Building the Perfect SharePoint 2010 Farm - Sharing the Point South America

Michael NoelConvergent ComputingTwitter: @MichaelTNoel http://www.sharingthepoint.org

 Author of SAMS Publishing titles “SharePoint 2010 Unleashed,” “SharePoint 2007 Unleashed,” “SharePoint 2003 Unleashed”, “Teach Yourself SharePoint 2003 in 10 Minutes,” “Windows Server 2008 R2 Unleashed,” “Exchange Server 2010 Unleashed”, “ISA Server 2006 Unleashed”, and many other titles . Partner at Convergent Computing (www.cco.com / +1(510)444-5700) – San Francisco Bay Area based Infrastructure/Security specialists for SharePoint, AD, Exchange, Security http://www.sharingthepoint.org

http://www.sharingthepoint.org

Architecting the FarmUnderstanding the Three Tiers of SharePoint Infrastructure Web Service Apps Data http://www.sharingthepoint.org

 ‘All-in-One’ (Avoid)  DB and SP Roles Separate http://www.sharingthepoint.org

 2 SharePoint Servers running Web and Service Apps 2 Database Servers (Clustered or Mirrored) 1 or 2 Index Partitions with equivalent query components Smallest farm size that is fully highly available http://www.sharingthepoint.org

 2 Dedicated Web Servers (NLB) 2 Service Application Servers 2 Database Servers (Clustered or Mirrored) 1 or 2 Index Partitions with equivalent query components http://www.sharingthepoint.org

 Multiple Dedicated Web Servers Multiple Dedicated Query Servers Multiple Dedicated Crawl Servers, with multiple Crawl DBs to increase parallelization of the crawl process Multiple distributed Index partitions (max of 10 million items per index partition) Two query components for each Index partition, spread among servers http://www.sharingthepoint.org

Virtualization of SharePoint Servers Virtual Guest Processor and Memory Guidelines vCPU RAM (Bare RAM RAM Minimum) (Recommend) (Ideal)Web Only* 2 6GB 8GB 12GBService Application 2 6GB 8GB 12GBRoles OnlyDedicated Search 2 8GB 10GB 16GBService AppCombined 4 10GB 12GB 18GBWeb/Search/ServiceAppsDatabase* 4 10GB 16GB 24GB http://www.sharingthepoint.org

 Allows Organizations that wouldn’t normally be able to have a test environment to run one Allows for separation of the database role onto a dedicated server Can be more easily scaled out in the future http://www.sharingthepoint.org

 High- Availability across Hosts All components Virtualized Uses only two Windows Ent Edition Licenses http://www.sharingthepoint.org

 Highest transaction servers are physical Multiple farm support, with DBs for all farms on the SQL cluster http://www.sharingthepoint.org

Virtualization of SharePoint Servers Virtualization Performance Monitoring Processor (Host Only) • Network Bandwidth – Bytes  <60% Utilization = Good Total/sec  60%-90% = Caution – <40% Utilization = Good  >90% = Trouble – 41%-64% = Caution Available Memory – >65% = Trouble  50% and above = Good  10%-50% = OK • Network Latency - Output  <10% = Trouble Queue Length Disk – Avg. Disk sec/Read or Avg. – 0 = Good Disk sec/Write – 1-2= OK  Up to 15ms = fine – >2 = Trouble  15ms-25ms = Caution  >25ms = Trouble http://www.sharingthepoint.org

Data Management Distribute Data Across Content DBs and Site Collections Start with a distributed architecture of content databases from the beginning, within reason (more than 50 per SQL instance is not recommended) Distribute content across Site Collections from the beginning as well, it is very difficult to extract content after the face Allow your environment to scale and your users to ‘grow into’ their SharePoint site collections http://www.sharingthepoint.org

Data Management Binary Large OBject (BLOB) Storage BLOBs are unstructured content stored in SQL Includes all documents, pictures, and files stored in SharePoint Excludes Metadata and Context, information about the document, version #, etc. Until recently, could not be removed from SharePoint Content Databases Classic problem of structured vs. unstructured data – unstructured data doesn’t really belong in a SQL Server environment http://www.sharingthepoint.org

Data Management Getting your BLOBs out of the Content DBs Can reduce dramatically the size of Content DBs, as upwards of 80%-90% of space in content DBs is composed of BLOBs Can move BLOB storage to more efficient/cheaper storage Improve performance and scalability of your SharePoint deployment – But highly recommended to use third party http://www.sharingthepoint.org

SQL Database OptimizationContent Databases Distributed Between Multiple Volumes Volume #1 Volume #2 Volume #3 Volume #4DB-A DB-B DB-A DB-B DB-A DB-B DB-A DB-BFile 1 File 1 File 2 File 2 File 3 File 3 File 4 File 4Tempdb File 1 Tempdb File 2 Tempdb File 3 Tempdb File 4 http://www.sharingthepoint.org

SQL Database Optimization Content Databases Distributed Between Multiple Volumes• Break Content Databases and TempDB into multiple files (MDF, NDF), total should equal number of physical processors (not cores) on SQL server.• Pre-size Content DBs and TempDB to avoid fragmentation• Separate files onto different drive spindles for best IO perf.• Example: 100GB total Content DB on Four-way SQL Server would have four database files distributed across four sets of drive spindles = 25GB pre-sized for each file. http://www.sharingthepoint.org

SQL Database Optimization TempDB Best practices• TempDB is critical for performance• Pre-size to 20% of the size of the largest content database.• Break into multiple files across spindles as noted• Note there is a separate TempDB for each physical instance• Note that if using SQL Transparent Data Encryption (TDE) for any databases in an instance, the tempDB is encrypted. http://www.sharingthepoint.org

