Presentation is loading. Please wait.

Presentation is loading. Please wait.

VAROVANJE VIRTUALIZIRANEGA DATACENTRA – VISOKA RAZPOLOŽLJIVOST Gorazd Šemrov Microsoft Consulting Services

Published byNorman Burke Modified over 8 years ago

Similar presentations

Presentation on theme: "VAROVANJE VIRTUALIZIRANEGA DATACENTRA – VISOKA RAZPOLOŽLJIVOST Gorazd Šemrov Microsoft Consulting Services"— Presentation transcript:

1 VAROVANJE VIRTUALIZIRANEGA DATACENTRA – VISOKA RAZPOLOŽLJIVOST Gorazd Šemrov Microsoft Consulting Services gorazd.semrov@microsoft.com

2 DATA PROTECTION PLANNING CONSIDERATIONS What needs protection? Local resources (physical & virtual) Remote sites What are your recovery goals? Prioritize by tier Organizational expectations Do you have a disaster recovery plan? Downtime RPO/RTO Testing How much bandwidth do you have to manage protection? Is your time better spent on other priorities? What are your budgetary realties?

3 HOST CLUSTERING Cluster service runs inside (physical) host and manages VMs VMs move between cluster nodes Live Migration – No downtime Quick Migration – Session state saved to disk CLUSTER SAN

4 CLUSTER GUEST CLUSTERING Cluster service runs inside a VM Apps and services inside the VM are managed by the cluster Apps move between clustered VMs iSCSI

5 GUEST VS. HOST: HEALTH DETECTION FaultHost ClusterGuest Cluster Host Hardware Failure Parent Partition Failure VM Failure Guest OS Failure Application Failure

6 HOST + GUEST CLUSTERING Optimal solution offer the most flexibility and protection VM high-availability & mobility between physical nodes Application & service high-availability & mobility between VMs Increases complexity CLUSTER GUEST CLUSTER SAN CLUSTER SAN iSCSI

7 SETTINGS: ANTIAFFINITYCLASSNAMES AntiAffinityClassNames Groups with same AACN try to avoid moving to same node http://msdn.microsoft.com/en- us/library/aa369651(VS.85).aspxhttp://msdn.microsoft.com/en- us/library/aa369651(VS.85).aspx Enables VM distribution across host nodes Better utilization of host OS resources Failover behavior on large clusters: KB 299631KB 299631

8 SETTINGS: AUTO-START Mark groups as lower priority Enables the most important VM to start first Group property Enabled by default Disabled VMs needs manual restart to recover after a crash

9 SETTINGS: PERSISTENT MODE HA Service or Application will return to original owner Better VM distribution after cold start Enabled by default for VM groups Disabled by default for other groups

10 MULTI-SITE CLUSTERING CONSIDERATIONS Network Compute Quorum Storage

11 MULTI-SITE CLUSTERS FOR DISASTER RECOVERY What are Multi-Site Clusters? A single cluster solution extended over metropolitan wide distances to protect against datacenter failures Site A Site B Nodes are located at a physically separate site

12 MULTI-SITE CLUSTERING CONSIDERATIONS Network Compute Quorum Storage

13 STORAGE DEPLOYMENT OPTIONS Cluster Traditional Storage Shared-Nothing Storage Model Unit of Failover at LUN/Disk level Ideal for Hyper-V Quick Migration scenarios Disks

14 STORAGE DEPLOYMENT OPTIONS Disk Multiple nodes to concurrently access Unit of Failover is at VM level Ideal for Hyper-V Quick and Live Migration VENDOR support Cluster Shared Volumes (CSV)

15 REPLICATION METHOD: SYNCHRONOUS Host receives “write complete” response from the storage after the data is successfully written on both storage devices Primary Storage Secondary Storage 4. Write Complete 2. Replication 3. Acknowledgement 1. Write Request

16 REPLICATION METHOD: ASYNCHRONOUS Host receives “write complete” response from the storage after the data is successfully written to just the primary storage device, then replication Primary Storage Secondary Storage 2. Write Complete 1. Write Request 3. Replication

