Date post: | 20-Dec-2015 |
Category: |
Documents |
View: | 218 times |
Download: | 0 times |
Deploying Your Deploying Your ApplicationsApplications
thetheSmartSmart
WayWayMike PeltonMike [email protected]@microsoft.comSean PuffetSean [email protected] [email protected] Developer & Platform GroupDeveloper & Platform GroupMicrosoft Ltd.Microsoft Ltd.
The slides for this eventThe slides for this eventwill be posted at:will be posted at:
www.microsoft.com/uk/msdn/posteventswww.microsoft.com/uk/msdn/postevents
MSDN ConnectionMSDN ConnectionGet personalised info and a Get personalised info and a customised RSS feedcustomised RSS feed
The programming language(s) you’re The programming language(s) you’re interested ininterested in
The technology area(s) you’re interested The technology area(s) you’re interested inin
The information you wantThe information you want
View news, technical resources, View news, technical resources, events, webcasts and community events, webcasts and community informationinformation
Sign up for MSDN Connection at:Sign up for MSDN Connection at:http://www.microsoft.com/http://www.microsoft.com/uk/msdnuk/msdn
Smart clients are easily deployed and managed client applications Smart clients are easily deployed and managed client applications that provide an adaptive and interactive experience by that provide an adaptive and interactive experience by
leveraging local resources and intelligently connecting to leveraging local resources and intelligently connecting to distributed data sources. distributed data sources.
Web Services &Offline/Online
support
DeviceAdaptability
Tough toDeploy
HeavyFootprint
DLL Hell
NetworkDependency
Poor UserExperience
Rich UIComplex
To Develop
Rich UserExperience
DeveloperProductivity
Responsive
BroadReach
Easy ChangeManagement
Ease ofDeployment
Deployment –Different Deployment –Different ApproachesApproaches
XCOPY deployment XCOPY deployment
HTTP deploymentHTTP deployment
Integration with the Windows Integration with the Windows
InstallerInstaller
XCopy DeploymentXCopy DeploymentOverviewOverview
Simple file-copy deploymentSimple file-copy deploymentXCOPY or otherwiseXCOPY or otherwise
Run off a share, CD, disk-on-key, etc.Run off a share, CD, disk-on-key, etc.
No setup requiredNo setup required
Good candidatesGood candidatesXML Web servicesXML Web services
ASP.NET Web applicationsASP.NET Web applications
Small desktop applicationsSmall desktop applications
LimitationsLimitationsCan’t create shortcuts links, Start menu icon, etc.Can’t create shortcuts links, Start menu icon, etc.
Can’t configure users, groups, other security issuesCan’t configure users, groups, other security issues
Can’t verify dependencies or run installation logicCan’t verify dependencies or run installation logic
Can’t deploy public assemblies, etc.Can’t deploy public assemblies, etc.
URL ActivationURL Activation
Run a managed application from a Run a managed application from a URLURL
Start -> Run -> Start -> Run -> http://myserver/myapp.exehttp://myserver/myapp.exe
<a <a href=http://myserver/myapp.exehref=http://myserver/myapp.exe> my App > my App </a></a>
On-demand downloadOn-demand download
Automatic “No-Touch Update”Automatic “No-Touch Update”Updated files are taken off the serverUpdated files are taken off the server
URL ActivationURL Activation
Launching A Managed Exe Launching A Managed Exe From Internet ExplorerFrom Internet Explorer
Internet Internet ExplorerExplorer
Download Cache
Client AppClient App
.NET .NET FrameworkFramework
MyApp.dllMyApp.dll
MyApp.exeMyApp.exe
Web ServerWeb Server
HTTPHTTP
Managed Managed Exe?Exe?
