SlideShare a Scribd company logo

T3 - Design, deploy, and optimize Microsoft SharePoint on AWS - Zlatan Dzinic

SPS Monaco
SPS Monaco

This document provides an overview of designing, deploying, and optimizing Microsoft SharePoint on AWS. It covers fundamental architectural concepts like VPC networking, Active Directory, and remote access. It also describes common SharePoint on AWS architectures like using AWS Marketplace builds, hybrid configurations with AWS as a DR site, and multi-AZ SharePoint implementations. The document concludes by discussing best practices for EC2, SQL Server, migration, and going beyond basic IaaS with SharePoint on AWS.

1 of 36
Download to read offline
© 2016, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Design, Deploy, and Optimize Microsoft SharePoint on AWS Lou De La Torre, Solutions Architect Zlatan Dzinic, Senior Consultant November 30, 2016 WIN304
What We’ll Cover: Everything SharePoint on AWS The Fundamentals Architectural Scenarios Best Practices > EC2 Networking Active Directory Remote Access Purchasing Options The Fundamentals Architectural Scenarios Best Practices > Marketplace Builds Hybrid: AWS as a DR Site Multi-AZ SharePoint SharePoint 2016 Quick Start The Fundamentals Architectural Scenarios Best Practices > Amazon EC2 Best Practices SQL Best Practices Migration Best Practices Going Beyond IaaS
Fundamentals: Single VPC Patterns Public and Privately Routed VPC This design pattern is used for workloads that need to accommodate a combination of public and private routing needs, such as all-in Internet-facing, multi-tier web applications supported by databases or other privately routed backend systems. Internal-Only VPC This design pattern is used to create a network environment that is only accessible from an existing, internal network, such as internally facing or back- office systems. On-Premises and Internet- Accessible VPC This design pattern is used to create a network environment that has the ability to communicate with both on-premises (privately routed) and external (publicly routed) resources Internet-Accessible VPC This design pattern is primarily used for test, R&D, sales demo, production, and other environments that require a network environment that is completely isolated from a customer’s internal network. For more info on configuring VPCs, see AWS Answers for Networking.
Internet Gateway Highly available VPC component that allows communication between instances in your VPC and the Internet a NAT Gateway Enable instances in a private subnet to connect to the Internet or other AWS services, but prevent the Internet from initiating a connection with those instances a Virtual Private Network (VPN) a Virtual Private Gateway (VPG) a AWS Direct Connect a For more info on configuring external access, see Amazon VPC for On-Premises Network Engineers, Part One. Fundamentals: External Connectivity
Fundamentals: Active Directory Patterns Directory Trusts Extending On-Premises Directory Over Secure Connections to AWS Using Either Active Directory or AWS Directory Service for Microsoft AD. Federated Trusts Building Federated Trusts From On-Premise to AWS Using Active Directory Federation Services or Other SAML Compliant Software and Services. Availability Zone On-Premises Data Center VPN Direct Connect Domain Controller Domain Controller on Amazon EC2 Either/Or AWS Directory Service On-Premises Data Center Internet WAP / ADFS Secure Domain Controller on Amazon EC2 Domain Controller WAP/ADFS on Amazon EC2
See the Remote Desktop Gateway on the AWS Cloud: Quick Start for additional info The Fundamentals: Remote Access
The Fundamentals: Purchasing Options For more info on licensing Windows on AWS, see Microsoft Licensing on AWS. Options for using Microsoft software licenses on the AWS Cloud Buy Licenses From AWS Bring Licenses To AWS 2,300+ products available for 1-click deployment across 35 distinct product categories, including several SharePoint 2013 & 2016 builds ranging from single-server to multiple- server builds. If you’ve already purchased Microsoft software, bring your own licenses (BYOL) to the AWS Cloud and extend the lifecycle of your software without additional hardware costs. Using license-included instances allows you access to fully compliant Microsoft software licenses bundled with Amazon EC2 and ability to pay for them as you go with no upfront costs or long-term investments.
What We’ll Cover: Everything SharePoint on AWS The Fundamentals Architectural Scenarios Best Practices > Marketplace Builds Hybrid: AWS As a DR Site Multi-AZ SharePoint SharePoint 2016 Quick Start
Browse, Test, and Buy Enterprise Software a Simplified Procurement Process a Consume as Needed Without Overprovisioning Architecture: Marketplace One AWS Bill a Consume Hourly, Monthly, Annually a Customers run over 143M hours of software per month
Architecture: Marketplace SharePoint Enterprise 2016 for AWS "All In One" for SME or Line of Business implementation. Best for Test or Development teams working on short-term development projects, to share and collaborate on new ideas and engage in social conversations. SharePoint Enterprise 2016 All In One Availability Zone Subnet Windows Server 2012R2 Active Directory Domain Services SQL Server 2014 Enterprise SharePoint Server 2016 Internet Gateway
Architecture: Marketplace Availability Zone Subnet Windows Server 2012R2 Active Directory Domain Services Internet Gateway Subnet Windows Server 2012R2 SQL Server 2014 Enterprise Subnet Windows Server 2012R2 SharePoint Server 2016 SharePoint Enterprise 2016 Business SharePoint Enterprise 2016 is well suited for enterprises looking for a collaboration tool in multiple geo-locations, including support for external users.
Architecture: AWS As a DR Site Higher RTO Lower RTO Backup & Restore Pilot Light Spectrum of Disaster Recovery Options Back up to S3 with AWS Storage Gateway a Replace On-Premises Tape System a Leverage Amazon Glacier for Data Archiving SQL Server Log Shipping over VPN or Direct Connect a EC2 Instances in Stopped State a Cool DR Site with Lower Costs Warm Site SQL Server Asynchronous Always- On Availability Group over Direct Connect a EC2 Instances in Running State a
Architecture: AWS As a DR Site Minimal Amount of Running Infrastructure on AWS Keeps Costs Low Backup & Restore Typically Longer RTO For more info on configuring backup and recovery, see Enterprise Backup and Recovery On-Premises to AWS. For more info on configuring AWS Storage Gateway, see AWS Storage Gateway Documentation. Availability Zone Direct Connect, VPN or HTTPS On-Premises Data Center HTTPS AWS Storage Gateway VM Storage: Direct Attached or SAN APP Server WFE Server SharePoint EC2 Instances in Stopped State SQL Server EC2 Instance in Stopped State AWS DR SharePoint Farm APP Server WFE Server On-Premises SharePoint Farm App Server Backup Server Supporting iSCSI, CIFS, SMB SQL Server SQL Server EBS Volume Storage Gateway Service S3 Bucket WFE Server WFE Server
Architecture: AWS As a DR Site Small Amount of Running EC2 Infrastructure on AWS Pilot Light SQL Log Shipping Increases Automation of Database Layer Backup and Restore Operations For more info on configuring log shipping between on premises and AWS, see Deploying Microsoft SQL Server on Amazon Web Services. For more info on configuring a pilot light DR environment on AWS, see Using Amazon Web Services for Disaster Recovery. Availability Zone Transaction Log Shipping Direct Connect or VPN Transaction Log Replay APP ServerAPP Server WFE ServerWFE Server SharePoint EC2 Instances in a stopped state AWS DR SharePoint Farm SQL Server On-Premises Data Center On-Premises SharePoint Farm WFE Server WFE Server App Server App Server SQL Server
Architecture: AWS As a DR Site Lower RTOs Require More Running EC2 Infrastructure on AWS AlwaysOn Availability Group(s) Further Increase Automation of Database Synchronization/Restore Warm Site For more info on configuring always- on availability groups between on premises and AWS, see Deploying Microsoft SQL Server on Amazon Web Services. Availability Zone APP ServerAPP Server WFE ServerWFE Server SharePoint EC2 Instances in a running state AWS DR SharePoint Farm SQL Server On-Premises Data Center On-Premises SharePoint Farm WFE Server WFE Server App Server App Server SQL Server SQL Server Asynchronous Commit SQL Server Always On Availability Group Sync Direct Connect or VPN
Architecture: Multi-AZ SharePoint Single Production Farm Database Backups Shipped Offsite and/or Replicated to Alternate Data Center Typical SharePoint DR Plan Involves a Full Farm Rebuild Followed by a Restore of Content Database Backups Typical On-Premises SharePoint Setup Data Center #1 Storage Volumes or Database Backups Synchronized/ Replicated to Alternate Datacenter Production SharePoint Farm Data Center #2 Database Backups Located on Tape Media Transported to Offsite Facility
Architecture: Multi-AZ SharePoint AWS Multi-AZ Design Pattern AWS is built around Regions and Availability Zones (AZs) Region is a physical location in the world where we have multiple Availability Zones Availability Zones consist of one or more discrete fault tolerant data centers, each with redundant power, networking and connectivity Availability Zones are connected to each other with private fiber-optic low-latency links You can achieve High Availability by deploying your application that spans across multiple Availability Zones Data Center Redundancy Achieved with Little or No Effort! Availability Zone #1 Web Server DB Server Web Server DB Server Single Application Boundary Spanning Multiple AZs Synchronous Replication / Automatic Failover Availability Zone #2Low Latency
Architecture: Multi-AZ SharePoint VPC, Two AZs, Single Public and Multiple Private Subnets a Include Remote Access, NAT Gateways and Active Directory a Stretched SharePoint Farm Spanning Multiple AZs Providing Data Center Redundancy a Multi-AZ Reduces Risk Profile and Simplifies DR Planning AWS Multi-AZ SharePoint 2013 Availability Zone #1 Web Tier (Subnet) App Tier (Subnet) Directory Tier (Subnet) Web Tier (Subnet) App Tier (Subnet) Data Tier (Subnet) Directory Tier (Subnet) Availability Zone #2 VPC NAT Gateway Public Tier (Subnet) Data Tier (Subnet) Windows Server RD Gateway VPC NAT Gateway Public Tier (Subnet) Windows Server RD Gateway Domain Controller Domain Controller Availability Zone #1 Directory Tier (Subnet) Web Tier (Subnet) App Tier (Subnet) Data Tier (Subnet) Directory Tier (Subnet) Availability Zone #2 AWS ELB VPC NAT Gateway Public Tier (Subnet) Data Tier (Subnet) Windows Server RD Gateway VPC NAT Gateway Public Tier (Subnet) Windows Server RD Gateway SQL Server SQL Server S SharePoint WFE S SharePoint APP Web Tier (Subnet) App Tier (Subnet) Domain Controller Domain ControllerS SharePoint APPS SharePoint WFE Always On Availability Group (Synchronous)
