aws webinar: how to architect and deploy a multi tier share point server farm on aws

34
Microsoft SharePoint Server on AWS Deploying a SharePoint 2010 Server Farm on the AWS Cloud Ulf Schoo AWS Solution Architect 1

Upload: amazon-web-services

Post on 11-May-2015

1.472 views

Category:

Technology


2 download

DESCRIPTION

AWS Solution Architect discusses high availability features for Microsoft Windows Server and SQL Server running on the AWS Cloud. Windows Server Failover Clustering (WSFC) and SQL AlwaysOn Availability Groups are part of the underpinnings for many enterprise-class solutions, including Microsoft SharePoint and .NET applications. You will learn to: • Deploy the virtual network infrastructure on multiple subnets • Launch Amazon Machine Images (AMIs) of Windows Server 2008 R2 • Set up Active Directory and DNS • Launch and configure the WSFC nodes • Create a SQL Server AlwaysOn Availability Group

TRANSCRIPT

Page 1: AWS Webinar: How to architect and deploy a multi tier share point server farm on AWS

Microsoft SharePoint Server on AWS Deploying a SharePoint 2010 Server Farm on the AWS Cloud

Ulf Schoo

AWS Solution Architect

1

Page 2: AWS Webinar: How to architect and deploy a multi tier share point server farm on AWS

Agenda

• Introduction

• Running Microsoft Workloads on AWS

• SharePoint Server Architecture on AWS

• Common SharePoint Server Scenarios in the AWS cloud

• Mapping SharePoint Server scenarios to AWS – Network and Security Setup – Server Setup and Configuration – Deployment

• Resources

2

Page 3: AWS Webinar: How to architect and deploy a multi tier share point server farm on AWS

Meeting Business Growth • Time to obtain new hardware

• Scalability, elasticity

Data Center Limitations

Inflexible Architecture

DR & HA

Finding & Retiring IT talent

Enterprise IT Challenges

3

Page 4: AWS Webinar: How to architect and deploy a multi tier share point server farm on AWS

Key Benefits to Running in the AWS Cloud

No Up-Front Investment

Apps not Ops

Flexible Capacity

Speed and Agility

Low Ongoing Cost

Deploy

Global Reach

4

Page 5: AWS Webinar: How to architect and deploy a multi tier share point server farm on AWS

The AWS Cloud

Low-level building blocks

High-level building blocks

Tools to access services

Cross Service features

5

Page 6: AWS Webinar: How to architect and deploy a multi tier share point server farm on AWS

AWS Global Infrastructure

9 Regions

25 Availability Zones

Continuous Expansion

6

Page 7: AWS Webinar: How to architect and deploy a multi tier share point server farm on AWS

Key AWS Services

AMI

Virtual Machine Configuration

Instance

Running or Stopped VM

VPC

EC2 “Classic”

Availability Zone Availability Zone

S3

EBS EBS EBS

VPC

EC2 “Classic”

EBS EBS EBS

EBS Snapshots

S3 Buckets

Region

7

Page 8: AWS Webinar: How to architect and deploy a multi tier share point server farm on AWS

AWS “Virtual Private Cloud”

• Launch AWS resources in a virtual network that you define

• Environment closely resembles a traditional network

• Control over IP address ranges, subnets, routes, gateways

and security settings

• Create encrypted VPN connections between your branch

offices or corporate headquarters and use VPC as an

extension of your corporate data center

8

Page 9: AWS Webinar: How to architect and deploy a multi tier share point server farm on AWS

EC2

EC2

EC2

EC2

EC2

EC2

EC2

EC2

EC2

EC2

EC2

EC2

EC2

EC2

EC2

EC2

EC2

EC2

EC2

EC2

EC2

EC2

EC2

EC2

S3

S3

S3

S3

S3

S3

Public Cloud

Secure VPN

over Internet

Multiple

Subnets

Corporate

Router

VPN Gateway

Amazon Virtual Private Cloud Extends Your Data Center

IP Addresses

Not Advertised

to Internet

Physical Data

Center

9

Page 10: AWS Webinar: How to architect and deploy a multi tier share point server farm on AWS

Microsoft Platform on AWS

• Partnership to support running Windows

Server-based workloads on AWS

• Amazon Machine Images (AMIs) with

Windows Server and SQL Server today that

were jointly developed by Microsoft and

AWS

• SharePoint Server and other Microsoft

server products can be licensed to run on

AWS

Two licensing models:

•Windows Server

•SQL Server Standard

Pay-as-you-go – AMI pricing includes

software

•SQL Server Enterprise

•SharePoint Server

•Other qualifying Microsoft Windows Server products*

BYOL – use existing licenses on AWS

*General info on AWS and License Mobility for a variety of MS server products:

http://aws.amazon.com/windows/mslicensemobility/

Detail on AWS and License Mobility with SQL Server:

http://aws.amazon.com/windows/mslicensemobility/sql/

Microsoft “License Mobility through Software Assurance” gives Microsoft Volume Licensing

customers the flexibility to deploy Windows Server applications with active Software

Assurance (SA) on Amazon Web Services.

