Virtualizing Microsoft Exchange Server 2007 Building a Better Platform with VMware® Infrastructure 3 April 2008 Contents Background ....................................................................................................................1 Exchange Performance Considerations....................................................................2 Exchange Performance and VMware Infrastructure 3 ...........................................3 Benefits of Virtualizing Exchange ..............................................................................3 Simple and Effective Evaluation, Test, and Development........................................................................................4 Improved Flexibility with Exchange 2007 Server Roles..............................................................................................5 Simple and Reliable Exchange Disaster Recovery (DR)..............................................................................................6 A Better Way to Provision Exchange Server Resources..............................................................................................7 Higher Availability with Less Complexity............................................................................................................................8 VMware VMotion for Unprecedented Control of Exchange Servers ..............................................................11 Rapid Provisioning with Virtual Machine Templates ................................................................................................12 Easier Testing and Troubleshooting with Snapshots and Clones ....................................................................13 Improved Exchange Design Flexibility to Meet Specific Requirements.......................................................14 Simplified Maintenance and Operation of Essential Legacy Systems ...........................................................15 Unlocking the Full Power of Your 64-Bit Hardware...................................................................................................15 Summarizing the Benefits of Virtualization .......................................................... 17 Microsoft Support ...................................................................................................... 18 Conclusions.................................................................................................................. 18 More Information ....................................................................................................... 18 Contents i VMware Inc. Virtualizing Microsoft Exchange Server 2007 Background "It's not the strongest or most intelligent of the species that survive; it is the one most adaptable to change" – Charles Darwin E-mail has become one of the most critical applications in an organization’s IT infrastructure. Organizations increasingly rely on messaging tools for individual and organizational effectiveness. As a result, messaging administrators face a constant challenge as they continually seek to manage the conflicting demands of availability, agility and cost. Microsoft Exchange is the most widely used email system in the world. Its operational and performance characteristics are well understood and best practices for design, deployment and operation are readily accessible. Exchange continues to evolve through enhanced features and functionality and by addressing previous limitations with each successive new version. With its latest release, Exchange Server 2007, Microsoft has added many features that improve messaging performance, reliability, and scalability. These provide a major step forward. However, Exchange 2007 is still subject to many of the shortcomings inherent in applications running directly on physical hardware, such as hardware platform dependence, under-utilization of server computing resources, lack of flexibility to respond to changing workloads, and heavy costs associated with maintaining Disaster Recovery, Test, and Development environments. The architectural improvements in Exchange 2007 and the enhancements to run on the 64-bit Windows architecture cannot fully address these limitations. A new operational platform and mindset can. The ideal platform for Exchange would adapt easily to changing workloads, provide flexibility to accommodate changing demands on an organization’s IT infrastructure, remain reliable and resilient despite system outages, and improve both staff and infrastructure hardware effectiveness. This whitepaper will explore how VMware® Infrastructure 3 (VI3) can provide this type of next-generation platform for Exchange by leveraging the power and flexibility of VMware virtualization technology. Building a Better Platform with VMware® Infrastructure 3 1 VMware Inc. Virtualizing Microsoft Exchange Server 2007 Exchange Performance Considerations Those familiar with Exchange 2003 know that it can be a challenging workload to manage. Proper design of the server, network and storage architecture is critical for proper performance. In particular, careful sizing and configuration of the storage subsystem is essential to address the heavy demands on disk I/O that Exchange 2003 can generate. Even with the most powerful server hardware available, proper performance of Exchange 2003 is often highly dependent on the performance characteristics of the storage design. The