A Real World Guide to Building Highly Available Fault Tolerant SharePoint Farms
-
Upload
eric-shupps -
Category
Technology
-
view
481 -
download
5
description
Transcript of A Real World Guide to Building Highly Available Fault Tolerant SharePoint Farms
A Real World Guide to Building Highly Available Fault Tolerant
SharePoint Farms
Miguel WoodEric Shupps
Agenda
IntroductionFundamentalsArchitectureImplementation
Introduction
Reminders
• Download the attendee packet at http://bit.ly/SPAloozaAttendee • Attend the “Rock Star” Sessions at the end of each day for fun, raffle
prizes, wrist bands for concert access, and your chance to win a Surface Pro 3
• Attend Nintex’s Brown Bag lunch Friday and Saturday (lunch provided for first 100 people)
• Tweet about the event using #SharePointalooza• Thank our sponsors• Have a great time!
Sponsors
Bands
What better way to unwind after a long day of working out your brain than with some great live music at the amazing outdoor stage at Branson Landing! The bands will be playing both Friday and Saturday night from 6:30 pm to 10 pm.
About Miguel Wood
The “Other” SharePoint Cowboy [email protected]@go-planet.com facebook.com/miguelwood @miguelwood
About Eric Shupps
CKS:DEV
TheSharePointCowboy
Patterns&
Practices
Eric Shupps
www.sharepointcowboy.com [email protected] facebook.com/sharepointcowboy @eshupps
Fundamentals
What is High Availability?
Elimination of single points of failureFully redundant systemsSeamless continuityAutomated failoverOperational Stability
Why Do We Need High Availability?
Risk mitigationComplianceCustomer SatisfactionRevenue ProtectionSafetyPerformanceSecurityPublic Relations
Requirements
Infrastructure• Devices• Servers• Bandwidth• Storage
Software• Windows Server 2012
• Failover Clustering• File Shares
• SQL Server 2012/2014• Always On Availability Groups
Considerations
ResourcesCostComplexityLicensingTroubleshootingPatching & Updates
Architecture
Basic SharePoint 2013 Farm Architecture
SharePoint Server 2013Front-end Server
SQL Server 2012 SP1 PowerPivot Add-In
SQL Server 2012 SP1 Reporting Services Service ApplicationSQL Server 2012 SP1 Reporting Services Add-In
SharePoint Server 2013Application Server
Excel Services Service Application
SQL Server 2012 SP1 PowerPivot Add-InSQL Server 2012 SP1 PowerPivot Service Application
SQL Server 2012 SP1 Reporting Services Add-In
Office Web Apps 2013 Server
SQL Server 2012 SP1+
Database EngineAll Databases and Roles
SQL Server PowerPivot for SharePoint
Workflow Manager Server
Basic SharePoint 2013 HA Farm
• JUST SharePoint• Is everything on this diagram
‘highly available’?• What about environment?
• AD DS, AD CS/CA, ISPs, etc.
Virtual Host A Virtual Host B
SQL Server installed and configured to support SQL AlwaysOn Availability Groups.