Fully Supported to Run a SharePoint DR Farm/Two-Region DR Pattern on AWS for SharePoint AWS Supports Traditional Two- Data Center Patterns Architecture: Multi-AZ SharePoint Availability Zone #1 Directory Tier (Subnet) Web Tier (Subnet) App Tier (Subnet) Directory Tier (Subnet) Availability Zone #2 AWS ELB VPC NAT Gateway Windows Server RD Gateway VPC NAT Gateway Public Tier (Subnet) Windows Server RD Gateway SQL Server Domain Controller Domain Controller Region US East Region US West Web Tier (Subnet) App Tier (Subnet) Data Tier (Subnet) Directory Tier (Subnet) Availability Zone #1 VPC NAT Gateway Public Tier (Subnet) Windows Server RD Gateway Domain Controller Always On Availability Group (Asynchronous) SQL Server Data Tier (Subnet) VPN DR Farm S SharePoint APPS SharePoint WFE Public Tier (Subnet) Web Tier (Subnet) App Tier (Subnet) S SharePoint APPS SharePoint WFE S SharePoint APPS SharePoint WFE Data Tier (Subnet) SQL Server Always On Availability Group (Synchronous) Production Farm Availability Zone #1
Architecture: SharePoint 2016 Minimum Size SharePoint 2016 MinRole Farm a Does Not Provide HA MinRole SharePoint Availability Zone #1 Directory Tier (Subnet) Web Tier (Subnet) App Tier (Subnet) Data Tier (Subnet) Directory Tier (Subnet) Availability Zone #2 AWS ELB VPC NAT Gateway Public Tier (Subnet) Data Tier (Subnet) Windows Server RD Gateway VPC NAT Gateway Public Tier (Subnet) Windows Server RD Gateway SQL Server S SharePoint Front-end S SharePoint Search Web Tier (Subnet) App Tier (Subnet) Domain ControllerS SharePoint Application S SharePoint Distributed Cache
Architecture: SharePoint 2016 HA SharePoint 2016 MinRole Farm a Supports No Downtime Patching MinRole SharePoint Availability Zone #1 Directory Tier (Subnet) Web Tier (Subnet) App Tier (Subnet) Data Tier (Subnet) Directory Tier (Subnet) Availability Zone #2 AWS ELB VPC NAT Gateway Public Tier (Subnet) Data Tier (Subnet) Windows Server RD Gateway VPC NAT Gateway Public Tier (Subnet) Windows Server RD Gateway SQL Server SQL Server Web Tier (Subnet) App Tier (Subnet) Domain Controller Domain Controller S SharePoint Application Always On Availability Group (Synchronous) S SharePoint Front-end S SharePoint Distributed Cache S SharePoint Search S SharePoint Distributed Cache S SharePoint Distributed Cache S SharePoint Application S SharePoint Search S SharePoint Front-end
Architecture: SharePoint 2016 HA SharePoint 2016 MinRole Farm a Supports No Downtime Patching Add Office Online Server and Workflow Manager MinRole SharePoint Availability Zone #1 Directory Tier (Subnet) Web Tier (Subnet) App Tier (Subnet) Data Tier (Subnet) Directory Tier (Subnet) Availability Zone #2 AWS ELB VPC NAT Gateway Public Tier (Subnet) Data Tier (Subnet) Windows Server RD Gateway VPC NAT Gateway Public Tier (Subnet) Windows Server RD Gateway SQL Server SQL Server Web Tier (Subnet) App Tier (Subnet) Domain Controller Domain Controller S SharePoint Application Always On Availability Group (Synchronous) S SharePoint Front-end S SharePoint Distributed Cache S SharePoint Search S SharePoint Distributed Cache S SharePoint Distributed Cache S SharePoint Application S SharePoint Search S SharePoint Front-end Office Online Server Office Online Server Workflow Manager Workflow Manager Workflow Manager
Architecture: SharePoint 2016 MinRole Enhancements a Supports Shared Roles a Minimum Number of Farm Servers for HA = 4 SharePoint 2016 Feature Pack1 Availability Zone #1 Directory Tier (Subnet) Web Tier (Subnet) App Tier (Subnet) Data Tier (Subnet) Directory Tier (Subnet) Availability Zone #2 AWS ELB VPC NAT Gateway Public Tier (Subnet) Data Tier (Subnet) Windows Server RD Gateway VPC NAT Gateway Public Tier (Subnet) Windows Server RD Gateway SQL Server SQL Server Web Tier (Subnet) App Tier (Subnet) Domain Controller Domain Controller Always On Availability Group (Synchronous) S SharePoint Front-end with Distributed Cache S SharePoint Application with Search S SharePoint Front-end with Distributed Cache S SharePoint Application with Search
Architecture: SharePoint Quick Start AWS CloudFormation Automated Build Extensible JSON AWS CloudFormation Templates Available on GitHub Creates “Stacks” of AWS Resources Bring Your Own License for SharePoint DevOps for SharePoint
Architecture: SharePoint Quick Start 1. Prepare an AWS Account. 2. Configure and Launch the Stack. 3. Configure Availability Group(s). 4. Done! Deployment Steps Template takes about 3 hours to complete Default template will cost about $12 per hour
What We’ll Cover: Everything SharePoint on AWS The Fundamentals Architectural Scenarios Best Practices > EC2 Best Practices SQL Best Practices Migration Best Practices Going Beyond IaaS
Best Practices: EC2 Networking Security Network ACLs • Optional Layer of Security • Subnet Level (Second Layer of Defense) • ALLOW and DENY Rules • Stateless (Return Traffic Not Automatically Allowed) • Rules Evaluated in Order • Automatically Applies to All Instances in Subnet Security Groups • Instance Level (First Layer of Defense) • Instances Can Associate to Multiple Security Groups • ALLOW Rules Only • Stateful (Return Traffic Automatically Allowed) • Security Group Must be Specified for an Instance Group Availabilty Zone Data Tier (10.0.32.0/20) Web Tier (10.0.64.0/20) Public Tier (10.0.96.0/20) acl-2020 (SQL Traffic) Directory Tier (10.0.0.0/19) VPC (10.0.0.0/16) acl-1010 (Domain Traffic) ELB acl-2222 (SQL Traffic) acl-1111 (Domain Traffic) Inbound Rules: Rule # Type Protocol Port Range Source Allow/Deny 100 DNS (TCP) (53) TCP (6) 53 10.0.32.0/20 ALLOW 300 LDAP (389) TCP (6) 389 10.0.32.0/20 ALLOW Inbound Rules: Rule # Type Protocol Port Range Source Allow/Deny 100 MS SQL (1433) TCP (1433) 1433 10.0.64.0/16 ALLOW ... S SharePoint Front-end S SharePoint Front-end sg-3030, sg-4040 sg-3030, sg-4040 SQL Server sg-2020 Domain Controller sg-1010 Availabilty Zone Data Tier (10.0.32.0/20) S SharePoint Front-end Web Tier (10.0.64.0/20) Public Tier (10.0.96.0/20) S SharePoint Front-end sg-3030, sg-4040 sg-2020 (SQL Traffic) Directory Tier (10.0.0.0/19) VPC (10.0.0.0/16) sg-3030, sg-4040 sg-1010 (Domain Traffic)sg-3030 (HTTP Traffic) Inbound Rules: Type Protocol Port Range Source DNS (TCP) (53) TCP (6) 53 10.0.32.0/20 DNS (TCP) (53) TCP (6) 53 sg-2020 LDAP (389) TCP (6) 389 10.0.32.0/20 LDAP (389) TCP (6) 389 sg-2020 Inbound Rules: Type Protocol Port Range Source MS SQL (1433) TCP (1433) 1433 10.0.64.0/16 MS SQL (1433) TCP (1433) 1433 sg-4040 Inbound Rules: Type Protocol Port Range Source HTTP (80) TCP (6) 80 10.0.96.0/20 HTTP (443) TCP (6) 443 10.0.96.0/20 Inbound Rules: Type Protocol Port Range Source Custom TCP TCP (6) 808 10.0.64.0/20 Custom TCP TCP (6) 32843 10.0.64.0/20 Custom TCP TCP (6) 32844 10.0.64.0/20 Custom TCP TCP (6) 22233-22236 10.0.64.0/20 ... ... sg-4040 (SharePoint Traffic) ELB sg-5050 SQL Server sg-2020 Domain Controller sg-1010 sg-5050 (ELB Traffic) Inbound Rules: Type Protocol Port Range Source HTTP (80) TCP (6) 80 0.0.0.0/0 HTTP (443) TCP (6) 443 0.0.0.0/0
Select an AMI with Adequate CPU and Memory for Your Workload Select an EBS-optimized AMI if Possible Optimize TempDB Just Like On-Premises (Use Instance Storage if Possible or Fast EBS Otherwise) Provision Enough IOPs for Your Workload Best Practices: SQL Server General Purpose SSD Max Throughput per Volume: 160 MB/s Max IOPS per Volume: 10,000 Volume Size: 1 GB to 16 TB Burst: 3,000 IOPS (for volumes up to 1 TB) Great for boot volumes, low-latency applications, and bursty databases Max Throughput per Volume: 320 MB/s Max IOPS per Volume: 20,000 Volume Size: 4 GB to 16 TB Ideal for critical applications and databases with sustained IOPS Provisioned IOPS SSD
Availability Zone 1 Private Subnet Primary Replica Availability Zone 2 Private Subnet Secondary Replica Synchronous-commit Synchronous-commit Automatic Failover Primary: 10.0.2.100 WSFC: 10.0.2.101 AG Listener: 10.0.2.102 Primary: 10.0.3.100 WSFC: 10.0.3.101 AG Listener: 10.0.3.102 AG Listener: ag.awslabs.net Best Practices: SQL Server
Availability Zone 1 Private Subnet EC2 Primary Replica Primary: 10.0.2.100 WSFC: 10.0.2.101 AG Listener: 10.0.2.102 AWS Region A Availability Zone 2 Private Subnet EC2 Secondary Replica Primary: 10.0.3.100 WSFC: 10.0.3.101 AG Listener: 10.0.3.102 Availability Zone 1 Private Subnet EC2 Secondary Replica Primary: 10.1.2.100 WSFC: 10.1.2.101 AG Listener: 10.1.2.102 Synchronous Commit Automatic Failover AWS Region B Asynchronous Commit Manual Failover Elastic IP Elastic IP VPN Best Practices: SQL Server
1. Understand Your On-Premises SharePoint Environment (Customizations, Most Used Sites, etc.) 2. Devise Your Migration Strategy (URL Strategy, Timeline, User Communication Plan, etc.) 3. Prepare for What’s New in AWS (Security, IAM, Train Your Staff, etc.) 4. Embrace Automation (DevOPs, PowerShell for Windows, etc.) 5. Run Trial for Upgrades (Build, Trial, and Test Upgrade Runs, Establish UAT Group, Feedback Loops, etc.) 6. Plan for Rollback Best Practices: Migration
Going Beyond IaaS CloudWatch & CloudWatch Logs Monitor EC2 Metrics (CPU, Disk Usage, etc.) and Other AWS Resources (EBS Volumes, Elastic Load Balancers, etc.) a Enhanced Log Support for Windows with EC2Config (IIS Logs, Perfmon Logs, etc.) a Monitor Logs and Configure Alerts a Store Logs and Perform Analytics Region US West Availability Zone S SharePoint Front-end SQL Server Domain Controller CloudWatch / CloudWatch Logs Email Amazon SMS Workflow CloudWatch Alarms Region US West Availability Zone S SharePoint Front-end SQL Server Domain Controller CloudWatch / CloudWatch Logs Amazon Kinesis Amazon S3 Amazon Redshift AWS Lambda
Going Beyond IaaS
Thank you!
Remember to complete your evaluations!
Windows Track Sessions WIN301: Bring Microsoft Applications to AWS to Save Money and Stay Licensing Compliant Tues, Nov 29 3:30-4:30 PM Venetian H WIN204: How to Move 1,000 VMs and Biz Critical Apps to AWS in 6 months. Edwards Lifesciences Tues, Nov 29 3:30-4:30 PM Venetian H WIN303: How to Launch a 100k User Microsoft Back Office and Not Break a Sweat Wed, Nov 30 5:30-6:30 PM Delfino 4004 WIN304: Design, Deploy & Optimize SharePoint on AWS Wed Nov 30 12:30-1:30 PM Venetian, Level 3, San Polo 3403 WIN305: Best Practices for Integrating Active Directory with AWS Workloads Wed, Nov 30 5:00-6:00 PM Venetian H WIN306: Design, Deploy & Optimize SQL Server on AWS Thurs, Dec 1 5:30-6:30 PM Venetian H
Ad