performance characteristics of Exchange 2003 directly correspond to those of the Windows 32-bit architecture and its inherent limitations. Specifically, addressable memory on a 32-bit platform is limited to approximately 4 gigabytes and only 900MB is available for Exchange 2003 database cache. Since reading application data stored in memory is many orders of magnitude faster than reading it from disk storage, applications are typically designed to run “in memory” to the greatest practical extent. Large Exchange 2003 implementations can easily overrun the addressable memory limit, resulting in increased access to disk and degraded performance if the storage subsystem has not been properly designed. The type of disk I/O generated by Exchange 2003 can influence performance as well. Exchange 2003 was designed to generate highly randomized I/O traffic in very small (4Kb) chunks. If the disk subsystem is not designed to support this particular type of workload, performance can degrade rapidly. Typically, proper storage design for Exchange 2003 deployments focuses on the number of disk spindles required to support the number of I/O operations per second (IOPS) generated by each user. Unfortunately, particularly with modern high-capacity disks, this I/O demand results in more spindles being required than would otherwise be needed based purely on capacity requirements. In contrast, Exchange 2007 has undergone a number of architectural improvements. Most notably, Exchange 2007 now runs exclusively on 64-bit hardware and requires a supported 64-bit Windows server operating system. This change in architecture allows effectively unlimited memory for Database Buffer Cache, resulting in dramatically reduced disk I/O workloads. Exchange 2007 has also increased the maximum number of supported mailbox databases to 50, and 50 storage groups. More storage groups allows for more checkpoint depth per user, which also aids in reducing the need to read from disk (by maximizing utilization of dirty pages in memory). I/O specific changes from Exchange 2003 to Exchange 2007 have increased page sizes from 4kb to 8kb, and I/O coalescing has increased from 64kb to 1MB, resulting in larger but fewer writes. The result is that Exchange 2007 performance has improved substantially over its predecessor and Exchange 2007 workloads run extremely well in a VMware virtual machine. Building a Better Platform with VMware® Infrastructure 3 2 VMware Inc. Virtualizing Microsoft Exchange Server 2007 Exchange Performance and VMware Infrastructure 3 Testing performed by VMware and its partners has demonstrated the viability of running Exchange 2003 with VMware Infrastructure 3. This has been confirmed by customers who have deployed Exchange 2003 in production environments and are benefiting from the operational advantages of a virtualized Exchange infrastructure. Some have virtualized their entire Exchange 2003 environment and carefully designed their infrastructure to accommodate the architectural challenges noted previously. Others have preferred to split their Exchange implementation, limiting virtualization to server roles such as bridgehead servers, SMTP gateways, and infrastructure services such as domain controllers and global catalogue servers. Exchange 2007, however, is proving to be much easier to deploy and operate than its predecessors. The dynamics of deploying Exchange 2007 are shifting dramatically in ways that align well with the benefits offered by the VMware Infrastructure 3 platform. This shift is a result of advancements in three key areas: 1. Architectural improvements of Exchange 2007 on a 64-bit platform have drastically increased memory utilization and reduced disk I/O load by 50% or more in many cases; addressing many of the shortcomings found in Exchange 2003. With full support for 64-bit Windows virtual machines, these same benefits are realized when Exchange 2007 is deployed on a VMware Infrastructure 3 platform. 2. Advances in server hardware such as dual and quad-core processors, higher memory density, and advances in storage technology are far outpacing the performance requirements of today’s applications, including Exchange. Virtualization becomes an effective way to leverage the full resources of these systems. Recent performance studies have shown unprecedented performance and scalability of up to 16,000 users on a single 64-bit physical server when Exchange 2007 is deployed on VMware Infrastructure 3.1 3. The advances in Exchange 2007 and server hardware technology have been met with similar advances in VMware Infrastructure 3. Virtual machines can now support up to 64GB RAM and 4 vCPU and are capable of running even the largest Exchange mailbox servers. VMware ESX servers can now take advantage of up to 256GB of physical RAM. Network improvements such as Jumbo Frames and TCP Segment offload have lowered overall CPU usage. These and other enhancements make VMware Infrastructure 3 capable of meeting performance requirements for even the most demanding Exchange workloads. Third-party testing of Exchange 2007 in virtual operation has been completed with Microsoft’s Jetstress and LoadGen tools, the standards for Exchange performance analysis. These tests show that performance for a virtualized Exchange server is comparable to a non-virtualized server running on the same hardware. This proved to be true for all Exchange 2007 server roles, including the mailbox