AlwaysOn Availability Groups for SharePoint On-Premises and Azure SQL Replicas : HA/DR

Lars PlatzdaschMCT,MCSE SQL, MCSE SharePoint

Sprecher:

Lars Platzdasch

Twitter

@LarsPlatzdasch

Xing

/Lars_Platzdasch

LinkedIn

LarsPlatzdasch

Web

www.platzdasch.de

www.3perspektiven.de

MCT: SQL, SharePoint, .net

MCSE: SQL Server Data Platform

MCSE: SharePoint

MCITP: SharePoint 2010, Administrator

MCITP: SharePoint 2010, Developer

Microsoft Certified Application Developer: .NET

Certified Ethical Hacker (CEH) - EC-Council

platzdasch netConsult GmbH & Co. KG | ISV

24/7 Support für SQL / SharePoint

3 Perspektiven GmbH | MBS

21 IT, 19 Jahre SQL Server, 14 Jahre SharePoint

• What is SQL Server AlwaysOn?• AlwaysOn Failover Clustering

• AlwaysOn Availability Groups

• Why: AlwaysOn Availability Groups for SharePoint?

• Requirements and Prerequisites

• Step by Step guide to implementing AlwaysOnAvailability Groups

AGENDA SQL SERVER ALWAYSON FOR SHAREPOINT

SQL SERVER ALWAYSON

•Two distinct AlwaysOn technologies available• AlwaysOn Failover Cluster Instance (FCI)

• A ‘traditional’ cluster – uses shared storage and network

• One copy of data shared by multiple nodes

• AlwaysOn Availability Groups (AOAGs)• Equivalent to a combination of traditional SQL Mirroring concepts together

with clustering

• Multiple replicas of databases split across different cluster nodes

• Uses ‘Shared Nothing’ cluster concepts

• Allows for up to 8 total replicas of a database

•Marketing Name: AlwaysOn -> FCI != AOAGS

SQL SERVER ALWAYSON

• Original concept was log shipping in SQL 2000 – making a duplicate copy of your databases on another server

• Mirroring itself introduced in SQL 2005 SP1, improved in SQL 2008 and SQL 2008 R2

• Works by keeping a mirror copy of a database or databases on

up to 4 additional SQL instances.

• AlwaysOn Availability Groups introduced with SQL 2012, improved in SQL 2014, and later in SQL 2016

• This is a huge change to data tier design for SharePoint

HISTORY OF ALWAYSON AVAILABILITY GROUPSBACKGROUND AND PREDECESSOR TECHNOLOGIES

Disaster Recovery SQL Server Solution

Potential

Data Loss

(RPO)

Potential

Recovery

Time (RTO)

Automatic

Failover

Readable

Secondaries

AlwaysOn Availability Group - synchronous-commit Zero Seconds Yes 0 – 2(3)

AlwaysOn Availability Group - asynchronous-commit Seconds Minutes No 0 – 4(8)

AlwaysOn Failover Cluster Instance NA Seconds

-to-minutes

Yes NA

Database Mirroring - High-safety (sync + witness) Zero Seconds Yes NA

Database Mirroring - High-performance (async) Seconds Minutes No NA

Log Shipping Minutes Minutes

-to-hours

No Not during

a restore

Backup, Copy, Restore Hours Hours

-to-days

No Not during

a restore

COMPARISON OF ALWAYSON WITH OTHER SQL SERVER HA/DR

• Create up to eight additional copies of each database on different SQL nodes (Nine total replicas)

• Copies can be a mix of synchronous (exact copy, limited to two additional replicas) or asynchronous

• Create a synchronous copy when connectivity is 1Gb or greater and latency is no more than 1ms on average

• Create asynchronous copies across WAN links, for Disaster Recovery or when architecting a read-only farm

ALWAYSON AVAILABILITY GROUPS

SHAREPOINT ANDSQL SERVER BASICS ALWAYSON

•Virtually all SharePoint 2013/2016 (and many SharePoint 2010) databases now support Synchronous Replication (either via Mirroring or AOAGs)

•Up until recently, only Content Databases and the Secure Store Database supported AsynchronousReplication

•Now, Microsoft supports Asynchronous replication for all but the User Profile Sync databases

ALWAYSON AVAILABILITY GROUPSSYNCHRONOUS VS. ASYNCHRONOUS DATABASE SUPPORT

•This is why it is considered best practice to create at least two AOAGs for SharePoint…one for the asynchronous-only Databases, which can be replicated to remote locations, etc., and one for the synchronous databases

•This is a key point, remember, you CANNOT replicate databases synchronously unless you have 1Gb+ bandwidth and less than 1ms of latency!

