Deploy a Microsoft SharePoint 2010 Server Farm in the AWS Cloud in 6 Simple Steps

Articles & Tutorials>Amazon EC2>Deploy a Microsoft SharePoint 2010 Server Farm in the AWS Cloud in 6 Simple Steps
Learn how you can launch a Microsoft SharePoint 2010 server farm for a public facing website on Amazon Web Services (AWS) cloud infrastructure in 6 simple steps. This article provides all the necessary resources, including easy-to-launch AWS CloudFormation sample templates, and instructions on how to create Amazon Machine Images (AMIs) so that you can launch a fully functional highly-available Microsoft SharePoint 2010 server farm on AWS.

Details

Submitted By: Ulf Schoo
AWS Products Used: AWS CloudFormation, Amazon EC2, Amazon VPC, Elastic Load Balancing
Language(s): .NET
Created On: October 19, 2012 2:06 AM GMT
Last Updated: August 22, 2014 3:28 PM GMT
New! Got Stuck? Switch to the Video Series
We have recorded these steps in a complete step-by-step video series for you. Watch Now!

Whether it's a single server SharePoint Foundation solution or a full featured SharePoint web application running on a multi-tiered SharePoint server farm designed for high availability (HA), Amazon Web Services (AWS) provides a complete set of services and tools for deploying Microsoft Windows based workloads, including Microsoft SharePoint Server, on its reliable, scalable and cost-effective cloud infrastructure.

We recommend that you to read the Microsoft SharePoint Server on AWS Reference Architecture whitepaper that describes in detail common reference architectures for different SharePoint Server deployment scenarios (primarily, public-facing Internet website and Intranet application). In this article, you will learn how you can launch a Microsoft SharePoint 2010 server farm for the public facing web site scenario. We provide all the necessary resources, including easy-to-launch AWS CloudFormation sample templates, and instructions on how to create Amazon Machine Images so you can launch the fully functional sample stack using the AWS Management Console. If you like to customize the provisioning and configuration steps, we also provide these resources (templates) in download form, and have published an advanced guide so you can customize the templates as per your needs and deploy them in the cloud repeatedly and reliably using AWS CloudFormation and other tools such as the Windows PowerShell or the command line tools.

Steps

To launch a sample Microsoft SharePoint Server 2010 Farm for a public facing web site in the AWS cloud, all you have to do is the following:
  1. Sign up for an AWS account (there is no charge for opening an AWS account).
  2. Launch the network and Active Directory stack using the sample template (Template-1). This creates the necessary network configuration and Active Directory foundational infrastructure.
  3. Launch the database stack using the sample template (Template-2). This uses a custom AMI and deploys and provisions the database tier.
  4. Launch the app stack using the sample template (Template-3). This uses a custom AMI and deploys a Windows Server 2008 R2 EC2 instance and installs SharePoint Server 2010 for Internet Sites - Enterprise on your APP server using your own license key (BYOL) or, for a trial or test installation, a trial PID key. 
  5. Launch the web stack using the sample template (Template-4). This deploys a Windows Server 2008 R2 EC2 instance and installs SharePoint Server 2010 for Internet Sites - Enterprise on your WFE servers using your own license key (BYOL) or, for a trial or test installation, a trial PID Key. It also deploys and configures an Elastic Load Balancer (ELB) which will balance traffic between your WFE servers.
  6. Configure your SharePoint farm (to get a sample Team Site for a proof of concept or demonstration).
  7. You are done!

This enables you to launch relevant and related AWS resources and ultimately build out a sample stack as shown in the diagram below:

SharePoint Server Reference Architecture for Public Facing WebSite Scenario

Figure 1: SharePoint server reference architecture for public-facing website scenario

For the purpose of this article, we will deploy:

  1. A VPC spanning 2 Availability Zones (AZ) with 10 subnets (8 private subnets and 2 public subnets)
  2. 2 Microsoft Windows Servers 2008 R2 that serve as Active Directory and DNS Servers
  3. 1 Microsoft SQL Server Standard 2008 R2 serving as the database tier
  4. 1 Microsoft Windows Server 2008 R2 serving as the App server that hosts the SharePoint Central Administration and SharePoint Service
  5. 2 Microsoft Windows Server 2008 R2 (1 in each AZ) serving as the Web Front End (WFE) servers
  6. 2 Microsoft Windows Server 2008 R2 (1 per DMZ in each AZ) serving as Remote Desktop Gateway (RDGW) servers
  7. 2 NAT instances
  8. 1 Internet Gateway and 1 Elastic Load Balancer (ELB)

Step 1. Sign up For an AWS Account

When you create an AWS account, AWS automatically signs up the account for all AWS services, including Amazon EC2. You are charged only for the services that you use. If you already have an AWS account, skip to the next step. If you don't already have an AWS account, use the following procedure to create one.