17 COMPARING DATA REPLICATION METHODS SynchronousAsynchronous Recovery Point Objectives (RPO) High Business Impact, critical application (RPO = 0) Medium-Low Business Impact, critical applications ( RPO > 0 ) Application I/O Performance For applications not sensitive to high IO latency Applications sensitive to high IO latency Distance between sites50 km to 300 km >200 km Bandwidth costHighMid-Low

18 CLUSTER VALIDATION WITH REPLICATED STORAGE Multi-Site clusters are not required to pass the Storage tests to be supported Validation Guide and Policy http://go.microsoft.com/fwlink/?LinkID=119949

19 ASYMMETRICAL STORAGE SUPPORT IN SP1 Improves multi-site cluster experience Storage only visible to a subset of nodes Storage Topology used for Smart placement Workload placement based on it’s underlying storage connectivity Disk set #1 Disk set #2 N1 N2 N3 N4 Disk #1 is visible on N1&N2 and Disk #2 on N3 & N4 SQL and non-SQL workloads separated

20 CHOOSING A STRETCHED STORAGE MODEL Traditional Cluster Storage Cluster Shared Volumes Live Migration Hardware ReplicationConsult vendor Software Replication Appliance ReplicationConsult vendor

21 MULTI-SITE CLUSTERING CONSIDERATIONS Network Compute Quorum Storage

22 NETWORK DEPLOYMENT OPTIONS Stretched VLANs Site B Public Network 10.10.10.* 20.20.20.* Redundant Network Site A

23 NETWORK DEPLOYMENT OPTIONS Site B Different Subnets Public Network 10.10.10.* 20.20.20.* 30.30.30.* 40.40.40.* Redundant Network Site A

24 CHALLENGES WITH STRETCHED NETWORKS

25 STRETCHING THE NETWORK Clustering has no distance limitations (although 3 rd party plug-ins may) Longer distance traditionally means greater network latency Missed inter-node health checks can cause false failover Cluster heartbeating is fully configurable SameSubnetDelay (default = 1 second) Frequency heartbeats are sent SameSubnetThreshold (default = 5 heartbeats) Missed heartbeats before an interface is considered down CrossSubnetDelay (default = 1 second) Frequency heartbeats are sent to nodes on dissimilar subnets CrossSubnetThreshold (default = 5 heartbeats) Missed heartbeats before an interface is considered down to nodes on dissimilar subnets Command Line: Cluster.exe /prop PowerShell (R2): Get-Cluster | fl *

26 SECURITY OVER THE WAN Encrypt inter-node communication Trade-off security versus performance SecurityLevel (default = signed communication) 0 = clear text 1 = signed (default) 2 = encrypted Site A 10.10.10.1 20.20.20.1 30.30.30.1 40.40.40.1 Site B

27 UPDATING VM’S IP ADDRESSES ON FAILOVER Not needed if on same subnet On cross-subnet failover, if guest is… If using multiple subnets, it is easier to use DHCP in guest OS IP updated automatically DHCP A new IP Address must be configured after failover This can be scripted Static IP

28 DNS CONSIDERATIONS Nodes in dissimilar subnets VM obtains new IP address Clients need that new IP Address from DNS to reconnect 10.10.10.111 20.20.20.222 DNS Server 1 DNS Server 2 DNS Replication Record Created VM = 10.10.10.111 Record Updated VM = 20.20.20.222 Site A Site B Record Updated Record Obtained

29 SOLUTION #1: LOCAL FAILOVER FIRST Configure local failover first for high availability No change in IP addresses No DNS replication issues No data going over the WAN Cross-site failover for disaster recovery 10.10.10.111 DNS Server 1 VM = 10.10.10.111 Site ASite B 20.20.20.222

30 SOLUTION #2: STRETCH VLANS Deploying a VLAN minimizes client reconnection times IP Address of the VM never changes DNS Server 1DNS Server 2 FS = 10.10.10.111 Site ASite B 10.10.10.111 VLAN

31 SOLUTION #3: NETWORKING DEVICE ABSTRACTION Networking device uses independent 3 rd IP Address 3 rd IP Address is registered in DNS & used by client 10.10.10.111 20.20.20.222 DNS Server 1 DNS Server 2 VM = 30.30.30.30 Site ASite B 30.30.30.30

32 CSV NETWORKING CONSIDERATIONS Cluster Shared Volumes requires nodes to be in the same subnet Use a VLAN on your CSV network Other networks can still support multiple subnets Site A Site B VLAN CSV Network

