|By Charlie Arehart||
|January 9, 2002 12:00 AM EST||
Are you a CF Server administrator? Or a developer with an interest in knowing how your server is configured and managed? Are you aware of all that should be done to keep the server running well - or all that could be done to make the most of it?
One View of CF Administration
In this two-part article we'll look at some of the things CF administrators should be paying attention to, as well as some of the things they should take advantage of but may not have noticed. We'll discuss aspects of managing the server that extend beyond the CF Administrator interface, including tasks for keeping the server environment healthy and running effectively.
What this will not be is a boring review of each page in the CF Administrator, nor will we get bogged down in trivialities like how to create a data source. The Macromedia ColdFusion manuals (and online help in the Administrator) do a fine job of providing that sort of "reference" material. (If you haven't read the manuals in CF5, they've improved and there's now context-sensitive help within the Administrator. More on that later.)
Instead, this article brings up a variety of topics that should interest a typical CF administrator. Some topics will revolve around settings in the Administrator, while others involve tasks outside that interface (and some not specific to ColdFusion). We'll look at all these from the perspective of two broad categories, performance and security.
We'll include some key reminders and hidden tips, with a summary of these presented at the end of Part 2 for easy reference. I'll conclude the article with a discussion of where to learn more about these things and how to stay updated on changes (new features, fixes, bugs, etc.).
No single article could be all encompassing with regard to administering a CF Server. With two administration books in the Macromedia CF 5 documentation and all the online help now supplementing that, there's certainly a lot I could cover. And there's still more to the role that involves tasks not even documented in the manuals. My hope here is to at least raise some key points, perhaps highlighting important aspects you may have missed, leaving you to investigate them further.
If you think I've left out something substantial, please use the comment feature at the online version of this article on www.sys-con.com/coldfusion/. Better still, consider writing an article to expand on any topic of interest.
Before exploring the technical aspects of managing a CF Server, let's clarify that different people will have very different perspectives on what the job entails. It can either be a daunting and time-consuming chore or a trivial afterthought, depending on many things. These include the number of applications running and their complexity, the volume of traffic from site visitors, and your skills as an administrator and those of the developers working in the environment.
The nature of the server environment also influences what the role entails. A corporate environment running a single application is quite different from one that supports apps for several departments, which is different again from a hosted environment running a shared server with dozens of apps.
Indeed, there is a wide variety of potential audiences for a discussion of administrator topics. You could be:
That last role opens the potential audience for this topic far beyond just administrators. Indeed, I hope all developers will read on and continue to learn more about administering a CF Server. There really are a lot of configuration settings and tasks to be handled by an administrator that can affect your programming abilities.
Before moving on, let's clarify that if you are responsible for administering a server remotely, you can run the Web-based CF Administrator interface by way of the http://<servername>/CFIDE/Administrator/ index.cfm. You'll be prompted for a password that's set at the installation of CF (or that can be changed within the Administrator, as we'll discuss in Part 2). Figure 1 shows the Administrator interface as of ColdFusion 5.
For security reasons, you may want to restrict access to the Administrator beyond the simple built-in password protection with either Web server or operating system security. (The Knowledge Base article on this topic, ID 10954, and any other KB article discussed here can be found at www.allaire.com/support/knowledgebase/searchform.cfm [the form for searching by KB ID is at the bottom of the page]).
A Variety of Administration Settings and Tasks
We can classify administration settings and tasks in a number of ways. The Administrator interface breaks tasks down into many categories, but for the sake of this article - and in the hope of helping to make things a little clearer for the newcomer or itinerant administrator - I've broken them into the following groupings:
I hope anxious readers interested in performance and security won't skip the next section on developer-oriented tasks. While such features may seem less important to you, they're very important to your developers and may not be that obvious.
Developer-Oriented Settings and Tasks
Most developers will be familiar with at least one task that a CF administrator must perform, and many administrators may (dangerously) limit their activities to only this: managing data sources. It's a vital task for CF developers since it's hard - though not impossible - to do much query-based application development without a data source.
Notice that I say "not impossible," because a new feature of CF5, the DBTYPE=" dynamic" and ConnectString attri-butes of CFQUERY, allow access to a database without a defined data source. That's something that will surprise many developers (and administrators).
