• Share
  • Email
  • Embed
  • Like
  • Save
  • Private Content
SPT15 To the Cloud! Utilizing AWS and Azure as Cloud Hosting Providers for SharePoint
 

SPT15 To the Cloud! Utilizing AWS and Azure as Cloud Hosting Providers for SharePoint

on

  • 1,535 views

To the cloud! This phrase seems to come up more and more often for organizations looking to reduce their SharePoint footprint in their data center. In this session Dan and Scott will give a brief ...

To the cloud! This phrase seems to come up more and more often for organizations looking to reduce their SharePoint footprint in their data center. In this session Dan and Scott will give a brief overview of a few of the premier Infrastructure as a Service hosting providers for SharePoint, how SharePoint in the cloud stacks up against Office 365, and how to script an install on the Azure platform for development purposes.

You will learn:
•The core cloud concepts of IaaS, SaaS and PaaS
•How Azure and AWS EC2 differ and are similar in their product offerings as well as interfaces to the providers
•How to setup a SharePoint environment through script and web interfaces

Statistics

Views

Total Views
1,535
Views on SlideShare
821
Embed Views
714

Actions

Likes
0
Downloads
0
Comments
0

6 Embeds 714

http://psconfig.com 707
http://assets.txmblr.com 2
http://psconfig3.rssing.com 2
http://cloud.feedly.com 1
http://webcache.googleusercontent.com 1
http://translate.googleusercontent.com 1

Accessibility

Categories

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment
  • Hoag
  • ForVMWare - Windows Server 2012 isn’t yet supported by one of the VM providers, but Server 2008 R2 is.
  • Oh but they’re still only development, staging and testing - not yet a General Availability - not appropriate for dedicated.SharePoint 2013 - Apps Model - host workloads in a separate VM or in the Azure Service
  • Slide Objective:Show currently supported VPN devicesList above is just what we go to preview with. List will grow with time. Partners tested device against our solution.Any industry standard VPN will work.
  • Slide Objective:Compare and contrast existing VM Role vs. new persistent virtual machines
  • Slide Objective:When there are multiple VMs in the same cloud service they can communicate directly as they are on the same network.
  • Slide Objective:When there are multiple VMs in the same cloud service they can communicate directly as they are on the same network.
  • Slide Objective:Explain workflow for provisioning VMs in the cloud Notes:Cloud First Provisioning means exactly what is says. Building a VM in the cloud first. You have three methods of starting this process: Build a VM from the portal, from the command line OR programmatically calling the REST API. Once your choice of provisioning is made you will need to select the image and instance size to start from. The newly created disk will be stored in blob storage and your machine will boot.
  • Slide Objective:UDP is now a supported protocol in WA (previously wasn’t). Discuss that by default with virtual machines there is an internal endpoint defined with protcol=“all” so essentially all traffic is open between virtual machines. Windows Server firewall and Linux firewall will still need to be configured to allow traffic.Health probes allow the load balancer to check a custom HTTP path that tells the LB whether the server is healthy or not. For TCP endpoints no http path is required just the port to connect to.
  • Slide Objective:This slide talks about connectivity options supported in SDK1.6. This slide does not include any of the new features. Notes:Cloud Service gets a VIP assigned for a deployment slotNo ports opened up by defaultNeed to define endpoints to open up portsInput endpoint is a portIt is loadbalancedMapped across all role instancesPort maping is supportedInternal endpoint enables inter-role-instance communicationPorts for inter-vm communication are closed by defaultNeed to define an internal endpoint for communicationInternal endpoints can be port rangesDNS resolution is onlyOnly service-level name resolution is supportedNeed to use runtime APIs for instance name resolution.
  • Data Synchronization - Azure SQL Data SyncApplication-Layer Connectivity & Messaging - Azure Service BusSecure Machine-to-Machine Network Connectivity - Azure Windows Azure ConnectSecure Site-to-Site Network Connectivity - Azure Windows Azure Virtual NetworkAmazon - Virtual Private Connection back into your network - similar to how Azure has connectivity through specific VPN endpoints to accomplish these needsSlide Objective:Microsoft stack to provide connectivity between on-premise and cloud.Notes:Servicebusvs connect – SB requires app code change, Connect/Virtual Networks do not. Virtual Networks are the net new here. They provide site to site connectivity where Connect provided server to server connectivity.Virtual Networks are the more flexible and powerful option.
  • Slide Objective:VNET Feature OverviewNotes:BYO IPv4 space. Only proviteIps in a VNetCarve out IP subnets with a vnetNo overlapping subnetsIP address stays with the VM for it’s lifetimeWe manage SW gateway. Run in active / passive mode for high availability.DNS + IP address persistence is key to enable many new scenarios (AD, DNs, …)
  • Slide Objective:Show how SharePoint could be deployed in a hybrid approach
  • http://msdn.microsoft.com/en-us/library/windowsazure/dn197896.aspx
  • Slide Objective:Show currently supported VPN devicesList above is just what we go to preview with. List will grow with time. Partners tested device against our solution.Any industry standard VPN will work.
  • Hoag/UsherPlease fill out your evals!