Recommended

AWS reinvent 2019 recap - Riyadh - Database and Analytics - Assif Abbasi
AWS reinvent 2019 recap - Riyadh - Database and Analytics - Assif AbbasiAWS reinvent 2019 recap - Riyadh - Database and Analytics - Assif Abbasi
AWS reinvent 2019 recap - Riyadh - Database and Analytics - Assif Abbasi
AWS Riyadh User Group
 
AWS reinvent 2019 recap - Riyadh - Network and Security - Anver Vanker
AWS reinvent 2019 recap - Riyadh - Network and Security - Anver VankerAWS reinvent 2019 recap - Riyadh - Network and Security - Anver Vanker
AWS reinvent 2019 recap - Riyadh - Network and Security - Anver Vanker
AWS Riyadh User Group
 
Demistifying serverless on aws
Demistifying serverless on awsDemistifying serverless on aws
Demistifying serverless on aws
AWS Riyadh User Group
 
Using Amazon RDS to power enterprise applications (Peoplesoft)
Using Amazon RDS to power enterprise applications (Peoplesoft) Using Amazon RDS to power enterprise applications (Peoplesoft)
Using Amazon RDS to power enterprise applications (Peoplesoft)
Tom Laszewski
 
AWS solution Architect Associate study material
AWS solution Architect Associate study materialAWS solution Architect Associate study material
AWS solution Architect Associate study material
Nagesh Ramamoorthy
 
AWS IoT Workshop Keynote
AWS IoT Workshop KeynoteAWS IoT Workshop Keynote
AWS IoT Workshop Keynote
Ian Massingham
 
AWS fault tolerant architecture
AWS fault tolerant architectureAWS fault tolerant architecture
AWS fault tolerant architecture
skadyan1
 
Architecting Cloud Apps
Architecting Cloud AppsArchitecting Cloud Apps
Architecting Cloud Apps
jineshvaria
 
Understand the Cloud Computing and the future career possibilities
Understand the Cloud Computing and the future career possibilitiesUnderstand the Cloud Computing and the future career possibilities
Understand the Cloud Computing and the future career possibilities
Sanket Saxena
 
Introduction to Amazon Web Services
Introduction to Amazon Web ServicesIntroduction to Amazon Web Services
Introduction to Amazon Web Services
Robert Greiner
 
ECS 19 Anil Erduran - simplifying microsoft architectures with aws services
ECS 19 Anil Erduran - simplifying microsoft architectures with aws servicesECS 19 Anil Erduran - simplifying microsoft architectures with aws services
ECS 19 Anil Erduran - simplifying microsoft architectures with aws services
European Collaboration Summit
 
SharePoint on Microsoft Azure
SharePoint on Microsoft AzureSharePoint on Microsoft Azure
SharePoint on Microsoft Azure
K.Mohamed Faizal
 
AMAZON CLOUD Course Content
AMAZON CLOUD Course ContentAMAZON CLOUD Course Content
AMAZON CLOUD Course Content
Varnaaz Technologies
 
AWS Migration Day - Windows Workloads
AWS Migration Day - Windows WorkloadsAWS Migration Day - Windows Workloads
AWS Migration Day - Windows Workloads
Amazon Web Services LATAM
 
Aws certified solutions architect
Aws certified solutions architectAws certified solutions architect
Aws certified solutions architect
Syed Measum Haider Bokhari
 
