Scott Schnoll Principal Technical Writer Microsoft Corporation UNC313 Agenda Exchange 2010 High Availability Vision/Goals Exchange 2010 High Availability Features Exchange 2010 High Availability Deep Dive Deploying Exchange.
Download ReportTranscript Scott Schnoll Principal Technical Writer Microsoft Corporation UNC313 Agenda Exchange 2010 High Availability Vision/Goals Exchange 2010 High Availability Features Exchange 2010 High Availability Deep Dive Deploying Exchange.
Scott Schnoll Principal Technical Writer Microsoft Corporation UNC313 Agenda Exchange 2010 High Availability Vision/Goals Exchange 2010 High Availability Features Exchange 2010 High Availability Deep Dive Deploying Exchange 2010 High Availability Features Transitioning to Exchange 2010 High Availability End-to-End Availability Improvements High Availability Design Examples Exchange 2010 High Availability Vision and Goals Vision: Deliver a fast, easy-to-deploy and operate, economical solution that can provide messaging service continuity for all customers Goals Deliver a solution for high availability and site resilience that is native to Exchange Enable less expensive and less complex storage Simplify administration and reduce support costs Increase end-to-end availability Support Exchange Server 2010 Online Exchange 2010 High Availability Solution Unified technology for high availability and site resilience New framework for creating highly available mailboxes Evolution of continuous replication technology Can be deployed on a range of storage options Native to Exchange; not bolted onto the side Exchange Server 2003 Outlook OWA, ActiveSync, or Outlook Anywhere San Jose Front End Server NodeA (active) Complex site resilience and recovery Clustered Mailbox Server had to be created manually NodeB (passive) Dallas DB1 DB2 Standby Cluster DB3 Third-party data replication needed for site resilience Clustering knowledge required DB1 DB4 DB2 DB5 DB3 DB6 Failover at Mailbox server level Exchange Server 2007 Outlook OWA, ActiveSync, or Outlook Anywhere SCR Client Access Server Standby Cluster DB3 No GUI to manage SCR NodeB (passive) CCR DB1 DB2 Clustered Mailbox Server can’t co-exist with other roles San Jose NodeA (active) Dallas Complex activation for remote server / datacenter Clustering knowledge required DB1 DB4 DB1 DB4 DB2 DB5 DB2 DB5 DB3 DB6 DB3 DB6 Failover at Mailbox server level Exchange Server 2010 Dallas All clients connect via CAS servers DB1 DB3 Mailbox Server 6 San Jose DB5 Easy to extend across sites Client Access Server Failover managed by/with Exchange Mailbox Server 1 Mailbox Server 2 Mailbox Server 3 Mailbox Server 4 Mailbox Server 5 DB1 DB4 DB2 DB5 DB3 DB2 DB5 DB3 DB1 DB4 DB3 DB1 DB4 DB2 DB5 Database level failover Exchange 2010 High Availability Feature Names Mailbox Resiliency – Name of Unified High Availability and Site Resilience Solution Database Availability Group – A group of up to sixteen mailbox servers that host a set of replicated databases Mailbox Database Copy – A mailbox database (.edb file and logs) that is either active or passive Database Mobility – The ability of a single mailbox database to be replicated to and mounted on other mailbox servers Exchange 2010 High Availability Feature Names RPC Client Access service – A Client Access server feature that provides a MAPI endpoint for Outlook clients Shadow Redundancy – A transport feature that provides redundancy for messages for the entire time they are in transit Incremental Deployment – The ability to deploy high availability /site resilience after Exchange is installed Exchange Third Party Replication API – An Exchangeprovided API that enables use of third-party replication for a DAG in lieu of continuous replication Exchange 2010 High Availability Terminology High Availability – Solution must provide data availability, service availability, and automatic recovery from failures Disaster Recovery – Process used to manually recover from a failure Site Resilience – Disaster recovery solution used for recovery from site failure *over – Short for switchover/failover; a switchover is a manual activation of one or more databases; a failover is an automatic activation of one or more databases after a failure Exchange 2010 *overs Within a datacenter