Navigating the Turbulence on takeoffSetting up SharePoint on Azure IaaS the right way

Jason Himmelstein, MVPSenior Technical Director@sharepointlhorn

Jason’s contact & vitals• Senior Technical Director, SharePoint • SharePoint Server MVP • SharePoint Community Leadership Board, Chair• Microsoft PTSP• Blog: www.sharepointlonghorn.com • Twitter: @sharepointlhorn • LinkedIn: www.linkedin.com/in/jasonhimmelstein• SlideShare: http://www.slideshare.net/jasonhimmelstein• Email: jase@sharepointlonghorn.com

• Author of Developing Business Intelligence Apps for SharePoint– http://bit.ly/SharePointBI

What made me this way?

• What is Microsoft Azure IaaS?

• Why SharePoint on IaaS?

• Pieces & Parts

• Use Cases

• The Jumpstart Method

• Recommendations

Agenda

What is Microsoft Azure IaaS?

Windows Azure Virtual Machines

IT Pro experience

Support for key server applications

Easy storage manageability

High availability features

Advanced networking

Integration with compute PaaS

If it requires a developer, it’s not IaaS

Images Available

Windows Server

SQL Server

BizTalk Server

SharePoint

Ubuntu

OpenSUSE

CentOS

SUSE Linux Enterprise Server

VM Depot

Java Platform (Preview)

WebLogic Server (Preview)

Oracle Database (Preview)

Create a Trial from Image Gallery

Virtual Machine Sizes

Size Name CPU Cores Memory Max. data disks Max. IOPS

ExtraSmall Shared 768 MB 1 1x500

Small 1 1.75 GB 2 2x500

Medium 2 3.5 GB 4 4x500

Large 4 7 GB 8 8x500

ExtraLarge 8 14 GB 16 16x500

A5 2 14 GB 4 4X500

A6 4 28 GB 8 8x500

A7 8 56 GB 16 16x500

A8 8 56 GB 16 16x500

A9 16 112 GB 16 16x500

Each data disk can hold up to 1 TB of storage.

SharePoint Virtual Machines

• 99.9% for single role instances– 8.75 hours of downtime per year

Service Level Agreements

What’s includedCompute Hardware failure (disk, cpu, memory)Datacenter failures - Network failure, power failureHardware upgrades, Software maintenance – Host OS Updates

What is not includedVM Container crashes, Guest OS Updates

99.95% for multiple role instances4.38 hours of downtime per year

Virtual Machine Names and DNS

Bring your own DNS serverUse your on-premise DNS serversDeploy a DNS server in Windows AzureUse public DNS services

Windows Azure provided DNS Resolves VMs by name within the same cloud serviceMachine names are modeled explicitly and registered in the DNS service

Full control over machine names

Cross-premise Connectivity

CLOUD ENTERPRISE

Data SynchronizationSQL Azure Data Sync

Application-layer Connectivity & Messaging

Service Bus

Secure Point-to-Site Network Connectivity

Windows Azure Virtual Network

Secure Site-to-Site Network Connectivity

Windows Azure Virtual Network

Why SharePoint on IaaS?

SharePoint Cloud Continuum

L of

CONTROL

CO

ST-E

FF

ICIE

NC

Y

SharePoint (On-premises)

• SharePoint

Value Prop:• Full h/w control – size/scale• Roll-your-own HA/DR/scale

Value Prop:• 100% of API surface area• Easy migration of existing

apps• Roll-your-own HA/DR/scale

SharePoint (IaaS)

• Hosted SharePoint

Value Prop:• Auto HA, Fault-Tolerance• Friction-free scale• Self-provisioning, mgmt. @

scale

• SharePoint Service

Office 365 (SaaS)

Why IaaS for SharePoint?

IaaS

• Maintain ownership & management of the virtual machine

• Build complex solutions not supported in Microsoft’s Public Cloud

• Design, implement, and develop with no hardware commitment

Why Should I Care

FastQuickly get new SharePoint developers on your projects up and running with little downtime.

Quickly get new system test environments provisioned.

Reduced CostTear down developer machines when vendors leave the project.

Reduced capital expenditures as no laptops need to be issued to new developers.

Tear down system test environments when not in use or a particular release has finished.

Integrate the customer’s vendors easily. The customer doesn’t have to add the vendor to the corporate domain.

Reduced Operations

Azure footprint

16 regions worldwide in 2014

Pieces & Parts

Closely locate your compute, network and storage resources in the same datacenter

Get better performance

Get lower latency

Reduce egress costs

AffinityGroup

Affinity Groups (AG)

• An AG is a container to keep your Virtual Network in a single data center– Required before you can create a Virtual Network

• To create PowerShell or go to Settings at the bottom of the Management Portal

Affinity Groups (AG)

• Declare your own address space in the cloud– Private and Persistent IP Addresses (unless you de-allocate

the VM) – Support for Static Internal IP addresses (even if you de-

allocate a VM)

• Advanced Connectivity– Support for Hosting Active Directory in Azure Virtual Machines – Connect multiple cloud services privately on the same virtual

network– Connect Virtual Networks in the same or separate regions– Support for Internal Load Balancing– Optional - Hybrid Connectivity – Site to Site, Point to Site and

ExpressRoute

• Virtual Networks are Required for a SharePoint Farm

Virtual Network

Reserved IP Addresses

New Feature for Virtual Machines Persistent External IP address for Cloud ServiceIP Survives even if all virtual machines are de-allocated.

