Professional Documents
Culture Documents
M03 E2010 Intro Admin HA
M03 E2010 Intro Admin HA
Supporting Administration
High Availability
Jonathan Runyon
Exchange 2010 BRE Content
Microsoft
1 1/1/2009 Microsoft Confidential - For Internal Use Only
1
Module Overview
Before You Begin
Complete the module Managing Access to Exchange Server 2010
Administrative Tasks with RBAC from this course.
Be familiar with using Windows PowerShell commands to manage
an Exchange organization.
What You Will Learn
After completing this module you will be able to:
Describe mailbox high availability features for Exchange Server
2010.
Design, deploy and manage high availability features for Exchange
Server 2010.
Analyze and troubleshoot mailbox high availability features for
Exchange Server 2010.
2
Challenges
Clustered Mailbox Server Setup and Administration
Clustered mailbox servers are complex and difficult to deploy
Shared Storage can be an Expensive Single Point of Failure
Clustered Mailbox Server Deployment Requires Careful Planning
Failovers Occur at the Server Level
Clustered Mailbox Servers are Limited to Mailbox Server Role
Database Resiliency
Site Resiliency
12
Incremental Deployment
Deployment Improvements
Setup and Management
Role Coexistence
Flexibility
20
Overview
DAG Requirements
General Requirements
Members must be in same AD domain
Not supported for Mailbox role on AD server
Hardware Requirements
No special hardware requirements different from mailbox server role
Software Requirements
Requires Windows Failover Clustering (WFC)
Requires all members to run same version OS
Network Requirements
Similar to previous implementations
21
DAG networks
Each DAG can have multiple networks:
A single MAPI network, which is used by other Exchange 2010
servers to communicate with the Mailbox servers in the DAG
One or more Replication networks, which are used for log shipping
and seeding within the DAG
Each network must be on its own subnet
Multiple subnets must be routable as required to ensure
connectivity between members
No direct routing that allows heartbeat traffic from replication
network on one member to MAPI network on another member, or
vice versa
22
Two
SameSubnets
Subnet
23
Switchovers
Failovers
A Failover occurs when one or more active database
copies become unavailable, and the DAG automatically
takes action to restore service
Failover actions can take place at the database level or
the server level
A single database failure does not affect availability of
other active databases on the same DAG member
Server level failures affect all database copies on the server
For every database copy that was active on the failed server, a
passive copy on another DAG member is selected and activated
25
Site Resilience
DAG membership can extend across multiple datacenters
When a failure occurs at the datacenter level, complete
failover to resources in another datacenter can be initiated
This is a Datacenter Failover, and is considered a disaster
recovery event
Failover is a manually initiated procedure that follows a specific
process to restore availability
25
DAG Components
DAG Cluster
Relies on Windows Failover Clustering “under the hood”
DAG can contain up to 16 members
DAG Processing
Microsoft Exchange Replication service (MSExchangeRepl.exe)
maintains DAG operation and is responsible for:
Continuous replication of databases
Automatic failover of databases and servers
26
DAG Configuration Object
Cluster Quorum
Prevents split brain
Quorum Models
Node Majority
Node and File Share
Majority
Depends on the number
of DAG members
Automatically configured
by DAG management
35
File Share Witness
Database Copies
Flattened Schema
Database Property Details
Using Database Copies
40
Flattened Schema
Legacy Exchange Mailbox
Database Directory
Objects
Exchange 2010 Mailbox
Database Directory Objects
41
homeMDB
The homeMDB attribute ties the mailbox to the mailbox
database
The basic logic processed by the Client Access server is as
follows:
User 1 requests access to her mailbox
|
The mailbox for User 1 is in Database “A-D”
|
An active copy of Database “A-D” is on Server MBX01
|
Access User1’s mailbox from Database “A-D” on Server
MBX01
44
Continuous Replication
Replication Architecture
Replication Processing
48
Replication Architecture
Replication Service
Processing Overview
Replication Service Object Model
Administration and Processing
Replication Service Registry Values
Log Shipping and Log File Management
Log Truncation
Replay and Truncation Lag
48
Replication Service
Installed by default as part of the Mailbox server role
MSExchangeRpl.exe, located in the <install path>\bin directory
Dependent upon only the Microsoft Exchange Active
Directory Topology Service
Configured to start automatically at startup, and to restart
in case of a failure or exception
Responsible for continuous replication
Whether the server is the source or the target of replication
Handles both instances simultaneously
Runs continuously on the mailbox server role
Even if there are no mailbox database copies set to replicate to or
from the server
49
Processing Overview
Continuous Replication Pattern
First step, copy the source database to the destination server to
create a target passive database copy (initial seeding)
Periodically check for new transaction logs in the active database
log directory
Copy any new transaction log files to the target log directory.
Inspect the copied transaction log files at the destination to make
sure they are viable
Reject any transaction logs that fail inspection and then request
another copy from the source
Replay the transaction log files from the destination log directory
into the passive database
51
Log Truncation
Log truncation is coordinated across multiple database
copies in a DAG
Information Store is responsible for truncating log files on
the active database using ESE.DLL or ESEBACK.DLL
Depends on whether continuous replication is enabled and
whether circular logging is enabled
ESE.DLL is responsible for log truncation when replication is not
enabled and “normal” circular logging is enabled
ESEBACK.DLL is responsible for log truncation When replication is
enabled
You can combine circular logging with continuous
replication
Continuous Replication Circular Logging (CRCL) is performed and
managed by the Replication service
54
Lagged Truncation
The following criteria must be met in order for log
truncation to occur on a lagged database copy:
Must be below the checkpoint for the database
Must be older than ReplayLagTime + TruncationLagTime
Must have been truncated on the active copy
55
Limitations
Lagged database copies should be thought of as disaster
recovery copies or backup copies
A database with a replay lag may take many hours to replay logs
Careful planning is required
To improve recoverability, when only one database copy is
lagged it should be stored on a RAID disk array
Lagged database copies are not patchable with the single
page restore feature
If a lagged database copy suffers page corruption (JET database
error -1018), the database must be reseeded, thus loosing the
lagged aspect of the copy.
