locked
Clustering Remote Desktop Services RRS feed

  • Question

  • Hi there - I have a question to check I am thinking along the correct lines for a HA clustered RDS setup. This will be for 400+ users all running thin clients and only using browsers in Remote Desktop. The system mut be highly available and fault tolerant.

    My Plan:

    3 physical servers and a SAS attached SAN
    Each pysical server running Windows 2008 R2 Enterprise with Hyper-V
    Each physical server running three virtual servers, again 2008R2 Ent
    The virtual servers will be configured for high availability
    One virtual server on each physical server will be used for AD, DNS, WINS
    The two others will be running Remote Desktop Services as part of a Farm using round-robin DNS and RD Connection Broker

    Should the RDS servers be in a cluster? I presume yes if we need to access shared resources such as user profiles and data?

    Is there anything wrong with this and/or am I missing something?

    Thanks,

    Jez

    • Moved by Joson Zhou Monday, September 6, 2010 3:46 AM (From:High Availability (Clustering))
    Sunday, September 5, 2010 2:09 PM

Answers

  • Hi,

    Or better still, not cluster the RDS servers, but cluster RD Connection Broker on the 3 DCs to connect to the 6 RDS servers in the Farm?

    You can refer to this guide for RD Connection Broker high availability:

    Deploying Remote Desktop Connection Broker with High Availability Step-by-Step Guide

    http://technet.microsoft.com/en-us/library/ff686148(WS.10).aspx

     

    I might still need help working out how to direct users to their profiles and shared data please.

     

    I recommend that you install the same applications on all RDS servers in the farm and use roaming profile (and folder redirection).

     

     

    P.S. As the topic is more related to RDS, I’ve moved the thread to Remote Desktop Service forum so that you can get more suggestion from the experts there.

     


    This posting is provided "AS IS" with no warranties, and confers no rights. Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
    • Proposed as answer by Aaron.Parker Monday, September 6, 2010 11:11 AM
    • Marked as answer by Joson Zhou Wednesday, September 8, 2010 1:13 AM
    Monday, September 6, 2010 3:45 AM
  • Re-logging back in will depend on your environment, but around 30 seconds would be an average.

    RAM allocation vs. the number of RDSH servers can only be answered by your testing. The amount of RAM vs. the number of servers will be dependant on your environment. The VRC whitepaper and the Microsoft capacity planning document should give you some good recommendations.

    Hosting the server roles on Hyper-V or another hypervisor would be the recommended approach. I don't think that the physical DC's hardware requirements will be high. You can still host additional DCs as VMs.

    • Proposed as answer by Aaron.Parker Monday, September 6, 2010 11:11 AM
    • Marked as answer by Joson Zhou Wednesday, September 8, 2010 1:13 AM
    Monday, September 6, 2010 10:49 AM

All replies

  • I think I need to cluster the RD Connection Broker don't I? Therefore no need for round-robin DNS?
    Sunday, September 5, 2010 3:02 PM
  • Or better still, not cluster the RDS servers, but cluster RD Connection Broker on the 3 DCs to connect to the 6 RDS servers in the Farm?

    I might still need help working out how to direct users to their profiles and shared data please.

    Sunday, September 5, 2010 3:18 PM
  • Hi,

    Or better still, not cluster the RDS servers, but cluster RD Connection Broker on the 3 DCs to connect to the 6 RDS servers in the Farm?

    You can refer to this guide for RD Connection Broker high availability:

    Deploying Remote Desktop Connection Broker with High Availability Step-by-Step Guide

    http://technet.microsoft.com/en-us/library/ff686148(WS.10).aspx

     

    I might still need help working out how to direct users to their profiles and shared data please.

     

    I recommend that you install the same applications on all RDS servers in the farm and use roaming profile (and folder redirection).

     

     

    P.S. As the topic is more related to RDS, I’ve moved the thread to Remote Desktop Service forum so that you can get more suggestion from the experts there.

     


    This posting is provided "AS IS" with no warranties, and confers no rights. Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
    • Proposed as answer by Aaron.Parker Monday, September 6, 2010 11:11 AM
    • Marked as answer by Joson Zhou Wednesday, September 8, 2010 1:13 AM
    Monday, September 6, 2010 3:45 AM
  • There's plenty more RDS step-by-step guide here: http://www.microsoft.com/downloads/en/results.aspx?freetext=remote+desktop+step-by-step&displaylang=en&stype=s_basic

    Including how to install the RD Session Host role (the bit that actually hosts user sessions and applications): http://www.microsoft.com/downloads/details.aspx?FamilyID=da934121-f85d-4827-bb11-e17e9db5d53a&displayLang=en

    The roles you will need to deploy should be:

    • RD Session Host (dedicated role, treat this role just like you would a desktop)
    • RD Licensing (can be on other servers including DCs)
    • RD Connection Broker (can be hosted with RD Web Access)
    • RD Web Access (can be hosted with the Connection Broker)
    • RD Gateway (for remote access)

    For user data, read the Managing Roaming User Data Deployment Guide: http://technet.microsoft.com/en-us/library/cc766489(WS.10).aspx.

