Exchange 2010 High Availability
Exchange High Availability: Eliminating Disaster in Disaster Recovery Instructor: J. Peter Bruzzese
A Modest Bio of Your Instructor J. Peter Bruzzese: Microsoft MVP for Exchange with current certification acronyms including the following: Triple-MCSE (MCSE for NT 4.0/2000/2003) MCITP: Enterprise Messaging (2007 and 2010) MCTS for SharePoint Server A+, Network+, inet+ CIW, CNA, CCNA and others I m a Microsoft Certified Trainer, a technical author with over a dozen books sold internationally to my credit, and a technical speaker for conferences like TechMentor, TechEd, Connections and others
The Extended Exchange Bio Exchange is my passion! I ve been working with and teaching Exchange for 10+ years Exchange Instructor for many years with a variety of different training agencies and private corporations Contributed to Exchange 2007 Administrator s Companion (Microsoft Press) Wrote Exchange 2007 SP1: How-To by Sams (Pearson) Author of Exclusively Exchange column for Realtime and founder of the site www.exclusivelyexchange.com Participated in the Microsoft TAP program for Exchange 2010, for Exchange 2010 SP2 and for E15 Speaker for TechMentor, TechEd Journalist for InfoWorld (Enterprise Windows column) Photo: Visiting Microsoft As a journalist I was invited to meet with various teams including members of the Exchange Team for a 1 hour QnA.
Our Agenda High Availability Comparison to Aircraft The HA/DR Crossroads The HA Focus Point How DAGs in Exchange 2010 Eliminate the Disaster in Disaster Recovery
High Availability in Aircraft Redundancy and Resiliency is key to commercial airline success: Wings and tail flexibility is incredible (resiliency) Two engine planes can fly on a single engine (redundancy) Engines can handle birds flying into them (resiliency) Three layers of windows (can t break)
High Availability in Aircraft Redundant systems: Pilot and co-pilot have separate controls Two ways to lower landing gear (at least) Multiple fuel lines and hydraulics Fly-by-wire systems may be quadrupled (four independent channels)
The Crossroads of HA and DR High Availability goes beyond uptime of a server it s about being accessible to users, ready to work (for example, in the case of Exchange being able to send and receive mail) HA is all about keeping your environment accessible while DR is all about recovering your environment should it go down The two meet at some point if you have planned properly The value of using HA to mitigate DR is easy to see when you consider RTO and RPO
RTO and RPO Recovery Time Objective (RTO): Fancy definition (from Wikipedia): Duration of time and a service level within which a business process must be restored after a disaster (or disruption) in order to avoid unacceptable consequences associated with a break in business continuity. Simple definition: Acceptable time without service being available Recovery Point Objective (RPO): Fancy definition (from Wikipedia): Maximum tolerable period in which data might be lost from an IT Service due to a Major Incident Simple definition: How much data (past and present) must be restorable in the RTO
Redundancy, Resiliency and Recovery The keys for making a solution like Exchange more highly available include the following: Redundancy: Having more than one server, power supply, site copy Resiliency: The ability to keep working despite a single (or multiple) software or hardware failure Recovery: When all else fails, the ability to restore data from backup
The Old View of Disaster Recovery In the past, cost prohibited most organizations from pursuing alternatives to Disaster Recovery A DISASTER might include something as simple as: Disk Failure Server Failure Although it might also mean something more complex: Fire Destruction What are the reasons today for Disaster Recovery?
Affordable High Availability a Game Changer If your data was available 24/7/365 Guaranteed!... Would you need Disaster Recovery? The technology has existed for a long time the price tag was the wall between us Exchange 2003 had a shared storage solution with clustering to provide some HA (called Single Copy Cluster or SCC in 2007) Exchange 2007 and now 2010 builds from a new methodology to provide High Availability
The Three Key Concerns for DR Disk Server Site
Methods within Exchange 2007 and 2010 for HA The HA Focus Point Disk Server Site 2007 LCR CCR SCR 2010 DAG
Storage Architecture in 2007/2010 To truly understand how Exchange 2007 (and more recently 2010) helps eliminate the need for Disaster Recovery you have to visualize the technology in place There is a database file (called an.edb file) and transaction logs (which are 1 MB in size) that work together to provide a consistent storage Database (.edb) Transaction Logs
Continuous Replication With continuous replication the database is initially copied and then log files are shipped and replayed constantly to keep the database up-to-date System 1 System 2 Database Copy Transaction Log Shipping and Replay
Database Availability Groups (DAG) Uses continuous replication Allows for up to 16 servers Uses clustering features like heartbeats and a file share witness to connect members of a DAG A heartbeat is a simple method servers use to check in with one another to ensure they are still alive A file share witness is a method for providing a referee between DAG members in the event it appears one has gone down
Visual DAG System 1 System 2 System 3 DB 1 DB 2 Active Copy DB 3 Replica DB 2 Passive Copy Replica DB 1 Replica DB 1 Replica DB 3 Replica DB 3 Replica DB 2 Lagged Copy
Eliminating Disaster If you lose too many servers in a DAG you can lose quorum If you lose quorum you have to manually intervene in the process Some consider the manual intervention to be a break from true high availability but ultimately, whether your system fails over or has to be switched over manually, the recovery time and the availability of those services is dramatically reduced through DAGs in comparison with traditional backup/recovery
Final Thoughts If done correctly, using the proper number of servers (four or more) you can eliminate the need for traditional backups as the first line of defense in your DR strategy Some may not be comfortable with that so they may still want to retain backups, which is up to them, but many have jumped forward to the failover/switchover world of DAGs for their Exchange environment As for longer term backups and such, archive solutions have taken over that role so that you can perform individual item restores if necessary, along with discovery, have compliance and so forth
Contact Information Want to learn more about Exchange 2010? Watch one of these training courses from TrainSignal: Exchange 2010 Administration Training Exchange 2010 Design and Deployment Exchange 2010 Backup and Recovery Exchange 2010 High Availability Exchange 2010 Unified Messaging Training Read my InfoWorld column on Enterprise Windows at: http://www.infoworld.com/blogs/j-peter-bruzzese Email J. Peter Bruzzese at peter@trainsignal.com and follow me on Twitter @JPBruzzese