Spencer Harbar Architect SPC356 Wictor Wilén Architect Introductions Wictor Wilén Director SharePoint Architect Author Connecta AB Sweden Spencer Harbar SharePoint Architect Edinburgh United Kingdom ID: 557362
Download Presentation The PPT/PDF document "Designing, deploying, and managing Workf..." is the property of its rightful owner. Permission is granted to download and print the materials on this web site for personal, non-commercial use only, and to display it on your personal computer provided you do not modify the materials and that you retain all copyright notices contained in the materials. By downloading content from our website, you accept the terms of this agreement.
Slide1Slide2
Designing, deploying, and managing Workflow Manager farms
Spencer HarbarArchitect
SPC356
Wictor
Wilén
ArchitectSlide3
Introductions
Wictor Wilén
Director, SharePoint Architect , AuthorConnecta AB, Sweden
Spencer Harbar
SharePoint Architect
Edinburgh, United KingdomHonorable shout out and thanks to:Wayne EwingtonPrincipal Consultant, Microsoft New ZealandSlide4
Agenda
Introduction to Workflow Manager
Workflow Manager high level architecture
Topology options
Installation and configuration
Business continuity managementSlide5
What is Workflow Manager?
Formerly Azure Workflow Server/Services (AWS)
Same “code base” as Windows Azure Service Bus
Windows Workflow Foundation
.NET 4.5
Scalable and reliable workflow engine
REST basedMulti-tenant capablelogical construct of “scopes
” provides partitioningSlide6
Comparing 2010 and 2013 Workflows
SharePoint 2010Legacy approach
Primarily for backwards compatibility (e.g. upgrade)Tightly coupled to SharePoint ServersIn Process
Declarative or custom code
Available both in SharePoint Foundation and SharePoint Server
SharePoint 2013
Future
Decoupled from SharePoint, and supporting other consuming platforms
Declarative only
On Premises or Cloud
Consistent with .NET Framework Workflow
Much more capable
App friendly
Available in SharePoint Server onlySlide7
High level architectureSlide8
Architecture Overview
SharePoint
Content
Events
Sharing
People
2010 Workflow
_API (REST OM)
Access Control
OAuth
Service Bus
Workflow Manager
Workflow Service Application Proxy
Workflow Services Manager
Instances
Interop
Deployment
Messaging
Workflow ClientSlide9
Workflow Manager – Front End / Back End
Logically split into Front End and Back End
Front End
Resource Management Services
Workflow and Activity CRUD operations
Instance Management Services
Instance queriesApplication Events and Control Messages
Back EndWorkflow Host
Service BusSlide10
Service Bus
Guaranteed message delivery
Publish/Subscribe
Loosely coupledSlide11
Workflow Manager Client
Microsoft.Workflow.Client.dllManage workflows (“definitions”), monitor, initiate, and communicate with instances
Required on all SharePoint serversHandles communication with Workflow ManagerSlide12
Workflow Service Application Proxy
SharePoint constructRegistered with PowerShell
Broker for all calls to Workflow ManagerDependent upon Workflow Manager ClientSlide13
Workflow Services Manager
API for managing, monitoring and interacting with workflows – CSOM, JSOM, REST
Instances: Access to running instances, including sending messages
Deployment
: Saving/publishing/changing
workflow definitions, validating XAML, etc.Messaging: Handles how messages are sent from SharePoint to Workflow ManagerInterop
: Interaction with 2010 workflowSlide14
Messaging
Inbound notifications
Start/stop workflow
Events
Management
One-way only
Outbound workREST/Web service callsWorkflow Back-End
destinationGET, PUT, POST, DELETE, MERGE
Outbound notificationsRegisterInterest
Confirmation
Message
Workflow Manager
Message
NotificationSlide15
TopologiesSlide16
Topologies
One or three serversNOT two, NOT four, NOT six, NOT eight….
Service Bus and quorum implementationEach component must run on each serverWorkflow Manager and Service Bus
There are NO other supported topologies
Remember! One
or three
servers!
