Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

SPSSV 2013 - Ultimate SharePoint Infrastructure Best Practices Session


Published on

Presented at SharePoint Saturday Silicon Valley 2013

Published in: Technology
  • Be the first to comment

SPSSV 2013 - Ultimate SharePoint Infrastructure Best Practices Session

  1. 1. The ‘Ultimate’SharePointInfrastructure BestPractices SessionMichael Noel - CCO
  2. 2. Michael Noel• Author of SAMS Publishing titles “SharePoint 2013 Unleashed,” “SharePoint 2010Unleashed”, “Windows Server 2012 Unleashed,” “Exchange Server 2013Unleashed”, “ISA Server 2006 Unleashed”, and a total of 19 titles that have soldover 300,000 copies.• Partner at Convergent Computing ( – San Francisco, U.S.A. basedInfrastructure/Security specialists for SharePoint, AD, Exchange, System Center,Security, etc.
  3. 3. What’s new inInfrastructure forSharePoint 2013
  4. 4. • Windows Server 2008 R2 SP1 or Windows Server2012 (Preferred)• SQL Server 2008 R2 w/SP1 or SQL Server 2012(Preferred)Type Memory ProcessorDev/Stage/Test server 8GB RAM 4 CPU‘All-in-one’ DB/Web/SA 24GB RAM 4 CPUWeb/SA Server 12GB RAM 4 CPUDB Server (medium environments) 16GB RAM 8 CPUDB Server (small environments) 8GB RAM 4 CPUWhat’s new in Infrastructure for SharePoint 2013Software/Hardware Requirements
  5. 5. • Office Web Apps is no longer a service application• Web Analytics is no longer service application, it’s part ofsearch• New service applications available and improvements onexisting ones– App Management Service – Used to manage the new SharePoint appstore from the Office Marketplace or the Application Catalog– SharePoint Translation Services – provides for language translation ofWord, XLIFF, and PPT files to HTML– Work Management Service – manages tasks across SharePoint, MSExchange and Project.– Access Services App (2013) – Replaces 2010 version of Access ServicesWhat’s new in Infrastructure for SharePoint 2013Changes in Service Applications and New Service Applications
  6. 6. • A new Windows service – the Distributed CacheService – is installed on each server in the farmwhen SharePoint is installed• It is managed via the Services on Server page incentral admin as the Distributed Cache service• The config DB keeps track ofwhich machines in the farmare running the cache serviceWhat’s new in Infrastructure for SharePoint 2013Distributed Cache Service
  7. 7. • The purpose of the Request Management feature is to giveSharePoint knowledge of and more control over incomingrequests• Having knowledge over the nature of incoming requests –for example, the user agent, requested URL, or source IP –allows SharePoint to customize the response to each request• RM is applied per web app, just like throttling is done inSharePoint 2010What’s new in Infrastructure for SharePoint 2013Request Management (RM)
  8. 8. • Option 1 (AD Import): Simple one-way Sync(a la SharePoint 2007)• Option 2: Two-way, possible write-back to ADoptions using small FIM service on UPAserver (a la 2010)• Option 3: Full Forefront Identity Manager(FIM) Synchronization, allows for complexscenarios – Larger clients will appreciate thisWhat’s new in Infrastructure for SharePoint 2013User Profile Sync – Three Options for Deployment
  9. 9. • SharePoint 2013 continues to offer support forboth claims and classic authentication modes• However claims authentication is THE defaultauthentication option now– Classic authentication mode is still there, but canonly be managed in PowerShell – it’s gone from theUI– Support for classic mode is deprecated and will goaway in a future release– There also a new process to migrate accountsfrom Windows classic to Windows claims –the Convert-SPWebApplication cmdletWhat’s new in Infrastructure for SharePoint 2013Claims-based Authentication - Default
