high availability & disaster recoverycritical factor in any SharePoint deploymenthowever…
high availabilityprotecting against component failures• server hardware• operating system• service applications• application pools• custom development• …
number of nines• often an important part of a service level agreement (SLA)• usually only unplanned downtime
disaster recoveryprotecting against catastrophes• network outages• storage problems• power problems• loss of datacenters• …
protect yourselfbuild redundancy into the architecture
it’s all about the business• involve all stakeholders when planning• don’t neglect the business impact• analyze data & systems• consider non-technical elements business continuity planning
key concepts of bcp• Risk assessment• Business Impact Analysis• Business Continuity Plan• Disaster Recovery Plan
key parametersRecovery Time Objective (RTO)When will my system be available again?Recovery Point Objective (RPO)How much data can I afford to lose?Recovery Level Objective (RLO)To what level am I able to restore?
outage at 08:00 last backup at 20:00 full recovery at 12:00time RPO12h RTO4h
reality check• What are acceptable RTO & RPO times? outage at 08:00 last backup at 07:55 full recovery at 08:15 time RPO5m RTO15m• Is RTO and RPO 0 possible at all?• What about the costs?
context is kingpitfalls when designing a SharePoint HA/DR solution• enterprise infrastructure• technical skills• operational readiness• backup/restore• documentation• dependencies on other systems• 3d party tools• …
additional considerationsestablish recovery targets• What should be restored and what not?• What can be restored and what not?• Is some data more important than other?• How must the restored system behave?• Balance costs & risks when designing a solution
SharePoint optionshow can you make SharePoint highly available?• adding servers for redundancy• splitting services across servers• using load balancing techniques• highly available SQL Server• virtualization
warm / hot standby farms• completely separate farm• near identical configuration• same customizations• separate datastores• involves some kind of data replication• replicating service app data has its limits• manual failover & client redirection
service applicationsthese don’t support copying to another farm
stretched farma special case…a lot of dependencies…some complexity involved…major design constraints• network throughput• network latency• redundant access infrastructure• data replication
clusteringtwo flavors • high availability • same datacenter • 2 or more nodes • shared storage • automatic failover • SharePoint is unaware • high availability or disaster recovery • multiple datacenters • 2 or more nodes • no shared storage • automatic failover • SharePoint is unaware • data replication needed
clustering summaryhow does it satisfy requirements?
mirroringessentials• high availability scenarios• no shared storage• SharePoint is aware !nice to know• full recovery model• configured per database• only one secondary possible• secondary cannot be accessed• automatic failover possible• network constraints• sync or async• RBS (SQL filestream) not supported
log shippingessentials• disaster recovery scenarios• no shared storage• backup/restore basednice to know• full recovery model• configured per database• multiple secondarys possible• secondary can be read from• no automatic failover possible• rpo will generally not be 0
log shipping summaryhow does it satisfy requirements?
SQL 2012 Availability Group the newest kid on the blockessentials• clustering & mirroring evolved• at the instance level• no shared storage• for ha & dr• simple configurationnice to know• automatic failover across single or multiple datacenters• multiple databases fail over together• no need for aliases or AddFailoverServiceInstance in SharePoint• multiple (readable) secondaries possible• full recovery model• RBS support
SQL 2012 Availability Group summaryhow does it satisfy requirements?
single farm / one datacenter• multiple web servers with load balancing• multiple application servers• clustering or mirroring for ha or dr• consider SQL 2012 availability groups!
single farm / two datacenters• fully redundant network infrastructure• <1ms latency between datacenters• load balancing across datacenters• multiple web servers• multiple application servers• mirroring or geo cluster with data replication for ha & dr• consider SQL 2012 availability groups!
two farms / two datacenters• fully redundant network infrastructure• log shipping between data centers for dr• manual failover• manual client redirect (network routing, dns)• sometimes DR farm is read-only• warm / hot standby• consider SQL 2012 availability groups!