Additional OptionsAdditional Options
Running from a File ShareRunning from a File Share
Hosting Controls in the BrowserHosting Controls in the BrowserSame model as URL activationSame model as URL activation
Controls are contained in a web pageControls are contained in a web page
WinForms Controls in a Web WinForms Controls in a Web PagePage
Locating Dependants…Locating Dependants…Request #Request # GET RequestGET Request
11 /MyApplication/MyApplication.exe/MyApplication/MyApplication.exe22 /MyApplication/MyApplication.exe.config/MyApplication/MyApplication.exe.config33 /MyApplication/MyApplicationControl.DLL/MyApplication/MyApplicationControl.DLL44 /MyApplication/en-US/MyApplication.resources.DLL/MyApplication/en-US/MyApplication.resources.DLL55 /MyApplication/en-US/MyApplication.resources//MyApplication/en-US/MyApplication.resources/
MyApplication.resources.DLLMyApplication.resources.DLL66 /MyApplication/bin/en-US/MyApplication.resources.DLL/MyApplication/bin/en-US/MyApplication.resources.DLL77 /MyApplication/bin/en-US/MyApplication.resources/MyApplication.resources.DLL/MyApplication/bin/en-US/MyApplication.resources/MyApplication.resources.DLL88 /MyApplication/en-US/MyApplication.resources.EXE/MyApplication/en-US/MyApplication.resources.EXE99 /MyApplication/en-US/MyApplication.resources/MyApplication.resources.EXE/MyApplication/en-US/MyApplication.resources/MyApplication.resources.EXE1010 /MyApplication/bin/en-US/MyApplication.resources.EXE/MyApplication/bin/en-US/MyApplication.resources.EXE1111 /MyApplication/bin/en-US/MyApplication.resources/MyApplication.resources.EXE/MyApplication/bin/en-US/MyApplication.resources/MyApplication.resources.EXE1212 /MyApplication/en/MyApplication.resources.DLL/MyApplication/en/MyApplication.resources.DLL1313 /MyApplication/en/MyApplication.resources/MyApplication.resources.DLL/MyApplication/en/MyApplication.resources/MyApplication.resources.DLL1414 /MyApplication/bin/en/MyApplication.resources.DLL/MyApplication/bin/en/MyApplication.resources.DLL1515 /MyApplication/bin/en/MyApplication.resources/MyApplication.resources.DLL/MyApplication/bin/en/MyApplication.resources/MyApplication.resources.DLL1616 /MyApplication/en/MyApplication.resources.EXE/MyApplication/en/MyApplication.resources.EXE1717 /MyApplication/en/MyApplication.resources/MyApplication.resources.EXE/MyApplication/en/MyApplication.resources/MyApplication.resources.EXE1818 /MyApplication/bin/en/MyApplication.resources.EXE/MyApplication/bin/en/MyApplication.resources.EXE1919 /MyApplication/bin/en/MyApplication.resources/MyApplication.resources.EXE/MyApplication/bin/en/MyApplication.resources/MyApplication.resources.EXE2020 /MyApplication/en-US/MyApplication.resources.DLL/MyApplication/en-US/MyApplication.resources.DLL2121 /MyApplication/en-US/MyApplication.resources/MyApplication.resources.DLL/MyApplication/en-US/MyApplication.resources/MyApplication.resources.DLL2222 /MyApplication/bin/en-US/MyApplication.resources.DLL/MyApplication/bin/en-US/MyApplication.resources.DLL2323 /MyApplication/bin/en-US/MyApplication.resources/MyApplication.resources.DLL/MyApplication/bin/en-US/MyApplication.resources/MyApplication.resources.DLL2424 /MyApplication/en-US/MyApplication.resources.EXE/MyApplication/en-US/MyApplication.resources.EXE2525 /MyApplication/en-US/MyApplication.resources/MyApplication.resources.EXE/MyApplication/en-US/MyApplication.resources/MyApplication.resources.EXE2626 /MyApplication/bin/en-US/MyApplication.resources.EXE/MyApplication/bin/en-US/MyApplication.resources.EXE2727 /MyApplication/bin/en-US/MyApplication.resources/MyApplication.resources.EXE/MyApplication/bin/en-US/MyApplication.resources/MyApplication.resources.EXE2828 /MyApplication/en/MyApplication.resources.DLL/MyApplication/en/MyApplication.resources.DLL2929 /MyApplication/en/MyApplication.resources/MyApplication.resources.DLL/MyApplication/en/MyApplication.resources/MyApplication.resources.DLL3030 /MyApplication/bin/en/MyApplication.resources.DLL/MyApplication/bin/en/MyApplication.resources.DLL3131 /MyApplication/bin/en/MyApplication.resources/MyApplication.resources.DLL/MyApplication/bin/en/MyApplication.resources/MyApplication.resources.DLL3232 /MyApplication/en/MyApplication.resources.EXE/MyApplication/en/MyApplication.resources.EXE3333 /MyApplication/en/MyApplication.resources/MyApplication.resources.EXE/MyApplication/en/MyApplication.resources/MyApplication.resources.EXE3434 /MyApplication/bin/en/MyApplication.resources.EXE/MyApplication/bin/en/MyApplication.resources.EXE3535 /MyApplication/bin/en/MyApplication.resources/MyApplication.resources.EXE/MyApplication/bin/en/MyApplication.resources/MyApplication.resources.EXE
Caching Downloaded CodeCaching Downloaded Code
Held in the Download Cache, not the Held in the Download Cache, not the
GACGAC
Stored per userStored per user
URL is maintained for security URL is maintained for security
evidenceevidence
Configurable cache sizeConfigurable cache size
Cache is scavenged, least recently Cache is scavenged, least recently
used firstused first
Emptying the Download CacheEmptying the Download Cache
GACUtil /cdlGACUtil /cdlNukeDownloadedCache (!)NukeDownloadedCache (!)
[DllImport("Fusion.dll", CharSet=CharSet.Auto)][DllImport("Fusion.dll", CharSet=CharSet.Auto)]public static extern int NukeDownloadedCache();public static extern int NukeDownloadedCache();private void button1_Click(object sender, private void button1_Click(object sender,
System.EventArgs e)System.EventArgs e){{
NukeDownloadedCache();NukeDownloadedCache();}}
Use the Fusion API with extreme Use the Fusion API with extreme caution!!caution!!
It’s for administrator codeIt’s for administrator code
C++:C++:http://blogs.msdn.com/junfeng/articles/229648.aspxhttp://blogs.msdn.com/junfeng/articles/229648.aspx
No-Touch DeploymentNo-Touch DeploymentSecurity OverviewSecurity Overview
Code-access security is the keyCode-access security is the key
Maps applications to Permission SetsMaps applications to Permission Sets
Evidence-basedEvidence-basedLocation-basedLocation-based
What is the assembly’s site / URL / Zone?What is the assembly’s site / URL / Zone?
Author-basedAuthor-basedWhat is assembly’ strong name and who signed it?What is assembly’ strong name and who signed it?
