Apr
15

SharePoint on Windows Azure – Part 4: SharePoint Farm

This entry is part 4 of 4 in the series SharePoint on Windows Azure

Rating: 0.0/5 (0 votes cast)

Let’s review the previous articles in this series:

Part 1: Introduction – We showed how to set up tools to interact with Windows Azure.

Part 2: Storage – We showed how to setup Windows Azure storage, how to upload vhd’s and some tools to manage storage.

Part 3: Networking – We showed how virtual networking works, the advantages of using Cloud Services and how to setup the first virtual machine.

Endpoints

Let’s talk about endpoints, load balancing and probes for a minute since we’ll use this concept a bit later on. By default, when you create a VM an endpoint is automatically created. This is what allows you to use RDP (Remote Desktop Protocol) to connect to your VM. Here’s how that looks in the management portal:

Windows Azure assigns a random high port number for the public port that maps to the RDP port (3389). If you’re familiar with NAT in networking, this is similar in concept. Note, this one is not load balanced.

So, how do we use this for our SharePoint Farm? To get a load balanced port that’s publically accessible, we simply define a local port and public port that’s the same for each VM. For example, we can open port 80 (public) and map it to port 80 (private) for our SharePoint Web Servers. If we do this a second time, Windows Azure recognizes that we want this port to be load balanced against all the virtual machines we’ve specified.

Let’s also take a minute to talk about probes. A probe is a method used to check the health of a server, especially in a load balanced set. For example, you may have 3 SharePoint Web Servers but one of them is down. The probe can detect this and prevent users from hitting that server. This is also useful in cases where you just don’t want users accessing one of the servers (to apply updates, let’s say).

Following the sample from Paul Stubbs, we’ll use this snippet:

^?View Code POWERSHELL

1 2	Add-AzureEndpoint -Name 'http' -LBSetName 'lbhttp' -LocalPort 80 -PublicPort 80 ` -Protocol tcp -ProbeProtocol http -ProbePort 80 -ProbePath '/healthcheck/iisstart.htm'

In this example, we’re asking Windows Azure to use the “http” protocol on port 80 and target the iisstart.htm page. For this to work, the machine much have a website at that path that’s alive. If not, the probe will fail and users won’t be routed to that machine. For our scenario, we’ll keep the IIS “Default Web Site” to use for probing purposes.

SharePoint Servers

Now, it gets much easier. We’re going to provision the rest of the SharePoint Farm. Once again, let’s do a quick connection test. Open Windows Azure PowerShell and type in the following:

^?View Code POWERSHELL

1	Get-AzureSubscription \| Select SubscriptionName, CurrentStorageAccount

Hopefully you can still connect. Next, we’ll assign some values to our account variables as we did before. Remember to use the values you got when you ran the last command.

^?View Code POWERSHELL

# your imported subscription name
$subscriptionName = "Windows Azure Internal Consumption"
$storageAccount = "wahidstore"
AzureSubscription $subscriptionName
Set-AzureSubscription $subscriptionName -CurrentStorageAccount 
$storageAccount

Now, we’re going to specify parameters for a new Cloud Service. In my previous example, I used CS-ArchSP2013. For this one, I’m going to call it ArchSharePoint. Use any name that’s available, to test for available names, use Test-AzureName –Service ‘<your chosen name>’

^?View Code POWERSHELL

# Cloud Service Paramaters
$serviceName = "ArchSharePoint"
$serviceLabel = "ArchSharePoint"
$serviceDesc = "Cloud Service for SharePoint Farm"

Now, I’ll specify the networking parameters using the same $vnetname, $ag, and $primaryDNS as before but the other $subnetName I created.:

^?View Code POWERSHELL

# Network Paramaters
$vnetname = 'vNet-Arch'
$subnetName = 'SharePoint'
$ag = 'AG-SharePoint-Arch'
$primaryDNS = '192.168.1.4'

