• Share
  • Email
  • Embed
  • Like
  • Save
  • Private Content
Best Practice SharePoint Architecture
 

Best Practice SharePoint Architecture

on

  • 24,528 views

Slide deck used at the India SharePoint User Groups in Pune, Chennai, and Bangalore, September 2009.

Slide deck used at the India SharePoint User Groups in Pune, Chennai, and Bangalore, September 2009.

Statistics

Views

Total Views
24,528
Views on SlideShare
24,405
Embed Views
123

Actions

Likes
17
Downloads
1,422
Comments
1

6 Embeds 123

http://www.slideshare.net 102
http://dagama2012 15
http://ozone.oakton.com.au 3
http://gitke.blogspot.com 1
http://health.medicbd.com 1
http://www.health.medicbd.com 1

Accessibility

Categories

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel

11 of 1 previous next

  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

    Best Practice SharePoint Architecture Best Practice SharePoint Architecture Presentation Transcript

    • Best Practice SharePoint Farm Architecture
      Michael Noel
      Convergent Computing
      Twitter: @MichaelTNoel
    • Farm Architecture
      Virtualised Farm Architecture
      High Availability Design
      Logical Architecture
      Hardware and Software
      SharePoint Installation
      Kerberos Authentication
      Session Agenda
    • Farm Architecture
      Best Practice SharePoint Designs
    • Farm ArchitectureAll-in-one Server
      All Roles and SQL on one server
      Often seen in small farms
      SQL contention with SharePoint
      Easy to deploy, but not best practice
      No ability for test environment
      NOTE: Do not use SQL Express in Production!
    • Farm ArchitectureDedicated SQL Database Server
      Dedicated SQL Server
      All SharePoint roles on single box
      Less Disk IO
      Greater Performance
      Still no test environment…
    • Farm ArchitectureSmallest Highly Available Farm
      2 Web/Query/Application /Central Admin/Inbound Email Servers
      1 Dedicated Index Server (With Web role to allow it to crawl content)
      2 SQL Standard Edition Cluster Nodes (Active/Passive) – Mirror also option
      Smallest highly available farm
    • Farm ArchitectureScalability
      Scale up and Scale out…
    • Virtualised Farm Architecture
      Less Hardware, less cost…
    • Virtualised Farm ArchitectureEasy and Supported
      Microsoft Hyper-V (R2 recommended) or Vmware ESX supported (KB 897615)
      Great Windows Licensing Options (Ent = 4 licenses, Datacenter = unlimited)
      Allows for multiple farms, more servers
      Less cost, more failover options (Live Migration / Vmotion)
      Do not overcommit resources!
    • Virtualised Farm ArchitectureCost Effective Farm / No HA
      • Allows organisations that wouldn’t normally be able to have a test environment to run one
      • Allows for separation of the database role onto a dedicated server
      • Can be easily scaled out in the future
    • Virtualised Farm ArchitectureFully Redundant Farm with only Two Servers
      • High-Availability across Hosts
      • All components virtualised
      • Uses only two Windows Ent Edition Licenses
    • Virtualised Farm ArchitectureBest Practise, Highly Available and Scalable Farm
      • Highest transaction servers are physical
      • Multiple farm support, with DBs for all farms on the SQL cluster
      • Only five physical servers total, but high performance
    • Virtualised Farm ArchitectureVirtualisation Scalability
    • High Availability Architecture
      Network Load Balancing and SQL Database Mirroring
    • High Availability ArchitectureNetwork Load Balancing
      Hardware Based Load Balancing is Best
      F5
      Cisco Content Switch
      Citrix Netscaler
      Windows Network Load Balancing Supported
      Unicast – Use two NICs
      Multicast – Requires Router Support
    • High Availability Architecture Network Load Balancing - Sample
      Web Role Servers
      sp1.companyabc.com (10.0.0.101) – Web Role Server #1
      sp2.companyabc.com (10.0.0.102) – Web Role Server #2
      Clustered VIPs shared between SP1 and SP2 (Create A records in DNS)
      spnlb.companyabc.com (10.0.0.103) - Cluster
      spca.companyabc.com (10.0.0.104) – SP Central Admin
      ssp1.companyabc.com (10.0.0.105) – SSP
      spsmtp.companyabc.com (10.0.0.106) – Inbound Email
      home.companyabc.com (10.0.0.107) – Main SP Web App
      mysite.companyabc.com (10.0.0.108) – My Sites
    • High Availability ArchitectureSQL Database Mirroring
      Available in SQL Server 2005/2008, both Standard and Enterprise Mirroring
      Keep a full copy of Database on another server
      Asynchronous (good for WAN scenarios, Enterprise edition only) or Synchronous
    • High Availability Architecture Database Mirroring – Single Site Option
      Single Site
      Synchronous Replication
      Uses a SQL Witness Server to Failover Automatically
      Mirror all SharePoint DBs in the Farm
      Use a SQL Alias to switch to Mirror Instance
    • High Availability Architecture Database Mirroring – Cross Site HA Mirroring Option
      Two Sites
      1 ms Latency
      1GB Bandwidth
      Farm Servers in each location
      Auto Failover
    • High Availability Architecture Database Mirroring – Warm Farm Asynchronous Option
      Two Sites
      Two Farms (one warm farm)
      Mirror only Content DBs
      Failover is Manual
      Must Reattach DBs
      Must re-index
    • Logical Architecture
      Do it right the first time…
    • Logical ArchitectureWeb Application Architecture