ALWAYSON AVAILABILITY GROUPSSYNCHRONOUS VS. ASYNCHRONOUS DATABASE SUPPORT

Database Synchronous AsynchronousRecommended

AOAG

Content Databases Yes Yes AOAG1 – Content

App Management Yes Yes AOAG2 – SA-ASync

BCS Yes Yes AOAG2 – SA-ASync

Managed Metadata Yes Yes AOAG2 – SA-ASync

PerformancePoint Yes Yes AOAG2 – SA-ASync

PowerPivot Yes Yes AOAG2 – SA-ASync

Project Server Yes Yes AOAG2 – SA-ASync

Secure Store Yes Yes AOAG2 – SA-ASync

Subscription Settings Yes Yes AOAG2 – SA-ASync

Machine Translation Services Yes Yes AOAG2 – SA-ASync

Word Automation Yes Yes AOAG2 – SA-ASync

UPA Profile Yes Yes AOAG2 – SA-ASync

UPA Social Yes Yes AOAG2 – SA-ASync

UPA Sync Yes No AOAG3 – SA-Sync

Config Yes No AOAG3 – SA-Sync

Central Admin Yes No AOAG3 – SA-Sync

Search Analytic Reporting Yes No AOAG3 – SA-Sync

Search Admin Yes No AOAG3 – SA-Sync

Search Crawl Yes No AOAG3 – SA-Sync

Search Links Yes No AOAG3 – SA-Sync

State Service Yes No AOAG3 – SA-Sync

Usage Yes No AOAG3 – SA-Sync

• All Databases supported for synchronous failover

• Recently, Microsoft added asynchronous failover support for certain non-content DB types

• Other Service Application types are still unsupported for asynchronous failover, though they are either not needed in a DR scenario or can be easily recreated

• Highly consider the creation of multiple AOAGs, two at a minimum, three ideal, and even four or five may be common – allows for greatest flexibility of failover

SHAREPOINT DATABASE COMPATIBILITY WITH AOAG

SAMPLE AOAG DESIGN FOR SHAREPOINT

-min two Ags ( better 3 )

-Content AG with four replicas –Synch and Asynch

-User Profile Sync DBs on separate AG, 2 Synch copies only

-DR farm in remote DC on standby to connect to content DB copy

-DR copy in Azure

High

Availabilty

ALWAYS ON AVAILABILITY & SHAREPOINT

SQL 1

FARM 1

SQL 2

Synchron (no data loss)

High

Availabilty

SQL 1

FARM 1

SQL 2

Synchronous

ALWAYS ON AVAILABILITY & SHAREPOINT

Usage

Content

User Profile

BDC

Managed Meta

Search

State

Config

SP FARM

MUC

Central admin

Usage

Content

User Profile

BDC

Managed Meta

Search

State

Config

Central admin

Sync

HA – SYNC COMMIT

AWOAG3-SA-SYNC

AWOAG1-Content

AWOAG2-SA-SYNC

• SharePoint 2013 with SP1 and CU April 2014 or SP2016

• 3 aliases : 1 for content DB, 1 for Services DB, 1 for farm DB (CA, Config, State).

Install the SharePoint farm in MUC

3 SQL aliases

• Recovery mode to “full” for databases to be sync

• SharePoint databases Full Backup

• !!! In Test take log backups Configure SharePoint DB

• Create Windows Cluster and add every SQL Node

• Create 3 Always On AG & Add SharePoint DB

• Create the 3 listeners (1/AVG)

• Copy SP logins & permissions and other server objects on every node

Configure SQL Server Cluster

& Always On

$alias1 = “AVG1 listener”

$alias2 = “AVG2 listener”

$alias3 = “AVG3 listener”

$configDB = ...

$alias1 = “SQL1”

$alias2 = “SQL2”

$alias3 = “SQL3”

New-SPConfigurationDatabase -databaseName $ConfigDB -DatabaseServer $alias1

New-SPWebApplication -DatabaseServer $alias2

New-SPMetadataServiceApplication -DatabaseServer $alias3

New-SPEnterpriseSearchServiceApplication -DatabaseServer $alias1

Everything can

easily be scripted !

SET UP: FARM IN MUC(MAIN FARM)

SQL 1

FARM 1

SQL 2

FARM 2

SQL 3

Asynchronous (potential data loss)

Disaster

Recovery

Synchronous (no data loss)

DR WITH ALWAYS ON AVAILABILITY GROUPS & SHAREPOINT (ACTIVE/PASSIVE)

Usage

Content

User Profile

BDC

Managed Meta

Search

State

Config

Central admin

Usage

Content

User Profile

BDC

Managed Meta

Search

State

Config

State

Content

User Profile

BDC

Managed Meta

Search !!!

