Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Planning and deploying_share_point_farm_in_azure_gabsg_2016


Published on

Planning and Deployment your SharePoint Farm with Azure IaaS v2

Published in: Software
  • Be the first to comment

Planning and deploying_share_point_farm_in_azure_gabsg_2016

  1. 1. Tweet: #GlobalAzure | Planning and Deploying your SharePoint farm in Azure Thuan Nguyen Office Servers & Services MVP @nnthuan 1
  2. 2. Tweet: #GlobalAzure | Event Sponsors 2
  3. 3. Tweet: #GlobalAzure | Participate with us and stand a chance to win prizes! Survey: Tweet Tag: #GlobalAzure #GABSG 3
  4. 4. Tweet: #GlobalAzure | About me 4  Office Servers & Services MVP  Solution Architect at FPT Software helping customers effectively build digital workplace solution with Microsoft products and technologies.  Email:  Blog:  LinkedIn:
  5. 5. Tweet: #GlobalAzure | Why Azure for SharePoint Farm Deployment 5
  6. 6. Tweet: #GlobalAzure | Cloud Model 6
  7. 7. Tweet: #GlobalAzure | SharePoint Cloud Continuum 7 (Credit: MCS)
  8. 8. Tweet: #GlobalAzure | Benefit of Azure for SharePoint Deployment 8  Support for key server applications and workloads  Easy storage manageability  High availability features  Advanced networking  Integration with compute PaaS  Easy Application Migration
  9. 9. Tweet: #GlobalAzure | Deployment Scenarios 9  Development and test/POC environments  Disaster recovery of on-premises SharePoint farms to Azure  Internet-facing sites that use features and scale not available in Office 365  App farms to support Office 365 or on-premises environments  SharePoint Intranet hosted in Azure (consider the cost)
  10. 10. Tweet: #GlobalAzure | Development and Test Environment 10  Quickly create a SharePoint farm with a few steps by Azure offerings.  Turn off every time you are not using to save cost. (Azure Portal > New > Virtual Machine)
  11. 11. Tweet: #GlobalAzure | DR of SharePoint On-premises 11  Cost saving with Azure hosted secondary datacenter instead of on-premises datacenter.  Maintain and pay for resources you use in Azure with scaling demand.
  12. 12. Tweet: #GlobalAzure | SharePoint Internet facing site in Azure 12  SharePoint Internet facing deployment in an on-premises environment requires huge investment in infrastructure.  Microsoft deprecated Public Website features in Office 365/SharePoint Online in January 2015.  External collaboration with Azure AD. (Three-zone design — separation of internal and customer accounts)
  13. 13. Tweet: #GlobalAzure | Support Office 365/SharePoint On-premises 13  Connect with Azure-hosted app in which data is stored in Azure Storage.  Leverage Azure Media Services for digital asset management in SharePoint On- premises.  Connect to other Azure services (Mobile services, Azure AD…etc.) (One of the SharePoint App Model)
  14. 14. Tweet: #GlobalAzure | Planning for SharePoint Farm in Azure 14
  15. 15. Tweet: #GlobalAzure | Key areas to SharePoint Farm in Azure  Farm Topology  Identity Management  Business Continuity  Performance & Capacity  Maintenance & Operation  Pricing
  16. 16. Tweet: #GlobalAzure | Azure Concepts for Farm Topology Planning 16 Regional Virtual Network Resource Group Virtual Network Availability Set Subnet Virtual Machine Site Connectivity Azure Services Storage
  17. 17. Tweet: #GlobalAzure | Resource Group 17  Azure Cloud Service is replaced by Resource Group in Azure IaaS v2.  Resource Group must be created before you can create virtual network or other resources (e.g. virtual machine…).  The big advantage of Resource Group is that it simplifies the declarative template deployment.  Not to be confused with Regional VNET (aka Affinity Groups), which is keeping virtual resources close proximity.
  18. 18. Tweet: #GlobalAzure | Virtual Network 18  Determine if you are going to host your SharePoint farm fully in Azure.  If connecting to on-premises infrastructure (e.g. for Office Web App deployment), site-to-site is required.  Use reserved IP to maintain IP address in case your VM is restarted (e.g. facing LB, ADDS & DNS…)  Plan for security with different subnet.
  19. 19. Tweet: #GlobalAzure | 19 Virtual Machine  Azure organizes VM sizes into machine series—A-series, D-series, DS-series, and G-series. (  Only a part of A-series is available to the Basic tier. All series are available for the Standard tier.  Each VM has maximum number of data disks and IOPS.  Azure Premium Storage supports VM disks that can be attached to DS, DSv2 or GS series Azure VMs.  Scale out VM rather than scale up.
