1. Platinum Sponsor Gold Sponsors

2. Michael NoelBUILDING THE PERFECTSHAREPOINT 2010 FARM BEST PRACTICES FROM THE FIELD 3. MICHAEL NOELAuthor of SAMS Publishing titles SharePoint 2007 Unleashed, the upcoming SharePoint 2010 Unleashed, SharePoint 2003 Unleashed, Teach Yourself SharePoint 2003 in 10 Minutes, Windows Server 2008 R2 Unleashed, Exchange Server 2010 Unleashed, ISA Server 2006 Unleashed, and many other titles .Partner at Convergent Computing (www.cco.com / +1(510)444-5700) San Francisco, U.S.A. based Infrastructure/Security specialists for SharePoint, AD, Exchange, Security 4. WHAT WE WILL COVER Examine various SharePoint 2010 farm architecture best Practicesthat have developed over the past year Examine SharePoint Best Practice Farm Architecture Understand SharePoint Virtualization Options Explore SharePoint DR and HA strategies using DatabaseMirroring Explore other common best Practices (RBS, SSL, NLB) A large amount of best Practices covered (i.e. Drinking through afire hose,) goal is for you to be able to take away at least 2-3useful pieces of information that can be used in your environment 5. ARCHITECTING THE FARM 6. Architecting the FarmUnderstanding the Three Tiers of SharePoint Infrastructure WebService Apps Data 7. Architecting the Farm Small Farm Examples DB and SP Roles SeparateAll-in-One (Avoid) 8. Architecting the Farm Smallest Highly Available Farm 2 SharePoint Servers runningWeb and Service Apps 2 Database Servers (Clusteredor Mirrored) 1 or 2 Index Partitions withequivalent query components Smallest farm size that is fullyhighly available 9. Architecting the Farm Best Practice Six Server Farm 2 Dedicated Web Servers(NLB) 2 Service Application Servers 2 Database Servers (Clusteredor Mirrored) 1 or 2 Index Partitions withequivalent query components 10. Architecting the FarmScaling to Large Farms Multiple Dedicated WebServers Multiple Dedicated ServiceApp Servers Multiple Dedicated QueryServers Multiple Dedicated CrawlServers, with multiple CrawlDBs to increaseparallelization of the crawlprocess Multiple distributed Indexpartitions (max of 10 millionitems per index partition) Two query components foreach Index partition, spreadamong servers 11. Architecting the FarmFAST Search Previously a third party product ($$$$) More reasonable pricing now Highly tuned and specialized search engine forSharePoint and also as an enterprise search platform Replaces SharePoint 2010 Native Search if used Net new features built-in. 12. Architecting the FarmFAST Search Comparison Matrix Slide 1 of 2 FeatureSharePointFoundation Search Server 2010 Express Search Server 2010 SharePoint Server 2010FAST Search Server 2010 for 2010SharePointBasic search XX XX XBest Bets X XX XSearch Scopes X XX XCrawled and Managed PropertiesX XX XQuery FederationX XX XQuery Suggestions X XX XRelevancy Tuning by Document or X XX XSite PromotionsShallow Results RefinementX XX XWindows 7 FederationX XX X 13. Architecting the Farm FAST Search Comparison Matrix Slide 2 of 2FeatureSharePoint FoundationSearch Server2010 ExpressSearchServer SharePoint Server 2010FAST Search Server 2010 for2010 2010SharePointPeople SearchX XSocial SearchX XTaxonomy Integration X XMulti-Tenant Hosting X XVisual Best Bets XSimilar ResultsXDuplicate ResultsXSearch Enhancement based on user context XSort Results on Managed Properties or Rank XProfilesDeep Results RefinementXDocument Preview XRich Web Indexing SupportX 14. VIRTUALIZATION OF SHAREPOINTSERVERS 15. Virtualization of SharePoint ServersCaveats Be Sure to Understand Virtualization Concepts 16. Virtualization of SharePoint ServersVirtual Guest Processor and Memory GuidelinesvCPU RAM (Bare RAM (Recommend) RAM Minimum)(Ideal)Web Only* 26GB 8GB12GBService Application 26GB 8GB12GBRoles OnlyDedicated Search28GB 10GB 16GBService