Download presentation
Presentation is loading. Please wait.
Published byMiles Manning Modified over 9 years ago
2
Scott Schnoll Principal Technical Writer Microsoft Corporation UNC313
3
Agenda Exchange 2010 High Availability Vision/Goals Exchange 2010 High Availability Features Exchange 2010 High Availability Deep Dive Deploying Exchange 2010 High Availability Features Transitioning to Exchange 2010 High Availability End-to-End Availability Improvements High Availability Design Examples
5
Exchange 2010 High Availability Vision and Goals Vision: Deliver a fast, easy-to-deploy and operate, economical solution that can provide messaging service continuity for all customers Goals Deliver a solution for high availability and site resilience that is native to Exchange Enable less expensive and less complex storage Simplify administration and reduce support costs Increase end-to-end availability Support Exchange Server 2010 Online
6
Exchange 2010 High Availability Solution Unified technology for high availability and site resilience New framework for creating highly available mailboxes Evolution of continuous replication technology Can be deployed on a range of storage options Native to Exchange; not bolted onto the side
7
DB1 Front End Server NodeB (passive) Outlook OWA, ActiveSync, or Outlook Anywhere San Jose Dallas Standby Cluster Third-party data replication needed for site resilience Complex site resilience and recovery Clustering knowledge required DB2 DB3 DB4 DB5 DB6 Failover at Mailbox server level DB1 DB2 DB3 Clustered Mailbox Server had to be created manually Exchange Server 2003 NodeA (active)
8
DB1 Client Access Server NodeB (passive) SCR Outlook OWA, ActiveSync, or Outlook Anywhere San Jose Dallas Standby Cluster No GUI to manage SCR Complex activation for remote server / datacenter Clustering knowledge required DB2 DB3 DB4 DB5 DB6 DB1 DB2 DB3 DB4 DB5 DB6 Failover at Mailbox server level DB1 DB2 DB3 Clustered Mailbox Server can’t co-exist with other roles Exchange Server 2007 NodeA (active) CCR
9
DB2 DB3 DB2 DB3 DB4 DB5 Client Access Server Mailbox Server 1 Mailbox Server 2 Mailbox Server 3 Mailbox Server 6 Mailbox Server 4 Dallas San Jose Mailbox Server 5 DB5 DB2 DB3 DB4 DB5 DB1 Failover managed by/with Exchange Database level failover Easy to extend across sites All clients connect via CAS servers DB3 DB5 DB1 Exchange Server 2010
11
Exchange 2010 High Availability Feature Names Mailbox Resiliency – Name of Unified High Availability and Site Resilience Solution Database Availability Group – A group of up to sixteen mailbox servers that host a set of replicated databases Mailbox Database Copy – A mailbox database (.edb file and logs) that is either active or passive Database Mobility – The ability of a single mailbox database to be replicated to and mounted on other mailbox servers
12
Exchange 2010 High Availability Feature Names RPC Client Access service – A Client Access server feature that provides a MAPI endpoint for Outlook clients Shadow Redundancy – A transport feature that provides redundancy for messages for the entire time they are in transit Incremental Deployment – The ability to deploy high availability /site resilience after Exchange is installed Exchange Third Party Replication API – An Exchange- provided API that enables use of third-party replication for a DAG in lieu of continuous replication
13
Exchange 2010 High Availability Terminology High Availability – Solution must provide data availability, service availability, and automatic recovery from failures Disaster Recovery – Process used to manually recover from a failure Site Resilience – Disaster recovery solution used for recovery from site failure *over – Short for switchover/failover; a switchover is a manual activation of one or more databases; a failover is an automatic activation of one or more databases after a failure
14
Exchange 2010 *overs Within a datacenter Database or server *overs Datacenter level: switchover Between datacenters Database or server *overs Assumptions: Each datacenter is a separate Active Directory site Each datacenter has live, active messaging services Standby datacenter must be active to support single database *over
15
Exchange 2007 Concepts Brought Forward Extensible Storage Engine (ESE) Databases and log files Continuous Replication Log shipping and replay Database seeding Store service/Replication service Database health and status monitoring Divergence Automatic database mount behavior Concepts of quorum and witness Concepts of *overs
16
