The EPIC Exchange Preferred Architecture Debate 9/18/2018 8:32 PM The EPIC Exchange Preferred Architecture Debate © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
Session objectives and takeaways Tech Ready 15 9/18/2018 Session objectives and takeaways At the end of this session, you should be better able to… Understand the PA guidelines Make the best choice based on your requirements Question the sanity of the panelists © 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
Exchange 2016 supports 192GB of memory! 9/18/2018 8:32 PM Exchange 2016 supports 192GB of memory! Announcing… © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
Item Recovery Enhancements 9/18/2018 8:32 PM Item Recovery Enhancements Announcing… © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
Item Recovery Enhancement Get-RecoverableItems Restore-RecoverableItems Administrators will have the ability to: Search Deleted Items & Recover Deleted Items folders directly with no end-user interaction Restore deleted items directly to their original folder location Control both the type and amount of items restored Restore items for users in bulk with custom scripts
The panelists… 9/18/2018 8:32 PM Aaron Chow Architect Ross Smith IV Principal Program Manager Microsoft “Master of Excel IF Statements” Aaron Chow Architect The Walt Disney Corporation “The original Mouseketeer” Phoummala Schmitt Infrastructure Technical Lead Independence Blue Cross “@ExchangeGoddess, need I say more?” Mike Cooper Messaging Engineering Manager General Motors “Vroom vrooom” Jeff Guillet Principal Systems Architect EXPTA Consulting “THE Exchange MVP” Lin Chen Senior PM Lead “need catch phrase” © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
How many of you follow the PA? Image taken from https://www.youtube.com/watch?v=g8key8Zcmz4
Sample questions Should I follow the PA? Should I deploy SSD? Should I virtualize Exchange? What should I do if I plan to have a hybrid deployment with O365? What size mailbox should I deploy? Are 1GB mailboxes valid anymore? Third-party archiving solutions or keep in Exchange?
Please evaluate this session Your feedback is important to us! 9/18/2018 8:32 PM Please evaluate this session Your feedback is important to us! From your PC or Tablet visit MyIgnite at http://myignite.microsoft.com From your phone download and use the Ignite Mobile App by scanning the QR code above or visiting https://aka.ms/ignite.mobileapp © 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
Exchange/Outlook Ignite Attendee Schedule Sunday Monday Tuesday Wednesday Thursday Friday Inside Exchange Online BRK4029 2:15 pm Scott Schnoll’s Exchange tips and tricks BRK3222 9 am ---------------------------------- Group collaboration in Microsoft Outlook BRK2252 9 am Deploying and using Outlook mobile in the Enterprise BRK3184 9 am What can you do with Office 365 Groups in Outlook? BRK1074 9:00 am ------------------------------- Thrive as an enterprise organization in Microsoft Exchange Online BRK3155 9:00 am Design your Exchange infrastructure right (or consider moving to Office 365) BRK3158 9:00 am Exchange and Outlook mega "ask the experts" BRK3157 12:30 pm Exchange Online Multi-Geo Capabilities BRK3248 10:45 am Secure Exchange on-premises as well as Microsoft secures Exchange Online BRK3263 10:45 am Investigate tools and techniques for Exchange performance troubleshooting BRK4021 9:00 am Ten critical areas for those moving from Exchange on-premises to Office 365 BRK3332 4 pm ----------------------------------- Protect and control your sensitive emails with new Office 365 Message Encryption capabilities BRK2203 4 pm The epic Exchange preferred architecture debate BRK3154 12:30 pm -------------------------------- What's new and what's coming in the Microsoft Outlook family of apps BRK2251 2:15 pm Improvements and innovations in calendaring with Microsoft Outlook and Exchange BRK3185 10:45 am -------------------------------- Using the FastTrack Center for a successful hybrid migration BRK3265 12:30 pm Modern authentication for Exchange Server on-premises BRK3249 11:30 am Implementing Exchange