Infrastructure Best Practices for SharePoint On-Premises presented by Michael Noel
Download as PPTX, PDF1 like3,394 views
The document outlines infrastructure best practices for SharePoint 2013, detailing software and hardware requirements, new service applications, and enhancements in request management and user profile synchronization. It discusses optimal configurations for SharePoint farms, emphasizing separation of services for improved performance and high availability options like AlwaysOn Availability Groups. Additionally, it highlights security measures and documentation tools for effective management of SharePoint environments.
Infrastructure Best Practices for SharePoint On-Premises presented by Michael Noel
- 1. Infrastructure Best Practices for SharePoint OnPremises Michael Noel - CCO
- 2. Michael Noel • • Author of SAMS Publishing titles “SharePoint 2013 Unleashed,” “SharePoint 2010 Unleashed”, “Windows Server 2012 Unleashed,” “Exchange Server 2013 Unleashed”, “ISA Server 2006 Unleashed”, and a total of 19 titles that have sold over 300,000 copies. Partner at Convergent Computing (www.cco.com) – San Francisco, U.S.A. based Infrastructure/Security specialists for SharePoint, AD, Exchange, System Center, Security, etc.
- 3. What’s new in Infrastructure for SharePoint 2013
- 4. What’s new in Infrastructure for SharePoint 2013 Software/Hardware Requirements • Windows Server 2008 R2 SP1 or Windows Server 2012 (Preferred) • SQL Server 2008 R2 w/SP1 or SQL Server 2012 (Preferred) Type Memory Processor Dev/Stage/Test server 8GB RAM 4 CPU ‘All-in-one’ DB/Web/SA 24GB RAM 4 CPU Web/SA Server 12GB RAM 4 CPU DB Server (medium environments) 16GB RAM 8 CPU DB Server (small environments) 8GB RAM 4 CPU
- 5. What’s new in Infrastructure for SharePoint 2013 Changes in Service Applications and New Service Applications • Office Web Apps is no longer a service application • Web Analytics is no longer service application, it’s part of search • New service applications available and improvements on existing ones – App Management Service – Used to manage the new SharePoint app store from the Office Marketplace or the Application Catalog – SharePoint Translation Services – provides for language translation of Word, XLIFF, and PPT files to HTML – Work Management Service – manages tasks across SharePoint, MS Exchange and Project. – Access Services App (2013) – Replaces 2010 version of Access Services
- 6. What’s new in Infrastructure for SharePoint 2013 Distributed Cache Service • A new Windows service – the Distributed Cache Service – is installed on each server in the farm when SharePoint is installed • It is managed via the Services on Server page in central admin as the Distributed Cache service • The config DB keeps track of which machines in the farm are running the cache service
- 7. What’s new in Infrastructure for SharePoint 2013 Request Management (RM) • The purpose of the Request Management feature is to give SharePoint knowledge of and more control over incoming requests • Having knowledge over the nature of incoming requests – for example, the user agent, requested URL, or source IP – allows SharePoint to customize the response to each request • RM is applied per web app, just like throttling is done in SharePoint 2010
- 8. What’s new in Infrastructure for SharePoint 2013 User Profile Sync – Three Options for Deployment • Option 1 (AD Import): Simple one-way Sync (a la SharePoint 2007) • Option 2: Two-way, possible write-back to AD options using small FIM service on UPA server (a la 2010) • Option 3: Full Forefront Identity Manager (FIM) Synchronization, allows for complex scenarios – Larger clients will appreciate this
- 9. What’s new in Infrastructure for SharePoint 2013 Claims-based Authentication - Default • SharePoint 2013 continues to offer support for both claims and classic authentication modes • However claims authentication is THE default authentication option now – Classic authentication mode is still there, but can only be managed in PowerShell – it’s gone from the UI – Support for classic mode is deprecated and will go away in a future release – There also a new process to migrate accounts from Windows classic to Windows claims – the Convert-SPWebApplication cmdlet
- 10. What’s new in Infrastructure for SharePoint 2013 Shredded Storage • Stores new versions of documents as ‘shredded BLOBs that are deltas of the changes • Promises to reduce storage size significantly
- 11. What’s new in Infrastructure for SharePoint 2013 Search – FAST Search now included • New Search architecture (FAST based) with one unified search • Personalized search results based on search history • Rich contextual previews
- 13. Architecting the Farm Three Layers of SharePoint Infrastructure Web Service Apps Data
- 14. Architecting the Farm Small Farm Models • ‘All-in-One’ (Avoid) DB and SP Roles Separate
- 15. Architecting the Farm Smallest Highly Available Farm • 2 SharePoint Servers running Web and Service Apps • 2 Database Servers (AlwaysOn FCI or AlwaysOn Availability Groups) • 1 or 2 Index Partitions with equivalent query components • Smallest farm size that is fully highly available
- 16. Architecting the Farm Best Practice ‘Six Server Farm’ • 2 Dedicated Web Servers (NLB) • 2 Service Application Servers • 2 Database Servers (Clustered or Mirrored) • 1 or 2 Index Partitions with equivalent query components
- 17. Architecting the Farm Ideal – Separate Service App Farm + Content Farm(s) • • • • Separate farm for Service Applications One or more farms dedicated to content Service Apps are consumed crossfarm Isolates ‘cranky’ service apps like User Profile Sync and allows for patching in isolation