To create an AWS account, Go to http://aws.amazon.com, and click Sign Up Now. Follow the on-screen instructions. Part of the sign-up process involves receiving a phone call and entering a PIN using the phone keypad.

Step 2. Launch the Network and Active Directory Stack using the Sample Template (Template-1)

Once you have signed up for your account we are ready to provision our networking and Active Directory infrastructure. To do that, click the "Launch Stack" button.

Launch in your preferred region:

This will take you to the AWS Management Console's AWS CloudFormation stack wizard and load the sample Template-1. AWS CloudFormation is a service that will provides you with an easy way to create a collection of related and relevant AWS resources and provision them in a repeatable and predictable fashion using a simple JSON template.

Step 2 -1

Figure 2: Create Stack wizard

The AWS CloudFormation sample Template-1 will create all the necessary AWS resources, network configuration and Active Directory configuration for your SharePoint server farm deployment. Since no two SharePoint server deployments are the same and you may want to configure, for example, your network address schema to more closely align with an existing on-premises deployment or your domain administrator account and password, you will need to input or modify a few parameters before you can launch the stack. Alternatively, if you create this stack for proof of concept or demonstration purposes you can just simply accept the defaults.

Creating a stack from our sample Template-1 will require, amongst other things, to input an AWS Key Pair name, which is a public/private key pair that allows you to securely connect to your instance after it launches. For a short tutorial on how to create a new Key Pair Name, see this YouTube Video.

Also, our sample Template-1 allows for modifying the instance types for your Active Directory and Remote Desktop Gateway instances. For more information on visit the Amazon EC2 instance types.

Step 2 - 2

Figure 3: Create Stack Wizard, review and modify parameters

The sample template will  launch and provision all the defined cloud resources (such as creating the VPC, subnets, configuring security groups) but it also performs fine-grained configuration tasks on the Windows Instances (such as creating the physical representation of the deployed Active Directory infrastructure by creating AD sites, subnets and site links). These configuration tasks on the instances themselves are performed using Windows PowerShell scripts. Those PowerShell scripts provide limited functionality and are not meant to represent a production ready solution. Instead, they are intentionally built as mesh-ups of samples freely available on the usual PowerShell community sites and meant as examples of how you can use AWS CloudFormation and PowerShell to reach deep into your instances at provisioning time and perform the necessary configuration steps. In all likelihood, you will want to (and can) replace the scripts with your own.

The architecture diagram (Figure 6) below shows all the infrastructure and resources that will be launched behind the scenes by our AWS CloudFormation sample template.

NOTE: You can use the sample templates discussed in this article as-is, modify them or use them as a starting point for your own template.

If you want to follow along and see what's happening behind the scenes you can go to the AWS CloudFormation console (https://console.aws.amazon.com/cloudformation), select the stack you just launched and click the Events tab. You can hit the refresh button frequently to follow along in the creation process. (Figure 4)

step 2 -3

Figure 4: AWS CloudFormation Manager Console, View Events Tab

After the stack is launched, it will provide you with the Elastic IP Addresses (EIP) of the 2 Remote Desktop Gateways (RDGW1 + RDGW2) when you select the Outputs Tab. You will use this IP address to connect to your RDGW instance and then to your Domain Controller to see if all configurations have been performed correctly or to perform additional Active Directory or DNS configuration tasks. (Figure 5)

Step 2 -4

Figure 5: AWS CloudFormation Manager Console, View Outputs Tab


At the end of this step, you will have the following resources of our architecture launched:

Template 1 stack

Figure 6 : Architecture implemented at the completion of step 2

Step 3. Launch the Database Stack using the Sample Template (Template-2)

Before we can move on and launch the next stack, which will deploy SQL Server 2008 R2 Standard Edition as the database for our database tier, we have to perform a handful of manual steps to create our own CloudFormation-enabled Microsoft SQL Server Standard 2008 R2 AMI. This will enable us to use AWS CloudFormation and Windows PowerShell to configure the database for our SharePoint Server farm.