Windows Azure
Windows AzureWindows Azure
Windows Azure
Murali Krishna Alluri
 
re:Invent 2019 CON328R Improving observability of your containers
re:Invent 2019 CON328R Improving observability of your containersre:Invent 2019 CON328R Improving observability of your containers
re:Invent 2019 CON328R Improving observability of your containers
Shubha Bheema Rao
 
AWS re:Invent re:Cap 2015
AWS re:Invent re:Cap 2015AWS re:Invent re:Cap 2015
AWS re:Invent re:Cap 2015
Mark Bate
 
Introduction to the world of Cloud Computing & Microsoft Azure.pptx
Introduction to the world of Cloud Computing & Microsoft Azure.pptxIntroduction to the world of Cloud Computing & Microsoft Azure.pptx
Introduction to the world of Cloud Computing & Microsoft Azure.pptx
PrazolBista
 
Aws interview questions and answers
Aws interview questions and answersAws interview questions and answers
Aws interview questions and answers
kavinilavuG
 
Lec 3 - Chapter 2 Carl Jung’s Theory of Personality.pptx
Lec 3 - Chapter 2 Carl Jung’s Theory of Personality.pptxLec 3 - Chapter 2 Carl Jung’s Theory of Personality.pptx
Lec 3 - Chapter 2 Carl Jung’s Theory of Personality.pptx
TayyabaSiddiqui12
 
ICONX - Presentation - Mining RACE - english - international
ICONX - Presentation - Mining RACE - english - internationalICONX - Presentation - Mining RACE - english - international
ICONX - Presentation - Mining RACE - english - international
Bitcoin Mining RACE
 
2. Asexual propagation of fruit crops and .pptx
2. Asexual propagation of fruit crops and .pptx2. Asexual propagation of fruit crops and .pptx
2. Asexual propagation of fruit crops and .pptx
aschenakidawit1
 
Besu Shibpur Enquesta 2012 Intra College General Quiz Finals.pptx
Besu Shibpur Enquesta 2012 Intra College General Quiz Finals.pptxBesu Shibpur Enquesta 2012 Intra College General Quiz Finals.pptx
Besu Shibpur Enquesta 2012 Intra College General Quiz Finals.pptx
Rajdeep Chakraborty
 
Key Elements of a Procurement Plan.docx.
Key Elements of a Procurement Plan.docx.Key Elements of a Procurement Plan.docx.
Key Elements of a Procurement Plan.docx.
NeoRakodu
 
ICSE 2025 Keynote: Software Sustainability and its Engineering: How far have ...
ICSE 2025 Keynote: Software Sustainability and its Engineering: How far have ...ICSE 2025 Keynote: Software Sustainability and its Engineering: How far have ...
ICSE 2025 Keynote: Software Sustainability and its Engineering: How far have ...
patricialago3459
 
Effects of physical activity, exercise and sedentary behaviors to
Effects of physical activity, exercise and sedentary behaviors toEffects of physical activity, exercise and sedentary behaviors to
Effects of physical activity, exercise and sedentary behaviors to
DancanNyabuto
 
Bloom Where You Are Planted 05.04.2025.pptx
Bloom Where You Are Planted 05.04.2025.pptxBloom Where You Are Planted 05.04.2025.pptx
Bloom Where You Are Planted 05.04.2025.pptx
FamilyWorshipCenterD
 
kurtlewin theory of motivation -181226082203.pptx
kurtlewin theory of motivation -181226082203.pptxkurtlewin theory of motivation -181226082203.pptx
kurtlewin theory of motivation -181226082203.pptx
TayyabaSiddiqui12
 
Setup & Implementation of OutSystems Cloud Connector ODC
Setup & Implementation of OutSystems Cloud Connector ODCSetup & Implementation of OutSystems Cloud Connector ODC
Setup & Implementation of OutSystems Cloud Connector ODC
outsystemspuneusergr
 
Ad

More Related Content

Similar to T3 - Design, deploy, and optimize Microsoft SharePoint on AWS - Zlatan Dzinic (12)

Understand the Cloud Computing and the future career possibilities
Understand the Cloud Computing and the future career possibilitiesUnderstand the Cloud Computing and the future career possibilities
Understand the Cloud Computing and the future career possibilities
Sanket Saxena
 
Introduction to Amazon Web Services
Introduction to Amazon Web ServicesIntroduction to Amazon Web Services
Introduction to Amazon Web Services
Robert Greiner
 
ECS 19 Anil Erduran - simplifying microsoft architectures with aws services
ECS 19 Anil Erduran - simplifying microsoft architectures with aws servicesECS 19 Anil Erduran - simplifying microsoft architectures with aws services
ECS 19 Anil Erduran - simplifying microsoft architectures with aws services
European Collaboration Summit
 
SharePoint on Microsoft Azure
SharePoint on Microsoft AzureSharePoint on Microsoft Azure
SharePoint on Microsoft Azure
K.Mohamed Faizal
 
AMAZON CLOUD Course Content
AMAZON CLOUD Course ContentAMAZON CLOUD Course Content
AMAZON CLOUD Course Content
Varnaaz Technologies
 
AWS Migration Day - Windows Workloads
AWS Migration Day - Windows WorkloadsAWS Migration Day - Windows Workloads
AWS Migration Day - Windows Workloads
Amazon Web Services LATAM
 
Aws certified solutions architect
Aws certified solutions architectAws certified solutions architect
Aws certified solutions architect
Syed Measum Haider Bokhari
 
Windows Azure
Windows AzureWindows Azure
Windows Azure
Murali Krishna Alluri
 
re:Invent 2019 CON328R Improving observability of your containers
re:Invent 2019 CON328R Improving observability of your containersre:Invent 2019 CON328R Improving observability of your containers
re:Invent 2019 CON328R Improving observability of your containers
Shubha Bheema Rao
 
AWS re:Invent re:Cap 2015
AWS re:Invent re:Cap 2015AWS re:Invent re:Cap 2015
AWS re:Invent re:Cap 2015
Mark Bate
 
Introduction to the world of Cloud Computing & Microsoft Azure.pptx
Introduction to the world of Cloud Computing & Microsoft Azure.pptxIntroduction to the world of Cloud Computing & Microsoft Azure.pptx
Introduction to the world of Cloud Computing & Microsoft Azure.pptx
PrazolBista
 
Aws interview questions and answers
Aws interview questions and answersAws interview questions and answers
Aws interview questions and answers
kavinilavuG
 
Understand the Cloud Computing and the future career possibilities
Understand the Cloud Computing and the future career possibilitiesUnderstand the Cloud Computing and the future career possibilities
Understand the Cloud Computing and the future career possibilities
Sanket Saxena
 
Introduction to Amazon Web Services
Introduction to Amazon Web ServicesIntroduction to Amazon Web Services
Introduction to Amazon Web Services
Robert Greiner
 
ECS 19 Anil Erduran - simplifying microsoft architectures with aws services
ECS 19 Anil Erduran - simplifying microsoft architectures with aws servicesECS 19 Anil Erduran - simplifying microsoft architectures with aws services
ECS 19 Anil Erduran - simplifying microsoft architectures with aws services
European Collaboration Summit
 
SharePoint on Microsoft Azure
SharePoint on Microsoft AzureSharePoint on Microsoft Azure
SharePoint on Microsoft Azure
K.Mohamed Faizal
 
AMAZON CLOUD Course Content
AMAZON CLOUD Course ContentAMAZON CLOUD Course Content
AMAZON CLOUD Course Content
Varnaaz Technologies
 
AWS Migration Day - Windows Workloads
AWS Migration Day - Windows WorkloadsAWS Migration Day - Windows Workloads
AWS Migration Day - Windows Workloads
Amazon Web Services LATAM
 
Aws certified solutions architect
Aws certified solutions architectAws certified solutions architect
Aws certified solutions architect
Syed Measum Haider Bokhari
 
Windows Azure
Windows AzureWindows Azure
Windows Azure
Murali Krishna Alluri
 
re:Invent 2019 CON328R Improving observability of your containers
re:Invent 2019 CON328R Improving observability of your containersre:Invent 2019 CON328R Improving observability of your containers
re:Invent 2019 CON328R Improving observability of your containers
Shubha Bheema Rao
 
AWS re:Invent re:Cap 2015
AWS re:Invent re:Cap 2015AWS re:Invent re:Cap 2015
AWS re:Invent re:Cap 2015
Mark Bate
 
Introduction to the world of Cloud Computing & Microsoft Azure.pptx
Introduction to the world of Cloud Computing & Microsoft Azure.pptxIntroduction to the world of Cloud Computing & Microsoft Azure.pptx
Introduction to the world of Cloud Computing & Microsoft Azure.pptx
PrazolBista
 
Aws interview questions and answers
Aws interview questions and answersAws interview questions and answers
Aws interview questions and answers
kavinilavuG
 

Recently uploaded (20)

Lec 3 - Chapter 2 Carl Jung’s Theory of Personality.pptx
Lec 3 - Chapter 2 Carl Jung’s Theory of Personality.pptxLec 3 - Chapter 2 Carl Jung’s Theory of Personality.pptx
Lec 3 - Chapter 2 Carl Jung’s Theory of Personality.pptx
TayyabaSiddiqui12
 
