330 likes | 445 Views
HITP10 Getting Cozy with Service Applications. Todd Klindt and Shane Young SharePoint911. Objectives. Learn about SharePoint’s new Service Application architecture Understand planning and operational impact of the new architecture New management tools. Session Outline.
E N D
HITP10 Getting Cozy with Service Applications Todd Klindt and Shane Young SharePoint911
Objectives • Learn about SharePoint’s new Service Application architecture • Understand planning and operational impact of the new architecture • New management tools
Session Outline • Overview of Services • What’s new in SharePoint 2010 • IT Pro experience • Developer Story • Example Topologies
What is a Service Application? • Service Application: A configured logical instance of a Service • Provides data or computing resources • Exposes administrative interfaces • Uses resources • Service Database • Application Pool • Service Instances: Running physical instance of a service
How is a Service Application used? • Features, such as web parts, on a Web App use Service Applications • Web application Proxy Group SA Proxy Service Application Service Instance • A Service Application Proxy connects a Web App to a Service app • Associations determined by administrators, can be changed any time • Connections can be managed individually or in groups (‘Service Application Proxy Group’)
Service WorkflowFor a typical service ~~~~~~~~~~~~~ ~~~~~~~~~~~~~ Browser Web Front End Server Application Server
SharePoint 2007 2010 SharePoint Server Shared Service Provider Search Search Excel Calc Service Excel Calc Service User Profile Service User Profiles Business Data Catalog Business Data Catalog Windows SharePoint Services Config Content Workflow Config Content Workflow
SharePoint 2010 SharePoint Server SharePoint Service Applications Shared Service Provider Search Excel Calc Service User Profiles Business Data Connection SharePoint Foundation Windows SharePoint Services Config Content Workflow
SharePoint 2010 SharePoint Server SharePoint Service Applications PowerPoint Broadcast Service Search Excel Calc Service PerformancePoint User Profiles Visio Graphics Service Business Data Connectivity Access Service Web Analytics Managed Metadata Word Conversion Service 3rd party services… SharePoint Foundation Sandboxed Code Service Usage & Health Logging Config Content Workflow
SSP => Service Application • SSPs are replaced with Service Apps • A la carte, ‘unboxed’ services • Integrated administration model • 3rd party extensibility • And much more… • SSP services split out into service applications • User Profiles • Search Service App • Excel Service App • Business Connectivity Service App • And the new services in MOSS SKUs • MOSS 2007 SSPs upgrade into SharePoint Server 2010 Service Applications
What’s New – Framework • Extensible platform • Framework incorporated into SharePoint Foundation • 3rd parties can build and ship services • Lots of new in-box Services: • SharePoint Server has nearly 20 services • Other products like Office Web Apps, Project Server, SQL ‘Gemini’ ship services
What’s New - Administration • Simplified administration model • Managed via Central admin and PowerShell • A la carte consumption • Increased flexibility in deployment • Fault Tolerant Round-robin Load Balancing • Support for hardware load balancing • Flexible, secure cross-farm federation • Trust-based security • Share to anyone and consume from anywhere • WCF-based web services for communication • No direct DB Access
What’s New - Security • Improved security model • Claims based authorization within the farm • Communication via WCF-based web services • Support for SSL/transport security • Application isolation • Each service app uses separate database and optionally, separate app pool • Support for multiple service applications for a service with different accounts and databases • Multi-tenancy • Most services are multi-tenant capable • Application-level security for content isolation
Managing a Service • Services are managed through Central Admin • Services plug their management UI into Service Management page • Service Admins • Delegated admins with Central Admin access • Manages one or more Service Applications • Central Admin UI is trimmed to only the pages that the Service Admin has rights to access • Some services have their own additional specialized admin roles • Services are also managed through PowerShell
Demo Service Application Administration
Deployment • Farm Config Wizard • Creates all Service Applications with default settings • Bad, bad, bad • Manually • Use the ‘New’ dropdown in the Manage Service Applications page • Specify custom application pool, database locations etc… • Creates service apps and their proxies • For most control, use PowerShell • New-SP*ServiceApplication • New-SP*ServiceApplicationProxy • Create each piece individually (e.g. in Service-only farms) • Necessary for Usage and State Service
Administration UI • Manage Service Application page: • Create/Delete Service Apps • Manage Service App ‘metadata’ • Connect to remote Service Apps • Publish and Secure Service Apps • Service-specific management UI: • Service App specific settings • Dashboards showing search crawl status, profile import status etc… • Manage Service Associations page: • Control web app to service app association • Manage Services on Server page: • Start/stop instances on specific servers
Windows PowerShell • All Admin operations are PowerShell enabled. • Only Farm admins and Shell Admins can use PowerShell • Use PowerShell to: • Create and Delete Service Applications New-SPStateServiceApplication -Name "State Service Application" • Share Service Applications Publish-SPServiceApplication 2cf98d54-78b5-4afb-8edf-25e1d1fbd329 • Start and Stop Instances Start-SPServiceInstance 0d5206ec-3312-41e8-a141-b20764100537 • Perform Bulk Operations Get-SPServiceApplication | Get-SPServiceApplicationSecurity | Grant-SPObjectSecurity –Principal “domain\user” –Rights “full control”
Associations • By default, all Service Applications in a farm are associated with all Web Applications • Associations are not direct, but connect through a proxy • The default association can be changed so that Service App Proxy Web App associations are managed on a case-by-case basis • Use the ‘manage service associations’ UI in CA to manage associations
Publishing • ‘Publishing’ a Service Application makes it available outside the farm • ‘Published’ Service Applications can be discovered and consumed by remote Farms • All standard security policies still apply • i.e., Publishing doesn’t set or remove access • Cross-farm trust via certificate exchange
Security • Security is managed per Service Application • Admin Security: • Specifies who has admin rights over a Service App • Used for security trimming • By default, all farm admins included • Access Security • Specifies claims principals that have access to the service • By default, the ‘farm claim’ has access • Some services may define more granular access rights (i.e. read-only vs. read-write)
Deployment Scenarios • Single Farm • Isolated Hosting • Shared Resource Farm
Summary • SharePoint 2010 has a new, flexible, extensible services architecture for middle-tier applications • Administrative improvements make managing services easier through PowerShell and UI • Customizable, flexible topologies to suit your organizational needs
Thanks Please fill out your evaluations And turn yourself around