  10. 10. • Stores new versions of documents as ‘shreddedBLOBs that are deltas of the changes• Promises to reduce storage size significantlyWhat’s new in Infrastructure for SharePoint 2013Shredded Storage
  11. 11. • New Searcharchitecture (FASTbased) with oneunified search• Personalizedsearch resultsbased on searchhistory• Rich contextualpreviewsWhat’s new in Infrastructure for SharePoint 2013Search – FAST Search now included
  13. 13. WebService AppsDataArchitecting the FarmThree Layers of SharePoint Infrastructure
  14. 14. • ‘All-in-One’ (Avoid) DB and SP Roles SeparateArchitecting the FarmSmall Farm Models
  15. 15. • 2 SharePoint Servers runningWeb and Service Apps• 2 Database Servers(AlwaysOn FCI or AlwaysOnAvailability Groups)• 1 or 2 Index Partitions withequivalent query components• Smallest farm size that is fullyhighly availableArchitecting the FarmSmallest Highly Available Farm
  16. 16. • 2 Dedicated WebServers (NLB)• 2 Service ApplicationServers• 2 Database Servers(Clustered orMirrored)• 1 or 2 Index Partitionswith equivalent querycomponentsArchitecting the FarmBest Practice ‘Six Server Farm’
  17. 17. • Separate farm forService Applications• One or more farmsdedicated to content• Service Apps areconsumed cross-farm• Isolates ‘cranky’service apps likeUser Profile Sync andallows for patching inisolationArchitecting the FarmIdeal – Separate Service App Farm + Content Farm(s)
  18. 18. • Multiple DedicatedWeb Servers• Multiple DedicatedService App Servers• Multiple DedicatedQuery Servers• Multiple DedicatedCrawl Servers, withmultiple Crawl DBs toincrease parallelizationof the crawl process• Multiple distributedIndex partitions (max of10 million items perindex partition)• Two query componentsfor each Index partition,spread among serversArchitecting the FarmLarge SharePoint Farms
  19. 19. SharePoint Virtualization
  20. 20.  Allows organizations that wouldn’t normally be able to have a testenvironment to run one Allows for separation of the database role onto a dedicated server Can be more easily scaled out in the futureSample 1: Single Server EnvironmentSP Server Virtualization
  21. 21.  High-Availabilityacross Hosts AllcomponentsVirtualizedSample 2: Two Server Highly Available FarmSP Server Virtualization
  22. 22.  Highesttransactionservers arephysical Multiple farmsupport, withDBs for allfarms on theSQL AOAGSample 3: Mix of Physical and Virtual ServersSP Server Virtualization
  23. 23. Scaling to Large Virtual EnvironmentsSP Server Virtualization
  24. 24. • Processor (Host Only)– <60% Utilization = Good– 60%-90% = Caution– >90% = Trouble• Available Memory– 50% and above = Good– 10%-50% = OK– <10% = Trouble• Disk – Avg. Disk sec/Read orAvg. Disk sec/Write– Up to 15ms = fine– 15ms-25ms = Caution– >25ms = Trouble• Network Bandwidth – BytesTotal/sec– <40% Utilization = Good– 41%-64% = Caution– >65% = Trouble• Network Latency - OutputQueue Length– 0 = Good– 1-2= OK– >2 = TroubleVirtualization of SharePoint ServersVirtualization Performance Monitoring
  25. 25. Data Management
  26. 26. Sample Distributed Content Database DesignData Management
  27. 27. • Can reduce dramatically the size of Content DBs, as upwardsof 80%-90% of space in content DBs is composed of BLOBs• Can move BLOB storage to more efficient/cheaper storage• Improve performance and scalability of your SharePointdeployment – But highly recommended to use third partyRemote BLOB Storage (RBS)Data Management
  28. 28. SQL Database Optimization