Central admin

Config

Central admin

UsageAsync

Sync

SQL01 SQL02 SQL03

SP FARM

MUC

SP FARM

AZUR / ..

(DR)

DR WITH ALWAYS ON AVAILABILITY GROUPS & SHAREPOINT (ACTIVE/PASSIVE)

• SharePoint 2013 with SP1 and CU April 2014 or SP2016

• 3 aliases : 1 for content DB, 1 for Services DB, 1 for farm DB (CA, Config, State).

• Aliases can point to listeners (not mandatory)

Install the SharePoint farm in AZURE / DR

3 SQL aliases

• Test DR failover with SharePointTest,Test,Test…

Everything can

easily be scripted !

SET UP: FARM IN AZURE / DR SITE

• Windows Server • Windows Server 2008 R2 (w SP1 or greater) – Enterprise Edition

• (PREFERRED) Windows Server 2012/2012 R2/2016 Standard/Datacenter

• One per node

• Can use Virtualization licensing options

• SQL Server 2012/2014/2016 Enterprise Edition

• MS has moved away from per-socket licenses. Licenses are now 1/4th the cost, but are now per each core.

• Legacy licenses of SQL 2008/2008 R2 Enterprise are ‘grandfathered in’ if you have upgrade assurance

ALWAYSON AVAILABILITY GROUPS: VERSION REQUIREMENTS

• If you plan to use a SQL Server failover cluster instance (FCI) to host an availability replica, ensure that you understand the FCI restrictions and that the FCI requirements are met (Manual configrequired)

• All the server instances that host availability replicas for an availability group must use the same SQL Server collation.

• If any databases that use FILESTREAM will be added to an availability group, ensure that FILESTREAM is enabled on everyserver instance that will host an availability replica for the availability group.

ALWAYSON AVAILABILITY GROUPSPREREQUISITES AND REQUIREMENTS – SQL SERVER

• Automatic failover clustering requires servers to have the proper number of votes to ‘turn on’ a database copy.

• There must always be a majority of votes to enable the node.

• If a majority cannot be reached (for example, if there are only an even number of votes) the DBs will remain offline.

• File Servers can act as File Share Witness (FSW) servers (additional votes.)

• NEW - Add an Azure File Share Witness!

• This avoids split-brain scenarios where multiple copies of a DB are online.

• Be sure to give the Cluster Computer Account Full control to the FSW Share

ALWAYSON AVAILABILITY GROUPSCLUSTER WITNESS AND VOTING FUNDAMENTALS

• SharePoint must be 2010 SP1+/2013/2016. For full Asynchsupport, 2013 SP1 April 2014 CU+ or greater.

• New databases in your farm are not added by default, they must be manually added

• All databases must have a full backup run before adding to an AOAG

• All databases -> FULL transaction mode ( .. is not the default for certain SP databases)

ADDITIONAL SQL 2014/2016 AOAG CONSIDERATIONS AND PREREQUISITES

• Be sure to copy SQL security accounts to all nodes in the cluster or SharePoint will fail to reconnect

• Use the same SQL service accounts on all nodes

• Highly recommend to use the same drive paths on all nodes

• Don’t forget to flush the logs with a backup script on a regular basis! Search and Config DBs will grow large quickly.

• Don’t forget about SPNs for Kerberos and use Aliases for Listeners

ADDITIONAL SQL 2014/2016 AOAG CONSIDERATIONS AND PREREQUISITES

• Any DB in FULL recovery mode (required for AOAGs) will continue to grow logs indefinitely

• Be sure to run a full backup, then a transaction log backup from SQL. This will clear out logs but notshrink them

• To shrink, you need to also run DBCC SHRINKFILE after the backups

• For databases that don’t need to be restored, you can backup to ‘NULL’ (effectively fooling SharePoint that it has been backed up. NOTE: This does not backup any data, simply allows the logs to be flushed out.

FLUSH LOGS IN AN AOAG ENVIRONMENT

USE SPF1_ConfigDB;

BACKUP DATABASE SPF1_ConfigDB TO DISK='NUL:';

BACKUP LOG SPF1_ConfigDB TO DISK='NUL:';

DBCC SHRINKFILE(SPF1_ConfigDB_log,1000)

• NOTE: This sample backs up to NULL, which effectively means it’s only flushing the logs. Replace ‘NUL’ with the backup location for your environment for any databases that you need recovery from

SCRIPT TO BACKUP TO NULL AND FLUSH LOGS

AOAG STEP BY STEP

• Install Windows Server on multiple nodes

• Patch with Critical, Security, and the specific OS patches listed in previous slide

• Enable the Failover Cluster Feature on each node

• Use the Failover Cluster Manager Wizard to create a cluster.

