Plan high availability
More on Microsoft failover clustering here
Microsoft failover clustering no longer supports direct parallel SCSI and requires shared storage that is SCSI Primary Commands (SPC-3) compatible i.e. uses SCSI-3 persistent reservations.
More on Microsoft Load balancing and DNS round robin here
Mixed-mode clusters are possible but it is recommended that all cluster nodes are running the same operating system.
If IGMP multicast mode is used then IGMP snooping must be enabled on the switch.
Each cluster host sends a heartbeat every second, if five consecutive heartbeats are missed then the cluster converges removing the failed host.
The MCITP self-paced training kit for Windows Server 2008 administrator seems to suggest that Microsoft testing has found that NLB clusters with more than 8 nodes are not efficient. If you need more than 8 nodes consider multiple NLB clusters which use DNS round robin.
DNS round robin is enabled by default, remember than netmask ordering is enabled by default too; netmask ordering will return the ip address of a particular record which is within the same subnet. DNS netmask ordering uses class C to determine whether the network is local.
Plan for backup and recovery
Major changes since NTBackup
- Windows Server backup no longer supports tape media
- Windows Server backup on Windows Server 2008 does not support scheduled optical or remote share backups; Windows Server 2008 R2 does support scheduled remote share backups but with the caveat of only one backup being stored.
- The smallest backup object is a volume
- Only NTFS volumes can be backed up
- Backups are stored as VHD files
- Windows Server backup on Windows Server 2008 R2…
- …supports the inclusion or exclusion of files, file types and paths.
- …incremental backup forever
- …system state backup use shadow copy versions to minimise the backup set size
The backup operator role can only schedule adhoc backups; full administrator rights are required to configured scheduled backups.
Ideally backup sets should be kept offsite and where data is encrypted, encryption recovery keys should be kept with the backup set too. If using a disaster recovery site then adequate resource should be available; one benefit of Windows Server backup is that backup files are stored as VHD files, so virtualisation at the disaster recovery site is a viable solution.
Windows Server backup can restore applications that have Volume Shadow Service writer functionality in a more simplified manner; Windows Server backup will restore the application data, configuration settings and application program.
File recovery where duplicates exists will either overwrite, make a copy or ignore.
Server Recover Strategy
Complete server recovery requires you boot from the installation DVD and select repair; this will enter into Windows Recovery Environment (WinRE), from here you can select a backup to restore. This restore can also be used on differing hardware. NOTE full recovery requires the new disk be at least the same size as the original.
Directory Service Recovery strategy
Active Directory Authoritative restores require you restart the domain controller in Directory Services Restore Mode. Once in *DSRM restore the system state backup then start ntdsutil activating the ntds instance. Type authoritative restore, restore subtree “OU=OUName,DC=Domain,DC=com”, once the **authoritative restore is complete restart the domain controller. NOTE: authoritative restores are only valid if you have more than one domain controller i.e a non-authoritative restore would do the trick.
*an easy way to get into DSRM is by modifying the boot database, use:
bcdedit /set safeboot dsrepair
then when the restore is complete
bcdedit /deletevalue safeboot
**During a authoritative restore you will be notified of numerous ldif files which contain back links i.e. group membership, etc. note these then use:
ldifde.exe -L -K [path to file]\ldif.filename
Tombstone lifetime by default is 180 days, you cannot recover anything older than the tombstone lifetime. The tombstone lifetime was previously 60 days in Windows Server 2003 RTM.
Object level recovery
Volume shadow copies for shared folders functionality allows end users to recover deleted or corrupted files. Shadow copies can be used on non-shared folders too.
A maximum of 64 shadow copies can be created, if the disk holding the shadow copies is out of disk space then the oldest shadow copy will be deleted. The default space available for shadow copies is 10% of available disk space and the default schedule is 7am every weekday.
Active Directory objects can be restored individually using Active Directory snapshots created with ntdsutil or system state backups.
To restore an object from a system state backup first restore the system state redirecting the restore to an empty volume, then mount the ntds.dit database using dsamain.exe, use ldp.exe to restore the AD DS object.
To restore an object from a ntdsutil snapshot, mount the snapshot using ntdsutil, mount the ntds.dit database using dsamain.exe then use use ldp.exe to restore the AD DS object.
Object level recovery of objects using authoritative restores type restore object rather restore authoritative.
Windows Server 2008 R2 domain controllers running forest functional level Windows Server 2008 R2 have the AD recycle bin functionality; the recycle bin is enabled via PowerShell and requires you restore object using PowerShell; objects deleted before AD recycle bin was enabled will be missing linked value replication information i.e. group membership.
More on storage here
Windows Server 2008 and 2008 R2 includes a (DSM) Device Specific Module that works with storage devices that support (ALUA) Asymmetric Logical Unit Access and Active / Active storage controllers. DSM have provided by the SAN vendor and interface with Windows Server MPIO and Storage Manager for SANs. The ALUA model allows the server to see the LUNs over both storage controllers but only one path should be preferred i.e. the one with direct access to the LUN; accessing the LUNs via the non-direct or unoptimised path can cause path thrashing.
Windows Server 2008 and 2008 R2 supports the following MPIO policies:
- Failover – Uses one path for all storage I/O; all other paths are standby paths which are defined as most preferred to least preferred.
- Failback – Uses one path for storage I/O; all other paths are standby paths. When the preferred path becomes available storage I/O is switched.
- Round Robin – All paths are used for storage I/O.
- Round Robin with a subset of paths – A defined set of paths are used for storage I/O with another set of paths defined for standby.
- Dynamic least queue depth – storage I/O uses the path with the smallest outstanding I/O queue.
- Weighted path – All paths are given a weighting, the path with the smallest weighting is used for storage I/O.
Block based storage
Device where raw volumes are created; the filesystem of the block storage is purely determined by the OS utilising the storage e.g. VMware vSphere would format the volume VMFS whereas Windows Server would format the volume NTFS. Access is handled by the operating system.
File based storage
Storage accessed via SMB / CIFS or NFS. The access is handle by the file based storage device.
Windows Server 2008 and 2008 R2 has Storage Manager for SANs and Storage Explorer. The link above has Storage Manager for SANs information. Storage Explorer uses (iSNS) Internet Storage Name Service to discover iSCSI fabric information and SNMP, telnet or http to discover and interface with Fibre Channel fabrics.