server 2. With concerns over relative performance eliminated, many more Exchange administrators are finding that the flexibility, enhanced availability, and lower costs associated with virtualization are very attractive in supporting an Exchange infrastructure. This paper discusses examples of a variety of benefits that are only available with the VMware Infrastructure 3 platform. Benefits of Virtualizing Exchange Many VMware customers running Exchange 2000 and Exchange 2003 are already taking advantage of the benefits offered by virtualization to improve their organization’s messaging capabilities and effectiveness. Microsoft Exchange Server 2007 includes a number of enhancements in areas such as availability, architecture, remote access, operational efficiency, and improved end-user experience. For organizations not already using virtual infrastructure, the upgrade cycle from previous versions of Exchange to Exchange 2007 presents an ideal opportunity to begin leveraging the power and flexibility of virtual machine technology. In this section, we examine some of the primary technical benefits that can be achieved by deploying Exchange 2007 on a VMware Infrastructure 3 platform. These benefits are presented along with examples based on real VMware customer experiences, but described using a composite, fictitious organization 1 http://www.vmware.com/company/news/releases/ibm_exchange_vmworld.html HP has completed a recent performance study available at: http://www.vmware.com/files/pdf/exchange_hp_performance_wp.pdf 2 Building a Better Platform with VMware® Infrastructure 3 3 VMware Inc. Virtualizing Microsoft Exchange Server 2007 named XYZCorp.com. The examples follow XYZCorp.com, a rapidly growing online retailer with 2,000 employees. XYZCorp currently uses a GroupWise e-mail solution, but is considering a migration to Exchange Server 2007. Simple and Effective Evaluation, Test, and Development Using VMware virtualization provides a great foundation for Exchange 2007 evaluation and testing processes. VMware Infrastructure allows organizations to build a logical architecture that exactly mimics their own production environment, but requires a fraction of the hardware. The flexibility that virtualization provides allows organizations to use a more realistic, less error prone testing process in developing and testing their infrastructure design. VMware Infrastructure helps IT staff avoid the lengthy re-configuration tasks required in a physical server-based test lab. Post-rollout, a VMware Infrastructure test lab provides an easy and affordable way to maintain a completely isolated test and development configuration that mirrors the production environment. This can yield valuable long-term benefits for continual testing, troubleshooting, training, and maintenance of Exchange 2007. VMware virtualization is a great way to begin evaluating Exchange 2007 with minimal hardware commitment and maximum flexibility. With today’s powerful multi-core 64-bit servers, it is possible to configure dozens of independent virtual machines on a single ESX server. Entire Exchange 2007 and Active Directory environments hosted on virtual machines can be staged on a relatively small number of physical servers to assess new Exchange 2007 features, test upgrades, and train users and IT staff. Flexibility is a primary trait of virtual machines. Testing virtual machines on different hardware or storage platforms can be as simple as copying a few files; testing varying memory or processor configurations merely requires a reboot of the virtual machine, and testing patches and service packs can be controlled with VMware virtual machine snapshots and rollback capabilities. After the evaluation process is complete and Exchange has been deployed to production, virtual machines also make it possible to maintain a complete affordable replica of the production Exchange environment running in parallel with the production systems. Maintaining a virtualized Exchange lab environment that mirrors a production deployment can be valuable for testing patches and new service packs before they are rolled out into production. Additionally, training new IT staff on Exchange 2007 operations or testing new configurations all can be done simply, without risking impact to the production environment. Example: As XYZCorp begins to consider the business case for migrating to Exchange 2007, they decide to build an Exchange 2007 test environment that can be used by various groups within the organization to evaluate the Exchange 2007 messaging platform and determine benefits of the potential migration. To create the test environment with minimal expense, XYZCorp installs VMware ESX on a single 64-bit server. With this single virtual platform, they are able to construct a complete test environment, consisting of more than 20 virtual machines, which are used to host the following: • All the required Active Directory components deployed in their own virtual machines. • All the Exchange Server 2007 roles deployed in their own virtual machines. • Several Windows XP and Vista virtual machines to test the end-user experience. • Existing servers from their GroupWise environment that are converted to virtual machines using the free VMware Converter product. With this simple test platform, XYZCorp is able to build a test environment that exactly models their proposed production environment and allows them to