Navigating the Turbulence on takeoffSetting up SharePoint on Azure IaaS the right way
Jason Himmelstein, MVPSenior Technical Director@sharepointlhorn
Jason’s contact & vitals• Senior Technical Director, SharePoint • SharePoint Server MVP • SharePoint Community Leadership Board, Chair• Microsoft PTSP• Blog: www.sharepointlonghorn.com • Twitter: @sharepointlhorn • LinkedIn: www.linkedin.com/in/jasonhimmelstein• SlideShare: http://www.slideshare.net/jasonhimmelstein• Email: [email protected]
• Author of Developing Business Intelligence Apps for SharePoint– http://bit.ly/SharePointBI
What made me this way?
• What is Microsoft Azure IaaS?
• Why SharePoint on IaaS?
• Pieces & Parts
• Use Cases
• The Jumpstart Method
• Recommendations
Agenda
What is Microsoft Azure IaaS?
Windows Azure Virtual Machines
IT Pro experience
Support for key server applications
Easy storage manageability
High availability features
Advanced networking
Integration with compute PaaS
If it requires a developer, it’s not IaaS
Images Available
Windows Server
SQL Server
BizTalk Server
SharePoint
Ubuntu
OpenSUSE
CentOS
SUSE Linux Enterprise Server
VM Depot
Java Platform (Preview)
WebLogic Server (Preview)
Oracle Database (Preview)
Create a Trial from Image Gallery
Virtual Machine Sizes
Size Name CPU Cores Memory Max. data disks Max. IOPS
ExtraSmall Shared 768 MB 1 1x500
Small 1 1.75 GB 2 2x500
Medium 2 3.5 GB 4 4x500
Large 4 7 GB 8 8x500
ExtraLarge 8 14 GB 16 16x500
A5 2 14 GB 4 4X500
A6 4 28 GB 8 8x500
A7 8 56 GB 16 16x500
A8 8 56 GB 16 16x500
A9 16 112 GB 16 16x500
Each data disk can hold up to 1 TB of storage.
SharePoint Virtual Machines
• 99.9% for single role instances– 8.75 hours of downtime per year
Service Level Agreements
What’s includedCompute Hardware failure (disk, cpu, memory)Datacenter failures - Network failure, power failureHardware upgrades, Software maintenance – Host OS Updates
What is not includedVM Container crashes, Guest OS Updates
99.95% for multiple role instances4.38 hours of downtime per year
Virtual Machine Names and DNS
Bring your own DNS serverUse your on-premise DNS serversDeploy a DNS server in Windows AzureUse public DNS services
Windows Azure provided DNS Resolves VMs by name within the same cloud serviceMachine names are modeled explicitly and registered in the DNS service
Full control over machine names
Cross-premise Connectivity
CLOUD ENTERPRISE
Data SynchronizationSQL Azure Data Sync
Application-layer Connectivity & Messaging
Service Bus
Secure Point-to-Site Network Connectivity
Windows Azure Virtual Network
Secure Site-to-Site Network Connectivity
Windows Azure Virtual Network
Why SharePoint on IaaS?
SharePoint Cloud Continuum
L of
CONTROL
CO
ST-E
FF
ICIE
NC
Y
SharePoint (On-premises)
• SharePoint
Value Prop:• Full h/w control – size/scale• Roll-your-own HA/DR/scale
Value Prop:• 100% of API surface area• Easy migration of existing
apps• Roll-your-own HA/DR/scale
SharePoint (IaaS)
• Hosted SharePoint
Value Prop:• Auto HA, Fault-Tolerance• Friction-free scale• Self-provisioning, mgmt. @
scale
• SharePoint Service
Office 365 (SaaS)
Why IaaS for SharePoint?
IaaS
• Maintain ownership & management of the virtual machine
• Build complex solutions not supported in Microsoft’s Public Cloud
• Design, implement, and develop with no hardware commitment
Why Should I Care
FastQuickly get new SharePoint developers on your projects up and running with little downtime.
Quickly get new system test environments provisioned.
Reduced CostTear down developer machines when vendors leave the project.
Reduced capital expenditures as no laptops need to be issued to new developers.
Tear down system test environments when not in use or a particular release has finished.
Integrate the customer’s vendors easily. The customer doesn’t have to add the vendor to the corporate domain.
Reduced Operations
Azure footprint
16 regions worldwide in 2014
Pieces & Parts
Closely locate your compute, network and storage resources in the same datacenter
Get better performance
Get lower latency
Reduce egress costs
AffinityGroup
Affinity Groups (AG)
• An AG is a container to keep your Virtual Network in a single data center– Required before you can create a Virtual Network
• To create PowerShell or go to Settings at the bottom of the Management Portal
Affinity Groups (AG)
• Declare your own address space in the cloud– Private and Persistent IP Addresses (unless you de-allocate
the VM) – Support for Static Internal IP addresses (even if you de-
allocate a VM)
• Advanced Connectivity– Support for Hosting Active Directory in Azure Virtual Machines – Connect multiple cloud services privately on the same virtual
network– Connect Virtual Networks in the same or separate regions– Support for Internal Load Balancing– Optional - Hybrid Connectivity – Site to Site, Point to Site and
ExpressRoute
• Virtual Networks are Required for a SharePoint Farm
Virtual Network
Reserved IP Addresses
New Feature for Virtual Machines Persistent External IP address for Cloud ServiceIP Survives even if all virtual machines are de-allocated.