ICONX - Presentation - Mining RACE - english - international
ICONX - Presentation - Mining RACE - english - internationalICONX - Presentation - Mining RACE - english - international
ICONX - Presentation - Mining RACE - english - international
Bitcoin Mining RACE
 
2. Asexual propagation of fruit crops and .pptx
2. Asexual propagation of fruit crops and .pptx2. Asexual propagation of fruit crops and .pptx
2. Asexual propagation of fruit crops and .pptx
aschenakidawit1
 
Besu Shibpur Enquesta 2012 Intra College General Quiz Finals.pptx
Besu Shibpur Enquesta 2012 Intra College General Quiz Finals.pptxBesu Shibpur Enquesta 2012 Intra College General Quiz Finals.pptx
Besu Shibpur Enquesta 2012 Intra College General Quiz Finals.pptx
Rajdeep Chakraborty
 
Key Elements of a Procurement Plan.docx.
Key Elements of a Procurement Plan.docx.Key Elements of a Procurement Plan.docx.
Key Elements of a Procurement Plan.docx.
NeoRakodu
 
ICSE 2025 Keynote: Software Sustainability and its Engineering: How far have ...
ICSE 2025 Keynote: Software Sustainability and its Engineering: How far have ...ICSE 2025 Keynote: Software Sustainability and its Engineering: How far have ...
ICSE 2025 Keynote: Software Sustainability and its Engineering: How far have ...
patricialago3459
 
Effects of physical activity, exercise and sedentary behaviors to
Effects of physical activity, exercise and sedentary behaviors toEffects of physical activity, exercise and sedentary behaviors to
Effects of physical activity, exercise and sedentary behaviors to
DancanNyabuto
 
Bloom Where You Are Planted 05.04.2025.pptx
Bloom Where You Are Planted 05.04.2025.pptxBloom Where You Are Planted 05.04.2025.pptx
Bloom Where You Are Planted 05.04.2025.pptx
FamilyWorshipCenterD
 
kurtlewin theory of motivation -181226082203.pptx
kurtlewin theory of motivation -181226082203.pptxkurtlewin theory of motivation -181226082203.pptx
kurtlewin theory of motivation -181226082203.pptx
TayyabaSiddiqui12
 
Setup & Implementation of OutSystems Cloud Connector ODC
Setup & Implementation of OutSystems Cloud Connector ODCSetup & Implementation of OutSystems Cloud Connector ODC
Setup & Implementation of OutSystems Cloud Connector ODC
outsystemspuneusergr
 
Speech 2-Unity in Diversity, Strength in Solidarity
Speech 2-Unity in Diversity, Strength in SolidaritySpeech 2-Unity in Diversity, Strength in Solidarity
Speech 2-Unity in Diversity, Strength in Solidarity
Noraini Yunus
 
Microsoft Azure Data Fundamentals (DP-900) Exam Dumps & Questions 2025.pdf
Microsoft Azure Data Fundamentals (DP-900) Exam Dumps & Questions 2025.pdfMicrosoft Azure Data Fundamentals (DP-900) Exam Dumps & Questions 2025.pdf
Microsoft Azure Data Fundamentals (DP-900) Exam Dumps & Questions 2025.pdf
MinniePfeiffer
 
Wood Age and Trees of life - talk at Newcastle City Library
Wood Age and Trees of life - talk at Newcastle City LibraryWood Age and Trees of life - talk at Newcastle City Library
Wood Age and Trees of life - talk at Newcastle City Library
Woods for the Trees
 
NASIG ISSN 2025 updated for the_4-30meeting.pptx
NASIG ISSN 2025 updated for the_4-30meeting.pptxNASIG ISSN 2025 updated for the_4-30meeting.pptx
NASIG ISSN 2025 updated for the_4-30meeting.pptx
reine1
 
A Bot Identification Model and Tool Based on GitHub Activity Sequences
A Bot Identification Model and Tool Based on GitHub Activity SequencesA Bot Identification Model and Tool Based on GitHub Activity Sequences
A Bot Identification Model and Tool Based on GitHub Activity Sequences
natarajan8993
 
Updated treatment of hypothyroidism, causes and symptoms
Updated treatment of hypothyroidism, causes and symptomsUpdated treatment of hypothyroidism, causes and symptoms
Updated treatment of hypothyroidism, causes and symptoms
Mohammed Ahmed Bamashmos
 
cardiovascular outcome in trial of new antidiabetic drugs
cardiovascular outcome in trial of new antidiabetic drugscardiovascular outcome in trial of new antidiabetic drugs
cardiovascular outcome in trial of new antidiabetic drugs
Mohammed Ahmed Bamashmos
 
THE SEXUAL HARASSMENT OF WOMAN AT WORKPLACE (PREVENTION, PROHIBITION & REDRES...
THE SEXUAL HARASSMENT OF WOMAN AT WORKPLACE (PREVENTION, PROHIBITION & REDRES...THE SEXUAL HARASSMENT OF WOMAN AT WORKPLACE (PREVENTION, PROHIBITION & REDRES...
THE SEXUAL HARASSMENT OF WOMAN AT WORKPLACE (PREVENTION, PROHIBITION & REDRES...
ASHISHKUMAR504404
 
THE SEXUAL HARASSMENT OF WOMAN AT WORKPLACE (PREVENTION, PROHIBITION & REDRES...
THE SEXUAL HARASSMENT OF WOMAN AT WORKPLACE (PREVENTION, PROHIBITION & REDRES...THE SEXUAL HARASSMENT OF WOMAN AT WORKPLACE (PREVENTION, PROHIBITION & REDRES...
THE SEXUAL HARASSMENT OF WOMAN AT WORKPLACE (PREVENTION, PROHIBITION & REDRES...
ASHISHKUMAR504404
 
2025-05-04 A New Day Dawns 03 (shared slides).pptx
2025-05-04 A New Day Dawns 03 (shared slides).pptx2025-05-04 A New Day Dawns 03 (shared slides).pptx
2025-05-04 A New Day Dawns 03 (shared slides).pptx
Dale Wells
 
Lec 3 - Chapter 2 Carl Jung’s Theory of Personality.pptx
Lec 3 - Chapter 2 Carl Jung’s Theory of Personality.pptxLec 3 - Chapter 2 Carl Jung’s Theory of Personality.pptx
Lec 3 - Chapter 2 Carl Jung’s Theory of Personality.pptx
TayyabaSiddiqui12
 
ICONX - Presentation - Mining RACE - english - international
ICONX - Presentation - Mining RACE - english - internationalICONX - Presentation - Mining RACE - english - international
ICONX - Presentation - Mining RACE - english - international
Bitcoin Mining RACE
 
2. Asexual propagation of fruit crops and .pptx
2. Asexual propagation of fruit crops and .pptx2. Asexual propagation of fruit crops and .pptx
2. Asexual propagation of fruit crops and .pptx
aschenakidawit1
 
Besu Shibpur Enquesta 2012 Intra College General Quiz Finals.pptx
Besu Shibpur Enquesta 2012 Intra College General Quiz Finals.pptxBesu Shibpur Enquesta 2012 Intra College General Quiz Finals.pptx
Besu Shibpur Enquesta 2012 Intra College General Quiz Finals.pptx
Rajdeep Chakraborty
 
Key Elements of a Procurement Plan.docx.
Key Elements of a Procurement Plan.docx.Key Elements of a Procurement Plan.docx.
Key Elements of a Procurement Plan.docx.
NeoRakodu
 
ICSE 2025 Keynote: Software Sustainability and its Engineering: How far have ...
ICSE 2025 Keynote: Software Sustainability and its Engineering: How far have ...ICSE 2025 Keynote: Software Sustainability and its Engineering: How far have ...
ICSE 2025 Keynote: Software Sustainability and its Engineering: How far have ...
patricialago3459
 
Effects of physical activity, exercise and sedentary behaviors to
Effects of physical activity, exercise and sedentary behaviors toEffects of physical activity, exercise and sedentary behaviors to
Effects of physical activity, exercise and sedentary behaviors to
DancanNyabuto
 
Bloom Where You Are Planted 05.04.2025.pptx
Bloom Where You Are Planted 05.04.2025.pptxBloom Where You Are Planted 05.04.2025.pptx
Bloom Where You Are Planted 05.04.2025.pptx
FamilyWorshipCenterD
 
kurtlewin theory of motivation -181226082203.pptx
kurtlewin theory of motivation -181226082203.pptxkurtlewin theory of motivation -181226082203.pptx
kurtlewin theory of motivation -181226082203.pptx
TayyabaSiddiqui12
 
Setup & Implementation of OutSystems Cloud Connector ODC
Setup & Implementation of OutSystems Cloud Connector ODCSetup & Implementation of OutSystems Cloud Connector ODC
Setup & Implementation of OutSystems Cloud Connector ODC
outsystemspuneusergr
 
