RD Connection Broker High Availability in Windows Server 2012

RD Connection Broker High Availability in Windows Server 2012

Rate This
  • Comments 32

Hello, this is Jingyuan, Munindra, and Sriram from the Remote Desktop Virtualization team. There have been a couple of posts recently about the new Remote Desktop Services features in Windows Server 2012. This post provides an in-depth look into one of those features, the new high availability feature of RD Connection Broker known as the Active/Active Broker, and includes deployment steps and performance results. This post is intended for administrators who are deploying virtual machine-based or session-based desktop deployments with RD Connection Broker and who want to have high availability and scalability in their deployment.

Introduction

In previous releases, the RD Connection Broker role service has supported an active/passive clustering model. This provided high availability in the case of component failure, but it did not address high scale requirements. The Active/Active Broker feature in Windows Server 2012 eliminates the need for clustering and provides a fully active/active model; with this model, two or more RD Connection Broker servers can be combined under a single DNS entry to provide both fault tolerance and load balancing. This prevents the RD Connection Broker server from being a single point of failure and also allows “scale out” as load demands.

The following diagram shows an Active/Active Broker deployment with one RD Virtualization Host server and one RD Session Host server. The RD Connection Broker servers are using a SQL database for storing data, and RDP clients are connecting to the RD Connection Broker servers using DNS Round Robin.

clip_image002

The end nodes (RD Virtualization Host, RD Session Host, and RD Web Access) are configured with the full list of all the fully qualified domain names (FQDNs) of the RD Connection Broker servers, and they can connect to any of the RD Connection Broker servers in the setup.

How to enable this feature

The starting point for enabling this feature is to have a single RD Connection Broker server deployment for either virtual machine-based or session-based deployment. After there is a single RD Connection Broker server deployment, it can be configured for Active/Active Broker setup, and then other RD Connection Broker servers can be added to this setup.

The following prerequisite steps are required before enabling this feature:

  1. You must have a SQL Server setup that can be used by the RD Connection Broker servers to store data. At least SQL Server 2008 R2 must be used, and the minimum recommended SQL Server SKU for this is Standard with at least 4GB of RAM. For more information about the sizing guidance of SQL Server 2012, see http://msdn.microsoft.com/en-us/library/ms143506.aspx.
  2. The RD Connection Broker servers must have full permissions on the SQL Server. To do so you can create a security group, add all the RD Connection Broker servers to it, and give this group full permission to the SQL Server by using SQL Server Management Studio’s “Security” configuration.
  3. Configure the Windows Firewall on the SQL Server computer to “Allow SQL Server Access” as described in http://msdn.microsoft.com/en-us/library/cc646023.aspx. You can create the exception for “sqlservr.exe."
  4. Pre-create a folder to store the SQL database files. This folder can be local on the SQL Server computer or a UNC path of a network location.
  5. Install SQL Client on all the RD Connection Broker servers so that they can communicate with the SQL Server. For more information about installing the SQL Client, see http://msdn.microsoft.com/en-us/library/ms131321.aspx.
  6. Assign static IP addresses to all the RD Connection Broker servers that will be a part of the Active/Active Broker deployment, and create a DNS Round Robin entry with these IP addresses.
  7. If you have an RD Gateway server in the deployment, ensure that you create a Remote Desktop resource authorization policy (RD RAP) with an RD Gateway-managed group that includes the DNS RR name of the RD Connection Broker server. This will allow access to the RD Connection Broker servers through the gateway for clients that are connecting by using the DNS RR name. In the following screenshot, the DNS RR name is assumed as ha-rdcb.contoso.com.
clip_image004


After the prerequisites are complete, follow these steps to configure the Active/Active Broker:

