Design your Lync 2013 Deployment to be a Disaster proof - PowerPoint Presentation

Slide1

Design your Lync 2013 Deployment to be a Disaster proof

Ewan MacKellarAndrew Ehrensing

EXL 325

Design your Lync 2013 Deployment to be Disaster ProofSlide2

Market Drivers

What have we heard?

One of the most wanted features for Lync: backup/restore solution has no SLADifficulties in deploying stretched pool using metropolitan site resiliency

Need an HA/DR solution with lower capital and operational expenditure

What have we done in Lync 2013?

Provide a scalable and cost-effective HA/DR solution for Lync enterprise deployments

Remove dependency on SQL clustering and SAN-based shared storageRemove dependency on metropolitan site resiliencyExtend support for HA/DR features as far as possible in Lync 2013 (schedule/time constraints)

2Slide3

Lync Server HA/DR Capabilities

3

Scenario

OCS 2007 R2

Lync 2010

Lync 2013

HA: server

failure

Server

clustering via hardware load balancing (HLB)

Server

clustering via HLB and DNS load balancingSame as Lync Server 2010HA: pool Back End failureSQL Backup & RestoreSQL clustering & storage area network (SAN)–based shared storageUse synchronous SQL mirroring between two Back Ends w/o the need for shared storageSupport auto failover (FO)/failback (FB) (w/ witness) and manual FO/FBIntegrate with Planning Tool, Topology Builder, and Lync Server Control PanelDR: pool failureSQL Backup & RestoreVoice resiliency for datacenter pools and SBAMetropolitan site stretched pool for presence and conferencing resiliencyMaintain voice resiliency in Lync 2010Enhance PSTN voice w/ trunk auto FO/FBSupport presence and conferencing resiliency via pool pairingActive-active mode in two geographically dispersed datacentersBackup Service for real-time persistent data replication between two paired poolsManual Failover/Failback cmdletsIntegrate with Planning Tool, Topology Builder, and Lync Server Control PanelDoes not include RGS/CPS/CAC/CDR DR: Site failureSQL Backup & RestoreMetropolitan site stretched poolLeverage pool failover model (details above)Must be Lync 2013 poolsStretched Pool not supported

3Slide4

High Availability

Front EndsSlide5

High Availability

Seamlessly failover within Pool

No data loss incurred

Primary FE

Backup1 FE

Backup2 FE

Backend DBSlide6

Lync requirements

Services for MCU Factory,

Conference

Directory,

Routing Group,

LYSS

Fast failover with full serviceAutomatic scaling and load-balancing

User Failover

model

Users

are mapped to groups

Each group is a stateful service with 3 replicasUser requests are serviced by primary replicaUser Group 1User Group 2Group 1Group 3Fabric nodeGroup 2Fabric nodeGroup 1Fabric nodeGroup 3Fabric nodeGroup 3Fabric nodeGroup 1Fabric nodeGroup 2Group 2

6

Fabric in LyncSlide7

7

Intra-Pool Load Balancing & Replication

Persistent User Data

Synchronous replication to two more FEs

(Backup / Replicas)

Presence, Contacts/Groups, User Voice Setting, Conferences

Lazy replication used to commit data to Shared Blob Store (SQL Backend)

Deep Chunking

is

used to reduce Replication

DeltasTransient User DataNot replicated across Front End serversPresence changes due to user activity, includingCalendarInactivityPhone callMinimal portions of conference data replicatedActive Conference RosterActive Conference MCUsLimited usage of Shared Blob StorageData rehydration of client endpointsDisaster recoverySlide8

Quorum

When Servers detect another Server or Cluster to be down based on their own state, they consult the Arbitrator before committing that decision.

Voter systemA minimum number of voters are required to prevent service startup failures and provide for pool failover as shown in the following table.

8

Total Number of Front End Server in the pool (defined in Topology)

Number of Servers that must be

running for pool to be functional

1-2

1

3-4

2

5-637-849-10511-126Slide9

Quorum - Voters

Even number FEs? Add SQL

Two Server PoolThree Server Pool

Four Server Pool

C:\ProgramData\Windows Fabric\Settings.xmlSlide10

Lync

services on both servers in a two-node Front End pool should never be stopped at the same time.

Stopping Lync services does not affect Windows Fabric services that remain online, maintaining quorum.

The last server to update quorum must be restarted first, otherwise Front End service on the other server will hang indefinitely.

