AD Web browser Outlook (remote user) Mobile phone Line of business application Outlook (local user)...
-
Upload
cora-chapman -
Category
Documents
-
view
219 -
download
2
Transcript of AD Web browser Outlook (remote user) Mobile phone Line of business application Outlook (local user)...
Exchange 2013 Server Role Architecture
AD
Web
browserOutlook
(remote user)
Mobile
phone
Line of business applicationOutlook (local
user)
External
SMTPservers
Exchange Online
Protection
Enterprise Network
Phone system (PBX
or VOIP)
Edge TransportRouting and AV/AS
2 Building BlocksClient Access Array• Evolution of E2010 CAS Array• SMTP Front-End
Database Availability Group• Evolution of E2010 DAG• Includes core server protocols
Loosely coupled• Functionality• Versioning• User partitioning• Geo affinity
Layer
4LB
CAS
CAS
CAS
CAS
CAS
CAS Array
MBX
MBX
MBX
MBX
MBX
DAG
E2010Banned
Server1 (Vn) Server2 (Vn+1)
Protocols, Server Agents
EWS
RPC CA
Transport
Assistants
MRS MRSProxy
Transport
Assistants
EWS
RPC CA
MRS MRSProxy
Business Logic
XSO Mail Item
Other APICTS
XSO Mail Item
Other APICTS
StorageStore
Content index
File systemESE
StoreContent index
File systemESE
SMTP
MRS proxy protocol
EWS protocol
Custom WS
Every Server is an Island
CAS
For a given mailbox’s connectivity, the protocol being used is always served by the protocol instance that is local to the active database copy
Each CAS determines the right end point for the traffic, and so all sessions – regardless of where they started – end up in the same place
This means that the rendering for clients like OWA occurs on the Mailbox server, Transport transcoding is occurring on the Mailbox server, etc.
User
DAG1
MBX-A MBX-B
The key to enlightenment…
What is the Client Access server role?CAS2013 is comprised of three components:
Client protocols (HTTP, IMAP, POP)SMTPUM Call Router
Thin, stateless (protocol session) servers organized in a load balanced configuration
Session affinity NOT required at the load balancer
Provides a unified namespace and authentication for clientsWhere the logic “lives” to route a specific protocol request to the “correct” destination end point
Capable of supporting legacy servers with redirect or proxy logic
Is a domain-joined machine in the corporate forest
What is the Mailbox server role?A server that hosts all the components that process, render and store the data Clients do not connect directly to MBX2013 servers; connectivity is through CAS2013Evolution of E2010 DAG
Collection of servers that form a HA unitDatabases are replicated between servers in a given DAGServers can be in different locations, for site resiliencyMaximum of 16 Mailbox servers100 database copies / server
MBX1
MBX2
MBX16
Exchange IOPS Trend
DB IOPS/Mailbox
Exchange 2003 Exchange 2007 Exchange 2010 Exchange 2013
1
0.8
0.6
0.4
0.2
0
+93% reduction!