Speech 2-Unity in Diversity, Strength in Solidarity
Speech 2-Unity in Diversity, Strength in SolidaritySpeech 2-Unity in Diversity, Strength in Solidarity
Speech 2-Unity in Diversity, Strength in Solidarity
Noraini Yunus
 
Microsoft Azure Data Fundamentals (DP-900) Exam Dumps & Questions 2025.pdf
Microsoft Azure Data Fundamentals (DP-900) Exam Dumps & Questions 2025.pdfMicrosoft Azure Data Fundamentals (DP-900) Exam Dumps & Questions 2025.pdf
Microsoft Azure Data Fundamentals (DP-900) Exam Dumps & Questions 2025.pdf
MinniePfeiffer
 
Wood Age and Trees of life - talk at Newcastle City Library
Wood Age and Trees of life - talk at Newcastle City LibraryWood Age and Trees of life - talk at Newcastle City Library
Wood Age and Trees of life - talk at Newcastle City Library
Woods for the Trees
 
NASIG ISSN 2025 updated for the_4-30meeting.pptx
NASIG ISSN 2025 updated for the_4-30meeting.pptxNASIG ISSN 2025 updated for the_4-30meeting.pptx
NASIG ISSN 2025 updated for the_4-30meeting.pptx
reine1
 
A Bot Identification Model and Tool Based on GitHub Activity Sequences
A Bot Identification Model and Tool Based on GitHub Activity SequencesA Bot Identification Model and Tool Based on GitHub Activity Sequences
A Bot Identification Model and Tool Based on GitHub Activity Sequences
natarajan8993
 
Updated treatment of hypothyroidism, causes and symptoms
Updated treatment of hypothyroidism, causes and symptomsUpdated treatment of hypothyroidism, causes and symptoms
Updated treatment of hypothyroidism, causes and symptoms
Mohammed Ahmed Bamashmos
 
cardiovascular outcome in trial of new antidiabetic drugs
cardiovascular outcome in trial of new antidiabetic drugscardiovascular outcome in trial of new antidiabetic drugs
cardiovascular outcome in trial of new antidiabetic drugs
Mohammed Ahmed Bamashmos
 
THE SEXUAL HARASSMENT OF WOMAN AT WORKPLACE (PREVENTION, PROHIBITION & REDRES...
THE SEXUAL HARASSMENT OF WOMAN AT WORKPLACE (PREVENTION, PROHIBITION & REDRES...THE SEXUAL HARASSMENT OF WOMAN AT WORKPLACE (PREVENTION, PROHIBITION & REDRES...
THE SEXUAL HARASSMENT OF WOMAN AT WORKPLACE (PREVENTION, PROHIBITION & REDRES...
ASHISHKUMAR504404
 
THE SEXUAL HARASSMENT OF WOMAN AT WORKPLACE (PREVENTION, PROHIBITION & REDRES...
THE SEXUAL HARASSMENT OF WOMAN AT WORKPLACE (PREVENTION, PROHIBITION & REDRES...THE SEXUAL HARASSMENT OF WOMAN AT WORKPLACE (PREVENTION, PROHIBITION & REDRES...
THE SEXUAL HARASSMENT OF WOMAN AT WORKPLACE (PREVENTION, PROHIBITION & REDRES...
ASHISHKUMAR504404
 
2025-05-04 A New Day Dawns 03 (shared slides).pptx
2025-05-04 A New Day Dawns 03 (shared slides).pptx2025-05-04 A New Day Dawns 03 (shared slides).pptx
2025-05-04 A New Day Dawns 03 (shared slides).pptx
Dale Wells
 
