Step by Step Article Series for Creating SharePoint 2013 Based Multi-Tenant Private Cloud Infrastructure

Overview of the Concept

The title explains it very well. However the multi-tenancy is all about providing subscription based Sites and Services on top of a centralized single platform. Multi-tenancy is a Cloud Concept mostly holds by Hosting providers such as Microsoft (SharePoint Online) ,FPWEB, Rackspace etc.… But what about your own SharePoint Private Cloud for your specific needs? Sounds Great and that’s where we going ahead with this article series.

Very Simply – Web Hosting with a Unique Space with Isolated Data and Security provided by Centralized and Shared Set of Infrastructure. The Tenants I’m defining here as the Unique Space where the Infrastructure stands as SharePoint.

SharePoint is really capable of Providing subscription based Sites which are completely data and security is isolated. Each customer will have their own Space with isolated security and data which technically known in the multi-tenancy perspective as the ‘partition mode’.

It was there even in earlier versions such as Office SharePoint Server 2007. In This article I’m listing the steps to create a multi-tenancy platform on top of SharePoint 2013. Deployments scenarios of platform like this is not really a common thing like generic SharePoint Deployments, It will only find by specific set of audience who does Hosting.

Concept Overview in SharePoint Perspective

clip_image001

Technical Briefing

When it comes to Implementation, take a look at below describing which takes you through the technical facts of SharePoint Multi-tenancy.

clip_image002

Like you can see in the above diagram, there’s a single SharePoint Infrastructure which Shares set of Services (only few are mentioned here, there are lot more) through partition mode capability. A single (or may be many) web application holds multiple number of Site Collections (ultimately Tenants) with uniquely partitioned database from the SQL Backend. each customer (Target company or set of audience) will get a unique set of Sites which are ultimately called as a tenant. Below are the provided sites for each Customer, each will get three different site collection under the main which are sits for a specific purpose.

  1. Main Site Collection – The main Portal which end Users will work on.
  2. Admin Site – The Administration Site for each tenant with limited set of features. The highest level is still managed by the hosting Farm’s Central Administration.
  3. CTHUB – Content Type Hub.
  4. My Site – Personal Site Host

What’s Common and What’s Unique

Ofcource we talk about a centralized Infrastructure with Shared Services here isn’t it? So yes, the Common things are the Features of SharePoint Such as sites | User Profiles | Searching | and so on. Whatever the features used across tenants are Common at this perspective.

And, Data and Permissions are the main Unique facts. Each tenant can be uniquely Permitted for a set of Administrators and Users who are only permitted for that particular tenant. And unique Data can be reside in particular tenant where nothing exposed across the other Tenants or Farm.

Prime Considerations

a. Data Isolation

Isolating Each Customer’s Data is the prime fact here. Though every single tenant ultimately sits in a single shared infrastructure, Isolation of Data is very important.

b. Security and Customizations

Customer 1 Should not be able to Access Customer 2’s Site or see their Data nor they can do any customizations on other’s. True isolation is all about addressing this particular key factor which SharePoint nicely does.

c. Manageability and Administration

Customers should be able to manage their tenant within their scope without bothering hosting provider. The admin Portal for each tenant nicely addresses this requirement which allows tenant admins to manage User profiles | Search feature and so on in tenant level.

d. Address Spaces and Accessibility

Each Customer should be able to access their portal with their own web address. External Mappings of SharePoint caters this.

e. Tenant Sites (Member Sites) and URL Namespaces

Two Possibilities are there in this perspective. We can either have a tenant per web application or site collection. Creating tenant per web application will make web.config available for each tenant but there are key facts to be taken for considerations.

  1. Limitation of number of Web Application Per Farm.
  2. This make a high overhead on administering and maintaining. Performance is one of the key importance so this isn’t really a recommended approach when it comes to large deployments. May be if you are not going beyond 10 tenants.

Host Header Site Collections

This is the room allows us to store more and keep watching in a simple way other than traditional. With host header Site Collections, we can have multiple root level sites with independent top level domains within a single Web Application. Host header site collections have been there for quite long now. Improved a lot with SharePoint 2010 and now acts a giant role in the arena. Hats off for this awesome ability which plays one of the prime role here.