8KB Page Size
STM Removed
Store Quaranti
ne
10GB Mailboxe
s
Elimination of Partial B+
Merges
Cache Warming on
Passive
Log Roll
32KB Page Size
Message properties stored as
blobs
Per-Database Process
Fast Failover
TBA Store Maintenance
Lost Write Detection
Cache Maintained after
Recovery
100GB Mailboxes
Database Compressi
on
1 Million Items / Folder
Managed Store
Lost Log Resilience
Page Dependency
Removal
Online Page Zeroing
Per-Mailbox Tables
100MB Checkpoint Depth on
Passive Copies
Lagged Copy Enhancements
OS Upgrade Support
128MB Extent Size
Optimized for 7.2K RPM Disks
100 Databases / Server
Hung IO and Bluescreen
Support
Gap Coalescing
Smooth IO Writes
Incremental Resync
Improved Async Read Capability
Support for 231 log
generations
1GB Mailboxes
64-bit architecture
Standby Continuous Replication
20,000 Items / Folder
ESE & Store ImprovementsLog checksum recovery from
single-bit errors
50 Databases /
server
Database Cache Compression
Improved IO
Coalescing
Continuous Replication
Parallel Mounting
Database Space Allocation Hints
Multiple Databases / JBOD Disk
Lazy View Update
Changes
Lazy Indexes
Online Database Checksum
1MB Log Files
100MB Checkpoint Depth on
Active Copies
Version Store Improvements
1:1 Read:Write Ratio
Physical Contiguity Store Schema Changes
Tuned Maintenanc
e Writes
Single Page Restore
100,000 Items / Folder
JBOD Support
Database Cache Priority
B+ Tree Defrag
BDM for Active and Passives
Pre-read Keys
2010No more
deferred content conversion
2007
AutoReseed
2013
What is the Edge Transport server role?Handles all Internet-facing mail flow
Can be installed in a perimeter network
Does not have to be joined to a domain
Utilizes EdgeSync process to provide one-way replication of recipient and configuration information
FET is bypassed unless roles are co-located
No longer has built-in antivirus components, but does contain anti-spam capabilities
Command-line management only
External
SMTPservers
EOP
Edge Transport
Servers
MailboxServers
AD
EdgeSync
TCP 50636
Mail flow
Client AccessServers
MDB
Transport
MBX Transport
Front-End Transport
2 Recipients
DAG
CAS
MBX
Transport Architecture
MDB
Transport
MBX Transport
Front-End Transport
CAS
MBX
Every DAG represents a transport HA boundaryTransport site resilience is provided by spanning DAGs across Active Directory sites
Every message is redundantly persisted before its receipt is acknowledged to the senderDelivered messages are kept redundant in transport similar to active messages
Known as Safety NetTime-based preservation of data
Transport ArchitectureHigh Availability
Monitoring and recovery infrastructure is integrated with Exchange’s high availability solutionDetects and recovers from problems as they occur and are discoveredIs user focused – if you can’t measure it, you cannot monitor it
Managed AvailabilityThe brains behind the operation
—OWA send—OWA failure—OWA failure detected —OWA recycle AppPool —OWA recycle complete —OWA verified as healthy —OWA send—OWA failure—OWA failure detected —OWA recycle AppPool —OWA recycle AppPool failed—Failover server’s databases—OWA service restarts—OWA verified as healthy —Server becomes “good” failover target (again)
LB CAS-1
CAS-2
DAG
MBX-1
DB1 DB2
MBX-2
OWA
DB1 DB2
MBX-3
OWA DB1 DB2
OWA
OWA
OWA
OWA
DB1
DB1
Managed Availability + RetriesS**t breaks but the Experience does not
CAS2013
MBX2013
RPC CA
IIS
RPS OWA, EAS, EWS, ECP, OAB
POP IMAP
Transport UM
RpcProxy
MDB MailQ
HTTP Proxy
IISPOPIMAP
SMTP UM
TelephonyIMAP SMTP
OWA EAS EACOutlook PowerShell
Load Balancer
HTTP POPIMAP
SMTP
Redirect
SIP +
RTP
CAS2013 Client Protocol Architecture
Exchange 2013 does not support RPC/TCP connectivityWhat are the benefits?
Does not require a “RPC CAS array namespace” for the DAGNo longer have to worry about “The Exchange administrator has made a change that requires you to quit and restart Outlook” during mailbox moves or *over eventsExtremely reliable and stable connectivity model – the RPC session is always on the MBX2013 server hosting the active database copy
What changes?RPC end point for Outlook client is now a GUID (and SMTP suffix)Support for internal and external Outlook Anywhere namespaces
Outlook Connectivity – RPC/HTTPOutlook Anywhere is in
Outlook RPC/HTTP Connections
CAS2013
MBX2013
RPC CA
IIS
HTTP Proxy
IIS
LB
HTTP
MDB
HTTPSRPC_DATA_IN
HTTPSRPC_DATA_OUT
HTTPSRPC_DATA_IN
HTTPSRPC_DATA_OUT
HTTPSRPC_DATA_IN
HTTPSRPC_DATA_OUT
RpcProxy
HTTP
RPC
MAPI
Double-wrapped for your protection!