33 LIVE MIGRATING ACROSS SITES Live migration moves a running VM between cluster nodes TCP reconnects makes the move unnoticeable to clients Use VLANs to achieve live migrations between sites The VM’s IP Address connecting the client to VM will not change Network Bandwidth Planning Live migration may require significant network bandwidth based on the amount of memory allocated to VM Live migration times will be longer with high latency or low bandwidth WAN connections Remember that CSV and live migration are independent, but complimentary, technologies

34 MULTI-SUBNET VS. VLAN RECAP

35 MULTI-SITE CLUSTERING CONSIDERATIONS Network Compute Quorum Storage

36 QUORUM DEPLOYMENT OPTIONS 1. Disk only 2. Node Majority 3. Node & Disk Majority 4. File Share Witness

37 REPLICATED DISK WITNESS A witness is a tie breaker when nodes lose network connectivity When a witness is not a single decision maker, problems occur Do not use in multi-site clusters unless directed by vendor Replicated Storage ? Vote

38 NODE MAJORITY Site B Site A Cross site network connectivity broken! Can I communicate with majority of the nodes in the cluster? Yes, then Stay Up Can I communicate with majority of the nodes in the cluster? Yes, then Stay Up Can I communicate with majority of the nodes in the cluster? No, drop out of Cluster Membership Can I communicate with majority of the nodes in the cluster? No, drop out of Cluster Membership 5 Node Cluster: Majority = 3 Majority in Primary Site

39 NODE MAJORITY Disaster at Site 1 Can I communicate with majority of the nodes in the cluster? No, drop out of Cluster Membership Can I communicate with majority of the nodes in the cluster? No, drop out of Cluster Membership Majority in Primary Site 5 Node Cluster: Majority = 3 Need to force quorum manually Site A We are down! Site B

40 FORCING QUORUM Forcing quorum is a way to manually override and start a node even though it has not achieved quorum Always understand why quorum was lost Used to bring cluster online without quorum Cluster starts in a special “forced” state Once majority achieved, drops out of “forced” state Command Line: net start clussvc /fixquorum (or /fq) PowerShell (R2): Start-ClusterNode –FixQuorum (or –fq) Command Line: net start clussvc /fixquorum (or /fq) PowerShell (R2): Start-ClusterNode –FixQuorum (or –fq)

41 MULTI-SITE WITH FILE SHARE WITNESS Site ASite B Site C (branch office) Complete resiliency and automatic recovery from the loss of any 1 site \\Foo\Share WAN File Share Witness

42 CHANGES IN SERVICE PACK 1 Node Vote Weight Granular control of which nodes have votes in determining quorum Flexibility for multi-site clusters Prefer primary Site during network split Complete failure of Backup Site will not bring down the cluster Primary Site Backup Site Cluster.exe Cluster.exe. node /prop NodeWeight=0 PowerShell (R2): (Get-ClusterNode “NodeName”).NodeWeight = 0 Cluster.exe Cluster.exe. node /prop NodeWeight=0 PowerShell (R2): (Get-ClusterNode “NodeName”).NodeWeight = 0

43 CHANGES IN SERVICE PACK 1 Prevent Quorum Admin Started Backup Site with /ForceQuorum option When Primary is restarted N1 & N2 overwrites the Authoritative Cluster configuration Changes Made by B3 & B4 overwritten When Primary is started with /Prevent Quorum – recomm. Quorum override avoided Changes Made by B3 &` B4 are maintained N1 & N2 gracefully joins the existing membership

44 QUORUM MODEL RECAP Even number of nodes Best availability solution – FSW in 3rd site Node and File Share Majority Odd number of nodes More nodes in primary site Node Majority Use as directed by vendor Node and Disk Majority Not Recommended Use as directed by vendor No Majority: Disk Only

45 MULTI-SITE CLUSTERING CONTENT Design guide: http://technet.microsoft.com/en-us/library/dd197430.aspx Deployment guide/checklist: http://technet.microsoft.com/en-us/library/dd197546.aspx

46 VPRAŠANJA? Po zaključku predavanja prosim izpolnite vprašalnik. Vprašalniki bodo poslani na vaš e-naslov, dostopni pa bodo tudi preko profila na spletnem portalu konference. www.ntk.si.www.ntk.si Z izpolnjevanjem le tega pripomorete k izboljšanju konference. Hvala!

