You will be redirected in 30 seconds or close now.

ColdFusion Authors: Yakov Fain, Jeremy Geelan, Maureen O'Gara, Nancy Y. Nee, Tad Anderson

Related Topics: ColdFusion

ColdFusion: Article

Toward Better CF Server Administration Part 1 of 2

Toward Better CF Server Administration Part 1 of 2

Are you a CF Server administrator? Or a developer with an interest in knowing how your server is configured and managed? Are you aware of all that should be done to keep the server running well - or all that could be done to make the most of it?

One View of CF Administration
In this two-part article we'll look at some of the things CF administrators should be paying attention to, as well as some of the things they should take advantage of but may not have noticed. We'll discuss aspects of managing the server that extend beyond the CF Administrator interface, including tasks for keeping the server environment healthy and running effectively.

What this will not be is a boring review of each page in the CF Administrator, nor will we get bogged down in trivialities like how to create a data source. The Macromedia ColdFusion manuals (and online help in the Administrator) do a fine job of providing that sort of "reference" material. (If you haven't read the manuals in CF5, they've improved and there's now context-sensitive help within the Administrator. More on that later.)

Instead, this article brings up a variety of topics that should interest a typical CF administrator. Some topics will revolve around settings in the Administrator, while others involve tasks outside that interface (and some not specific to ColdFusion). We'll look at all these from the perspective of two broad categories, performance and security.

We'll include some key reminders and hidden tips, with a summary of these presented at the end of Part 2 for easy reference. I'll conclude the article with a discussion of where to learn more about these things and how to stay updated on changes (new features, fixes, bugs, etc.).

No single article could be all encompassing with regard to administering a CF Server. With two administration books in the Macromedia CF 5 documentation and all the online help now supplementing that, there's certainly a lot I could cover. And there's still more to the role that involves tasks not even documented in the manuals. My hope here is to at least raise some key points, perhaps highlighting important aspects you may have missed, leaving you to investigate them further.

If you think I've left out something substantial, please use the comment feature at the online version of this article on www.sys-con.com/coldfusion/. Better still, consider writing an article to expand on any topic of interest.

Different Strokes?
Before exploring the technical aspects of managing a CF Server, let's clarify that different people will have very different perspectives on what the job entails. It can either be a daunting and time-consuming chore or a trivial afterthought, depending on many things. These include the number of applications running and their complexity, the volume of traffic from site visitors, and your skills as an administrator and those of the developers working in the environment.

The nature of the server environment also influences what the role entails. A corporate environment running a single application is quite different from one that supports apps for several departments, which is different again from a hosted environment running a shared server with dozens of apps.

Indeed, there is a wide variety of potential audiences for a discussion of administrator topics. You could be:

  • A full-time administrator doing nothing but CF administration
  • An administrator with responsibility for many (or all) aspects of the server environment
  • Someone who supports CF only as a side role, perhaps reluctantly
  • A CF developer who also administers the CF Server
  • A CF developer with no admin rights but interested in how the server is configured

    That last role opens the potential audience for this topic far beyond just administrators. Indeed, I hope all developers will read on and continue to learn more about administering a CF Server. There really are a lot of configuration settings and tasks to be handled by an administrator that can affect your programming abilities.

    Before moving on, let's clarify that if you are responsible for administering a server remotely, you can run the Web-based CF Administrator interface by way of the http://<servername>/CFIDE/Administrator/ index.cfm. You'll be prompted for a password that's set at the installation of CF (or that can be changed within the Administrator, as we'll discuss in Part 2). Figure 1 shows the Administrator interface as of ColdFusion 5.

    For security reasons, you may want to restrict access to the Administrator beyond the simple built-in password protection with either Web server or operating system security. (The Knowledge Base article on this topic, ID 10954, and any other KB article discussed here can be found at www.allaire.com/support/knowledgebase/searchform.cfm [the form for searching by KB ID is at the bottom of the page]).