Outlook
Outlook Connectivity – MAPI/HTTPOutlook Anywhere is on the way out
What is it?New connectivity mechanism
No longer uses intermediary RPC components (on client or server)ROPs are still used, just sent to Exchange directly over HTTP
Advertised via AutodiscoverClient advertises support and server returns configuration settings
Disabled by default
RequiresExchange 2013 SP1 (or later)Exchange 2013 mailboxOutlook 2013 SP1 (or later)Client restart
Why?Provides more reliable connection
80% of users connect in 5s or less82% of users resume from hibernate sync times of 30s or less73% of users take 30s or less to start synchronization from bootStandard HTTP pattern instead of two long-lived HTTP connections
Removes RPC stack dependency
Better diagnosticsHeader information
Common authentication scheme across protocol stack
Outlook MAPI/HTTP Connections
CAS2013
MBX2013
HTTP Proxy
IIS
LB
HTTP
MDB
HTTPSReq/Response
HTTPSReq/Response
HTTPSReq/Response
HTTPSHanging Notification
HTTP
MAPI
Single-wrapped for your enjoyment!Outlook
IIS
MAPI HTTP Handler
MBX2013
CAS2013
Load Balancer
HTTP Proxy
IIS
DB
Protocol Head
HTTP
MBX2007
CAS2007
Load Balancer
IIS
DB
Middle Tier Layer
OWA Legacy Redirect Request
MBX2007
DB
Cross-Site OWA Proxy Request
CAS2007
IIS
Middle Tier Layer
CAS2013 Client Protocol Connectivity FlowExchange 2007 Coexistence
Outlook Anywhere Proxy RequestActiveSync Proxy Request
Site
B
ou
nd
ary
MBX2013
CAS2013
Load Balancer
HTTP Proxy
IIS
DB
Protocol Head
HTTP
Legacy Proxy Request
MBX2010
DB
Cross-Site Legacy Proxy Request
CAS2010
IIS
Middle Tier Layer
CAS2013 Client Protocol Connectivity FlowExchange 2010 Coexistence
Load Balancer
Cross-Site OWA Redirect Request
Site
B
ou
nd
ary
MBX2010
CAS2010
Load Balancer
DB
Middle Tier Layer
IIS
MBX
CAS
Load Balancer
HTTP Proxy
IIS
DB
Protocol Head
Local Proxy Request
HTTP
HTTP
Site
B
ou
nd
ary
MBX
CAS
Load Balancer
HTTP Proxy
IIS
DB
Protocol Head
HTTP
OWA Cross-Site Redirect Request
HTTP
MBX
DB
Protocol Head
HTTP
Cross-Site Proxy Request
HTTP
Site
B
ou
nd
ary
CAS
HTTP Proxy
IIS
CAS2013 Client Protocol Connectivity FlowEnd State
Exchange 2013 no longer needs all the namespaces that Exchange 2010 requiredTwo namespace models you can deploy
Bound ModelUnbound Model
Can still deploy regional namespaces to control trafficCan still have specific namespaces for protocolsLeverage split-DNS to minimize namespaces and control connectivity
Deploy separate namespaces for internal and external Outlook Anywhere host names
Namespace Planning
Sue (somewhere in
NA) DNS Resolution
DAG1
mail VIP mail2 VIP
mail.contoso.com
mail2.contoso.com
DAG2
Jane(somewhere in
NA)DNS Resolution
Passive
Active
Active
Passive
Bound Model
Round-Robin between # of VIPs
Sue (somewhere in
NA) DNS Resolution
DAG
VIP #1 VIP #2
mail.contoso.com
Unbound Model
Exchange 2013 no longer requires session affinity at the load balancing layer
For a given protocol session, CAS now maintains a 1:1 relationship with the Mailbox server hosting the user’s data
Remember to configure health probes to monitor healthcheck.htm, otherwise LB and MA will be out of syncLoad balancer configuration and health probes will factor into namespace design
Load Balancing
CAS
OWA
ECP
EWS
EAS
OAB
MAPI
RPC
AutoD
Single Namespace / Layer 4
autodiscover.contoso.com
User
Layer
4LB
mail.contoso.com
health check
CAS
OWA
ECP
EWS
EAS
OAB
MAPI
RPC
AutoD