Exchange 2010 Deprecated Concepts Storage groups Databases identified by the server on which they live Server names as part of database names Clustered Mailbox Servers Pre-installing a Windows Failover Cluster Running setup in Clustered Mode Moving a CMS network identity between servers Shared storage Two HA copy limits Private and public networks
18
Exchange 2010 HA Fundamentals Database Availability Group Server Database Database Copy Active Manager RPC Client Access DAG
19
Database Availability Group (DAG) Base component of high availability and site resilience A group of up to 16 servers that host a set of replicated databases “Wraps” a Windows Failover Cluster Manages membership (DAG member = node) Provides heartbeat of DAG member servers Active Manager stores data in cluster database Defines a boundary for: Mailbox database replication Database and server *overs Active Manager
20
Exchange component that manages *overs Runs on every server in the DAG Selects best available copy on failovers Is the definitive source of information on where a database is active Stores this information in cluster database Provides this information to other Exchange components (e.g., RPC Client Access and Hub Transport) Two Active Manager roles: PAM and SAM
21
Active Manager Primary Active Manager (PAM) Runs on the node that owns the cluster group Gets topology change notifications Reacts to server failures Selects the best database copy on *overs Standby Active Manager (SAM) Runs on every other node in the DAG Responds to queries about which server hosts the active copy of the mailbox database Both roles are necessary for automatic recovery If Replication service is stopped, automatic recovery will not happen
22
Active Manager Selection of Active Database Copy Active Manager selects the “best” copy to become active when existing active fails Ignores servers that are unreachable or activation is temporarily or regularly blocked Sorts copies by currency to minimize data loss Breaks ties during sort based on Activation Preference Selects from sorted listed based on copy status of each copy
23
Active Manager Selection of Active Database Copy Active Manager selects the “best” copy to become active when existing active fails CatalogHealthy Copy statusHealthy, DisconnectedAndHealthy, DisconnectedAndResynchronizing, or SeedingSource CopyQueueLength< 10 ReplayQueueLength< 50 CatalogCrawling Copy statusHealthy, DisconnectedAndHealthy, DisconnectedAndResynchronizing, or SeedingSource CopyQueueLength< 10 ReplayQueueLength< 50 CatalogHealthy Copy statusHealthy, DisconnectedAndHealthy, DisconnectedAndResynchronizing, or SeedingSource ReplayQueueLength< 50 CatalogCrawling Copy statusHealthy, DisconnectedAndHealthy, DisconnectedAndResynchronizing, or SeedingSource ReplayQueueLength< 50 5 Copy statusHealthy, DisconnectedAndHealthy, DisconnectedAndResynchronizing, or SeedingSource ReplayQueueLength< 50 6 CatalogHealthy Copy statusHealthy, DisconnectedAndHealthy, DisconnectedAndResynchronizing, or SeedingSource CopyQueueLength< 10 7 CatalogCrawling Copy statusHealthy, DisconnectedAndHealthy, DisconnectedAndResynchronizing, or SeedingSource CopyQueueLength< 10 8 CatalogHealthy Copy statusHealthy, DisconnectedAndHealthy, DisconnectedAndResynchronizing, or SeedingSource 9 CatalogCrawling Copy statusHealthy, DisconnectedAndHealthy, DisconnectedAndResynchronizing, or SeedingSource 10 Copy statusHealthy, DisconnectedAndHealthy, DisconnectedAndResynchronizing, or SeedingSource
24
Example: Database Failover Database failure occurs Failure item is raised Active Manager moves active database Database copy is restored Similar flow within and across datacenters DB2 DB3 DB2 DB3 DB4 DB5 Mailbox Server 1 Mailbox Server 2 Mailbox Server 3 Mailbox Server 4 Mailbox Server 5 DB5 DB2 DB3 DB4 DB5 DB1 DAG
25
Example: Server Failover Server failure occurs Cluster notification of node down Active Manager moves active databases Server is restored Cluster notification of node up Database copies resynchronize with active databases Similar flow within and across datacenters DB2 DB3 DB2 DB3 DB4 DB5 Mailbox Server 1 Mailbox Server 2 Mailbox Server 3 Mailbox Server 4 Mailbox Server 5 DB5 DB2 DB3 DB4 DB5 DB1 DAG
26
DAG Lifecycle DAG is created initially as empty object in Active Directory Continuous replication or 3rd party replication using Third Party Replication mode When first mailbox server is added to a DAG A Windows failover cluster is formed with a Node Majority quorum using the name of the DAG The server is added to the DAG object in Active Directory A cluster network object (CNO) for the DAG is created in the built-in Computers container One or more IP addresses is assigned to the DAG The Name and IP address(s) of the DAG is registered in DNS The cluster database for the DAG is updated with info on configured databases, including if they are locally active (which they should be)