    A Variety of Administration Settings and Tasks
    We can classify administration settings and tasks in a number of ways. The Administrator interface breaks tasks down into many categories, but for the sake of this article - and in the hope of helping to make things a little clearer for the newcomer or itinerant administrator - I've broken them into the following groupings:

    • Developer-oriented
    • Performance-related
    • Security-related
    • Miscellaneous
    We don't have room in this article to delve into all these topics, even at an overview level, so Part 2 will cover the security and miscellaneous settings and tasks.

    I hope anxious readers interested in performance and security won't skip the next section on developer-oriented tasks. While such features may seem less important to you, they're very important to your developers and may not be that obvious.

    Developer-Oriented Settings and Tasks
    Most developers will be familiar with at least one task that a CF administrator must perform, and many administrators may (dangerously) limit their activities to only this: managing data sources. It's a vital task for CF developers since it's hard - though not impossible - to do much query-based application development without a data source.

    Notice that I say "not impossible," because a new feature of CF5, the DBTYPE=" dynamic" and ConnectString attri-butes of CFQUERY, allow access to a database without a defined data source. That's something that will surprise many developers (and administrators).

    Indeed, one of the main points I'd like to raise in this article is that there may be aspects of managing a CF server that would surprise both developers and administrators. CF is constantly changing, and many administrators limit their activity to only the bare necessities - or just those things that the developers on the server ask about. It's good for developers to know what they can ask for, and for administrators to know of things that developers can do (like that dynamic data source capability) if the administrator is not paying careful attention.

    Because of the potential for abuse, it's also one of the many things that can be restricted by an administrator, along with nearly a dozen tags; in Part 2 we'll discuss what CF calls "basic" security.

    Getting back to the subject of data sources in general and connection strings in particular, another new facet of CF5 is that connection strings can also now be entered in the data source definition. This can help solve the problems of connecting with some database servers as well as provide connection attributes not otherwise supported in the Administrator interface.

    Creating data sources is covered in much more detail in the new CF5 Administrator manuals, including such subjects as creating optimal definitions for particular databases and drivers, using OLE DB as an alternative to ODBC where appropriate, using the new Merant Wire Protocol drivers in CF5, and using native drivers.

    Accessing Remote Data Sources from Your LocalHost Server
    Before leaving the subject, I'd like to point out a couple of topics that may interest developers who have their own local copies of CF Server, but are working in an environment with remote or LAN-based database servers. You probably write your code to leverage data sources defined on the central CF Server where you deploy your code, but you may be able to define a data source on your local CF Server.

    This can be very helpful not only for testing your code locally, but also for accessing CF Studio's ability to view a database, its structure and data, and use Studio's query builder against it. You may not have RDS access to that remote CF Server, but it's generally pretty easy to set up RDS access to your own local server. With data source definitions on your local server pointing to remote databases, you can get to that database and perhaps avoid bothering with a remote RDS connection.

    Also, note that if you want to connect to databases using native drivers (part of the Enterprise version of ColdFusion) you need to install the appropriate client drivers for the intended DBMS. This is covered in detail in CF 5's Advanced CF Administration book.

    Various Developer-Related Settings
    Several other administration matters relate to how developers can perform their work on the server. They include managing:

  • Mappings (for making CFINCLUDE and CFMODULE)
  • C++ and Java custom tags (CFXs)
  • Verity collections
  • Site-wide error handling and missing template handlers
  • Java settings to support CFOBJECT Java calls and CFX Java custom tags
  • Server-side debugging settings (be aware of some security aspects of turning on debugging, discussed in Part 2's security section)

    If you're not familiar with each of these capabilities, your developers may not be getting the most from the programming capabilities of ColdFusion so you should learn more about these settings. There have been several CFDJ articles on each of these subjects (including Java configuration settings and CFXs, setting up debugging and error handling, and managing Verity collections).

    A few other aspects of Administrator settings relate to enforcing software quality checks on developers. These include a strict attribute validation feature (which is related to some changes introduced in Release 4) and the persistent memory variable locking support that can either check that all needed locks are provided in code, automatically enable read-only locks where appropriate, or turn on single-threaded sessions.