If you’re creating a brand new farm, rather than using uploaded images, specify these two parameters too:

^?View Code POWERSHELL

#VM Image names taken from: Get-AzureVMImage | select Label, ImageName | 
fl<br />$spimage= 
'MSFT__Win2K8R2SP1-120612-1520-121206-01-en-us-30GB.vhd'<br />$sqlimage = 
'MSFT__Sql-Server-11EVAL-11.0.2215.0-05152012-en-us-30GB.vhd'

Next, we’ll specify a few availability sets. Think of availability sets as a way to configure high availability. We’re telling Windows Azure that VMs in an availability set have the same role. This instructs Windows Azure to put these VMs on different racks and/or different servers to avoid any single points of failure.

^?View Code POWERSHELL

# Availability Sets
$avsetwfe = 'avset-arch-web'
$avsetapps = 'avset-arch-apps'
$avsetsql = 'avset-arch-sql'

Specify a location for these VMs. I’ve created a folder under my “vhds” container called “Arch” and I want these VMs to go there.

^?View Code POWERSHELL

1 2	# MediaLocation $mediaLocation = "http://wahidstore.blob.core.windows.net/vhds/Arch/"

The next thing we’re going to specify is the VM configuration. Since there’s a lot going on in the next set of PowerShell scripts, let me explain. The $size variable is self-explanatory. I’m going to use “Large” which gives me 4 cores and 7 GB of RAM. The recommendation here is to use smaller VM’s that you can scale out (my adding more), rather than Extra Large VMs. You pay for compute hours based on the size, so many times several smaller ones are better than fewer larger ones.

For $vmStorageLocation, we’re going to specify the $mediaLocation above, plus a name for the vhd. If you uploaded VM’s use the name of the vhd you uploaded.

I’m going to skip it below, but you can use the following command to automate joining the domain by piping it after $vmLocaction:

^?View Code POWERSHELL

$vmStorageLocation | 
Add-AzureProvisioningConfig -WindowsDomain -Password $dompwd `
-Domain $domain -DomainUserName $domuser -DomainPassword $dompwd `
-MachineObjectOU $advmou -JoinDomain $joindom

So, let’s define our VM configuration:

^?View Code POWERSHELL

## Create SP Web1
$size = "Large"
$vmStorageLocation = $mediaLocation + "Arch-SPWeb1.vhd"
$spweb1 = New-AzureVMConfig -Name 'Arch-SPWeb1' -AvailabilitySetName 
$avsetwfe `
-DiskName $vmStorageLocation -InstanceSize $size | Add-AzureEndpoint -Name 'https' -LBSetName 'lbhttps' -LocalPort 443 
-PublicPort 443 `
-Protocol tcp -ProbeProtocol http -ProbePort 80 -ProbePath '/healthcheck/iisstart.htm' | Set-AzureSubnet $subnetName

Note: If you’re creating new VMs, rather than using uploaded VMs, make the following changes.

§ Change –DiskName $vmStorageLocation to –ImageName $spimage (or $sqlimage for the SQL servers).

§ After –InstanceSize $size, type in –MediaLocation $vmStorageLocation

§ After Set-AzureSubnet $subnetName, add the following line:

Add-AzureProvisioningConfig -Password ‘pass@word1′ -Windows

We can copy the above set of commands as a template to build out our farm. In my case, I’ve got another SharePoint Web Server, a SharePoint App Server, and an Office Web Apps server.