10

Page 11: AWS Webinar: How to architect and deploy a multi tier share point server farm on AWS

SharePoint Server Common Workloads

• Enterprise collaboration, content management,

and team/project sites

• Web Applications: – ASP.NET++ documents/team, SharePoint services, social

computing workflow, backend connectivity, web-part

personalization, etc.

• Search services – SharePoint Search Server

• MS Office services – Excel, Word, etc.

11

Page 12: AWS Webinar: How to architect and deploy a multi tier share point server farm on AWS

Two SharePoint Scenarios

• Enterprise internal deployment of SharePoint: – All or partial deployment of corporate SharePoint infrastructure

on AWS

– Intranet only – user experience identical to running on-premise

SharePoint

• Public-accessible Web Application/Website – Web-based application built on SharePoint Server

– For instance: Customer service portal

12

Page 13: AWS Webinar: How to architect and deploy a multi tier share point server farm on AWS

Intranet SharePoint on AWS

• Enterprise (Intranet) SharePoint farm: – Completely or partial (hybrid) hosted in AWS

– Extension of enterprise infrastructure into AWS

• Key points: – Typically for corporate group collaboration, content sharing, team sites

– Internal only – access only from within corporate

– Active Directory on premise – authenticate using corporate credentials

Page 14: AWS Webinar: How to architect and deploy a multi tier share point server farm on AWS

Microsoft SharePoint Architecture Intranet On-Premises

Application Server Tier

Web Server Group

Web Server Group

App Server Group

App Server Group

Web Server Tier Database Server Tier

Database Group

Database Group Load

Balancer

Primary DB

Secondary DB

Domain Controller

Witness

On-Premises Data Center

Page 15: AWS Webinar: How to architect and deploy a multi tier share point server farm on AWS

Public Website on AWS

• Public Website – Hosted public website/application on AWS

– Leverage SharePoint Server capabilities for web-based application (content, workflow)

• Key points: – Complete solution deployed within AWS

– Accessible via public internet

– DMZ for threat management

15

Page 16: AWS Webinar: How to architect and deploy a multi tier share point server farm on AWS

Microsoft SharePoint Architecture Pubic Facing Website

Application Server Tier

Threat Management Gateways

SharePoint Servers

Threat Management (DMZ)

Database Server Tier

Secondary DB

Load

Balancer

Primary DB

Domain Controller

Witness

Application Hosting

Web Server Tier

Web Server Group

Mirro

red

Web Server Group

SharePoint Servers

Fire

wal

l

Threat Management Gateways

On-Premises Data Center

16

Page 17: AWS Webinar: How to architect and deploy a multi tier share point server farm on AWS

Implementing SharePoint Server Farm on AWS

Done in a step-wise sequential approach similar to a setup on-premises:

1. Create foundational infrastructure:

• Network, Routing, Security

• 2nd Datacenter for High Availability (2nd AWS Availability Zone)

2. Setup AD, Sites, Subnets, Sitelinks

3. Set up MS SQL Server – primary, secondary, (witness)

4. Set up Application Servers

5. Set up Web Front End (WFE) servers

17

Page 18: AWS Webinar: How to architect and deploy a multi tier share point server farm on AWS

SharePoint Architecture in AWS Intranet – Network

On Premises Data Center

Customer Gateway

(VPN)

Active Directory Domain Controllers

Availability Zone 1

Availability Zone 2

AWS Region

VPN Connection

Virtual Private

Gateway

Web Tier Application Tier Database Tier

Web Tier Application Tier

Active Directory

Database Tier

Active Directory

Private Subnet Private Subnet Private Subnet

Private Subnet Private Subnet Private Subnet

Private Subnet

Private Subnet

Elastic Load

Balancer

18

Page 19: AWS Webinar: How to architect and deploy a multi tier share point server farm on AWS

