Thursday, September 22, 2011
Monday, September 12, 2011
How to do a good health check part 2
In my first post you could read about the health check around network and updates provided by Microsoft and other manufactures, IBM, HP Dell and so on.
This part is more related to how to health check BizTalk itself. How to set it up correctly.
The Host separation policy
BizTalk solutions typically consist of executable artifacts - receive locations, pipelines, orchestrations, send ports, and so on. BizTalk hosts provides a way to logically group these artifacts and allow you to instance each host on one or more BizTalk Servers. A Host instance represents a physical run time windows service or process running on a BizTalk. This gives you a very flexible solution to host BizTalk application components, there are many factors which should be taken into account when distributing your applications across hosts.
-Performance
- When you create a new host a set of dedicated databases tables is provisioned in the BizTalk databases. In the BizTalkMsgBoxDB they act as the work queues for that host. This can help to gain low latency situations by creating multiple queues for different workloads, thus presenting messages with low latency requirements getting delayed behind large batches of none "time-critical messages".
- Each host instance has its own set of system resources such as memory threads and handles in the .NET thread pool. Instead of hosting all executable artifacts in a single host i can be beneficial to spread the load across multiple hosts.
- BizTalk throttling is implemented on the host level. You may experience that you need to set a specific throttling parameter in order to control individual artifacts. If you need to do this I would recommend you to separate artifacts across different hosts so that you don't apply unnecessary throttling to all artifacts.
- Its recommended to separate reviving, orchestration, sending and tracking functionality into separate hosts. This will help you to manage and scale each type of processing independently. IF you want to stop all reviving or all orchestration processing. Or adding additional servers to the BizTalk group to handle dedicated orchestration processing only.
- You should also have hosts for application that only can run on one server, POP3, FTP, MSMQ receive. These hosts should be grouped and clustered in the BizTalk console· All others can remain in hosts which supports multiple running host instances.
- Separation application processing across hosts ultimately leads to a multiple runtime processes hosting you applications. As BizTalk can host custom written components (all custom components you have), host separation can be used to provide process isolation and protection. If you experience instability in any custom components, you should isolate them into their own BizTalk host. This should be done to prevent the instability to affect other applications.
- Security
- Each BizTalk host is assigned to a windows group which is used to give the host permission to specific tables in the BizTalk database. This is important when dealing with highly sensitive data.
- Certificates can be utilized in BizTalk for message signing and encryption. This settings is assigned in the host level and therefore you may need to separate hosts in order to represent different identities.
- All host instances are assigned wit ha service account to run under. Access to external systems is often a requirement for this account in order to process outbound messages through the adapters.
Set up a dedicated tracking host
Any hosts that hosts tracking is responsible for moving the DTA and BAM tracking data from the MessageBox database to the BizTalk Tracking (DTA) and BAM Primary Import databases. The moment of tracking data has an impact on the performances of other BizTalk artifacts running on the same host that is hosting tracking. Therefor you should have a dedicated host that does nothing but tracking.
To use a dedicated host for tracking also allows you to stop other hosts without interfering with the BizTalk server tracking. The movement of tracking data out of the MessageBox database is critical for healthy systems. IF the BizTalk host is responsible for moving the tracking data in the BizTalk group is stopped, the Tracking data decode service will not run. Impacts of this is:
- HAT tracking data will not be moved from the MessageBox to the BizTalk Tracking database. Same goes for BAM tracking data, this will not be moved to BAM Primary Import database.
- Because data is not moved, it cannot be deleted from the BizTalkMsgBoxDb.
- When the tracking data decode service is stopped, tracking interceptors will still write tracking data to the MessageBox database. IF the data is not moved, this will cause the MessageBox database to become enormous. which will impact performance over time.
- It is also important for security to have a dedicated tracking host, since the tracking host has access to all the messages across the message box database.
- Turn of tracking on all other hosts, they will still write tracking but they wont have read access.
Isolated Adapter per Application Pool
An application pool which hosts an isolated adapter represents the physical implementation of an isolated host instance. This means that the application pool (w3wp.exe process) becomes an instance of BizTalk because the isolated adapter loads the BizTalk runtime components into the process to perform message processing. BizTalk only supports a single isolated adapter per application pool.