^?View Code POWERSHELL

## Create SP Web2
$size = &quot;Large&quot;
$vmStorageLocation = $mediaLocation + "Arch-SPWeb2.vhd"
$spweb2 = New-AzureVMConfig -Name 'Arch-SPWeb2' -AvailabilitySetName 
$avsetwfe `
-DiskName $vmStorageLocation -InstanceSize $size | Add-AzureEndpoint -Name 'https' -LBSetName 'lbhttps' -LocalPort 443 -PublicPort 443 `
-Protocol tcp -ProbeProtocol http -ProbePort 80 -ProbePath '/healthcheck/iisstart.htm' | Set-AzureSubnet $subnetName
 
## Create SP App1
$size = "Large"
$vmStorageLocation = $mediaLocation + "Arch-SPApp1.vhd"
$spapp1 = New-AzureVMConfig -Name 'Arch-SPApp1' -AvailabilitySetName 
$avsetwfe `
-DiskName $vmStorageLocation -InstanceSize $size | Add-AzureEndpoint -Name 'https' -LBSetName 'lbhttps' -LocalPort 443 
-PublicPort 443 `
-Protocol tcp -ProbeProtocol http -ProbePort 80 -ProbePath '/healthcheck/iisstart.htm' | Set-AzureSubnet $subnetName
 
## Create WAC
$size = "Large"
$vmStorageLocation = $mediaLocation + "Arch-WAC1.vhd"
$wac1 = New-AzureVMConfig -Name 'Arch-WAC1' -AvailabilitySetName $avsetwfe 
`
-DiskName $vmStorageLocation -InstanceSize $size | Add-AzureEndpoint -Name 'https' -LBSetName 'lbhttps' -LocalPort 443 -PublicPort 443 `
-Protocol tcp -ProbeProtocol http -ProbePort 80 -ProbePath '/healthcheck/iisstart.htm' | Set-AzureSubnet $subnetName

Similarly, I’m going to specify the configuration for the SQL Server. There’s not much different here except that I don’t need to create an endpoint. However, I do want to create a data disk. Refer to Part 2 on storage for an explanation:

^?View Code POWERSHELL

## Create SQL Server1 
$size = "Large"
$vmStorageLocation = $mediaLocation + "Arch-SQL1.vhd"
$spsql1 = New-AzureVMConfig -Name 'Arch-SQL1' -AvailabilitySetName 
$avsetsql -DiskName $vmStorageLocation -InstanceSize $size | 
Add-AzureDataDisk -CreateNew -DiskSizeInGB 100 -DiskLabel 'data' -LUN 0 –HostCaching “None” | 
Set-AzureSubnet $subnetName

Now, DOUBLE-CHECK everything before you move forward. Undoing this configuration can be complicated. We have just created our configurations, nothing has actually happened just yet, that’s what’s the following commands do:

^?View Code POWERSHELL

$dns1 = New-AzureDns -Name 'DNS1' -IPAddress $primaryDNS
New-AzureVM -ServiceName $serviceName -ServiceLabel $serviceLabel `
-ServiceDescription $serviceDesc `
-AffinityGroup $ag -VNetName $vnetname -DnsSettings $dns1 `
-VMs $spweb1,$spweb2,$spapp1,$wac1, $spsql1

Hit Enter and away it goes. If you run into any problems, I’ll try to cover the ones I’ve encountered in the next article. If everything went smooth, you’ll see something like the screenshot below. This will take a few minutes, sit back and enjoy some coffee or something. In my demo, this was taking a while on the second VM and I really wanted to hit CTRL+C or something, DON’T – just be patient.

{ 0 comments }

Mar
29

SharePoint on Windows Azure – Part 3: Networking

This entry is part 2 of 4 in the series SharePoint on Windows Azure

Rating: 5.0/5 (1 vote cast)

By now, I hope you’ve read Part 1: Introduction to get everything set up and ready.

Much of the documentation on Windows Azure is confusing when it comes to networking. There are a few reasons for this:

Networking, specifically virtual networks were released later in the lifecycle.
Since Windows Azure has its beginnings in PaaS, the concepts don’t necessarily apply to IaaS.
Terminology changed, for example “Cloud Service” was first called “Hosted Service,” and some API’s still use the term.

Networking Definitions

If you keep those things in mind, and pay attention to the date of publication for whatever article you’re reading, it should help you understand what’s being written about. In this article, I’m going to highlight just a few networking concepts as they relate to IaaS and then we’ll start creating our network.