Download ppt "VAROVANJE VIRTUALIZIRANEGA DATACENTRA – VISOKA RAZPOLOŽLJIVOST Gorazd Šemrov Microsoft Consulting Services"

Similar presentations

Henk Den Baes Technology Advisor Microsoft BeLux

Henk Den Baes Technology Advisor Microsoft BeLux
Symon Perriman Program Manager II Clustering & High-Availability Microsoft Corporation SESSION CODE: VIR303.

Symon Perriman Program Manager II Clustering & High-Availability Microsoft Corporation SESSION CODE: VIR303.
1 Windows 2008 Failover Clustering Witness/Quorum Models.

1 Windows 2008 Failover Clustering Witness/Quorum Models.
Tech·Ed North America /6/2017 8:17 AM

Tech·Ed North America /6/2017 8:17 AM
Site A But what if there is a catastrophic event? Fire, flood, earthquake … Same Physical Location.

Site A But what if there is a catastrophic event? Fire, flood, earthquake … Same Physical Location.
4/11/2017 © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks.

4/11/2017 © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks.
1© Copyright 2013 EMC Corporation. All rights reserved. EMC RECOVERPOINT FAMILY Protecting Your Data.

1© Copyright 2013 EMC Corporation. All rights reserved. EMC RECOVERPOINT FAMILY Protecting Your Data.
1 Disk Based Disaster Recovery & Data Replication Solutions Gavin Cole Storage Consultant SEE.

1 Disk Based Disaster Recovery & Data Replication Solutions Gavin Cole Storage Consultant SEE.
June 23rd, 2009Inflectra Proprietary InformationPage: 1 SpiraTest/Plan/Team Deployment Considerations How to deploy for high-availability and strategies.

June 23rd, 2009Inflectra Proprietary InformationPage: 1 SpiraTest/Plan/Team Deployment Considerations How to deploy for high-availability and strategies.
1 Week #1 Objectives Review clients, servers, and Windows network models Differentiate among the editions of Server 2008 Discuss the new Windows Server.

1 Week #1 Objectives Review clients, servers, and Windows network models Differentiate among the editions of Server 2008 Discuss the new Windows Server.
1 © Copyright 2010 EMC Corporation. All rights reserved. EMC RecoverPoint/Cluster Enabler for Microsoft Failover Cluster.

1 © Copyright 2010 EMC Corporation. All rights reserved. EMC RecoverPoint/Cluster Enabler for Microsoft Failover Cluster.
Keith Burns Microsoft UK Mission Critical Database.

Keith Burns Microsoft UK Mission Critical Database.
Module – 12 Remote Replication

Module – 12 Remote Replication
1© Copyright 2011 EMC Corporation. All rights reserved. EMC RECOVERPOINT/ CLUSTER ENABLER FOR MICROSOFT FAILOVER CLUSTER.

1© Copyright 2011 EMC Corporation. All rights reserved. EMC RECOVERPOINT/ CLUSTER ENABLER FOR MICROSOFT FAILOVER CLUSTER.
Implementing Failover Clustering with Hyper-V

Implementing Failover Clustering with Hyper-V
National Manager Database Services

National Manager Database Services
MCTS Guide to Microsoft Windows Server 2008 Applications Infrastructure Configuration (Exam # 70-643) Chapter Ten Configuring Windows Server 2008 for High.

MCTS Guide to Microsoft Windows Server 2008 Applications Infrastructure Configuration (Exam # ) Chapter Ten Configuring Windows Server 2008 for High.
Microsoft Load Balancing and Clustering. Outline Introduction Load balancing Clustering.

Microsoft Load Balancing and Clustering. Outline Introduction Load balancing Clustering.
Ronen Gabbay Microsoft Regional Director Yside / Hi-Tech College

Ronen Gabbay Microsoft Regional Director Yside / Hi-Tech College
Www.doubletake.com Double-Take Software Overview A Platform for Recoverability.

Double-Take Software Overview A Platform for Recoverability.

Similar presentations

Ads by Google