AppCombined410GB12GB 18GBWeb/Search/ServiceAppsDatabase* 410GB16GB 24GB 17. Virtualization of SharePoint ServersSample 1: Small Single Server Environment / No HA Allows organizations that wouldnt normally be able to have a test environment torun one Allows for separation of the database role onto a dedicated server 18. Virtualization of SharePoint Servers Sample 2: Two Server Highly Available Farm High-Availabilityacross Hosts AllcomponentsVirtualized Uses only twoWindows EntEditionLicenses 19. Virtualization of SharePoint Servers Sample 3: Mix of Physical and Virtual Servers Best Perf Highesttransactionservers arephysical Multiple farmsupport, withDBs for allfarms on theSQL cluster 20. Virtualization of SharePoint ServersSample 4: Scaling to Large Virtual Environments 21. Virtualization of SharePoint ServersVirtualization Performance Monitoring Processor (Host Only) Network Bandwidth Bytes 65% = Trouble 50% and above = Good Network Latency - Output 10%-50% = OKQueue Length 2 = Trouble Up to 15ms = fine 15ms-25ms = Caution >25ms = Trouble 22. Virtualization of SharePoint Servers Quick Farm Provisioning using VMM/Virtual Center1. Create new Virtual Guest (Windows Server 2008 R2)2. Install SP2010 Binaries. Stop before running Config Wizard3. Turn Virtual Guest into Template, modify template to allow it to be added into domain4. Add PowerShell script to run on first login, allowing SP to be added into farm or to create new farmEnd Result - 15 minute entire farm provisioningquickly add serversinto existing farms or create new farms (Test, Dev, Prod) on demand 23. DemoQUICK FARM PROVISIONING WITH VMM 2012 24. DATA MANAGEMENT 25. Data ManagementDistribute Data Across Content DBs and Site Collections Start with a distributed architecture of content databasesfrom the beginning, within reason (more than 50 per SQLinstance is not recommended) Distribute content across Site Collections from thebeginning as well, it is very difficult to extract content afterthe face Allow your environment to scale and your users to growinto their SharePoint site collections 26. Data ManagementBinary Large OBject (BLOB) Storage BLOBs are unstructured content stored in SQL Includes all documents, pictures, and files stored inSharePoint Excludes Metadata and Context, information about thedocument, version #, etc. Until recently, could not be removed from SharePoint ContentDatabases Classic problem of structured vs. unstructured data unstructured data doesnt really belong in a SQL Serverenvironment 27. Data Management Getting your BLOBs out of the Content DBs Can reduce dramatically the size of Content DBs, as upwards of 80%-90% of space in content DBs is composed of BLOBs Can move BLOB storage to more efficient/cheaper storage Improve performance and scalability of your SharePoint deployment But highly recommended to use third party 28. SQL DATABASE OPTIMIZATION 29. SQL Database Optimization Content Databases Distributed Between Multiple Volumes Volume #1Volume #2Volume #3Volume #4DB-ADB-B DB-ADB-B DB-ADB-B DB-ADB-BFile 1File 1 File 2File 2 File 3File 3 File 4File 4 Tempdb File 1Tempdb File 2Tempdb File 3Tempdb File 4 30. SQL Database OptimizationContent Databases Distributed Between Multiple Volumes Break Content Databases and TempDB into multiple files(MDF, NDF), total should equal number of physicalprocessors (not cores) on SQL server. Pre-size Content DBs and TempDB to avoid fragmentation Separate files onto different drive spindles for best IO perf. Example: 100GB total Content DB on Four-way SQL Serverwould have four database files distributed across four sets ofdrive spindles = 25GB pre-sized for each file. 31. SQL Database OptimizationTempDB Best Practices TempDB is critical for performance Pre-size to 20% of the size of the largest content database. Break into multiple files across spindles as noted Note there is a separate TempDB for each physical instance Note that if using SQL Transparent Data Encryption (TDE)for any databases in an instance, the tempDB is encrypted. 