Online Protection for on-premises Exchange BRK2216 4 pm The top five PowerShell commands for Exchange THR2088 3:35 pm Running Exchange hybrid over the long term BRK3186 2:15 pm ------------------------------- Exchange High Availability and Storage for Insiders BRK4022 2:15 pm Transitioning from distribution lists to Office 365 Groups in Outlook BRK3259 4:30 pm Troubleshooting complex Exchange operational issues BRK3264 4:00 pm Microsoft Exchange: Through the eyes of MVPs (Panel discussion) BRK2248 4:00 pm Tackling cross-tenant Office 365 integration and migrations: Three things you need to know THR2080 4:05 pm --------------------------------- What can you do with Office 365 Groups in Outlook? THR1014 4:05 pm Spend less time managing data and more time with customers: Quick tour of Outlook Customer Manager THR1029 7:05 pm Improving calendaring in Microsoft Office 365 and Outlook THR2153R 10:20 am Collaborate with people outside your company with Office 365 Groups in Outlook THR2042R 10:50 am What’s new with Microsoft Exchange Online Public Folders THR2086 12:05 pm -------------------------------- Troubleshooting Exchange ActiveSync devices THR3022 1:05 pm Collaborate with people outside your company with Office 365 Groups in Outlook THR2042 10:50 am Dive deeper into what’s new and what’s coming for Outlook on the web THR2045 11:35 am Using Outlook in Office 365 for Education THR2041 12:35 pm --------------------------------- Dive deeper into what’s new and what’s coming for Outlook for Windows THR2043 1:05 pm Troubleshooting Exchange ActiveSync devices THR3022R 1:40 pm What’s new with Microsoft Exchange Online Public Folders THR2086R 10:20 am --------------------------------- Dive deeper into what’s new and what’s coming for Outlook for Window THR2043R 11:05 am Edge Transport servers and Hybrid: Why, or why not? THR4000 2:50 pm --------------------------------- Dive deeper into what’s new and what’s coming for Outlook on the web THR2045R 2:50 pm -------------------------------- Dive deeper into what’s new and what’s coming for Outlook for iOS and Android THR2046 3:35 pm ------------------------------ Improving calendaring in Microsoft Office 365 and Outlook THR2153 5:35 pm Dive deeper into what’s new and what’s coming for Outlook for Mac THR2044 1:35 pm ------------------------------ Dive deeper into what’s new and what’s coming for Outlook for iOS and Android THR2046R 2:50 pm ----------------------------- Dive deeper into what’s new and what’s coming for Outlook for Mac THR2044R 3:35 pm Expo Hall Exchange booth and Outlook booth 12:30 – 7:30 pm 10:00 – 6 pm 10:00 – 4 pm Pre-day session: Exchange Hybrid: From Cradle to Grave PRE07 9 – 4 pm Interactive Digital Labs 12:15 – 4 pm: * Managing and operating a hybrid deployment HOL3091 * Performing an Exchange hybrid deployment with Microsoft Office 365 HOL3093 NOTE – ALL LABS AVAILABLE ALL WEEK LONG Interactive Digital Labs 7:30 – 6 pm: * Migrate legacy Public Folders to Exchange Server 2016 HOL3113 * Upgrade from Exchange Server 2010 to Exchange Server 2016 HOL3098 Interactive Digital Labs 7:30 – 6 pm: * Troubleshooting a hybrid Exchange deployment HOL3096 * Using minimal hybrid configuration in Exchange hybrid deployments HOL3111 Interactive Digital Labs 7:30 – 5:15 pm * Upgrading distribution groups to Office 365 Groups HOL3099 NOTE – ALL LABS AVAILABLE ALL WEEK LONG Interactive Digital Labs 8 – 1:45 pm
9/18/2018 8:32 PM © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
PA Notes
Why? Failure is a fact of life Complexity breeds failure Drive failure to be predictable Complexity introduces multiple recovery scenarios There can only be one: activation of another database copy Remove unnecessary redundancy Microsoft Comic taken from http://xkcd.com/1737