27
DAG Lifecycle When second and subsequent Mailbox server is added to a DAG The server is joined to cluster for the DAG The quorum model is automatically adjusted Node Majority - DAGs with odd number of members Node and File Share Majority - DAGs with even number of members File share witness cluster resource, directory, and share are automatically created by Exchange when needed The server is added to the DAG object in Active Directory The cluster database for the DAG is updated with info on configured databases, including if they are locally active (which they should be)
28
DAG Lifecycle After servers have been added to a DAG Configure the DAG Network Encryption Network Compression Configure DAG networks Network subnets Enable/disable MAPI traffic/replication Create mailbox database copies Seeding is performed automatically Monitor health and status of database copies Perform switchovers as needed
29
DAG Lifecycle Before you can remove a server from a DAG, you must first remove all replicated databases from the server When a server is removed from a DAG: The server is evicted from the cluster The cluster quorum is adjusted as needed The server is removed from the DAG object in Active Directory Before you can remove a DAG, you must first remove all servers from the DAG
31
Deploying Exchange 2010 HA Features Legacy Deployment Steps (CCR/SCC) 1.Prepare hardware, install proper OS, and update Extra for SCC: configure storage 2.Build Windows Failover Cluster Extra for SCC: configure storage 3.Configure cluster quorum, file share witness, and public and private networks 4.Run Setup in Custom mode and install clustered mailbox server 5.Configure clustered mailbox server Extra for SCC: configure disk resource dependencies 6.Test *overs Legacy Deployment Steps (CCR/SCC)Exchange 2010 Incremental Deployment 1.Prepare hardware, install proper OS, and update Extra for SCC: configure storage 2.Build Windows Failover Cluster Extra for SCC: configure storage 3.Configure cluster quorum, file share witness, and public and private networks 4.Run Setup in Custom mode and install clustered mailbox server 5.Configure clustered mailbox server Extra for SCC: configure disk resource dependencies 6.Test *overs 1.Prepare hardware, install proper OS, and update 2.Run Setup and install Mailbox role 3.Create a DAG and replicate databases 4.Test *overs
32
Exchange 2010 Incremental Deployment New-DatabaseAvailabilityGroup -Name DAG1 -FileShareWitnessShare \\EXHUB1\DAG1FSW -FileShareWitnessDirectory C:\DAG1FSW Create a DAG New-DatabaseAvailabilityGroup -Name DAG1 -FileShareWitnessShare \\EXHUB1\DAG1FSW -FileShareWitnessDirectory C:\DAG1FSW Add-DatabaseAvailbilityGroupServer -Identity DAG1 -MailboxServer EXMBX1 -DatabaseAvailablityGroupIpAddresses 10.0.0.8 Add first Mailbox Server to DAG Add-DatabaseAvailbilityGroupServer -Identity DAG1 -MailboxServer EXMBX1 -DatabaseAvailablityGroupIpAddresses 10.0.0.8 Add-DatabaseAvailabilityGroupServer -Identity DAG1 -MailboxServer EXMBX2 Add-DatabaseAvailabilityGroupServer -Identity DAG1 -MailboxServer EXMBX2 -DatabaseAvailablityGroupIpAddresses 10.0.0.8,10.0.1.8 Add second and subsequent Mailbox Server Add-DatabaseAvailabilityGroupServer -Identity DAG1 -MailboxServer EXMBX2 Add-DatabaseAvailabilityGroupServer -Identity DAG1 -MailboxServer EXMBX2 -DatabaseAvailablityGroupIpAddresses 10.0.0.8,10.0.1.8 Add-MailboxDatabaseCopy -Identity MBXDB1 -MailboxServer EXMBX3 Add Mailbox Database Copy Add-MailboxDatabaseCopy -Identity MBXDB1 -MailboxServer EXMBX3 Extend as needed
33
Creating a database availability group Adding servers to a database availability group Add mailbox database copy Database switchover
35
Transition Steps Verify that you meet requirements for Exchange 2010 Deploy Exchange 2010 Use Exchange 2010 mailbox move features to migrate Unsupported Transitions In-place upgrade to Exchange 2010 from any previous version of Exchange Using database portability between Exchange 2010 and non-Exchange 2010 databases Backup and restore of earlier versions of Exchange databases on Exchange 2010 Using continuous replication between Exchange 2010 and Exchange 2007
37
Exchange 2010 End-to-End Availability Improvements Online Move Mailbox Supported between Exchange 2010 databases, and between Exchange 2007 SP2 and Exchange 2010 databases User can access their mailbox while move is in progress Move is performed asynchronously by a new service called the Microsoft Exchange Mailbox Replication Service (MRS), which runs on Client Access servers