Database or server *overs Datacenter level: switchover Between datacenters Database or server *overs Assumptions: Each datacenter is a separate Active Directory site Each datacenter has live, active messaging services Standby datacenter must be active to support single database *over Exchange 2007 Concepts Brought Forward Extensible Storage Engine (ESE) Databases and log files Continuous Replication Log shipping and replay Database seeding Store service/Replication service Database health and status monitoring Divergence Automatic database mount behavior Concepts of quorum and witness Concepts of *overs Exchange 2010 Deprecated Concepts Storage groups Databases identified by the server on which they live Server names as part of database names Clustered Mailbox Servers Pre-installing a Windows Failover Cluster Running setup in Clustered Mode Moving a CMS network identity between servers Shared storage Two HA copy limits Private and public networks Exchange 2010 HA Fundamentals Database Availability Group Server Database Database Copy Active Manager RPC Client Access DAG Database Availability Group (DAG) Base component of high availability and site resilience A group of up to 16 servers that host a set of replicated databases “Wraps” a Windows Failover Cluster Manages membership (DAG member = node) Provides heartbeat of DAG member servers Active Manager stores data in cluster database Defines a boundary for: Mailbox database replication Database and server *overs Active Manager Active Manager Exchange component that manages *overs Runs on every server in the DAG Selects best available copy on failovers Is the definitive source of information on where a database is active Stores this information in cluster database Provides this information to other Exchange components (e.g., RPC Client Access and Hub Transport) Two Active Manager roles: PAM and SAM Active Manager Primary Active Manager (PAM) Runs on the node that owns the cluster group Gets topology change notifications Reacts to server failures Selects the best database copy on *overs Standby Active Manager (SAM) Runs on every other node in the DAG Responds to queries about which server hosts the active copy of the mailbox database Both roles are necessary for automatic recovery If Replication service is stopped, automatic recovery will not happen Active Manager Selection of Active Database Copy Active Manager selects the “best” copy to become active when existing active fails Ignores servers that are unreachable or activation is temporarily or regularly blocked Sorts copies by currency to minimize data loss Breaks ties during sort based on Activation Preference Selects from sorted listed based on copy status of each copy Active Manager Selection of Active Database Copy Active Manager selects the “best” copy to become active when existing active fails 10 87 65 9 Catalog Copy status Crawling Healthy Healthy, DisconnectedAndHealthy, DisconnectedAndResynchronizing, or SeedingSource CopyQueueLength < 10 50 ReplayQueueLength ReplayQueueLength < 50 Example: Database Failover Database failure occurs Failure item is raised Active Manager moves active database Database copy is restored Similar flow within and across datacenters DAG Mailbox Server 1 Mailbox Server 2 Mailbox Server 3 Mailbox Server 4 Mailbox Server 5 DB1 DB4 DB2 DB5 DB3 DB2 DB5 DB3 DB1 DB4 DB3 DB1 DB4 DB2 DB5 Example: Server Failover Server failure occurs Cluster notification of node down Active Manager moves active databases Server is restored Cluster notification of node up Database copies resynchronize with active databases Similar flow within and across datacenters DAG Mailbox Server 1 Mailbox Server 2 Mailbox Server 3 Mailbox Server 4 Mailbox Server 5 DB1 DB4 DB2 DB5 DB3 DB2 DB5 DB3 DB1 DB4 DB3 DB1 DB4 DB2 DB5 DAG Lifecycle DAG is created initially as empty object in Active Directory Continuous replication or 3rd party replication using Third Party Replication mode When first mailbox server is added to a DAG A Windows failover cluster is formed with a Node Majority quorum using the name of the DAG The server is added to the DAG object in Active Directory A cluster network object (CNO) for the DAG is created in the built-in Computers container One or more IP addresses is assigned