Indeed, one of the main points I'd like to raise in this article is that there may be aspects of managing a CF server that would surprise both developers and administrators. CF is constantly changing, and many administrators limit their activity to only the bare necessities - or just those things that the developers on the server ask about. It's good for developers to know what they can ask for, and for administrators to know of things that developers can do (like that dynamic data source capability) if the administrator is not paying careful attention.
Because of the potential for abuse, it's also one of the many things that can be restricted by an administrator, along with nearly a dozen tags; in Part 2 we'll discuss what CF calls "basic" security.
Getting back to the subject of data sources in general and connection strings in particular, another new facet of CF5 is that connection strings can also now be entered in the data source definition. This can help solve the problems of connecting with some database servers as well as provide connection attributes not otherwise supported in the Administrator interface.
Creating data sources is covered in much more detail in the new CF5 Administrator manuals, including such subjects as creating optimal definitions for particular databases and drivers, using OLE DB as an alternative to ODBC where appropriate, using the new Merant Wire Protocol drivers in CF5, and using native drivers.
Accessing Remote Data Sources from Your LocalHost Server
Before leaving the subject, I'd like to point out a couple of topics that may interest developers who have their own local copies of CF Server, but are working in an environment with remote or LAN-based database servers. You probably write your code to leverage data sources defined on the central CF Server where you deploy your code, but you may be able to define a data source on your local CF Server.
This can be very helpful not only for testing your code locally, but also for accessing CF Studio's ability to view a database, its structure and data, and use Studio's query builder against it. You may not have RDS access to that remote CF Server, but it's generally pretty easy to set up RDS access to your own local server. With data source definitions on your local server pointing to remote databases, you can get to that database and perhaps avoid bothering with a remote RDS connection.
Also, note that if you want to connect to databases using native drivers (part of the Enterprise version of ColdFusion) you need to install the appropriate client drivers for the intended DBMS. This is covered in detail in CF 5's Advanced CF Administration book.
Various Developer-Related Settings
Several other administration matters relate to how developers can perform their work on the server. They include managing:
If you're not familiar with each of these capabilities, your developers may not be getting the most from the programming capabilities of ColdFusion so you should learn more about these settings. There have been several CFDJ articles on each of these subjects (including Java configuration settings and CFXs, setting up debugging and error handling, and managing Verity collections).
A few other aspects of Administrator settings relate to enforcing software quality checks on developers. These include a strict attribute validation feature (which is related to some changes introduced in Release 4) and the persistent memory variable locking support that can either check that all needed locks are provided in code, automatically enable read-only locks where appropriate, or turn on single-threaded sessions.
The last one eliminates any risk of concurrent updates to a given user's session scope by multiple browser requests from a single user. These can occur as a result of a framed page, a user having multiple browser windows open or refreshing a page before it's completed, or from two users sharing the same session (whether through coding mistakes or subversion).
There are also a handful of other settings in the remaining categories that can influence developers and their programming. Let's move on to the performance-oriented category.
Performance-Oriented Settings and Tasks
While CF is easy to install and administer, there are many default settings in the Administrator that may not best serve your environment. You should thoroughly understand and investigate the following settings. Many of them could have a significant impact on existing applications, so use care when changing them. Some of the settings are self-explanatory, but each is explained in the "Installing and Configuring CF Server" manual (or related manual in previous releases). In some cases, I offer some information or recommendations that may not be self-evident. The settings include:
Other performance features of the administrator include:
A couple of less obvious settings may also influence performance. Be careful setting the probe intervals (how often a probe fires, if probes are enabled) as well as the scheduler refresh interval (how often CF looks to see if scheduled tasks are ready to run). If either is set lower than you really need, you're asking CF and related services to perform more work than necessary. Another less obvious matter is that of taking care to repair, optimize, and perhaps purge Verity collections, as appropriate.
Besides these global settings, there are a couple of data source-specific settings that can also have an effect on performance, including "limit connections" and "maintain database connections," which are both set with the "CF Settings" button during data source definition. A performance-related choice is whether to use either OLEDB, native, or the new Merant drivers where appropriate.
