Sharepoint Deployments

HIT308
The Ultimate SharePoint Best
Practice Session
Lessons Learned from Years of
SharePoint Deployments

Michael Noel
Convergent Computing
Twitter: @michaelTnoel

Michael Noel
• Technology book author; Over 15 titles translated into 20
languages worldwide
• Partner at Convergent Computing (www.cco.com) – San
Francisco Bay Area based Consultants
• Specialties in SharePoint, Exchange, Security, and more…

Session Agenda
g

• Farm Architecture
• Virtualized Farm Architecture
• High Availability Design
Hi h A il bilit D i
• Logical Architecture
• Hardware and Software
• SharePoint Installation
• Kerberos Authentication

Farm Architecture
F A hit t

Best Practice SharePoint
Designs

Farm Architecture
All-in-one Server

• All Roles and SQL on one
server
• Often seen in small farms
• SQL contention with
t ti ith
SharePoint
• Easy to deploy, but not best
practice
• No ability for test
environment
i t
• NOTE: Do not use SQL
Express in Production!

Farm Architecture
Dedicated SQL Database Server

• Dedicated SQL Server
• All SharePoint roles
on single box
• Less Disk IO
• Greater Performance
• Still no test
environment…
environment

Farm Architecture
Smallest Highly Available Farm

• 2 Web/Query/Application
/Central Admin/Inbound
Email Servers
• 1 Dedicated Index Server
(With Web role to allow it to
crawl content)
• 2 SQL Standard Edition
Cluster Nodes
(Active/Passive) – Mirror
also option
• Smallest highly available
farm

Farm Architecture
Scalability

Scale up and Scale out
out…

Virtualized Farm
Architecture

Less Hardware, less
cost…
cost

Virtualized Farm Architecture
Easy and Supported

• Microsoft Hyper-V (R2 current version) or
VMware ESX supported (KB 897615)
• Great Windows Licensing Options (Ent =
4 licenses, Datacenter = unlimited)
• Allows for multiple farms, more servers
• L
Less cost, more f il
t failover options (Li
ti (Live
Migration / Vmotion)
• Do not overcommit resources!

Cost Effective Farm / No HA

Allows organizations th t wouldn’t normally b able t
All i ti that ld ’t ll be bl to
have a test environment to run one
Allows for separation of the database role onto a
p
dedicated server
Can be easily scaled out in the future

Fully Redundant Farm with only Two Servers

High-
Availability
across H t
Hosts
All
components
virtualized
Uses only
two Windows
Ent Edition
Licenses
Li

Best practice, Highly Available and Scalable Farm
Highest
transaction
servers are
physical
Multiple farm
M lti l f
support, with
DBs for all
farms on the
f h
SQL cluster
Only five
y
physical
servers total,
g
but high
performance

Virtualization Scalability

High A il bili
Hi h Availability
Architecture

Network Load Balancing
g
and SQL Database
Mirroring

High Availability Architecture
Network Load Balancing

• H d
Hardware B
Based L d B l
d Load Balancing i B t
i is Best
● F5
● Cisco Content Switch
● Citrix Netscaler
• Windows Network Load Balancing
Supported
● Unicast – Use two NICs
● Multicast – Requires Router Support
q pp

Network Load Balancing - Sample

● Web Role Servers
• sp1.companyabc.com (10.0.0.101) – Web Role Server #1
• sp2.companyabc.com (10.0.0.102) – Web Role Server #2
● Clustered VIPs shared between SP1 and SP2 (Create A
records in DNS)
• spnlb.companyabc.com (10.0.0.103) - Cluster
• spca.companyabc.com (10 0 0 104) – SP C t l Ad i
b (10.0.0.104) Central Admin
• ssp1.companyabc.com (10.0.0.105) – SSP
• spsmtp.companyabc.com (10.0.0.106) – Inbound Email
p p p y ( )
• home.companyabc.com (10.0.0.107) – Main SP Web App
• mysite.companyabc.com (10.0.0.108) – My Sites

SQL Database Mirroring

• A il bl i SQL S
Available in Server
2005/2008, both Standard and
Enterprise Mi
E t i Mirroring
i
• Keep a full copy of Database on
another server
• Asynchronous (good for WAN
scenarios, Enterprise edition only)
or Synchronous

Database Mirroring – Single Site Option

• Single Site
• Synchronous
Replication
• Uses a SQL
Witness Server to
Failover
Automatically
A i ll
• Mirror all
SharePoint DBs in
the Farm
• Use a SQL Alias to
switch to Mirror
it h t Mi
Instance

Database Mirroring – Cross Site HA Mirroring Option

• T
Two Sites
Sit
• 1 ms
Latencyy
• 1GB
Bandwidth
• Farm
Servers in
each
location
• Auto
Failover
F il

Database Mirroring – Warm Farm Asynchronous Option

• Two Sites
• Two Farms
(one warm
farm)
• Mirror only
Content DBs
• Failover is
Manual
• M t Reattach
Must R tt h
DBs
• Must re index
re-index

Logical Architecture

Do it right the first time…

Web Application Architecture

• Consider creating multiple Web Apps
• Example:
● spca.companyabc.com
● ssp1.companyabc.com
● mysite.companyabc.com
● home companyabc com
home.companyabc.com
• Flexible and scalable!