The current SQL AMI's published by AWS are not CloudFormation-enabled. In order to use a standard SQL AMI in our scripted infrastructure deployment, we will have to create a SQL AMI that runs the EC2Config Service and the CFN Helper scripts. The steps to create such an AMI are as follows:

  1. Start with the latest AWS published SQL 2008 R2 AMI
  2. Launch up the instance as a standalone instance (any instance type larger than t1.micro works).
  3. Install the latest IronPythonized CFN tools MSI package from here
  4. Manually reset the UserData flag in C:\Program Files\Amazon\Ec2ConfigService\Settings\Config.xml
    • <Name>Ec2HandleUserData</Name>
    • <State>Enabled</State>
  5. Manually create the PATH variable in Computer/Properties/Advanced System Settings/Advanced/Environment Variables. Under System variables (*NOT* User Variables) add
    • Path=C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Amazon\cfn-bootstrap


      step 3 -1
      Figure 7: EC2 Service Properties, Run Sysprep
  6. Use Sysprep from within the EC2Config app to bundle everything up. (Figure 7) Wait until the instance shows up as *STOPPED* in the AWS Management Console

    step 3 - 2
    Figure 8: Amazon EC2 Console - Create Image (EBS AMI)
  7. Create the AMI image using the AWS EC2 Management Console (Figure 8)
  8. If you haven't done so already, now you should quickly look up and write down the ID of the CloudFormation-enabled SQL AMI. We will need this ID in our next step below. To look up the AMI ID we navigate to the EC2 Console and then AMIs and take note of the AMI ID.

    step3-4
    Figure 9: Amazon EC2 Console: Amazon Machine Images

Now that you have created your CloudFormation-enabled SQL Server 2008 R2 Standard Edition AMI you are ready to move on to the next step and click the "Launch Stack" button to deploy and provision the database tier.

Launch in your preferred region:



This will take you to the AWS Management Console's AWS CloudFormation Stack Wizard and load the sample Template-2.

The AWS CloudFormation sample Template-2 will launch the database stack into the previously deployed networking and Active Directory infrastructure and join the Database Server to the domain. In addition to the previously recorded SQL AMI ID, you will need to look up the following IDs in the VPC console and input them into the template.

  • VPC ID
  • SQL Server Security Group ID
  • Domain Member Security Group ID
  • SQL Server Subnet ID

step 4 -1

Figure 10: Create Stack wizard: review and modify parameters

In addition to the volume that holds the operating system, your SQL instance will have, multiple volumes attached, one for the SharePoint database files and one for the log files. This follows in part Microsoft's recommendations for mitigating any potential IO contention. (NOTE: The drive letters for the database (D:\) and log file (E:\) volume are fixed per the sample template but you can modify the directory name.) You also want to ensure consistent SQL Server IO performance that is in line with the desired performance profile of your SharePoint Application. Therefore, sample Template-2 creates volumes provisioned with a specific number of I/O operations per second (IOPS). These Provisioned IOPS volumes can be attached to specially "EBS-optimized" instance types. Currently, the following instance types can be launched as EBS-optimized instances:

  • Large (m1.large)
  • Extra Large (m1.xlarge)
  • High-Memory Quadruple Extra Large (m2.4xlarge)


Sample Template-2 also executes a PowerShell script that creates a SQL login for the SharePoint farm administrator account and adds this login to the dbcreator and securityadmin role, as required for a successful SharePoint configuration.

After the stack is launched (CREATE_COMPLETE), it will provide you with the SQL Server NetBIOS name. You will use this NetBIOS name to connect from your RDGW instance to your SQL server to see if all configurations have been performed correctly or to perform additional SQL server configuration tasks. In Step 6 you will also use the SQL Server NetBIOS name when you configure your SharePoint Server Farm and connect from your APP and WFE servers to the SQL server.

At the end of this step you will have the following resources of our architecture launched:

template 2 stack

Figure 11: Architecture implemented at the completion of step 3

Step 4. Launch the Application Stack using the Sample Template (Template-3)

For both, the App Server and the Web Front End Servers, we need to create our own Windows Server AMI that holds the raw (uninstalled) SharePoint bits and the SPModule. The steps  for creating such an AMI are as follows:
  1. Start with the latest AWS published Windows Server 2008 R2 English 64-bit - Base for CloudFormation AMI.
  2. Launch the Instance as a standalone Instance (any instance type larger than t1.micro works).
  3. On the launched instance, download SharePoint Server 2010 for Internet Sites, Enterprise from here and copy the raw (uninstalled) bits to a directory c:\SharePoint_install.
    step 5-1
    Figure 12: Download SharePoint Server 2012
  4. On the launched instance, download the SPModule.zip file from here and extract it to C:\Windows\System32\WindowsPowerShell\v1.0\Modules\SPModule.

    step 5-2
    Figure 13: Extracted SPModule location

  5. Create/Edit the PSModulePath in the System Variables to point to the location where you copied the files in Step 4.
    step 5 -3
    Figure 14: Configure System Variables

  6. After that manually reset the UserData flag in C:\Program Files\Amazon\Ec2ConfigService\Settings\Config.xml
    • <Name>Ec2HandleUserData</Name>
    • <State>Enabled</State>
  7. Use Sysprep from within the EC2Config app to bundle everything up. Wait until the instance shows up as *STOPPED* in the management console.
  8. Create the AMI image using the AWS Management Console.