Non-Administrator Performance Tasks
I had said that the article wouldn't be a review of the pages in the Administrator, but that was certainly a review of many settings controlled by the Administrator. There are several other aspects of managing a CF Server that can influence performance. Some require active involvement, while others are built-in enhancements in CF. Among the latter are CF5's improved internal performance, reduced memory footprint, and better memory management. Similarly, CF5 adds SNMP (or MIB) support that facilitates viewing of CF performance information within centralized IT management products, as well as enhanced hardware load-balancing integration.
Indeed, if you have a very high traffic site, you should consider either hardware- or software-based load balancing. Since Release 4, the Enterprise version of ColdFusion has had software-clustering capability available with its integrated Bright Tiger support. Both types of load-balancing (and failover) features are discussed at length in the advanced ColdFusion Admin manual.
Another (perhaps less scalable) way to support larger traffic loads is CF's available "distributed mode." Discussed thoroughly in the Release 4 CF Administration manual or available in a PDF for download via KB 21966, this feature enables a CF Server to run on a server that's separate from the Web server, or indeed for several Web servers to share a single CF Server.
Whether you use clustering or any other means of distributing CF Server requests, another widely regarded truism is that you should not install multiple servers (such as CF Server, database servers, or a mail server) on the same physical box. The operating system and each service will perform much better when fewer services are contending for limited resources (CPU, memory, and disk processing).
Many other facets of performance are more specific to your particular server operating system. Again, the Knowledge Base comes to the rescue in article ID 1172, "Platform-Specific Performance Settings." It's from 1999 but still timely in many ways.
Before leaving the subject of performance-related settings and tasks, there are some additional logs that you should monitor to ensure both the performance and stability of the server environment. You may not notice them because they're not CF logs, per se. They're installed in support of the new CF5 graphing feature and - in the Enterprise version of CF - the aforementioned archive, reporting, probe, and monitoring features. Each of these is enabled by way of an embedded instance of Macromedia's JRun Java Server engine. While there's not much you can (or should) do with respect to these embedded JRun Servers, be aware that they each create their own logs in the CFUSION\ jrun\logs directory, which you should monitor.
There's also a known problem with the management service that can cause the server on which it (and the corresponding CF Server) is installed to run to 100% CPU utilization, thus locking the server. There's a fix in the form of a patch available from Macromedia, and that leads nicely to our last topic.
Learning More, Staying Updated
Even the most well-informed and savvy CF administrators can't rest on their laurels. There are always new Knowledge Base articles, security bulletins, and patches (or hot fixes) released to help keep your server running in top form. It's incumbent upon you as a CF administrator to keep abreast of these changes and notices. In some instances (the case of security bulletins), there's a notification service you can join to be informed as soon as they're released.
Regarding patches (or hot fixes), they're a relatively new phenomenon. Previously, most changes to CF were introduced in point releases. With the availability of patches (software updates related to specific problems), we can get targeted resolutions to problems more quickly. The only challenge is finding if they're available. They're discussed in KB 20371. It's up to you to keep an eye out for them. (You may hear about them more quickly if you join a mailing list of other CF enthusiasts, discussed in a moment.)
In the case of Knowledge Base articles, the location for finding them was mentioned before. One trick you may want to use to stay up to date on the latest KB articles is to visit the site, choose a product of interest (CF, Studio, JRun, etc.) and perform a search with no keywords. That will provide a list of the latest articles in order, with the most recent first. Since new ones aren't released that often, this is a simple way to keep up on the latest news for each product.
As for security bulletins, Macromedia does an admirable job of keeping us informed of issues (even ones that aren't CF problems specifically but may affect users of related software such as IIS). The bulletins are offered at www.allaire.com/security/, and again you can sign up on the "notification service" to be informed of any bulletins.
RTFM - Read the "Fine" Manuals
I've mentioned the CF documentation several times. It's really amazing how many people either program with or administer CF without ever reading the manuals. It's a testament, perhaps, to how easy both programming and managing a CF Server can seem, but in both cases failing to read the docs can lead to unexpected problems as well as missed opportunities.
