Offline.htm file. ASP.Net will shutdown the app domain and sends back the content of this html file instead for every request.
App_Offline.htm
<html xmlns="http://www.w3.org/1999/xhtml" >
<head>
<title>Untitled Page</title>
</head>
<body>
<h3>We are Upgrading!!! Please visit us later!!!</h3>
</body>
</html>
If the above page content is not showing up on your browser, then just do the following changes in your IE. Open IE > Tools >Internet Options> Advanced > Uncheck "Show Friendly Http error messages".
Use Web Deployment Project to Create Release files
Ø For Visual Studio 2005, the plug-in can be downloaded here.
Ø For Visual Studio 2008, the plug-in can be downloaded here.
Features of the Plug-in
The Web Deployment project will provide the following features for building and deploying ASP.NET Web sites:
1. ASP.NET 2.0 precompilation as part of the build process.
2. More flexible options for generating compiled assemblies from a Web project, including these alternatives:
Ø A single assembly for the entire Web site.
Ø One assembly per content folder.
Ø A single assembly for all UI components.
Ø An assembly for each compiled file in the Web site.
3. Assembly signing options.
4. The ability to define custom pre-build and post-build actions.
5. The ability to exclude folders from the build.
6. The ability to modify settings in the Web.config file, such as the <connectionString> element, based on the Visual Studio build configuration.
7. Support for creating .msi files with setup projects.
GOSTEI 0
Eduardo Pereira
08/06/2009
Ok eu vou ver se consigo como descrito no artigo que vc me mandou.
Mas na pasta bin são gerados vários arquivos. Pelo que vc me disse basta colocar os mesmos arquivos e estrutura da pasta bin na pasta do IIS?
Mas na pasta bin são gerados vários arquivos. Pelo que vc me disse basta colocar os mesmos arquivos e estrutura da pasta bin na pasta do IIS?
GOSTEI 0
Fabio Mans
08/06/2009
O seu projeto é Web Site ou Web Project?
Se for Web Site não tem muitas dll´s, somente as referências, agora se for Web Project faça o Deploy conforme o artigo indica.
Fabio
GOSTEI 0
Eduardo Pereira
08/06/2009
Ok
Vou ver se consigo conforme o artigo.
Obrigado.
Vou ver se consigo conforme o artigo.
Obrigado.
GOSTEI 0
Fabio Mans
08/06/2009
Você não responde, o seu projeto é Web Site ou Web Project?
GOSTEI 0
Eduardo Pereira
08/06/2009
Desculpe eu não tinha entendido sua pergunta
O meu projeto é um WebProject
O meu projeto é um WebProject
GOSTEI 0
Fabio Mans
08/06/2009
Neste caso você pode fazer o Deploy de toda aplicação, caso seu servidor seja interno não tem problema. Caso veja necessidade faça o Deploy utilizando o Web Deployment.
Fabio
Fabio
GOSTEI 0
Eduardo Pereira
08/06/2009
Ok vou fazer dessa forma.
Obrigado.
Obrigado.
GOSTEI 0
Devmedia
08/06/2009
Eduardo,
a resposta do consultor foi suficiente? Podemos encerrar o chamado?
a resposta do consultor foi suficiente? Podemos encerrar o chamado?
GOSTEI 0
Eduardo Pereira
08/06/2009
Ok
Funcionou conforme o artigo
Pode fechar o chamado. Obrigado.
Funcionou conforme o artigo
Pode fechar o chamado. Obrigado.
GOSTEI 0