SharePoint Architecture in AWS Public Facing Site – Network

Availability Zone 1

Availability Zone 2

Region

Internet Gateway

Internet

Web Tier Application Tier Database Tier

Web Tier Application Tier

Active Directory

Database Tier

Active Directory

DMZ

DMZ

NAT

NAT

HTTP/S

Public Subnet Private Subnet Private Subnet Private Subnet

Public Subnet Private Subnet Private Subnet Private Subnet

Private Subnet

Private Subnet

RDGW

RDGW

19

Page 20: AWS Webinar: How to architect and deploy a multi tier share point server farm on AWS

Identity and Authorization

• Active Directory setup in VPC to provide user

authentication for SharePoint farm on AWS – For the intranet scenario, AWS AD contents are replicated from the

AD on-premises via VPN (periodic refresh)

– For website scenario, users are created and maintained in AWS AD

• If on-premises alternate directory exists (LDAP etc),

then ADFS should be considered to federate those

with SharePoint

20

Page 21: AWS Webinar: How to architect and deploy a multi tier share point server farm on AWS

SharePoint Architecture in AWS Active Directory On AWS

VPN Connection

Active Directory Domain Controllers

Availability Zone 1

Availability Zone 2

Virtual Private

Gateway

Customer Gateway

(VPN)

Active Directory Replication Active Directory

Active Directory

Private Subnet

Private Subnet

On Premise Data Center

21

Page 22: AWS Webinar: How to architect and deploy a multi tier share point server farm on AWS

SharePoint Architecture in AWS Public Facing Website – AD Setup

Availability Zone 1

Availability Zone 2

Region

Internet Gateway

Internet

Web Tier Application Tier

Database Tier

Web Tier Application Tier

Active Directory

Database Tier

Active Directory

DMZ

DMZ

NAT

NAT

HTTP/S

Public Subnet Private Subnet Private Subnet Private Subnet

Public Subnet Private Subnet Private Subnet Private Subnet

Private Subnet

Private Subnet

RDGW

RDGW

22

Page 23: AWS Webinar: How to architect and deploy a multi tier share point server farm on AWS

Server Setup

• Map Microsoft guidance for on-premise and virtualized

SharePoint Server setups to EC2

• For each distinct server type/role: o Select (or create/derive) AMI for the role – Windows, MS SQL, etc.

o Select EC2 Instance Type – pivot around CPU, RAM, storage, and

networking performance

• Serves as an initial starting point for sizing/testing

• Test/tweak against your metrics and usage patterns, e.g.

number of concurrent users, type and amounts of

content, etc

23

Page 24: AWS Webinar: How to architect and deploy a multi tier share point server farm on AWS

Server Sizing

24

Tier / Role Scenario Processor RAM Hard Disk

Web/Application Tier All 64-bit, 4 core 8 GB 80 GB

Database server Small deployment 64-bit, 4 core 8 GB 80 GB

Database server Medium deployment 64-bit, 8 core 16 GB 80 GB

Domain controller All 64-bit, 4 core 8 GB 80 GB

Tier Applicable EC2 Instance Type and Range AMI to Use

Web front end Extra Large (m1.xl) Windows Server 2008 R2 + IIS

Application server Extra Large: High Memory Quad Extra Large (m2.xl–m2.4xl) Windows Server 2008 R2

Database server High Memory Quadruple Extra Large (m2.4xl) Optimized SQL Server 2008 R2 AMIs from Microsoft

Domain controller Extra Large (m1.xl) Windows Server (in the role of a domain controller)

Microsoft recommended server requirements for on-premises SharePoint farm:

Suggested mapping to AWS instance types:

Page 25: AWS Webinar: How to architect and deploy a multi tier share point server farm on AWS

Security Setup

• To enable appropriate access in and out of the VPC,

subnets, and the instances running each subnet

• Two core components in security setup:

Security Groups Act as a firewall that controls the traffic allowed in and out of a AWS resource.

Security groups act at the instance level, not the subnet level.

Network ACLs Acts as a firewall for controlling traffic in and out of a subnet. Network ACLs act

at the subnet level, not the instance level.

