RD Connection Broker High Availability in Windows Server 2012

RD Connection Broker High Availability in Windows Server 2012

Rate This
  • Comments 32

Hello, this is Jingyuan, Munindra, and Sriram from the Remote Desktop Virtualization team. There have been a couple of posts recently about the new Remote Desktop Services features in Windows Server 2012. This post provides an in-depth look into one of those features, the new high availability feature of RD Connection Broker known as the Active/Active Broker, and includes deployment steps and performance results. This post is intended for administrators who are deploying virtual machine-based or session-based desktop deployments with RD Connection Broker and who want to have high availability and scalability in their deployment.

Introduction

In previous releases, the RD Connection Broker role service has supported an active/passive clustering model. This provided high availability in the case of component failure, but it did not address high scale requirements. The Active/Active Broker feature in Windows Server 2012 eliminates the need for clustering and provides a fully active/active model; with this model, two or more RD Connection Broker servers can be combined under a single DNS entry to provide both fault tolerance and load balancing. This prevents the RD Connection Broker server from being a single point of failure and also allows “scale out” as load demands.

The following diagram shows an Active/Active Broker deployment with one RD Virtualization Host server and one RD Session Host server. The RD Connection Broker servers are using a SQL database for storing data, and RDP clients are connecting to the RD Connection Broker servers using DNS Round Robin.

clip_image002

The end nodes (RD Virtualization Host, RD Session Host, and RD Web Access) are configured with the full list of all the fully qualified domain names (FQDNs) of the RD Connection Broker servers, and they can connect to any of the RD Connection Broker servers in the setup.

How to enable this feature

The starting point for enabling this feature is to have a single RD Connection Broker server deployment for either virtual machine-based or session-based deployment. After there is a single RD Connection Broker server deployment, it can be configured for Active/Active Broker setup, and then other RD Connection Broker servers can be added to this setup.

The following prerequisite steps are required before enabling this feature:

  1. You must have a SQL Server setup that can be used by the RD Connection Broker servers to store data. At least SQL Server 2008 R2 must be used, and the minimum recommended SQL Server SKU for this is Standard with at least 4GB of RAM. For more information about the sizing guidance of SQL Server 2012, see http://msdn.microsoft.com/en-us/library/ms143506.aspx.
  2. The RD Connection Broker servers must have full permissions on the SQL Server. To do so you can create a security group, add all the RD Connection Broker servers to it, and give this group full permission to the SQL Server by using SQL Server Management Studio’s “Security” configuration.
  3. Configure the Windows Firewall on the SQL Server computer to “Allow SQL Server Access” as described in http://msdn.microsoft.com/en-us/library/cc646023.aspx. You can create the exception for “sqlservr.exe."
  4. Pre-create a folder to store the SQL database files. This folder can be local on the SQL Server computer or a UNC path of a network location.
  5. Install SQL Client on all the RD Connection Broker servers so that they can communicate with the SQL Server. For more information about installing the SQL Client, see http://msdn.microsoft.com/en-us/library/ms131321.aspx.
  6. Assign static IP addresses to all the RD Connection Broker servers that will be a part of the Active/Active Broker deployment, and create a DNS Round Robin entry with these IP addresses.
  7. If you have an RD Gateway server in the deployment, ensure that you create a Remote Desktop resource authorization policy (RD RAP) with an RD Gateway-managed group that includes the DNS RR name of the RD Connection Broker server. This will allow access to the RD Connection Broker servers through the gateway for clients that are connecting by using the DNS RR name. In the following screenshot, the DNS RR name is assumed as ha-rdcb.contoso.com.
clip_image004


After the prerequisites are complete, follow these steps to configure the Active/Active Broker:

  1. On the existing RD Connection Broker server, open Server Manager.
  2. Add other servers as RD Connection Broker servers to the list of servers in Server Manager.
    clip_image006
  3. On the Remote Desktop Overview page, right-click the RD Connection Broker icon, and then click Configure High Availability.
    clip_image007
  4. Enter the following three settings:
    1. The connection string to the SQL database containing the name of the database to be created for the RD Connection Broker server. This is the string that RD Connection Broker servers will use to connect to the RD Connection Broker database on the SQL Server.
      Example: DRIVER=SQL Server Native Client 11.0;SERVER=<SQL Server Name>;Trusted_Connection=Yes;APP=Remote Desktop Services Connection Broker;DATABASE=<DB Name>
    2. The folder in which the database file is to be stored. If a local path is used, that folder should be on the SQL Server computer.
      Example: C:\DbFiles
    3. The DNS Round Robin entry name containing IP addresses of all the RD Connection Broker servers. This will be used by RDP clients to connect to the RD Connection Broker servers.
  5. After clicking OK, the SQL database for the RD Connection Broker server will be created, all RD Connection Broker server data from the local computer will be migrated to the external SQL Server, and from then on the RD Connection Broker server will start using the SQL Server. After successfully configuring the server for high availability, you will see the following screen:
    clip_image009
  6. To add other RD Connection Broker servers to the deployment, right-click the RD Connection Broker icon, and then click Add RD Connection Broker Server. This will also install the RD Connection Broker role service on the server if it is not already installed.
    clip_image010

