Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
A Real World Guide to Building Highly Available Fault Tolerant SharePoint Farms 
Miguel Wood 
Eric Shupps
Agenda 
Introduction 
Fundamentals 
Architecture 
Implementation
Introduction
Reminders 
• 
Download the attendee packet at http://bit.ly/SPAloozaAttendee 
• 
Attend the “Rock Star” Sessions at the en...
Sponsors
Bands 
What better way to unwind after a long day of working out your brain than with some great live music at the amazing...
About Miguel Wood 
The “Other” SharePoint Cowboy 
mwood@tekfocus.commwood@go-planet.com 
facebook.com/miguelwood 
@miguelw...
About Eric Shupps 
CKS:DEV 
The 
SharePoint 
Cowboy 
Patterns 
& 
Practices 
Eric Shupps 
www.sharepointcowboy.com 
eshupp...
Fundamentals
What is High Availability? 
Elimination of single points of failure 
Fully redundant systems 
Seamless continuity 
Automat...
Why Do We Need High Availability? 
Risk mitigation 
Compliance 
Customer Satisfaction 
Revenue Protection 
Safety 
Perform...
Requirements 
Infrastructure 
• 
Devices 
• 
Servers 
• 
Bandwidth 
• 
Storage 
Software 
• 
Windows Server 2012 
• 
Failo...
Considerations 
Resources 
Cost 
Complexity 
Licensing 
Troubleshooting 
Patching & Updates
Architecture
Basic SharePoint 2013 Farm Architecture 
SharePoint Server 2013Front-end ServerSQL Server 2012 SP1 PowerPivot Add-InSQL Se...
Basic SharePoint 2013 HA Farm 
• 
JUST SharePoint 
• 
Is everything on this diagram ‘highly available’? 
• 
What about env...
Azure IaaSSharePoint 2013 HA Farm 
• 
Azure features and functionality are changing rapidly 
• 
Currently, items you must ...
Environment
Network 
Firewalls 
Routers 
Load Balancers 
Switches 
Virtual Hosts 
Network Interfaces 
Storage
Storage 
Dedicated vs. Shared Storage 
Quorum Types 
• 
Node Majority 
• 
Node and File Share Majority 
• 
Node and Disk M...
Active Directory 
Logins 
• 
Service Accounts 
• 
SQL Accounts 
• 
Computer Objects 
• 
File shares 
Cluster permissions 
...
DNS 
• 
Configuration 
• 
Location 
• 
Availability 
• 
Replication 
• 
Entries 
• 
Machines 
• 
Cluster 
• 
Listeners 
• ...
SSL 
Encryption 
• 
Communication (SSL) 
• 
Data (TDE) 
Certificate Types 
• 
SAN 
• 
Wildcard 
Challenges 
• 
Cost 
• 
Co...
SQL Server
Clustering 
Windows Server Failover Clustering 
• 
Required 
• 
Provides base cluster capabilities 
• 
Server level 
SQL F...
Availability Groups 
Group of databases organized into PRIMARY (1) and SECONDARY (4 – 2012, 8 –2014) 
Automatic data synch...
Aliases 
Provide flexibility and abstraction 
Best practice 
HA aliases target AG Listeners NOTservers or instances 
Use m...
Storage 
Windows Server Failover Cluster 
• 
File Share quorum 
• 
Disk witness quorum 
Failover Cluster Instances 
• 
Sha...
Performance 
SQL overhead ALWAYS impacts performance 
Ensure adequate bandwidth for database replication 
Secondary infras...
Service Applications
SharePoint Databases 
Database Name 
Sync 
Async 
User Profile Application 
Yes 
Yes 
User Profile Sync 
Yes 
No 
User Pro...
Search 
Asyncreplication NOT supported 
• 
Risk of deltas between on-disk indexes and databases is HIGH 
Sync Replication ...
User Profiles 
Full database replication possible but can be problematic 
• 
Synchronization is best done “live” 
Options ...
Distributed Cache 
Independent cache with no DB persistence 
Configurable memory allocation 
• 
Max 16GB per server 
• 
Ma...
Request Management
Access Services 
Leverages “Contained Databases” feature of SQL 2012 
Requires changes to SQL Server protocols, settings a...
Business Intelligence 
SSAS 
• 
Can be configured for read-only replicas 
SSRS 
• 
Requires hotfix KB2654347 
• 
No automa...
Hybrid
What is Hybrid? 
+= HybridOnlineOn-premises orAzure IaaS
Two-way (Bidirectional) Topology
Infrastructure pre-requisites
Reverse Proxy 
Only required for ‘Inbound’ or ‘Two-Way (Bidirectional)’ Hybrid topology 
• 
(e.g. Users issuing queries fr...
Active Directory Federation Services (AD FS) 
Prepare Active Directory 
• 
Windows Server 2003 R2 functional level at a mi...
Directory Synchronization (DirSync) 
Synchronization of objects for on-premises AD to Azure AD 
• 
Limited to 50,000 objec...
Sample (non-HA) Hybrid Deployment 
VPNVPN Site-to-Site VPN Tunnel AD DS[AZLAB-DC2] Azure AD Sync[AZLAB-DIRSYNC1] AD FS (3....
Pop Quiz(Are you still awake?) 
• 
What are the considerations to make this environment HA? 
VPNVPN Site-to-Site VPN Tunne...
Implementation
Failover
SQL Server
Environment
Service Applications
Review 
Introduction 
Fundamentals 
Architecture 
Implementation
Discussion 
Miguel Wood 
mwood@tekfocus.com 
mwood@go-planet.com 
Eric Shupps 
eshupps@binarywave.com
Upcoming SlideShare
Loading in …5
×

