SharePoint on Microsoft Azure
Download as PPTX, PDF2 likes2,611 views
This document discusses hosting SharePoint on Azure. It provides an example reference architecture of a hybrid on-premises and Azure environment for a SharePoint farm. It shows the farm designed across multiple cloud services, with web and application servers in one availability set, database servers in another, and Active Directory in a third. It provides sizing and configuration recommendations for roles and virtual machines in each tier.
SharePoint on Microsoft Azure
- 1. SharePoint on Azure K.Mohamed Faizal www.zquad.in / @kmdfaizal [email protected] https://www.facebook.com/kmdfaizal
- 2. K.Mohamed Faizal http://zquad.in #GWAB www.zquad.in / @kmdfaizal [email protected] Use the HASHTAG #GWAB
- 5. SharePoint Cloud Continuum CONTROL COST-EFFICIENCY SharePoint (On-premises) • SharePoint Value Prop: • Full h/w control – size/scale • Roll-your-own HA/DR/scale Value Prop: • 100% of API surface area • Easy migration of existing apps • Roll-your-own HA/DR/scale SharePoint (IaaS) • Hosted SharePoint Value Prop: • Auto HA, Fault-Tolerance • Friction-free scale • Self-provisioning, mgmt. @ scale • SharePoint Service Office 365 (SaaS)
- 6. Internet sites in Azure — Why? Focus on developing a great site Rather than building infrastructure Scale out and in Size your solution for the demand Only pay for resources you need Dynamic machine allocation is not supported (auto scale) Azure AD Take advantage of Azure AD for customer accounts SharePoint functionality not available on Office 365 Add deep reporting an web analytics
- 9. Example — Hybrid on-premises and Azure Reference architecture for a Windows Azure-based disaster recovery environment to support an on-premises SharePoint farm. Virtual Network Windows Azure VPN Gateway Gateway subnet Active VPN Cloud Service Availability Set Active Directory & DNS Cloud Service Cloud Service Active Directory Windows Server 2012 RRAS Availability Set Front End Availability Set Distributed Cache Availability Set Search Front End Availability Set Search Backend Availability Set Backend On-premises environment Availability Set Database B
- 10. Medium Internet Sites farm Example farm: ~85 Page views per second 100 Queries per second Corpus of 3,400,000 items Processes 100-200 documents per second Web Server Host Query processing Managed metadata To scale out: add an additional Web server to allow for an additional 28 page views per second. WebServers Paired hosts for fault tolerance Application Server Host Content processing Crawl To scale out: add 1 Application server with a crawl component and a content processing component to process an additional 40 documents per second. Host D Analytics Content processing Crawl Admin Application Server Host E Content processing Crawl Admin Application Server Host F Content processing Crawl Application Server ApplicationServers Host A Web Server Query processing Managed metadata Web Server Host B Web Server Host C Query processing Managed metadata Query processing Managed metadata DatabaseServers Host H All SharePoint Databases Redundant copies of all databases using SQL clustering, mirroring, or SQL Server 2012 AlwaysOn Host G All SharePoint Databases Crawl DB Analytics DB Search admin DB Link DB All other SharePoint Databases Crawl DB Index Partion 0 ReplicaReplicaReplica Distributed cache Distributed cache Distributed cache Distributed cache Replica User Profile User ProfileUser Profile User Profile Zoom into the model Visio version PDF version
- 11. Medium farm in Azure VPN gateway is optional. Active Directory can stand alone or be configured as hybrid with the VPN connection. Virtual Network Windows Azure VPN Gateway Gateway subnet Active VPN Cloud Service Availability Set Active Directory & DNS Cloud Service Cloud Service Active Directory Windows Server 2012 RRAS Availability Set Front End Availability Set App server On-premises environment Availability Set Database Optional!
