Read Windows Server 2008 R2 Unleashed Online
Authors: Noel Morimoto
balancing and device failover. Load balancing is the process of spreading requests across
multiple devices to keep individual device load at an acceptable level. Failover is the
process of moving services offered on one device to another upon device failure, to main-
tain availability. Common scenarios for creating fault-tolerant IP networks can include,
but are not limited to, the following:
.
Acquiring multiple network connections between the data center and the
ptg
Internet—
This includes using different Internet service providers and, hopefully,
each of the connections is not connected to the same external telco box on the
street as this becomes the single point of failure if hit by a car, truck, or cut off from
communications.
.
Deploying multiple and redundant firewalls, virtual private networks
(VPNs), and network routers that will failover to one another—
This usually
involves software or hardware configurations that allow each of the devices to
communicate with one another to detect failures. These devices, when deployed in
redundant configurations, can be leveraged in an active/passive configuration where
only a single primary device is used and the secondary device only comes online
when the primary fails. Alternatively, in many cases these devices can be used in an
active/active configuration that disperses or distributes the load and requests across
each device and when a single device fails, the remaining device handles the entire
29
load.
.
Deploying critical servers with multiple network adapters connected to
separate network switches—
This allows a server to be connected and available on
different switches in case a single network card in the server fails or if the port or the
entire network switch or blade fails.
.
Deploying hardware-based NLB devices—
Many network switches, routers, and
certain devices created just for this purpose can provide some, if not all, of the func-
tionality included in Windows Server 2008 R2 NLB. This, of course, might be the
best choice for load balancing at the network level when organizations deploy and
support systems other than Windows Server 2008 R2 and when they also need to
load-balance network devices, such as firewalls and VPN devices.
1176
CHAPTER 29
System-Level Fault Tolerance (Clustering/Network Load Balancing)
.
Deploying servers with multiple network adapters using third-party network
teaming software—
This configuration uses third-party software installed and con-
figured on a server to create a new virtual network adapter that is used to provide
access to the server system through a single or all of the physical network adapters
on the server that are part of this configuration. Windows Server 2008 R2 supports
teamed network adapters as long as the drivers and software are certified to work
with Windows Server 2008 R2.
NOTE
If the Windows Server 2008 R2 system utilizes iSCSI storage, the network adapters
designated for iSCSI communications are not supported on teamed network adapters.
Designing Fault-Tolerant Server Disks
Many Windows Server 2008 R2 systems that will be used for NLB or failover clusters are
deployed with local disk storage. The local disks commonly store the operating system
files as well as the necessary service or application files. Each system that will participate
in a cluster should have the local disks and volumes configured exactly the same, includ-
ptg
ing drive letters and any mount point assignments. When local disks are used to provide
the operating system and application or service core files, the local disks should be
deployed using redundant, fault-tolerant configurations. There are mainly two different
ways to add fault tolerance to the local disks in a Windows Server 2008 R2 system. The
first is creating redundant arrays of inexpensive disks (RAID) using disk controller configu-
ration utilities (also known as hardware-level RAID), and the second is creating RAID
volumes using dynamic disks using the Disk Management console from within the operat-
ing system (known as software-level RAID).
Using two or more disks, different RAID-level arrays can be configured to provide fault
tolerance that can withstand disk failures and still provide uninterrupted disk access.
Implementing hardware-level RAID configured, stored, and managed by the system’s disk
controllers is preferred over the software-level RAID configurable within Windows Server
2008 R2. Windows Server 2008 R2 dynamic disk mirrored and RAID-5 volumes are
managed by the system and add some load to the system. Additionally, another good
reason to provide hardware-level RAID is that the configuration of the disks does not
depend on the operating system, which gives administrators greater flexibility when it
comes to recovering server systems and performing upgrades. For more information on
disk configuration options, refer to Chapter 28 of this book. For detailed information on
how to best configure RAID arrays using local disk controllers, refer to the manufacturer’s
documentation.
As a best practice, Windows Server 2008 R2 can be deployed with the operating system
disks stored on RAID-1, or mirrored, disks and presented to the operating system as the
“C” volume. A second volume in the system can be used to store application data and files
and, when possible, this data should be placed on different redundant disks or at least on
separate volumes to prevent impact to the space available in the operating system volume.
Windows Server 2008 R2 Clustering Technologies
1177
Increasing Service and Application Availability
A service and/or application’s reliability is greatly dependent on the underlying software
code, the hardware the system is running on, and how it interacts with the host operating
system. Windows Server 2008 R2 is a very stable platform partly because third-party appli-
cations and services must use only the system files provided by Microsoft when interact-
ing with the operating system and the system hardware. Furthermore, when third-party
services and applications require additional drivers, these drivers must be certified for
Windows Server 2008 R2 and the drivers must be digitally signed by the Windows Quality
Hardware labs to ensure the highest reliability. Administrators can disable the strict device
driver signing requirements, but on failover clusters, this would place the system in an
unsupported configuration and is not advisable. Remember that the only reason to deploy
failover clusters or NLB clusters is to provide high availability or very scalable services;
deploying systems using unsigned or untested drivers can reduce the overall reliability of
each system and the entire cluster.