Ad

T3 - Design, deploy, and optimize Microsoft SharePoint on AWS - Zlatan Dzinic

  • 1. © 2016, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Design, Deploy, and Optimize Microsoft SharePoint on AWS Lou De La Torre, Solutions Architect Zlatan Dzinic, Senior Consultant November 30, 2016 WIN304
  • 2. What We’ll Cover: Everything SharePoint on AWS The Fundamentals Architectural Scenarios Best Practices > EC2 Networking Active Directory Remote Access Purchasing Options The Fundamentals Architectural Scenarios Best Practices > Marketplace Builds Hybrid: AWS as a DR Site Multi-AZ SharePoint SharePoint 2016 Quick Start The Fundamentals Architectural Scenarios Best Practices > Amazon EC2 Best Practices SQL Best Practices Migration Best Practices Going Beyond IaaS
  • 3. Fundamentals: Single VPC Patterns Public and Privately Routed VPC This design pattern is used for workloads that need to accommodate a combination of public and private routing needs, such as all-in Internet-facing, multi-tier web applications supported by databases or other privately routed backend systems. Internal-Only VPC This design pattern is used to create a network environment that is only accessible from an existing, internal network, such as internally facing or back- office systems. On-Premises and Internet- Accessible VPC This design pattern is used to create a network environment that has the ability to communicate with both on-premises (privately routed) and external (publicly routed) resources Internet-Accessible VPC This design pattern is primarily used for test, R&D, sales demo, production, and other environments that require a network environment that is completely isolated from a customer’s internal network. For more info on configuring VPCs, see AWS Answers for Networking.
  • 4. Internet Gateway Highly available VPC component that allows communication between instances in your VPC and the Internet a NAT Gateway Enable instances in a private subnet to connect to the Internet or other AWS services, but prevent the Internet from initiating a connection with those instances a Virtual Private Network (VPN) a Virtual Private Gateway (VPG) a AWS Direct Connect a For more info on configuring external access, see Amazon VPC for On-Premises Network Engineers, Part One. Fundamentals: External Connectivity
  • 5. Fundamentals: Active Directory Patterns Directory Trusts Extending On-Premises Directory Over Secure Connections to AWS Using Either Active Directory or AWS Directory Service for Microsoft AD. Federated Trusts Building Federated Trusts From On-Premise to AWS Using Active Directory Federation Services or Other SAML Compliant Software and Services. Availability Zone On-Premises Data Center VPN Direct Connect Domain Controller Domain Controller on Amazon EC2 Either/Or AWS Directory Service On-Premises Data Center Internet WAP / ADFS Secure Domain Controller on Amazon EC2 Domain Controller WAP/ADFS on Amazon EC2
  • 6. See the Remote Desktop Gateway on the AWS Cloud: Quick Start for additional info The Fundamentals: Remote Access
  • 7. The Fundamentals: Purchasing Options For more info on licensing Windows on AWS, see Microsoft Licensing on AWS. Options for using Microsoft software licenses on the AWS Cloud Buy Licenses From AWS Bring Licenses To AWS 2,300+ products available for 1-click deployment across 35 distinct product categories, including several SharePoint 2013 & 2016 builds ranging from single-server to multiple- server builds. If you’ve already purchased Microsoft software, bring your own licenses (BYOL) to the AWS Cloud and extend the lifecycle of your software without additional hardware costs. Using license-included instances allows you access to fully compliant Microsoft software licenses bundled with Amazon EC2 and ability to pay for them as you go with no upfront costs or long-term investments.
  • 8. What We’ll Cover: Everything SharePoint on AWS The Fundamentals Architectural Scenarios Best Practices > Marketplace Builds Hybrid: AWS As a DR Site Multi-AZ SharePoint SharePoint 2016 Quick Start
  • 9. Browse, Test, and Buy Enterprise Software a Simplified Procurement Process a Consume as Needed Without Overprovisioning Architecture: Marketplace One AWS Bill a Consume Hourly, Monthly, Annually a Customers run over 143M hours of software per month
  • 10. Architecture: Marketplace SharePoint Enterprise 2016 for AWS "All In One" for SME or Line of Business implementation. Best for Test or Development teams working on short-term development projects, to share and collaborate on new ideas and engage in social conversations. SharePoint Enterprise 2016 All In One Availability Zone Subnet Windows Server 2012R2 Active Directory Domain Services SQL Server 2014 Enterprise SharePoint Server 2016 Internet Gateway
  • 11. Architecture: Marketplace Availability Zone Subnet Windows Server 2012R2 Active Directory Domain Services Internet Gateway Subnet Windows Server 2012R2 SQL Server 2014 Enterprise Subnet Windows Server 2012R2 SharePoint Server 2016 SharePoint Enterprise 2016 Business SharePoint Enterprise 2016 is well suited for enterprises looking for a collaboration tool in multiple geo-locations, including support for external users.
  • 12. Architecture: AWS As a DR Site Higher RTO Lower RTO Backup & Restore Pilot Light Spectrum of Disaster Recovery Options Back up to S3 with AWS Storage Gateway a Replace On-Premises Tape System a Leverage Amazon Glacier for Data Archiving SQL Server Log Shipping over VPN or Direct Connect a EC2 Instances in Stopped State a Cool DR Site with Lower Costs Warm Site SQL Server Asynchronous Always- On Availability Group over Direct Connect a EC2 Instances in Running State a
  • 13. Architecture: AWS As a DR Site Minimal Amount of Running Infrastructure on AWS Keeps Costs Low Backup & Restore Typically Longer RTO For more info on configuring backup and recovery, see Enterprise Backup and Recovery On-Premises to AWS. For more info on configuring AWS Storage Gateway, see AWS Storage Gateway Documentation. Availability Zone Direct Connect, VPN or HTTPS On-Premises Data Center HTTPS AWS Storage Gateway VM Storage: Direct Attached or SAN APP Server WFE Server SharePoint EC2 Instances in Stopped State SQL Server EC2 Instance in Stopped State AWS DR SharePoint Farm APP Server WFE Server On-Premises SharePoint Farm App Server Backup Server Supporting iSCSI, CIFS, SMB SQL Server SQL Server EBS Volume Storage Gateway Service S3 Bucket WFE Server WFE Server
  • 14. Architecture: AWS As a DR Site Small Amount of Running EC2 Infrastructure on AWS Pilot Light SQL Log Shipping Increases Automation of Database Layer Backup and Restore Operations For more info on configuring log shipping between on premises and AWS, see Deploying Microsoft SQL Server on Amazon Web Services. For more info on configuring a pilot light DR environment on AWS, see Using Amazon Web Services for Disaster Recovery. Availability Zone Transaction Log Shipping Direct Connect or VPN Transaction Log Replay APP ServerAPP Server WFE ServerWFE Server SharePoint EC2 Instances in a stopped state AWS DR SharePoint Farm SQL Server On-Premises Data Center On-Premises SharePoint Farm WFE Server WFE Server App Server App Server SQL Server
  • 15. Architecture: AWS As a DR Site Lower RTOs Require More Running EC2 Infrastructure on AWS AlwaysOn Availability Group(s) Further Increase Automation of Database Synchronization/Restore Warm Site For more info on configuring always- on availability groups between on premises and AWS, see Deploying Microsoft SQL Server on Amazon Web Services. Availability Zone APP ServerAPP Server WFE ServerWFE Server SharePoint EC2 Instances in a running state AWS DR SharePoint Farm SQL Server On-Premises Data Center On-Premises SharePoint Farm WFE Server WFE Server App Server App Server SQL Server SQL Server Asynchronous Commit SQL Server Always On Availability Group Sync Direct Connect or VPN
  • 16. Architecture: Multi-AZ SharePoint Single Production Farm Database Backups Shipped Offsite and/or Replicated to Alternate Data Center Typical SharePoint DR Plan Involves a Full Farm Rebuild Followed by a Restore of Content Database Backups Typical On-Premises SharePoint Setup Data Center #1 Storage Volumes or Database Backups Synchronized/ Replicated to Alternate Datacenter Production SharePoint Farm Data Center #2 Database Backups Located on Tape Media Transported to Offsite Facility
  • 17. Architecture: Multi-AZ SharePoint AWS Multi-AZ Design Pattern AWS is built around Regions and Availability Zones (AZs) Region is a physical location in the world where we have multiple Availability Zones Availability Zones consist of one or more discrete fault tolerant data centers, each with redundant power, networking and connectivity Availability Zones are connected to each other with private fiber-optic low-latency links You can achieve High Availability by deploying your application that spans across multiple Availability Zones Data Center Redundancy Achieved with Little or No Effort! Availability Zone #1 Web Server DB Server Web Server DB Server Single Application Boundary Spanning Multiple AZs Synchronous Replication / Automatic Failover Availability Zone #2Low Latency
  • 18. Architecture: Multi-AZ SharePoint VPC, Two AZs, Single Public and Multiple Private Subnets a Include Remote Access, NAT Gateways and Active Directory a Stretched SharePoint Farm Spanning Multiple AZs Providing Data Center Redundancy a Multi-AZ Reduces Risk Profile and Simplifies DR Planning AWS Multi-AZ SharePoint 2013 Availability Zone #1 Web Tier (Subnet) App Tier (Subnet) Directory Tier (Subnet) Web Tier (Subnet) App Tier (Subnet) Data Tier (Subnet) Directory Tier (Subnet) Availability Zone #2 VPC NAT Gateway Public Tier (Subnet) Data Tier (Subnet) Windows Server RD Gateway VPC NAT Gateway Public Tier (Subnet) Windows Server RD Gateway Domain Controller Domain Controller Availability Zone #1 Directory Tier (Subnet) Web Tier (Subnet) App Tier (Subnet) Data Tier (Subnet) Directory Tier (Subnet) Availability Zone #2 AWS ELB VPC NAT Gateway Public Tier (Subnet) Data Tier (Subnet) Windows Server RD Gateway VPC NAT Gateway Public Tier (Subnet) Windows Server RD Gateway SQL Server SQL Server S SharePoint WFE S SharePoint APP Web Tier (Subnet) App Tier (Subnet) Domain Controller Domain ControllerS SharePoint APPS SharePoint WFE Always On Availability Group (Synchronous)