    The last one eliminates any risk of concurrent updates to a given user's session scope by multiple browser requests from a single user. These can occur as a result of a framed page, a user having multiple browser windows open or refreshing a page before it's completed, or from two users sharing the same session (whether through coding mistakes or subversion).

    There are also a handful of other settings in the remaining categories that can influence developers and their programming. Let's move on to the performance-oriented category.

    Performance-Oriented Settings and Tasks
    While CF is easy to install and administer, there are many default settings in the Administrator that may not best serve your environment. You should thoroughly understand and investigate the following settings. Many of them could have a significant impact on existing applications, so use care when changing them. Some of the settings are self-explanatory, but each is explained in the "Installing and Configuring CF Server" manual (or related manual in previous releases). In some cases, I offer some information or recommendations that may not be self-evident. The settings include:

  • Limiting the number of simultaneous requests running on the CF Server.
  • The number of seconds after which a long-running request should be timed out.
  • The number of unresponsive requests to be allowed before restarting the server.
  • Restart when requests terminate abnormally.
  • The template cache size (how much space to allocate to holding the compiled/interpreted version of all executed templates); determining this size can seem a black art, but the "performance monitor" or "server reports" feature described later indicates that it needs to be increased if the number of "cache pops" is nonzero.
  • The "trusted cache" setting can improve performance by not looking for changed code templates once interpreted, if the code is not expected to change during the server run.
  • Limiting the number of minutes a cached database connection can remain inactive before it's released.
  • Limiting the maximum number of cached queries allowed to be stored on the server (how many unique instances of queries using CACHEDWITHIN or CACHEDAFTER may be cached).
  • Where client variables are stored by default (whether in the registry, a given database, or client cookies, which can be overridden by a given application on the CFAPPLICATION tag).
  • Specifying the number of days before purging unused data in client storage, as well as whether to disable performing updates to certain predefined client variables for every visitor ("hitcount" and "lastvisit") for client variables stored in a database.
  • The default and maximum timeouts allowed for application and session variables; programmers can override the default in CFAPPLICATION but if they set a value higher than the maximum, it's ignored. The maximum time for session timeouts on installation of CF is only 20, which may be too low for many applications. Consider increasing it to 60.

    Other performance features of the administrator include:

  • Whether to log slow pages to server.log for analysis and performance tuning.
  • The available logs that track application and server errors and other monitoring data (found in the cfusion/logs directory by default).
  • How to view, search, archive, and purge those server logs as well as how to download them from remote servers (features all enabled in the new "logs" area of the CF5 admin).
  • Whether to use operating system logging facilities for performance monitor counters (if you're not watching the statistics, don't bother collecting the data).
  • How to view those performance statistic samplings made available in the "monitor" area of the CF5 Administrator, or within the NT performance monitor or cfstat command line utility (for other platforms).
  • How to set up and use the new probe and alert features of CF5 to monitor server health and cause automatic repair, notification, or other actions.

    A couple of less obvious settings may also influence performance. Be careful setting the probe intervals (how often a probe fires, if probes are enabled) as well as the scheduler refresh interval (how often CF looks to see if scheduled tasks are ready to run). If either is set lower than you really need, you're asking CF and related services to perform more work than necessary. Another less obvious matter is that of taking care to repair, optimize, and perhaps purge Verity collections, as appropriate.

    Besides these global settings, there are a couple of data source-specific settings that can also have an effect on performance, including "limit connections" and "maintain database connections," which are both set with the "CF Settings" button during data source definition. A performance-related choice is whether to use either OLEDB, native, or the new Merant drivers where appropriate.

    Non-Administrator Performance Tasks
    I had said that the article wouldn't be a review of the pages in the Administrator, but that was certainly a review of many settings controlled by the Administrator. There are several other aspects of managing a CF Server that can influence performance. Some require active involvement, while others are built-in enhancements in CF. Among the latter are CF5's improved internal performance, reduced memory footprint, and better memory management. Similarly, CF5 adds SNMP (or MIB) support that facilitates viewing of CF performance information within centralized IT management products, as well as enhanced hardware load-balancing integration.

