Windows Sever 8 beta was released yesterday and I am excited to write about some of the key features for web hosters and service providers.
Many of the key features evolve around scalability and manageability. We heard from customers and IIS needed to be better in scaling up as well as scaling out, especially in a multi-tenanted, shared hosting environments. As you can imagine, the scale challenges are quite different in such environments when you consider the fact that there may be thousands of sites on single instance of IIS. At the same time, customers have also told us that as we scale up and out, the manageability should remain simple and the cost of managing the sites should not increase.
We heard you!
This behavior leads to two problems: 1) Excessive memory consumption by the IIS configuration system and 2) Performance, as measure by the time it takes to generate and update thousands of isolated configuration files. IIS 8.0 improves on both of these challenges. For one, we have optimized our data structure in IIS configuration system so it takes less memory to store the configuration. But more fundamentally, we changed how IIS configuration generates the isolated configuration files. The end result is that 1) it takes less memory (We used to have to make multiple copies of the IIS configuration to handle concurrent requests on WS08 RTM and WS08 R2.) and 2) it is much faster in generating the isolated configuration files. The latter change had another positive impact in that the "first user experience" takes less time with IIS 8.0 because it takes less time to generate the isolated configuration file.
IIS 8.0 support (SNI), which has extended TLS to include the virtual domain name to be passed from the client at the time of "SSL Hello". This effectively allows IIS 8.0 to enable "hostname binding" for SSL sites, which eliminates the need for having a dedicated IPv4 address per SSL site. In addition, IIS 8.0 has improved how it stores SSL certificates in two ways. 1) It has a new "Web Hosting" certificate store which is designed from the ground-up to be highly scalable. 2) You can now store . And because managing files are simpler than managing configuration binding that involves mapping a network end-point to a certificate hash, you can now "import" a SSL certificate simply by copying the SSL certificate. While making these changes, we have also made it scale up much better on IIS 8.0 and you will see a dramatic difference in secure site density between the previous versions of IIS and IIS 8.0.