Enabling High Availability in .Net Web Applications

Mohamed Nowshath
Nov 7 · 3 min read

High Availability is one of the major concerns when we architect or design a application. Making the applications highly available is also so easy with the help of the tools and software's available.

Read the Understanding High Availability & How to achieve it? to find what is high availability & things we do need to consider to make apps to be highly available.

High Availability Design — Image Courtesy (dzone.com)

When making your web applications highly available,we have to take care of only the two things.

  • Files (Uploaded Files & Logs)
    Files can be moved to the separate file server like S3, Azure Blob Storage etc.
  • Session State
    Session State can be stored on any databases, we will store that on the temporary storage (Redis Server).
  • IIS Encryption & Decryption
    Handling the Authentication ticket, Anti-forgery Tokens using Machine Key Configuration.

Storing session to the application database is not advisable, So if you are storing them on databases choose a different database or server.

Session on Redis

We will use the Microsoft.Web.RedisSessionStateProvider for storing the session in the Redis Server, this package will read the session and store the session in the any Redis server based on the configuration we provide.

Right click on the project and then choose Manage NuGet package and add Microsoft.Web.RedisSessionStateProvider.

<add name="MySessionStateStore"

This element will be added inside the sessionState providers section of the Web.config. Please do update the necessary configurations to connect to Redis server.

Do prefer connectionstring settings over other configurations as we can customize them easily.

<add name="MySessionStateStore" type="Microsoft.Web.Redis.RedisSessionStateProvider" connectionstring="http://rediserver.com:6379, abortConnect=false,ssl=true" accessKey=""/>

Please check the Microsoft.Web.RedisSessionStateProvider — Home Page for configuration and other details.

Logs on S3 or Database

For storing the files which is uploaded by the user, We use S3 for them. So we will use the same for the Application Logs, the logs will be written in the S3 Bucket inside a folder.

As we had used log4Net Package for logging, there is wrapper available for that to write logs on S3 named log4Net.Appender.Aws .

We can use the below configuration on the log4net config file or the Web.config for writing logs to S3.

S3 Appender & ADO.Net Appender Configurations

If you are not comfortable with S3, You can also write your logs on the Databases. The above gist has the configuration of both S3 & ADO.Net File appenders for log4net.

Machine Key Config

IIS automatically generates a cryptography key for each application and stores the key in the HKCU registry hive. Whenever the Form Authentication Ticket or Anti-forgery token is generated IIS uses this stored key to encrypt and decrypt the requests, Not only the above it also encrypts various other things like Membership, Role cookie, etc.

When we host our application into multiple servers each server will have a different key for the applications. Application goes for a Toss when a request authorized by one server becomes unauthorized as they have different keys for the encryption an decryption.

We have to generate those keys manually using the IIS Manager which will be updating the Web.config of the application looks like below.

<configuration>   
<system.web>
<machineKey decryption="Algorithm" validation="Algorithm" decryptionKey="Decryption key goes here" validationKey="Validation key goes here" />
</system.web>
</configuration>

Check the Setting Up Machine Key in the Reference section to find out how to set Machine Key using the IIS Manager.

References

IvyMobility Developers

Always seek knowledge.

Mohamed Nowshath

Written by

Continuous Learner (By Making Mistakes), Full Stack .Net Developer(I Do like other languages).

IvyMobility Developers

Always seek knowledge.

Welcome to a place where words matter. On Medium, smart voices and original ideas take center stage - with no ads in sight. Watch
Follow all the topics you care about, and we’ll deliver the best stories for you to your homepage and inbox. Explore
Get unlimited access to the best stories on Medium — and support writers while you’re at it. Just $5/month. Upgrade