HITP10 Getting Cozy with Service ApplicationsTodd Klindt and Shane Young
SharePoint911
Objectives
Learn about SharePoint’s new Service Application architectureUnderstand planning and operational impact of the new architectureNew management tools
Session Outline
Overview of ServicesWhat’s new in SharePoint 2010IT Pro experienceDeveloper StoryExample Topologies
OVERVIEW
What is a Service Application?
Service Application: A configured logical instance of a ServiceProvides data or computing resourcesExposes administrative interfacesUses resources• Service Database• Application Pool
Service Instances: Running physical instance of a service
How is a Service Application used?
Features, such as web parts, on a Web App use Service ApplicationsWeb application Proxy Group SA Proxy Service Application Service Instance• A Service Application Proxy connects a Web App
to a Service app• Associations determined by administrators, can
be changed any time• Connections can be managed individually or in
groups (‘Service Application Proxy Group’)
Browser
Web Front End Server
Application Server
~~~~~~~~~~~~~
~~~~~~~~~~~~~
Service WorkflowFor a typical service
WHAT’S NEW IN SHAREPOINT 2010
Service Application Group
Service Application Connection
Service Application
Service Application Service(s)
Service Application Databases(s) (Not all SASs have databases)
Shared Service Provider
SharePoint
Search
Excel Calc Service
Business Data Catalog
User Profile Service
ContentConfig Workflow
SharePoint Server
Search
Excel Calc Service
Business Data Catalog
User Profiles
ContentConfig Workflow
2010 2007
Windows SharePoint Services
SharePoint Service Applications
SharePoint 2010
Search
Excel Calc Service
Business Data Connection
User Profiles
SharePoint Foundation
ContentConfig Workflow
SharePoint ServerShared Service Provider
Windows SharePoint Services
SharePoint Service Applications
SharePoint 2010
Search
Excel Calc Service
Business Data Connectivity
User Profiles
SharePoint Foundation
ContentConfig Workflow
SharePoint Server
Sandboxed Code Service
Usage & Health Logging
Word Conversion
Service
PowerPoint Broadcast
Service
PerformancePoint
Visio Graphics Service
Access Service
Web Analytics Managed Metadata
3rd party services…
SSP => Service Application
SSPs are replaced with Service Apps• A la carte, ‘unboxed’ services• Integrated administration model• 3rd party extensibility• And much more…
SSP services split out into service applications• User Profiles • Search Service App• Excel Service App• Business Connectivity Service App• And the new services in MOSS SKUs
MOSS 2007 SSPs upgrade into SharePoint Server 2010 Service Applications
What’s New – Framework
Extensible platform• Framework incorporated into SharePoint Foundation• 3rd parties can build and ship services
Lots of new in-box Services:• SharePoint Server has nearly 20 services• Other products like Office Web Apps, Project Server, SQL
‘Gemini’ ship services
What’s New - Administration
Simplified administration model• Managed via Central admin and PowerShell
A la carte consumption• Increased flexibility in deployment
Fault Tolerant Round-robin Load Balancing • Support for hardware load balancing
Flexible, secure cross-farm federation• Trust-based security• Share to anyone and consume from anywhere• WCF-based web services for communication• No direct DB Access
What’s New - Security
Improved security model• Claims based authorization within the farm• Communication via WCF-based web services• Support for SSL/transport security
Application isolation• Each service app uses separate database and
optionally, separate app pool• Support for multiple service applications for a service
with different accounts and databases
Multi-tenancy• Most services are multi-tenant capable• Application-level security for content isolation
MANAGING SERVICE APPLICATIONS
Managing a Service
Services are managed through Central Admin• Services plug their management UI into Service
Management page
Service Admins• Delegated admins with Central Admin access
• Manages one or more Service Applications
• Central Admin UI is trimmed to only the pages that the Service Admin has rights to access
• Some services have their own additional specialized admin roles
Services are also managed through PowerShell
Demo
Service Application Administration
Deployment Farm Config Wizard• Creates all Service Applications with default settings• Bad, bad, bad
Manually• Use the ‘New’ dropdown in the Manage Service Applications
page • Specify custom application pool, database locations etc…• Creates service apps and their proxies
• For most control, use PowerShell• New-SP*ServiceApplication• New-SP*ServiceApplicationProxy• Create each piece individually (e.g. in Service-only farms)• Necessary for Usage and State Service