SPT15 To the Cloud! Utilizing AWS and Azure as Cloud Hosting Providers for SharePoint SPT15 To the Cloud! Utilizing AWS and Azure as Cloud Hosting Providers for SharePoint Presentation Transcript

  • SPT15 To the Cloud! Utilizing AWS and Azure as Cloud Hosting Providers for SharePoint Scott Hoag Infrastructure Consultant Dan Usher Lead Associate
  • Agenda
  • Who are we? Scott Hoag @ciphertxt Applied Information Sciences Infrastructure Consultant scott.hoag@appliedis.co m Dan Usher @binarybrewery Booz Allen Hamilton Incorporated Lead Associate usher_daniel@bah.com
  • Housekeeping Ask questions Phones silenced, phasers set to stun Ask questions
  • Why Cloud™? IT Agility The ability to instantly provision new hardware for new opportunities or respond quickly to business demand can be a competitive advantage. Focus Focusing less on infrastructure leaves more time for improving the success of the business through better IT. More on Innovation and less on Infrastructure. Economics Cloud Computing lowers the cost of delivering IT and increases the utilization and efficiency of your data
  • cloud types moving out from corporate IT data center and private clouds hosting, building, consuming flexibility in scale
  • environments to consider production staging user acceptance test development
  • security and compliance Azure Public Community Cloud FedRAMP JAB P-ATO http://www.microsoft.com/en-us/news/press/2013/sep13/0930fedramppr.aspx AWS GovCloud - FedRAMP 3PAO ATO http://aws.amazon.com/govcloud-us/
  • services we wish we could utilize AWS RDS SQL instance http://aws.amazon.com/rds/sqlserver/#details Azure SQL Database http://www.windowsazure.com/en-us/services/data-management/ Spoiler Alert… Neither support FILESTREAM Neither can be domain joined http://blogs.msdn.com/b/windowsazure/archive/2012/06/26/data-series-sql-server-in-windows-azure-virtual-machine-vs-sql-database.aspx
  • Azure SQL Database Guidelines and Limitations Primer: http://msdn.microsoft.com/en-us/library/ff394102.aspx General Guidelines and Limitations Tools, Visual Studio Support, Data migration support, SQL server agent support, etc. Security Guidelines and Limitations Firewalls, Encryption, AuthN, Logins and Users SQL Server Feature Limitations Feature support not available Federation Guidelines and Limitations Several limitations of federated tables
  • Azure SQL Database Instance Available to connect through SQL Server Management Studio SQL AuthN (no IWA AuthN) Unable to access or manipulate instance properties Limited functionality Unable to configure MDOP Not usable for SharePoint 2013…
  • Azure SQL Database Instance Available to connect through SQL Server Management Studio SQL AuthN (no IWA AuthN) Unable to access or manipulate instance properties Limited functionality Unable to configure MDOP Not usable for SharePoint 2013…
  • AWS RDS SQL Server Guidance and Limitations Primer: http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_SQLServer.html Not Supported in 2008 R2 Database Supported in 2008 R2 Database Core Database engine features Maintenance Plans SQL Server development tools (VS, Intellisense) Database Mail SQL Server Management Tools Distributed Queries Safe CLR Transparent Data Encryption Full-text Search Database Log Shipping SSL Database Mirroring Spatial and location features Windows Authenticatoin Distribution Transaction Coordinator (MSDTC) Replication WCF Data Services SQL Server Audit FILESTREAM Support Performance Counter Collector Policy Based Management Additional T-SQL endpoints Ability to run Reporting, Analysis, Integration Services against same server as the DB instance
  • AWS RDS SQL Instance Available to connect through SQL Server Management Studio SQL AuthN (no IWA AuthN) Unable to access or manipulate instance properties Limited functionality Unable to configure MDOP Not usable for SharePoint 2013…
  • AWS RDS SQL Instance Available to connect through SQL Server Management Studio SQL AuthN (no IWA AuthN) Unable to access or manipulate instance properties Limited functionality Unable to configure MDOP Not usable for SharePoint 2013…
  • things to remember… SharePoint Server 2010 and 2013 supports virtualization within Azure (and sysprep…) Microsoft products virtualized on Hyper-V http://support.microsoft.com/kb/957006 http://support.microsoft.com/kb/2721672 Microsoft products virtualized on VMware http://support.microsoft.com/kb/897615 Licensing http://technet.microsoft.com/en-us/library/ff607936(v=office.14).aspx http://technet.microsoft.com/en-us/library/ff607936.aspx Not all Clouds are created equal…