At this point in the process you have launched the resources that make up your network & security infrastructure and your Active Directory and database. Besides small, individual configurations like adding a SharePoint Farm Administrator account or creating a login for that account on your SQL Server database the infrastructure and resources we have launched so far are not specific to SharePoint. They could easily be the backbone for a Microsoft Windows based 3-tier application of any scale.

After the completion of this step you have taken the first of the final 3 steps that make this a SharePoint Server Farm running on the AWS cloud. To proceed, click the "Launch Stack" button.

Launch in your preferred region:



This will take you to the AWS Management Console's AWS CloudFormation stack wizard and load the sample Template-3.

The AWS CloudFormation sample Template-3 will launch the APP server stack into the previously deployed networking, Active Directory and database infrastructure and join the APP server to the domain. Just as you looked up IDs when launching the SQL Server stac, you need to look up the following IDs in the VPC console and input them into the template.

  • VPC ID
  • APP Server Security Group ID
  • Domain Member Security Group ID
  • APP Server Subnet ID

This deploys a Windows Server 2008 R2 Amazon EC2 instance and installs SharePoint Server 2010 for Internet Sites - Enterprise on your APP serve. You will have to provide your own license key (BYOL) or, for a trial or test installation, get the Trial PID Key directly from Microsoft SharePoint Trial Site at http://www.microsoft.com/en-us/download/details.aspx?id=16631 . Please note that you are responsible for complying with Microsoft's requirements for your use of the SharePoint 2010 trial. Microsoft may discontinue or change the requirements around the SharePoint 2010 trial at any time. Refer to Microsoft's License Mobility through Software Assurance program for further details on how you can provide your mobilized SharePoint license into the deployment process.

sd

Figure 15: Providing your own license key (BYOL)

After the stack is launched (CREATE_COMPLETE), it will provide you with the APP Server NetBIOS name. You will use this NetBIOS name to connect from your RDGW instance to your APP server to see if all configurations have been performed correctly. In Step 6 you will log into the APP server using its NetBIOS name when you create and configure your SharePoint server farm Central Administration site.

If your deployment and desired farm capacity requires it you can repeat step 5 and launch additional APP servers to create App Server groups either by launching additional App server stacks into the same subnet or, taking advantage of the provided high availability infrastructure, into a subnet in the second Availability Zone (AZ). To accomplish this, all you have to do is look up the APP server subnet ID in the VPC console and provide it as input to the template.

At the end of this step you will have the following resources of our architecture launched:

template 3 stack

Figure 16: Architecture implemented at the completion of step 4

Step 5. Launch the Web (WFE) Stack Using the Sample Template (Template-4)

Now that you have built your stack from the bottom up, launched the resources that make up your network and security infrastructure, your Active Directory and database plus your SharePoint APP server, you will complete the installation of the SharePoint Server Farm by launching 2 Web Front End (WFE) servers (1 per Web tier in each Availability Zone).

To proceed, click the "Launch Stack" button.

Launch in your preferred region:

This will take you to the AWS Management Console's AWS CloudFormation stack wizard and load the sample Template-4.

The AWS CloudFormation sample Template-4 will launch the WFE server stack into the previously deployed networking, Active Directory, database and APP server infrastructure and join the two WFE Servers to the domain. Just as you looked up IDs when you launched the SQL and APP server stacks this will require you to look up the following IDs in the VPC console and input them into the template.

  • VPC ID
  • WFE Server Security Group ID
  • Domain Member Security Group ID
  • WFE1 Server Subnet ID
  • WFE2 Server Subnet ID
  • DMZ1 Subnet ID (Required to launch the Elastic Load Balancer)
  • DMZ2 Subnet ID (Required to launch the Elastic Load Balancer)
  • Load Balancer Security Group ID

This deploys 2 Windows Server 2008 R2 EC2 instances and installs SharePoint Server 2010 for Internet Sites - Enterprise on your WFE servers using your own license key (BYOL) or, for a trail or test installation, a Trail PID Key. (Please refer to Microsoft's License Mobility through Software Assurance program for further details on how you can provide your mobilized SharePoint license into the deployment process). It also deploys and configures an Elastic Load Balancer (ELB) which will balance traffic between your WFE servers.