Remove unnecessary BizTalk items, components and settings
It is important to keep a clean environment. Remove old receive locations, send ports and applications that are no longer in use. Artifacts which only were used during testing and development should be removed. The output from the BizTalk Documenter tool can be used for this.
The BizTalk configuration file
BizTalk runtime process is like other .NET applications and have configuration files that can be used to control certain application behaviors. They control runtime validation, orchestration dehydration and provide custom application settings for custom .NET components hosted in BizTalk
BizTalk Registry Key Validation
BizTalk stores a variety of configuration data in the windows registry. This data can have an impact on the behavior of the BizTalk runtime processes and associated services. There is one specific area area which is recommended to tune for the default registry values and these control the .NET thread pool used by BizTalk. You can find the values here:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BTSSvc$hostname\CLR Hosting
I will add more information in part 3 to 5. There is a lot to go trough and as said earlier, I don't want to spoil it all by giving away everything immediately (plus there is a lot to read).
Thursday, September 8, 2011
How to do a good BizTalk Healthcheck part 1
As many of my friends know, my biggest interest is tuning and maintaining a BizTalk environment.
I made this list to make it easier for people to do a good health check. I would advise people to do the run at least once every 6th month. Calling Microsoft "in" to do the job is also recommended if you don't feel safe to do it yourself.. There are also many MVP's to help you out. You are also free to contact me. And i need to mention that i have been working with BizTalk 2006 R2 mostly so this guide is for BizTalk 2k6 and 2k6 R2, but can also be used for newer versions.
If you see something i dont have here, please feel free to leave me a comment.
Patching:
- What are the routines to install windows critical updates.
Good routines are critical.
-You should also run the Microsoft Baseline Security Analyzer (MBSA) on the servers Both SQL and Biztalk server. This is to identify and inconsistencies between the deployed updates and the current list of recommended updates
- Update COM+ and MSDTC.
Both COM+ and MSDTC are used by BizTalk, patches and hotfixes for these services often provide hotfixing to improve tuning and stability.
General Network
- DTCPing of all the servers
There should be no packets lost during this ping.
- Transfer 100mb data
if you have a 1gb network the response should be 5 seconds or faster (average between 3-5 seconds). Do to all the servers. If you are running a 100mb network up to 20 seconds is within the accaptable transfer rate (average is around 8 - 10 second)
- Pathping
Do a pathping from the BizTalk server to all the SQL servers ("pathping
- TCP/IP porth Echaustion
Troubleshoot to see if you are using less then 3000 ephemeral ports. TO do the counting write the following command on the BizTalk Servers "netstat -ano -p tcp" Count the number of unique Local Address TCP ports open above 1024 for each IP adresse. Using TCPView tool makes this is a lot easier.
- DBNETLIB Exceptions
Avoid this, DBnetLib (Database Network Library). The most common error when this occurs is when one of the BizTalk MessageBox becomes extremely busy. Attempts to communicate with the busy MessageBox database results in a timeout. Look for 5410 errors in the EventLog. (example of error message:
Event Type: Warning
Event Source: BizTalk Server 2006 R2
Event Category: BizTalk Server 2006 R2
Event ID: 5410
Computer:
Description:
An error occurred that requires the BizTalk service to terminate. The most common causes are the following: 1) An unexpected out of memory error. OR 2) An inability to connect or a loss of connectivity to one of the BizTalk databases. The service will shutdown and auto-restart in 1 minute. If the problematic database remains unavailable, this cycle will repeat.
This is only a check for the BizTalk servers that have a direct connection to the internet such as those residing in a perimeter network hosting HTTP and SOAP adapters If the BizTalk servers reside in a vulnerable network location then check to ensure any internet/public facing network adapters have NetBIOS over TCP/IP disabled
Server general
-Time sync
Its vital that the time is synchronized between the BizTalk server, and SQL server. Check to see if the time is within the valid synchronization by typing the following command in command prompt "w32tm /stripchart /computer" to resynchronized the clocks type the following in the command prompt window "w32tm /resync /computer "
- BIOS Version
BIOS should be updated, this is because the releases from the manufactures can provide better satbilitet, and network related performance.