    Indeed, if you have a very high traffic site, you should consider either hardware- or software-based load balancing. Since Release 4, the Enterprise version of ColdFusion has had software-clustering capability available with its integrated Bright Tiger support. Both types of load-balancing (and failover) features are discussed at length in the advanced ColdFusion Admin manual.

    Another (perhaps less scalable) way to support larger traffic loads is CF's available "distributed mode." Discussed thoroughly in the Release 4 CF Administration manual or available in a PDF for download via KB 21966, this feature enables a CF Server to run on a server that's separate from the Web server, or indeed for several Web servers to share a single CF Server.

    Whether you use clustering or any other means of distributing CF Server requests, another widely regarded truism is that you should not install multiple servers (such as CF Server, database servers, or a mail server) on the same physical box. The operating system and each service will perform much better when fewer services are contending for limited resources (CPU, memory, and disk processing).

    Many other facets of performance are more specific to your particular server operating system. Again, the Knowledge Base comes to the rescue in article ID 1172, "Platform-Specific Performance Settings." It's from 1999 but still timely in many ways.

    Before leaving the subject of performance-related settings and tasks, there are some additional logs that you should monitor to ensure both the performance and stability of the server environment. You may not notice them because they're not CF logs, per se. They're installed in support of the new CF5 graphing feature and - in the Enterprise version of CF - the aforementioned archive, reporting, probe, and monitoring features. Each of these is enabled by way of an embedded instance of Macromedia's JRun Java Server engine. While there's not much you can (or should) do with respect to these embedded JRun Servers, be aware that they each create their own logs in the CFUSION\ jrun\logs directory, which you should monitor.

    There's also a known problem with the management service that can cause the server on which it (and the corresponding CF Server) is installed to run to 100% CPU utilization, thus locking the server. There's a fix in the form of a patch available from Macromedia, and that leads nicely to our last topic.

    Learning More, Staying Updated
    Even the most well-informed and savvy CF administrators can't rest on their laurels. There are always new Knowledge Base articles, security bulletins, and patches (or hot fixes) released to help keep your server running in top form. It's incumbent upon you as a CF administrator to keep abreast of these changes and notices. In some instances (the case of security bulletins), there's a notification service you can join to be informed as soon as they're released.

    Regarding patches (or hot fixes), they're a relatively new phenomenon. Previously, most changes to CF were introduced in point releases. With the availability of patches (software updates related to specific problems), we can get targeted resolutions to problems more quickly. The only challenge is finding if they're available. They're discussed in KB 20371. It's up to you to keep an eye out for them. (You may hear about them more quickly if you join a mailing list of other CF enthusiasts, discussed in a moment.)

    In the case of Knowledge Base articles, the location for finding them was mentioned before. One trick you may want to use to stay up to date on the latest KB articles is to visit the site, choose a product of interest (CF, Studio, JRun, etc.) and perform a search with no keywords. That will provide a list of the latest articles in order, with the most recent first. Since new ones aren't released that often, this is a simple way to keep up on the latest news for each product.

    As for security bulletins, Macromedia does an admirable job of keeping us informed of issues (even ones that aren't CF problems specifically but may affect users of related software such as IIS). The bulletins are offered at www.allaire.com/security/, and again you can sign up on the "notification service" to be informed of any bulletins.

    RTFM - Read the "Fine" Manuals
    I've mentioned the CF documentation several times. It's really amazing how many people either program with or administer CF without ever reading the manuals. It's a testament, perhaps, to how easy both programming and managing a CF Server can seem, but in both cases failing to read the docs can lead to unexpected problems as well as missed opportunities.

    For instance, did you know that the Verity K2 Server brings more than just improved performance and scalability for indexing and searching data? It also adds features for indexing and searching XML documents based on stylesheets, as well as features for spidering/crawling through documents to find referred documents, etc. These are covered in Chapters 7 and 8 of the "Advanced CF Admin" manual. But if you never bothered to look at the manuals, you probably wouldn't know about them.