New-AzureReservedIP -ReservedIPName "SharePointIP" -Location "West US" -Label "SPIP"
New-AzureVM <VM Creation Params> -ReservedIPName "SharePointIP"
IP Allocation with Virtual Networks
IPs are allocated based on order of provisioning. (1st 4 IPs are reserved)Subnet: 10.0.0.0/241. VM1 = 10.0.0.4 2. VM2 = 10.0.0.5
If VMs are re-allocated in a different order they get different IP addresses 1. VM2 = 10.0.0.4 2. VM1 = 10.0.0.5
Use Static IP addresses to retain IP regardless of orderSet-AzureStaticVNetIP
• A container for VMs that acts as a network and security boundary – Required before you can create a Virtual Network
• Allow external traffic into one or more VMs create an endpoint
• Cloud Service IP Address– Cloud service URL is mapped to a public IP
http://riroxsp.cloudapp.net = 137.135.68.130– All external traffic to virtual machines uses this IP– IP can be lost if all VMs are de-allocated (unless using
a reserved IP)
Cloud Service
Fault DomainRack
IIS1
SQL1
Fault DomainRack
IIS2
Machine
SQL2
Web Availability Set
SQL Availability Set
Get SLA by deploying multiple instances in availability sets
Ensure availability during updates & maintenance
Continue to architecture availability into the application
Availability Sets
Availability Sets
What is an "Availability Set"? A label that tells Microsoft Azure your virtual machines perform the same workload
Guaranteed physical redundancy router/switchpower supplynetwork cablesphysical machine
Microsoft Azure has knowledge of application topology. Will not take all VMs down during host updates.
99.95% SLA
SPWFE-01
SPWFE-02
SharePoint Farms and Availability Sets
For each tiercreate an
Availability Set
Availability Sets do not span cloud services
AD-VM-01Subnet AD
10.0.2.4
AD-VM-02Subnet AD
10.0.2.5
SP-WFW-01Subnet WEB
10.0.3.4
Cloud Service
SP-WFE-02Subnet WEB
10.0.3.5
AV Set: ADAV Set: SPWFE
SP-APP-01Subnet APPS
10.0.4.4
SP-APP-02Subnet APPS
10.0.4.5
AV Set: SPAPP
SQL-AO-01Subnet SQL
10.0.1.5
SQLWITNESSSubnet SQL
10.0.1.6
SQL-AO-01Subnet SQL
10.0.1.4
AV Set: SQL
AD-VM-03Subnet AD
10.0.2.6SP-WFE-02
Subnet WEB10.0.3.5
SP-APP-02Subnet APPS
10.0.4.5
SPVNET
• Operating System (OS) Disk – This disk is a copy of a source .vhd file and the new copy is registered as an OS disk – Maximum of 127 GB– Three copies of the disk are created for high durability– When using disaster recovery that is geo-replication based the VHD is replicated at
a distance of greater than 400 miles– Registered as SATA drives and are labeled as the C drive
• Temporary Disk– Created automatically– Used for Page File or Swap File
• Data Disk– A data disk is a VHD that can be attached to a running virtual machine to
persistently store application data– The maximum size of a data disk is 1 TB – Data disks are registered as SCSI drives and are labeled with a letter that you
choose – The size of the virtual machine determines the number of disks that you can attach
to it
Azure Disks
• Azure Subscription– Affinity Group• Virtual Network–Cloud Service»Availability Set• Virtual Machines• Azure Disks
How does it build?
Use Cases
SharePoint Workloads
SharePoint for Internet Sites (FIS)Public facing, anonymous access sites
Developer, Test and Staging Environments Quickly provision and un-provision entire environments
Hybrid ApplicationsApplications that span your data center and the cloud
Disaster RecoveryQuickly recover from a disaster, only pay for use
Develop and Test in Azure
Development System Test Pre-ProductionWriting new SharePoint code for new product features in Windows Azure virtual machines.
System testing new product features and releases from the development environment.
User acceptance testing: product releases once system testing is completed, the stage before going live into production.