Code Groups set up around IE zonesCode Groups set up around IE zones
Defaults to Partial Trust (inherently “safe code”)Defaults to Partial Trust (inherently “safe code”)
Granular, easily administered, extensibleGranular, easily administered, extensible
Design for “least permissions”Design for “least permissions”
Unauthorized TamperingUnauthorized TamperingStrongly named assemblies are sealed from Strongly named assemblies are sealed from unauthorized tamperingunauthorized tampering
Manifest includes set of assembly files (FileRef)Manifest includes set of assembly files (FileRef)Each entry has file name & hash of file’s contentsEach entry has file name & hash of file’s contents
File with manifest contains RSA digital signatureFile with manifest contains RSA digital signaturePublisher’s public key is embedded in AssemblyDef Publisher’s public key is embedded in AssemblyDef manifest metadatamanifest metadata
Manifest file is hashed, hash is signed w/publisher’s Manifest file is hashed, hash is signed w/publisher’s private keyprivate key
Resulting digital signature is persisted in file containing Resulting digital signature is persisted in file containing the manifestthe manifest
File is now ready for distributionFile is now ready for distribution
Additionally, to associate publisher’s identity with Additionally, to associate publisher’s identity with the assembly, use Authenticode technologythe assembly, use Authenticode technology
Calculus.dll
IL
Metadata
ManifestAssembly files (self & RUT.mod)
Public assembly types (self & RUT.mod)
HashValue
HashPE File
Signed withprivate key
RSA DigitalSignature
RSA Digital Signature
Public KeyEmbedded in PE File
Em
bed
ded
inP
E F
ile
Signing An AssemblySigning An Assembly
Public Key
Self-Downloading Self-Downloading ApplicationsApplications
Load assemblies from a web serverLoad assemblies from a web serverApplication downloads itself at runtimeApplication downloads itself at runtime
Updated with new dependant assembliesUpdated with new dependant assemblies
Use Assembly.LoadFrom(string)Use Assembly.LoadFrom(string)Takes a URL to an assemblyTakes a URL to an assembly
Downloads and caches it Downloads and caches it
Automatically checks for newer versionsAutomatically checks for newer versions
No-Touch DeploymentNo-Touch DeploymentChallenges of Auto-Updating Challenges of Auto-Updating ApplicationsApplications
Discovering updatesDiscovering updatesPoll network for available updatesPoll network for available updates
Networking code and communication protocolNetworking code and communication protocol
Downloading updatesDownloading updatesWithout user’s consentWithout user’s consent
InterruptibleInterruptible
Maintaining securityMaintaining securityMost criticalMost critical
Must ensure only installing safe codeMust ensure only installing safe code
Applying updatesApplying updatesWhile the app is runningWhile the app is running
AppStart.exeAppStart.exe
A Model For Self-UpdatingA Model For Self-Updating
V1
AppStart.exeAppStart.exe
MyApp
AppStart.configAppStart.config
MyApp V1 MyApp V1 DomainDomain
V1.1
DownloadDownloadUpdateUpdate Check ForCheck For
UpdatesUpdates
Web ServerWeb Server
HTTP
The Updater BlockThe Updater Block
The Updater BlockThe Updater Block
ValidatorValidator
Post ProcessorPost Processor(Optional)(Optional)
UpdatUpdaterer
Update Update ControllerController
(Application (Application or separate or separate
EXE)EXE)
ServerServerClientClient
ApplicationApplicationUpdateUpdate
ManifestManifest
AdministratorAdministratoruses Manifestuses ManifestUtilityUtility
Controller XMLController XMLConfiguration FileConfiguration File
ApplicationApplication ApplicationApplication
DownloadDownloaderer
Manifest utility used to generate a manifest for each Manifest utility used to generate a manifest for each application updateapplication updateIt lists:It lists:•all files included in the updateall files included in the update•a hashed signature for each file (including the a hashed signature for each file (including the manifest itself)manifest itself)•optionally a optionally a post-processorpost-processor
•to be executed on the client post download to be executed on the client post download and validation and validation
11
The Updater BlockThe Updater Block
ValidatorValidator
Post ProcessorPost Processor(Optional)(Optional)
UpdatUpdaterer
Update Update ControllerController
(Application (Application or separate or separate
EXE)EXE)
ServerServerClientClient
ApplicationApplicationUpdateUpdate
ManifestManifest
AdministratorAdministratoruses Manifestuses ManifestUtilityUtility
Controller XMLController XMLConfiguration FileConfiguration File
ApplicationApplication ApplicationApplication
DownloadDownloaderer
22• Controller app starts and stops the core Controller app starts and stops the core
updaterupdater• Use provided controllers as QuickStartsUse provided controllers as QuickStarts• ……or develop your ownor develop your own
• Controller configuration file defines settings Controller configuration file defines settings for the update process:for the update process:
• The apps to be updated, including The apps to be updated, including locations of client config and server locations of client config and server manifest filesmanifest files
•Point to the latest version of the app Point to the latest version of the app on the client and serveron the client and server
• The The DownloaderDownloader component to use when component to use when copying filescopying files
•The Updater Block includes a The Updater Block includes a downloader that uses BITSdownloader that uses BITS
•……or develop your ownor develop your own• The The ValidatorValidator component, used to component, used to
validate the downloaded filesvalidate the downloaded files•The Updater Application Block includes The Updater Application Block includes
two validatorstwo validators•a symmetric key-based validator a symmetric key-based validator •an RSA public/private key-based an RSA public/private key-based
validator. validator. •……or develop your own.or develop your own.