A Real World Guide to Building Highly Available Fault Tolerant SharePoint Farms

2,597 views

Published on

Building SharePoint farms for development and testing is easy. But building highly available farms to meet enterprise service level agreements that are fault tolerant, scalable and connected to the cloud? Not quite so easy. In this workshop you will learn how to plan, design and implement a highly availability farm architecture based upon proven techniques and practical guidance. You will also discover how to connect on-premise deployments to the cloud, manage security and identity synchronization, correctly configure workflow farms, and prepare your environment for app integration.

Published in: Technology

A Real World Guide to Building Highly Available Fault Tolerant SharePoint Farms

  1. 1. A Real World Guide to Building Highly Available Fault Tolerant SharePoint Farms Miguel Wood Eric Shupps
  2. 2. Agenda Introduction Fundamentals Architecture Implementation
  3. 3. Introduction
  4. 4. Reminders • Download the attendee packet at http://bit.ly/SPAloozaAttendee • Attend the “Rock Star” Sessions at the end of each day for fun, raffle prizes, wrist bands for concert access, and your chance to win a Surface Pro 3 • Attend Nintex’sBrown Bag lunch Friday and Saturday (lunch provided for first 100 people) • Tweet about the event using #SharePointalooza • Thank our sponsors • Have a great time!
  5. 5. Sponsors
  6. 6. Bands What better way to unwind after a long day of working out your brain than with some great live music at the amazing outdoor stage at Branson Landing! The bands will be playing both Friday and Saturday night from 6:30 pm to 10 pm.
  7. 7. About Miguel Wood The “Other” SharePoint Cowboy mwood@tekfocus.commwood@go-planet.com facebook.com/miguelwood @miguelwood
  8. 8. About Eric Shupps CKS:DEV The SharePoint Cowboy Patterns & Practices Eric Shupps www.sharepointcowboy.com eshupps@binarywave.com facebook.com/sharepointcowboy @eshupps
  9. 9. Fundamentals
  10. 10. What is High Availability? Elimination of single points of failure Fully redundant systems Seamless continuity Automated failover Operational Stability
  11. 11. Why Do We Need High Availability? Risk mitigation Compliance Customer Satisfaction Revenue Protection Safety Performance Security Public Relations
  12. 12. Requirements Infrastructure • Devices • Servers • Bandwidth • Storage Software • Windows Server 2012 • Failover Clustering • File Shares • SQL Server 2012/2014 • Always On Availability Groups
  13. 13. Considerations Resources Cost Complexity Licensing Troubleshooting Patching & Updates
  14. 14. Architecture
  15. 15. Basic SharePoint 2013 Farm Architecture SharePoint Server 2013Front-end ServerSQL Server 2012 SP1 PowerPivot Add-InSQL Server 2012 SP1 Reporting Services Service ApplicationSQL Server 2012 SP1 Reporting Services Add-InSharePoint Server 2013Application ServerExcel Services Service ApplicationSQL Server 2012 SP1 PowerPivot Add-InSQL Server 2012 SP1 PowerPivot Service ApplicationSQL Server 2012 SP1 Reporting Services Add-InOffice Web Apps 2013 ServerSQL Server 2012 SP1+ Database EngineAll Databases and RolesSQL Server PowerPivot for SharePointWorkflow Manager Server
  16. 16. Basic SharePoint 2013 HA Farm • JUST SharePoint • Is everything on this diagram ‘highly available’? • What about environment? • AD DS, AD CS/CA, ISPs, etc. Virtual Host AVirtual Host BSQL Server installed and configured to support SQL AlwaysOn Availability Groups. WFE01SharePoint 2013Front-end ServerAPP01SharePoint 2013Application ServerSQL01SQL Server 2012 SP1+ All Databases and RolesWFE02SharePoint 2013Front-end ServerAPP02SharePoint 2013Application ServerSQL02SQL Server 2012 SP1+ All Databases and RolesF5 BigIPNetwork Load BalancerWFM01Workflow ManagerServerWFM03Workflow ManagerServerWFM02Workflow ManagerServerwfm.<domain>.comWSFC01SQLAGL01WAC01Office Web Apps 2013ServerWAC02Office Web Apps 2013Serverwac.<domain>.com