• Name the cluster a unique name that will be separate from the instance name that will be used for SharePoint

CREATING ALWAYSON AVAILABILITY GROUPSSTEP 1: CREATE WINDOWS SERVER FAILOVER CLUSTER (WSFC)

• Install .NET Services 3.5 Feature on each SQL node

• Install SQL 2014/6 Enterprise Edition Database Services (Also recommend adding SQL Management Tools – Complete)

• Ensure proper Windows Firewall ports are open ( 1433, 5022 )

• Service Account for SQL• Use the same service account for all nodes• Don’t use Network Service• If using Kerberos, make sure all SQL names have SPNs associated with the service account

• Make sure databases are set to FULL recovery mode

• Ensure that the file paths and drive letters are consistent throughout all instances (ideally, or config will have to be manual)

• Copy or Create SharePoint databases on Primary node only (use SQL Alias to change name later)

• Perform a full backup of your SharePoint databases

• Create a file share location that is accessible by all nodes that will be used for the shared backups (i.e. \\SQL1\Backups)

CREATING ALWAYSON AVAILABILITY GROUPSSTEP 2: PREPARE NODES

•Enable AlwaysOn High Availability in SQL Server Configuration Manager

•Repeat on Each Node

•Restart SQL Services

CREATING ALWAYSON AVAILABILITY GROUPSSTEP 2: ENABLE ALWAYSON ON EACH SQL NODE

• Ideally use the New Availability Group Wizard, it automates the process

CREATING ALWAYSON AVAILABILITY GROUPSSTEP 3: CREATE THE AVAILABILITY GROUP

• Be sure to have a shared network location for the backup files (Created in earlier step)

• Depending on size of databases, this could take a while

• Backups can also be pre-staged (Join Only)

CREATING ALWAYSON AVAILABILITY GROUPSSTEP 3: CREATE THE AVAILABILITY GROUP –CONTINUED…

• Validation should show all green (some exceptions)

• The listener (‘SQL’ in this example) will be created later, and is required for SharePoint to connect to

CREATING ALWAYSON AVAILABILITY GROUPSSTEP 3: CREATE THE AVAILABILITY GROUP –CONTINUED…

• After the wizard completes, manually create the Availability Group Listener

• This is the shared name that SharePoint will connect to and will provide failover (Also called the ‘Client Access Point’)

• Modify the DNS record for this listener to have a low TTL (60 seconds or less) for cross-subnet failover scenarios

CREATING ALWAYSON AVAILABILITY GROUPSSTEP 4: CREATE THE AVAILABILITY GROUP LISTENER

• Required in specific situations, such as when a DB is encrypted

• First, add the DB to the primary server (where the DB is attached to with the following syntax:• ALTER AVAILABILITY GROUP SPDBCONTENT• ADD DATABASE SPF1_Content_TDE• GO

• Then restore the DB onto the secondary server, ensuring that you choose ‘RESTORE WITH NORECOVERY’ from the Options tab

• Finally, add the DB to the AG on the Secondary server• ALTER DATABASE SPF1_Content_TDE SET HADR AVAILABILITY GROUP =

SPDBCONTENT;• GO

CREATING ALWAYSON AVAILABILITY GROUPSMANUAL PROCESS: ADDING A DB TO AN AVAILABILITY GROUP

• SQL Server AlwaysOn Availability Groups are the preferred designoption for High Availability and Disaster Recovery at the data tier

• Best Practice is to create at least two(..3) AGs for SharePoint – One for Synchronous DBs and the other for asynchronous DBs

• Follow closely the guidelines, ensure data paths are the same, double-check security requirements

• Plan to shrink your log files on a daily basis for non-content DBs as they will grow quickly, particularly the search databases

SESSION SUMMARYSQL 2014/2016 ALWAYSON AVAILABILITY GROUPS FOR SHAREPOINT ON-PREMISES

Lars Platzdasch | SharePoint and SQL Server

VIELEN DANK FÜR EURE ZEIT

Q & A

Links

• Code https://github.com/larspl/AlwaysOnAvailabilityGroupsforSharePoint

• Plan for high availability and disaster recovery for SharePoint Server 2016

• https://technet.microsoft.com/en-us/library/cc263031(v=office.16).aspx