The Updater BlockThe Updater Block
ValidatorValidator
Post ProcessorPost Processor(Optional)(Optional)
UpdatUpdaterer
Update Update ControllerController
(Application (Application or separate or separate
EXE)EXE)
ServerServerClientClient
ApplicationApplicationUpdateUpdate
ManifestManifest
AdministratorAdministratoruses Manifestuses ManifestUtilityUtility
Controller XMLController XMLConfiguration FileConfiguration File
ApplicationApplication ApplicationApplication
DownloadDownloaderer33
• The application The application updater periodically updater periodically initiates the update initiates the update process. process.
• Uses the specified Uses the specified downloaderdownloader to copy to copy the manifest file for the manifest file for each app specified in each app specified in the app configuration the app configuration file to the client.file to the client.
• If updates are If updates are available, the available, the downloader copies downloader copies updated files to a updated files to a temporary directory on temporary directory on the client the client
The Updater BlockThe Updater Block
ValidatorValidator
Post ProcessorPost Processor(Optional)(Optional)
UpdatUpdaterer
Update Update ControllerController
(Application (Application or separate or separate
EXE)EXE)
ServerServerClientClient
ApplicationApplicationUpdateUpdate
ManifestManifest
AdministratorAdministratoruses Manifestuses ManifestUtilityUtility
Controller XMLController XMLConfiguration FileConfiguration File
ApplicationApplication ApplicationApplication
DownloadDownloaderer44
• The app updater The app updater loads the specified loads the specified validator and validator and validates the validates the downloaded filesdownloaded files
• If the files are valid, If the files are valid, they are copied to they are copied to the appropriate app the appropriate app folder and…folder and…
• ……the configuration the configuration file for the file for the application application launcher is updated launcher is updated to reflect the new to reflect the new version version
The Updater BlockThe Updater Block
ValidatorValidator
Post ProcessorPost Processor(Optional)(Optional)
UpdatUpdaterer
Update Update ControllerController
(Application (Application or separate or separate
EXE)EXE)
ServerServerClientClient
ApplicationApplicationUpdateUpdate
ManifestManifest
AdministratorAdministratoruses Manifestuses ManifestUtilityUtility
Controller XMLController XMLConfiguration FileConfiguration File
ApplicationApplication ApplicationApplication
DownloadDownloaderer
55
• If a post-processor was If a post-processor was specified in the manifest, specified in the manifest, the application updater the application updater loads and executes itloads and executes it
• To develop a post-To develop a post-processor, create a class processor, create a class thatthat
• implements implements IPostProcessor IPostProcessor
• includes required includes required functionalityfunctionality
• Include the assembly Include the assembly containing the post-containing the post-processor class in the app processor class in the app update files update files
• Specify it in the manifest Specify it in the manifest for the application updatefor the application update
• Updater Block loads and Updater Block loads and executes it automatically. executes it automatically.
