The SharePoint platform is a flexible, n-tier service-oriented architecture (SOA). It can be scaled down to operate entirely from one machine, or scaled up to be managed across hundreds of machines.
There are few parts in SharePoint architecture: farms, web applications, site collections, service applications, administration and security.
A SharePoint farm is a group of SharePoint servers that share common resources. A farm can operate stand-alone or it can also subscribe to functionality from another farm, or provide functionality to another farm. Each farm has its own central configuration database, which is managed through a either a PowerShell interface, or a Central Administration website (which relies partially on PowerShell's infrastructure).
Each server in the farm is able to directly interface with the central configuration database. Servers use this to configure services (e.g. Internet Information Services (IIS), windows features, database connections) to manage the requirements of the farm, and to report server health issues, resource allocation issues, etc.
Web Applications (WAs) are top-level containers for content in a SharePoint farm, and are typically the interface through which a user interacts with SharePoint. A web application is associated with a set of access mappings or URLs which are defined in the SharePoint central management console, then automatically replicated into the IIS configuration of every server configured in the farm. WAs are typically independent of each other, have their own application pools, and can be restarted independently in IIS.
A site collection is used to provide a group of SharePoint Sites. Each web application will typically have at least one site collection. Site collections may be associated with their own content databases, or they may share a content database with other site collections in the same web application.
Service Applications (SAs) provide granular pieces of SharePoint functionality to other web and service applications in the farm. Examples of service applications include the User Profile Sync service, and the Search Indexing service. An SA can be turned off, exist on one server, or be load-balanced across many servers in a farm. SAs are designed to be as independent as possible, so depending on the SA, restarting an SA, experiencing an SA failure, or misconfiguring an SA may not necessarily prevent the farm from operating.
Each SA enabled on the farm typically has its own process that requires a certain amount of RAM to operate, and typically also has its own configuration database and Active Directory (AD) service account. SharePoint Server and SharePoint Enterprise include all the SharePoint Foundation SAs, as well as additional SAs.
Administration and security
The modular nature of SharePoint's architecture enables a secure least-privileges execution permission.
SharePoint Central Administration (the CA) is a web application that typically exists on a single server in the farm, however it can also be deployed for redundancy to multiple servers. This application provides a complete centralized management interface for web and service applications in the SharePoint farm, including AD account management for web and service applications.
In the event of the failure of the CA, Windows PowerShell is typically used on the CA server to reconfigure the farm. The structure of the SharePoint platform enables multiple WAs to exist on a single farm. In a shared (cloud) hosting environment, owners of these WAs may require their own management console. The SharePoint Tenant Administration (TA) is an optional web application used by web application owners to manage how their web application interacts with the shared resources in the farm.
In my next post on SharePoint, I am going to describe the SharePoint parts that a user interfaces with: site collections, sites, libraries, lists.