Edit

Highly available SharePoint farm

Microsoft Entra ID
Azure Load Balancer
SQL Server

Solution ideas

This article is a solution idea. If you'd like us to expand the content with more information, such as potential use cases, alternative services, implementation considerations, or pricing guidance, let us know by providing GitHub feedback.

This solution provides a highly available deployment of SharePoint using a load balanced Microsoft Entra ID, highly available SQL always on instance, and highly available SharePoint resources.

Potential use cases

This solution address the capability to deliver highly available intranet capability to teams within your business, by using the latest and greatest support platforms.

Architecture

Architecture Diagram Download an SVG of this architecture.

Use ExpressRoute or VPN Gateway for management access to resource group.

Dataflow

  1. Create resource group for the storage, network, and virtual machine, plus other dependent elements.
  2. Create virtual network to host the virtual machines and load balancers for the deployment. Ensure the network has appropriate network security groups implemented to protect network traffic flow.
  3. Create the storage accounts that will host the virtual hard disks (VHDs) for the machine images.
  4. Create the Active Directory installation using either a new virtual machine or Microsoft Entra Domain Services. If using Microsoft Entra Domain Services, consider synchronizing identities to Microsoft Entra ID with Microsoft Entra Connect.
  5. Create a Windows failover cluster and install a supported version of SQL Server on an Azure virtual machine (VM) or deploy pay-as-you-go instances of SQL Server.
  6. Deploy SharePoint onto multiple Azure VMs, or, use trial images from the gallery that already have SharePoint Server installed.
  7. Create the SharePoint farm.
  8. Set up an Azure external load balancer to direct incoming HTTPS traffic to the SharePoint server.
  9. Use ExpressRoute or VPN Gateway for management access to resource group.
  10. On-premises users can access the SharePoint sites via the internet, ExpressRoute, or VPN Gateway.
  11. External users can be granted access as required to the SharePoint sites for testing.

Components

  • Azure Resource Group: Container that holds related resources for an Azure solution
  • Virtual Network: Provision private networks, optionally connect to on-premises datacenters
  • Storage Accounts: Durable, highly available, and massively scalable cloud storage
  • Microsoft Entra ID: Synchronize on-premises directories and enable single sign-on
  • SharePoint Server: Microsoft's collaboration server product
  • Host enterprise SQL Server apps in the cloud
  • Load Balancer: Deliver high availability and network performance to your applications
  • Azure ExpressRoute: Dedicated private network fiber connections to Azure

Next steps