A farm of two (or four, six etc) can of course be built, but it is NOT supportedAnd more importantly, it won’t provide high availabilitySlide17
Topologies: co-located
Running
Workflow Manager on adequately resourced Web Servers in the SharePoint farm
Carefully factor this into your overall farm topology design
load balancer
Workflow Manager
Workflow Manager
Workflow ManagerSlide18
Topologies: Federated
Workflow Manger farm serving multiple SharePoint Farms
load balancer
Workflow Manager
Scope 1
(SP Farm 1)
Scope 2
(SP Farm 2)Slide19
Topologies: ‘Distributed’
Multiple Workflow Manger
farms serving multiple SharePoint tenantsAnd potentially SharePoint
Farms
load balancer
Workflow Manager
Scope 1
(SP
Tenant1
)
Scope 2
(SP
Tenant 2
)
Workflow Manager
Scope 1
(SP
Tenant3)
Scope 2
(SP
Tenant 4)
SP Tenant 1
SP Tenant 2
SP Tenant 3
SP Tenant 4Slide20
Planning for performance and throughput
Consider scale upfrontWorkflow expands rapidly
New platform enables high scale but you need a plan!Regularly occurring large loadsExamples include expense reports, timesheets
etc
at end of financial period
Common gotcha: Network Interface configurationBetween SharePoint and Workflow FarmsBetween Workflow farms and external systemsSlide21
Scaling out
Multi-server farmWorkload automatically distributed
Load balancer for client interaction/REST callsWorkflow Manager: Maximum of three serversFactors
CPU – Workflow Manager, Service Bus, SQL
I/O – SQL
Network throughput & latency Scale SQL Server firstLikely to be the first bottleneckServer distribution – Workflow Manager and Service Bus databases on different database serversSQL optimization (file I/O, sizing,
etc)However keep it practical (!) – REF Wictor’s topology sesionSlide22
Installation and ConfigurationSlide23
Hardware and Software Requirements
HardwareMinimum RAM: 2Gb
Minimum CPU: 2 GHz Dual CoreMinimum Disk: 1Gb FreeOperating System
Windows Server 2008 R2 Service Pack 1 (x64)
Windows Server 2012 (x64)
Development purposes only:Windows 7 Service Pack 1 (x64)Windows 8 (x64)Slide24
Software Pre-requisites
.NET Framework 4 Platform Update 3 or .NET Framework 4.5
PowerShell 3.0Service Bus 1.0Workflow Client 1.0
Installed using Web Platform Installer (
WebPI
)Download can be “cached” and performed offlineMore details laterSlide25
SQL Server Requirements
Versions and EditionsSQL Server 2012 (or Express)
SQL Server 2008 R2 SP1 (or Express)Configurations
Collation: Default, SP, Binary
Clustering
MirroringAlwaysOn SecurityWindows authentication
SQL Server AuthenticationSlide26
Supported Languages
English (EN)English product on other languages
JapaneseSpanishGermanFrench
Italian
Korean
RussianBrazilian PortugueseChinese (PRC)Chinese (Taiwan)Slide27
Environment Requirements
SQL Server connectivityTCP/IP
SQL Browser service running on SQL ServerWhilst stated, this is NOT actually a requirement!
Named Pipes
SQL Server machine name < 16 characters (NetBIOS restriction)
FirewallPorts 1443, 12290 and 12291 available (default)Windows Firewall automatically configured if selected (default) during Workflow Manager Farm creation
Strongly recommended to use the default portsSlide28
User Requirements
Configuration userThe account used when configuring Workflow Manager
Similar to the SharePoint “Setup User”Local Admin on serversDBCreator
and
SecurityAdmin
(or pre-create)Also called “Logged In user” or “Current user” in some documentationRunAs userService Account IdentityUsed for Workflow Manager & Service Bus services
Can be a separate account for eachBuilt-In accounts NOT supportedFully qualified UPN format (
user@domain.com) – this is NOT strictly requiredGranted
Log on as a Service right during configurationDon’t use the same account for both! Slide29
Service Account Password ChangesWorkflow Manager and Service
Bus
If Service Accounts are expired by policy:Using the Configuration Account, or other Workflow Manager and Service Bus Administrator account
Watch out! MSDN refers to interactively logging in as the service account!