New-AzureReservedIP -ReservedIPName "SharePointIP" -Location "West US" -Label "SPIP"

New-AzureVM <VM Creation Params> -ReservedIPName "SharePointIP"

IP Allocation with Virtual Networks

IPs are allocated based on order of provisioning. (1st 4 IPs are reserved)Subnet: 10.0.0.0/241. VM1 = 10.0.0.4 2. VM2 = 10.0.0.5

If VMs are re-allocated in a different order they get different IP addresses 1. VM2 = 10.0.0.4 2. VM1 = 10.0.0.5

Use Static IP addresses to retain IP regardless of orderSet-AzureStaticVNetIP

• A container for VMs that acts as a network and security boundary – Required before you can create a Virtual Network

• Allow external traffic into one or more VMs create an endpoint

• Cloud Service IP Address– Cloud service URL is mapped to a public IP

http://riroxsp.cloudapp.net = 137.135.68.130– All external traffic to virtual machines uses this IP– IP can be lost if all VMs are de-allocated (unless using

a reserved IP)

Cloud Service

Fault DomainRack

IIS1

SQL1

Fault DomainRack

IIS2

Machine

SQL2

Web Availability Set

SQL Availability Set

Get SLA by deploying multiple instances in availability sets

Ensure availability during updates & maintenance

Continue to architecture availability into the application

Availability Sets

Availability Sets

What is an "Availability Set"? A label that tells Microsoft Azure your virtual machines perform the same workload

Guaranteed physical redundancy router/switchpower supplynetwork cablesphysical machine

Microsoft Azure has knowledge of application topology. Will not take all VMs down during host updates.

99.95% SLA

SPWFE-01

SPWFE-02

SharePoint Farms and Availability Sets

For each tiercreate an

Availability Set

Availability Sets do not span cloud services

AD-VM-01Subnet AD

10.0.2.4

AD-VM-02Subnet AD

10.0.2.5

SP-WFW-01Subnet WEB

10.0.3.4

Cloud Service

SP-WFE-02Subnet WEB

10.0.3.5

AV Set: ADAV Set: SPWFE

SP-APP-01Subnet APPS

10.0.4.4

SP-APP-02Subnet APPS

10.0.4.5

AV Set: SPAPP

SQL-AO-01Subnet SQL

10.0.1.5

SQLWITNESSSubnet SQL

10.0.1.6

SQL-AO-01Subnet SQL

10.0.1.4

AV Set: SQL

AD-VM-03Subnet AD

10.0.2.6SP-WFE-02

Subnet WEB10.0.3.5

SP-APP-02Subnet APPS

10.0.4.5

SPVNET

• Operating System (OS) Disk – This disk is a copy of a source .vhd file and the new copy is registered as an OS disk – Maximum of 127 GB– Three copies of the disk are created for high durability– When using disaster recovery that is geo-replication based the VHD is replicated at

a distance of greater than 400 miles– Registered as SATA drives and are labeled as the C drive

• Temporary Disk– Created automatically– Used for Page File or Swap File

• Data Disk– A data disk is a VHD that can be attached to a running virtual machine to

persistently store application data– The maximum size of a data disk is 1 TB – Data disks are registered as SCSI drives and are labeled with a letter that you

choose – The size of the virtual machine determines the number of disks that you can attach

to it

Azure Disks

• Azure Subscription– Affinity Group• Virtual Network–Cloud Service»Availability Set• Virtual Machines• Azure Disks

How does it build?

Use Cases

SharePoint Workloads

SharePoint for Internet Sites (FIS)Public facing, anonymous access sites

Developer, Test and Staging Environments Quickly provision and un-provision entire environments

Hybrid ApplicationsApplications that span your data center and the cloud

Disaster RecoveryQuickly recover from a disaster, only pay for use

Develop and Test in Azure

Development System Test Pre-ProductionWriting new SharePoint code for new product features in Windows Azure virtual machines.

System testing new product features and releases from the development environment.

User acceptance testing: product releases once system testing is completed, the stage before going live into production.

