BRK3310 Optimize connectivity to Microsoft Dynamics CRM Online
55 Slides1.79 MB
BRK3310 Optimize connectivity to Microsoft Dynamics CRM Online Brandon Kelly, Roger Gilchrist Solution Architect
Introduction – Why am I here? More and more, companies are moving their workloads to the cloud. Connectivity is a key ingredient in ensuring reliability as these workloads move to the cloud. Corporate networks may not have been scaled to allow for increased volume and business critical nature of internet traffic. Dynamics CRM Online can play it’s part in this, with additional investments to address particular challenges coming The most impactful area to focus on is ensuring a performant network connection from the client to the Internet.
CRM Online Performance
What makes CRM Online performant (or not)? Good performance entails an understanding of how to design the right implementation, code for efficiency, test for reliability and support for performance. The best way to understand what performance bottlenecks exist is to start with a top-down approach. ISV Browse r
What’s a top down approach? App Platfor m Data Start with the experience closest to the end user. Take a fiddler trace or browser’s F12 debug tools. Attempt the same operation outside the UI with the SDK. Evaluate plugins and workflows invoked by the action. Avoid complex security models if possible (extensive use of access teams, complex BU hierarchies) Indexing may be needed, can be driven through Microsoft support case.
Connecting to CRM Online
Challenges When looking at network connectivity, there are many contributory components Important to break down and understand the relevant elements Optimisations likely to come from multiple elements too No single silver bullet typically involved WA N Internet
Challenge: LAN Connectivity DUBLIN FRANKFURT LAN Latency/ Saturation/ Client configuration Branch Offices Corporate Backbone Public Internet Microsoft Data Center
Challenge: WAN Connectivity DUBLIN Poor WAN Connectivity/ slow proxy/ poor client configuration FRANKFURT Branch Offices Corporate Backbone Public Internet Microsoft Data Center
Challenge: Internet Connectivity DUBLIN Regional Connectivity FRANKFURT Branch Offices Corporate Backbone Inefficient Routing Public Internet Microsoft Data Center
Challenge: Internet Security Security in Transit DUBLIN FRANKFURT Branch Offices Corporate Backbone Public Internet Microsoft Data Center
Challenge: HTTP Chattiness Http traffic e.g. auth negotiation, SSL negotiation DUBLIN FRANKFURT Branch Offices Time lost in round trips Particularly as length of connection and latency increases Corporate Backbone Public Internet Microsoft Data Center
Challenge: HTTP Chattiness CRM is particularly chatty, by design, in that cold loads will generate a lot of HTTP requests. Warm loads (where data is already cached in the browser) are significantly more performant, however, script extensions as well as server integrations can change the affect of these requests. As such, bandwidth and latency are key indicators of performance in many cases: Bandwidth should be at least 50kb/sec (minimum) Latency should be 150ms or less Organizations should surpass the minimums as much as possible.
Network Configuration Challenges
What performance would you expect Consider: Within region Cross Region Sanity check Expected latencies, and unexpected latencies Expected performance, can vary but 10s definitely slower than needs to be
Consider location Optimise for Compliance: may have compliance legislation insisting on location User base: most users/most important users ( important from perf perspective e.g. call centre users) Geography ( US to APAC quicker than EMEA to APAC)
Common challenges and optimisations Poor routing: optimise routing paths Slow proxies: whitelist or bypass proxy Serial connections: TCP Window Scaling, max concurrent requests Lack of client caching
Optimise slow implementation May ‘get away’ with slow implementation locally But distance amplifies expensive implementations Reduce round trips Avoid web service requests from javascript Too many or expensive sub grids may impact form load times Speed up requests Check for sync plug ins/workflows Check for blocking potential
Diagnose don’t ‘throw darts’ Don’t hope to hit with randomly thrown dart Analyse where time is going Try it locally v remote ( set up trial in client region, try client in server region e.g. on Azure Iaas): if still slow, then server or implementation may be bigger cause Try it outside corporate network: bypasses proxies, routing Try vanilla org e.g. trial, to eliminate implementation impact Network tracing e.g. fiddler, see what calls are made, which are slow, which are serialising Diagnostic tools What can Microsoft do for you (thousand eyes, telemetry) What can you do yourself?