Windows Server 2008 R2 Clustering Technologies
Windows Server 2008 R2 provides two clustering technologies, which are both included
on the Enterprise and Datacenter Editions. Clustering is the grouping of independent
ptg
server nodes that are accessed and viewed on the network as a single system. When a
service and/or application is run from a cluster, the end user can connect to a single
cluster node to perform his work, or each request can be handled by multiple nodes in the
cluster. In cases where data is read-only, the client might request data from one server in
the cluster and the next request might be made to a different server and the client would
never know the difference. Also, if a single node on a multiple node cluster fails, the
remaining nodes will continue to service client requests and only the clients that were
originally connected to the failed node may notice either a slight interruption in service,
or their entire session might need to be restarted depending on the service or application
in use and the particular clustering technology that is in use for that cluster.
The first clustering technology provided with Windows Server 2008 R2, Enterprise and
Datacenter Editions is failover clustering. Failover clusters provide system fault tolerance
through a process called failover. When a system or node in the cluster fails or is unable to
respond to client requests, the clustered services or applications that were running on that
29
particular node are taken offline and moved to another available node where functionality
and access are restored. Failover clusters, in most deployments, require access to shared
data storage and are best suited, but not necessarily limited to, the deployment of the
following services and applications:
.
File services—
File services deployed on failover clusters provide much of the same
functionality a standalone Windows Server 2008 R2 system can provide, but when
deployed as clustered file services, a single data storage repository can be presented
and accessed by clients through the currently assigned and available cluster node
without replicating the file data.
.
Print services—
Print services deployed on failover clusters have one main advan-
tage over a standalone print server: If the active print server fails, each of the shared
1178
CHAPTER 29
System-Level Fault Tolerance (Clustering/Network Load Balancing)
printers is made available to clients using another designated print server in the
cluster. Although deploying and replacing printers to computers and users is easily
managed using Group Policy deployed printers, when standalone print servers fail,
the impact can be huge, especially when servers, devices, services, and applications
that cannot be managed with group policies access these printers.
.
Database services—
When large organizations deploy line-of-business applications,
e-commerce, or any other critical services or applications that require a back-end
database system that must be highly available, deploying database services on
failover clusters is the preferred method. Also, in many cases configuring enterprise
database services can take hours and the size of the databases, indexes, and logs can
be huge, so deploying database services on a standalone system encountering a
system failure may results in several hours of undesired downtime during repair or
restore, instead of quick recovery as with a failover cluster.
.
Back-end enterprise messaging systems—
For many of the same reasons as cited
previously for deploying database services, enterprise messaging services have
become critical to many organizations and are best deployed in failover clusters.
.
Hyper-V virtual machines—
As many organizations move toward server consolida-
tion and conversion of physical servers to virtual servers, providing a means to also
maintain high availability and reliability has become even more essential when a
ptg
single physical Hyper-V host has several critical virtual machines running on it.
The second Windows Server 2008 R2 clustering technology is Network Load Balancing
(NLB), which is best suited to provide fault tolerance for front-end web applications and
websites, Remote Desktop Services Session Host server systems, VPN servers, streaming
media servers, and proxy servers. NLB provides fault tolerance by having each server in
the cluster individually run the network services or applications, removing any single
points of failure. Depending on the particular needs of the service or application deployed
on an NLB cluster, there are different configuration or affinity options to determine how
clients will be connected to the back-end NLB cluster nodes. For example, on a read-only
website, client requests can be directed to any of the NLB cluster nodes; during a single
visit to a website, a client might be connected to different NLB cluster nodes. As another
example, when a client attempts to utilize an e-commerce application to purchase goods
or services provided through a web-based application on an NLB cluster, the client session
should be initiated and serviced by a single node in the cluster, as this session will most
likely be using Secure Sockets Layer (SSL) encryption and will also contain specific session
data, including the contents of the shopping cart and the end-user specific information.
NOTE
Microsoft does not support running failover clusters and Network Load Balancing on
the same Windows Server 2008 R2 system.
Windows Server 2008 R2 Clustering Technologies
1179
Windows Server 2008 R2 Cluster Terminology
Before failover or NLB clusters can be designed and implemented, the administrator
deploying the solution should be familiar with the general terms used to define the clus-
tering technologies. The following list contains the many terms associated with Windows
Server 2008 R2 clustering technologies:
.
Cluster—
A cluster is a group of independent servers (nodes) that are accessed and
presented to the network as a single system.
.
Node—
A node is an individual server that is a member of a cluster.
.
Cluster resource—
A cluster resource is a service, application, IP address, disk, or
network name defined and managed by the cluster. Within a cluster, cluster