Should I use Windows Management Service or Remote Agent Service to publish to a remote server?
I have a remote web server that I have full administrator access over, and I want to deploy a website.
When I use Visual Studio's Publish tool, among other things which seem a bit less convenient (FTP etc), I have the option of using either Windows Management Service or Remote Agent Service. All the documentation says is this:
To publish remotely through Remote Agent Service, use http://RemoteComputerName. This option is typically used to deploy a Web application inside a network (in an intranet scenario). You must have appropriate permissions to perform the deployment on the destination server.
To publish to a hosting site using Windows Management Service, use the value that is specified by the hosting provider. You can typically use just a server name (HostedRemoteServer) or a complete URL that includes a server name, a port number, and the Web Deploy handler name (https://HostedRemoteServer:8172/MsDeploy.axd). The hosting provider can tell you the name of the server and the port number, if applicable.
This isn't enough information for me to decide, though. Yeah, I'm not publishing over a network, but I do have full access over the machine I'm deploying to. At the same time, MsDeploy is the big fancy thing that Scott Hanse开发者_如何学编程lman describes in his talk and that I've been convinced as being the awesome way to deploy.
So which should I do? Are there any obscure security considerations or anything?
I recommend going the Management Service route. In addition to the msdeploy features, the Management Service feature gives you the ability to remotely administer IIS 7/7.5 from your machine. With all of your IIS servers in one console, you can easily export an application on one machine and import it onto another.
It seems like the most sophisticated msdeploy implementation from a security provisioning perspective and from a configuration perspective. The IIS manager allows you to easily configure details around the endpoint (SSL certificate, port, etc.). Well.. this is true on IIS 7/7.5 on Windows 2008 and R2, but not on Windows Vista or 7. For some strange reason, there is no UI for the Web Management settings on non-server SKU's.
The agent is basically a self contained web server without any of the user-level permissions capabilities. This is why it requires that the person doing the remote deployment has admin privileges on the target machine. It's feels like a simpler, bare metal implementation. Since you've already got IIS serving up HTTP/HTTPS and since IIS' HTTP implementation has kernel-level optimizations, you're not really gaining anything by going the agent route.
If you want to remotely administer Windows 2008 or R2 from Windows Vista/7, install this on your workstation: http://www.microsoft.com/downloads/en/details.aspx?FamilyID=32c54c37-7530-4fc0-bd20-177a3e5330b7 ... this was the icing on the cake for me.
精彩评论