Dev / Test
Cloud ServiceVirtual Network
SQL DR1(A6)
SP DR1(Large)
AD1(X-Small)
SQL DR2(A6)
SP DR2(Large)
SP DR4(Large)
SP DR5(Large)
SP DR3(Large)
Visual Studio Online
Test Agents
Load Test
IaaS and Disaster Recovery
Cloud ServiceVirtual Network
Windows Azure
SQL DR1(A6)
SP DR1(Large)
AD1(X-Small)
On Premises
Web servers
Application servers
SQL DR2(A6)
SP DR2(Large)
SP DR4(Large)
SP DR5(Large)
SP DR3(Large)
Directory servers
VPN Tunel
SQL Server Log Shipping
Extranet and Public-Facing Internet
Cloud Service
Virtual Network
Windows Azure On Premises
Active Directory
Site developers and authors
VPN Tunnel
SharePoint 2013 Farm
Web Application
Windows Azure Active Directory
Internet ZoneAnonymous
Extranet Zone Default Zone
WindowsWindows
SAML
FBA
Active DirectoryDomain Services
Partners and Customers
Visitors
Hybrid Solutions
SharePoint
Azure Service
SQL Azure
Blobs
Tables
OnPrem Service
Service Bus
OnPrem Service
IaaS
PaaS
O365SaaS
The Jumpstart Method
SharePoint 2013 Automation Scripts
PowerShell Scripts that use Remote PowerShell for automated deployment of Active Directory, SQL Server and SharePoint 2013.
Two Sample Configurations AvailableHighlyAvailable and SingleVMs
Download from GitHubhttps://github.com/windowsazure/azure-sdk-tools-samples
Single Virtual Machines Template
AD/DC/DNSLB WEB/APP SQL
80
20000Cloud Service
Virtual Network
Windows Azure
Web/App Tier1 x Large
(4 Cores & 7 GB)
Data Tier1 x A6
(4 Cores & 28 GB)
Identity Tier1 Small
(1 Core & 1.75 GB)
K
Highly Available Template
AD/DC/DNSLB WEB SQLAPP
80
20000
Cloud Service
Virtual Network
Windows Azure
AVSET
SPWEB
AVSET
SPAPP
AVSETSQLHA
AVSET
DCSET
Web Tier2 x Large
(4 Cores & 7 GB)
App Tier2 x Large
(4 Cores & 7 GB)
Data Tier2 x A6
(4 Cores & 28 GB)
1 x Small (Quorum)
(1 Core & 1.75 GB)
Identity Tier2 Small
(1 Core & 1.75 GB)
K
Recommendations
SharePoint
Deployment Tips
SharePoint only goes on the C: drive
Put each SharePoint tier into its own availability set (WFE, APP etc…)
Put blob cache on a data disk to increase available IOPS.
Use Static IP addresses to avoid issues if virtual machines started out of order.
SQL Server Best Practices
Storage RecommendationsSplit content databases across multiple disks for increased IOPSVerify Disk Cache Settings on Data Disks Use Data disks for databasesPut database and transaction log files on separate drivesUse SQL Server File Groups instead of Disk Striping Split and move TempDB & TempLogs to separate data disks
Database RecommendationsUse database page compression to reduce I/O
High Availability RecommendationsConsider latency between primary and replica when choosing sync modeUse Availability Sets
More on Storage for SQL Server
Performance ConsiderationsDo not use the temporary disk (D:\) (including for TempDB)Use SQL file groups across multiple disks instead of disk stripingPut logs, data and backup on separate disks Disable geo-replication on storage account for consistencyRemember storage account capacity planning.20,000 IOPS per Storage Account – 500 IOPS per disk maxiumumConsider compressing any data files when transferring in/out of Windows Azure.
Scale Out Not UpMove content databases to separate SQL ServersMove search databases to separate SQL ServersAdd more WFE for scaling SharePoint servicesAdd dedicated Search Servers and SQL Server
Storage Capacity and Planning
Each Disk up to 500 IOPS
IOPS Per Storage Account 20,000Supports up to 40 data disks using maximum IOPS per disk
Random I/O (8 KB Pages)
Sequential I/O (64 KB Extents)
Sequential I/O(256 KB Blocks)
Reads Writes Reads Writes Reads Writes
IOPS 500 500 500 300 300 300
Bandwidth 4 MB/s 4 MB/s 30 MB/s 20 MB/s 70 MB/s 70 MB/s
Active Directory Design Considerations
Should only be deployed in a virtual networkPredictable and stable IP Addresses Specify Static IP to ensure persistence (Set-AzureStaticVNetIP in PowerShell)Active Directory should be deployed in an AD specific subnet to guarantee the IP address will not be acquired by another virtual machine.
Directory Information Tree (DIT) / SYSVOL LocationDeploy DIT / SYSVOL on a data disk
Guidelines for deploying AD in Azure Virtual Machines
http://msdn.microsoft.com/en-us/library/azure/jj156090.aspx
Q&A
Jason’s contact & vitals• Senior Technical Director, SharePoint • SharePoint Server MVP • SharePoint Community Leadership Board, Chair• Microsoft PTSP• Blog: www.sharepointlonghorn.com • Twitter: @sharepointlhorn • LinkedIn: www.linkedin.com/in/jasonhimmelstein• SlideShare: http://www.slideshare.net/jasonhimmelstein• Email: [email protected]
• Author of Developing Business Intelligence Apps for SharePoint– http://bit.ly/SharePointBI
Top Related