Building SharePoint farms for development and testing is easy. But building highly available farms to meet enterprise service level agreements that are fault tolerant, scalable and fully recoverable? Not so simple. Learn how to plan, design and implement a highly available on-premises farm architecture for 2016 and 2019 using proven, field-tested techniques and practical guidance.

3. Eric Shupps
Office Servers & Services MVP
@eshupps
sharepointcowboy
slideshare.net/eshupps
linkedin.com/in/eshupps
github.com/eshupps

4. Agenda
Fundamentals
Architecture
Implementation
Validation
Maintenance

5. Fundamentals

6. !=
+

7. Elimination of single points of
failure
Fully redundant system and
environments
Seamless continuity
Geographically distributed failover
Operational Stability

8. Risk mitigation
Compliance
Customer Satisfaction
Revenue Protection
Safety
Performance
Security
Public Relations

9. Infrastructure
Devices
Servers
Bandwidth
Storage
Software
Windows Server 2012/2012 R2/2016
Failover Clustering
File Shares
SQL Server 2012/2014/2016
Always On Availability Groups

10. Resources
Cost
Complexity
Licensing
Troubleshooting
Maintenance

11. Architecture

12. WFE
SharePoint Server 2013
Front-end Server
SQL Server 2012 SP2 (2014) PowerPivot Add-In
SQL Server 2012 SP2 (2014) Reporting Services Add-In
APP
SharePoint Server 2013
Application Server
Excel Services Service Application
SQL Server 2012 SP2 (2014) PowerPivot Service Application
SQL Server 2012 SP2 (2014) PowerPivot Add-In
SQL Server 2012 SP2 (2014) Reporting Services Service Application
SQL Server 2012 SP2 (2014) Reporting Services Add-In
WAC
Office Web Apps 2013 Server
SQL
SQL Server 2012 SP2+ (2014)
Database Engine
All Databases and Roles
SQL Server Analysis Services for SharePoint (PowerPivot)
WFM
Workflow Manager Server

13. JUST SharePoint
Is everything on this
diagram ‘highly available’?
What about environment?
Virtual Host A Virtual Host B
SQL Server installed and configured to support SQL AlwaysOn Availability Groups.
WFE01
SharePoint 2013
Front-end Server
APP01
SharePoint 2013
Application Server
SQL01
SQL Server 2012 SP1+
All Databases and Roles
WFE02
SharePoint 2013
Front-end Server
APP02
SharePoint 2013
Application Server
SQL02
SQL Server 2012 SP1+
All Databases and Roles
F5 BigIP
Network Load Balancer
WFM01
Workflow
Manager
Server
WFM03
Workflow
Manager
Server
WFM02
Workflow
Manager
Server
wfm.<domain>.com
WSFC01
SQLAGL01
WAC01
Office Web Apps 2013
Server
WAC02
Office Web Apps 2013
Server
wac.<domain>.com

14. Firewalls
Routers
Load Balancers
Switches
Virtual Hosts
Network Interfaces
Storage

15. Dedicated vs. Shared Storage
Quorum Types
Witnesses

16. Logins
Cluster permissions

17. Configuration
Entries
Permissions

18. Encryption
Certificate Types
Challenges

19. Windows Server Failover
Clustering
SQL Failover Cluster
Instance

20. Group of databases organized into
PRIMARY and SECONDARY replicas
Automatic data synchronization
Synchronous and Asynchronous modes
Optional read-only replicas
Database-only redundancy
Listeners (Virtual Network Names)

21. Provide flexibility and
abstraction
Best practice
HA aliases target AG Listeners
NOT servers or instances
Use multiple listeners for
scalability

22. Windows Server Failover Cluster
Failover Cluster Instances
Availability Groups

23. Implementation

24. Hot (MTTR < 1 hr) $$$$$$
Automatic failover
Fully-configured and operational secondary farm
Isolated system & service application databases
Mounted (read-only) content databases
Warm (MTTR < 4 hrs) $$$$
Manual failover
Same as HOT except: optional service application
databases, available unmounted content databases
Cold (MTTR < 24 hrs) $$
Manual failover
Pre-configured farm components in standby state