32. HIGH AVAILABILITY AND DISASTERRECOVERY 33. HIGH AVAILABILITY AND DISASTER RECOVERY DATA TIER CLUSTERING VS. MIRRORING Clustering is Shared Storage, cant survive storagefailure, makes Mirroring more attractive Clustering fails over more quickly Mirroring is not supported for all databases, butClustering is Both Clustering and Mirroring can be used at the sametime (Instance to Instance) 34. HIGH AVAILABILITY AND DISASTER RECOVERYDATA TIER SQL DATABASE MIRRORING Introduced in SQL 2005 SP1 Greatly improved in SQL 2008 and now SQL 2008 R2 Available in Enterprise and Standard (Synchronous only) editions Works by keeping a mirror copy of a database or databases on two servers Can be used locally, or the mirror can be remote Can be set to use a two-phase commit process to ensure integrity of data acrossboth servers Can be combined with traditional shared storage clustering to further improveredundancy SharePoint 2010 is now Mirroring aware! 35. High Availability and Disaster Recovery Data Tier Database Mirroring Model #1 Single Site Single Site SynchronousReplication Uses a SQL WitnessServer to FailoverAutomatically Mirror all SharePointDBs in the Farm 36. High Availability and Disaster Recovery Data Tier Database Mirroring Model #2 Cross-Site with HA Two Sites 1-10 msLatency max 1GbBandwidthminimum Farm Serversin eachlocation Auto Failover 37. High Availability and Disaster RecoveryData Tier Database Mirroring Model #2 Remote Farm Two Sites Two Farms Mirror onlyContent DBs Failover isManual Read-onlyMode possible Must Re-Attach andRe-Index 38. High Availability and Disaster RecoveryData Tier Database Support for Mirroring Slide 1 of 2 SynchronousAsynchronous Mirror Support Mirror SupportConfigurationXCentral Administration content XContent DatabasesXXUsage and Health Data CollectionBusiness Data Connectivity XApplication Registry service * (BDC Upgrade)Subscription Settings service * (PowerShell Enabled) XSearch Search Administration XSearch - Crawl XSearch - PropertyX 39. High Availability and Disaster Recovery Data Tier Database Support for Mirroring Slide 2 of 2SynchronousAsynchronousMirror Support Mirror SupportUser Profile - ProfileXUser Profile - SynchronizationUser Profile Social TaggingWeb Analytics - StagingWeb Analytics - Reporting XSecure StoreXXStage XManaged MetadataXWord Automation ServicesXPerformancePointX 40. HIGH AVAILABILITY AND DISASTER RECOVERYTWO NODE/TWO INSTANCE CLUSTER TAKE ADVANTAGE OF BOTHSERVERS 41. HIGH AVAILABILITY AND DISASTER RECOVERYNETWORK LOAD BALANCING Hardware Based Load Balancing (F5, Cisco,Citrix NetScaler Best performance andscalability Software Windows Network Load Balancing fullysupported by MS, but requires Layer 2 VLAN (allpackets must reach all hosts.) Layer 3 Switchesmust be configured to allow Layer 2 to thespecific VLAN. If using Unicast, use two NICs on the server, onefor communications between nodes. If using Multicast, be sure to configure routersappropriately Set Affinity to Single (Sticky Sessions) If using VMware, note fix to NLB RARP issue(http://tinyurl.com/vmwarenlbfix) 42. HIGH AVAILABILITY AND DISASTER RECOVERY WINDOWS SOFTWARE NETWORK LOAD BALANCING RECOMMENDATIONS Best Practice Create Multiple Web Apps with Load-balanced VIPs(Sample below) Web Role Servers sp1.companyabc.com (10.0.0.101) Web Role Server #1 sp2.companyabc.com (10.0.0.102) Web Role Server #2 Clustered VIPs shared between SP1 and SP2 (Create A records in DNS) spnlb.companyabc.com (10.0.0.103) - Cluster spca.companyabc.com (10.0.0.104) SP Central Admin spsmtp.companyabc.com (10.0.0.105) Inbound Email VIP