  20. 20. Tweet: #GlobalAzure | 20 Storage  There are two types of Azure storage accounts: Standard and Premium.  A standard storage account has a maximum total request rate of 20,000 IOPS. Each disk is supported up to 500 IOPS.  Only use Premium Storage if you need to high performance and low latency.  Each disk is supported up to 500 IOPS. You can stripe disk to achieve higher IOPS.  E.g. Farm with many content databases. A content database is recommended to have 0.5 IOPS/GB.  Storage account and virtual machines are supposed to be in the same region.  Do not use the temporary disk (D:) (including for TempDB)  Use SQL file groups across multiple disks instead of disk striping
  21. 21. Tweet: #GlobalAzure | 21 Virtual Machine Planning Tier Size CPU Cores Memory Max. Disk Max. IOPS Web A5 2 14 GB 4 4 x 500 App A6 4 28 GB 8 8 x 500 A5 2 14 GB 4 4 x 500 Search A6 4 28 GB 8 8 x 500 A4 (*) 8 14 GB 16 16 x 500 Distributed Cache A5 2 14 GB 4 4 x 500 Database A4 (*) 8 14 GB 16 16 x 500 DS4 (**) 8 28 GB 16 25,600 (*) For Index with large repository (**) Farm with 20-40 TB requires high IOPS.
  22. 22. Tweet: #GlobalAzure | 22 Identity Management  What is the primary identity provider of your SharePoint farm?  On-premises Active Directory (most common)  Azure-hosted Active Directory  Azure Active Directory Domain Services  Is there a requirement of federation trust?  SharePoint users from On-premises Active Directory having access to fully Azure-hosted SharePoint farm.  Office 365 users  Partner authentication in extranet collaboration scenario.
  23. 23. Tweet: #GlobalAzure | 23 Azure AD vs On-premises AD Azure AD On-premises AD Designed to protect cloud-based resources. It is a multitenant system that works over the Internet. Built to secure on-premises resources and works within local networks of a single enterprise Uses Internet-oriented protocols, such as SAML 2.0, ws-Federation, OpenID Connect, and RESTful Graph API Uses protocols such as Kerberos and Lightweight Directory Access Protocol (LDAP) Provides features such as Azure Access Panel and RESTful interfaces. Supports constructs such as forests, domains, and organization units  Provide authentication & authorization services.  Simplify management of directory objects (e.g. user & group)  Provide Single sign on experience
  24. 24. Tweet: #GlobalAzure | 24 On-premises Active Directory  Connect On-premises Active Directory to SharePoint Farm in Azure.  Site-to-site VPN is required.  ExpressRoute provides private connections between your on-premises datacenters and Azure datacenters
  25. 25. Tweet: #GlobalAzure | 25 Azure-hosted Active Directory  Everything is hosted in Azure including Active Directory Domain Controller server. This is commonly for public-facing SharePoint deployment.  The installation and setup is fairly similar to the on-premises one.  Azure-hosted Active Directory is like the virtualization of Active Directory To configure On-premises Azure Virtual Network IP address for the domain controller Assign static IP address on the network adapter properties Run the Set- AzureStaticVNetIP cmdlet to assign a static IP address DNS client resolver Set Preferred and Alternate DNS server address on the network adapter properties of domain members Set DNS server address on the virtual network properties Active Directory database storage Optionally change the default storage location from C: You need to change default storage location from C:
  26. 26. Tweet: #GlobalAzure | 26 Federation Scenario  Azure AD Sync (without SSO)  AD Federation Service  Azure Access Control Service (Credit: Kirk Evans, MSFT Architect - Azure CoE)
  27. 27. Tweet: #GlobalAzure | 27 Recommendation of AD VM in Azure  Small virtual machine (Standard_A2 or Standard_A3).  Windows Server 2012 R2 is recommended.  Install and configure DNS server with reserved IP addresses.  Place the Active Directory database, logs, and SYSVOL on additional Azure data disks. Do not place these on the operating system disk (C drive) or the temporary disks (D drive) provided by Azure.
  28. 28. Tweet: #GlobalAzure | 28 Business Continuity Scalability Availability Fault Tolerance  Availability, Scalability, and fault tolerance are key requirements of any business continuity and disaster recovery plan.  To have availability, you need scalability to handle the workload as the needs of the workload increase.  You need fault tolerance to overcome any issues that might arise. Microsoft Azure
  29. 29. Tweet: #GlobalAzure | 29 HA for SharePoint Farm in Azure  Availability Set  SQL Server  AlwaysOn Availability Group  AlwaysOn Failover Cluster Instances  Azure Load Balancer