The Updater BlockThe Updater Block
ValidatorValidator
Post ProcessorPost Processor(Optional)(Optional)
UpdatUpdaterer
Update Update ControllerController
(Application (Application or separate or separate
EXE)EXE)
ServerServerClientClient
ApplicationApplicationUpdateUpdate
ManifestManifest
AdministratorAdministratoruses Manifestuses ManifestUtilityUtility
Controller XMLController XMLConfiguration FileConfiguration File
ApplicationApplication ApplicationApplication
DownloadDownloaderer
Using the Windows Using the Windows InstallerInstaller
Focus on Focus on whatwhat to install, not to install, not howhow
Advertisement, publishing, repair, Advertisement, publishing, repair, and install-on-demandand install-on-demand
Installs assemblies into the GACInstalls assemblies into the GAC
Integrated with Active Directory and Integrated with Active Directory and Systems Management ServerSystems Management Server
A Side-Note on the GACA Side-Note on the GACSome MythsSome Myths
Strongly-named assemblies must always be Strongly-named assemblies must always be installed in the GACinstalled in the GAC
NO! Strongly-named assemblies NO! Strongly-named assemblies cancan be put in the GAC be put in the GACPut strongly-named assemblies under the application Put strongly-named assemblies under the application directorydirectory
Ensures your application has no system-wide impactEnsures your application has no system-wide impactEnsures it can be XCOPY deployed.Ensures it can be XCOPY deployed.
Assemblies must be installed in the GAC to make Assemblies must be installed in the GAC to make them accessible to COM Interop or unmanaged them accessible to COM Interop or unmanaged codecode
NO! Install assemblies in the GAC only if they must be NO! Install assemblies in the GAC only if they must be shared with other applications on the same machine.shared with other applications on the same machine.
It’s possible to directly reference an assembly It’s possible to directly reference an assembly from the GAC within a Visual Studio.NET projectfrom the GAC within a Visual Studio.NET project
NO! Assemblies listed within the NO! Assemblies listed within the .NET.NET tab of the tab of the Add Add ReferenceReference dialog box are not enumerated from the GAC dialog box are not enumerated from the GAC - this dialog box is path-based- this dialog box is path-basedYou need to cheat to achieve thisYou need to cheat to achieve this
GAC GoodiesGAC Goodies
Wise words on the GACWise words on the GAChttp://www.codeproject.com/dotnet/http://www.codeproject.com/dotnet/DemystifyGAC.asp?DemystifyGAC.asp?df=100&forumid=15829&exp=0&selectdf=100&forumid=15829&exp=0&select=937171=937171
The Fusion APIThe Fusion APIDOC: Global Assembly Cache (GAC) APIs DOC: Global Assembly Cache (GAC) APIs Are Not Documented in the .NET Are Not Documented in the .NET Framework Software Development Kit Framework Software Development Kit (SDK) Documentation(SDK) Documentation
Installer CapabilitiesInstaller Capabilities
Self repair and roll-backSelf repair and roll-backFile type associationsFile type associationsAuthenticode signaturesAuthenticode signaturesConditional InstallationConditional InstallationConditional DeploymentConditional DeploymentLocalisationLocalisationRegistry SettingsRegistry SettingsCustom ActionsCustom Actions
Building MS Installer FilesBuilding MS Installer Files
Additional InformationAdditional Information
Post Events SitePost Events SiteAll information on past events, slide decks etcAll information on past events, slide decks etc
http://www.microsoft.com/http://www.microsoft.com/uk/msdn/posteventsuk/msdn/postevents
The UK MSDN Site & FlashThe UK MSDN Site & FlashLocal news, events, webcastsLocal news, events, webcasts
http://www.microsoft.com/uk/msdnhttp://www.microsoft.com/uk/msdn
Register to received the bi-weekly MSDN Flash by emailRegister to received the bi-weekly MSDN Flash by emailhttp://www.microsoft.com/uk/msdn/flash.aspxhttp://www.microsoft.com/uk/msdn/flash.aspx
Try Visual StudioTry Visual Studiohttp://www.microsoft.com/vstudio/tryithttp://www.microsoft.com/vstudio/tryit
Take a look at the Express productsTake a look at the Express productshttp://msdn.microsoft.com/expresshttp://msdn.microsoft.com/express
GotDotNet and ASP.NET – lots of excellent GotDotNet and ASP.NET – lots of excellent resourcesresources
http://www.gotdotnet.comhttp://www.gotdotnet.comhttp://www.asp.nethttp://www.asp.net