There are 3 definitions we need to know to start:

Virtual Private Network (VPN) – A VPN creates a private network that operates like a local network but spans greater distances. We’re not going to create a VPN for our scenarios, however you could do so to protect your Windows Azure virtual machines from external access.

Virtual Network – A virtual network in Windows Azure is a container where you define the IP address ranges your virtual machines may use. Windows Azure uses infinite-lease DHCP addresses and you can’t assign static IP addresses.

By defining your IP addresses with a virtual network, you can control which IP’s are given to your virtual machines.
This is also where you can define a DNS server. Any virtual machine in a specific virtual network will be automatically assigned the DNS server specified.
Finally, you must assign an Affinity Group to your virtual network. This way, all VMs in your virtual network can be hosted closely together (i.e., same datacenter).

Cloud Service – Formerly called Hosted Service. A Cloud Service comes from the PaaS world but allow me describe how it’s useful in the IaaS world. A Cloud Service is also another container. You can assign a subnet to a Cloud Service, which allows you better control of how your IP addresses are assigned. We’ll use this concept later for our domain controllers. Cloud Services have other benefits as well:

Separation of “roles,” which allow you to start up one Cloud Service before others start. For example, our domain controllers will be in their own Cloud Service and we want this one to start up first since everything else depends on it.
Separation of “roles” also permits us to have different external entry points. For example, we’ll open up ports 80 and 443 for SharePoint but we don’t want these open for our domain controllers.
By creating two or more endpoints within a Cloud Service that have the same port number, Windows Azure recognizes a need for a load balancer and automatically load balances those endpoints.
You have the ability to export and import configurations of a Cloud Service. We’ll look at this in more detail later and why it’s so important.
Virtual Machines within a Cloud Service can communicate freely over any port and protocol. Cloud Services within a Virtual Network can also communicate freely over any port and protocol.

So with that, I hope I’ve convinced you to use Virtual Networks and Cloud Services wisely to design your network and SharePoint Farms. Without using these concepts, you could have problems with farms communicating with each other, DNS issues, security issues due to exposing too many endpoints and complicated setup of load balancing.

Paul Stubbs (@paulstubbs) was the source again for most of this information and I’ve added a link to his blog in the resources section.

Virtual Network

We want to create a virtual network and an associated Affinity Group. We’ll do this using PowerShell because it’s easier, repeatable, and it documents what we’re doing. First, we need to create an XML-based configuration file. Use your favorite text editor (mine is Notepad++) and create a new file with the following contents:

^?View Code XML

<NetworkConfiguration xmlns:xsd="http://www.w3.org/2001/XMLSchema" 
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 
xmlns="http://schemas.microsoft.com/ServiceHosting/2011/07/NetworkConfiguration">
 
<VirtualNetworkConfiguration>
 <Dns>
   <DnsServers>
     <DnsServer name="DNS1" IPAddress="192.168.1.4" />
   </DnsServers>
 </Dns>
   <VirtualNetworkSites>
     <VirtualNetworkSite name="vNet-Corp" AffinityGroup="AG-Arch-SharePoint">
       <AddressSpace>
         <AddressPrefix>192.168.0.0/16</AddressPrefix>
       </AddressSpace>
     <Subnets>
       <Subnet name="DomainControllers">
         <AddressPrefix>192.168.1.0/29</AddressPrefix>
       </Subnet>
       <Subnet name="SharePoint">
         <AddressPrefix>192.168.2.0/24</AddressPrefix>
       </Subnet>
     </Subnets>
         <DnsServersRef>
             <DnsServerRef name="DNS1" />
         </DnsServersRef>
       </VirtualNetworkSite>
     </VirtualNetworkSites>
   </VirtualNetworkConfiguration>
</NetworkConfiguration>