At the end of this process, the deployment will be running with all the RD Connection Broker servers that were added, including the original one, in full Active/Active Broker mode. The end nodes (RDVH, RDSH, RDWA) will get configured with all the RD Connection Broker server names, and they will randomly choose one to connect to. The RDP clients will use the DNS Round Robin name configured to connect to the RD Connection Broker servers randomly. The RD Connection Broker servers will use the SQL database to store all data. If any RD Connection Broker server fails to communicate with SQL at any time, it will immediately disconnect all end nodes (RDVH, RDSH, RDWA), and they will try to connect to other RD Connection Broker servers in the deployment.

An RD Connection Broker server can be removed by clicking Remove RD Connection Broker Server. It is recommended that you also manually remove that RD Connection Broker server’s IP address from the DNS Round Robin list to prevent RDP clients from connecting to that RD Connection Broker server.

The Active/Active Broker configuration can also be done by using the Windows PowerShell command Set-RDConnectionBrokerHighAvailability method, which is part of the RemoteDesktop module. The parameters are the same as the ones required for the GUI based setup explained earlier in this post. Following is an example of this command:

PS C:\> ipmo remotedesktop

PS C:\> Get-Command Set-RDConnectionBrokerHighAvailability -Syntax

Set-RDConnectionBrokerHighAvailability [[-ConnectionBroker] <string>]
[-DatabaseConnectionString] <string> [-DatabaseFilePath] <string> [-ClientAccessName] <string> [<CommonParameters>] PS C:\> Set-RDConnectionBrokerHighAvailability –DatabaseConnectionString
"DRIVER=SQL Server Native Client 11.0;SERVER=<SQL Server
Name>;Trusted_Connection=Yes;APP=Remote Desktop Services Connection Broker;
DATABASE=<DB Name>"
-DatabaseFilePath "C:\DbFiles\<DbName>.mdf"
-ClientAccessName "<DNS RR Name>"

One key difference between the input parameters for the GUI setup and the Windows PowerShell command is the DB file path. The GUI expects the path to the folder where DB files will be stored whereas the Windows PowerShell command expects the full path to the database file (.mdf file), even though the file might not exist during setup and will be created by SQL during the database creation.

Subsequently, the “Add-RDServer” command can be used to add new RD Connection Broker servers to this deployment.

Benefits of Active/Active Broker

The primary benefit of Active/Active Broker is high availability. The deployment will keep working as long as there is one running RD Connection Broker server in the deployment. Individual RD Connection Broker servers can be taken down for maintenance at any time without disrupting the deployment. The addition and removal of RD Connection Broker servers is also very easy.

For data high availability, you can use SQL Server high availability solutions such as Database Mirroring and AlwaysOn Failover Cluster. We will provide more details on this in a subsequent blog post.

In addition to high availability, Active/Active Broker also provides scalability benefits. In our test we have seen that an Active/Active Broker deployment provides significant reduction in connection time compared to a single RD Connection Broker server, and the benefit increases for larger deployments. The following graph shows the average connection time for 20 parallel connections with an increasing size of the deployment for an Active/Active Broker setup with two RD Connection Broker servers, as compared to a single RD Connection Broker server deployment.

clip_image012

Test machine’s configuration:

  • HP Z400 Quad Core as SQL Server
  • HP Z400 Quad Core as 1st RD Connection Broker server, same server used for single RD Connection Broker server deployment
  • Dell 755 Core2 Quad as 2nd RD Connection Broker server
  • All servers running a pre-RC build of Windows Server 2012

This connection time only includes time spent for the RD Connection Broker server, and doesn’t include the time to prepare the virtual machine and client to eventually connect to it after redirection.

Conclusion

The Active/Active Broker feature in Windows Server 2012 is a full high availability deployment where every RD Connection Broker server is active and sharing the load. It provides high availability and high scalability benefits for medium to larger deployments. SQL Server is used for storing RD Connection Broker server runtime and configuration data thereby allowing admins to use SQL HA features for data high availability and scalability. Remote Desktop Services management that is built into Server Manager provides an easy management experience to migrate deployment from a single RD Connection Broker server to an Active/Active Broker and vice-versa. In addition, Windows PowerShell script support is available for script-based management requirements. In summary, Active/Active Broker provides the administrator with an easily deployable high availability and scalability solution for RD Connection Broker servers.

Leave a Comment
  • Please add 4 and 7 and type the answer here:
  • Post
  • Great article!

    Nice average connection time  graph!

    Freek Berson

    themicrosoftplatform.com

  • No need for clustering are great news! Are there any specific recommendations regarding the DNS RR entry regarding TTL (Time-To-Live)?