- 18. Architecting the Farm Large SharePoint Farms • Multiple Dedicated Web Servers • Multiple Dedicated Service App Servers • Multiple Dedicated Query Servers • Multiple Dedicated Crawl Servers, with multiple Crawl DBs to increase parallelization of the crawl process • Multiple distributed Index partitions (max of 10 million items per index partition) • Two query components for each Index partition, spread among servers
- 20. SP Server Virtualization Sample 1: Single Server Environment Allows organizations that wouldn’t normally be able to have a test environment to run one Allows for separation of the database role onto a dedicated server Can be more easily scaled out in the future
- 21. SP Server Virtualization Sample 2: Two Server Highly Available Farm HighAvailability across Hosts All components Virtualized
- 22. SP Server Virtualization Sample 3: Mix of Physical and Virtual Servers Highest transaction servers are physical Multiple farm support, with DBs for all farms on the SQL AOAG
- 23. SP Server Virtualization Scaling to Large Virtual Environments
- 24. Virtualization of SharePoint Servers Virtualization Performance Monitoring • Processor (Host Only) – <60% Utilization = Good – 60%-90% = Caution – >90% = Trouble • Available Memory – 50% and above = Good – 10%-50% = OK – <10% = Trouble • Disk – Avg. Disk sec/Read or Avg. Disk sec/Write – Up to 15ms = fine – 15ms-25ms = Caution – >25ms = Trouble • Network Bandwidth – Bytes Total/sec – <40% Utilization = Good – 41%-64% = Caution – >65% = Trouble • Network Latency - Output Queue Length – 0 = Good – 1-2= OK – >2 = Trouble
- 25. Data Management
- 26. Data Management Sample Distributed Content Database Design
- 27. Data Management Remote BLOB Storage (RBS) • Can reduce dramatically the size of Content DBs, as upwards of 80%-90% of space in content DBs is composed of BLOBs • Can move BLOB storage to more efficient/cheaper storage • Improve performance and scalability of your SharePoint deployment – But highly recommended to use third party
- 29. SQL Server Optimization Multiple Files for SharePoint Databases Volume #1 DB-A File 1 DB-B File 1 Tempdb File 1 Volume #2 DB-A File 2 DB-B File 2 Tempdb File 2 Volume #3 DB-A File 3 DB-B File 3 Tempdb File 3 Volume #4 DB-A File 4 DB-B File 4 Tempdb File 4
- 30. SQL Server Optimization Multiple Files for SharePoint Databases • Break Content Databases and TempDB into multiple files (MDF, NDF), total should equal number of physical processors (not cores) on SQL server. • Pre-size Content DBs and TempDB to avoid fragmentation • Separate files onto different drive spindles for best IO perf. • Example: 50GB total Content DB on Two-way SQL Server would have two database files distributed across two sets of drive spindles = 25GB pre-sized for each file.
- 31. SQL Database Optimization SQL Maintenance Plans • Implement SQL Maintenance Plans! • Include DBCC (Check Consistency) and either Reorganize Indexes or Rebuild Indexes, but not both! • Add backups into the maintenance plan if they don’t exist already • Be sure to truncate transaction logs with a TSQL Script (after full backups have run…)
- 32. High Availability and Disaster Recovery
- 33. HA and DR Comparison of High Availability and Disaster Recovery Options High Availability and Disaster Recovery SQL Server Solution AlwaysOn Availability Groups – Synchronous (Dual-phase commit, no data loss, can’t operate across WAN) AlwaysOn Availability Groups – Asynchronous (Latency tolerant, cross WAN option, potential for data loss) AlwaysOn Failover Cluster Instance (FCI) – Traditional shared storage clustering Database Mirroring - High-safety (Synchronous) None Potential Recovery Time (RTO) 5-7 Seconds Seconds Minutes No 0-4 NA 30 Seconds to several minutes (depending on disk failover) 5-10 seconds Yes N/A Yes N/A Manually initiated, can be a few minutes if automated Manually initated, can be a few minutes if automated, by typically hours Typically multiple hours, days, or weeks No N/A No Not during a restore No Not during a restore Potential Data Loss (RPO) Zero Database Mirroring - High-performance (Asynchronous) Seconds SQL Log Shipping Minutes Traditional Backup and Restore Hours to Days Automatic Failover Additional Readable Copies Yes 0-2
- 34. HA and DR AlwaysOn Availability Groups in SQL 2012
- 35. Creating SQL 2012 AOAGs Demo
- 36. HA and DR Network Load Balancing • Hardware Based Load Balancing (F5, Cisco, Citrix NetScaler – Best performance and scalability • Software Windows Network Load Balancing fully supported by MS, but requires Layer 2 VLAN (all packets must reach all hosts.) Layer 3 Switches must be configured to allow Layer 2 to the specific VLAN. • If using Unicast, use two NICs on the server, one for communications between nodes. • If using Multicast, be sure to configure routers appropriately • Set Affinity to Single (Sticky Sessions) • If using VMware, note fix to NLB RARP issue (http://tinyurl.com/vmwarenlbfix)
- 38. Security Five Layers of SharePoint Security • Infrastructure Security and Best practices – Physical Security – Best Practice Service Account Setup – Kerberos Authentication • Data Security – Role Based Access Control (RBAC) – Transparent Data Encryption (TDE) of SQL Databases • Transport Security – Secure Sockets Layer (SSL) from Server to Client – IPSec from Server to Server • Edge Security – Inbound Internet Security (Forefront UAG/TMG) • Rights Management
- 39. Document SharePoint SPDocKit • • • Document all key settings in IIS, SharePoint, after installation Consider monitoring for changes after installation for Config Mgmt. Fantastic tool for this is the SPDocKit - can be found at http://tinyurl.com/spdockit
- 40. Michael Noel Twitter: @MichaelTNoel www.cco.com Slides: slideshare.net/michaeltnoel Travel blog: sharingtheglobe.com SharePoint 2013 Unleashed: tinyurl.com/sp2013unleashed
Editor's Notes
- #2: Introduction slide