Name this file SharePointFarmVNET.xml. Feel free to change the network range and subnets to your desire. However, keep the following things in mind:

By default, Windows Azure assigns the first VM an x.x.x.4 address. We’ll spin up our domain controller first, which will be our DNS server so it will have that .4 address. You should probably keep this as is.
We want our domain controllers to have a small IP range. In CIDR notation, a /30 gives you just 2 usable host addresses but Windows Azure doesn’t allow this. The next smallest is a /29, which gives 6 usable host addresses so that’s what we’ll use.
You can add as many DNS addresses as you want.
All the Subnets must be a part of the overall Address Prefix. Search for “subnet calc” online to find calculators if you want more specific IP address ranges and read up on “CIDR notation.”

Now that we’ve defined our network, let’s create it. First, let’s do a quick connection test. Open Windows Azure PowerShell and type in the following:

^?View Code POWERSHELL

1	Get-AzureSubscription \| Select SubscriptionName, CurrentStorageAccount

Next, we’ll assign those values to some variable. I’m going to use my values, be sure to substitute these for your own.

^?View Code POWERSHELL

$subscriptionName = "Windows Azure Wahid"
$storageAccount = "wahidstore" 
Select-AzureSubscription $subscriptionName 
Set-AzureSubscription $subscriptionName -CurrentStorageAccount $storageAccount

Next, we need to pick an Affinity Group. To see a list, use:

^?View Code POWERSHELL

1	Get-AzureLocation \| Select Name

Select one and specify it below for $AGLocation. The Affinity Group is one of the most important decisions you can make. Everything will be tied to this. I made a mistake once and chose the wrong Affinity Group and to change it, I had to delete my virtual network, storage account, VMs and a bunch of other things. The Affinity Group you choose here must be in the same datacenter as your disks (storage account).

^?View Code POWERSHELL

# Affinity Group parameters 
$AGLocation = "East US"
$AGDesc = "SharePoint 2013 Architecture Affinity Group"
$AGName = "AG-Arch-SharePoint" 
$AGLabel = "AG-Arch-SharePoint"

Now we’ll create the Affinity Group:

^?View Code POWERSHELL

1
2
3

# Create a new Affinity Group 
New-AzureAffinityGroup -Location $AGLocation -Description $AGDesc ` 
-Name $AGName -Label $AGLabel

We shouldn’t have a virtual network configuration but if you do and want to clear it, use:

^?View Code POWERSHELL

1	Remove-AzureVNetConfig -ErrorAction SilentlyContinue

Finally, we apply the network configuration

^?View Code POWERSHELL

1
2
3

# Apply new network. Either use the full path or run PowerShell from the location of the XML file.
$configPath = "C:\Scripts\Azure\SharePointFarmVNET.xml" 
Set-AzureVNetConfig -ConfigurationPath $configPath

That’s it, we’ve created an Affinity Group and virtual network. To verify and check our results, type in:

^?View Code POWERSHELL

1	Get-AzureVNetConfig \| Select -ExpandProperty XMLConfiguration

Domain Controllers

Next, we’ll create our Cloud Service container and domain controller. Most of this should be self-explanatory.

If you’ve uploaded your vhds, just follow along.
If you’re creating brand new vhds, pay special attentions to the notes.

For $diskname, put in the value of the disk that has been uploaded. And for $subnet, $vnetname, and $ag, use the values from the previous steps, when you created them.

Remember, csupload adds the disks to the repository for you but CloudXPlorer or other tools may not. First, check to see if the disk is in the repository by typing:

^?View Code POWERSHELL

1	Get-AzureDisk \| select diskname

If it’s not there, you’ll have to add it now. For example,

^?View Code POWERSHELL

1	Add-AzureDisk -DiskName "Arch-DC-1.vhd" -MediaLocation "https://wahidstore.blob.core.windows.net/vhds/Arch-DC-1.vhd" -OS Windows

Let’s continue. The commands below setup the variables, create a VM configuration and setup the Cloud Service variable.

