Building the Perfect SharePoint 2010 Farm - Sharing the Point South America

Michael Noel
Convergent Computing
Twitter: @MichaelTNoel

http://www.sharingthepoint.org

 Author of SAMS Publishing titles “SharePoint 2010 Unleashed,” “SharePoint 2007
Unleashed,” “SharePoint 2003 Unleashed”, “Teach Yourself SharePoint 2003 in 10
Minutes,” “Windows Server 2008 R2 Unleashed,” “Exchange Server 2010 Unleashed”,
“ISA Server 2006 Unleashed”, and many other titles .
 Partner at Convergent Computing (www.cco.com / +1(510)444-5700) – San Francisco
Bay Area based Infrastructure/Security specialists for SharePoint, AD, Exchange,
Security


Architecting the Farm
Understanding the Three Tiers of SharePoint Infrastructure

Web

Service Apps

Data

 ‘All-in-One’ (Avoid)
 DB and SP Roles Separate


 2 SharePoint Servers
running Web and Service
Apps
 2 Database Servers
(Clustered or Mirrored)
 1 or 2 Index Partitions with
equivalent query
components
 Smallest farm size that is
fully highly available


 2 Dedicated Web Servers
(NLB)
 2 Service Application
Servers
 2 Database Servers
(Clustered or Mirrored)
 1 or 2 Index Partitions with
equivalent query
components


 Multiple Dedicated
Web Servers
Query Servers
Crawl Servers, with
multiple Crawl DBs to
increase
parallelization of the
crawl process
 Multiple distributed
Index partitions (max
of 10 million items per
index partition)
 Two query
components for each
Index partition,
spread among servers


Virtualization of SharePoint Servers
Virtual Guest Processor and Memory Guidelines
vCPU RAM (Bare RAM RAM
Minimum) (Recommend) (Ideal)

Web Only* 2 6GB 8GB 12GB
Service Application 2 6GB 8GB 12GB
Roles Only
Dedicated Search 2 8GB 10GB 16GB
Service App
Combined 4 10GB 12GB 18GB
Web/Search/Service
Apps
Database* 4 10GB 16GB 24GB


 Allows Organizations that wouldn’t normally be able to have a test
environment to run one
 Allows for separation of the database role onto a dedicated server
 Can be more easily scaled out in the future


 High-
Availability
across Hosts
 All
components
Virtualized
 Uses only
two
Windows
Ent Edition
Licenses

 Highest
transaction
servers are
physical
 Multiple
farm
support,
with DBs for
all farms on
the SQL
cluster


Virtualization of SharePoint Servers
Virtualization Performance Monitoring

 Processor (Host Only) • Network Bandwidth – Bytes
 <60% Utilization = Good Total/sec
 60%-90% = Caution – <40% Utilization = Good
 >90% = Trouble – 41%-64% = Caution
 Available Memory – >65% = Trouble
 50% and above = Good
 10%-50% = OK
• Network Latency - Output
 <10% = Trouble Queue Length
 Disk – Avg. Disk sec/Read or Avg. – 0 = Good
Disk sec/Write – 1-2= OK
 Up to 15ms = fine – >2 = Trouble
 15ms-25ms = Caution
 >25ms = Trouble


Data Management
Distribute Data Across Content DBs and Site Collections

 Start with a distributed architecture of content
databases from the beginning, within reason (more
than 50 per SQL instance is not recommended)
 Distribute content across Site Collections from the
beginning as well, it is very difficult to extract
content after the face
 Allow your environment to scale and your users to
‘grow into’ their SharePoint site collections


Data Management
Binary Large OBject (BLOB) Storage

 BLOBs are unstructured content stored in SQL
 Includes all documents, pictures, and files stored
in SharePoint
 Excludes Metadata and Context, information
about the document, version #, etc.
 Until recently, could not be removed from
SharePoint Content Databases
 Classic problem of structured vs. unstructured
data – unstructured data doesn’t really belong in
a SQL Server environment


Data Management
Getting your BLOBs out of the Content DBs

 Can reduce dramatically the size of Content DBs, as upwards
of 80%-90% of space in content DBs is composed of BLOBs
 Can move BLOB storage to more efficient/cheaper storage
 Improve performance and scalability of your SharePoint
deployment – But highly recommended to use third party


SQL Database Optimization
Content Databases Distributed Between Multiple Volumes

Volume #1 Volume #2 Volume #3 Volume #4

DB-A DB-B DB-A DB-B DB-A DB-B DB-A DB-B
File 1 File 1 File 2 File 2 File 3 File 3 File 4 File 4

Tempdb File 1 Tempdb File 2 Tempdb File 3 Tempdb File 4


Content Databases Distributed Between Multiple Volumes

• Break Content Databases and TempDB into multiple
files (MDF, NDF), total should equal number of
physical processors (not cores) on SQL server.
• Pre-size Content DBs and TempDB to avoid
fragmentation
• Separate files onto different drive spindles for best IO
perf.
• Example: 100GB total Content DB on Four-way SQL
Server would have four database files distributed
across four sets of drive spindles = 25GB pre-sized for
each file.

TempDB Best practices

• TempDB is critical for performance
• Pre-size to 20% of the size of the largest content
database.
• Break into multiple files across spindles as noted
• Note there is a separate TempDB for each physical
instance
• Note that if using SQL Transparent Data Encryption
(TDE) for any databases in an instance, the tempDB is
encrypted.