msdn.microsoft.com/en-us/library/
windowsazure
/jj193456(v=azure.10).aspxmsdn.microsoft.com/en-us/library/windowsazure/jj193007(v=azure.10).aspx
Slide30
SharePoint 2013 Requirements
Interaction between SharePoint and Workflow Manager farms is OAuth
2. Therefore requires:App Management Service Instance and Service ApplicationUser Profile Service Instance and Service Application
Users must be populated in the Profile store
and have valid User Principal Name (UPN)
Workflow Manager validates users by UserPrincipalName (UPN)Ensures they have rights to start instancesIf not, instance cancelled
One of the reasons 2013 Workflows are not available in SharePoint FoundationSlide31
Certificates
OAuth2 should always be SSLTherefore the Workflow Manager Farm should use SSL
Don’t forget the SharePoint side!Service Bus
Farm Certificate
Encryption Certificate
Workflow ManagerServices SSL CertificateEncryption CertificateOutbound Signing CertificateSlide32
Certificates - Choices
Auto GeneratedSuitable for most deployments
Provide Generation KeyRequired for every server to join Workflow Manager Farm
Record this value!
Configuration takes care of copying them/creating them
Use existing (Domain CA Issued)Must be in the Local Machine\Personal certificate store for all computers in farm
Administrators responsibility to create them and copy them to each machine in the farm(s)Multi server farms must include a Subject Alternative Name for the DNS domain, e.g. *.fabrikam.comSlide33
Installation
Install and configure SharePoint farmIncluding Workflow Manager Client on every server
Install and configure Workflow Manager farmLogged in as Configuration Account
Web Platform Installer
http://bit.ly/WebPIWM
Slide34
Offline Install
On an Internet connected machine:Download and install WebPICmd.exe
http://bit.ly/WebPIv4 From an Administrator Command prompt:
webpicmd
/offline /
Products:WorkflowManager
/Path:c
:\OfflineWorkflow
Will download Workflow Manager and it’s pre-reqs to the specified folder Copy contents to intended Workflow Manager server
On Workflow Manager Server(s):
From an Administrator Command Prompt:
WebpiCmd.exe /Install /
Products:WorkflowManager
/
XML:c
:\
offlineWorkFlow
\feeds\latest\webproductlist.xml
To install Workflow Client (on SharePoint Servers):
WebpiCmd.exe /Install /
Products:WorkflowClient
/
XML:c
:\
offlineWorkFlow
\feeds\latest\webproductlist.xmlSlide35
Configuration Wizard
Start
| All Programs | Workflow Manager 1.0
|
Workflow Manager Configuration
Supported screen resolutions:Above 800 x 600 for 100% DPIAbove 1000 x 750 for 125 %
DPIAbove 1200 x 900 for 150 % DPI
(seemingly irrelevant detail important in RDP scenarios!)Slide36
Leaving a Farm
Rename a ServerRemove from FarmRename Server
Join back to FarmReduce Farm to one ServerRemove
all
machines (keep databases)
Join existing farm from existing machineSlide37
Connecting to SharePoint
MSMQ ConfigurationOptional Configuration
Enables Asynchronous Event MessagingSupports disconnected scenarios (e.g. maintenance windows in large environments)
Enable MSMQ on SharePoint Servers
In this case, Workflow Manager can NOT be co-located with SharePoint
PowerShell
$proxy = Get-
SPWorkflowServiceApplicationProxy
$
proxy.AllowQueue
= $true;
$
proxy.Update
(); Slide38
Validating install and configuration
Get-SBFarmStatus & Get-
WFFarmStatusWill report on Windows Services state and http(s) availability
Windows Services:
Workflow Manager Backend
Service Bus Message Broker <- will often take a while to startService Bus GatewayWindows Fabric Host ServiceSharePointSharePoint Service Application Proxy
SharePoint Designer Platform Type But neither validate it’s actually working!The ONLY way to properly test is to create,
publish and execute a 2013 Workflow!Slide39
Demo
Creating a new Workflow Manager FarmConnecting to SharePointSlide40
Business Continuity ManagementSlide41
Fault Tolerance
Points of Failure
Manual Workflow Start
SharePoint Workflow Manager
20 seconds
Event NotificationWorkflow auto-start or mid-processing eventSharePoint Workflow Manager:
Will survive a server crash (durably stored)Content DB – Event Cache table
Processed when another workflow event happensWorkflow Backend processingService bus retriesOnce message is stored by Service Bus, processing is “guaranteed”
SQL Server as durable message storageSlide42
Fault Tolerance
Service Bus
Messages are read and locked for a defined period of timeDefault = 45 seconds
Other consumers cannot retrieve the message
On same subscription