  • speaking of SysPrep on Azure… Creating a Generalized image is broken Unable to create image with Reboot http://bit.ly/azuresysprep
  • SQL Workloads in the cloud SQL housed within cloud based VM Provides greatest flexibility Supports Always On scenarios Support for configurable Disaster Recovery Works with SharePoint SQL DB services Support for fast scalability Requires very little SQL maintenance Great for hosting databases for structured data outside of SharePoint
  • SharePoint Workloads SharePoint for Internet Sites (FIS) Public facing, anonymous access sites Developer, Test and Staging Environments Quickly provision and un-provision entire environments Hybrid Applications Applications that span your data center and the cloud Disaster Recovery Quickly recover from a disaster, only pay for use
  • Active Directory Workloads AD DS, AD FS, AD CS hosted within cloud based VMs Complete flexibility and control of replication to on premise resources Windows Azure Active Directory Useful for cloud based applications Can’t run your data center off of WAAD Connectors to provide for AD FS like functionality 3rd Party Identity Provider in the Cloud Provides for externalized virtual directories for consumption by cloud services
  • AWS Images Available 1568 Amazon Machine Images 19 Amazon Web Services Windows Servers Windows Server 2012 Windows Server 2008 R2 Windows Server 2008 SP2 SQL Server 2012 Standard / Web / Express SQL Server 2008 Standard / Web / Express 4 Microsoft Windows Servers Media Services Hosting WebMatrix SQL Server 2008 R2 SP1-Q4 Several Linux varieties Ubuntu, Cent OS, Amazon Linux, Fedora, Genoo, Debian, Red Hat, OpenSUSE OpenSolaris Oracle Linux (11g, 10g)
  • Provisioning AWS VMs through the EC2 Portal
  • SharePoint in AWS EC2
  • AWS Virtual Machine Sizes
  • AWS Supported VPN Device List Cisco Juniper Platform OS Family Examples Platform OS Family Examples ASA 5500 Series (Adaptive Security Appliances) ASA Software 8.2+ 5505, 5550 SRX Series Routers JunOS 9.5+ 210, 650 ISR Series Integrated Services Routers IOS 12.4+ 2801, 2901, 2911 J Series Routers JunOS 9.5+ 4350 ISG Series Routers ScreenOS 6.1+ SX2 SSG Series Routers ScreenOS 6.1+ 550 Generic VPN devices must support Other Solutions • • • • IKE v1, IPSec in Tunnels Mode AES 128 SHA1 Diffie-Hellman Perfect Forward Secrecy in “Group 2 mode” • Microsoft Windows Server 2008 R2 • Yamaha RTX1200 http://aws.amazon.com/vpc/faqs/#C2
  • AWS PowerShell Commandlets http://aws.amazon.com/powershell/
  • AWS PowerShell Commandlets in Action
  • AWS Command Line http://aws.amazon.com/cli/ Create a config file at c:usersUSERID.awsconfig Run the aws CLI with the service and associated command aws ec2 describe-regions Create a Security Group aws ec2 create-security-group --group-name SPLiveKeyPair.pem Create a Security Group aws ec2 create-security-group --group-name SPLiveGroup --description "SP Live Security Group“ Assign a policy to the Security Group aws ec2 authorize-security-group-ingress --group-name SPLiveGroup -protocol tcp --port 3389 --cidr 0.0.0.0/0
  • AWS Command Line continued List out information about the security group aws ec2 describe-security-groups --group-names SPLiveGroup Launch a Windows Server 2012 instance within an m1.medium aws ec2 run-instances --image-id ami-173d747e --count 1 --instancetype m1.medium --key-name SPLiveKeyPair -security-groups SPLiveGroup Get the instance status aws ec2 describe-instance-status Get a cup of coffee Get the instance status again aws ec2 describe-instance-status
  • AWS Command Line continued Decrypt your password through the portal with your keypair Login to your IaaS VM and begin configuring SharePoint
  • Cloud Formation Scripts Ability to build an entire farm from private AMIs and configuration scripts Leverages JSON for configuration files Deploying a SharePoint Farm in 6 Steps http://aws.amazon.com/articles/9982940049271604 4 Cloud Formation Templates available Creates fully featured farm with domain controllers, etc. Requires a bit of editing - similar to say autospinstaller
  • Cloud Formation Scripts
  • Azure Images Available 44 images available 33 Windows Server Datacenter images Windows Server 2008 R2 SP1 Windows Server 2012 Windows Server 2012 R2 SharePoint 2013 SQL Server 2014 CTP / 2012 SP1 / 2008 SP2 BizTalk 11 Linux images Oracle Database Server, Oracle WebLogic, Java, OpenSUSE, SUSE