25. Hot
• Cost
• Bandwidth
• Configuration
changes
• Monitoring
• Network
Configuration
• Hybrid
Warm
• Content
synchronization
• Environment
configuration
• Reaction time
• Manual change
risk
Cold
• Actual recovery
time
• Environment
differences
• Functional
variances
• Service quality

26. Synchronous Replicas
All databases in production data center
Asynchronous Replicas
Content databases between data centers (R/O Hot
Mounted, R/W Warm Unmounted)
Unreplicated
Search
User Profiles
Usage and Health

27. Performance
I/O (disk, network) is critical for sync replicas
Spread availability groups across clusters
Stagger primary and secondary nodes
Data Integrity
WAN latency can lead to data loss in async
replicas
Limit inter-farm, non-replication traffic
Monitor replica states
Availability Group 2
Availability Group 2

28. Database Name Sync Async
User Profile
Application
Yes Yes
User Profile Sync Yes No
User Profile Social Yes Yes
Word Automation Yes Yes
Managed Metadata Yes Yes
Translation Yes Yes
BDC Yes Yes
Project Server Yes Yes
PowerPivot Yes Yes
PerformancePoint Yes Yes
Database Name Sync Async
Config Yes No
Central Admin Yes No
Content Yes Yes
App Management Yes Yes
Search Admin Yes No
Search Analytics Yes No
Search Crawl Yes No
State Service Yes No
Secure Store Yes Yes
Usage and Health Yes* No
https://technet.microsoft.com/en-us/library/jj841106(v=office.15).aspx
* Remove prior to running PSCONFIG

29. Async replication NOT supported
HIGH
Sync Replication Challenges
Single-farm hybrid connection

30. Full database
replication possible but
can be problematic
Options
User Profile Service Application
Profile
DB
Sync
DB
User Profile
Synchronization Service
Active
Directory
Profile
DB
Sync
DB
Microsoft Identity
Manager
MIM MIM Sync

31. Independent cache with no DB
persistence
Configurable memory allocation
Dedicated mode recommended for
High Availability
Cache Dependencies
Feeds
Content
Search
Web Part
Login
Tokens
Access
Cache
Security
Trimming
App
Tokens
View
State
OneNote
Throttling

32. Leverages “Contained Databases”
feature of SQL 2012
Requires changes to SQL Server
protocols, settings and authentication
mode
Access DB’s are NOT automatically
added to availability groups

33. SSAS
SSRS
MultiSubnetFailover not supported

34. Validation

35. No
Vote

36. Downtime you may have, if failover you must.
Misbehave nodes will, if monitored they are not.
If isolate you do not, regret it you will.
If create it you do, put it in a group you must.
Put it back you will, if remove it you have.

38. Do or do not, there is no try partial failover.
Disaster leads to failover. Failover leads to failback.
Failover without a failback plan leads to suffering.
Content databases you will share. All others you will
not (SSRS leads to the dark side).
Ready are you? What know you of ready? Have you
tested it???

39. Maintenance

40. Business
continuity
Content access
Maximum
uptime
System
integrity
Data
protection
Minimum risk
Online
Offline

41. Update SxS token
Secondary: dist cache remove, PSCONFIG, dist cache return
Primary: dist cache remove, PSCONFIG, dist cache return, rebalance secondary web
Patch secondary role servers, reboot
Patch primary role servers, reboot
Unbalance secondary web server, patch, reboot
Unbalance primary web server, patch, reboot, rebalance
Enable SxS file copy
Zero Downtime Failover
Failback (AOAG, DNS, Network)
PROD UAT
PROD patching
DNS, networking failover
DR database update scripts
AOAG Failover to DR

42. Production
Resume synchronization
Enable sites, smoke testing, UAT testing
Apply SP patches, run PSCONFIG
Apply OS patches
Stop synchronization
Disable sites
Disaster Recovery
Smoke testing
Mount databases
Apply SP patches, run PSCONFIG
Apply OS patches
Dismount databases

43. https://www.slideshare.net/eshupps