  • Is there any imrpovement in the connection times with WS 12 RC?

  • Really wondering how many simultaneous connections a single broker can support in A/A in the configuration above?

  • How it works with few Collections? I want to configure two session collections. One for for First users group, another for Second users group. Can Connection Broker redirect users to session hosts depends on Session Collection User Group settings?

  • Is the static IP on the connection brokers a hard requirement?  The reason I ask is that "most" of the cloud providers assign a persistent dynamic address that will remain with the instance for its life.  For those of us looking to move our RDS deployments to *insert cloud provider here* this may cause some issues.

  • Posting answers to questions below:

    1) any specific recommendations regarding the DNS RR entry regarding TTL – No we don’t have any specific recommendations. But admin needs to make sure RR entry is up to date when Brokers are added, removed or brought down for maintenance.

    2) how many simultaneous connections a single broker can support in A/A in the configuration above – The above graph is based on 20 parallel connections. We have tried up to 100 parallel connections in our setup without significant increase in connection time.

    3) How it works with few Collections – it works with both smaller or large collection set in the same way.

    4) Can Connection Broker redirect users to session hosts depends on Session Collection User Group settings – Can you please clarify which specific settings you are referring to?

    5) Is the static IP on the connection brokers a hard requirement – Static IP is a requirement for DNS RR and not specific to Active/Active Broker. If “dynamic address that will remain with the instance for its life” than yes, you can use them in the DNS RR.

    Thanks!

  • Great artlcle. I understand that this article is about 2012 but I could not find a more appropriate place to post my query which is about 2008. We have a multiple physical host 2008 R2 Hyper-virtualized TS farm with several session brokers (virtualized as well) and a connection broker (VM) as well. What is happening is that around noon the Session Brokers suddenly lose their connection to the Connection Broker and then a minute later reconnect. However in the process of disconnecting and reconnecting, the Connection Broker now no longer has the appropriate connection information for the clients that were logged on to the TS. The clients are still connected via the TS to the Session Broker but because the Session Broker lost connection to the Connection Broker it seems that those users who disconnected and would ordinarily get their session back - we have a 2 hour time out - are no longer being redirected to their existing session. This only happens at noon which coincides with the time that people go for lunch and disconnect their sessions en masse - at other times of day when there is a more intermittent disconnection situation- a person here and there disconnects from their session but there is no 'mass disconnection' there is no issue - the users when the reconnect go back to the session they left. I would appreciate any thoughts as to what might be the cause of this/how we might isolate the problem? Is there some kind of maximum disconnection issues with Connection Broker? If there is a better place to post this question please direct me there. Thanks in advance for you time on this.

  • Thanks, very great article. Sorry my english is not so perfect as yours, because i´m from germany :)

    I have a problem after my evaluation infrastructure works fine. In my scenario we start with a evaluation full HA solution (HA Fileserver, HA SQL Server, HA Webaccess, HA Gateway, HA SessionHosts and also HA ConnectionBroker) and now we would migrate in the produtcion infrastructur. The database cluster for the connection broker database works fine. I would to change the DNS RR Name from the connetion brokers, but i can´t change this setting in the gui. I was looking also in the database but there is also no entry for the DNS RR Name. Do you have any idea?

  • You can use Remote Desktop PowerShell cmdlet "Set-RDClientAccessName" to change the DNS RR name.

    import-module RemoteDesktop

    Get-RDConnectionBrokerHighAvailability (get ActiveManagementServer name)

    Set-RDClientAccessName -ConnectionBroker <ActiveManagementServer name> -ClientAccessName <New DNS RR Name>

  • Thank you Jingyuan Li. The PS cmdlet works fine. A have another question. I would to expand the RDS environment for a VDI szenario. The solution should be also high availability. Can i use for Remote Desktop Virtualization Host a HyperV 2012 or 2008R2 Cluster? I can´t find any information about it in the technet.  

  • Yes, Remote Desktop Virtualization Host (RDVH) in WS2012 supports Hyper-V failover clustering, it is definitely possible to put RDVHs in a failover culster and make virtual machines highly available as well. Personally, I've not tried the same scenario with WS2008 R2, so I don't know the answer for WS2008 R2.

  • I found also the answer in the Teched "Windows Server 2012 VDI/RDS Infrastructure and Management". Also in a RDS 2008R2 environment you can design a HA scenario with a HyperV Cluster. In the setup for RDVH 2012 should i add every host of the cluster or the cluster name and the wizzard complete the setup automatically with all cluster nodes?

  • You need to create a failover cluster with all the servers you plan to install RDVH roles.

  • I have a failover hyperv 2012 cluster. Now a would to add the rdsvh. Should i add in the wizzard <node1> and <node2> or add <clustername> and the wizzard install the role on each node and configure the environment automatically to use not only the single rdsvh but also all cluster nodes.

Page 1 of 3 (32 items) 123