Express Route
What is ExpressRoute – for IaaS Compliance ExpressRoute provides a private, dedicated, highthroughput network connection between onpremises and Microsoft Azure/Online Services Predictable performance Domain Joined Private Network
What is ExpressRoute – for CRM Compliance ExpressRoute provides a private, dedicated, highthroughput network connection between onpremises and Microsoft Azure/Online Services Predictable performance Domain Joined Private Network
Connectivity to Azure Azure Public Services Access all Azure Services Customer’s network Connectivit y provider infrastructu re Customer’s dedicated connection ExpressRout e Peering Site Azure Compute Traffic to Azure Storage, SQL DB, Traffic to VNets
Public v Private Peering Customer’s premises Internet DDOS, IDPS, Proxies Internet edge Firewall Storage IIS Servers Extranet Firewall Public Peering SQL Websites Azure public services ExpressRoute Circuit Private Peering Exchange AD/DNS SQL Farm Core Network Virtual Networks Microso ft Azure
ExpressRoute Locations Roadmap Locations: Available Today Washington D.C. Silicon Valley, CA London, UK Atlanta Dallas Hong Kong Singapore Chicago New York Seattle Roadmap* (NDA required) FY15 Q1: Amsterdam Los Angeles Tokyo Sydney Sao Paulo FY15 Q2: Dublin Azure datacenters ExpressRoute Locations (today) ExpressRoute Locations (Roadmap)
Express Route: high level picture DUBLIN Express Route FRANKFURT Branch Offices Corporate Backbone Dedicated Connection Circuit VPN Options Public Internet Microsoft Data Center
Express Route: high level picture Doesn’t prevent direct access DUBLIN Express Route FRANKFURT Branch Offices Corporate Backbone Dedicated Connection Circuit VPN Options Public Internet Microsoft Data Center
ExpressRoute & Microsoft Clouds O365, CRM – Microsoft Peering Customer’s network Partner Edge ExpressRoute Circuit Microsof t Edge Azure PaaS – Public Peering Traffic to Office 365 Services and CRM Online Traffic to public IP addresses in Azure Traffic to Virtual Networks Azure IaaS – Private Peering
Traffic to Microsoft Customer Network Internal Router configuration, routes traffic for Microsoft Online Services to ExpressRoute connected subnet Traffic routed at network level SR connected subnet must be public IP addresses Microsoft Network CRM Service Router configuration routes traffic via BGP session ExpressRoute Connected Subnet Partner Edge ExpressRoute Circuit Microsof t Edge Internal routing configuration routes traffic to appropriate service Microsoft Peering Customer responsibility routing Microsoft responsibility routing
Traffic from Microsoft Customer Network Public Internet Connection made to the internal service Router configuration routes traffic internally as appropriate either using public IP or ExpressRouteNAT IP Connected Subnet Microsoft Network Traffic routed at network level SR connected subnet must be public IP addresses to DNS published URLs Partner Edge Customer responsibility routing ExpressRoute Circuit Microsof t Edge Requests to external services looked up against DNS Then if IP registered against an ExpressRoute circuit, routes it internally CRM Service Traffic to IP registered against ExpressRoute routed over the BGP Session Microsoft Peering through the customer private circuit Microsoft responsibility routing
Express Route Costs Connectivity Provider Installation of hardware Costs Network setup & ongoing maintenance Azure Subscription Costs: Provision of service Metered/Unlimited Customer Network Configuration Costs Time/Effort or costs to outsourced IT Routing configuration, device management Costs are likely per ExpressRoute circuit If multiple locations, then likely costs multiplied by number of locations/circuits Also will take time to configure at customer side, not simply ‘flip switch and enable’
ExpressRoute and CRM
CRM External Connectivity Customer’s network O365, CRM – Microsoft Peering On-Prem Exchange Server On-Prem Customer System EWS Connectivity from CRM SSS Web Services Connectivity from CRM Plug ins/ to CRM endpoints ExpressRoute Partner Microsof Circuit Https Client connectivity to CRM Edge t Edge Azure PaaS – Public Peering Client PCs Azure IaaS – Private Peering
CRM Internal Cloud Connectivity AzurePaaS PaaS Azure CRM Push messages to/pull messages from Service Bus Data Sync for Search/Offline/ SQL Azure Exchange Web Service Requests Azure AD Authentication EWS O365, CRM SharePoint Web Service Requests
CRM Public/ Private Cloud Connec Azure PaaS Requests to SQL Azure/Cortana Analytics Suite Customer’s network Customer Push messages to/pull messages from Service Bus Https client connectivity to Portals/Surveys Web Service Requests to customer services Web Service Requests to CRM from customer services Web Service Requests to CRM from customer services Azure IaaS O365, CRM Web Service Requests to customer services
Connections from Single Location Connection simple from a single location Branch Nework in Holland Customer Data Center WAN Connection ExpressRoute Connected Subnet Customer Operations in Holland Partner Edge ExpressRoute Circuit
Connections from single region/ multiple locations Within a region, having multiple locations requires routing to the single entry point to ER Would typically have single ER circuit due Branch Network in Holland Customer Data Center to cost WAN Connection WAN Connection ExpressRoute Connected Subnet WAN Connection Customer Operations in Holland Partner Edge ExpressRoute Circuit
Connections from single region/ multiple locations WAN connection separate from ExpressRoute ER does not help if delays occur before entering ER Branch Network in Holland Customer Data Centre WANUsing Connection ExpressRoute will not WAN Connection overcome slow WAN network connections ExpressRoute Connected Subnet WAN Connection Customer Operations in Holland Partner Edge ExpressRoute Circuit