to the DAG The Name and IP address(s) of the DAG is registered in DNS The cluster database for the DAG is updated with info on configured databases, including if they are locally active (which they should be) DAG Lifecycle When second and subsequent Mailbox server is added to a DAG The server is joined to cluster for the DAG The quorum model is automatically adjusted Node Majority - DAGs with odd number of members Node and File Share Majority - DAGs with even number of members File share witness cluster resource, directory, and share are automatically created by Exchange when needed The server is added to the DAG object in Active Directory The cluster database for the DAG is updated with info on configured databases, including if they are locally active (which they should be) DAG Lifecycle After servers have been added to a DAG Configure the DAG Network Encryption Network Compression Configure DAG networks Network subnets Enable/disable MAPI traffic/replication Create mailbox database copies Seeding is performed automatically Monitor health and status of database copies Perform switchovers as needed DAG Lifecycle Before you can remove a server from a DAG, you must first remove all replicated databases from the server When a server is removed from a DAG: The server is evicted from the cluster The cluster quorum is adjusted as needed The server is removed from the DAG object in Active Directory Before you can remove a DAG, you must first remove all servers from the DAG Deploying Exchange 2010 HA Features Legacy Deployment Steps (CCR/SCC) Legacy Deployment Steps (CCR/SCC) Exchange 2010 Incremental Deployment Prepare hardware, install proper 1. 1. Prepare hardware, install proper OS,OS, 1. update andand update Extra configure storage 2. Extra for for SCC:SCC: configure storage Build Windows Failover Cluster 2. 2. Build Windows Failover Cluster 3. Extra configure storage 4. Extra for for SCC:SCC: configure storage Configure cluster quorum, share 3. 3. Configure cluster quorum, filefile share witness, public private witness, andand public andand private networks networks Setup in Custom mode install 4. 4. RunRun Setup in Custom mode andand install clustered mailbox server clustered mailbox server Configure clustered mailbox server 5. 5. Configure clustered mailbox server Extra configure Extra for for SCC:SCC: configure diskdisk resource dependencies resource dependencies *overs 6. 6. TestTest *overs Prepare hardware, install proper OS, and update Run Setup and install Mailbox role Create a DAG and replicate databases Test *overs Exchange 2010 Incremental Deployment Create a DAG New-DatabaseAvailabilityGroup -Name DAG1 -FileShareWitnessShare \\EXHUB1\DAG1FSW -FileShareWitnessDirectory C:\DAG1FSW Add first Mailbox Server to DAG Add-DatabaseAvailbilityGroupServer -Identity DAG1 -MailboxServer EXMBX1 -DatabaseAvailablityGroupIpAddresses 10.0.0.8 Add second and subsequent Mailbox Server Add-DatabaseAvailabilityGroupServer -Identity DAG1 -MailboxServer EXMBX2 Add-DatabaseAvailabilityGroupServer -Identity DAG1 -MailboxServer EXMBX2 -DatabaseAvailablityGroupIpAddresses 10.0.0.8,10.0.1.8 Add Mailbox Database Copy Add-MailboxDatabaseCopy -Identity MBXDB1 -MailboxServer EXMBX3 Extend as needed Creating a database availability group Adding servers to a database availability group Add mailbox database copy Database switchover Transition Steps Verify that you meet requirements for Exchange 2010 Deploy Exchange 2010 Use Exchange 2010 mailbox move features to migrate Unsupported Transitions In-place upgrade to Exchange 2010 from any previous version of Exchange Using database portability between Exchange 2010 and non-Exchange 2010 databases Backup and restore of earlier versions of Exchange databases on Exchange 2010 Using continuous replication between Exchange 2010 and Exchange 2007 Exchange 2010 End-to-End Availability Improvements E-Mail Client Online Move Mailbox Supported between Exchange 2010 databases, and between Exchange 2007 SP2 and Exchange 2010 databases User can access their mailbox while move is in progress Move is performed asynchronously by a new service called the Microsoft Exchange Mailbox Replication Service (MRS), which runs on Client Access servers Client Access Server Mailbox Server 