Single Namespace / Layer 7
autodiscover.contoso.com
User
Layer
7LB
mail.contoso.com
health check
Health check executes against each virtual directory
mapi.contoso.com
User
Layer
4LB
mail.contoso.com
ecp.contoso.com
ews.contoso.com
eas.contoso.com
oab.contoso.com
oa.contoso.com
CAS
OWA
ECP
EWS
EAS
OAB
MAPI
RPC
AutoD
autodiscover.contoso.com
Multiple Namespaces / Layer 4
Generalist IT admin
Those with increased network flexibility
Those who want to maximize
server availability
+ Simple, fast, no affinity LB+ Single, unified namespace+ Minimal networking skillset
- Per Server Availability
+ Per protocol availability+ Single, unified namespace
- SSL termination @ LB- Requires increase networking skillset
+ Simple, fast, no affinity LB+ Per protocol availability
- One namespace per app protocol- One VIP per protocol
SimplicityFunctionality
Wh
o’s
it
for?
Trad
e-O
ffs
Exchange Load Balancing Options
Preferred ArchitectureNamespace Design
For a site resilient datacenter pair, a single namespace / protocol is deployed across both datacenters
autodiscover.contoso.comHTTP: mail.contoso.comIMAP: imap.contoso.comSMTP: smtp.contoso.com
Load balancers are configured without session affinity, one VIP / datacenter
Round-robin, geo-DNS, or other solutions are used to distribute traffic equally across both datacenters
mail VIP
mail VIP
Preferred ArchitectureDAG Design
Each datacenter should be its own Active Directory site
Deploy unbound DAG model spanning each DAG across two datacenters
Distribute active copies across all servers in the DAG
Deploy 4 copies, 2 copies in each datacenter
One copy will be a lagged copy (7 days) with automatic play down enabled
Native Data Protection is utilized
Single network for replication and client traffic
Utilize a third datacenter for Witness server placement, if possible
Increase DAG size density before creating new DAGs
DAG
mail VIP
mail VIP
Witness Server
Preferred ArchitectureServer Design
Multi-role servers deployed on commodity hardware
JBOD storage utilizing large capacity 7.2K SAS disks
Multiple databases / volume
AutoReseed with hot spare
DAG
mail VIP
Large Mailboxes for the win!Large Mailbox Size 100GB+
Aggregate Mailbox = Primary Mailbox + Archive Mailbox + Recoverable Items1-2 years of mail (minimum)1 million items / folder
Increased knowledge worker productivity
Eliminate or reduce PST reliance
Eliminate or reduce third-party archive solutions
Outlook 2013 allows you to control OST size!
Gives more options around mailbox deployments
Time ItemsMailbox
Size
1 Day 150 11 MB
1 Month 3300 242 MB
1 Year 39000 2.8 GB
2 Years 78000 5.6 GB
4 Years 156000 11.2 GB
Selina(somewhere in
NA)DNS Resolution
DAG
na VIP na VIP
Batman(somewhere in Europe)
DNS Resolution
DAG
eur VIP
eur VIP
Preferred Architecture
na.contoso.comeur.contoso.com
New building block architecture provides flexibility in load balancing, namespace planning and high availabilityTake advantage of large, low-cost mailboxes by utilizing large capacity 7.2K RPM disksSimpler is better!
Summary
1. Go to the Pre-Release Programs Booth
2. Tell us about your Office 365 environment/or on premises plans
3. Get selected to be in a program
4. Try new features first and give us feedback!
Start now at:http://prereleaseprograms-public.sharepoint.com/
Pre-Release Programs TeamBe first in line!
© 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.