  17. 17. Azure IaaSSharePoint 2013 HA Farm • Azure features and functionality are changing rapidly • Currently, items you must know well (purpose, configuration, and limitations): • Storage • Cloud Services • Availability Sets • Virtual Networks, Regional Virtual Networks* (Affinity Groups no longer relevant!) • Load Balancer, Internal Load Balancer*, Traffic Manager • Site-to-Site VPNs, Multi-Site VPNs* • Resource Groups* • Azure PowerShell modules* • MUCHmore * Added within last 60 days
  18. 18. Environment
  19. 19. Network Firewalls Routers Load Balancers Switches Virtual Hosts Network Interfaces Storage
  20. 20. Storage Dedicated vs. Shared Storage Quorum Types • Node Majority • Node and File Share Majority • Node and Disk Majority • Disk Only Witnesses • Disk • File Share
  21. 21. Active Directory Logins • Service Accounts • SQL Accounts • Computer Objects • File shares Cluster permissions • Read all properties • Create computer objects
  22. 22. DNS • Configuration • Location • Availability • Replication • Entries • Machines • Cluster • Listeners • Permissions
  23. 23. SSL Encryption • Communication (SSL) • Data (TDE) Certificate Types • SAN • Wildcard Challenges • Cost • Complexity • Configuration
  24. 24. SQL Server
  25. 25. Clustering Windows Server Failover Clustering • Required • Provides base cluster capabilities • Server level SQL Failover Cluster Instance • Optional • Instance level • No automatic failover w/ Availability Groups
  26. 26. Availability Groups Group of databases organized into PRIMARY (1) and SECONDARY (4 – 2012, 8 –2014) Automatic data synchronization Synchronous and Asynchronous modes Optional read-only replicas Database-only redundancy Listeners (Virtual Network Names)
  27. 27. Aliases Provide flexibility and abstraction Best practice HA aliases target AG Listeners NOTservers or instances Use multiple listeners for scalability
  28. 28. Storage Windows Server Failover Cluster • File Share quorum • Disk witness quorum Failover Cluster Instances • Shared storage between cluster members • Storage “owned” by active member Availability Groups • Discrete storage for each replica
  29. 29. Performance SQL overhead ALWAYS impacts performance Ensure adequate bandwidth for database replication Secondary infrastructure does not have to match primary • Beware reduced performance • Plan for rapid scale-out Asyncfaster than sync • Possible data loss
  30. 30. Service Applications
  31. 31. SharePoint Databases Database Name Sync Async User Profile Application Yes Yes User Profile Sync Yes No User Profile Social Yes Yes Word Automation Yes Yes Managed Metadata Yes Yes Translation Yes Yes BDC Yes Yes Project Server Yes Yes PowerPivot N/A N/A PerformancePoint Yes Yes Database Name Sync Async Config Yes No Central Admin Yes No Content Yes Yes App Management Yes Yes Search Admin Yes No Search Analytics Yes No Search Crawl Yes No State Service Yes No Secure Store Yes Yes Usage and Health Yes No
  32. 32. Search Asyncreplication NOT supported • Risk of deltas between on-disk indexes and databases is HIGH Sync Replication Challenges • Administration • Site-level configuration • Analytics • Database size • Crawl/Re-Indexing time
  33. 33. User Profiles Full database replication possible but can be problematic • Synchronization is best done “live” Options • Backup and restore • Reprovision User Profile Service Application Profile DB Sync DB User Profile Synchronization Service Active Directory Profile DB SyncDB Forefront Identity Manager FIM FIM Sync
  34. 34. Distributed Cache Independent cache with no DB persistence Configurable memory allocation • Max 16GB per server • Max 32GB per farm Dedicated mode recommended for High Availability • HA possible in collocated mode with sufficient hardware resources Cache Dependencies Feeds Content Search Web Part Login Tokens Access Cache Security Trimming App Tokens View State OneNote Throttling
  35. 35. Request Management
