By Brian Desmond
The bulk of the work required for deploying applications to Amazon EC2 instances is around the configuration of the instance and the storage. In this tutorial, we'll take a look at the steps necessary to configure your workstation, configure the Amazon EC2 firewall, deploy an Amazon EC2 instance, configure the Elastic Block Store (EBS) for Windows SharePoint Services and Microsoft SQL Server, configure the Amazon EC2 instance, and save the Amazon EC2 instance as an Amazon Machine Image (AMI).
Although the scope of this article is limited to a two-server deployment of Windows SharePoint Services, it is possible to deploy a scaled-out SharePoint farm using Elastic Load Balancing, which load balances multiple Amazon EC2 instances running Windows SharePoint Services. Additionally, you can use auto-scaling in conjunction with Elastic Load Balancing to dynamically adjust the number of Windows SharePoint Services servers that are active based on load requirements.
Note: This article assumes that you are familiar with SQL Server and Windows SharePoint Services. The goal of the article is to discuss the steps necessary to run Windows SharePoint Services on Amazon EC2 as well as the configuration changes specific to the Amazon EC2 environment.
All the management tasks necessary to provision VMs for running Windows SharePoint Services and SQL Server can be performed through the AWS Management Console, which is accessible at http://console.aws.amazon.com. You can also use the Amazon EC2 command-line tools; however, the AWS Management Console is much more user friendly.
For this discussion, you will use two Amazon EC2 instances for the Windows SharePoint Services topology. One VM will host Windows SharePoint Services, and a second VM will host SQL Server. Amazon provides preconfigured SQL Server AMIs, so you will only need to do a minimal amount of configuration work on the SQL Server machine.
Note: It is possible to host both SQL Server and Windows SharePoint Services on the same Amazon EC2 instance.
You will also use an Elastic IP for the Windows SharePoint Services server to minimize downtime in the event that a new Amazon EC2 instance must be activated, which would in turn require a Domain Name System (DNS) update to maintain client access to Windows SharePoint Services.
The administrator passwords for the Amazon EC2 instances to be created are protected by an encryption key, which you must generate prior to activating the instances. To create the key pair, use the Key Pairs section of the AWS Management Console. Be sure to save the file, which is generated as a text file, as it will be required later.
Note: If you have an existing Amazon EC2 key pair, you can continue to use that key pair in lieu of creating a new one.
Configuring the Firewall
By default, the firewall protecting Amazon EC2 instances does not allow any traffic from the Internet; however, it permits all traffic between your Amazon EC2 instances. To configure the Amazon EC2 instances, you need to permit Remote Desktop traffic to them. Additionally, you want to permit Hypertext Transfer Protocol (HTTP) traffic to the Windows SharePoint Services server to make the service accessible to users.
Firewall rules are provisioned for Security Groups. To begin, go to the Security Groups section of the management console and create a security group called SharePoint_Servers. Next, create a rule matching the Figure 1 to permit Remote Desktop and HTTP.
Figure 1. Creating a rule to permit Remote Desktop and HTTP
Note: This rule permits Remote Desktop connections from anywhere. If you have a static IP or subnet you are connecting from, specify that in the Source column. For a specific IP, specify a mask of /32for example, 126.96.36.199/32to permit connections only from host 188.8.131.52.
Now that you've configured your authorization groups, you can launch your instances and add them to the groups. It's important to create the authorization groups first, because instances can't be added or removed from authorization groups after they've been launched.
Provisioning the EC2 Instances
Once the key pair is created, go to the EC2 Dashboard section of the console, then click Launch Instances. Select each of the following AMIs, and launch them individually:
- Basic Windows Server 2003
- Microsoft SQL Server 2005 on Windows Server 2003
Switch to the Instances section of the management console. Once the two new instances are in the running state, right-click each one individually, and then click Get Default Administrator Password. Paste the contents of the text file generated earlier during the key paircreation step into the Private Key text box, then click Decrypt Password. This returns the Windows administrator password, which is necessary for initially logging in to the instance.
Setting up the Elastic Block Store
The storage immediately available to your instance (for example, drives C, D, and E) is not persistent. If the instance is terminated or has hardware issues, the data stored on these drives will disappear. The solution to this is the EBS. The EBS provides persistent, portable, and high-performance storage that you can use to store the data files for Windows SharePoint Services. Both the Windows SharePoint Services server and the SQL Server computer create data files that must be stored in the EBS.
To create an EBS volume, you need the availability zone you want to create the volume in and the size. The availability zone must match the instance you are planning to attach the volume to (this data is available in the properties of the instance under the Zone property). Volumes can range from 1 gigabyte (GB) to 1 terabyte (TB) in size. To create a volume, click Create Volume on the toolbar in the Volumes section of the management console. Specify a size and availability zone, and then click Create.
Once the volume status is available, select it, and then click Attach Volume on the toolbar and attach it to the SQL Server instance. Instances are listed by instance ID, which is available in the properties of the individual instances. Repeat this process for the Windows SharePoint Services server instance.
When you have attached the volumes, you must format them using the Disk Management section of the Microsoft Management Console (MMC) Computer Management snap-in (accessible by clicking Start > Run, then typing
compmgmt.msc in the Run box).