  30. 30. Tweet: #GlobalAzure | 30 Availability Set  An availability set helps keep your virtual machines available during downtime, such as during maintenance.  Fault Domain  Update Domain  Create availability set for tier and role (Web, App, Db, Search…)
  31. 31. Tweet: #GlobalAzure | 31 SQL Server HA in Azure  AlwaysOn Availability Groups is fully supported in Azure.  AlwaysOn Failover Cluster Instances (FCI) with Azure File store is not supported currently.  An FCI on a two-node WSFC running in Azure VMs with storage supported by SIOS DataKeeper.  An FCI on a two-node WSFC running in Azure VMs with remote iSCSI Target shared block storage via ExpressRoute. For example, NetApp Private Storage (NPS) exposes an iSCSI target via ExpressRoute with Equinix to Azure VMs.  Leverage WS 2012 SMB could work.  Microsoft does not provide warranty of 3rd party with FCI.
  32. 32. Tweet: #GlobalAzure | 32 Azure Load Balancer  Azure Load Balancer distributes incoming traffic among healthy service instances in cloud services or virtual machines defined in a load-balancer set.  There are several LB virtual machines in Azure Market Place (Kemp, Shaka…etc)  Internal LB can be used to set up in cross-network environment
  33. 33. Tweet: #GlobalAzure | 33 DR for SharePoint Farm in Azure SQL Server  AlwaysOn Availability Group  Database Mirroring  Backup and Restore with Azure Blob Storage Service Azure Backup  When you create a recovery vault for Backup, use a different region than that of the servers and services you will be backing up.  StorSimple is more like a SAN solution that offers seemingly endless capacity by scaling-out to Azure for data that is not regularly accessed.
  34. 34. Tweet: #GlobalAzure | 34 Performance & Capacity  For network performance with site-to-site, look at ExpressRoute.  With storage, plan for capacity with your designated VM.  Don’t just use Premium Storage for high performance, calculate IOPS required first.  If you need more throughput you can stripe data disk.  With SQL Server VM specifically in Azure IaaS, refer to this article
  35. 35. Tweet: #GlobalAzure | 35 Maintenance & Operation  VM Monitoring  Diagnostic  Alert Rule  PowerShell  Azure Status ( -us/status)
  36. 36. Tweet: #GlobalAzure | 36 Pricing  Virtual Machine  Storage  Bandwidth  IP Address  VPN Gateway  ExpressRoute  AzureDNS  Backup  Site Recovery  Azure AD  StorSimple
  37. 37. Tweet: #GlobalAzure | 37 Sample
  38. 38. Tweet: #GlobalAzure | Deploying SharePoint Farm in Azure 38
  39. 39. Tweet: #GlobalAzure | Quick Deployment of SharePoint Farm 39  The fastest way to deploy a SharePoint farm for pilot testing/evaluation.
  40. 40. Tweet: #GlobalAzure | 40 Azure Resource Manager Template  Create a template with declarative representation of the solution to create a resource group that contains all of the resources you need for SharePoint Farm.  The template consists of JSON and expressions which you can use to construct values for your deployment.  Use Azure Visualize to design your template  Search template in us/documentation/templates/
  41. 41. Tweet: #GlobalAzure | 41 Manual Deployment  Create Resource Group  Create Virtual Network  Create Storage Account  Create Availability Set  Create Virtual Machine  Install and Configure Active Directory  Install and Configure SQL Server  Install and Configure SharePoint Server  Advanced Configuration for HA, LB or so on
  42. 42. Tweet: #GlobalAzure | Deployment Consideration 42
  43. 43. Tweet: #GlobalAzure | Unsupported 43  Windows Azure Virtual Machines load balancing mechanism does not support Sticky Sessions currently.  Problem with FBA/SAML Auth in SharePoint 2010. SharePoint 2013 is fine.  AlwaysOn Failover Cluster Instances are not supported in Azure IaaS itself.  Wide Area Network (WAN) deployment is still not supported in Azure across regions. Metalogix Replicator could be an alternative.  Office Web App Server is not supported in Azure IaaS due to licensing model.  SharePoint and Azure SQL is still not possible.
  44. 44. Tweet: #GlobalAzure | Q & A 44
  45. 45. Tweet: #GlobalAzure | References 45  High availability and disaster recovery for SQL Server in Azure Virtual Machines  Planning for SharePoint 2013 on Azure Infrastructure Services  Internet Sites in Microsoft Azure using SharePoint Server 2013  Understanding Windows Azure Storage Billing – Bandwidth, Transactions, and Capacity  Azure subscription and service limits, quotas, and constraints  Microsoft Azure Cost Estimator Tool
  46. 46. Tweet: #GlobalAzure | Thank You 46