1 / 42

SharePoint on Azure IaaS

SharePoint on Azure IaaS. Mario Brandan Regional Architect Microsoft. Agenda. 1. Run the script! 2. Why Azure IaaS ? 3. Concepts 4. Highlights 5. Questions. First things first. Test. Please browse to this url and verify no web site is there. http://SpAzureService.CloudApp.Net.

umay
Télécharger la présentation

SharePoint on Azure IaaS

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. SharePoint on Azure IaaS Mario Brandan Regional Architect Microsoft

  2. Agenda 1. Run the script! 2. Why Azure IaaS? 3. Concepts 4. Highlights 5. Questions

  3. First things first

  4. Test. Please browse to this url and verify no web site is there http://SpAzureService.CloudApp.Net

  5. Script is already running! Why? It’s a long script 2 hours to run in prior tests Started running it at least an hour before this talk began Timing should let the script finalize about 30 – 45mn into this talk K

  6. What’s Azure IaaS?

  7. Virtual Machines on Azure IaaS Infrastructure as a Service VLAN, Subnet, VM’s, IP’s, etc VHD format compatible with On-premise Software OS: Windows or Linux Many App/DB Server Templates available Not same as Hyper-V One NIC per VM No console access D drive is temporary storage. Don’t use. Otherwise same

  8. Cloud Models • On Premises • Infrastructure • (as a Service) • Platform • (as a Service) • Software • (as a Service) • You manage Applications Applications Applications Applications Data Data Data Data • You manage Runtime Runtime Runtime Runtime • Managed by Microsoft Middleware Middleware Middleware Middleware • You manage • Managed by Microsoft O/S O/S O/S O/S • Managed by Microsoft Virtualization Virtualization Virtualization Virtualization Servers Servers Servers Servers Storage Storage Storage Storage Networking Networking Networking Networking

  9. How to get Azure

  10. MSDN Azure Benefits Subscription Levels Spending Limit Requires a credit card on file Doesn’t let you exceed your monthly Azure Credits Can be turned on and off No Production Work

  11. Other ways Pay as you go Pricing Calculator: http://azure.microsoft.com/en-us/pricing/calculator/ Free Trial http://azure.microsoft.com/en-us/pricing/free-trial/

  12. Why Dev on IaaS?

  13. Modern Development Get hip Reduce costs for individual dev machines Homogeneity among dev machines Sharing among devs is easier. Can even bring the vhd down to local machines if desired. Demo anywhere. Tablet at the airport. Phone in the elevator.

  14. Dev / Test Load Test Visual Studio Online AD1 (X-Small) SP DR1 (Large) SP DR2 (Large) SP DR3 (Large) SQL DR1 (A6) SQL DR2 (A6) SP DR4 (Large) SP DR5 (Large) Test Agents Cloud Service VirtualNetwork Windows Azure

  15. Extranet and Public-Facing Internet Windows Azure On Premises Windows Azure Active Directory Active Directory Active Directory Domain Services SharePoint 2013 Farm Web Application Internet Zone Extranet Zone Default Zone VPN Tunnel Anonymous Windows Windows Visitors SAML FBA Site developers and authors Cloud Service Partners and Customers Virtual Network

  16. Azure IaaS Definitions

  17. Affinity Groups Closely locate your compute, network and storage resources in the same datacenter Get better performance Get lower latency Reduce egress costs AffinityGroup K

  18. Virtual Network Creates a logical boundary around a group of VM’s Can be used for VPN access from corp Gateway device required for IPSEC/VPN access. Machines on VNET look like a machine on corp K

  19. Cloud Service VM’s automatically get a cloud service container Logical grouping of code and configuration. Not the same as Azure Cloud Services, which has web roles and worker roles. K

  20. Availability Sets Another logical boundary Distributes guest VMs across physical hosts in Azure DataCenter Prevents failure of a single physical host bringing down the cloud service K

  21. Storage Account BLOB, Tables, Queue VHDs use BLOB Containers providing grouping for BLOB’s K

  22. Azure Account Virtual Network (VNET) Cloud Service 80 Container Subnet Storage Acct

  23. The Script

  24. SharePoint 2013 Automation Scripts PowerShell Scripts Automated deployment of Active Directory, SQL Server and SharePoint 2013. AD, SQL, SharePoint, in that order Uses various technologies to configure VM’s, AD DS, Disks, SharePoint. Two Sample Configurations Available HighlyAvailable and SingleVMs Download from GitHub https://github.com/Azure/azure-sdk-tools-samples Script as run today. Customized, debugged https://github.com/mabranda/SPAzurePoSh K