    Another surprise may come from learning that both Windows NT and Windows 2000 Professional have built-in limitations that may make them unsuitable for supporting even medium-traffic sites. They both support only 10 concurrent TCP/IP connections. (It's discussed on page 5 of "Installing and Configuring CF Server.")

    The good news for administrators is that a copy of the paper documentation is provided with the purchase of the server. For developers, this means that often the docs sit on the shelf of an administrator who may not care to read the manuals. The good news for developers (or anyone interested in obtaining the manuals) is that Macromedia sells the complete set (both administration and programming manuals) for only $50.

    Dead trees aren't the only medium for reading the manuals. They're available online within the CF Server at http://<yourserver>/CFDOCS/do chome.htm (unless they weren't installed, as recommended in KB 16258 for production servers). This HTML format is also fully searchable.

    If you don't have them installed locally, you can now view them online (and even read/add comments to them) at http://livedocs.allaire.com.

    You can also download PDF versions from www.allaire.com/developer/documentation/coldfusion.cfm.

    Remember, too, that in CF5, beyond the two administration manuals, there's also a great deal of context-sensitive help within the CF Administrator. Indeed, there's a lot to be found in that Administrator Help that's not documented in either of the administrator manuals (which will surprise anyone who relies solely on those books for information). If you'd like to see those help files outside the Administrator interface, they're at http://<yourserver>/CFIDE/Administrator/help/cfadminhelp.htm.

    There's still more documentation that you may want to know about as a CF administrator. In addition to the "Advanced CF Admin" manual's coverage of Verity K2 Server and Merant database drivers, there are separate manuals for each installed on the CF Server. The former is discussed in KB 21648 and the latter is at cfusion/bin/odbcref.pdf and odbcsupp.pdf.

    Other Information Sharing Resources
    Finally, you should do more than rely on your own experience and the manuals to get you through the job of administering a CF Server. As has been said, things are frequently changing and there's also lots more to the task than could be covered in this article. As was also alluded to earlier, there are mechanisms for staying in touch with others who share your pain.

    There are many mailing lists including CF-Talk and others run from www.houseoffusion.com, our own CFDJ list run from www.sys-con.com/coldfusion/, CF lists at http://p2p.wrox.com (under Macromedia), as well as lists run by various CF user groups and those available at various CF-oriented e-zines like defusion.com.

    Besides mailing lists, many of these sites also run Web-based discussion forums. The granddaddy of them all (in the CF world) is the ColdFusion forums, available at http://forums.allaire.com/coldfusion/. While not to be relied upon as a tech support resource for urgent problems, it's monitored by both Macromedia staff and enthusiastic CF supporters who help each other solve both common and unusual problems.

    It's easy to feel alone and perhaps lost when facing the task of managing a CF Server. I hope these numerous resources for continuous learning and notification, as well as the hints in the article, will help you feel more confident about your role. I hope they'll also motivate you to explore the possibilities for maximizing the administration of your CF Server to improve things both for you and the community of developers on your server.

    In Part 2, we'll conclude with a review of the remaining two categories of administrative settings and tasks. The main focus will be security: both ColdFusion Basic and Advanced and what they can allow or restrict, as well as other security facets of administering a CF Server. I'm confident that many will be surprised by some of the possibilities.

    Till then, take care and good luck reviewing your own administration role. And again, please share your feedback either online or via my e-mail address, [email protected].

  • More Stories By Charlie Arehart

    A veteran ColdFusion developer since 1997, Charlie Arehart is a long-time contributor to the community and a recognized Adobe Community Expert. He's a certified Advanced CF Developer and Instructor for CF 4/5/6/7 and served as tech editor of CFDJ until 2003. Now an independent contractor (carehart.org) living in Alpharetta, GA, Charlie provides high-level troubleshooting/tuning assistance and training/mentoring for CF teams. He helps run the Online ColdFusion Meetup (coldfusionmeetup.com, an online CF user group), is a contributor to the CF8 WACK books by Ben Forta, and is frequently invited to speak at developer conferences and user groups worldwide.