  • Windows Azure Comprehensive set of services that enable you to quickly build, deploy and manage applications across a global network of Microsoft-managed datacenters
  • SharePoint Support on Windows Azure Product Support SharePoint Server 2010 supports the hosted virtualization solution of Microsoft, as well as required technologies, such as Microsoft SQL Server, when these products and technologies are deployed on the Windows Azure platform. FAST Support Nope…
  • Hybrid Solutions SaaS IaaS PaaS
  • virtual machine vs vm roles in Azure
  • Azure Cloud Services, Roles and Management, Configuration, Security, Networking and Service Model boundary Instances
  • Azure Cloud Services with Virtual Machines Multiple Virtual Machines can be hosted within the same cloud service
  • Cloud First Provisioning >_
  • Provisioning Azure VMs through the Management Portal
  • Azure Protocols and Endpoints UDP Traffic Supported in Azure Load-balanced incoming traffic and allows outbound traffic Support for All IP-Based Protocols (VM to VM) Instance-to-instance communication TCP, UDP and ICMP, dynamic ports Port Forwarded Endpoints Direct communication to multiple VMs in the same cloud app Custom Load Balancer Health Probes Health check with probe timeouts HTTP based probing, allowing granular control of health checks
  • Overview: Existing Connectivity in Azure Input Endpoint VIP:Input Endpoint LB Loadbalanced endpoint. Stable VIP per service. Single port per endpoint Supported protocols: HTTP, HTTPS, TCP Internal Endpoint Instance-to-instance communication Supported Protocols: TCP Port ranges supported Communication boundary = Deployment boundary Name Resolution Internal Endpoint foo.cloudapp.net  VIP Windows Azure-provided DNS service for service-level name resolution Runtime APIs for instance identification
  • Cloud Connectivity Options
  • Virtual Network Features Customer-managed private virtual networks within Windows Azure “Bring your own IPv4 addresses” Control over placement of Windows Azure Roles within the network Stable IPv4 addresses for VMs Hosted VPN Gateway that enables site-to-site connectivity Automated provisioning & management Support existing on-premises VPN devices Use on-premise DNS servers for name resolution Enables you to use your on-premise DNS servers for name resolution Enables VMs running in Windows Azure to be joined to your corporate domain(s) running on-premise
  • SharePoint in Windows Azure Windows Azure Virtual Network 10.8.8.x On Premises DC DNS DC DNS Local DNS Use Accounts SharePoint FrontEnd Persistent VM Role Server Account SQL Persistent VM Role Persistent VM Role Search and Indes Persistent VM Role Persistent Desk Persistent VM Role Internet Domain Joined to OnPremises Network SQL Persistent VM Role SQL Mirroring SharePoint FrontEnd
  • Azure Virtual Machines
  • Azure Supported VPN Device List Cisco Juniper Platform OS Family Examples Platform OS Family Examples ASA 5500 Series (Adaptive Security Appliances) ASA Software 8.4+ 5505, 5550 SRX Series Routers JunOS 10.2+ 210, 650 ASR 1000 Series Aggregation Services Routers IOS XE 2.1+ 1002 J Series Routers JunOS 9.4+ 4350 ISG Series Routers ScreenOS 6.2+ SX2 ISR Series Integrated Services Routers IOS 12.2+ SSG Series Routers ScreenOS 6.2+ 550 2801, 2901, 2911 Generic VPN devices must support • IKE v1 • AES 128, 256 • SHA1, SHA2
  • scripting it out Paul Stubbs has a great Tech Ed talk walking through showing and explaining this. http://blogs.msdn.com/b/pstubbs/ http://channel9.msdn.com/Events/TechEd/NorthAmerica/2012/AZR327 http://channel9.msdn.com/Events/TechEd/NorthAmerica/2013/MDC-B213 Hands on Labs on github https://github.com/WindowsAzure-TrainingKit/HOLDeployingSQLServerForSharePoint https://github.com/WindowsAzure-TrainingKit/HOL-DeploySharePointVMs https://github.com/WindowsAzure/azure-sdk-tools-samples/wiki/AutomatedDeployment-of-SharePoint-2013-with-Windows-Azure-PowerShell
  • Migration Types Forklift Migration Bring entire application and all dependencies Hybrid Migration Bring portion of application to the cloud while some resources stay on-premises IaaS to PaaS Migration Migrating application to web or worker roles with dependencies that work better on a VM
  • questions
  • Who are we again? Scott Hoag @ciphertxt Applied Information Sciences Infrastructure Consultant scott.hoag@appliedis.co m Dan Usher @binarybrewery Booz Allen Hamilton Incorporated Lead Associate usher_daniel@bah.com