  • 19. Fully Supported to Run a SharePoint DR Farm/Two-Region DR Pattern on AWS for SharePoint AWS Supports Traditional Two- Data Center Patterns Architecture: Multi-AZ SharePoint Availability Zone #1 Directory Tier (Subnet) Web Tier (Subnet) App Tier (Subnet) Directory Tier (Subnet) Availability Zone #2 AWS ELB VPC NAT Gateway Windows Server RD Gateway VPC NAT Gateway Public Tier (Subnet) Windows Server RD Gateway SQL Server Domain Controller Domain Controller Region US East Region US West Web Tier (Subnet) App Tier (Subnet) Data Tier (Subnet) Directory Tier (Subnet) Availability Zone #1 VPC NAT Gateway Public Tier (Subnet) Windows Server RD Gateway Domain Controller Always On Availability Group (Asynchronous) SQL Server Data Tier (Subnet) VPN DR Farm S SharePoint APPS SharePoint WFE Public Tier (Subnet) Web Tier (Subnet) App Tier (Subnet) S SharePoint APPS SharePoint WFE S SharePoint APPS SharePoint WFE Data Tier (Subnet) SQL Server Always On Availability Group (Synchronous) Production Farm Availability Zone #1
  • 20. Architecture: SharePoint 2016 Minimum Size SharePoint 2016 MinRole Farm a Does Not Provide HA MinRole SharePoint Availability Zone #1 Directory Tier (Subnet) Web Tier (Subnet) App Tier (Subnet) Data Tier (Subnet) Directory Tier (Subnet) Availability Zone #2 AWS ELB VPC NAT Gateway Public Tier (Subnet) Data Tier (Subnet) Windows Server RD Gateway VPC NAT Gateway Public Tier (Subnet) Windows Server RD Gateway SQL Server S SharePoint Front-end S SharePoint Search Web Tier (Subnet) App Tier (Subnet) Domain ControllerS SharePoint Application S SharePoint Distributed Cache
  • 21. Architecture: SharePoint 2016 HA SharePoint 2016 MinRole Farm a Supports No Downtime Patching MinRole SharePoint Availability Zone #1 Directory Tier (Subnet) Web Tier (Subnet) App Tier (Subnet) Data Tier (Subnet) Directory Tier (Subnet) Availability Zone #2 AWS ELB VPC NAT Gateway Public Tier (Subnet) Data Tier (Subnet) Windows Server RD Gateway VPC NAT Gateway Public Tier (Subnet) Windows Server RD Gateway SQL Server SQL Server Web Tier (Subnet) App Tier (Subnet) Domain Controller Domain Controller S SharePoint Application Always On Availability Group (Synchronous) S SharePoint Front-end S SharePoint Distributed Cache S SharePoint Search S SharePoint Distributed Cache S SharePoint Distributed Cache S SharePoint Application S SharePoint Search S SharePoint Front-end
  • 22. Architecture: SharePoint 2016 HA SharePoint 2016 MinRole Farm a Supports No Downtime Patching Add Office Online Server and Workflow Manager MinRole SharePoint Availability Zone #1 Directory Tier (Subnet) Web Tier (Subnet) App Tier (Subnet) Data Tier (Subnet) Directory Tier (Subnet) Availability Zone #2 AWS ELB VPC NAT Gateway Public Tier (Subnet) Data Tier (Subnet) Windows Server RD Gateway VPC NAT Gateway Public Tier (Subnet) Windows Server RD Gateway SQL Server SQL Server Web Tier (Subnet) App Tier (Subnet) Domain Controller Domain Controller S SharePoint Application Always On Availability Group (Synchronous) S SharePoint Front-end S SharePoint Distributed Cache S SharePoint Search S SharePoint Distributed Cache S SharePoint Distributed Cache S SharePoint Application S SharePoint Search S SharePoint Front-end Office Online Server Office Online Server Workflow Manager Workflow Manager Workflow Manager
  • 23. Architecture: SharePoint 2016 MinRole Enhancements a Supports Shared Roles a Minimum Number of Farm Servers for HA = 4 SharePoint 2016 Feature Pack1 Availability Zone #1 Directory Tier (Subnet) Web Tier (Subnet) App Tier (Subnet) Data Tier (Subnet) Directory Tier (Subnet) Availability Zone #2 AWS ELB VPC NAT Gateway Public Tier (Subnet) Data Tier (Subnet) Windows Server RD Gateway VPC NAT Gateway Public Tier (Subnet) Windows Server RD Gateway SQL Server SQL Server Web Tier (Subnet) App Tier (Subnet) Domain Controller Domain Controller Always On Availability Group (Synchronous) S SharePoint Front-end with Distributed Cache S SharePoint Application with Search S SharePoint Front-end with Distributed Cache S SharePoint Application with Search
  • 24. Architecture: SharePoint Quick Start AWS CloudFormation Automated Build Extensible JSON AWS CloudFormation Templates Available on GitHub Creates “Stacks” of AWS Resources Bring Your Own License for SharePoint DevOps for SharePoint
  • 25. Architecture: SharePoint Quick Start 1. Prepare an AWS Account. 2. Configure and Launch the Stack. 3. Configure Availability Group(s). 4. Done! Deployment Steps Template takes about 3 hours to complete Default template will cost about $12 per hour
  • 26. What We’ll Cover: Everything SharePoint on AWS The Fundamentals Architectural Scenarios Best Practices > EC2 Best Practices SQL Best Practices Migration Best Practices Going Beyond IaaS
  • 27. Best Practices: EC2 Networking Security Network ACLs • Optional Layer of Security • Subnet Level (Second Layer of Defense) • ALLOW and DENY Rules • Stateless (Return Traffic Not Automatically Allowed) • Rules Evaluated in Order • Automatically Applies to All Instances in Subnet Security Groups • Instance Level (First Layer of Defense) • Instances Can Associate to Multiple Security Groups • ALLOW Rules Only • Stateful (Return Traffic Automatically Allowed) • Security Group Must be Specified for an Instance Group Availabilty Zone Data Tier (10.0.32.0/20) Web Tier (10.0.64.0/20) Public Tier (10.0.96.0/20) acl-2020 (SQL Traffic) Directory Tier (10.0.0.0/19) VPC (10.0.0.0/16) acl-1010 (Domain Traffic) ELB acl-2222 (SQL Traffic) acl-1111 (Domain Traffic) Inbound Rules: Rule # Type Protocol Port Range Source Allow/Deny 100 DNS (TCP) (53) TCP (6) 53 10.0.32.0/20 ALLOW 300 LDAP (389) TCP (6) 389 10.0.32.0/20 ALLOW Inbound Rules: Rule # Type Protocol Port Range Source Allow/Deny 100 MS SQL (1433) TCP (1433) 1433 10.0.64.0/16 ALLOW ... S SharePoint Front-end S SharePoint Front-end sg-3030, sg-4040 sg-3030, sg-4040 SQL Server sg-2020 Domain Controller sg-1010 Availabilty Zone Data Tier (10.0.32.0/20) S SharePoint Front-end Web Tier (10.0.64.0/20) Public Tier (10.0.96.0/20) S SharePoint Front-end sg-3030, sg-4040 sg-2020 (SQL Traffic) Directory Tier (10.0.0.0/19) VPC (10.0.0.0/16) sg-3030, sg-4040 sg-1010 (Domain Traffic)sg-3030 (HTTP Traffic) Inbound Rules: Type Protocol Port Range Source DNS (TCP) (53) TCP (6) 53 10.0.32.0/20 DNS (TCP) (53) TCP (6) 53 sg-2020 LDAP (389) TCP (6) 389 10.0.32.0/20 LDAP (389) TCP (6) 389 sg-2020 Inbound Rules: Type Protocol Port Range Source MS SQL (1433) TCP (1433) 1433 10.0.64.0/16 MS SQL (1433) TCP (1433) 1433 sg-4040 Inbound Rules: Type Protocol Port Range Source HTTP (80) TCP (6) 80 10.0.96.0/20 HTTP (443) TCP (6) 443 10.0.96.0/20 Inbound Rules: Type Protocol Port Range Source Custom TCP TCP (6) 808 10.0.64.0/20 Custom TCP TCP (6) 32843 10.0.64.0/20 Custom TCP TCP (6) 32844 10.0.64.0/20 Custom TCP TCP (6) 22233-22236 10.0.64.0/20 ... ... sg-4040 (SharePoint Traffic) ELB sg-5050 SQL Server sg-2020 Domain Controller sg-1010 sg-5050 (ELB Traffic) Inbound Rules: Type Protocol Port Range Source HTTP (80) TCP (6) 80 0.0.0.0/0 HTTP (443) TCP (6) 443 0.0.0.0/0
  • 28. Select an AMI with Adequate CPU and Memory for Your Workload Select an EBS-optimized AMI if Possible Optimize TempDB Just Like On-Premises (Use Instance Storage if Possible or Fast EBS Otherwise) Provision Enough IOPs for Your Workload Best Practices: SQL Server General Purpose SSD Max Throughput per Volume: 160 MB/s Max IOPS per Volume: 10,000 Volume Size: 1 GB to 16 TB Burst: 3,000 IOPS (for volumes up to 1 TB) Great for boot volumes, low-latency applications, and bursty databases Max Throughput per Volume: 320 MB/s Max IOPS per Volume: 20,000 Volume Size: 4 GB to 16 TB Ideal for critical applications and databases with sustained IOPS Provisioned IOPS SSD
  • 29. Availability Zone 1 Private Subnet Primary Replica Availability Zone 2 Private Subnet Secondary Replica Synchronous-commit Synchronous-commit Automatic Failover Primary: 10.0.2.100 WSFC: 10.0.2.101 AG Listener: 10.0.2.102 Primary: 10.0.3.100 WSFC: 10.0.3.101 AG Listener: 10.0.3.102 AG Listener: ag.awslabs.net Best Practices: SQL Server
  • 30. Availability Zone 1 Private Subnet EC2 Primary Replica Primary: 10.0.2.100 WSFC: 10.0.2.101 AG Listener: 10.0.2.102 AWS Region A Availability Zone 2 Private Subnet EC2 Secondary Replica Primary: 10.0.3.100 WSFC: 10.0.3.101 AG Listener: 10.0.3.102 Availability Zone 1 Private Subnet EC2 Secondary Replica Primary: 10.1.2.100 WSFC: 10.1.2.101 AG Listener: 10.1.2.102 Synchronous Commit Automatic Failover AWS Region B Asynchronous Commit Manual Failover Elastic IP Elastic IP VPN Best Practices: SQL Server
  • 31. 1. Understand Your On-Premises SharePoint Environment (Customizations, Most Used Sites, etc.) 2. Devise Your Migration Strategy (URL Strategy, Timeline, User Communication Plan, etc.) 3. Prepare for What’s New in AWS (Security, IAM, Train Your Staff, etc.) 4. Embrace Automation (DevOPs, PowerShell for Windows, etc.) 5. Run Trial for Upgrades (Build, Trial, and Test Upgrade Runs, Establish UAT Group, Feedback Loops, etc.) 6. Plan for Rollback Best Practices: Migration
  • 32. Going Beyond IaaS CloudWatch & CloudWatch Logs Monitor EC2 Metrics (CPU, Disk Usage, etc.) and Other AWS Resources (EBS Volumes, Elastic Load Balancers, etc.) a Enhanced Log Support for Windows with EC2Config (IIS Logs, Perfmon Logs, etc.) a Monitor Logs and Configure Alerts a Store Logs and Perform Analytics Region US West Availability Zone S SharePoint Front-end SQL Server Domain Controller CloudWatch / CloudWatch Logs Email Amazon SMS Workflow CloudWatch Alarms Region US West Availability Zone S SharePoint Front-end SQL Server Domain Controller CloudWatch / CloudWatch Logs Amazon Kinesis Amazon S3 Amazon Redshift AWS Lambda
  • 35. Remember to complete your evaluations!
  • 36. Windows Track Sessions WIN301: Bring Microsoft Applications to AWS to Save Money and Stay Licensing Compliant Tues, Nov 29 3:30-4:30 PM Venetian H WIN204: How to Move 1,000 VMs and Biz Critical Apps to AWS in 6 months. Edwards Lifesciences Tues, Nov 29 3:30-4:30 PM Venetian H WIN303: How to Launch a 100k User Microsoft Back Office and Not Break a Sweat Wed, Nov 30 5:30-6:30 PM Delfino 4004 WIN304: Design, Deploy & Optimize SharePoint on AWS Wed Nov 30 12:30-1:30 PM Venetian, Level 3, San Polo 3403 WIN305: Best Practices for Integrating Active Directory with AWS Workloads Wed, Nov 30 5:00-6:00 PM Venetian H WIN306: Design, Deploy & Optimize SQL Server on AWS Thurs, Dec 1 5:30-6:30 PM Venetian H