56
Replication Processing
Replication Monitoring
Initial Seeding
Log Replication
Status/Suspend/Resume operations
56
Replication Monitoring
Current replication status for a database can be
determined using task Get-MailboxDatabaseCopyStatus
Also displayed in Work pane of EMC
Examples:
Healthy - Copy is successfully copying and replaying log files, or it
has successfully copied and replayed all available log files
Seeding - Is being seeded and/or the content index for the
mailbox database copy is being seeded
FailedAndSuspended - States have been set simultaneously by
the system because a failure was detected, and because resolution
of the failure explicitly requires administrator intervention
See table in workbook for full listing
59
Initial Seeding
Choosing what to seed
Database and Content Index Catalog
Selecting the Source for Seeding
Any copy can be used as a source (active, passive, local, remote)
Seeding and DAG Networks
Can specify network to use for seeding, else default behavior
applies (see rules)
Can override compression and encryption settings
Manual Seeding
Rarely needed but possible using the Update-
MailboxDatabaseCopy task
Postponed Seeding
Creates the copy configuration object, but seeding is not
performed automatically
59
Initial Seeding
62
Log Replication
65
Status/Suspend/Resume operations
Get-MailboxDatabaseCopyStatus
67
Active Manager
Overview
Active Manager Architecture
70
Database Actions
Standalone Mailbox Server Database Actions
AutoMount Database
Mount Database
Dismount Database
DAG Database Actions
AutoMount Database
Mount Database
Dismount Database
Move Database
AutoDismount Database
78
Transport Dumpster
Transport Dumpster maintains queue of messages
delivered to replicated databases
Automatically re-delivers recent e-mail messages sent to users on
the lossy failed database
It is possible for active mailbox database to move between AD
sites
Re-delivery request upon lossy database failover is issued to
servers in both source and target AD sites
Transport Dumpster receives feedback from the replication
pipeline
Aware of log generation of replicated databases, and the logs that
contain the messages in the Transport Dumpster
When logs holding messages in Transport Dumpster have been
replicated to all database copies, message are removed
83
CAS Interaction
Client MAPI access and directory access transferred to the
CAS via Microsoft Exchange RPC Client Access service
Service acts as a client to the Active Manager and is aware
of the location of each active database copy in the site
In a *over scenario, the client is disconnected for the least
amount of time as possible thanks to the coordination
between CAS server and Active Manager
As soon as the CAS server is able to establish from the
Active Manager the location of a given active database
that is needed to service a client request, the connection is
made
84
Page Patching
86
Database Switchover
87
Server Failover
89
Database Failover
91
Backup-Less Organizations
Flexible Mailbox Protection eliminates the need to make
traditional backups of Exchange database data
Disaster Recovery – handled by multiple replicated database
copies
Recovery of Accidentally Deleted Items – handled by Dumpster 2.0
Long Term Data Storage – handled by User Archive
Point in Time Database Snapshot- handled by lagged database
copies
There are serious considerations when planning FMP
Hardware requirements vs. cost of sustaining backups
Number of database copies
Recovery Time Objective (RTO) and Recovery Point Objective (RPO)
goals
99
HA EXTRA Tracing
Use the Cluster.Replay component for troubleshooting
issues that are related to continuous replication and DAG
operation
See pages 175 – 177 for tags available for tracing DAG
operation
177
This training package content is proprietary and confidential, and is intended only for users described in the training materials. Content and
information designated for limited distribution is provided to you under a Non-Disclosure Agreement and cannot be distributed. Copying or
disclosing all or any portion of the content and/or information included in such packages is strictly prohibited.
The contents of this package are for informational and training purposes only and are provided "as is" without warranty of any kind, whether
express or implied, including but not limited to the implied warranties of merchantability, fitness for a particular purpose, and non-
infringement.
Training package content, including URLs and other Internet Web site references, is subject to change without notice. Because Microsoft
must respond to changing market conditions, the content should not be interpreted to be a commitment on the part of Microsoft, and
Microsoft cannot guarantee the accuracy of any information presented after the date of publication. Unless otherwise noted, the companies,
organizations, products, domain names, e-mail addresses, logos, people, places, and events depicted herein are fictitious, and no association
with any real company, organization, product, domain name, e-mail address, logo, person, place, or event is intended or should be inferred.
Microsoft may have patents, patent applications, trademarks, copyrights, or other intellectual property rights covering subject matter in this
document. Except as expressly provided in written license agreement from Microsoft, the furnishing of this document does not give you any
license to these patents, trademarks, copyrights, or other intellectual property.
Complying with all applicable copyright laws is the responsibility of the user. Without limiting the rights under copyright, no part of this
document may be reproduced, stored in or introduced into a retrieval system, or transmitted in any form or by any means (electronic,
mechanical, photocopying, recording, or otherwise), or for any purpose, without the express written permission of Microsoft Corporation.
For more information, see “Use of Microsoft Copyrighted Content “at http://www.microsoft.com/about/legal/permissions/.
Microsoft®, Internet Explorer, and Windows® are either registered trademarks or trademarks of Microsoft Corporation in the United States
and/or other countries. Microsoft products mentioned herein may be either registered trademarks or trademarks of Microsoft Corporation in
the United States and/or other countries. All other trademarks are property of their respective owners.