    These articles are also worth reading: http://www.grouppolicy.biz/2010/08/best-practice-roaming-profiles-and-folder-redirection-a-k-a-user-virtualization and http://www.windowsnetworking.com/articles_tutorials/Windows-User-State-Virtualization-Part1.html

    • Proposed as answer by Aaron.Parker Monday, September 6, 2010 11:11 AM
    Monday, September 6, 2010 7:55 AM
  • Hi Aaron/Joson,

    Thanks - I have read the links.

    So you think my concept is okay?

    In summary:
    3 hosts running 3 guests in High Availability each - a total of 9 VMs
    1 guest on each host set up as DCs and clustered RD Connection Broker - 3 VMs
    2 guest on each host set up as RDS servers in a Farm - 6 VMs

    Each server will be the latest HP DL360 G7 with two quad core processors and 48GB of RAM. The back end SAN will be SAS attached and RAID10 with 1.2TB of unformatted space.

    I am just looking for a reply as to whether the concept is fine - the risk is mine and no blame will be apportioned!

    Thanks,

    Jez

     

    Monday, September 6, 2010 8:56 AM
  • Oh yes - and I found this from http://blogs.technet.com/b/iftekhar/archive/2010/02/10/rds-hardware-sizing-and-capacity-planning-guidance.aspx:

    Here are some bullet points which I recommend to my partners and customers to consider:

    • 2GB Memory (RAM) is the optimum limit for each core of a CPU. E.g. If you have 4 GB RAM then for optimum performance there should be Dual core CPU.
    • 2 Dual Core CPU perform better then single Quad core processor.
    • Recommended bandwidth for LAN of 30 users and WAN of 20 users.  Bandwidth (b) = 100 megabits per second (Mbps) with Latency (l) Less than 5 milliseconds.
    • On a Terminal Server 64 MB per user is the Ideal Memory (RAM) requirement for GP Only use + 2 GB for OS E.g. (100 users * 64) + 2000 = 8.4 GB i.e. 8GB RAM.
    • More applications used (i.e. Office, CAD Apps and etc.) will require more memory per user to be added to this calculation over the 64 MB base memory per user.
    • 15 TS session per CPU core is the optimum performance limit of a Terminal Server.
    • Network should not have more than 5 hops, and latency should be under 100ms.
    • 64 kbps is the Ideal Bandwidth per user session. (256 color, switched network, bitmap caching only)
    • CPU performance degrades if %processor time per core is constantly above 65%.
    • Terminal servers performance doubles when it is running on a X64 HW and OS.

    So a guide for RAM for 100 users is 8GB?

    Thanks,

    Jez

    Monday, September 6, 2010 8:59 AM
  • That sounds about right, but what role/s are you intending to run on the 9 clustered VMs?

    You should also run at least one DC external to the virtualisation hosts.

    Here's some capacity planning documents that may be useful as well:

    Remote Desktop Session Host Capacity Planning in Windows Server 2008 R2: http://www.microsoft.com/downloads/en/details.aspx?FamilyID=ca837962-4128-4680-b1c0-ad0985939063&displayLang=en

    RD Gateway Capacity Planning in Windows Server 2008 R2: http://www.microsoft.com/downloads/en/details.aspx?FamilyID=d31ac8fd-6ad8-4c5e-8dc3-a93fb55abc76&displayLang=en

    • Proposed as answer by Aaron.Parker Monday, September 6, 2010 11:11 AM
    Monday, September 6, 2010 9:15 AM
  • Hi - thanks for the fast response.

    I think I'll run the RD Licensing Roles on the DCs as well as the Connection Broker - can the the licensing role be clustered?

    Otherwise the 9 VMs will run the Session Host only - there is no need for the Web Access and Gateway at the moment

    How important is it to run an external DC - there may not be funds/scope for this?