Peek/Lock ReadReads and locks the message until it is deleted or lock duration expiresGuarantees at-least once delivery of message
Unlock MessageAbandons processingSlide43
Fault Tolerance
Service Bus
Once message retrieved, one of four things can happen
Complete
– consuming application successfully completes processing the message so it is deleted from SB
Workflow does this when the workflow persistsAbandon – consuming application discards the message so it is available for other consumersWorkflow does this when an exception is thrown and caught during processing
Renew – consuming application needs more time to process the messageWorkflow does this automatically for long-running operations via a background thread
Not as relevant to SharePoint style workflowsExpire – consuming application does not do one of the above before the lock time runs out. Message is now available to be picked up and processed again
E.g. Process crash
Message will be retriedSlide44
Persistence Points
Persistence = Workflow state recorded in DBMessage transaction completed and message deleted from DB
Happens onAny outbound callDelay activity/actionSlide45
High Availability
Three servers required for high availabilityAlso provides load balancing
Scale SQL and SharePoint separatelySlide46
Monitoring
Workflow Manager Pack for SCOMhttp://www.microsoft.com/en-us/download/details.aspx?id=35384Slide47
Disaster Recovery overview
RecoveryDatabase restore
Point-in-Time (temporally similar) Databases
Workflow and
Service Bus
Farm Management DBs not requiredFull farm or individual tenant (scope)Slide48
DR preparations – data tier
Standard SQL techniquesMirroring
Log ShippingAvailability GroupsUse standard SQL Backup and restore
Service Bus and Workflow manager has the required
cmdlets
Slide49
DR preparations – compute tier
Cold StandbyCreate a new farm using SQL Backups, or replicated data, and scripts
Warm StandbySecondary farm, with compute nodes turned offUse scripts to resume standby farm
Hot Standby
Not
supportedSlide50
Disaster Recovery Requirements
Symmetric KeyKeep it in a safe place
Without it you will NOT be able to restoreNote time of “disruption”The approximate time is required to replay some operations
Databases
All Service Bus and Workflow databases, except the two Management databases, are required for a full Workflow Manager restore operationSlide51
DR Scenarios 1/2
Loss of one or more Workflow/Service Bus databasesUninstall Workflow Manager
Reinstall Workflow ManagerRestore Database BackupsUse the Service Bus/Workflow Restore Process and then scale-out
Loss of entire Workflow farm
Restore databases
Rebuild farm and use the Restore Process and then scale-outSlide52
DR Scenarios 2/2
Loss of a WF/SB serverInstall Workflow Manager on a new server
Drop the Management Databases, use the Restore Process and then scale-out
or
Remove the old WF/SB Server and join a new one
Loss of a Workflow ScopeRestore Backup (do not overwrite)Use the Restore-
WFScope cmdletSlide53
Full Restore Process
Restore Service Bus FarmCreates new SB Management database
Use the same ports and configurationUse the Install accountRestore Service Bus Gateway
Restore Service Bus Message Container
Specify the Id of the container
Add Service Bus host to machineConfigure Service Bus NamespaceUsing the original Symmetric key Slide54
Full Restore Process (cont.)
Restore Workflow FarmCreates a new Management database
Specify the time of disruption, used for consistency checks
Verification log (relative path) contains warnings about “suspect” inflight workflows
Add Workflow host to machine
On host 2 and 3Add the Service Bus HostAdd the Workflow HostSlide55
Applying Updates
Co-ordinating updates between SharePoint and Workflow ManagerAfter applying updates, you should rerun Register-
SPWorkflowService with the -Force switch. Adds a new deployment group
Republishes any updated SharePoint activities (in SharePoint update) to the Workflow Manager
farmSlide56
Wrap UpSlide57
Session Objectives and Takeaways
Understand the Workflow Manager architectureConfigure and Deploy Workflow Manager
Apply appropriate business continuity strategies for Workflow ManagerSlide58
MySPC
Sponsored by
connect.
reimagine.
transform.
Evaluate sessions
on
MySPC
using your
laptop or mobile device:
m
yspc.sharepointconference.comSlide59
©
2014
Microsoft Corporation. All rights reserved. Microsoft, Windows,
and
other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.
The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.