Reasons to love Exchange 2013 High Availability

transcript

Reasons to love Exchange 2013 High AvailabilitySteve GoodmanExchange MVP Senior Consultant at Ciber UKTwitter - @stevegoodmanEmail – steve@goodman.netWeb – www.stevieg.org

Reasons to love Exchange 2013 HA This evening we’ll cover a few great features that I think make Exchange 2013 a no brainer

It’s an informal session so feel free to add your point of view and favourite features!

Let’s start with a brief history of Exchange HA…

Evolution of HA in ExchangeA very brief history

Evolution of HA in Exchange

Exchange 2003

Exchange 2007

Exchange 2010

Exchange 2013

Five great new HA features

1. No CAS session affinity

No CAS session affinity required Clients can connect to any CAS and remain connected to the same session

Requires the same SSL certificate on each CAS

Builds on the every server is an island principle

Makes load balancing much simpler

No CAS session affinity required

Client AccessServer

MailboxServer

Client AccessServer

MailboxServer

OWA Rendering

MailboxServer

1. HTTPS OWA Request to Client Access Server is authenticated and cookie is encrypted using SSL certificate.2. HTTPS Reverse Proxy to Mailbox Server where OWA is rendered and Mailbox is Active3. Authentication cookie is presented to second Client Access server and successfully decrypted.4. HTTPS Reverse Proxy to original Mailbox Server

2. Unbound Namespaces

Unbound Namespaces Site Resilience typically required lots of names

Unbound allows you to have a single name across multiple sites (i.e. not bound to a site)

Use no affinity round robin to balance across Load Balancer VIPs

Although not essential, Geo DNS can ensure clients stay in-region

Unbound Namespaces

Contoso.com AD Forest

emea.mail.contoso.comus.mail.contoso.com

EMEA Mailbox User

Unbound Namespaces

mail.contoso.commail.contoso.com

EMEA Mailbox User

Unbound Namespaces

EMEA Mailbox User

Unbound Namespaces

US Mailbox User

3. Two and a half sitesAKA File Share Witness in a Third Datacentre

Third Datacentre File Share Witness Even number DAGs use a File Share Witness to maintain quorum

In Exchange 2010 a typical deployment included a primary File Share Witness in the Primary DC, and Alternative FSW in a secondary DC.

As part of Site Resilience procedures, the Alt FSW would be activated manually

Third Datacentre File Share Witness

Datacenter 1 Datacenter 2

Database Availability Group

File ShareWitness

Exchange DAG Node 1

Exchange DAG Node 2

Alt File Share Witness

Third Datacentre File Share Witness Exchange 2013 allows a third datacentre to be used for the File Share Witness

This must be well connected to both datacentres

In the event of a single DC loss, quorum is not lost

Azure IaaS may be supported in the future

Third-Site File Share Witness

Exchange DAG Node 1

Exchange DAG Node 2

Datacenter 3

File ShareWitness

4. Dynamic Quorum

Dynamic Quorum Part of the Windows Clustering Stack and introduced in Server 2012 and enabled by default

Effectively allows the DAG to continue operating even after the point it would normally lose quorum, even down to a single node

Helps to withstand planned shutdowns

Dynamic Quorum

File ShareWitness

Exchange DAG Node 1

Exchange DAG Node 2

Dynamic Quorum

File ShareWitness

Exchange DAG Node 1

Exchange DAG Node 2

Dynamic Quorum

File ShareWitness

Exchange DAG Node 1

Exchange DAG Node 2

Dynamic Quorum

File ShareWitness

Exchange DAG Node 1

Exchange DAG Node 2

5. Database Auto Reseed

Database Auto Reseed JBOD has been supported since Exchange 2010 and is a foundation for Exchange Native Protection

The theory is you have enough Database Copies to remove the need for hardware RAID

In Exchange 2010, a failed disk must be partitioned mounted and formatted, then the database must be reseeded manually and progress monitored

Database Auto Reseed Database Auto Reseed complements technologies including JBOD, multiple databases per volume and loose truncation

The DAG is designed with online spare disks and mount points for both databases and volumes

In the event of a disk failure, the spare disks are automatically brought online and databases reseeded from other copies

Database Auto Reseed

Exchange DAG Node 1

Exchange DAG Node 2

Exchange DAG Node 3

DB1 DB2 DB1 DB2 DB1 DB2

Exchange DAG Node 1

Exchange DAG Node 2

Exchange DAG Node 3

DB1 DB2 DB1 DB2 DB1 DB2

Exchange DAG Node 1

Exchange DAG Node 2

Exchange DAG Node 3

DB1 DB2 DB1 DB2

Exchange DAG Node 1

Exchange DAG Node 2

Exchange DAG Node 3

DB1 DB2 DB1 DB2DB2DB1

How are these features used in Office 365?

How are these features used in Office 365? Microsoft run Office 365 in 26 locations, worldwide

Over 125,000 Mailbox Databases, thus.. Over 80 DAGs Over 1200 Exchange Servers Potentially a lot more DAGs and servers

Global scale requires automated recovery from failures and simplicity where possible

How are these features used in Office 365? Round robin DNS used for no session affinity when accessing outlook.office365.com

An unbound namespace along with geo-DNS used for outlook.office365.com

A third site out of region is used for every Exchange Online DAG

Dynamic Quorum is on by default in Office 365

How are these features used in Office 365? Dynamic quorum is used by default in Office 365 to help increase availability

Database Auto Reseed was born in the service as it becomes impossible to manually change disks, then perform and monitor reseeds at global scale

Putting it togetherYes, you can try this at home!

Putting it together You can design a super resilient architecture that can service datacentre failures with little to no customer impact

Microsoft’s Preferred Architecture provides the best starting point when thinking about the best way to put this together

Reasons to love Exchange 2013 High Availability

Documents