  29. 29. DB-AFile 1DB-BFile 1Volume #1DB-AFile 2DB-BFile 2Volume #2DB-AFile 3DB-BFile 3Volume #3DB-AFile 4DB-BFile 4Volume #4Tempdb File 1 Tempdb File 2 Tempdb File 3 Tempdb File 4Multiple Files for SharePoint DatabasesSQL Server Optimization
  30. 30. • Break Content Databases and TempDB into multiple files (MDF, NDF), totalshould equal number of physical processors (not cores) on SQL server.• Pre-size Content DBs and TempDB to avoid fragmentation• Separate files onto different drive spindles for best IO perf.• Example: 50GB total Content DB on Two-way SQL Server would have twodatabase files distributed across two sets of drive spindles = 25GB pre-sizedfor each file.Multiple Files for SharePoint DatabasesSQL Server Optimization
  31. 31. • Implement SQL Maintenance Plans!• Include DBCC (Check Consistency) and either ReorganizeIndexes or Rebuild Indexes, but not both!SQL Database OptimizationSQL Maintenance Plans• Add backups into themaintenance plan if theydon’t exist already• Be sure to truncatetransaction logs with a T-SQL Script (after fullbackups have run…)
  32. 32. High Availability and Disaster Recovery
  33. 33. High Availability and Disaster RecoverySQL Server SolutionPotential DataLoss (RPO)PotentialRecovery Time(RTO)AutomaticFailoverAdditionalReadable CopiesAlwaysOn Availability Groups – Synchronous (Dual-phasecommit, no data loss, can’t operate across WAN)None 5-7 Seconds Yes 0 - 2AlwaysOn Availability Groups – Asynchronous (Latency tolerant,cross WAN option, potential for data loss)Seconds Minutes No 0 - 4AlwaysOn Failover Cluster Instance (FCI) – Traditional sharedstorage clusteringNA 30 Seconds toseveral minutes(depending ondisk failover)Yes N/ADatabase Mirroring- High-safety (Synchronous) Zero 5-10 seconds Yes N/ADatabase Mirroring - High-performance (Asynchronous) Seconds Manuallyinitiated, can be afew minutes ifautomatedNo N/ASQL Log Shipping Minutes Manuallyinitated, can be afew minutes ifautomated, bytypically hoursNo Not duringa restoreTraditional Backup and Restore Hours to Days Typically multiplehours, days, orweeksNo Not duringa restoreComparison of High Availability andDisaster Recovery OptionsHA and DR
  34. 34. AlwaysOn Availability Groups in SQL 2012HA and DR
  35. 35. DemoCreating SQL 2012 AOAGs
  36. 36. • Hardware Based Load Balancing (F5,Cisco, Citrix NetScaler – Bestperformance and scalability• Software Windows Network LoadBalancing fully supported by MS, butrequires Layer 2 VLAN (all packets mustreach all hosts.) Layer 3 Switches mustbe configured to allow Layer 2 to thespecific VLAN.• If using Unicast, use two NICs on theserver, one for communications betweennodes.• If using Multicast, be sure to configurerouters appropriately• Set Affinity to Single (Sticky Sessions)• If using VMware, note fix to NLB RARPissue ( Load BalancingHA and DR
  37. 37. Security and Documentation
  38. 38. • Infrastructure Security and Best practices– Physical Security– Best Practice Service Account Setup– Kerberos Authentication• Data Security– Role Based Access Control (RBAC)– Transparent Data Encryption (TDE) of SQL Databases• Transport Security– Secure Sockets Layer (SSL) from Server to Client– IPSec from Server to Server• Edge Security– Inbound Internet Security (Forefront UAG/TMG)• Rights ManagementFive Layers of SharePoint SecuritySecurity
  39. 39. • Document all key settings in IIS, SharePoint, afterinstallation• Consider monitoring for changes after installation forConfig Mgmt.• Fantastic tool for this is the SPDocKit - can be found at SharePoint
  40. 40. Michael NoelTwitter: @MichaelTNoelwww.cco.comSlides: blog: sharingtheglobe.comPre-order SharePoint 2013
  41. 41. Join us right after the event at the Firehouse Grill!Socialize and unwind after our day of learning.1765 E. Bayshore RoadEast Palo Alto, CA