Exchange High Availability

(1)

Exchange 2010

(2)

Exchange Server 2010 High Availability

Instructor: J. Peter Bruzzese

Exchange High

Availability: Eliminating

“Disaster” in Disaster

(3)

Exchange Server 2010 High Availability

Eliminating “Disaster” in Disaster Recovery

 J. Peter Bruzzese: Microsoft MVP for Exchange with current certification acronyms including the following:

• Triple-MCSE (MCSE for NT 4.0/2000/2003)

• MCITP: Enterprise Messaging (2007 and 2010) • MCTS for SharePoint Server

• A+, Network+, iNet+

• CIW, CNA, CCNA… and others

 I’m a Microsoft Certified Trainer, a technical author with over a dozen books sold internationally to my credit, and a technical speaker for conferences like TechMentor, TechEd, Connections and others

(4)

 Exchange is my passion!

• I’ve been working with and teaching Exchange for

10+ years

• Exchange Instructor for many years with a variety of different training agencies and private corporations

• Contributed to Exchange 2007 Administrator’s Companion (Microsoft Press)

• Wrote “Exchange 2007 SP1: How-To” by Sams

(Pearson)

• Author of Exclusively Exchange column for Realtime and founder of the site www.exclusivelyexchange.com

• Participated in the Microsoft TAP program for

Exchange 2010, for Exchange 2010 SP2 and for E15

• Speaker for TechMentor, TechEd

• Journalist for InfoWorld (Enterprise Windows column)

The Extended Exchange Bio

Photo: Visiting Microsoft As a journalist I was invited to meet with various teams including members of the Exchange Team for a 1 hour QnA.

(5)

 High Availability Comparison to Aircraft  The HA/DR Crossroads

 The HA Focus Point

 How DAGs in Exchange 2010 Eliminate the “Disaster” in Disaster Recovery

(6)

 Redundancy and Resiliency is key to commercial airline success:

• Wings and tail flexibility is incredible (resiliency)

• Two engine planes can fly on a single engine (redundancy) • Engines can handle birds flying into them (resiliency)

• Three layers of windows (can’t break)

(7)

 Redundant systems:

• Pilot and co-pilot have separate controls

• Two ways to lower landing gear (at least) • Multiple fuel lines and hydraulics

• Fly-by-wire systems may be quadrupled (four

independent channels)

(8)

 High Availability goes beyond uptime of a server… it’s about being accessible to users, ready to work (for example, in the case of Exchange being able to send and receive mail)

 HA is all about keeping your environment accessible while DR is all about recovering your environment should it go down

 The two meet at some point if you have planned properly

• The value of using HA to mitigate DR is easy to see when you

consider RTO and RPO

(9)

 Recovery Time Objective (RTO):

• Fancy definition (from Wikipedia): Duration of time and a service level within which a business process must be restored after a disaster (or disruption) in order to avoid unacceptable consequences associated with a break in business continuity.

• Simple definition: Acceptable time without service being available

 Recovery Point Objective (RPO):

• Fancy definition (from Wikipedia): Maximum tolerable period in which

data might be lost from an IT Service due to a Major Incident

• Simple definition: How much data (past and present) must be

restorable in the RTO

RTO and RPO

(10)

 The keys for making a solution like Exchange more highly available include the following:

• Redundancy: Having more than one server, power supply, site

copy

• Resiliency: The ability to keep working despite a single (or

multiple) software or hardware failure

• Recovery: When all else fails, the ability to restore data from

backup

(11)

 In the past, cost prohibited most organizations from pursuing alternatives to Disaster Recovery

 A DISASTER might include something as simple as:

• Disk Failure • Server Failure

 Although it might also mean something more complex:

• Fire

• Destruction

 What are the reasons today for Disaster Recovery?

(12)

 If your data was available 24/7/365… Guaranteed!... Would you need Disaster Recovery?

 The technology has existed for a long time… the price tag was the wall between us

 Exchange 2003 had a shared storage solution with clustering to provide some HA (called Single Copy Cluster or SCC in 2007)

 Exchange 2007 and now 2010 builds from a new methodology to provide High Availability

(13)

The Three Key Concerns for DR

(14)

Methods within Exchange 2007 and 2010 for HA

Disk

Server

Site

LCR

CCR

SCR

DAG

2007

2010

(15)

 To truly understand how Exchange 2007 (and more recently 2010) helps eliminate the need for Disaster Recovery you have to

visualize the technology in place

 There is a database file (called an .edb file) and transaction logs (which are 1 MB in size) that work together to provide a consistent storage

Storage Architecture in 2007/2010

Database (.edb)

(16)

 With continuous replication the database is initially copied and then log files are shipped and replayed constantly to keep the database up-to-date

Continuous Replication

Database Copy

Transaction Log Shipping and Replay

(17)

 Uses continuous replication  Allows for up to 16 servers

 Uses clustering features like heartbeats and a file share witness to connect members of a DAG

• A heartbeat is a simple method servers use to “check in”

with one another to ensure they are still alive

• A file share witness is a method for providing a referee

between DAG members in the event it appears one has gone down

(18)

Visual DAG

System 1 DB 1 Replica DB 2 Replica DB 3 System 2 DB 2 Replica DB 1 Replica DB 3 System 3 DB 3 Replica DB 1 Replica DB 2 Passive Copy Lagged Copy Active Copy

(19)

 If you lose too many servers in a DAG you can lose “quorum”  If you lose “quorum” you have to manually intervene in the

process

 Some consider the manual intervention to be a break from true “high availability” but ultimately, whether your system fails over or has to be switched over manually, the recovery time and the availability of those services is dramatically reduced through DAGs in comparison with traditional backup/recovery

(20)

 If done correctly, using the proper number of servers (four or more) you can eliminate the need for traditional backups as the first line of defense in your DR strategy

 Some may not be comfortable with that so they may still want to retain backups, which is up to them, but many have jumped forward to the failover/switchover world of DAGs for their

Exchange environment

 As for longer term backups and such, archive solutions have taken over that role so that you can perform individual item

restores if necessary, along with discovery, have compliance and so forth

(21)

 Want to learn more about Exchange 2010? Watch one of these training courses from TrainSignal:

• Exchange 2010 Administration Training

• Exchange 2010 Design and Deployment • Exchange 2010 Backup and Recovery • Exchange 2010 High Availability

• Exchange 2010 Unified Messaging Training

 Read my InfoWorld column on Enterprise Windows at:

• http://www.infoworld.com/blogs/j-peter-bruzzese

 Email J. Peter Bruzzese at [email protected] and follow me on Twitter @JPBruzzese