Preferred architecture – namespace design 9/18/2018 8:32 PM Preferred architecture – namespace design For a site resilient datacenter pair, a single namespace / protocol is deployed across both datacenters autodiscover.contoso.com HTTP: mail.contoso.com IMAP: imap.contoso.com SMTP: smtp.contoso.com For Office Online Server, a namespace is deployed per datacenter Load balancer configuration For Exchange VIPs: no session affinity, one VIP/datacenter, per-protocol health checking For OWAS VIPs: session affinity Round robin, geo-DNS, or other solutions are used to distribute Exchange traffic equally across both datacenters DC2 DC1 mail VIP © 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
Load balancing Exchange Like 2013, Exchange 2016 does not require session affinity at the load balancing layer For a given protocol session, MBX now maintains a 1:1 relationship with the server hosting the user’s data Remember to configure health probes to monitor healthcheck.htm, otherwise LB and MA will be out of sync Check load balancer for “action on service down” or similar setting Allows LB to reject connections if all pool members are failed, forcing client to utilize another path Load balancer configuration and health probes will factor into namespace design Single Namespace / Layer 7 (No Session Affinity) is the preferred approach
Single namespace/layer 7 (no session affinity) TechReady 16 9/18/2018 Single namespace/layer 7 (no session affinity) MBX OWA ECP EWS EAS OAB MAPI RPC AutoD Health check executes against each virtual directory health check USER mail.contoso.com Layer 7LB autodiscover.contoso.com © 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
Exchange connection management Recommendation is to use one of two types Round robin Least connections Least connections has fast convergence time Least connections can lead to server instability if “least” server in the pool is inundated with requests Use “slow start” feature to mitigate this Round robin has slow convergence time with long-lived connections (RPC/HTTP) MAPI/HTTP is not affected
Geo-distributed namespace mail.contoso.com DNS Resolution DNS Resolution Sue (somewhere in NA) na.contoso.com eur.contoso.com Jane (somewhere in Europe) na VIP1 na VIP2 eur VIP1 eur VIP2 DAG DAG
OOS namespace planning and load balancing Always deploy a separate namespace for OOS For site resilience, follow a bound namespace model for OOS Even when Exchange leverages an unbound namespace Namespace manipulation during datacenter activation is not required Requires persistence at the load balancer autodiscover.contoso.com mail.contoso.com oos-west.contoso.com oos-east.contoso.com West East autodiscover VIP mail VIP oos-west VIP autodiscover VIP mail VIP oos-east VIP DAG OOS OOS oos-west.contoso.com oos-east.contoso.com
Preferred architecture – DAG design Each datacenter should be its own Active Directory site Increase DAG size density before creating new DAGs DAG configuration Unbound, symmetrical DAG model spanning across datacenters No administrative access point Single network for replication and client traffic Utilize a third datacenter or Azure for Witness server placement, if possible Database configuration Deploy four copies, two copies in each datacenter Distribute active copies across all servers in the DAG One copy is a lagged copy (seven days) with automatic play down enabled Native Data Protection is utilized DC1 mail VIP DC2 mail VIP DAG DC3/Azure Witness Server
Native Data Protection Reason for Backup Exchange 2016 Software / Hardware / Datacenter Failures Mailbox Resiliency Accidental / Malicious Item Deletion Single Item Recovery or In-Place Hold Physical Corruption Single Page Restore Logical Corruption In-Place Hold Calendar Repair Mailbox Moves New-MailboxRepairRequest and Lagged Database Copy Single Page Restore Administrative / Automation Errors Rogue Administrators RBAC Corporate/Regulatory Compliance Requirements In-Place Hold Long-term Data Retention Large Mailbox and/or Archive Mailbox
Preferred architecture – DAG design Servers are deployed on commodity hardware Dual-socket systems only (24 cores total, mid-range processors) Up to 96GB of memory All servers handle both client connectivity and mailbox data JBOD storage Large capacity 7.2k SAS disks Battery-backed cache controller (75/25) Multiple databases/volume AutoReseed with hot spare Data volumes are formatted with ReFS Data volumes are encrypted with BitLocker DAG mail VIP