Multi-tenancy of SharePoint 2010 基础
什么是Multi-tenancy
==========================
Microsoft® SharePoint® Server 2010 has the capability to isolate and separate data from different Web sites while sharing service application resources across these same sites. This capability is called multi-tenancy.
Multi-tenancy of services creates a true hosting environment and makes it possible to share service resources across customers (tenants) while partitioning data based on site subscriptions.
Site subscriptions group tenant data across all site collections owned by the tenant, and provide the ability to separate and group each tenant’s data in an otherwise shared environment.
Administrators can centrally deploy and manage features and services while giving tenants full control over the usage and experience.
什么是Site Subscriptions
==========================
Multi-tenancy relies on site subscriptions and subscription IDs.
Site collections for each tenant are grouped together by site subscription based on a common subscription ID.
The subscription ID is used to map features and services to tenants and also to partition service data according to tenant.
- 单个site subscription必须都存在于一个相同的farm内. Tenant Admin仅在本web application的范围内有效.
- 多个site subscription可以被寄存在同一个web application内. 多个site subscription可以共享同一个数据库.
- 管理员定义那些service对于每个tenant是可用并可见的. Tenant的Subscription ID被用来映射service partitions到site collection上.
- 所有的tenant可以共享某个service的数据. 比如说, 一个组织的所有分支都可共享profile数据. 这种情况下, 这些分支都使用一份non-partitioned service.
- Service数据可以为每个tenant而分区(partition), 用来确保这个消费者的数据不会暴露给其他的tenant. 在这种情况下, 这个单个的tenant的数据被存在该service的一份单独的数据分区(partition)中.
角色
=========================
对multi-tenancy的管理功能可以根据hosting的角色分为如下的表格.
Role |
Description |
Hosting company |
Manages the farm-level settings and hardware Controls database configurations Installs all new approved features and solutions Can brand the Tenant Administrator pages |
Hosted company administrator |
Purchases space, features, and bandwidth from hosting company Controls the architecture of customer sites but not the content Reviews usage statistics |
Hosted company |
Owns site collection Installs or removes features and solutions Configures features and services Reviews usage statistics |
架构的选择
============================
仅在对isolation要求高的时候为每一个客户指定一个单独的application pool.
仅在customization会影响到共享资源的时候为每个tenant指定一个单独的web application, 如web.config.
多个tenant合并在同一个web application的时候, 最好指定一个单独的web application用来放需要认证用户才能访问的内容, 指定另一个单独的web application来存放匿名用户可以访问的内容. 这会需要tenant对两种内容有两个单独的subscription id.
不允许full-trust 的代码被部署在site上. 不允许会影响共享资源(比如web.config)的customization.
使用host-named site collection来创建多个root level的site collections.
在SharePoint 2010中你可以在同一个web application中既使用host-named site collection, 又使用managed path.
Multi-Tenancy和content database
===========================
为了保证将来的升级可以被简单达成, 下面的指导方针应该被应用在管理tenancy和其对应的内容数据库.
- 如果任何tenant必须占用多于一个的数据库, 那么这些数据库必须仅为这个tenant服务.
- 如果任何tenant跟其他的tenant共享数据库, 那么这些tenant就不应该占用多于一个的数据库.
Setup
==========================
有一篇关于SharePoint Multi-tenancy的white paper, 其中有对创建过程的详细描述.
注意, White Paper中的脚本有个错误, 纠正如下. 原网页没有留言的地方, 所以无法把该错误反映给微软的作者, 也无法提醒其他读者, 只好仅记录在这里了.
Feature Packs
=========================
A Feature Pack is nothing more than a collection of Features that can be associated with a Site Subscription.
Site Subscription
========================
What is a Site Subscription? In its simplest form, a Site Subscription is just a unique identifier (a GUID) that represents a single tenant.
You will need to create a Site Subscription to identify every tenant you wish to create. Once it’s created, you can associate Feature Packs, the Tenant Administration Site, and any new Site Collections with the Site Subscription.
有用的 PowerShell Commands
========================
目的 | 命令 |
得到service的app pool | get-spserviceapplicationpool |
得到web application的app pool | [Microsoft.SharePoint.Administration.SPWebService]::ContentService.ApplicationPools |
得到管理帐户 | Get-SPManagedAccount |
得到web application | Get-SPWebApplication |
得到proxy group | Get-SPServiceApplicationProxyGroup |
得到当前场 | Get-spfarm |
得到Subscription service application |
$app = Get-SPServiceApplication |? {$_.TypeName -eq "Microsoft SharePoint Foundation Subscription Settings Service Application"} |
得到Subscription 的proxy |
$proxy = Get-SPServiceApplicationProxy |? {$_.TypeName -eq "Microsoft SharePoint Foundation Subscription Settings Service Application Proxy"} |
创建新的feature pack | New-SPSiteSubscriptionFeaturePack |
创建新的site collection | New-SPSite $url -owneralias $owneralias -sitesubscription $sub -hostheaderwebapplication $wa -template $template -contentdatabase $contentdatabase | |
为site collection指定profile service的信息 |
Add-SPSiteSubscriptionProfileConfig -id $sub -MySiteHostLocation "$url/mysite" -MySiteManagedPath "mysite/personal" -SynchronizationOU $profileOU -ProfileServiceApplicationProxy (Get-SPServiceApplicationProxy |?{$_.TypeName -eq "User Profile Service Application Proxy"}) |
为site配置用户所在的OU | Set-SPSiteSubscriptionConfig $url -UserAccountDirectoryPath $ou |
配置站点的用户路径为某一个OU |
stsadm -o setsiteuseraccountdirectorypath -path "OU=Contoso,DC=Hosting,DC=com" –url http://intranet.contoso.com |
Reference
========================
White paper: SharePoint 2010 for hosters (SharePoint Server 2010)
http://technet.microsoft.com/en-us/library/ff652528.aspx
Automating Microsoft SharePoint 2010 with Windows PowerShell 2.0 (book excerpt)
Chapter 20: Multi-Tenancy