• Save
SharePoint Intersections - SP11 - SharePoint and IaaS - The OnPrem in the Cloud
Upcoming SlideShare
Loading in...5
×
 

SharePoint Intersections - SP11 - SharePoint and IaaS - The OnPrem in the Cloud

on

  • 1,047 views

 

Statistics

Views

Total Views
1,047
Views on SlideShare
332
Embed Views
715

Actions

Likes
0
Downloads
0
Comments
0

7 Embeds 715

http://www.sharepointdan.com 697
http://feedly.com 9
http://feeds2.feedburner.com 4
http://www.slideee.com 2
http://digg.com 1
http://prlog.ru 1
http://www.google.com 1
More...

Accessibility

Categories

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

SharePoint Intersections - SP11 - SharePoint and IaaS - The OnPrem in the Cloud SharePoint Intersections - SP11 - SharePoint and IaaS - The OnPrem in the Cloud Presentation Transcript

  • SharePoint intersection Session SP11 SharePoint and IaaS The onPrem in the Cloud
  • 2 © DEVintersection. All rights reserved. http://www.DEVintersection.com Overview  Introduction  Why Cloud?  Workload Considations  Amazon Web Services Overview  Azure Overview  Azure Pack - Private Cloud  Office 365 Considerations  Hybrid Solutions
  • Who am I? Dan Usher Lead Associate Booz Allen Hamilton usher@binarybrewery.io http://www.sharepointdan.com
  • 4 © DEVintersection. All rights reserved. http://www.DEVintersection.com Who are you?  SharePoint On-Prem?  SharePoint Online?  Developers?  Designers?  Administrators?  Architects?  End Users?
  • 5 © DEVintersection. All rights reserved. http://www.DEVintersection.com IT Agility The ability to instantly provision new hardware for new opportunities or respond quickly to business demand can be a competitive advantage. Focus Focusing less on infrastructure leaves more time for improving the success of the business through better IT. More on Innovation and less on Infrastructure. Economics Cloud Computing lowers the cost of delivering IT and increases the utilization and efficiency of your data center. Why Cloud™?
  • 6 © DEVintersection. All rights reserved. http://www.DEVintersection.com cloud types  moving out from corporate IT data center and private clouds  hosting, building, consuming  flexibility in scale
  • 7 © DEVintersection. All rights reserved. http://www.DEVintersection.com environments to consider  production  staging  user acceptance  test  development
  • 8 © DEVintersection. All rights reserved. http://www.DEVintersection.com security and compliance  Azure Public Community Cloud  FedRAMP JAB P-ATO  http://www.microsoft.com/en-us/news/press/2013/sep13/09- 30fedramppr.aspx  AWS  GovCloud - FedRAMP 3PAO ATO  http://aws.amazon.com/govcloud-us/
  • 9 © DEVintersection. All rights reserved. http://www.DEVintersection.com services we wish we could utilize  AWS RDS SQL instance  http://aws.amazon.com/rds/sqlserver/#details  Azure SQL Database  http://www.windowsazure.com/en-us/services/data-management/  Spoiler Alert…  Neither support FILESTREAM  Neither can be domain joined
  • 11 © DEVintersection. All rights reserved. http://www.DEVintersection.com Azure SQL Database Instance  Available to connect through SQL Server Management Studio  SQL AuthN (no IWA AuthN)  Unable to access or manipulate instance properties  Limited functionality  Unable to configure MDOP Not usable for SharePoint 2013…
  • 12 © DEVintersection. All rights reserved. http://www.DEVintersection.com AWS RDS SQL Server Guidance and Limitations Primer: http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_SQLServer.html Supported in 2008 R2 Database Not Supported in 2008 R2 Database Core Database engine features Maintenance Plans SQL Server development tools (VS, Intellisense) Database Mail SQL Server Management Tools Distributed Queries Safe CLR Transparent Data Encryption Full-text Search Database Log Shipping SSL Database Mirroring Spatial and location features Windows Authenticatoin Distribution Transaction Coordinator (MSDTC) Replication WCF Data Services SQL Server Audit FILESTREAM Support Performance Counter Collector Policy Based Management Additional T-SQL endpoints Ability to run Reporting, Analysis, Integration Services against same server as the DB instance