1 Mailbox Server 2 Exchange 2010 End-to-End Availability Improvements RPC Client Access service A new service that establishes a RPC endpoint for client access on the CAS role to replace the existing RPC endpoint on the Mailbox role New RPC endpoint entirely re-written in managed code Re-factored common business logic from Exchange 2007 that overlaps with what is needed by the RPC endpoint Cmdlets, performance counters, etc. to manage and monitor Does not replace RPC endpoint for public folder databases; Outlook clients logon directly with public folder store to access public folder databases Exchange 2010 End-to-End Availability Improvements Shadow Redundancy Mailbox Server Hub Transport Edge Transport X Edge Transport Servers keep “shadow copies” of items until they are delivered to the next hop Also helps simplify Hub and Edge Transport Server upgrades and maintenance Exchange 2010 End-to-End Availability Improvements Transport Dumpster Improvements Gets feedback from replication pipeline to let it know when to delete items Once something has been delivered, and the logs for the message are replicated, transport dumpster can delete the message Replay is not required for deleting items from dumpster; only data in dumpster is data that has not yet been replicated Responds to requests for redelivery after lossy failover both within its Active Directory site and across Active Directory sites (old site and new site) Exchange 2010 End-to-End Availability Improvements Using 3 or more database copies enables you to use replication for your backups Site/Server/Disk failure Archiving/Compliance Recover deleted items Exchange 2010 HA E-mail Archive Hold Policy Database Availability Group Mailbox Server 1 Mailbox Server 2 Mailbox Server 3 DB1 DB1 DB1 DB2 DB2 DB2 DB3 DB3 DB3 X High Availability Design Example Branch/Small Office Design 8 processor cores recommended with a maximum of 64GB RAM UM role not recommended for co-location Client Access Hub Transport Mailbox Client Access Hub Transport Mailbox DB2 Member servers of DAG can host other server roles 2-server DAGs should use RAID High Availability Design Example Double Resilience – Maintenance + DB Failure 2 servers outSite -> manual Single activation of server 3 3 Nodes In 3 server DAG, quorum is lost 3 HA Copies DAGs with more servers sustain more JBOD– greater -> 3 physical Copies failures resiliency Mailbox Server 1 Mailbox Server 2 Mailbox Server 3 X Database Availability Group High Availability Design Example Double Node/Disk Failure Resilience Mailbox Server 1 Mailbox Server 2 Mailbox Server 3 X Database Availability Group (DAG) Mailbox Server 4 Key Takeaways Greater end-to-end availability with Mailbox Resiliency Unified framework for high availability and site resilience Faster and easier to deploy with Incremental Deployment Reduced TCO with core ESE architecture changes and more storage options Supports large mailboxes for less money Resources www.microsoft.com/teched www.microsoft.com/learning Sessions On-Demand & Community Microsoft Certification & Training Resources http://microsoft.com/technet http://microsoft.com/msdn Resources for IT Professionals Resources for Developers www.microsoft.com/learning Microsoft Certification and Training Resources Related Content Breakout Sessions (session codes and titles) • UNC316 - Microsoft Exchange Server 2010 Architecture • UNC321 - Storage in Microsoft Exchange Server 2010 Interactive Theater Sessions (session codes and titles) • UNC02-TLC - Designing Microsoft Exchange Server 2010 High Availability Solutions Hands-on Labs (session codes and titles) • UNC12-HOL - Microsoft Exchange Server 2010 High Availability and Storage Scenarios Call to Action Learn More! Related Content at TechEd on “Related Content” Slide Attend in-person or consume post-event at TechEd Online Check out online learning/training resources http://technet.microsoft.com/exchange/2010 http://technet.microsoft.com/office/ocs Try It Out! Download the Exchange Server 2010 Beta Evaluation http://www.microsoft.com/exchange/2010/try-it Get a 5-Day Trial of Office Communications Server 2007 R2 https://r2.uctrial.com/ Complete an evaluation on CommNet and enter to win! © 2009 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.