For instance, did you know that the Verity K2 Server brings more than just improved performance and scalability for indexing and searching data? It also adds features for indexing and searching XML documents based on stylesheets, as well as features for spidering/crawling through documents to find referred documents, etc. These are covered in Chapters 7 and 8 of the "Advanced CF Admin" manual. But if you never bothered to look at the manuals, you probably wouldn't know about them.
Another surprise may come from learning that both Windows NT and Windows 2000 Professional have built-in limitations that may make them unsuitable for supporting even medium-traffic sites. They both support only 10 concurrent TCP/IP connections. (It's discussed on page 5 of "Installing and Configuring CF Server.")
The good news for administrators is that a copy of the paper documentation is provided with the purchase of the server. For developers, this means that often the docs sit on the shelf of an administrator who may not care to read the manuals. The good news for developers (or anyone interested in obtaining the manuals) is that Macromedia sells the complete set (both administration and programming manuals) for only $50.
Dead trees aren't the only medium for reading the manuals. They're available online within the CF Server at http://<yourserver>/CFDOCS/do chome.htm (unless they weren't installed, as recommended in KB 16258 for production servers). This HTML format is also fully searchable.
If you don't have them installed locally, you can now view them online (and even read/add comments to them) at http://livedocs.allaire.com.
You can also download PDF versions from www.allaire.com/developer/documentation/coldfusion.cfm.
Remember, too, that in CF5, beyond the two administration manuals, there's also a great deal of context-sensitive help within the CF Administrator. Indeed, there's a lot to be found in that Administrator Help that's not documented in either of the administrator manuals (which will surprise anyone who relies solely on those books for information). If you'd like to see those help files outside the Administrator interface, they're at http://<yourserver>/CFIDE/Administrator/help/cfadminhelp.htm.
There's still more documentation that you may want to know about as a CF administrator. In addition to the "Advanced CF Admin" manual's coverage of Verity K2 Server and Merant database drivers, there are separate manuals for each installed on the CF Server. The former is discussed in KB 21648 and the latter is at cfusion/bin/odbcref.pdf and odbcsupp.pdf.
Other Information Sharing Resources
Finally, you should do more than rely on your own experience and the manuals to get you through the job of administering a CF Server. As has been said, things are frequently changing and there's also lots more to the task than could be covered in this article. As was also alluded to earlier, there are mechanisms for staying in touch with others who share your pain.
There are many mailing lists including CF-Talk and others run from www.houseoffusion.com, our own CFDJ list run from www.sys-con.com/coldfusion/, CF lists at http://p2p.wrox.com (under Macromedia), as well as lists run by various CF user groups and those available at various CF-oriented e-zines like defusion.com.
Besides mailing lists, many of these sites also run Web-based discussion forums. The granddaddy of them all (in the CF world) is the ColdFusion forums, available at http://forums.allaire.com/coldfusion/. While not to be relied upon as a tech support resource for urgent problems, it's monitored by both Macromedia staff and enthusiastic CF supporters who help each other solve both common and unusual problems.
It's easy to feel alone and perhaps lost when facing the task of managing a CF Server. I hope these numerous resources for continuous learning and notification, as well as the hints in the article, will help you feel more confident about your role. I hope they'll also motivate you to explore the possibilities for maximizing the administration of your CF Server to improve things both for you and the community of developers on your server.
In Part 2, we'll conclude with a review of the remaining two categories of administrative settings and tasks. The main focus will be security: both ColdFusion Basic and Advanced and what they can allow or restrict, as well as other security facets of administering a CF Server. I'm confident that many will be surprised by some of the possibilities.
Till then, take care and good luck reviewing your own administration role. And again, please share your feedback either online or via my e-mail address, email@example.com.
- Where Are RIA Technologies Headed in 2008?
- The Next Programming Models, RIAs and Composite Applications
- AJAX World RIA Conference & Expo Kicks Off in New York City
- Constructing an Application with Flash Forms from the Ground Up
- Building a Zip Code Proximity Search with ColdFusion
- Personal Branding Checklist
- CFEclipse: The Developer's IDE, Eclipse For ColdFusion
- Has the Technology Bounceback Begun?
- Adobe Flex 2: Advanced DataGrid
- i-Technology Viewpoint: We Need Not More Frameworks, But Better Programmers
- Web Services Using ColdFusion and Apache CXF
- Passing Parameters to Flex That Works