  • 13 © DEVintersection. All rights reserved. http://www.DEVintersection.com AWS RDS SQL Instance Not usable for SharePoint 2013… Available to connect through SQL Server Management Studio SQL AuthN (no IWA AuthN) Unable to access or manipulate instance properties Limited functionality Unable to configure MDOP
  • 14 © DEVintersection. All rights reserved. http://www.DEVintersection.com things to remember…  SharePoint Server 2010 and 2013 supports virtualization within Azure (and sysprep…)  Microsoft products virtualized on Hyper-V  http://support.microsoft.com/kb/957006  http://support.microsoft.com/kb/2721672  Microsoft products virtualized on VMware  http://support.microsoft.com/kb/897615  Licensing  http://technet.microsoft.com/en-us/library/ff607936(v=office.14).aspx  http://technet.microsoft.com/en-us/library/ff607936.aspx  Not all Clouds are created equal…
  • 15 © DEVintersection. All rights reserved. http://www.DEVintersection.com SQL Workloads in the cloud  SQL housed within cloud based VM  Provides greatest flexibility  Supports Always On scenarios  Support for configurable Disaster Recovery  Works with SharePoint  SQL DB services  Support for fast scalability  Requires very little SQL maintenance  Great for hosting databases for structured data outside of SharePoint
  • 16 © DEVintersection. All rights reserved. http://www.DEVintersection.com SharePoint Workloads  SharePoint for Internet Sites (FIS)  Public facing, anonymous access sites  Developer, Test and Staging Environments  Quickly provision and un-provision entire environments  Hybrid Applications  Applications that span your data center and the cloud  Disaster Recovery  Quickly recover from a disaster, only pay for use
  • 17 © DEVintersection. All rights reserved. http://www.DEVintersection.com Active Directory Workloads  AD DS, AD FS, AD CS hosted within cloud based VMs  Complete flexibility and control of replication to on premise resources  Windows Azure Active Directory  Useful for cloud based applications  Can’t run your data center off of WAAD  Connectors to provide for AD FS like functionality  3rd Party Identity Provider in the Cloud  Provides for externalized virtual directories for consumption by cloud services
  • AWS Overview
  • 19 © DEVintersection. All rights reserved. http://www.DEVintersection.com AWS Images Available              
  • Demo Provisioning AWS VMs through the EC2 Portal
  • 21 © DEVintersection. All rights reserved. http://www.DEVintersection.com SharePoint in AWS EC2 Reference Architecture Document - http://go.spdan.com/aws-sp-ref-pdf
  • 22 © DEVintersection. All rights reserved. http://www.DEVintersection.com Using AWS to Deploy…  Quick Deployment method using Cloud Formation scripts…  License Mobility 
  • 23 © DEVintersection. All rights reserved. http://www.DEVintersection.com AWS Core Virtual Machine Sizes
  • 24 © DEVintersection. All rights reserved. http://www.DEVintersection.com AWS Supported VPN Device List Cisco Platform OS Family Examples ASA 5500 Series (Adaptive Security Appliances) ASA Software 8.2+ 5505, 5550 ISR Series Integrated Services Routers IOS 12.4+ 2801, 2901, 2911 Juniper Platform OS Family Examples SRX Series Routers JunOS 9.5+ 210, 650 J Series Routers JunOS 9.5+ 4350 ISG Series Routers ScreenOS 6.1+ SX2 SSG Series Routers ScreenOS 6.1+ 550 Generic VPN devices must support • IKE v1, IPSec in Tunnels Mode • AES 128 • SHA1 • Diffie-Hellman Perfect Forward Secrecy in “Group 2 mode” Other Solutions • Microsoft Windows Server 2008 R2 • Yamaha RTX1200 http://aws.amazon.com/vpc/faqs/#C2
  • 25 © DEVintersection. All rights reserved. http://www.DEVintersection.com AWS PowerShell Commandlets  http://aws.amazon.com/powershell/
  • 26 © DEVintersection. All rights reserved. http://www.DEVintersection.com AWS PowerShell Commandlets in Action
  • 27 © DEVintersection. All rights reserved. http://www.DEVintersection.com AWS Command Line  http://aws.amazon.com/cli/        
  • 28 © DEVintersection. All rights reserved. http://www.DEVintersection.com AWS Command Line continued         
  • 29 © DEVintersection. All rights reserved. http://www.DEVintersection.com AWS Command Line continued  
  • 30 © DEVintersection. All rights reserved. http://www.DEVintersection.com Cloud Formation Scripts       
  • Azure Overview
  • 32 © DEVintersection. All rights reserved. http://www.DEVintersection.com Azure Images Available                