  25. Single Virtual Machines Template WEB/APP SQL AD/DC/DNS LB Web/App Tier 1 x Large (4 Cores & 7 GB) Data Tier 1 x A6 (4 Cores & 28 GB) Identity Tier 1 Small (1 Core & 1.75 GB) 80 Cloud Service 20000 Virtual Network Windows Azure K

  26. Environment Setup

  27. My Environment Setup Azure PowerShell Module Available via Web Platform Installer Source code managed in GitHub Visual Studio 2013 …or your favorite PowerShell Script Editor (ISE, PowerGUI) PowerShell Tools for Visual Studio 2013 Available on Visual Studio Gallery. Can install directly from Visual Studio Used only to run PoSh within Visual Studio. All debugging, etc can be done in PowerShell ISE.

  28. Technologies used in VM Connectivity CredSSP Credential Security Service Provider Enables a client program to delegate credentials from the client computer to the target server. Used by RDP WS-Management An open-standard management protocol. Simple Object Access Protocol (SOAP)-based, firewall-friendly protocol Remotely exchange management data with any computer device that implements the protocol. WinRM Microsoft’s implementation of WS-Management

  29. Script Templates MS Official on GitHub https://github.com/Azure/azure-sdk-tools-samples Script as run today. Customized, debugged Updates in Azure PowerShell causes some of the commands to fail https://github.com/mabranda/SPAzurePoSh

  30. Preparation Start VS in Admin Mode Set-ExecutionPolicyByPass Suppresses all confirmation, warnings, lets you run unsigned code Configure the following Enable-PSRemoting Enables PowerShell Remoting. Win 7 or later. Will fail if a network connection is listed as “Public” Enable-WSManCredSSP-role client -delegatecomputer "*.cloudapp.net“ Enable CredSSP for delegation of credentials $regKey = "HKLM:\SYSTEM\CurrentControlSet\Control\Lsa\Credssp\PolicyDefaults\AllowFreshCredentialsDomain" Set-ItemProperty$regKey -Name WSMan -Value "WSMAN/*.cloudapp.net“ Enable CredSSP

  31. Preparation Edit Local Group Policy Start > Run > gpedit.msc Navigate to Computer Configuration > Administrative Templates > System > Credentials Delegation Allow Delegating Fresh Credentials Enable Add Servers > wsman/*.cloudapp.net Allow Delegating Fresh Credentials with NTLM-only server authentication Enable Add Servers > wsman/*.cloudapp.net May need to gpupdate for changes to take effect

  32. Check your subscription Available resources Depending on prior installations, subscription level, you may not have enough cores / storage, etc to successfully run the script. Check Cores Get-AzureSubscription -Current -ExtendedDetails

  33. Highlights

  34. Running the script Start from master-deployment-script.ps1 Will call all other scripts Fill out all parameters in the call to Autoconfigure Fill out the values in the XML configuration files

  35. Outdated Cmdlets Check for new version of cmdlets Rapid Release means we update the Azure module often enough so that old paths and cmdlets may be outdated. Web Platform Installer has latest version Verify your version using (Get-Module).Version Current version as of 7/10/2014 is 0.8.4

  36. DisableLoopBackCheck! New-ItemPropertyHKLM:\System\CurrentControlSet\Control\Lsa -Name “DisableLoopbackCheck” -value "1" -PropertyTypedword

  37. Storage Accounts Gotcha Naming Constraint Storage Account can only contain numbers and lowercase characters. Will cause an error when calling Create-AzureStorageAccount. Must be between 3 and 24 characters. I was using SpAzureStorage, which won't work. Changed to spazurestorage.

  38. Other issues Verify Certificate in local Machine Store $store.Open([System.Security.Cryptography.X509Certificates.OpenFlags]::ReadOnly) $store.Certificates | ?{$_.Subject -like "*SpAzure*"} | select DNSNameList $store.Close() Could not create Publishing Site by default Had to use “STS#0” Bug in Diskpart Noted in the SpAzurePoSh project on GitHub

  39. Connecting Every VM has a public port that maps to the cloud service endpoint. Visible on the Virtual Machines management node on Azure Add the RDP endpoint to an mstsccommand to connect.

  40. Questions?

  41. Resources Windows Azure Training Kit Kirk Evans Presentation from SPC14

  42. Thank you Mario Brandan mario.brandan@outlook.com @mbrandan blogs.technet.com/b/marios_mo_betta_blog

More Related