Note: If you don’t have an existing vhd in Azure and just want to create a new one, comment out the $diskname and uncomment the last 3 lines.

^?View Code POWERSHELL

## Domain Controller 1 Parameters
$vmName = 'Arch-DC-1'
$diskName = "Arch-DC-1.vhd"
$size = "ExtraSmall"
$deploymentName = "SP2013-DC1-Deployment"
$deploymentlabel = "SharePoint 2013 DC1 Deployment"
$subnet = "DomainControllers"
#$imageName = 'MSFT__Win2K8R2SP1-120612-1520-121206-01-en-us-30GB.vhd'
#$vmStorageLocation = "http://wahidstore.blob.core.windows.net/vhds/Arch-DC-1.vhd"
#$password = "pass@word1"

Now we create the VM configuration.

Note: If you’re creating a new vhd instead of using one that was uploaded, uncomment and use the second set of commands instead of the one that follows.

^?View Code POWERSHELL

1
2
3

## Create VM Configuration if using uploaded vhd
$dc1 = New-AzureVMConfig -Name $vmName -InstanceSize $size -DiskName $diskName | Add-AzureEndpoint -Name 'RemoteDesktop' -LocalPort 3389 –PublicPort (Get-Random –Min 10000 –Max 65000) -Protocol tcp
Set-AzureSubnet -SubnetNames $subnet -VM $dc1

I found that when creating VMs this way, no endpoints are created. If you want to be able to use Remote Desktop to administer the machine, you need to add the endpoint like I’ve done above (using Add-AzureEndpoint).

^?View Code POWERSHELL

## Create VM Configuration if creating new VM
#$dc1 = New-AzureVMConfig -Name $vmName -InstanceSize $size -ImageName $imageName -MediaLocation $vmStorageLocation 
#Add-AzureProvisioningConfig -Windows -Password $password -VM $dc1
#Set-AzureSubnet -SubnetNames $subnet -VM $dc1

The rest is the same whether you’re just attaching an existing vhd or creating from from an image:

^?View Code POWERSHELL

## Cloud Service Paramaters 
$serviceName = "ArchDC"
$serviceLabel = "ArchDC"
$serviceDesc = "Architecture Domain Controllers"
$vnetname = 'vNet-Arch'>
$ag = 'AG-Arch-SharePoint'

When we do the next part, New-AzureVM, it will first create the Cloud Service for us and then create the VM using the disk we specified.

^?View Code POWERSHELL

1 2	## Create the VM(s) New-AzureVM -ServiceName $serviceName -ServiceLabel $serviceLabel -ServiceDescription $serviceDesc -AffinityGroup $ag -VNetName $vnetname -VMs $dc1

My output looks like this:

032913 2240 SharePointo1 SharePoint on Windows Azure Part 3: Networking

So let’s wrap up. We’ve created a virtual network with 2 subnets, we’ve created a Cloud Service in that virtual network, and we just created a virtual machine in that Cloud Service. Here’s how our little deployment looks right now:

032913 2240 SharePointo2 SharePoint on Windows Azure Part 3: Networking What’s next? We’ll create our SharePoint Farm, including the SQL Servers.

Resources

Paul Stubbs Blog: http://blogs.msdn.com/b/pstubbs

{ 0 comments }

← Previous Entries

a sharepoint blog.

SharePoint on Windows Azure – Part 3: Networking

Networking Definitions

Virtual Network

Domain Controllers

Resources

Recent Posts

Sponsors

Connect

Translate

Archives

a sharepoint blog.

SharePoint on Windows Azure – Part 4: SharePoint Farm

Endpoints

SharePoint Servers

SharePoint on Windows Azure – Part 3: Networking

Networking Definitions

Virtual Network

Domain Controllers

Resources

Recent Posts

Sponsors

Connect

Translate

Tags

Archives