home.companyabc.com (10.0.0.106) Main SP Web App (can be multiple) mysite.companyabc.com (10.0.0.107) Main MySites Web App 43. SHAREPOINT INSTALLATION 44. SHAREPOINT INSTALLATION SCRIPTED INSTALLATIONS Good to understand how to install SharePoint from thecommand-line, especially if setting up multiple servers. Allows for options not available in the GUI, such as theoption to rename databases to something easier tounderstand. Use PowerShell with SharePoint 2010 Sample scripts available for download 45. SHAREPOINT INSTALLATIONSAMPLES SCRIPTS HTTP://TINYURL.COM/SPFARM-CONFIGFunction Configure-SPSearch {PARAM($AppPool, $FarmName, $SearchServiceAccount)$searchServiceInstance = Get-SPEnterpriseSearchServiceInstance -localStart-SPEnterpriseSearchServiceInstance -Identity $searchServiceInstance$dbName = $FarmName + "_SearchServiceApplication"$searchApplication = New-SPEnterpriseSearchServiceApplication -Name "$FarmName Search Service Application" -ApplicationPool $AppPool -DatabaseName $dbName$searchApplicationProxy = New-SPEnterpriseSearchServiceApplicationProxy -name "$FarmName Search Service Application Proxy" -SearchApplication $searchApplicationSet-SPEnterpriseSearchAdministrationComponent -SearchApplication $searchApplication -SearchServiceInstance $searchServiceInstance$crawlTopology = New-SPEnterpriseSearchCrawlTopology -SearchApplication $searchApplication$crawlDatabase = Get-SPEnterpriseSearchCrawlDatabase -SearchApplication $searchApplicationNew-SPEnterpriseSearchCrawlComponent -CrawlTopology $crawlTopology -CrawlDatabase $crawlDatabase -SearchServiceInstance $searchServiceInstancewhile($crawlTopology.State -ne "Active"){ $crawlTopology | Set-SPEnterpriseSearchCrawlTopology -Active -ErrorAction SilentlyContinue if ($crawlTopology.State -ne "Active") {Start-Sleep -Seconds 10 }}$queryTopology = New-SPenterpriseSEarchQueryTopology -SearchApplication $searchApplication -partitions 1$searchIndexPartition = Get-SPEnterpriseSearchIndexPartition -QueryTopology $queryTopology 46. SHAREPOINT INSTALLATION SOME MANUAL SERVICE APPS STILL REQUIRED Due to complexity and/or bugs, certain Service Appswill need to be manually configured in most cases. This includes the following: PerformancePoint Service Application User Profile Service Application Web Analytics Service Application 47. SHAREPOINT INSTALLATION DOCUMENT THE CONFIGURATION AND MONITOR CHANGES Document all key settings in IIS, SharePoint, after installation Consider monitoring for changes after installation for ConfigMgmt. Great tool for this is the SPDocKit - can be found athttp://tinyurl.com/spdockit 48. SECURITY 49. SHAREPOINT SECURITY LAYERS OF SECURITY IN A SHAREPOINT ENVIRONMENT Infrastructure Security and Best Practices Physical Security Best Practice Service Account Setup Kerberos Authentication Data Security Role Based Access Control (RBAC) Transparent Data Encryption (TDE) of SQL Databases Antivirus Transport Security Secure Sockets Layer (SSL) from Server to Client IPSec from Server to Server Edge Security Inbound Internet Security (Forefront UAG/TMG) Rights Management 50. FOR MORE INFORMATION SharePoint 2010 Unleashed from SAMS Publishing(http://www.samspublishing.com) Windows Server 2008 R2 Unleashed and/or Hyper-V Unleashed(http://www.samspublishing.com) Microsoft Virtualizing SharePoint Infrastructure Whitepaper(http://tinyurl.com/virtualsp) Microsoft SQL Mirroring Case Study (http://tinyurl.com/mirrorsp ) Failover Mirror PowerShell Script (http://tinyurl.com/failovermirrorsp ) SharePoint Kerberos Guidance (http://tinyurl.com/kerbsp) SharePoint Installation Scripts (http://tinyurl.com/SPFarm-Config) Contact us at CCO.com 51. Thank you to our Sponsors Gold Sponsors Silver SponsorsBronze Sponsors 52. Michael Noel Twitter: @MichaelTNoelwww.cco.comSlides: slideshare.net/michaeltnoel