  1. On the existing RD Connection Broker server, open Server Manager.
  2. Add other servers as RD Connection Broker servers to the list of servers in Server Manager.
    clip_image006
  3. On the Remote Desktop Overview page, right-click the RD Connection Broker icon, and then click Configure High Availability.
    clip_image007
  4. Enter the following three settings:
    1. The connection string to the SQL database containing the name of the database to be created for the RD Connection Broker server. This is the string that RD Connection Broker servers will use to connect to the RD Connection Broker database on the SQL Server.
      Example: DRIVER=SQL Server Native Client 11.0;SERVER=<SQL Server Name>;Trusted_Connection=Yes;APP=Remote Desktop Services Connection Broker;DATABASE=<DB Name>
    2. The folder in which the database file is to be stored. If a local path is used, that folder should be on the SQL Server computer.
      Example: C:\DbFiles
    3. The DNS Round Robin entry name containing IP addresses of all the RD Connection Broker servers. This will be used by RDP clients to connect to the RD Connection Broker servers.
  5. After clicking OK, the SQL database for the RD Connection Broker server will be created, all RD Connection Broker server data from the local computer will be migrated to the external SQL Server, and from then on the RD Connection Broker server will start using the SQL Server. After successfully configuring the server for high availability, you will see the following screen:
    clip_image009
  6. To add other RD Connection Broker servers to the deployment, right-click the RD Connection Broker icon, and then click Add RD Connection Broker Server. This will also install the RD Connection Broker role service on the server if it is not already installed.
    clip_image010

At the end of this process, the deployment will be running with all the RD Connection Broker servers that were added, including the original one, in full Active/Active Broker mode. The end nodes (RDVH, RDSH, RDWA) will get configured with all the RD Connection Broker server names, and they will randomly choose one to connect to. The RDP clients will use the DNS Round Robin name configured to connect to the RD Connection Broker servers randomly. The RD Connection Broker servers will use the SQL database to store all data. If any RD Connection Broker server fails to communicate with SQL at any time, it will immediately disconnect all end nodes (RDVH, RDSH, RDWA), and they will try to connect to other RD Connection Broker servers in the deployment.

An RD Connection Broker server can be removed by clicking Remove RD Connection Broker Server. It is recommended that you also manually remove that RD Connection Broker server’s IP address from the DNS Round Robin list to prevent RDP clients from connecting to that RD Connection Broker server.

The Active/Active Broker configuration can also be done by using the Windows PowerShell command Set-RDConnectionBrokerHighAvailability method, which is part of the RemoteDesktop module. The parameters are the same as the ones required for the GUI based setup explained earlier in this post. Following is an example of this command:

PS C:\> ipmo remotedesktop

PS C:\> Get-Command Set-RDConnectionBrokerHighAvailability -Syntax

Set-RDConnectionBrokerHighAvailability [[-ConnectionBroker] <string>]
[-DatabaseConnectionString] <string> [-DatabaseFilePath] <string> [-ClientAccessName] <string> [<CommonParameters>] PS C:\> Set-RDConnectionBrokerHighAvailability –DatabaseConnectionString
"DRIVER=SQL Server Native Client 11.0;SERVER=<SQL Server
Name>;Trusted_Connection=Yes;APP=Remote Desktop Services Connection Broker;
DATABASE=<DB Name>"
-DatabaseFilePath "C:\DbFiles\<DbName>.mdf"
-ClientAccessName "<DNS RR Name>"

One key difference between the input parameters for the GUI setup and the Windows PowerShell command is the DB file path. The GUI expects the path to the folder where DB files will be stored whereas the Windows PowerShell command expects the full path to the database file (.mdf file), even though the file might not exist during setup and will be created by SQL during the database creation.

Subsequently, the “Add-RDServer” command can be used to add new RD Connection Broker servers to this deployment.

Benefits of Active/Active Broker

The primary benefit of Active/Active Broker is high availability. The deployment will keep working as long as there is one running RD Connection Broker server in the deployment. Individual RD Connection Broker servers can be taken down for maintenance at any time without disrupting the deployment. The addition and removal of RD Connection Broker servers is also very easy.

For data high availability, you can use SQL Server high availability solutions such as Database Mirroring and AlwaysOn Failover Cluster. We will provide more details on this in a subsequent blog post.

In addition to high availability, Active/Active Broker also provides scalability benefits. In our test we have seen that an Active/Active Broker deployment provides significant reduction in connection time compared to a single RD Connection Broker server, and the benefit increases for larger deployments. The following graph shows the average connection time for 20 parallel connections with an increasing size of the deployment for an Active/Active Broker setup with two RD Connection Broker servers, as compared to a single RD Connection Broker server deployment.

clip_image012

Test machine’s configuration:

  • HP Z400 Quad Core as SQL Server
  • HP Z400 Quad Core as 1st RD Connection Broker server, same server used for single RD Connection Broker server deployment
  • Dell 755 Core2 Quad as 2nd RD Connection Broker server
  • All servers running a pre-RC build of Windows Server 2012

This connection time only includes time spent for the RD Connection Broker server, and doesn’t include the time to prepare the virtual machine and client to eventually connect to it after redirection.

