What is deployment?
Deployment refers to the distribution of an application among various end-users. It is a process that makes software available for use by just installing it on the client computer.
2. List different ways of deployment that are supported by .NET Framework 4.0.
- Windows Installer
- ClickOnce
- XCOPY
- Copy Web Site
- Publish Web Site tool
3. What is XCOPY?
XCOPY enables you to deploy an application by copying the application directory and all subdirectories to the target computer and then executing the application on the client. The application starts executing on the target computer by using its assembly file, which is a self-description file that contains all the information about the application. The XCOPY deployment does not make any impact on the target system while configuring the components and registering entries, and is therefore known as zero-impact installation.
4. Does XCOPY copy the hidden and system files?
No. By default, XCOPY excludes the hidden and system files. However, you can include the hidden and system files using the /h switch.
5. Why do you use Windows Installer?
The Windows Installer deployment technique allows you to deploy Windows-based and Web applications by creating a Windows Installer Package. The installer package has an extension of .msi and it contains the application, any dependent files, registry entries, and the rest. The installer package can then be distributed to various end-users by simply copying it on the target computers.
The end-users can then run the installer package to install the application anywhere in their computers. The installation takes place using the installation wizard; therefore, the users can easily install the application on their system. Once your application is installed on the target computer, end-users can open the application from the installed location.
6. Can you deploy an ASP.NET Web application project using the Copy Web Site option?
No. The Copy Web Site option can only be used to deploy the Web sites.
7. How can you determine whether you should deploy the application or publish the application?
If you want to host the application on a shared hosting environment, you should use publishing; whereas, if you want to create a Web application that is downloaded from a Web site, you should deploy the application to create a setup.exe file.
8. How can you deploy an ASP.NET Web application?
You can deploy an ASP.NET Web application using either the Windows Installer deployment or ClickOnce deployment technique.
9. What is ClickOnce deployment?
With ClickOnce deployment, you publish the application to a centralized location and the user installs or runs the application from that location
ClickOnce deployment simplifies the process of installing and updating an application.
10. What is Application Cache?
When a ClickOnce application is installed locally or hosted online, it is stored in the ClickOnce application cache of the client computer. The ClickOnce application cache is a set of hidden directories placed under the Local Settings directory of the current user's Documents and Settings folder. The application cache contains all the application files, assemblies, configuration files, application and user settings, and data directory. In case the ClickOnce applications are hosted online, the size of the ClickOnce application cache gets limited to a specified amount; whereas, the installed applications do not restrict to the cache size limitation. The cache storage quota is responsible to determine the size of the application cache.
11. What are the enhancements in ClickOnce deployment in .NET 4.0?
In .NET 4.0, the ClickOnce deployment technology is enhanced with the following features:
- Support for .NET Framework 4.0 version - Creates applications by using Visual Studio 2010 that can target .NET Framework 4.0 and its new features.
- Support for multiple versions of the .NET Framework - Creates applications that are compatible with multiple versions of the .NET Framework. You can specify the target framework for an application as .NET Framework 3.5 or .NET Framework 4 while creating the application.
- Enhanced logging feature - Stores logging information that includes various parameters passed to the ClickOnce runtime, the browser settings, and ClickOnce security options.
- Custom Installer and User Interface - Allows you to create a custom graphical user interface for installing and updating the .exe applications. In addition, the custom installer can have custom dialog boxes for security and maintenance operations.
12. What is the difference between deploying and publishing an application?
In deployment, you can create a new setup and deployment project. In this project, you can add the project output and create a setup.exe file. After creating an executable file, you need to login into the server and execute the setup.exe file to install the application. On the other hand, in publishing, you need to right-click the application in the Solution Explorer and select Publish to publish the application. Then, you specify a location where the application is to be published. The users can then install the application from the location where you have published it and run locally even when the computer is offline.
13. What is the need of Copy Web Site?
Copy Web Site is a tool used to deploy the Web site by copying its content files. The Copy Web Site tool also checks whether or not the latest version of a file is present at the destination. If files of the most recent version are found at the destination, then the Copy Web Site tool does not superimpose the older version of files. The Copy Web Site deployment tool consists of the following main entities:
- Project source - Specifies the source directory, which contains the contents and references of a Web site at development time. In simple words, you can say that the project source specifies the site that you currently have opened in Visual Studio 2010. The Copy Web Site tool picks all the files for deployment from this location.
- Project destination - Specifies the destination folder where you have to deploy the application. This destination directory can be placed on remote computers or servers, which allow you to copy the Web site contents using the Front Page Server Extensions, FTP, or HTTP protocol implementations for content transfer.
- Synchronizing two Web sites - Synchronizes two Web sites by copying each other's files. Synchronization checks the files on the local and remote sites and ensures that all files on both sites are up to date.