Note: Use of the EBS leads to additional charges on top of the base Amazon EC2 charges. You can review EBS-specific pricing information at http://aws.amazon.com/ec2.
Installing Windows SharePoint Services
To install Windows SharePoint Services, you must first install Microsoft Internet Information Services (IIS) on the Amazon EC2 instance. To complete this step, Windows requires access to the installation files. Amazon makes the installation files accessible via the EBS. To use the files, create a new EBS volume in MMC, and then select the Windows Server 2003 R2 snapshot from the list. Be sure to specify the same availability zone your Amazon EC2 instance is in. Once the volume has been created, attach it to the Amazon EC2 instance, and proceed with IIS installation.
You also need to register Microsoft ASP.NET 2.0 with IIS, as Windows SharePoint Services requires it to run. To do this, run
Windows SharePoint Services 3.0 with Service Pack 2 (SP2) is available for download from the Microsoft Download Center. Launch the installer, and select the Advanced installation type. Configure the Server Type for Web Front End and the Data Location to point to an EBS volume. When setup is complete, clear the option to launch the Configuration Wizard.
The Windows SharePoint Services Configuration Wizard requires that the machines in the topology be joined to a domain. This scenario isn't possible with the configuration described in this article. Fooshen's SharePoint blog describes the steps necessary to configure the Windows SharePoint Services databases required for Windows SharePoint Services to function.
Configuring Elastic IP Addressing
Any time an Amazon EC2 instance is activated, it gets IP addresses whose allocation is controlled entirely by the system. The downside of this is that any time you bring your Windows SharePoint Services environment up, you'll need to update DNS records in order to point them to the correct server. Amazon EC2 offers a solution to this problem in the form of an Elastic IP address. Elastic IP addresses are reserved IP addresses that you can associate with a given Amazon EC2 instance.
To allocate an Elastic IP address, go to the Elastic IPs section of the management console, and click Allocate New Address on the toolbar. Once an address has been allocated, select it and associate it with the Amazon EC2 instance that hosts the Windows SharePoint Services components. Set your DNS records for the Windows SharePoint Services environment to point to the Elastic IP address.
Bundling the SharePoint Server AMI
The architecture of Amazon EC2 is such that VMs are inherently stateless. In other words, if they are terminated, their disk contents are lost. The EBS provides a partial solution for this whereby you can store persistent data such as a SQL Server database on the EBS volume and attach it to an Amazon EC2 instance. This, however, does not extend to the operating system installation, which is obviously counterproductive in a scenario such as the one discussed in this article, whereby an application (Windows SharePoint Services) has been installed and configured.
The solution for this problem is to bundle the configured instance as an AMI. By bundling the instance as an AMI, in the event it is terminated, you can launch a new instance that has the relevant configuration data intact. When the instance is online, you can attach the Elastic IP address to it and proceed with business as usual.
Important: Make sure that you rebundle the AMI if you make configuration changes to the Windows SharePoint Services server that are not stored in the SQL Server databases.
Prior to bundling the Windows SharePoint Services server instance as an AMI, it is extremely important that you disable the Microsoft System Preparation Tool (Sysprep) using the BundleConfig.xml configuration file on the Amazon EC2 instance and disable renaming the machine using the Config.xml configuration file. These steps are documented at .
Important: Failure to perform the configuration tasks above prior to bundling will render your Windows SharePoint Services server inoperable!
To bundle an instance, you need to have an Amazon Simple Storage Service (Amazon S3) account, as AMIs are stored on Amazon S3. Select the instance to bundle in the Instances section of the management console, and then click More Actions > Bundle Windows AMI on the toolbar.
In the future, when you need to launch an instance of the Windows SharePoint Services environment, launch the bundled AMI. To add additional AMIs to the AMIs section of the management console, use the Register New AMI toolbar button and provide the URL to the Amazon S3 bucket that contains the AMI manifest file generated during bundling. For more information on bundling AMIs, see the Amazon EC2 documentation.
Configuring SQL Server
You need to move the databases that Windows SharePoint Services creates to an EBS volume. You can do this in the Object Explorer section of SQL Server Management Studio. Detach the Windows SharePoint Services databases, move them to the EBS volume, and then re-attach them. To prevent future databases from being created on the local file system, modify the default data and log paths for the server.
To modify these paths, access the properties of the SQL Server instance in SQL Server Management Studio, and then go to the Database Settings section. Modify the database default settings values at the bottom of the Properties section.
Note: For more information on running SQL Server on Amazon EC2, check out the Amazon tutorial Running Microsoft SQLServer on Amazon EC2.
With Amazon EC2, you can run Windows SharePoint Services on dedicated Windows instances running in Amazon's data centers. You can use the Amazon EBS to provide fast, reliable, and persistent storage for the SQL Server databases. Bundling the Windows SharePoint Services server as an AMI allows you to easily bring the environment up, and an Elastic IP address ensures that the Windows SharePoint Services service will always be accessible without unnecessary DNS updates. Once you have configured the Amazon EC2 infrastructure, you can rapidly deploy and scale Windows SharePoint Services for your needs.