  • 33 © DEVintersection. All rights reserved. http://www.DEVintersection.com Windows Azure  Comprehensive set of services that enable you to quickly build, deploy and manage applications across a global network of Microsoft-managed datacenters
  • 34 © DEVintersection. All rights reserved. http://www.DEVintersection.com SharePoint Support on Windows Azure  Product Support  FAST Support
  • 35 © DEVintersection. All rights reserved. http://www.DEVintersection.com Hybrid Solutions IaaS PaaS SaaS
  • 36 © DEVintersection. All rights reserved. http://www.DEVintersection.com virtual machine vs vm roles in Azure
  • 37 © DEVintersection. All rights reserved. http://www.DEVintersection.com Azure Cloud Services, Roles and Instances  Management, Configuration, Security, Networking and Service Model boundary
  • 38 © DEVintersection. All rights reserved. http://www.DEVintersection.com Azure Cloud Services with Virtual Machines  Multiple Virtual Machines can be hosted within the same cloud service
  • 39 © DEVintersection. All rights reserved. http://www.DEVintersection.com Cloud First Provisioning >_
  • Demo Provisioning Azure VMs through the Management Portal
  • 41 © DEVintersection. All rights reserved. http://www.DEVintersection.com Azure Protocols and Endpoints  UDP Traffic Supported in Azure  Support for All IP-Based Protocols (VM to VM)   Port Forwarded Endpoints  Custom Load Balancer Health Probes 
  • 42 © DEVintersection. All rights reserved. http://www.DEVintersection.com Overview: Existing Connectivity in Azure LB VIP:Input Endpoint Internal Endpoint Loadbalanced endpoint. Stable VIP per service. Single port per endpoint Supported protocols: HTTP, HTTPS, TCP Input Endpoint Instance-to-instance communication Supported Protocols: TCP Port ranges supported Communication boundary = Deployment boundary Internal Endpoint Windows Azure-provided DNS service for service-level name resolution Runtime APIs for instance identification Name Resolution foo.cloudapp.net  VIP
  • 43 © DEVintersection. All rights reserved. http://www.DEVintersection.com Cloud Connectivity Options Data Synchronization Application-Layer Connectivity & Messaging Secure Machine-to-Machine Network Connectivity Secure Site-to-Site Network Connectivity Secure Site-to-Site Network Connectivity
  • 44 © DEVintersection. All rights reserved. http://www.DEVintersection.com Virtual Network Features  Customer-managed private virtual networks within Windows Azure  “Bring your own IPv4 addresses”  Control over placement of Windows Azure Roles within the network  Stable IPv4 addresses for VMs  Hosted VPN Gateway that enables site-to-site connectivity  Automated provisioning & management  Support existing on-premises VPN devices  Use on-premise DNS servers for name resolution  Enables you to use your on-premise DNS servers for name resolution  Enables VMs running in Windows Azure to be joined to your corporate domain(s) running on-premise
  • 45 © DEVintersection. All rights reserved. http://www.DEVintersection.com SharePoint in Windows Azure Internet Persistent VM Role SharePoint FrontEnd Persistent VM Role SharePoint FrontEnd Persistent VM Role Search and Indes Persistent Desk Persistent VM Role DC DNS Server Account Persistent VM RoleSQL Persistent VM Role SQL Local DNS SQLMirroring Windows Azure Virtual Network Use Accounts On Premises DC DNS 10.8.8.x Domain Joined to On-Premises Network
  • 46 © DEVintersection. All rights reserved. http://www.DEVintersection.com Azure Virtual Machines 
  • 47 © DEVintersection. All rights reserved. http://www.DEVintersection.com Azure Supported VPN Device List Cisco Platform OS Family Examples ASA 5500 Series (Adaptive Security Appliances) ASA Software 8.4+ 5505, 5550 ASR 1000 Series Aggregation Services Routers IOS XE 2.1+ 1002 ISR Series Integrated Services Routers IOS 12.2+ 2801, 2901, 2911 Juniper Platform OS Family Examples SRX Series Routers JunOS 10.2+ 210, 650 J Series Routers JunOS 9.4+ 4350 ISG Series Routers ScreenOS 6.2+ SX2 SSG Series Routers ScreenOS 6.2+ 550 Generic VPN devices must support • IKE v1 • AES 128, 256 • SHA1, SHA2 Soft VPN Gateway • CheckPoint • Fortinent • OpenSwan