Addressing Different Scenarios within a single Infrastructure

When we have an Multi-tenant SharePoint Infrastructure, that doesn’t mean you cannot do traditional things within it. For an example if you try to create a new Service Application in a traditional way not partitioned, you can do so. And also generic web applications are too. Kind of a Hybrid scenario I was talking about. So even if you deploy multi-tenant Platform it’s yet capable of acting on traditional way too. Pretty cool !

Tenant Administration

Tenant Admin Site is created by a hidden default SharePoint 2013 template. Via this Site, Administrators of tenants are allowed to manage their subscription with defined set of administrative features. Looks like SharePoint Central Administration Site but only with defined set of features. They cannot simply play around with Root stuff but most of the key requirements are addressed here.

Changes in 2013 and What to be Considered

Not a big deal but as you are aware, there are number changes in SharePoint 2013 compare to 2010.

Service Applications Partitioning and Databases

Service applications are Partitioned to serve Data Partitioning. This will use a Single Database to Serve multiple tenants. There are some Service applications which are cannot be Partitioned and some can be partitioned but no Data Saving. We Need to create both Service application and Application Proxy and doing this possible but only with PowerShell which is ultimate steering wheel in the SharePoint Highway !

Based on SharePoint 2013 RTM. Below are the list of Service Applications that can be partitioned and stored tenant Data.

  • Search Service
  • Secure Store Service
  • Word Automation
  • Project
  • User Profiles
  • Managed Metadata
  • Business Data Connectivity

These Service Applications cannot be partitioned neither can be stored Data of tenants

  • State Service Application
  • Access Database Services
  • Visio Graphics Service
  • Word Viewing Service Application
  • PowerPoint Service Application
  • Excel Calculation Service
  • PerformancePoint
  • FAST for SharePoint (No longer in 2013 nor further)
  • Below ones are could store tenant data but doesn’t support Partitioning (Site Collections level-Readily Associated with Site Collection )
  • Usage and Health Data Collection
  • Web Analytics

Site Subscription and Feature Packs Involvement

Site Subscription is the Key of the Main Door here. Site Subscription is a Logical Set of Site Collections that can share Data, Features and Services. Site collections of Tenants are Grouped with a Specific Unique ID which called as the Subscription ID. This ID is used to Associate Data, Features and Services with each Tenant. This is the Core of the SharePoint Multi-Tenancy. Subscription Service Application is entirely responsible of storing Subscriptions of each tenant and their ID Accordingly and Map the Site Collections with Services and features. So taking care very much on this guy is very important after the deployment which comes as a part of administration and maintenance.

Feature Packs also acts a Key role here. Feature packs are group set of features that enabled for tenants to use. This is the key which defines the functionalities of SharePoint that which to use and which not to. We can use these sets to control the feature enablement across the tenants. very useful when it comes to requirements such as budgetary and starter level ones so we can simply lock down some set of features which are not included in to the particular subscription. This is incredible !!

This can be only performed via PowerShell or Object model which again you don’t get any UI.

Compatibility across the Editions and Versions

Multi-tenancy is possible with all the Editions but the only limitation is features. As you know foundation has the minimum set of feature and capabilities and standard bit more included and Enterprise is fully armed with all. However all these editions are compatible for multi-tenancy.

SharePoint 2010 (All Three Editions are Supported)

Foundation – Supported

Standard – Supported

Enterprise – Supported

SharePoint 2013

Foundation – Supported

Standard – Supported

Enterprise – Supported

Configuration Steps

Prerequisites

On SharePoint Server

SharePoint Binaries are Installed (ofcource the Product prerequisites are prior to binaries)

On SQL Server

SQL Server Instance Installed with required Service accounts and can be opened from SQL Studio

Do not run the Product/farm Configuration Wizard after Installing Binaries. The Script will do this for you.

 

Stay Tuned for the Part 2…

 

Part 2 is here

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s