Conclusion

The Active/Active Broker feature in Windows Server 2012 is a full high availability deployment where every RD Connection Broker server is active and sharing the load. It provides high availability and high scalability benefits for medium to larger deployments. SQL Server is used for storing RD Connection Broker server runtime and configuration data thereby allowing admins to use SQL HA features for data high availability and scalability. Remote Desktop Services management that is built into Server Manager provides an easy management experience to migrate deployment from a single RD Connection Broker server to an Active/Active Broker and vice-versa. In addition, Windows PowerShell script support is available for script-based management requirements. In summary, Active/Active Broker provides the administrator with an easily deployable high availability and scalability solution for RD Connection Broker servers.

Leave a Comment
  • Please add 6 and 7 and type the answer here:
  • Post
  • You can select RDVHs to add by their server names (not the cluster name), just as you would normally do when creating a vitual machine-based desktop deployment.

  • Excellent Article! Thanks Team!

  • in 2008 r2 I have 2 web access\gateway servers using NLB for HA.  I have clustered my RD Connection Broker servers (2 of them) and then I have several session hosts.  I had to separate the CB role and the WA role because you can't have NLB and Failover cluster manager on the same nodes (not supported).

    In 2012, since RD CB does not depend on FCM can I consolidate those roles (Web Access and Connection Broker)onto two nodes instead of 4 while keeping them HA?

  • Munindra, based on your answer about DNS RR TTL, I think you are confirming what we fear...if a server goes down and still has an A record in DNS, clients will potentially call a broker that is not there and the connection will fail. Is that correct?

  • What does 'full permission' mean? SA? DBO?

  • How do you change the connection string once it's configured? (Such as moving the database from one server to another?)

  • Would each RDS user/device require a SQL Cal? I would imagine they wouldn't since the DB is only supporting the HA, and the users are not pulling from the SQL server.  Can't find any direct language that states either way though.

  • How does this make it high available if it still uses a 'dumb' technique like DNS round robin, if a connection broker fails and it is still included in the DNS round robin, the connection would still fail if the client uses the IP of the failed server.

  • Agree that this is not HA when you use DNS RR.  I rather go back to the active/passive.  Is this possible for 2012?  I can't find any documentation on on it.

  • We tried to change the database connection after adding database to new SQL availability group using Set-RDConnectionBrokerHighAvailability command but we get following error message which does not say much:

    Set-RDConnectionBrokerHighAvailability : The RD Connection Broker server is configured for high availability.

    At line:1 char:1

    + Set-RDConnectionBrokerHighAvailability -DatabaseConnectionString "DRIVER=SQL Ser ...

    + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

       + CategoryInfo          : NotSpecified: (:) [Write-Error], WriteErrorException

       + FullyQualifiedErrorId : Microsoft.PowerShell.Commands.WriteErrorException,Set-RDConnectionBrokerHighAvailabil

      ity

    PS K:\>

    Has anyone seen something like this?

  • Hi Alex,

    There are two different commands.

    Set-RDConnectionBrokerHighAvailability

    Is used to create a RD Connection Broker HA

    Set-RDDatabaseConnectionString

    Is used to modify the DB connection string, which is what you should use in your case.

    more info: technet.microsoft.com/.../jj215441.aspx

    Kind regards,

    Freek Berson

    themicrosoftplatform.net

  • Hi,

    I have two Windows 2012 RDS and I want to configure the load balance but I can not add the server to the load balance. When I try to the add RD session host, server list comes empty , how can I add the servers to the RD Session Host ?

  • I have been trying to set this up in a test lab.  When I try to setup getting not able to connect to SQL server.  The Broker is not sending and packets to the SQL server.  I have tested the SQL client in ODBC and is getting to the SQL server.  Can any one help?

  • Jacob, try:

    1) add Servers in Server Manager first, click "Manage"->"Add Servers"->...

    2) right click "RD Session Host" icon in "Deployment Overview",  select "Add RD Session Host Servers"->...

  • David:

    Make sure you followed the "How to enable this feature" section in this blog step by step. Also, check which version of SQL Native Client was installed, make sure you specified the right SQL Native Client version in the connection string.

Page 2 of 3 (32 items) 123