13. Challenges
•Dev, Admin Fight!
•Change production farm to Full
•Memory Leaks
•Update web.config files
•Bad code that eats up farm resources
•Deploy everything to the GAC
•Admins have some control using CAS
•Difficult to implement
•Difficult to get right
•Largest cause of SharePoint Support cases
14. Overview of the Sandbox
•Allows a subset of the full capabilities
in the SharePoint API
•Secure – enforcing the sandbox
•Execute in a partially trusted environment
•Code executes in a special service process
•Subject to CAS
•Validation framework
• Provides way to do custom farm wide validation for the deployed packages
•Each solution is isolated to its site collection
15. AspNetHostingPermission, Level=Minimal
SharePointPermission, ObjectModel=true
Sandbox SecurityPermission, Flags=Execution
My.dll User Code
Other.dll System DLL wss_usercode.config
SharePoint Framework Code
DLL
Full Trust
SharePoint OM
Subset OM
16. Sandboxed Solutions Process
Root SPWeb of SPSite Per-WFE AssemblyCache
1
Solution gallery 2 5 <siteguid>company.
WebParts.wsp
intranet.webpart.wsp
Web Part gallery foo.dll
6
4
Sandboxed Worker
3 Process
7
17. Sandboxed Solution Lifecycle
Installation
• Upload into Solution Gallery
Activation
• Auto-activates features
Deactivation
• Inert operation, extended by developer
• Web Parts no longer execute
Deletion
19. Types of Sandboxed Solutions Sandboxed
Solutions Support
Event/Feature
• Sandboxed solutions offer Non-Visual Web Parts
Receivers
developers a subset of the
SharePoint API available fully
trusted solutions Feature Activation Custom Workflow
• Site collection and Events Actions
site scoped Features
• Many XML constructs available: Modules, Lists,
ContentTypes, etc.
InfoPath Forms Services List Definitions
• Client technologies to access
external data – JavaScript, Custom Actions Site Pages
Silverlight etc.
• Offloading resource usage and Site Columns Content Types
access handling to client
22. Load Balancing
•Sandboxed solutions can be run
in two modes
•Local Mode
• Execute code on the SharePoint WFE
• Low administration overhead
• Lower scalability
•Remote Mode
• Execution on back-end farm machine
• Via dedicated service applications
• Load balanced distribution of code
execution requests
23. Sandbox Solution Monitoring
How it works
•Site collection quotas specify the warning and hard limits for
number of resources that can be used per day
•Sum of resource measures are taken across solutions
deployed to site collection
•I.e., add up CPU Points for all solutions
•Max of resource utilization measures checked against site
collection quota to determine if it should be throttled/blocked
24. Monitored Resources
Resources Per Hard
Metric Name Description Units
Point Limit
AbnormalProcessTerminationCount Process gets abnormally terminated Count 1 1
CPUExecutionTime CPU exception time Seconds 200 60
CriticalExceptionCount Critical exception fired Number 10 3
Number of times solution
InvocationCount Count N/A N/A
has been invoked
Percentage Units of Overall
PercentProcessorTime Note: # of cores not factored in 85 100
Processor Consumed
ProcessCPUCycles CPU Cycles 1E+11 1E+11
ProcessHandleCount Windows Handles 10,000 5,000
(Hard Limit Only) Bytes written 1E+07
ProcessIOBytes Bytes 1E+08
to IO
Number of Threads
ProcessThreadCount Threads 10,000 200
in Overall Process
(Hard Limit Only)
ProcessVirtualBytes Bytes 1E+09 4E+09
Memory consumed
SharePointDatabaseQueryCount SharePoint DB Queries Invoked Number 400 100
Amount of time spent waiting
SharePointDatabaseQueryTime Seconds 20 60
for a query to be performed
UnhandledExceptionCount Unhanded Exceptions 50 3
We have to kill the process because it has
UnresponsiveprocessCount Number 2 1
become unresponsive
You can tweak these values to fit your need…
25. Sandbox Solution Monitoring
Case Study
• A solution has executed 40 SQL queries (via the SharePoint
OM)
• One point for SQL is 400 queries
• Means for SQL it’s consumed .1 resource points
• So the resource usage is for the day for that solution is .1
resource points + other counters
27. Key Takeaways
•You can build complex forms using InfoPath (Rapid Application
Development)
•Consider Sandbox Solutions first
•Safe
•Monitored
•Allow more manageable hosting scenarios
•Quotas are for all sandbox solutions in the site collection
• Be creative with your solution design (Use Silverlight + WCF)
•InfoPath + Sandboxed Solution Better Together
28.
29. Related Content
Data-Centric Composites and Mashups in SharePoint 2010
09 March 2011 09:00 AM - 10:00 AM - Room: Yellow Theatre 2
SharePoint 2010 Developer Overview
09 March 2011 03:30 PM - 04:30 PM - Room: Green Room 3
Build Compelling Intranets and Extranets with SharePoint 2010
09 March 2011 11:45 AM - 12:45 PM - Room: Green Room 2
SharePoint Sandboxed Solutions and InfoPath
10 March 2011 09:00 AM - 10:00 AM
30. 8 – 10 March 2011 | Dubai, UAE
Complete an
evaluation on
CommZone and enter
to win a HP Laptop!
InfoPath consists of three different components:A Form DesignerA Form Filler And InfoPath Forms Services - InfoPath Forms Services is part of the SharePoint platform and allows our forms to be render in a browserWhat kind of capabilities do our forms have?Obviously we give you control over the visual representation of the actual formWe also make it easy to define form behavior through either declarative rules or writing managed code.And third, we allow you to connect InfoPath forms to a wide range of data sources.
An incoming request comes in for a page with a Web Part from a partial trust assembly. This is delegated to a Web Part proxy. The Web Part proxy then in turn calls the worker process manager, and tells it to execute the Web Part. The worker process manager queries the configuration database to figure out which machine and process it should send the request to. The worker process then sends the request to the user code manager on that machine. The user code manager needs to ensure that the assembly backing the Web Part is locally deployed. To do this, it reaches back into the Web Part solution package, extracts the assembly, and places it into the assembly cache. Now, the SPUserCodeManager (SPUserCodeHostService.exe) delegates the request to execute the code to SPUserCodeWorkerProcess.exe. The full trust Web Part wrapper works with the instantiated process to simulate the Web Part lifecycle. The Web Part itself calls into the SharePoint OM to retrieve some set of data. The resulting HTML and viewstate changes are bubbled back to the hosting process, which has been synchronously waiting for this infrastructure to complete. The resulting page is sent back to the user.Rendered results sent back to the requester.