14. What is the use of the Copy Project command?
The Copy Project command copies only the files required to run the project and pastes it on the target server. It does not deploy the complete project; therefore, IIS directory settings are not automatically configured.
15. Can Windows applications and the Web applications be deployed using the same template of Setup and Deployment project?
No. the Windows applications use the Setup Project template; whereas, the Web applications use the Web Setup Project template. After the deployment, their installation takes place in the similar way.
16. Explain the .NET Framework deployment features.
In a general context, .NET Framework includes the following deployment features:
- No-impact applications - Provides application isolation and removes DLL conflicts.
- Private components by default - Enables the components to deploy to the application directory and to be visible only to the containing application.
- Side-by-side versioning - Enables you to select one of the multiple versions.
- XCOPY deployment and replication - Refers to the self-descriptive application that is deployed without the need to store registry entries.
- On-the-fly updates - Allows for the updating of the DLLs of the remote computers.
- Integration with the Microsoft Windows Installer - Makes the features, such as advertising, publishing, repairing, and install-on-demand available during deployment of an application.
- Enterprise deployment - Eases the task of software distribution.
- Downloading and caching - Specifies that the downloads are kept smaller and the components are isolated for application use.
- Partially trusted code - Enables code-based identification.
17. What are the various setup projects available in Visual Studio Installer?
- Setup Project
- Web Setup Project
- Merge Module Project
- Setup Wizard
- CAB project
18. Can I add prerequisites in my ClickOnce deployment?
Yes, you can add prerequisites to ClickOnce deployment, However we can only add those prerequisite through “ClickOnce” which are by default in prerequisite list while publishing.
Toadd our own prerequisite you need to have boot strapper package. Once created boot strapper package then it will automatically include into prerequisite list. To generate boot strapper can use “Bootstrapper Manifest Generator” tool.
This was available as a separate tool till Visual Studio 2008. From Visual Studio 2010, you create a bootsstrapper package and redistribute it in the installer package.
19. What are the various ways by which you can do a ClickOnce deployment?
You can publish the ClickOnce deployment in:
a. Web
b. File Server
c. Through CD-ROM
20. Will files in ClickOnce deployment get deployed, every time you install?
Files deployed with ClickOnce only get downloaded once. They will not be downloaded again unless they are updated. The common point of confusion, however, is that the ClickOnce progress dialog always displays the entire size of the application even if it's only downloading a single file. If you want to know exactly what is being downloaded, use Fiddler. I'm serious, use Fiddler, it's awesome.
By default, all of the assemblies included in a ClickOnce application are downloaded when the application is first run. You might, however, have parts of your application that are used by a small set of your users. In this case, you want to download an assembly only when you create one of its types.
21. What happens when a new version of software is available in ClickOnce?
When you install more than one version of an application by using ClickOnce, the installation moves earlier versions of the application into a folder named Archive, in the publish location that you specify. Archiving earlier versions in this manner keeps the installation directory clear of folders from the earlier version.
22. How is security ensured in a ClickOnce deployment?
ClickOnce security relies on Authenticode certificates to determine whether an application should be installed, a step known as a trust decision. Application and deployment manifests that describe an application can be signed with a certificate to prevent tampering.
Domain administrators can configure certificates to be trusted at the enterprise or machine level. If certificates are not trusted at the time of installation, ClickOnce deployment can be configured to ask users to make trust decisions.
Once an application is installed, ClickOnce restricts the application permissions and actions as defined by the Internet, Local Intranet, or custom zones.
Deployment Location
|
Security Zone
|
Run from Web
|
Internet Zone
|
Install from Web
|
Internet Zone
|
Install from network file share
|
Local Intranet Zone
|
Install from CD-ROM
|
Full Trust
|
23. Is ASP.Net Form based authentication supported in ClickOnce deployment?
No. If you want to control which deployments each user can access, you should not enable anonymous access to ClickOnce applications deployed on a Web server. Rather, you would enable users access to the deployments you have installed based on a user's identity using Windows authentication.
ClickOnce does not support ASP.NET forms-based authentication because it uses persistent cookies; these present a security risk because they reside in the Internet Explorer cache and can be hacked. Therefore, if you are deploying ClickOnce applications, any authentication scenario besides Windows authentication is unsupported
23. Why is ClickOnce deployment taken as the best deployment type for Updates?
ClickOnce can provide automatic application updates. A ClickOnce application periodically reads its deployment manifest file to see whether updates to the application are available. If available, the new version of the application is downloaded and run. For efficiency, only those files that have changed are downloaded.
When designing a ClickOnce application, you have to determine which strategy the application will use to check for available updates. There are three basic strategies that you can use: checking for updates on application startup, checking for updates after application startup (running in a background thread), or providing a user interface for updates.
You can also make the updates required, specify update intervals, elevate permission levels for updates.