Administration UI
Manage Service Application page:• Create/Delete Service Apps• Manage Service App ‘metadata’• Connect to remote Service Apps• Publish and Secure Service Apps
Service-specific management UI:• Service App specific settings• Dashboards showing search crawl status, profile import
status etc…
Manage Service Associations page:• Control web app to service app association
Manage Services on Server page:• Start/stop instances on specific servers
Windows PowerShell
All Admin operations are PowerShell enabled.Only Farm admins and Shell Admins can use PowerShellUse PowerShell to:• Create and Delete Service Applications
New-SPStateServiceApplication -Name "State Service Application"
• Share Service Applications
Publish-SPServiceApplication 2cf98d54-78b5-4afb-8edf-25e1d1fbd329
• Start and Stop InstancesStart-SPServiceInstance 0d5206ec-3312-41e8-a141-b20764100537
• Perform Bulk OperationsGet-SPServiceApplication | Get-SPServiceApplicationSecurity | Grant-SPObjectSecurity –Principal “domain\user” –Rights “full control”
Associations
By default, all Service Applications in a farm are associated with all Web Applications• Associations are not direct, but connect through a proxy
The default association can be changed so that Service App Proxy Web App associations are managed on a case-by-case basisUse the ‘manage service associations’ UI in CA to manage associations
Publishing
‘Publishing’ a Service Application makes it available outside the farm‘Published’ Service Applications can be discovered and consumed by remote FarmsAll standard security policies still apply• i.e., Publishing doesn’t set or remove access• Cross-farm trust via certificate exchange
Security
Security is managed per Service ApplicationAdmin Security:• Specifies who has admin rights over a Service App• Used for security trimming• By default, all farm admins included
Access Security• Specifies claims principals that have access to the service• By default, the ‘farm claim’ has access• Some services may define more granular access rights (i.e.
read-only vs. read-write)
SAMPLE TOPOLOGIES
Deployment Scenarios
Single FarmIsolated HostingShared Resource Farm
http://my/personal/<user>
http://my
Application pool
HR
Http://woodgrove/
Application pool
Facilities Purchasing
Team 1
http://team
Team 2 Team 3
Web application—Published Intranet Content Web application—My Sites Web application—Team Sites
Application pool
User ProfileManaged Metadata
SearchSecure Store Service
Access Services
I I S Web Site—“SharePoint Web Services”
Excel Calculation Services
Business Data Connectivity
http://finance
Application pool
Web application—Finance Web
Application pool
Division 1
http://fabrikam
Division 2 Division 3
Web application—Company Web
http://my/personal/<user>
http://my
Web application—My Sites
Application pool
Managed Metadata
Secure Store Service
Default group Custom group
Access Services
Managed Metadata
http://hrweb
Application pool
Web application—HRWeb
Search
Custom group
Excel Calculation Services
Excel Calculation Services
User Profile
I IS Web Site—“SharePoint Web Services”
Business Data Connectivity
Business Data Connectivity
Enterprise services farm
Application pool
User Profile Managed Metadata
HR
http://Fabrikam
Application pool
Facilities Purchasing
Published content farm
Web application—Published Intranet Content
http://my/personal/<user>
http://my
Application pool
Team 1
http://team
Team 2 Team 3
Collaboration farm
Web application—My Sites Web application—Team Sites
Application pool
Access Services
PowerPoint Word Viewing
Visio Graphics Service
Word Automation Services
Usage and Health Data Collection
InfoPath
Search Secure Store Service
Mix of local and remote services
I I S Web Site—“SharePoint Web Services”
I I S Web Site—“SharePoint Web Services”
Excel Services
Default group
Default group
Business Data Connectivity
No Services
Application pool
My Site farm
Default group
No Services
http://my/personal/<user>
http://my
Web application—My Sites
Application pool
http://department
Departmental farm
Web application—Specialized Department Sites
Application pool
PowerPoint Word Viewing
Visio Graphics Service
Usage and Health Data Collection
Managed Metadata
Default group
Deployment of services for a specialized department farm
I I S Web Site—“SharePoint Web Services”
Excel Services
Summary
SharePoint 2010 has a new, flexible, extensible services architecture for middle-tier applicationsAdministrative improvements make managing services easier through PowerShell and UICustomizable, flexible topologies to suit your organizational needs
Thanks
Please fill out your evaluations
And turn yourself around
Top Related