SQL is 3

rd

voter, but only Primary in the mirrorNotes for Two-Node Front End Pools

10Slide11

High Availability

SQLSlide12

The 80’s are calling…

and they want to know…..

what happened to traditional clustering?Slide13

Lync 2013 Pool

Principal Instance for DB1

Mirror Instance for DB1

Witness server instance (optional)

Data flow

SQL

transaction

SQL Back End HA

Quick

overview of mirroring

Primary publisher (principal)Secondary subscriberWitness Server (optional, but enables automatic failover; this is a SQL ServerHigh-safety mode (synchronous)Mirroring requirementsPrimary mirror and Witness must have the same version of SQLPrimary and mirror must have the same edition; Witness can be different editionNot required to have same instance name between primary/mirror, recommended for ease of

administration/deploymentSlide14

SQL mirroring Failover Impact

Recovery time for automatic Back End Server failover

Recovery Time Objective is 5 minutesRecovery Point Objective is 5 minutes

No data loss is anticipated

User experience during Back End Server failure

With a Witness configured –

Automatic failoverIf no Witness is configured – Resilience modeIf both the principal and the mirror Back End fail – Resilience mode14Slide15

What is it?

Temporary location used during setupBAK files written here.Primary SQL needs R/W, Mirror R/O

Where should it go?Any file server, with proper permissions for SQL Service access

Do NOT use DFS! .BAK files are excluded from replication by default

Do not use the Lync Pool File Share

This is a one-time use share.

Mirroring File Share15Slide16

Port

Defaults (defined in Topology Builder)TCP/5022 (mirror relationship)TCP/7022 (witness relationship

)These become mirroring endpoints in SQL

Mirroring PortsSlide17

Site Resilience

Pool Failure

Site Resilience

Pool Failover Slide18

Site 2

Site 1

Pool

Resilience

Overview

Pool 2

18

Pool

1Slide19

The CMS DB is critical to Lync service and should be made available most of the time.

There is only one CMS DB per forest and is usually hosted in the Back End of a Pool.

When the Pool hosting CMS fails over, CMS should be failed first and then the Pool.No need to failback (but you can

)

Configuring Pool Pairing:

Paired Pool Computer Accounts

get added to the RTCConfigReplicator group, however this membership does not take effect until server rebootThe solution is to reboot each server before you execute CMS failoverCmdletsInvoke-CSManagementServerFailover

Get-

CSManagementStoreReplicationStatus

–

CentralManagementStoreStatus

Central Management Store Failover19Slide20

CMS Failover in Lync 2013

Ewan MacKellarSlide21

Lync Pools can be

pairedPool failover ensures no single point of failure

Backup ServiceBackup service replicates data between blob stores.

Replicas

have a single master (pool’s blob store)

Automatic FailoverVoIP automatic failover puts users in resiliency mode on backup pool.

Administrator Activated FailoverManual failover provides full service on backup pool: VoIP, Presence, ConferencingPool Pairing

21Slide22

Resiliency Mode – User Experience

User state or task

During failback

After failback completion

User state of user already logged in

User stays signed in and connected to backup pool. At some point user will be signed out and sign back in to the original home pool, in Resiliency mode.

User remains signed in and goes into regular mode.New user logging inUser can sign in to the home pool in Resiliency mode.

User can sign in to the original home pool in regular mode.

Ongoing conferences organized by affected user

All modalities of conference are terminated. Rejoin button will appear, but no users can rejoin while the affected user is in Resiliency mode.

All modalities now work. Every participant needs to click to rejoin the conference.

Ongoing conferences organized by unaffected userConference continues and affected user can stay in the conference. Affected user is restricted to what he/she can do in Resiliency mode.Conference continues, and affected user can stay in the conference and all modalities work after user exits Resiliency mode.Scheduling or modifying scheduled meetings, creating ad-hoc conferencesNot possible while user is in Resiliency mode.Available for all modalities.Presence as seen by other users in the same poolPresence unknown while user is signed into backup pool during Resiliency mode.Shows the last presence state set by the user, and presence changes will now be reflected.Contacts list and Address Book Service availabilityNot availableAvailableAll peer-to-peer sessions and modalitiesAvailableAvailableSlide23

Synchronizes

user data and conference content between paired poolsEnterprise Edition Pool

<-> Enterprise Edition PoolStandard Edition

Pool

<->

Standard Edition Pool

Synchronization cycle occurs every two minutes (by default)Changes are exported in batches to zip files on Backup poolSource pool signals Backup pool to import changesCookie used as watermark for referenceLync Backup Service

23Slide24

Data on the File

ShareBackup service writes to local file store BackupStore\Temp (Working Folder)

Backup service transfers file to paired pool file store

BackupStore

Pool A File Store

Pool B File StoreSlide25

Pool Failover in Lync 2013

Ewan MacKellarSlide26

Best Practices for Pairing Front End Pools

It is recommended that

Front End pools paired are within the same Region.