At the end of this step you will have the following resources of our architecture launched:
template 4 stack

Figure 17: Architecture implemented at the completion of step 5

Step 6. Configure the SharePoint Server Farm

After you have launched the complete stack, you need to configure your SharePoint Farm. It is outside the scope of this article to discuss the many configuration options that SharePoint supports. However, for the purpose of creating a simple proof of concept (POC) or demonstration setup, you will need to perform the following configuration steps:

On the APP Server:

  • Run the SharePoint Products and Technologies Configuration Wizard.
  • Create a new server farm.

On the WFE1 Server:

  • Run the SharePoint Products and Technologies Configuration Wizard.
  • Connect to an existing farm.
  • Launch the Farm Configuration Wizard.
  • Create a Site Collection.

On the WFE2 Server:

  • Run the SharePoint Products and Technologies Configuration Wizard.
  • Connect to an existing farm.

You will find in the in Step 6 of the advanced guide more detailed, step-by-step instruction that will guide you through the minimum setup steps required to configure a functional SharePoint Team Site. After that you are ready to connect to your SharePoint site using the IP address of the Elastic Load Balancer (ELB).

How Much Is It Going to Cost to Run This Sample Site on AWS?

AWS offers significant savings over hosting the same application on-premises. It provides you with the flexibility to choose between different instance type configurations (such as Small, Medium, Large...), plus you can choose numerous combinations of On-Demand and Reserved Instances that match your usage projections. It also offers a wide range of Reserved Instance types (Light, Medium and Heavy Utilization) that allow you to save more money as you become more certain of individual instance utilization.

You can to use the AWS Simple Monthly Calculator to input your capacity requirements and estimate your costs. We have made a few assumptions and have provided a sample calculation for the deployment configuration discussed earlier, which assumes 3-Year Heavy Utilization Reserved Instances.

Click to view and/or customize the configuration : Saved Sample Calculation

Under those assumptions, the total cost of running this sample site (see the Resources section for the deployment configuration and setup) on AWS will be approximately $3,250/month, amortized over 3-year period (includes Windows and SQL Server License). If the architecture can support approximately 500 concurrent users, the cost will be approximately $6.5 per User per Month. We recommend that you adjust these assumptions based on your own business requirements.

How Can I Modify the Sample AWS CloudFormation Templates?

With Amazon EC2, you have complete control of your compute environment. For further details and additional information on how to modify the four AWS CloudFormation templates provided with this article, please read the advanced guide. The advanced guide describes the contents of the AWS CloudFormation templates and PowerShell scripts so you can configure the various infrastructure details, such as compute instance types, provisioned storage, security, and networking controls.

Resources

  1. Whitepaper: Microsoft SharePoint Server on AWS Reference Architecture (PDF)
  2. Advanced Implementation Guide: Microsoft SharePoint 2010 on AWS (PDF)
  3. Sample Template-1 (Template_1_Infrastructure_with_AD.json). This will deploy following AWS resources:
    1. A VPC spanning 2 Availability Zones (AZ) with 10 subnets (8 private subnets and 2 public subnets) and 1 Internet Gateway
    2. 2 m1.xlarge Amazon EC2 Instances running Microsoft Windows Servers 2008 R2 that serve as Active Directory and DNS Servers
    3. 2 m1.small Amazon EC2 Instances that serve as NAT  instances
    4. 2 m1.large Amazon EC2 Instances running Microsoft Windows Server 2008 R2 (1 per DMZ in each AZ) serving as Remote Desktop Gateway (RDGW) servers
    5. Standard EBS volumes
  4. Sample Template-2 (Template_2_SQL_Server.json). This will deploy following AWS resources:
    1. 1 m2.4xlarge (EBS optimized) Amazon EC2 Instance running Microsoft SQL Server Standard 2008 R2 serving as the database tier
      1. 6 x 50 GB EBS Volumes with 500 PIOPS/disk
  5. Sample Template-3 (Template_3_APP_Server.json). This will deploy following AWS resources:
    1. 1 m1.xlarge Amazon EC2 Instances running Microsoft Windows Server 2008 R2 serving as the App server that hosts the SharePoint Central Administration and SharePoint Service
      1. 4 x 100 GB Standard EBS volumes
  6. Sample Template-4 (Template_4_WFE_Server.json). This will deploy following AWS resources:
    1. 2 m1.xlarge Amazon EC2 Instances running Microsoft Windows Server 2008 R2 (1 in each AZ) serving as the Web Front End (WFE) servers
      1. each with 4 x 100 GB Standard EBS volumes
    2. 1 Elastic Load Balancer
©2014, Amazon Web Services, Inc. or its affiliates. All rights reserved.