- 12. A container where you define the IP address ranges your virtual machines will use. Pls. work with customer and get range of IP address for cloud Virtual network Virtual Network Windows Azure Active Directory Windows Server 2012 RRAS On-premises environment B 1
- 14. WA Gateway On-premises Your datacenter Hardware VPN or Windows RRAS Virtual Network <subnet 1> <subnet 2> <subnet 3> DNS Server Virtual Networks – Site-to-Site
- 15. On-premises Your datacenter Individual computers behind corporate firewall Virtual Networks – Point-to-Site Virtual Network <subnet 1> <subnet 2> <subnet 3> DNS Server Hardware VPN or Windows RRAS WA Gateway
- 16. Virtual Network and ExpressRoute Public internet Public internet Public internet
- 17. When you setup a VPN connection, the VPN service resides in a separate subnet. Windows Azure manages the primary and secondary instances of this service for high availability. You will not see the secondary instance. You do not need to configure high availability for the VPN service. Site-to-Site VPN gateway and subnet Virtual Network Windows Azure VPN Gateway Gateway subnet Active VPN Active Directory Windows Server 2012 RRAS On-premises environment Standby VPN Not visible. Automatically configured and managed by Azure. B 3 http://msdn.microsof t.com/en- us/library/windowsaz ure/jj156075.aspx Personally tested following devices Cisco 1921 ISR router is part of 1900 family its support by Azure Important point to take note of your procurement process, device delivery and Public IP requirements.
- 18. Cloud services are typically used to group VMs by role based on functionality that takes place at the cloud service level Cloud services Virtual Network Windows Azure VPN Gateway Gateway subnet Active VPN Cloud Service Cloud Service Cloud Service Active Directory Windows Server 2012 RRAS On-premises environment Active Directory and DNS SharePoint Server roles Database servers Plan cloud services before creating VMs! B 4
- 19. Cloud services — best practices Keep it simple Start the design with one cloud service Add additional cloud services to the design only if necessary “The client application must reside on a different cloud service than the one that contains your availability group VMs. Windows Azure does not support direct server return with client and server in the same cloud service” http://msdn.microsoft.com/en- us/library/windowsazure/dn376546 .aspx Cloud Service Cloud Service Cloud Service Active Directory and DNS SharePoint Server roles Database servers B
- 20. Cloud services are typically used to group VMs by role based on functionality that takes place at the cloud service level Cloud services B Virtual Network Cloud Service Cloud Service Cloud Service Windows Azure VPN Gateway Gateway subnet Active VPN Active Directory Windows Server 2012 RRAS On-premises environment Optional! Cloud Service AD Servers SharePoint Servers SharePoint Servers Database Servers
- 21. Active Directory for SharePoint solutions The configuration of Active Directory in this example constitutes a hybrid deployment scenario in which Windows Server AD DS is deployed both on-premises and on Windows Azure Virtual Machines. MSDN: Guidelines for Deploying Windows Server Active Directory on Windows Azure Virtual Machines B Virtual Network Cloud Service Cloud Service Cloud Service Windows Azure VPN Gateway Gateway subnet Active VPN Active Directory Windows Server 2012 RRAS On-premises environment Optional! Cloud Service Availability Set Active Directory & DNS 5