  36. 36. Access Services Leverages “Contained Databases” feature of SQL 2012 Requires changes to SQL Server protocols, settings and authentication mode • HA requires Contained Database Authentication Access DB’s are NOTautomatically added to availability groups
  37. 37. Business Intelligence SSAS • Can be configured for read-only replicas SSRS • Requires hotfix KB2654347 • No automatic failover PowerPivot • Not yet tested for Sync or Asynccommit operations
  38. 38. Hybrid
  39. 39. What is Hybrid? += HybridOnlineOn-premises orAzure IaaS
  40. 40. Two-way (Bidirectional) Topology
  41. 41. Infrastructure pre-requisites
  42. 42. Reverse Proxy Only required for ‘Inbound’ or ‘Two-Way (Bidirectional)’ Hybrid topology • (e.g. Users issuing queries from a Search Centerin SharePoint Online attempting to retrieve search results from an on-premises farm) Reverse Proxy Device Requirements • Support client certificate authentication with a wildcard or SAN SSL certificate • Support pass-through authentication for OAuth2.0 • Accept unsolicited inbound traffic on TCP port 443 (HTTPS) • Bind a SAN SSL certificate to a published endpoint • Relay traffic to an on-premises SharePoint 2013 farm without rewriting any packet headers (Currently) Supported Reverse Proxy Devices • Windows Server 2012 R2 with Web Application Proxy (WAP) • F5 BIG-IP • Forefront Threat management Gateway (TMG) 2010 (*Deprecated*)
  43. 43. Active Directory Federation Services (AD FS) Prepare Active Directory • Windows Server 2003 R2 functional level at a minimum • UPNs are correctly set (if public domain differs to corporate domain name) Deploy AD FS 2.0+ • AD FS 2.x is based on IIS • AD FS 3.0 is not based on IIS (PowerShell only) Install Microsoft Online Services Sign in Assistant and Windows Azure AD PowerShell Modules Set up a trust between ADFS and Windows Azure AD • Connect-MSOLService • Set-MSOLADFSContext • Convert-MsolDomainToFederated–DomainName<domain>
  44. 44. Directory Synchronization (DirSync) Synchronization of objects for on-premises AD to Azure AD • Limited to 50,000 objects, can be increased by engaging Microsoft • Synchronization occurs every 3 hours by default, can be initiated manually • Can filter based on OU, Domain or User Attribute This is a requirement for SharePoint Hybrid scenarios, including Search • When a user issues a query from on-premises to SP Online, SP Online must rehydrate the user’s identity • The rehydration process looks up attributes in the SP Online profile store • If no or multiple profiles exist the query will fail rather than security trimmed results being returned
  45. 45. Sample (non-HA) Hybrid Deployment VPNVPN Site-to-Site VPN Tunnel AD DS[AZLAB-DC2] Azure AD Sync[AZLAB-DIRSYNC1] AD FS (3.0) [AZLAB-ADFS1] AD FS Proxy[AZLAB-WAP1] Windows Server 2012 R2Web Application Proxy (WAP) (Reverse Proxy) SharePoint Server 2013 PublishedSQL Server 2012 SP1+ [SQL1] AD DSAD CS[DC1] Web Application Companion (WAC) [WAC1] SP2013Web Front End(WFE) [WFE1] SP2013Application Server(APP) [APP1] Windows 8.1 Enterprise Client[CLIENT1] Windows Azure Workflow Manager[WFM1] Remote Access(VPN and NAT) [EDGE1] External Internet User
  46. 46. Pop Quiz(Are you still awake?) • What are the considerations to make this environment HA? VPNVPN Site-to-Site VPN Tunnel AD DS[AZLAB-DC2] Azure AD Sync[AZLAB-DIRSYNC1] AD FS (3.0) [AZLAB-ADFS1] AD FS Proxy[AZLAB-WAP1] Windows Server 2012 R2Web Application Proxy (WAP) (Reverse Proxy) SharePoint Server 2013 PublishedSQL Server 2012 SP1+ [SQL1] AD DSAD CS[DC1] Web Application Companion (WAC) [WAC1] SP2013Web Front End(WFE) [WFE1] SP2013Application Server(APP) [APP1] Windows 8.1 Enterprise Client[CLIENT1] Windows Azure Workflow Manager[WFM1] Remote Access(VPN and NAT) [EDGE1] External Internet User
  47. 47. Implementation
  48. 48. Failover
  49. 49. SQL Server
  50. 50. Environment
  51. 51. Service Applications
  52. 52. Review Introduction Fundamentals Architecture Implementation
  53. 53. Discussion Miguel Wood mwood@tekfocus.com mwood@go-planet.com Eric Shupps eshupps@binarywave.com

×