 Single Site
 Synchronous
Replication
 Uses a SQL
Witness Server
to Failover
Automatically
 Mirror all
SharePoint
DBs in the
Farm
 Use a SQL
Alias to switch
to Mirror
Instance

 Two Sites
 1 ms
Latency
 1GB
Bandwidth
 Farm
Servers in
each
location
 Auto
Failover

 Two Sites
 Two Farms
 Mirror only
Content
DBs
 Failover is
Manual
 Must Re-
index
 More
details…

 For most flexibility, choose
‘Complete’ Installation, even
if not installing all of the
roles on the server. This will
allow for the addition of
roles in the future as
needed.
 Be sure not to select ‘Stand-
Alone’, unless you plan on
having a very small farm
with a limited database
(SQL Server Express)


Service Account Name Role of Service Account Special Permissions
COMPANYABCSRV-SP-Setup SharePoint Installation Account Local Admin on all SharePoint servers (for
install of SP).
COMPANYABCSRV-SP-SQL SQL Service Account(s) – Should be separate Local Admin on Database Server(s)
admin accounts from SP accounts. (Generally, some exceptions apply)
COMPANYABCSRV-SP-Farm SharePoint Farm Account(s) – Can also be N/A
standard admin accounts. RBAC principles
apply ideally.
COMPANYABCSRV-SP-Search Search Account N/A

COMPANYABCSRV-SP- Default Content Access Account Read rights to any external data sources
Content to be crawled
COMPANYABCSRV-SP-Prof Default Profiles Access Account Member of Domain Users (to be able to
read attributes from users in domain) and
‘Replicate Directory Changes’ rights in
AD.
COMPANYABCSRV-SP-AP-SPCA Application Pool Identity account for DBCreator and Security Admin on SQL.
SharePoint Central Admin. Create and Modify contacts rights in AD
OU used for email.
COMPANYABCSRV-SP-AP- Application Pool Identity account for the N/A
Data Content related App Pool (Portal, MySites,

Function Configure-SPSearch {
PARAM($AppPool, $FarmName, $SearchServiceAccount)
$searchServiceInstance = Get-SPEnterpriseSearchServiceInstance -local
Start-SPEnterpriseSearchServiceInstance -Identity $searchServiceInstance
$dbName = $FarmName + "_SearchServiceApplication"
$searchApplication = New-SPEnterpriseSearchServiceApplication -Name "$FarmName Search Service Application" -ApplicationPool $AppPool -DatabaseName $dbName
$searchApplicationProxy = New-SPEnterpriseSearchServiceApplicationProxy -name "$FarmName Search Service Application Proxy" -SearchApplication
$searchApplication
Set-SPEnterpriseSearchAdministrationComponent -SearchApplication $searchApplication -SearchServiceInstance $searchServiceInstance
$crawlTopology = New-SPEnterpriseSearchCrawlTopology -SearchApplication $searchApplication
$crawlDatabase = Get-SPEnterpriseSearchCrawlDatabase -SearchApplication $searchApplication
New-SPEnterpriseSearchCrawlComponent -CrawlTopology $crawlTopology -CrawlDatabase $crawlDatabase -SearchServiceInstance $searchServiceInstance
while($crawlTopology.State -ne "Active")
{
$crawlTopology | Set-SPEnterpriseSearchCrawlTopology -Active -ErrorAction SilentlyContinue
if ($crawlTopology.State -ne "Active")
{
Start-Sleep -Seconds 10
}
}
$queryTopology = New-SPenterpriseSEarchQueryTopology -SearchApplication $searchApplication -partitions 1
$searchIndexPartition = Get-SPEnterpriseSearchIndexPartition -QueryTopology $queryTopology
New-SPEnterpriseSearchQueryComponent -indexpartition $searchIndexPartition -QueryTopology $queryTopology -SearchServiceInstance $searchServiceInstance
$propertyDB = Get-SPEnterpriseSearchPropertyDatabase -SearchApplication $searchApplication
Set-SPEnterpriseSearchIndexPartition $searchIndexPartition -PropertyDatabase $propertyDB
while ($queryTopology.State -ne "Active")
{
$queryTopology | Set-SPEnterpriseSearchQueryTopology -Active -ErrorAction SilentlyContinue
if ($queryTopology.State -ne "Active")
{
Start-Sleep -Seconds 10
}
}
}


 Infrastructure Security and Best Practices
 Best Practice Service Account Setup
 Kerberos Authentication
 Data Security
 SharePoint Security ACLs and Role Based Access
Control (RBAC)
 Transparent Data Encryption (TDE) of SQL Databases
 Transport Security
 Secure Sockets Layer (SSL) from Server to Client
 IPSec from Client to Server
 Inbound Internet Security (Forefront UAG/TMG) / Certs
 Rights Management


 Use multiple service accounts, definitely don’t
mix Application Pool identity accounts with the
farm admin accounts
 Consider DB Mirroring as a DR option
 Consider Server virtualization for design
flexibility
 One last best practice – Don’t forget Antivirus
and Backup


Michael Noel
Twitter: @MichaelTNoel
www.cco.com

@sharingtheglobe
Sharingtheglobe.com (Travel blog)


Building the Perfect SharePoint 2010 Farm - Sharing the Point South America

Recommended

Recommended

More Related Content

What's hot

What's hot (20)

Viewers also liked

Viewers also liked (8)

Similar to Building the Perfect SharePoint 2010 Farm - Sharing the Point South America

Similar to Building the Perfect SharePoint 2010 Farm - Sharing the Point South America (20)

More from Michael Noel

More from Michael Noel (20)

Recently uploaded

Recently uploaded (20)

Building the Perfect SharePoint 2010 Farm - Sharing the Point South America