- 22. Active Directory hybrid best practices — Reference http://msdn.microsoft.com/en- us/library/windowsazure/jj156090.aspx Virtual Network VPN Gateway Cloud Service Availability Set Active Directory & DNS Active Directory On-premises environment Hybrid on-premises and cloud Example settings for two VMs in Azure configured as domain controllers B Item Setting Size Small Operating system Windows Server 2012 Active Directory role Active Directory Domain Services domain controller designated as a global catalog server. Reduces egress traffic across the VPN connection. In multi-domain environment with high rates of change, configure domain controllers on premises to not sync with the global catalog servers in Windows Azure. Data disks Place the Windows Server AD DS database, logs, and SYSVOL on Windows Azure data disks. Do not place these on the Operating System disk or the Temporary Disks provided by Azure! DNS Install and configure Windows DNS on the domain controllers. IP addresses Use dynamic addresses
- 23. Virtual Network Cloud Service Cloud Service Cloud Service Windows Azure VPN Gateway Gateway subnet Active VPN Active Directory Windows Server 2012 RRAS On-premises environment Optional! Cloud Service Availability Set Active Directory & DNS Availability Set Front End Web Front End Tier Availability Set #1 Front End ServicesDistibuted Cache Workflow Manager Query Processing Front End ServicesDistibuted Cache Workflow Manager Query Processing Index Partion #0 Index Partion #0Replica Front End ServicesDistibuted Cache Workflow Manager Query Processing ReplicaReplica XL - 8 cores / 14GB C: (System) 127GB D: (Page File, Blob Cache) 604GB E: (Log) 40GB F: (Index) 500GB C: (System) 127GB D: (Page File, Blob Cache) 604GB E: (Log) 40GB F: (Index) 500GB C: (System) 127GB D: (Page File, Blob Cache) 604GB E: (Log) 40GB F: (Index) 500GB XL - 8 cores / 14GB XL - 8 cores / 14GB K 6
- 24. App Server Tier Availability Set #2 Content Processing Admin Crawl Analytics Back End Services Content Processing Admin Crawl Analytics Back End Services C: (System) 127GB D: (Page File) 604GB E: (Log) 40GB F: (Analytics) 300GB C: (System) 127GB D: (Page File) 604GB E: (Log) 40GB F: (Analytics) 300GB XL - 8 cores / 14GB XL - 8 cores / 14GB K Virtual Network Cloud Service Cloud Service Cloud Service Windows Azure VPN Gateway Gateway subnet Active VPN Active Directory Windows Server 2012 RRAS On-premises environment Optional! Cloud Service Availability Set Active Directory & DNS Availability Set Front End Availability Set App server 7
- 25. Data Server Tier Availability Set #3 Availability Group #1 Availability Group #2 Availability Group #3 Search Content Content Configuration Service Applications C: (System) 127GB D: (Page File) 604GB E:, F:, G:, H: (TempDB Files) 500GB I: (TempDB Logs) 500GB L: (Transaction Logs) 500GB J:, K:, M:, N: (Content Data) 1024GB O: (Search Databases) 1024GB XL - 8 cores / 14GB XL - 8 cores / 14GB C: (System) 127GB D: (Page File) 604GB E:, F:, G:, H: (TempDB Files) 500GB I: (TempDB Logs) 500GB L: (Transaction Logs) 500GB J:, K:, M:, N: (Content Data) 1024GB O: (Search Databases) 1024GB K Virtual Network Cloud Service Cloud Service Cloud Service Windows Azure VPN Gateway Gateway subnet Active VPN Active Directory Windows Server 2012 RRAS On-premises environment Optional! Cloud Service Availability Set Active Directory & DNS Availability Set Front End Availability Set App server Availability Set Database 8
- 26. Design app servers for availability sets 2 out of 3 VMs in an availability set can be on the same rack. Add additional instances of components to ensure availability. Design topologies first for scale, then fine tune server roles for availability sets. Host D Analytics Content processing Crawl Admin Application Server Host E Content processing Crawl Admin Application Server Host F Content processing Crawl Application ServerBefore After Host D Analytics Content processing Crawl Admin Application Server Host E Application Server Host F Application Server Analytics Content processing Crawl Admin Analytics Content processing Crawl Admin
- 28. Extranet and Public-Facing Internet Cloud Service Virtual Network Windows Azure On Premises Active Directory Site developers and authors VPN Tunnel Internet Zone Anonymous Extranet Zone Default Zone WindowsWindows SAML FBA Partners and Customers Visitors