Multiple connections from single region ExpressRoute Circuit WAN Connection Partner Edge Branch Network in Holland WAN Connection Customer Data Centre ExpressRoute Connected Subnet WAN Connection Customer Operations in Holland Partner Edge ExpressRoute Circuit
Branch Network in France Customer Data Centre WAN Connection Not all connections need ER Subnet WAN Connection Route via Internet Connection to Microsoft WAN Connection Customer Operations in France Branch Network in Holland Customer Data Centre WAN Connection WAN Connection ExpressRoute Connected Subnet WAN Connection Customer Operations in Holland Partner Edge ExpressRoute Circuit
Branch Network in France Customer Data Centre WAN Connection ExpressRoute Connected Subnet WAN Connection Partner Edge ExpressRoute Circuit WAN Connection Customer Operations in France Branch Network in Holland But Multi-region can use multiple ER circuits Customer Data Centre WAN Connection WAN Connection ExpressRoute Connected Subnet WAN Connection Customer Operations in Holland Partner Edge ExpressRoute Circuit
Customer network configuration Need to configure network to connect to ExpressRoute Can be misconfigured in which case never reaches ER
Asymmetric Routing Connection to Microsoft e ut o R a vi 2. Request routed via internet direct to Microsoft t In t ne r e Branch Network in Holland Microsoft Cloud 1. Request to MS, via internet 4. Response rejected by firewall Customer Data Center 3. Response routed via ExpressRoute WAN Connection ExpressRoute Connected Subnet WAN Connection Customer Operations in Holland Partner Edge ExpressRoute Circuit
Exchange Integration Microsoft Network Requests to Exchange OnPremises, routed via DNS lookup to an ExpressRoute connected subnet Customer Network Connections to the on-premises Exchange server would need to be protected at the customer gateway ExpressRoute Connected Subnet Partner Edge ExpressRoute Circuit Microsof t Edge CRM Service Traffic is routed over private connection But the connection could come from any service, the network routing does not Microsoft validatePeering the requesting service is authorised to connect over that ExpressRoute circuit
Customer Service Integration Microsoft Network Requests to On-Premises systems, routed via DNS lookup to an ExpressRoute connected subnet Customer Network Connections to the on-premises service would need to be protected at the customer gateway ExpressRoute Connected Subnet Partner Edge ExpressRoute Circuit Microsof t Edge CRM Service Traffic is routed over private connection But the connection could come from any service, the network routing does not Microsoft validatePeering the requesting service is authorised to connect over that ExpressRoute circuit
Working with other Online Services
Express Route to Azure/ Office365 CRM Online DUBLIN Express Route Azure PaaS FRANKFURT Azure IaaS Branch Offices Corporate Backbone Public Internet Microsoft Data Center Can reuse same Express Route connection across CRM Online and other Online Services
Connecting from Azure IaaS to CRM CRM Online DUBLIN Express Route FRANKFURT Azure IaaS Branch Offices Corporate Backbone Public Internet Microsoft Data Center No direct link between Azure IaaS and CRM servers Within same data centre, will route internally
Mobility/ remote access Mobile Worker Direct Connection Connectivity can be direct to CRM Online Corporate WiFi or VPN CRM Online Express Route FRANKFURT Connectivity can also be via corporate infrastructure e.g. ADFS for authentication Branch Offices Corporate Backbone Public Internet Azure IaaS Microsoft Data Center Control of client routing is not provided by ER, device/netwo rk management is required
Express Route: outbound traffic DUBLIN Express Route FRANKFURT Branch Offices Corporate Backbone Outbound traffic will route back via Express Route for CRM e.g. custom web service requests, Server Side Sync Public Internet Microsoft Data Center
Summary
Overview Connectivity to Online can be impacted by a number of things Particularly if the first cloud service to be introduced, can hit existing limitations in internet connection Optimisations to the connection can be made in client and network ExpressRoute often considered as performance benefit but more appropriately positioned as a Compliance capability avoiding traffic crossing the internet Due to issues of configurations and expectations, approval required before enabling Making sure expectations are realistic before cost/effort expended by customer Ensure network assessments are done to avoid misconfiguration
Free IT Pro resources To advance your career in cloud technology Plan your career path Cloud role mapping Microsoft IT Pro Career Center Get started with Azure Self-paced curriculum byEssentials cloud role Microsoft IT Pro Cloud Demos and how-to videos Pluralsight 3 month subscription (10 courses) Connect with peers and experts www.microsoft.com/itprocareercenter Expert advice on skills needed www.microsoft.com/itprocloudessentials 300 Azure credits and extended trials Microsoft Mechanics www.microsoft.com/mechanics Phone support incident Weekly short videos and insights from Microsoft’s leaders and engineers Microsoft Tech Community Connect with community of peers and Microsoft experts https://techcommunity.microsoft.com
Please evaluate this session Your feedback is important to us! From your PC or Tablet visit MyIgnite at http://myignite.microsoft.com From your phone download and use the Ignite Mobile App by scanning the QR code above or visiting https://aka.ms/ignite.mobileapp
2016 Microsoft Corporation. All rights reserved.