Distribute by Default

• Distribute content across multiple Site
Collections
• Distribute Site Collections Across
Multiple DBs
• M lti l d t b
Multiple databases = more controlled
t ll d
DB growth
• Try to keep your Content DBs
manageable in size (
g (50-100GB) )

Sample Logical Architecture

Hardware and
H d d
Software
Determining the right tools
for the job

Hardware and Software
Disk, Memory, and Processor

• SQL Databases Require large amounts of
space!
• Allocate Disk Space for Index and Q y
p Query
Servers as well
• Index corpus can g
p grow to 5%-20% of total size
of data indexed
• Database and Index Servers require most RAM
(4GB, 8GB, or more)
• Multi-core processors recommended

Windows Server Versions

• Windows Server 2008 R2 (or RTM) highly
recommended!
• Critical that new servers run x64, required for
, q
SharePoint 2010
• SharePoint servers are fine with Standard
edition of Windows, no extra gain for Enterprise
• SQL Servers may require Enterprise edition if
using SQL Enterprise

SQL Server Versions

• SQL Server 2008 Recommended
Q
• 64 bit also highly recommended (required for
SharePoint 2010)
• SQL Server 2005 still supported
• SQL 2000 supported for Sharepoint 2007, but
not for 2010, and not recommended
t f 2010 d t d d
• Separate SQL Reporting Services server may
be required for intensive reporting
• Standard edition of SQL generally fine, except
for very large environments
y g

SharePoint
Installation
Getting the steps right

SharePoint Installation
Service Accounts

• Never use a single service account!
• Create the Following Accounts
● SQL Admin A
Ad i Account t
● Installation Account
● SharePoint Farm Admin
S
● Search Admin
● Default Content Access Account
● Application Pool Identity Accounts

Installation Process

• Choose
‘Complete’
‘C l t ’
Installation
• Do not select
‘Stand-alone’ for
Stand alone
a Production
environment!

Installation Process

• Choose Index
Location during
Install
• Index location
can be changed
later, but more
difficult

Command-line Installation of SharePoint

• Learn to install from Command-line
• Only way to specify SPCA Database
Name
• SETUP, PSCONFIG and STSADM
• PSC fi i your f i d!
PSConfig is friend!
• Powershell is the future here…

Running the Config Wizard to Install Servers

• Consider PSConfig
• Use Easy to remember port for
SPCA (i e 8888)
(i.e.
• Better still, change SPCA to
443 later
• Use Common Database
Naming Convention
• Account running wizard needs
DBCreator and Security Admin
y
rights on SQL Server
• Run the wizard on additional
servers as necessary

Create a SQL and/or DNS Alias!

• Most flexible approach!
• spsql abc com = sql1
spsql.abc.com

Kerberos
Authentication
Security, Security, Security
y y y

Kerberos Authentication
Enable for Best practice Security!

• Use Kerberos when creating Web Apps
• Extra steps required, but worth it…
p q ,

Step 1: Create SPNs for Web Apps

• Create Service Principle Names (SPNs)
• Used for impersonation

Step 2: Create SPNs for SQL

• Create SPNs for SQL
• Syntax similar to following:
● Setspn.exe
Setspn exe -A MSSQLSvc/spsql:1433
COMPANYABCSRV-SQL-DB
● Setspn.exe –A
MSSQLSvc/spsql.companyabc.com:1433
COMPANYABCSRV-SQL-DB
• MSSQLSvc = Default instance, if named
instance
instance, specify the name instead
• In this example SRV SQL DB is the SQL Admin
example, SRV-SQL-DB
account

Step 3: Allow App Pool accounts and SP Computers to
Delegate

• Use ADUC
• SharePoint
Web Server
Computer
p
Accounts
• App Pool
Identity
Accounts
A t

Step 4: Edit Applicationhost.config
• Windows Server 2008 only
• Modify the ApplicationHost.config file
<windowsAuthentication enabled="true" useKernelMode="true"
useAppPoolCredentials="true">

Step 5: Enable Kerberos on Web App

• Enable Kerberos on the Web App (if not
already turned on)
● Go t A li ti Management –
G to Application M t
Authentication Providers
● Choose the appropriate Web Application
● Click on the link for ‘Default’ under Zone
● Change t I t
Ch to Integrated Windows Authentication
t d Wi d A th ti ti
- Kerberos (Negotiate)
• R ii
Run iisreset / f
t /noforce from the command
f th d
prompt

Key Takeaways
y y

• Highly consider Virtualization for SharePoint
• Create a test farm!
• Consider Database Mirroring and/or NLB for
SharePoint HA
• Deploy the ‘five server farm’ for full High
p y g
Availability
• Plan today for SharePoint 2010 (more on this
in the next session!)
• Enable Kerberos Authentication

For More Information

• SharePoint Database Mirroring Whitepaper
(http://tinyurl.com/mirrorsp)
(htt //ti l / i )
• Database Mirroring Failover Case Study
(http://tinyurl.com/mirrorspcs)
• Microsoft ‘Virtualizing S
f ‘ SharePoint Infrastructure’
f ’
Whitepaper (http://tinyurl.com/virtualsp)
• SharePoint Log Shipping Whitepaper
(http://tinyurl.com/logshipsp)
(htt //ti l /l hi )
• Microsoft Kerberos Guidance for SP
(http://tinyurl.com/kerbsp)

Your Feedback is Important

Please fill out a session evaluation form and
either put them in the basket near the exit
or drop them off at the conference
registration desk.

Thank you!

Session Code: HIT308

Michael Noel
Twitter: @MichaelTNoel
www.cco.com

Session Code: HIT308
Slide Deck:
http://www.devconnections.com/updates/LasVegas_Fall09/SharePoint

Sharepoint Deployments

More Related Content

What's hot

Viewers also liked

Similar to Sharepoint Deployments

More from Information Technology

Recently uploaded

Sharepoint Deployments