    Jez

    Monday, September 6, 2010 9:31 AM
  • I would consider your capacity requirements before settling on 9 as the number of servers to host the RDSH role. Here's a excellent white paper on hosting the RD role on Hyper-V (plus others): http://www.projectvrc.nl/index.php?option=com_docman&task=cat_view&gid=39&Itemid=

    Note that the RDSH role cannot be clustered, so you would use an N+1 configuration. If a server goes down, users will need to reconnect to a server with enough capacity.

    There's some information here on virtualising DCs:

    Things to consider when you host Active Directory domain controllers in virtual hosting environments: http://support.microsoft.com/kb/888794

    Active Directory in Hyper-V environments, Part 1: http://blogs.dirteam.com/blogs/sanderberkouwer/archive/2008/08/13/active-directory-in-hyper-v-environments-part-1.aspx

    DCs are critical - where as you could rebuild each of the other roles quite easily, hosting virtualised DCs will impact your DR steps.

    I usually recommend only placing roles such as DHCP, DNC, CA on a DC. 

    • Proposed as answer by Aaron.Parker Monday, September 6, 2010 11:11 AM
    Monday, September 6, 2010 9:43 AM
  • Sorry - small mistake here - RDSH on 6 of the 9 VMs.

    Doesn't the RD Session Broker re-assign the session to another RDSH automatically? If so what sort of delay/end user experience does this give i.e. is the session maintained or do they need to log in again?

    So with N+1, say we lose one of the physical machines and it's 2 RDSHs - I need to make sure the 4 remaining RDSHs can take the load?

    The first link above - are you referring to the paper "Virtual Reality Check - Phase II version v1.0"

    Do you think it would be crazy to make the Hyper-V hosts DCs and then only run 2 VMs in each for RDSH?

    You said "I usually recommend only placing roles such as DHCP, DNC, CA on a DC." - do you mean DNS, or what is DNC? CA - Certificate Auth?

    Thanks again,

    Jez

     

    Monday, September 6, 2010 9:59 AM
  • Once an RDSH server goes down, the user's session will do down with it, there is no way to move the users session to another server. Users will be required to relaunch the published application or desktop to reconnect to another server.

    See the Virtual Reality Check - Phase II version v2.0 document.

    No, I would not make the Hyper-V hosts DCs.

    Yeah, I meant DNS, and CA = Certificate Authority.

    • Proposed as answer by Aaron.Parker Monday, September 6, 2010 11:11 AM
    Monday, September 6, 2010 10:04 AM
  • I'll have a good read.

    Do you have an idea of the time delay re-logging - is it a matter of just establishing a new session i.e. about 30 secs?

    Okay - think we need an additional box as the FSMO off the SAN.

    So:-

    3 x DL360 Hyper-V hosts attached to SAN
    1 x DL360 as FSMO/DNS with local disks

    6 x VM guests as RDSH in Farm - or would three be better with more RAM allocated?
    At least one more DC/GC in VM - maybe 1 on each VM host for symmetry?

    Or maybe forget about virtualisation?

    Sorry to be a pain with all these questions.

    Jez

    Monday, September 6, 2010 10:37 AM
  • Re-logging back in will depend on your environment, but around 30 seconds would be an average.

    RAM allocation vs. the number of RDSH servers can only be answered by your testing. The amount of RAM vs. the number of servers will be dependant on your environment. The VRC whitepaper and the Microsoft capacity planning document should give you some good recommendations.

    Hosting the server roles on Hyper-V or another hypervisor would be the recommended approach. I don't think that the physical DC's hardware requirements will be high. You can still host additional DCs as VMs.

    • Proposed as answer by Aaron.Parker Monday, September 6, 2010 11:11 AM
    • Marked as answer by Joson Zhou Wednesday, September 8, 2010 1:13 AM
    Monday, September 6, 2010 10:49 AM
  • You're a star - thanks for all your help.
    Monday, September 6, 2010 10:51 AM
  • Hi - another question:

    "I recommend that you install the same applications on all RDS servers in the farm and use roaming profile (and folder redirection)."

     

    I have a problem in that I can't cluster this shared resource needed for the profiles/redirection as the VMs have no access to the shared storage. Do you have a suggestion as to how I can make this resilient? Is putting it in an HA VM good enough as it can be moved if there is trouble?

     

    Thanks,

     

    Jez

    Monday, November 22, 2010 11:11 AM
  • For resilency for the backend profiles/redirection shares you should host these on a clustered file share. These can be physical systems or (2) virtual machines  configured in a fail-over cluster utilizing an iSCSI connection to a SAN (If virtual machines) for storing the profiles and redirection folders.

    If the servers are physical iSCSI/Fibre channel or other shared storage mechanisms are fine.

    Thursday, May 12, 2011 3:28 PM