WFE01SharePoint 2013Front-end Server
APP01SharePoint 2013
Application Server
SQL01SQL Server 2012 SP1+
All Databases and Roles
WFE02SharePoint 2013Front-end Server
APP02SharePoint 2013
Application Server
SQL02SQL Server 2012 SP1+
All Databases and Roles
F5 BigIPNetwork Load Balancer
WFM01Workflow Manager
Server
WFM03Workflow Manager
Server
WFM02Workflow Manager
Server
wfm.<domain>.com
WSFC01SQLAGL01
WAC01Office Web Apps 2013
Server
WAC02Office Web Apps 2013
Server
wac.<domain>.com
Azure IaaS SharePoint 2013 HA Farm
• Azure features and functionality are changing rapidly
• Currently, items you must know well (purpose, configuration, and limitations):
• Storage• Cloud Services• Availability Sets• Virtual Networks, Regional Virtual Networks*
(Affinity Groups no longer relevant!)• Load Balancer, Internal Load Balancer*, Traffic
Manager• Site-to-Site VPNs, Multi-Site VPNs*• Resource Groups*• Azure PowerShell modules*• MUCH more
* Added within last 60 days
Environment
Network
FirewallsRoutersLoad BalancersSwitchesVirtual HostsNetwork InterfacesStorage
Storage
Dedicated vs. Shared StorageQuorum Types
• Node Majority• Node and File Share Majority• Node and Disk Majority• Disk Only
Witnesses• Disk• File Share
Active Directory
Logins• Service Accounts• SQL Accounts• Computer Objects• File shares
Cluster permissions• Read all properties• Create computer objects
DNS
• Configuration• Location• Availability• Replication
• Entries• Machines• Cluster• Listeners
• Permissions
SSL
Encryption• Communication (SSL)• Data (TDE)
Certificate Types• SAN• Wildcard
Challenges• Cost• Complexity• Configuration
SQL Server
Clustering
Windows Server Failover Clustering
• Required• Provides base cluster capabilities• Server level
SQL Failover Cluster Instance• Optional• Instance level• No automatic failover w/
Availability Groups
Availability Groups
Group of databases organized into PRIMARY (1) and SECONDARY (4 –2012, 8 – 2014)Automatic data synchronizationSynchronous and Asynchronous modesOptional read-only replicasDatabase-only redundancyListeners (Virtual Network Names)
Aliases
Provide flexibility and abstractionBest practiceHA aliases target AG Listeners NOT servers or instancesUse multiple listeners for scalability
Storage
Windows Server Failover Cluster• File Share quorum • Disk witness quorum
Failover Cluster Instances• Shared storage between cluster
members• Storage “owned” by active
member
Availability Groups• Discrete storage for each replica
Performance
SQL overhead ALWAYS impacts performanceEnsure adequate bandwidth for database replicationSecondary infrastructure does not have to match primary
• Beware reduced performance• Plan for rapid scale-out
Async faster than sync• Possible data loss
Service Applications
SharePoint Databases
Database Name Sync Async
User Profile Application Yes Yes
User Profile Sync Yes No
User Profile Social Yes Yes
Word Automation Yes Yes
Managed Metadata Yes Yes
Translation Yes Yes
BDC Yes Yes
Project Server Yes Yes
PowerPivot N/A N/A
PerformancePoint Yes Yes
Database Name Sync Async
Config Yes No
Central Admin Yes No
Content Yes Yes
App Management Yes Yes
Search Admin Yes No
Search Analytics Yes No
Search Crawl Yes No
State Service Yes No
Secure Store Yes Yes
Usage and Health Yes No
Search
Async replication NOT supported• Risk of deltas between on-disk
indexes and databases is HIGH
Sync Replication Challenges• Administration
• Site-level configuration• Analytics• Database size• Crawl/Re-Indexing time
User Profiles
Full database replication possible but can be problematic
• Synchronization is best done “live”
Options• Backup and restore• Reprovision
User Profile Service Application
ProfileDB
SyncDB
User Profile Synchronization Service
ActiveDirectory
ProfileDB
SyncDB
Forefront Identity Manager
FIM FIM Sync
Distributed Cache
Independent cache with no DB persistenceConfigurable memory allocation
• Max 16GB per server• Max 32GB per farm
Dedicated mode recommended for High Availability
• HA possible in collocated mode with sufficient hardware resources
Cache Dependencies
Feeds
Content Search
Web Part
Login Tokens
Access Cache
Security Trimming
App Tokens
View State
OneNote Throttling
Request Management
Access Services
Leverages “Contained Databases” feature of SQL 2012Requires changes to SQL Server protocols, settings and authentication mode
• HA requires Contained Database Authentication
Access DB’s are NOT automatically added to availability groups
Business Intelligence
SSAS• Can be configured for read-only
replicas
SSRS• Requires hotfix KB2654347• No automatic failover
PowerPivot • Not yet tested for Sync or Async
commit operations
Hybrid
What is Hybrid?
