SharePoint Web Apps versus Site Collections

As a part of my day to day job as a SharePoint Dedicated Support Engineer, I frequently receive questions from customers for which there is not much documentation and guidance and for which there is often not a clear cut answer.  One such question that I recently received is the topic of this blog post.

Customer Question

“As we continue to grow our SharePoint footprint within our organization, we need to expand our standards and patterns in a couple of specific areas.  One thing that we need to be able to document and articulate clearly is when should we consider creating a new web application versus just a new site collection?   And when creating a new Web App, should we use a new App Pool or reuse an existing app pool?”

What is a SharePoint Web Application?

In order to answer this question, we need to take a look at what is a SharePoint Web Application.  MSDN defines a SharePoint Web application as the following (see https://msdn.microsoft.com/en-us/library/office/ee556558(v=office.14).aspx)

Web Application 1.) A container in a configuration database that stores administrative settings and entry-point URLs for site collections. 2.) A software application that uses HTTP as its core communication protocol and delivers information to the user by using Web-based languages such as HTML and XML.

Clearly, in this case, it is definition one that is most relevant in this context.  The SP Object model defines the SPWebApplication class (which is used to programmatically represent a SharePoint Web Application) as the following (see https://msdn.microsoft.com/en-us/library/office/microsoft.sharepoint.administration.spwebapplication(v=office.15).aspx)

SPWebApplication Represents an Internet Information Services (IIS) load-balanced Web application that is installed on a server farm.

The key to really understanding the concept of a  web application comes by looking at the various properties of the SPWebApplication class.  Some of the key properties of this class include:

  • ApplicationPool - represents the application pool used by the web application
  • AlternateURLS - Collection of URLS (AAMs) that are routed to this web application
  • Blocked File Extensions – List of extensions that cannot be uploaded or downloaded from sites within the web application
  • Content Databases - Collection of content database attached to this web application
  • Features - Collection of web-application scoped features activated for this web app
  • IisSettings - Collections of settings for all IIS instances that belong to this web application
  • Job Definitions  - Collection of timer job definitions for this web application
  • MaximumFileSize  - The size in MB of the largest file that can uploaded to site collections within this web application
  • Service Application Proxy Group  - Group of Service applications that are available to this Web Application
  • Throttle Settings - Things like MaxItemsPerThrottledOperation, MaxQueryLookupFields, and other throttling settings
  • Security Policies – Collection of security policies that are defined within this web application
  • Rights/Permissions Set - Rights mask defining what permissions can be assigned within this web application

 

When Should I use a New Web Application?

So, when considering the question of when to use a new Web Application versus a new site collection, you need to consider some of the key settings that are configured at the web application level such a authentication providers, Security policies, blocked file list, maximum file size, service applications consumed, etc. Here are some examples

1.) You have an existing web application that contains collaboration sites for groups within your company.  This web site is configured to use Windows Claims authentication.  However, you have a request for an externally accessible site where users will access the site via forms based authentication

In this situation, you would need to use a new web application, since you need to support a different authentication method.

2.) You have an existing web application that contains your company’s collaboration sites.  The Marketing department wants to add a site that contains materials to be used for mandatory company training.  Some of the files contained within these materials are quite larges (videos, large pdfs and some Virtual hard disks)

In this situation, you would probably want to use a new web application and increase the maxFileUpload size for just this new web application.  Furthermore, using a new web app forces the use of a separate content database to hold these larger files.  This allows for unique backup and maintenance operations if needed.  You could go with using the existing web application and use a separate content database for just this site collection but increasing maxFileUpload for the entire collaboration web application could allow users to upload large documents to the collaboration sites (resulting in bloat) if quotas are not being used.

3.) You have an existing web application that is hosting your company’s collaboration sites.  The HR department wants to create a new site used to track employee reviews.  Due to the highly confidential nature of the data, this site needs to have very specific security policies defined.

In this scenario, a new web application, may be the best way to go because it allows for the creation of very specific security profiles and gives the ability to restrict user permissions that you wouldn’t want to apply to the collaboration sites.  Using a separate web application with it’s own app pool also provides an additional layer of process isolation.

4.) You have an existing web application that is hosting your team site content at https://teams.contoso.net.  A manager from the Operations department wants to create a site create a new site with a specific “vanity” url such as https://operations.contoso.net.

In the scenario it may be that a host-name site collection would be sufficient.  This scenario may not require a new web application

5.) You have an existing web application that is hosting your team site content at https://teams.contoso.net.  A manager from the Operations department wants to create a site create a new site with a specific “vanity” URL but they need it to be SSL (such as https://operations.contoso.net.)

Since the existing site is running http and the user specifically needs SSL, in this scenario you will need to create a new web application.

What About App Pools?

In addition to determining whether a new web app is desired or not, another important consideration is whether a new app pool should be created or if an existing app pool should be reused.  This question is even more subjective than the previous one.  For application pools, there are really 2 primary considerations:  1.) Scale and 2.) Isolation

For each application pool that you create, IIS will create a new worker process (w3wp.exe) to host that application pool.  Each instance of a worker process consumes a lot of memory resources, so more application pools means more memory consumption.  However, more app pool yields greater isolation.  If multiple web applications are sharing a single application pool, all of those web application are running inside the same worker process.  This means that recycling the worker process will affect all of the sites hosted in those web applications.  Furthermore, if one of those sites is running custom code that crashes and or leaks memory, all other web applications using that application pool  will also be affected.

So when should I use a new application pool versus using an existing one?  You would use an new app pool in the following situations:

  • You have adequate available server memory and need to provide isolation from other applications
  • The app pool is running code that is unstable and crashes or has serious memory leaks
  • The app pool is hosting data that is sensitive and requires higher isolation.
  • The application is mission critical and needs to have a different recycle schedule than the others. 

You would use a shared app pool in the following situation:

  • You have limited available server memory
  • You Are using the same “stable” code customizations across many different web applications  (those customization take memory, more efficient if they can be shared). 

SharePoint currently limits  the number of applications pools that a given server can support to 10 (see https://technet.microsoft.com/en-us/library/cc262787(v=office.14).aspx#WebApplication) so that needs to be a part of the consideration as well..

What Do You Think?

Many of the common scenarios are covered in this post but what about you?  What have you seen and what are some of the guidelines and criteria that you consider as you are faced with these types of administrative requests?  Please share you thoughts here for the benefit of all.