24. What is the namespace for writing custom installers?
System.Deployment.Application
25. What are Merge Module projects?
Merge Module projects enable creation and deployment of code that can be shared by multiple applications. This may include Dll’s, resource files, registry based entries etc. The Windows database also keeps track of a reference count for those projects.
26. Explain the format of the assembly version stored in the Assembly Info file.
Format: [Major Version].[Minor Version].[Build Version].[Revision Version]
If the assembly is changes such that it’s incompatible with previous versions then Major Version or Minor Version must be changed. If the assembly is still compatible with previous version then Build Version or Revision Number must be changed.
27. What are the various changes in the web. Config file that you do while deploying a web application?
- Change database connection: Ideally what I do is keep IPs for development , test , staging and production in 4 different keys and based on the IP read the database connection string.In this case no need to change database connections while deployment. Else you need to keep different web config files. Now in the web.config transformation in VS2010 onwards , this is added automatically.
- Disable debugging in the production environment.
- Remove sensitive information such as connection strings, such as if you provide a package to a community site.: Connection strings are usually provided in an encrypted format.
28. What is web.Config transformation Model?
All the properties in that tab can be saved in the project file and will be saved per configuration. This would mean that when your active configuration is "Debug" then all the "Debug" settings will be used.
Debug and Release configurations are available by default inVisual Studio but if you would like to add more build configurations (for various server environments like “Dev”, “QA”, “Staging”, “Production” etc then you can do so by going to the Build --> Configuration Manager.
Note: Deleting a configuration for the solution does not delete it for every project within the solution and visa versa, so when using Configuration Manager make sure that you remove the configurations from the correct locations
Any new Web Application Project (WAP) created in VS10 will by default have Web.Debug.Config and Web.Release.config files added to the project. If you add new configurations (e.g. “Staging”) or if you upgrade pre-VS10 projects to VS10 then you will have to issue a command to VS to generate the Configuration specific Transform files as needed.
To add configuration specific transform file (e.g. Web.Staging.Config) you can right click the original web.config file and click the context menu command “Add Config Transforms” .
The transform files are design time files only and will not be deployed or packaged by VS10. If you are going to xCopy deploy your web application it is advised that you should explicitly leave out these files from deployment just like you do with project (.csproj/.vbproj) or user (.user) files…
Note: These transform files should not be harmful even if deployed as runtime does not use them in any fashion and additionally ASP.NET makes sure that .config files are not browsable in any way
29. Can a solution/project have more than one config file?
The root of the ASP.NET configuration hierarchy is the systemroot\Microsoft.NET\Framework\versionNumber\CONFIG\Web.config file, which includes settings that apply to all ASP.NET applications that run a specific version of the .NET Framework. Because each ASP.NET application inherits default configuration settings from the root Web.config file, you need to create Web.config files only for settings that override the default settings.
An example is the Web.config file in an ASP.NET MVC application's View folder which does things like preventing directly viewing the View templates.
29. Why do we need web.Config at sub folder level?
This allows for setting general settings at the site level and overriding them when necessary. Any settings in the base Web.config that aren't overridden in the subfolder stay in effect, so the "child" Web.config can be pretty small. You can continue to nest them, so sub-sub-subfolders can get their own Web.config if needed. Some of the most common uses of subfolders are to restrict permission (e.g. requiring authentication or restricting access to resources), but you can also use them to do things like include default namespaces in Views, toggle handlers, etc.
Configuration level
|
File name
|
File description
|
Server
|
Machine.config
|
The Machine.config file contains the ASP.NET schema for all of the Web applications on the server. This file is at the top of the configuration merge hierarchy.
|
IIS
|
ApplicationHost.config
|
ApplicationHost.config is the root file of the IIS 7.0 configuration system. It includes definitions of all sites, applications, virtual directories, and application pools, as well as global defaults for the Web server settings. It is in the following location:
%windir%\system32\inetsrv\config
|
Root Web
|
Web.config
|
The Web.config file for the server is stored in the same directory as the Machine.config file and contains default values for most of the system.web configuration sections. At run time, this file is merged second from the top in the configuration hierarchy.
|
Web site
|
Web.config
|
The Web.config file for a specific Web site contains settings that apply to the Web site and inherit downward through all of the ASP.NET applications and subdirectories of the site.
|
ASP.NET application root directory
|
Web.config
|
The Web.config file for a specific ASP.NET application is located in the root directory of the application and contains settings that apply to the Web application and inherit downward through all of the subdirectories in its branch.
|
ASP.NET application subdirectory
|
Web.config
|
The Web.config file for an application subdirectory contains settings that apply to this subdirectory and inherit downward through all of the subdirectories in its branch.
|
30. If you've got settings that should only apply to the parent application and shouldn't be inherited what should be done?