 Single Site Synchronous Replication Uses a SQL Witness Server to Failover Automatically Mirror all SharePoint DBs in the Farm Use a SQL Alias to switch to Mirror Instance http://www.sharingthepoint.org

 Two Sites 1 ms Latency 1GB Bandwidth Farm Servers in each location Auto Failover http://www.sharingthepoint.org

 Two Sites Two Farms Mirror only Content DBs Failover is Manual Must Re- index More details… http://www.sharingthepoint.org

 For most flexibility, choose ‘Complete’ Installation, even if not installing all of the roles on the server. This will allow for the addition of roles in the future as needed. Be sure not to select ‘Stand- Alone’, unless you plan on having a very small farm with a limited database (SQL Server Express) http://www.sharingthepoint.org

Service Account Name Role of Service Account Special PermissionsCOMPANYABCSRV-SP-Setup SharePoint Installation Account Local Admin on all SharePoint servers (for install of SP).COMPANYABCSRV-SP-SQL SQL Service Account(s) – Should be separate Local Admin on Database Server(s) admin accounts from SP accounts. (Generally, some exceptions apply)COMPANYABCSRV-SP-Farm SharePoint Farm Account(s) – Can also be N/A standard admin accounts. RBAC principles apply ideally.COMPANYABCSRV-SP-Search Search Account N/ACOMPANYABCSRV-SP- Default Content Access Account Read rights to any external data sourcesContent to be crawledCOMPANYABCSRV-SP-Prof Default Profiles Access Account Member of Domain Users (to be able to read attributes from users in domain) and ‘Replicate Directory Changes’ rights in AD.COMPANYABCSRV-SP-AP-SPCA Application Pool Identity account for DBCreator and Security Admin on SQL. SharePoint Central Admin. Create and Modify contacts rights in AD OU used for email.COMPANYABCSRV-SP-AP- Application Pool Identity account for the N/AData Content related App Pool (Portal, MySites, http://www.sharingthepoint.org

Function Configure-SPSearch { PARAM($AppPool, $FarmName, $SearchServiceAccount) $searchServiceInstance = Get-SPEnterpriseSearchServiceInstance -local Start-SPEnterpriseSearchServiceInstance -Identity $searchServiceInstance $dbName = $FarmName + "_SearchServiceApplication" $searchApplication = New-SPEnterpriseSearchServiceApplication -Name "$FarmName Search Service Application" -ApplicationPool $AppPool -DatabaseName $dbName $searchApplicationProxy = New-SPEnterpriseSearchServiceApplicationProxy -name "$FarmName Search Service Application Proxy" -SearchApplication$searchApplication Set-SPEnterpriseSearchAdministrationComponent -SearchApplication $searchApplication -SearchServiceInstance $searchServiceInstance $crawlTopology = New-SPEnterpriseSearchCrawlTopology -SearchApplication $searchApplication $crawlDatabase = Get-SPEnterpriseSearchCrawlDatabase -SearchApplication $searchApplication New-SPEnterpriseSearchCrawlComponent -CrawlTopology $crawlTopology -CrawlDatabase $crawlDatabase -SearchServiceInstance $searchServiceInstance while($crawlTopology.State -ne "Active") { $crawlTopology | Set-SPEnterpriseSearchCrawlTopology -Active -ErrorAction SilentlyContinue if ($crawlTopology.State -ne "Active") { Start-Sleep -Seconds 10 } } $queryTopology = New-SPenterpriseSEarchQueryTopology -SearchApplication $searchApplication -partitions 1 $searchIndexPartition = Get-SPEnterpriseSearchIndexPartition -QueryTopology $queryTopology New-SPEnterpriseSearchQueryComponent -indexpartition $searchIndexPartition -QueryTopology $queryTopology -SearchServiceInstance $searchServiceInstance $propertyDB = Get-SPEnterpriseSearchPropertyDatabase -SearchApplication $searchApplication Set-SPEnterpriseSearchIndexPartition $searchIndexPartition -PropertyDatabase $propertyDB while ($queryTopology.State -ne "Active") { $queryTopology | Set-SPEnterpriseSearchQueryTopology -Active -ErrorAction SilentlyContinue if ($queryTopology.State -ne "Active") { Start-Sleep -Seconds 10 } }} http://www.sharingthepoint.org

 Infrastructure Security and Best Practices  Best Practice Service Account Setup  Kerberos Authentication Data Security  SharePoint Security ACLs and Role Based Access Control (RBAC)  Transparent Data Encryption (TDE) of SQL Databases Transport Security  Secure Sockets Layer (SSL) from Server to Client  IPSec from Client to Server  Inbound Internet Security (Forefront UAG/TMG) / Certs Rights Management http://www.sharingthepoint.org

 Use multiple service accounts, definitely don’t mix Application Pool identity accounts with the farm admin accounts Consider DB Mirroring as a DR option Consider Server virtualization for design flexibility One last best practice – Don’t forget Antivirus and Backup http://www.sharingthepoint.org

Michael Noel Twitter: @MichaelTNoel www.cco.com @sharingtheglobeSharingtheglobe.com (Travel blog) http://www.sharingthepoint.org

Building the Perfect SharePoint 2010 Farm - Sharing the Point South America

by Michael Noel on Jan 23, 2012

Accessibility

Categories

Tags

Upload Details

Usage Rights

Statistics

Building the Perfect SharePoint 2010 Farm - Sharing the Point South America — Presentation Transcript