  • 48 © DEVintersection. All rights reserved. http://www.DEVintersection.com scripting it out  Paul Stubbs has a great Tech Ed talk walking through showing and explaining this.  http://blogs.msdn.com/b/pstubbs/  http://channel9.msdn.com/Events/TechEd/NorthAmerica/2012/AZR327  http://channel9.msdn.com/Events/TechEd/NorthAmerica/2013/MDC-B213  Hands on Labs on github  https://github.com/WindowsAzure-TrainingKit/HOL- DeployingSQLServerForSharePoint  https://github.com/WindowsAzure-TrainingKit/HOL-DeploySharePointVMs  https://github.com/WindowsAzure/azure-sdk-tools-samples/wiki/Automated- Deployment-of-SharePoint-2013-with-Windows-Azure-PowerShell
  • 49 © DEVintersection. All rights reserved. http://www.DEVintersection.com Migration Types Forklift Migration  Bring entire application and all dependencies Hybrid Migration  Bring portion of application to the cloud while some resources stay on-premises IaaS to PaaS Migration  Migrating application to web or worker roles with dependencies that work better on a VM
  • 50 © DEVintersection. All rights reserved. http://www.DEVintersection.com Private Cloud - Azure Pack Builds on Windows Server 2012 R2 and Systems Center 2012 R2 Uses:  Hosting critical workloads on- premise  Data and Information security requirements  Move VHDs through VMM moving Images to / from Azure Provides for:  Web Sites  Service Bus  Virtual Machines  Tenant Portal  Management Portal
  • 51 © DEVintersection. All rights reserved. http://www.DEVintersection.com Reasons to use Office 365 Software as a Service  Per user / per month  Licensing included  Identity Integration through Windows Azure Active Directory  Tenant Administration  Full Apps Model Support  Disaster Recovery  Reduced O&M and Administration
  • 52 © DEVintersection. All rights reserved. http://www.DEVintersection.com SharePoint 2013 and Office 365 Search Authentication Topologies Supported Functionality One-way outbound SharePoint Server 2013 Search services can query SharePoint Online site collections and return federated results to SharePoint Server 2013 Search One-way inbound SharePoint Online Search services can query SharePoint Server 2013 site collections and return federated results to SharePoint Online Search Two-way (bidirectional) Both SharePoint Server 2013 and SharePoint Online Search services can query site collections in the other environment and return federated results
  • 53 © DEVintersection. All rights reserved. http://www.DEVintersection.com SharePoint 2013 and Office 365 Search  On-premises AD DS domain in a forest that has a Windows Server 2008/Windows Server 2008 R2/Windows Server 2012 forest functional level  An on-premises server for  AD FS 2.0  Microsoft Online Services Directory Synchronization tool  An operational on-premises SharePoint Server 2013 farm that has each of the following:  An Enterprise Search site collection configured with a public external URL  An SSL certificate issued by a public root authority  An App Management Service Proxy  A Subscription Settings service application  A Search service application  An Office 365 Enterprise plan (E1/E3)  A reverse proxy device with an Internet connection that permits unsolicited inbound traffic  An Internet domain and access to DNS records for the domain
  • 54 © DEVintersection. All rights reserved. http://www.DEVintersection.com Reverse Proxy Requirements  The device must support  Certificate authentication using a wildcard or SAN X.509 certificate as the client certificate  Allow pass through of OAuth 2.0 redirection-based authentication  Preservation of request headers  If the internal and external URLs of your on-premises SharePoint Server 2013 are different, the device must support path mapping and link translation.  Forefront Threat Management Gateway (TMG)* 2010 is the only reverse proxy device for which specific configuration guidance is available.  Microsoft Unified Access Gateway (UAG)** is not supported for use as a reverse proxy device in hybrid environments that require certificate authentication.
  • 55 © DEVintersection. All rights reserved. http://www.DEVintersection.com Hybrid Solution
  • 56 © DEVintersection. All rights reserved. http://www.DEVintersection.com Review  Introduction  Why Cloud?  Workload Considations  Amazon Web Services Overview  Azure Overview  Azure Pack - Private Cloud  Office 365 Considerations  Hybrid Solutions
  • Questions? Thank you! Don’t forget to enter your evaluation of this session using EventBoard!