Disinheriting your child applications with inheritInChildApplications="false". Example Mobile Stimulation application site.
31. What is the other information that should be packaged with the web application binary?
In addition to the application's source files and binary files, a deployment package typically includes files that contain the following kinds of information:
IIS settings, such as the application pool, the authentication method, whether directory browsing is allowed, and error handling.
Database scripts that are used to propagate changes to database data or to database structures.
Parameters that contain values that might need to be changed when the package is installed, such as settings for debugging, or connection strings.
32. Can you explain the various scenarios where you have deployed your application?
32. How do you deploy a SQL Server Database?
When you deploy a Web application that uses a SQL Server database, you might also have to propagate data structures, data, or both. Visual Studio can automatically create scripts (.sql files) to do this in the destination database, and these scripts can be included in the Web package. You can also include custom SQL Server scripts and specify the order in which the scripts should run. Web Deploy runs the scripts on the destination server when the package is installed.
You specify SQL Server deployment options on the Package/Publish SQL tab of the project Properties page. The following illustration shows the Package/Publish SQL tab.
33. How do you go about maintaining web.Config files over time if say a database connection string or an app settings key needs changing?
Use web config transformations and do not change every time you release.
34. Do you utilize web.config transforms; make your changes in VS re-publish the application, then copy the entire app or maybe just the new web.config to the server?
You can specify one primary web.config file and use transforms to manipulate it for different environments (i.e. changing database connection strings). These transforms are automatically rendered when you deploy/publish your project(s).
It also depends on what type of change needs to be deployed. Although typically, our deployment setting is to only replace files that have been updated. So if all we changed was the web.config.production transformation, then that's all that's deployed.
35. Do you version control the web.config changes in source control if things like connection strings, app keys etc (not structure) change?
Source control for is the master store. Anything that needs to be changed HAS to go into it. Developers that try to by-pass this by modifying config settings on PROD or STAGE sites get busted. If something goes wrong, they are responsible for fixing any issues. The source control configuration files are then built into web.config and settings.config files using xml/xslt.
36. What do you know about .NET assemblies?
Assemblies are the smallest units of versioning and deployment in the .NET application. Assemblies are also the building blocks for programs such as Web services, Windows services, serviced components, and .NET remoting applications.
37. What’s the difference between private and shared assembly?
Private assembly is used inside an application only and does not have to be identified by a strong name. Shared assembly can be used by multiple applications and has to have a strong name.
37.What’s a strong name?
A strong name includes the name of the assembly, version number, culture identity, and a public key token.
38.How can you tell the application to look for assemblies at the locations other than its own install?
Use the directive in the XML .config file for a given application.
<probing privatePath=”c:\mylibs; bin\debug” />
should do the trick. Or you can add additional search paths in the Properties box of the deployed application.
39.How can you debug failed assembly binds?
Use the Assembly Binding Log Viewer (fuslogvw.exe) to find out the paths searched.
40.Where are shared assemblies stored?
Global assembly cache.
41.How can you create a strong name for a .NET assembly?
Using Strong name key. SnKey.exe
42.Where’s global assembly cache located on the system?
Usually C:\winnt\assembly or C:\windows\assembly.
43.Can you have two files with the same file name in GAC?
Yes, remember that GAC is a very special folder, and while normally you would not be able to place two files with the same name into a Windows folder, GAC differentiates by version number as well, so it’s possible for MyApp.dll and MyApp.dll to co-exist in GAC if the first one is version 1.0.0.0 and the second one is 1.1.0.0.
44.So let’s say I have an application that uses MyApp.dll assembly, version 1.0.0.0. There is a security bug in that assembly, and I publish the patch, issuing it under name MyApp.dll 1.1.0.0. How do I tell the client applications that are already installed to start using this new MyApp.dll?
Use publisher policy. To configure a publisher policy, use the publisher policy configuration file, which uses a format similar app .config file. But unlike the app .config file, a publisher policy file needs to be compiled into an assembly and placed in the GAC.
45.What is delay signing?
Delay Signing allows you to place a shared assembly in the GAC by signing the assembly with just the public key. This allows the assembly to be signed with a private key at a later stage, when the development process is complete and the component or assembly is ready to be deployed. This process enables developers to work with shared assemblies as if they were strongly named, and it secures the private key of the signature from being accessed at different stages of development.
46.When to Delay Sign Assemblies
In a workplace where many developers are working on a project, there is every possibility of private key of assembly being mishandled. Hence in a development environment, it becomes mandatory to maintain the integrity of the system during tests and build. This is where delay signing proves significant.
Delay signing the assemblies is a easy and secure way of protecting the assemblies in the development environment. However please note that with delayed signing on, during testing environment none of the strong name signatures are verified. So there is a trade-off. But I have a solution to this as well, the term is Test key signing