- Update the Certificate RevocationListUpdates
If it takes a long time to start up a BizTalk server it may be because you don't have access from the BizTalk server to reach the microsoft.com domain. You might get some startup issues because the .NET framework will try to download the Certificate Revocation LIST (CRL) from microsoft.com. You can update your servers manually by following these two links: http://crl.microsoft.com/pki/crl/products/CodeSignPCA.crl and
http://crl.microsoft.com/pki/crl/products/CodeSignPCA2.crl
I will come to more related to the BizTalk Server Configuration later. I dont want to spoilt it all by giving you everything at once.
Check part 2
I made this list to make it easier for people to do a good health check. I would advise people to do the run at least once every 6th month. Calling Microsoft "in" to do the job is also recommended if you don't feel safe to do it yourself.. There are also many MVP's to help you out. You are also free to contact me. And i need to mention that i have been working with BizTalk 2006 R2 mostly so this guide is for BizTalk 2k6 and 2k6 R2, but can also be used for newer versions.
If you see something i dont have here, please feel free to leave me a comment.
Patching:
- What are the routines to install windows critical updates.
Good routines are critical.
-You should also run the Microsoft Baseline Security Analyzer (MBSA) on the servers Both SQL and Biztalk server. This is to identify and inconsistencies between the deployed updates and the current list of recommended updates
- Update COM+ and MSDTC.
Both COM+ and MSDTC are used by BizTalk, patches and hotfixes for these services often provide hotfixing to improve tuning and stability.
General Network
- DTCPing of all the servers
There should be no packets lost during this ping.
- Transfer 100mb data
if you have a 1gb network the response should be 5 seconds or faster (average between 3-5 seconds). Do to all the servers. If you are running a 100mb network up to 20 seconds is within the accaptable transfer rate (average is around 8 - 10 second)
- Pathping
Do a pathping from the BizTalk server to all the SQL servers ("pathping
- TCP/IP porth Echaustion
Troubleshoot to see if you are using less then 3000 ephemeral ports. TO do the counting write the following command on the BizTalk Servers "netstat -ano -p tcp" Count the number of unique Local Address TCP ports open above 1024 for each IP adresse. Using TCPView tool makes this is a lot easier.
- DBNETLIB Exceptions
Avoid this, DBnetLib (Database Network Library). The most common error when this occurs is when one of the BizTalk MessageBox becomes extremely busy. Attempts to communicate with the busy MessageBox database results in a timeout. Look for 5410 errors in the EventLog. (example of error message:
Event Type: Warning
Event Source: BizTalk Server 2006 R2
Event Category: BizTalk Server 2006 R2
Event ID: 5410
Computer:
Description:
An error occurred that requires the BizTalk service to terminate. The most common causes are the following: 1) An unexpected out of memory error. OR 2) An inability to connect or a loss of connectivity to one of the BizTalk databases. The service will shutdown and auto-restart in 1 minute. If the problematic database remains unavailable, this cycle will repeat.
-NetBIOS over TCP/IP
This is only a check for the BizTalk servers that have a direct connection to the internet such as those residing in a perimeter network hosting HTTP and SOAP adapters If the BizTalk servers reside in a vulnerable network location then check to ensure any internet/public facing network adapters have NetBIOS over TCP/IP disabled
Server general
-Time sync
Its vital that the time is synchronized between the BizTalk server, and SQL server. Check to see if the time is within the valid synchronization by typing the following command in command prompt "w32tm /stripchart /computer
- BIOS Version
BIOS should be updated, this is because the releases from the manufactures can provide better satbilitet, and network related performance.
- Update the Certificate RevocationListUpdates
If it takes a long time to start up a BizTalk server it may be because you don't have access from the BizTalk server to reach the microsoft.com domain. You might get some startup issues because the .NET framework will try to download the Certificate Revocation LIST (CRL) from microsoft.com. You can update your servers manually by following these two links:
http://crl.microsoft.com/pki/crl/products/CodeSignPCA2.crl
I will come to more related to the BizTalk Server Configuration later. I dont want to spoilt it all by giving you everything at once.
Check part 2
Subscribe to:
Posts (Atom)