25

Page 26: AWS Webinar: How to architect and deploy a multi tier share point server farm on AWS

SharePoint Architecture in AWS Intranet – Server Setup

On Premise

Data Center

Customer

Gateway

(VPN)

Active Directory

Domain Controllers

Availability Zone 1

Availability Zone 2

AWS Region

VPN

Connection

Virtual

Private

Gateway

Web Tier Application Tier Primary Database

Web Tier Application Tier

Active Directory

Secondary Database

Active Directory

Private Subnet Private Subnet Private Subnet

Private Subnet Private Subnet Private Subnet

Private Subnet

Private Subnet

Elastic

Load

Balancer

M1.xl M2.2xl-4xl

M2.4xl

M1.small

26

Page 27: AWS Webinar: How to architect and deploy a multi tier share point server farm on AWS

SharePoint Architecture in AWS Public Website – Server Setup

Availability Zone 1

Availability Zone 2

Region

Internet

Gateway

Internet

Web Tier Application Tier Primary Database

Web Tier Application Tier

Active Directory

Secondary Database

Active Directory

DMZ

DMZ

NAT

NAT

HTTP/S

Public Subnet Private Subnet Private Subnet Private Subnet

Public Subnet Private Subnet Private Subnet Private Subnet

Private Subnet

Private Subnet

RDGW

RDGW

M1.xl M2.2xl-4xl

M2.4xl

M1.small

27

Page 28: AWS Webinar: How to architect and deploy a multi tier share point server farm on AWS

Deployment Tools

• AWS CloudFormation – Specify creation and configuration of AWS resources in a JSON-

based template

– Deploy template using AWS CloudFormation to create a ‘stack’ of

running resources

– Integrates with other deployment scripts/tools

• Private AMI Creation

• Windows Powershell – Execute on instance at provisioning time via instance Metadata

– Use PowerShell to orchestrate CloudFormation template launches

28

Page 29: AWS Webinar: How to architect and deploy a multi tier share point server farm on AWS

SharePoint Architecture Whitepaper

• The whitepaper describes all of this in much greater detail and is available for download at:

http://aws.amazon.com/windows/sharepoint/

• Presents and discusses how the SharePoint Server architecture scenarios can be configured and deployed to run on AWS – Enterprise internal deployment of SharePoint

– Public-accessible Web Application/Website

• Targeted to IT decision-makers and administrators

29

Page 30: AWS Webinar: How to architect and deploy a multi tier share point server farm on AWS

Tutorial Article and New Video Tutorial

Article

http://aws.amazon.com/articles/9982940049271604

Video

http://aws.amazon.com/windows/sharepoint/gsg-sharepoint-2010/

“Deploy a Microsoft SharePoint 2010 Server Farm in the AWS Cloud in 6 Simple Steps”:

– Builds upon the SharePoint Architecture White Paper – Configure your SharePoint Server farm and test by creating a sample site

AWS CloudFormation Templates for each step: network/AD stack

Db

stack

app

stack

web

stack

30

Page 31: AWS Webinar: How to architect and deploy a multi tier share point server farm on AWS

Advanced Implementation Guide

• Available in pdf format here:

https://aws.amazon.com/whitepapers/ sharepoint-implementation-guide/

• Comprehensive guide detailing all of the components of the AWS CloudFormation templates, AMI and instance configuration, parameters that can be varied, etc

• Walks through ALL of the AWS CloudFormation details, Powershell scripts, cfn-init details, etc

• Targeted to customers and systems integrators that want to understand all the details, to customize, extend, etc

31

Page 32: AWS Webinar: How to architect and deploy a multi tier share point server farm on AWS

32

Further Reading

Web Pages

Microsoft on AWS http://aws.amazon.com/microsoft/

Amazon EC2 Windows Guide http://aws.amazon.com/sharepoint/

Amazon EC2 Windows Guide http://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/

Microsoft AMIs for Windows and SQL Server http://aws.amazon.com/windows/ (includes pricing)

https://aws.amazon.com/amis?ami_provider_id=1&platform=Windows

&selection=ami_provider_id%2Bplatform

Microsoft License Mobility http://aws.amazon.com/windows/mslicensemobility/

Covers Microsoft Exchange, SharePoint, SQL Server, Lync Server,

System Center Operations Manager, and Dynamics CRM. See page

for specific details including which versions are covered.

Whitepapers

Microsoft SharePoint Server on AWS: Reference Architecture

Secure Microsoft Applications on AWS

Implementing Microsoft Windows Server Failover Clustering (WSFC)

and SQL Server 2012 AlwaysOn Availability Groups in the AWS Cloud

Contact Us

Microsoft (general) https://aws.amazon.com/microsoft/contact-us/

SharePoint https://aws.amazon.com/sharepoint/contact-us/

Page 34: AWS Webinar: How to architect and deploy a multi tier share point server farm on AWS

Bootcamp: Implementing the Microsoft Enterprise Datacenter in the AWS Cloud

Level: 300 - Experienced Audience: Solution Architects, SysOp Administrators Price: $600

http://reinvent.awsevents.com/bootcamps.html#implementing-the-microsoft-enterprise-datacenter-in-the-aws-cloud 34