Pairings best

practices

:

Enterprise Edition pools  Enterprise Edition pools

Standard

Edition pools



Standard Edition poolsPhysical pools physical poolsVirtual pools  Virtual poolsTopology Builder/topology validation will not prohibit pairing two pools in a way that does not follow these recommendations For example, Topology Builder allows you to pair an Enterprise Edition pool with a Standard Edition pool; however, these types of pairings are not recommendedPool capacity at 50% ; to serve all users during disasterIf you pair Enterprise Edition pools, you can also implement high availability on the Back End Servers, but for pairs of Standard Edition pools, only the DR measures are available 26Slide27

HA/DR Feature Support Matrix

Feature

HA

DR

Peer-to-peer (all

modalities)





Presence





Conferencing (all modalities)UCWAArchivingCDR / QoEXFederationPIC routingUnified Contact StoreFeatureHA

DR

Topology Builder



Lync Server Control Panel

Persistent Chat





Planning Tool





PSTN Voice /

E911*





CAA / CAS

/

PVA / GVA





RGS / CPS



X

Call

Admission Control



X

XMPP





27Slide28

Backup

Registrar Relationships

In Lync Server 2013, backup

Registrar relationships between Front End pools are always

1:1

and reciprocalIf P1 is the backup for P2, then P2 must be the backup for P1, and neither can be the backup for any other Front End poolEven though backup relationships between two Front End pools must be 1:1 and symmetrical, each Front End pool can still also be the backup registrar for any number of

Survivable Branch Appliances

, just as in Lync Server 2010

Lync

Server 2013

does not extend disaster recovery support to users homed on a Survivable Branch Appliance28Slide29

Lync Server 2013 Standard EditionSlide30

No Enterprise Pool?Slide31

Pool Pairing Advantages

No need for Hardware Load Balancer

No need for SQL Server (except mon/arch)

No need for DFS/file share

“Failure domain” is isolated to one server vs. entire pool

Fewer servers required; up to 40,000 users

Load users based on active/active or active/passiveVoice routing can use selective trunks vs. pool Mediation Servers in EELync Server 2013 Standard Edition

“Using Lync Standard Edition is not about user count, it’s about a customer’s Recovery Time Objective (RTO)”Slide32

Lync Server 2013 Standard Edition

It’s not all about server count…

*based on 6667 max per EE and 2500 max per SE

Users

Std

Ent

10000

12

20

20000

16

20300002224400002626500003026600003630700004032Slide33

Use site-based Federation routes (new in 2013 topology builder!)

Create SRV records for each SE server with differing weightsEach SE server will need an external web farm FQDN public DNS entry

Use a wildcard certificate for reverse proxy

Lync Server 2013 Standard Edition

Design GuidanceSlide34

RTO/RPO >30

minutes (http://technet.microsoft.com/en-us/library/jj205079.aspx)

Manual pool switchover (Invoke-CsPoolFailover)

Manual assignment of user to SE Server (scriptable

?)

Single server per poolSingle point of failure for Edge to next hop

Manual change of ‘next hop’ Edge to SE ServerManual switchover and single point of failure of Response Groups (Export/Import)Potentially more complex to manageSingle point of failure in PSTN conference DIDSingle point of failure for Exchange OWA integrationLync Server 2013 Standard EditionRecognize shortcomings (key takeaway)Slide35

Metropolitan Data CenterSlide36

Single pool? Single point of failure, even if it spans locations…Slide37

Lync Server 2010 Metropolitan Site Resiliency

The metropolitan site resiliency solution supported for

Lync Server 2010 is

NOT

supported for Lync Server 2013

If you have already deployed a Lync Server 2010 metropolitan site resiliency topology, when you upgrade to Lync Server 2013:Move to the Lync Server 2013 disaster recovery solution based on Front End pool pairing (recommended/supported)

DO NOT STRETCH YOUR LYNC 2013 POOL

37Slide38

Track resources

Exchange Server Documentation –

http://aka.ms/E15Docs

Exchange Team Blog –

http://aka.ms/EHLO

Lync Server Documentation -

http://aka.ms/Lync15Docs

Lync Server Team Blog –

http://aka.ms/LyncBlog

Download

Exchange

and Lync Today!Contact your Microsoft or Partner Account Manager to arrange a time test drive Exchange and Lync at the Office ShowcaseSlide39

Developer Network

Resources for Developers

http://

msdn.microsoft.com

/en-au/

Learning

Virtual Academy

http://www.microsoftvirtualacademy.com/

TechNet

Resources

Sessions on Demand

http://channel9.msdn.com/Events/TechEd/Australia/2013Resources for IT Professionalshttp://technet.microsoft.com/en-au/Slide40

Keep Learning

Download both

Exchange Server 2013

and

Lync Server 2013

and try in your own environment

Trial Exchange and Lync

Online

Contact your Microsoft or Partner Account Manager to arrange a time test drive Exchange and Lync in one of our Customer Immersion Experience

Centres

Contact

your Microsoft or Partner Account Manager to get a Lync business value assessment or an Exchange and Lync technical briefingSlide41

© 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.

The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.