      Consider creating multiple Web Apps
      Example:
      spca.companyabc.com
      ssp1.companyabc.com
      mysite.companyabc.com
      home.companyabc.com
      Flexible and scalable!
    • Logical ArchitectureDistribute by Default
      Distribute content across multiple Site Collections
      Distribute Site Collections Across Multiple DBs
      Multiple databases = more controlled DB growth
      Try to keep your Content DBs manageable in size (50-100GB)
    • Logical ArchitectureSample Logical Architecture
    • Hardware and Software
      Determining the right tools for the job
    • Hardware and SoftwareDisk, Memory, and Processor
      SQL Databases Require large amounts of space!
      Allocate Disk Space for Index and Query Servers as well
      Index corpus can grow to 5%-20% of total size of data indexed
      Database and Index Servers require most RAM (4GB, 8GB, or more)
      Multi-core processors recommended
    • Hardware and SoftwareWindows Server Versions
      Windows Server 2008 R2 (or RTM) highly recommended!
      Critical that new servers run x64, required for SharePoint 2010
      SharePoint servers are fine with Standard edition of Windows, no extra gain for Enterprise
      SQL Servers may require Enterprise edition if using SQL Enterprise
    • Hardware and SoftwareSQL Server Versions
      SQL Server 2008 Recommended
      64 bit also highly recommended (required for SharePoint 2010)
      SQL Server 2005 still supported
      SQL 2000 supported for Sharepoint 2007, but not for 2010, and not recommended
      Separate SQL Reporting Services server may be required for intensive reporting
      Standard edition of SQL generally fine, except for very large environments
    • SharePoint Installation
      Getting the steps right
    • SharePoint InstallationService Accounts
      Never use a single service account!
      Create the Following Accounts
      SQL Admin Account
      Installation Account
      SharePoint Farm Admin
      Search Admin
      Default Content Access Account
      Application Pool Identity Accounts
    • SharePoint InstallationInstallation Process
      Choose ‘Complete’ Installation
      Do not select ‘Stand-alone’ for a Production environment!
    • SharePoint InstallationInstallation Process
      Choose Index Location during Install
      Index location can be changed later, but more difficult
    • SharePoint InstallationCommand-line Installation of SharePoint
      Learn to install from Command-line
      Only way to specify SPCA Database Name
      SETUP, PSCONFIG and STSADM
      PSConfig is your friend!
      Powershellis the future here…
    • SharePoint InstallationRunning the Config Wizard to Install Servers
      Consider PSConfig
      Use Easy to remember port for SPCA (i.e. 8888)
      Better still, change SPCA to 443 later
      Use Common Database Naming Convention
      Account running wizard needs DBCreatorand Security Admin rights on SQL Server
      Run the wizard on additional servers as necessary
    • SharePoint InstallationCreate a SQL and/or DNS Alias!
      Most flexible approach!
      spsql.abc.com = sql1
    • Kerberos Authentication
      Security, Security, Security
    • Kerberos AuthenticationEnable for Best Practise Security!
      Use Kerberos when creating Web Apps
      Extra steps required, but worth it…
    • Kerberos AuthenticationStep 1: Create SPNs for Web Apps
      Create Service Principle Names (SPNs)
      Used for impersonation
    • Kerberos AuthenticationStep 2: Create SPNs for SQL
      Create SPNs for SQL
      Syntax similar to following:
      Setspn.exe -A MSSQLSvc/spsql:1433 COMPANYABCSRV-SQL-DB
      Setspn.exe –A MSSQLSvc/spsql.companyabc.com:1433 COMPANYABCSRV-SQL-DB
      MSSQLSvc = Default instance, if named instance, specify the name instead
      In this example, SRV-SQL-DB is the SQL Admin account
    • Kerberos AuthenticationStep 3: Allow App Pool accounts and SP Computers to Delegate
      Use ADUC
      SharePoint Web Server Computer Accounts
      App Pool Identity Accounts
    • Kerberos AuthenticationStep 4: Edit Applicationhost.config
      Windows Server 2008 only
      Modify the ApplicationHost.config file
      <windowsAuthenticationenabled="true" useKernelMode="true" useAppPoolCredentials="true">
    • Kerberos AuthenticationStep 5: Enable Kerberos on Web App
      Enable Kerberos on the Web App (if not already turned on)
      Go to Application Management – Authentication Providers
      Choose the appropriate Web Application
      Click on the link for ‘Default’ under Zone
      Change to Integrated Windows Authentication - Kerberos (Negotiate)
      Run iisreset /noforce from the command prompt
    • Key Takeaways
      Highly consider Virtualization for SharePoint
      Create a test farm!
      Consider Database Mirroring and/or NLB for SharePoint HA
      Deploy the ‘five server farm’ for full High Availability
      Plan today for SharePoint 2010 (more on this in the next session!)
      Enable Kerberos Authentication
    • For More Information
      Speaker Books
      (http://www.samspublishing.com)
      SharePoint Database Mirroring Whitepaper
      (http://tinyurl.com/mirrorsp)
      Database Mirroring Failover Case Study
      (http://tinyurl.com/mirrorspcs)
      Microsoft ‘Virtualizing SharePoint Infrastructure’ Whitepaper (http://tinyurl.com/virtualsp)
      SharePoint Log Shipping Whitepaper
      (http://tinyurl.com/logshipsp)
    • Thanks for having me in Pune!Questions?
      Michael Noel
      Twitter: @MichaelTNoel
      www.cco.com