38
Exchange 2010 End-to-End Availability Improvements RPC Client Access service A new service that establishes a RPC endpoint for client access on the CAS role to replace the existing RPC endpoint on the Mailbox role New RPC endpoint entirely re-written in managed code Re-factored common business logic from Exchange 2007 that overlaps with what is needed by the RPC endpoint Cmdlets, performance counters, etc. to manage and monitor Does not replace RPC endpoint for public folder databases; Outlook clients logon directly with public folder store to access public folder databases
39
Exchange 2010 End-to-End Availability Improvements Also helps simplify Hub and Edge Transport Server upgrades and maintenance X Shadow Redundancy
40
Exchange 2010 End-to-End Availability Improvements Transport Dumpster Improvements Gets feedback from replication pipeline to let it know when to delete items Once something has been delivered, and the logs for the message are replicated, transport dumpster can delete the message Replay is not required for deleting items from dumpster; only data in dumpster is data that has not yet been replicated Responds to requests for redelivery after lossy failover both within its Active Directory site and across Active Directory sites (old site and new site)
41
Exchange 2010 End-to-End Availability Improvements Exchange 2010 HA E-mail Archive Hold Policy X Database Availability Group Mailbox Server 1 Mailbox Server 2 Mailbox Server 3 DB1 DB2 DB3 DB1 DB2 DB3 DB1 DB2 DB3 Site/Server/Disk failure Archiving/Compliance Recover deleted items Using 3 or more database copies enables you to use replication for your backups
43
Client Access Hub Transport Mailbox Client Access Hub Transport Mailbox Client Access Hub Transport Mailbox Member servers of DAG can host other server roles DB2 2-server DAGs should use RAID 8 processor cores recommended with a maximum of 64GB RAM UM role not recommended for co-location High Availability Design Example Branch/Small Office Design
44
Single Site 3 HA Copies Database Availability Group Mailbox Server 1 Mailbox Server 2 Mailbox Server 3 3 Nodes X X JBOD -> 3 physical Copies 2 servers out -> manual activation of server 3 In 3 server DAG, quorum is lost DAGs with more servers sustain more failures – greater resiliency High Availability Design Example Double Resilience – Maintenance + DB Failure
45
Database Availability Group (DAG) Mailbox Server 1 Mailbox Server 2 Mailbox Server 3 X Mailbox Server 4 X High Availability Design Example Double Node/Disk Failure Resilience
46
Key Takeaways Greater end-to-end availability with Mailbox Resiliency Unified framework for high availability and site resilience Faster and easier to deploy with Incremental Deployment Reduced TCO with core ESE architecture changes and more storage options Supports large mailboxes for less money
48
www.microsoft.com/teched Sessions On-Demand & Community http://microsoft.com/technet Resources for IT Professionals http://microsoft.com/msdn Resources for Developers www.microsoft.com/learning Microsoft Certification and Training Resources www.microsoft.com/learning Microsoft Certification & Training Resources Resources
49
Related Content Breakout Sessions (session codes and titles) UNC316 - Microsoft Exchange Server 2010 Architecture UNC316 - Microsoft Exchange Server 2010 Architecture UNC321 - Storage in Microsoft Exchange Server 2010 UNC321 - Storage in Microsoft Exchange Server 2010 Interactive Theater Sessions (session codes and titles) UNC02-TLC - Designing Microsoft Exchange Server 2010 High Availability Solutions UNC02-TLC - Designing Microsoft Exchange Server 2010 High Availability Solutions Hands-on Labs (session codes and titles) UNC12-HOL - Microsoft Exchange Server 2010 High Availability and Storage Scenarios UNC12-HOL - Microsoft Exchange Server 2010 High Availability and Storage Scenarios
50
Call to Action Learn More! Related Content at TechEd on “Related Content” Slide Attend in-person or consume post-event at TechEd Online Check out online learning/training resources http://technet.microsoft.com/exchange/2010 http://technet.microsoft.com/office/ocs Try It Out! Download the Exchange Server 2010 Beta Evaluation http://www.microsoft.com/exchange/2010/try-it Get a 5-Day Trial of Office Communications Server 2007 R2 https://r2.uctrial.com/
51
Complete an evaluation on CommNet and enter to win!
52
© 2009 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.