- 29. • Dedicated Active Directory domain in Windows Azure? • OR, hybrid with an on-premises AD? • Add accounts to the domain in Windows Azure • Use ADFS on premises to federate the internal accounts to a separate Active Directory environment in Windows Azure. • Or, use the hybrid design. • Windows Azure Active Directory is a good choice • Or, any SAML-based provider Managing identity for Internet sites
- 30. Internet sites—using Azure AD for customer accounts Separate User Accounts from Active Directory Does not replace need for local Active Directory for SharePoint Sync with on-premises for SSO DirSync with on-premises Active Directory K SAML 1.1, WS-Fed Azure Active Directory Tenant SAML 2.0, WS-Fed ACS Tenant
- 32. Cloud Service Endpoint Configuration K Availability Set Front End Visitors and customers
- 35. IaaS and Disaster Recovery Cloud Service Virtual Network Windows Azure SQL DR1 (A6) SP DR1 (Large) AD1 (X-Small) On Premises SQL DR2 (A6) SP DR2 (Large) SP DR4 (Large) SP DR5 (Large) SP DR3 (Large) VPN Tunel SQL Server Log Shipping
- 36. • • • • • Sends alerts when TM fails over to secondary service • Can take appropriate actions for based on type of ‘failover’ Enabling Auto-Failover – Azure Traffic Manager
- 37. BLOB Storage 1. 2. 1. No change in URLs 3. 4. 1. Detects TM has switched the traffic 2. Pauses the restore log to avoid user disconnection Temporary Failover Subnet 1 Subnet 4 Availability Set 1 Availability Set 4 Cloud Service Subnet 2 Availability Set 2 Cloud Service Subnet 3 Availability Set 3 Cloud Service Subnet 1 Subnet 4 Availability Set 1 Availability Set 4 ... SQL Server AlwaysON Availability Group Cloud Service Subnet 2 Availability Set 2 Cloud Service Subnet 3 Availability Set 3 Cloud Service Read Only Primary DR A
- 38. 1. 1. Permanent Failover is decided (e.g. based on time window) 2. Service Disruption expected (for some time) 2. 1. Tail log backups are taken from Primary farm (if possible) 2. All pending logs are applied (both instances) 3. DBs are brought to RECOVERY (both instances) 4. DBs are added to AlwaysOn Availability Group 3. 1. SQL Aliases are configured to point to AG Listener 2. Site becomes Read Write 3. Search Decision – Backup/Restore or Continue as is 4. Permanent Failover BLOB Storage Subnet 1 Subnet 4 Availability Set 1 Availability Set 4 Cloud Service Subnet 2 Availability Set 2 Cloud Service Subnet 3 Availability Set 3 Cloud Service Subnet 1 Subnet 4 Availability Set 1 Availability Set 4 ... SQL Server AlwaysON Availability Group Cloud Service Subnet 2 Availability Set 2 Cloud Service Subnet 3 Availability Set 3 Cloud Service Read Only Primary DR A …
- 39. Highly Available Template AD/DC/DNSLB WEB SQLAPP 80 20000 Cloud Service Virtual Network Windows Azure AVSET SPWEB AVSET SPAPP AVSET SQLHA AVSET DCSET Web Tier 2 x Large (4 Cores & 7 GB) App Tier 2 x Large (4 Cores & 7 GB) Data Tier 2 x A6 (4 Cores & 28 GB) 1 x Small (Quorum) (1 Core & 1.75 GB) Identity Tier 2 Small (1 Core & 1.75 GB) K
- 40. SharePoint 2013 Automation Scripts • PowerShell Scripts that use Remote PowerShell for automated deployment of Active Directory, SQL Server and SharePoint 2013. •Two Sample Configurations Available • HighlyAvailable and SingleVMs • Download from GitHub • https://github.com/windowsazure/azure-sdk-tools-samples K
- 41. Internet sites — lessons learned
- 42. Internet Sites — Content Solution model copy and modify architecture diagrams for your solutions http://technet.microsoft.com/en-us/library/dn635307(v=office.15).aspx http://technet.microsoft.com/en-us/library/dn635309(v=office.15).aspx http://technet.microsoft.com/en-us/library/dn635311(v=office.15).aspx Visio version PDF version Visio version PDF version
- 44. We are here to help. Thank you, By Mohamed Faizal Questions?