+ =HybridOnline On-premises or
Azure IaaS
Two-way (Bidirectional) Topology
Infrastructure pre-requisites
Reverse Proxy
Only required for ‘Inbound’ or ‘Two-Way (Bidirectional)’ Hybrid topology• (e.g. Users issuing queries from a Search Center in SharePoint Online attempting to
retrieve search results from an on-premises farm)Reverse Proxy Device Requirements
• Support client certificate authentication with a wildcard or SAN SSL certificate• Support pass-through authentication for OAuth 2.0• Accept unsolicited inbound traffic on TCP port 443 (HTTPS)• Bind a SAN SSL certificate to a published endpoint• Relay traffic to an on-premises SharePoint 2013 farm without rewriting any packet headers
(Currently) Supported Reverse Proxy Devices• Windows Server 2012 R2 with Web Application Proxy (WAP)• F5 BIG-IP• Forefront Threat management Gateway (TMG) 2010 (*Deprecated*)
Active Directory Federation Services (AD FS)
Prepare Active Directory• Windows Server 2003 R2 functional level at a minimum• UPNs are correctly set (if public domain differs to corporate domain name)
Deploy AD FS 2.0+• AD FS 2.x is based on IIS• AD FS 3.0 is not based on IIS (PowerShell only)
Install Microsoft Online Services Sign in Assistant and Windows Azure AD PowerShell ModulesSet up a trust between ADFS and Windows Azure AD• Connect-MSOLService• Set-MSOLADFSContext• Convert-MsolDomainToFederated –DomainName <domain>
Directory Synchronization (DirSync)
Synchronization of objects for on-premises AD to Azure AD• Limited to 50,000 objects, can be increased by engaging Microsoft• Synchronization occurs every 3 hours by default, can be initiated manually• Can filter based on OU, Domain or User Attribute
This is a requirement for SharePoint Hybrid scenarios, including Search• When a user issues a query from on-premises to SP Online, SP Online must
rehydrate the user’s identity• The rehydration process looks up attributes in the SP Online profile store• If no or multiple profiles exist the query will fail rather than security trimmed
results being returned
Sample (non-HA) Hybrid Deployment
VPN
VPN
Site
-to-S
ite V
PN T
unne
l
AD DS[AZLAB-DC2]
Azure AD Sync[AZLAB-DIRSYNC1]
AD FS (3.0)[AZLAB-ADFS1]
AD FS Proxy[AZLAB-WAP1]
Windows Server 2012 R2Web Application Proxy
(WAP)(Reverse Proxy)
SharePoint Server 2013 Published
SQL Server 2012 SP1+[SQL1]
AD DSAD CS[DC1]
Web Application Companion (WAC)
[WAC1]
SP2013Web Front End
(WFE)[WFE1]
SP2013Application Server
(APP)[APP1]
Windows 8.1 Enterprise Client
[CLIENT1]
Windows Azure Workflow Manager
[WFM1]
Remote Access(VPN and NAT)
[EDGE1]
External Internet
User
Pop Quiz(Are you still awake?)
• What are the considerations to make this environment HA?
VPN
VPN
Site
-to-S
ite V
PN T
unne
l
AD DS[AZLAB-DC2]
Azure AD Sync[AZLAB-DIRSYNC1]
AD FS (3.0)[AZLAB-ADFS1]
AD FS Proxy[AZLAB-WAP1]
Windows Server 2012 R2Web Application Proxy
(WAP)(Reverse Proxy)
SharePoint Server 2013 Published
SQL Server 2012 SP1+[SQL1]
AD DSAD CS[DC1]
Web Application Companion (WAC)
[WAC1]
SP2013Web Front End
(WFE)[WFE1]
SP2013Application Server
(APP)[APP1]
Windows 8.1 Enterprise Client
[CLIENT1]
Windows Azure Workflow Manager
[WFM1]
Remote Access(VPN and NAT)
[EDGE1]
External Internet
User
Implementation
Failover
SQL Server
Environment
Service Applications
Review
IntroductionFundamentalsArchitectureImplementation