    Comments (0)

    Share your thoughts on this story.

    Add your comment
    You must be signed in to add a comment. Sign-in | Register

    In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.

    IoT & Smart Cities Stories
    Moroccanoil®, the global leader in oil-infused beauty, is thrilled to announce the NEW Moroccanoil Color Depositing Masks, a collection of dual-benefit hair masks that deposit pure pigments while providing the treatment benefits of a deep conditioning mask. The collection consists of seven curated shades for commitment-free, beautifully-colored hair that looks and feels healthy.
    The textured-hair category is inarguably the hottest in the haircare space today. This has been driven by the proliferation of founder brands started by curly and coily consumers and savvy consumers who increasingly want products specifically for their texture type. This trend is underscored by the latest insights from NaturallyCurly's 2018 TextureTrends report, released today. According to the 2018 TextureTrends Report, more than 80 percent of women with curly and coily hair say they purcha...
    The textured-hair category is inarguably the hottest in the haircare space today. This has been driven by the proliferation of founder brands started by curly and coily consumers and savvy consumers who increasingly want products specifically for their texture type. This trend is underscored by the latest insights from NaturallyCurly's 2018 TextureTrends report, released today. According to the 2018 TextureTrends Report, more than 80 percent of women with curly and coily hair say they purcha...
    We all love the many benefits of natural plant oils, used as a deap treatment before shampooing, at home or at the beach, but is there an all-in-one solution for everyday intensive nutrition and modern styling?I am passionate about the benefits of natural extracts with tried-and-tested results, which I have used to develop my own brand (lemon for its acid ph, wheat germ for its fortifying action…). I wanted a product which combined caring and styling effects, and which could be used after shampo...
    The platform combines the strengths of Singtel's extensive, intelligent network capabilities with Microsoft's cloud expertise to create a unique solution that sets new standards for IoT applications," said Mr Diomedes Kastanis, Head of IoT at Singtel. "Our solution provides speed, transparency and flexibility, paving the way for a more pervasive use of IoT to accelerate enterprises' digitalisation efforts. AI-powered intelligent connectivity over Microsoft Azure will be the fastest connected pat...
    There are many examples of disruption in consumer space – Uber disrupting the cab industry, Airbnb disrupting the hospitality industry and so on; but have you wondered who is disrupting support and operations? AISERA helps make businesses and customers successful by offering consumer-like user experience for support and operations. We have built the world’s first AI-driven IT / HR / Cloud / Customer Support and Operations solution.
    Codete accelerates their clients growth through technological expertise and experience. Codite team works with organizations to meet the challenges that digitalization presents. Their clients include digital start-ups as well as established enterprises in the IT industry. To stay competitive in a highly innovative IT industry, strong R&D departments and bold spin-off initiatives is a must. Codete Data Science and Software Architects teams help corporate clients to stay up to date with the mod...
    At CloudEXPO Silicon Valley, June 24-26, 2019, Digital Transformation (DX) is a major focus with expanded DevOpsSUMMIT and FinTechEXPO programs within the DXWorldEXPO agenda. Successful transformation requires a laser focus on being data-driven and on using all the tools available that enable transformation if they plan to survive over the long term. A total of 88% of Fortune 500 companies from a generation ago are now out of business. Only 12% still survive. Similar percentages are found throug...
    Druva is the global leader in Cloud Data Protection and Management, delivering the industry's first data management-as-a-service solution that aggregates data from endpoints, servers and cloud applications and leverages the public cloud to offer a single pane of glass to enable data protection, governance and intelligence-dramatically increasing the availability and visibility of business critical information, while reducing the risk, cost and complexity of managing and protecting it. Druva's...
    BMC has unmatched experience in IT management, supporting 92 of the Forbes Global 100, and earning recognition as an ITSM Gartner Magic Quadrant Leader for five years running. Our solutions offer speed, agility, and efficiency to tackle business challenges in the areas of service management, automation, operations, and the mainframe.