Dev / Test

Cloud ServiceVirtual Network

SQL DR1(A6)

SP DR1(Large)

AD1(X-Small)

SQL DR2(A6)

SP DR2(Large)

SP DR4(Large)

SP DR5(Large)

SP DR3(Large)

Visual Studio Online

Test Agents

Load Test

IaaS and Disaster Recovery

Cloud ServiceVirtual Network

Windows Azure

SQL DR1(A6)

SP DR1(Large)

AD1(X-Small)

On Premises

Web servers

Application servers

SQL DR2(A6)

SP DR2(Large)

SP DR4(Large)

SP DR5(Large)

SP DR3(Large)

Directory servers

VPN Tunel

SQL Server Log Shipping

Extranet and Public-Facing Internet

Cloud Service

Virtual Network

Windows Azure On Premises

Active Directory

Site developers and authors

VPN Tunnel

SharePoint 2013 Farm

Web Application

Windows Azure Active Directory

Internet ZoneAnonymous

Extranet Zone Default Zone

WindowsWindows

SAML

FBA

Active DirectoryDomain Services

Partners and Customers

Visitors

Hybrid Solutions

SharePoint

Azure Service

SQL Azure

Blobs

Tables

OnPrem Service

Service Bus

OnPrem Service

IaaS

PaaS

O365SaaS

The Jumpstart Method

SharePoint 2013 Automation Scripts

PowerShell Scripts that use Remote PowerShell for automated deployment of Active Directory, SQL Server and SharePoint 2013.

Two Sample Configurations AvailableHighlyAvailable and SingleVMs

Download from GitHubhttps://github.com/windowsazure/azure-sdk-tools-samples

Single Virtual Machines Template

AD/DC/DNSLB WEB/APP SQL

80

20000Cloud Service

Virtual Network

Windows Azure

Web/App Tier1 x Large

(4 Cores & 7 GB)

Data Tier1 x A6

(4 Cores & 28 GB)

Identity Tier1 Small

(1 Core & 1.75 GB)

K

Highly Available Template

AD/DC/DNSLB WEB SQLAPP

80

20000

Cloud Service

Virtual Network

Windows Azure

AVSET

SPWEB

AVSET

SPAPP

AVSETSQLHA

AVSET

DCSET

Web Tier2 x Large

(4 Cores & 7 GB)

App Tier2 x Large

(4 Cores & 7 GB)

Data Tier2 x A6

(4 Cores & 28 GB)

1 x Small (Quorum)

(1 Core & 1.75 GB)

Identity Tier2 Small

(1 Core & 1.75 GB)

K

Recommendations

SharePoint

Deployment Tips

SharePoint only goes on the C: drive

Put each SharePoint tier into its own availability set (WFE, APP etc…)

Put blob cache on a data disk to increase available IOPS.

Use Static IP addresses to avoid issues if virtual machines started out of order.

SQL Server Best Practices

Storage RecommendationsSplit content databases across multiple disks for increased IOPSVerify Disk Cache Settings on Data Disks Use Data disks for databasesPut database and transaction log files on separate drivesUse SQL Server File Groups instead of Disk Striping Split and move TempDB & TempLogs to separate data disks

Database RecommendationsUse database page compression to reduce I/O

High Availability RecommendationsConsider latency between primary and replica when choosing sync modeUse Availability Sets

More on Storage for SQL Server

Performance ConsiderationsDo not use the temporary disk (D:\) (including for TempDB)Use SQL file groups across multiple disks instead of disk stripingPut logs, data and backup on separate disks Disable geo-replication on storage account for consistencyRemember storage account capacity planning.20,000 IOPS per Storage Account – 500 IOPS per disk maxiumumConsider compressing any data files when transferring in/out of Windows Azure.

Scale Out Not UpMove content databases to separate SQL ServersMove search databases to separate SQL ServersAdd more WFE for scaling SharePoint servicesAdd dedicated Search Servers and SQL Server

Storage Capacity and Planning

Each Disk up to 500 IOPS

IOPS Per Storage Account 20,000Supports up to 40 data disks using maximum IOPS per disk

Random I/O (8 KB Pages)

Sequential I/O (64 KB Extents)

Sequential I/O(256 KB Blocks)

Reads Writes Reads Writes Reads Writes

IOPS 500 500 500 300 300 300

Bandwidth 4 MB/s 4 MB/s 30 MB/s 20 MB/s 70 MB/s 70 MB/s

Active Directory Design Considerations

Should only be deployed in a virtual networkPredictable and stable IP Addresses Specify Static IP to ensure persistence (Set-AzureStaticVNetIP in PowerShell)Active Directory should be deployed in an AD specific subnet to guarantee the IP address will not be acquired by another virtual machine.

Directory Information Tree (DIT) / SYSVOL LocationDeploy DIT / SYSVOL on a data disk

Guidelines for deploying AD in Azure Virtual Machines

http://msdn.microsoft.com/en-us/library/azure/jj156090.aspx

Q&A

Jason’s contact & vitals• Senior Technical Director, SharePoint • SharePoint Server MVP • SharePoint Community Leadership Board, Chair• Microsoft PTSP• Blog: www.sharepointlonghorn.com • Twitter: @sharepointlhorn • LinkedIn: www.linkedin.com/in/jasonhimmelstein• SlideShare: http://www.slideshare.net/jasonhimmelstein• Email: jase@sharepointlonghorn.com

• Author of Developing Business Intelligence Apps for SharePoint– http://bit.ly/SharePointBI