adjust the environment as constraints are identified. They experiment with various virtual network topologies and components and adjust their configurations quickly and efficiently. They also simulate loads against various numbers of test users to understand the performance dynamics of their design in a fully isolated environment. With VMware Converter, they also are able to convert existing physical Groupwise servers into virtual machines, allowing XYZCorp to test various migration scenarios in an isolated test environment. Building a Better Platform with VMware® Infrastructure 3 4 VMware Inc. Virtualizing Microsoft Exchange Server 2007 Improved Flexibility with Exchange 2007 Server Roles VMware Infrastructure 3 allows each server role to be deployed in its own virtual machine. These virtual machines may all run on the same system initially, or be spread across multiple systems, depending on requirements. Flexibility is maximized as virtual machines can be distributed in any combination across available server resources, at any time, and can easily be moved around in the virtual infrastructure as required to meet changing service levels. Exchange 2007 has evolved toward a more modular architecture that includes distinct server roles. These roles include the following: • Mailbox • Edge transport • Hub transport • Client Access • Unified Messaging In smaller deployments (generally, 500 users or less), it may be possible to run multiple server roles such as HUB or CAS on a single physical server to maximize utilization of the required 64-bit server hardware. The tradeoff of this approach is that risk is concentrated, increasing the chance that some issue on the server could result in an outage to multiple server roles. Larger environments will likely choose to run supporting server roles on separate physical machines. This approach increases the amount of hardware required for the solution, however, and typically results in a lower utilization of physical servers and increased overall cost. The design approach using VMware Infrastructure 3 to host an Exchange 2007 installation deploys each Exchange 2007 server role in its own virtual machine to provide maximum flexibility (see Figure 1). As hardware requires maintenance or workloads change, roles can be moved to other servers at any time using VMware VMotion™, which allows migration of live, running virtual machines from one physical server to another, with no loss of service. Figure 1. Exchange 2007 server roles in a virtualized environment Example: XYZCorp.com is moving forward with their migration from GroupWise to Exchange 2007. Initially, they plan to move 50 pilot users from the IT department onto the new production Exchange 2007 environment. With such a small number of users in the pilot program, XYCorp wants to run the initial Exchange environment on a single production ESX server. As their migration continues, XYZCorp plans to expand the environment to a larger number of ESX servers without re-installing or re-configuring Exchange servers and without requiring any downtime. Building a Better Platform with VMware® Infrastructure 3 5 VMware Inc. Virtualizing Microsoft Exchange Server 2007 XYZCorp purchases a 64-bit server to run VMware ESX 3.5. They deploy the required Active Directory components and each of the Exchange 2007 roles in separate virtual machines and initially run them all on the new VMware ESX server. When they have finished their pilot program testing, XYZCorp has determined that their production environment will require two additional ESX servers and they will want to distribute the virtual machines across a pool of all three ESX servers. Once the two new ESX servers are deployed, they can re-distribute the Exchange virtual machines online at any time using VMware VMotion. The virtual machine approach provides flexibility to meet the needs of various Exchange 2007 deployment strategies. Simple and Reliable Exchange Disaster Recovery (DR) VMware Infrastructure 3 simplifies Exchange disaster recovery (DR) by reducing hardware compatibility constraints and, through consolidation, the number of servers required at the DR site. Combined with the Exchange Transportable Database feature in Exchange 2007, recovery from both hardware and software failure can be greatly improved, reducing the time to restore essential mail services to the end users. Hardware independence allows the Exchange virtual machines to be restarted on any supported ESX server, and Exchange server replication is simplified, using virtual machine encapsulation. An important benefit of virtualization is abstraction of the operating system and application from the underlying physical server hardware. This is extremely useful in disaster recovery scenarios, because it eliminates the traditional requirement of physical server-based disaster recovery to provide identical hardware at the DR site. Any virtual machine can be brought online on any supported ESX server without worrying about hardware or software compatibility. The ability to run multiple virtual machines on a single server also reduces the costs of a DR solution through consolidation of Exchange components and services on fewer physical servers than would normally be required. Thus, having all the necessary Exchange server roles and active directory components running in virtual machines at a DR site can be achieved with minimal hardware and can help speed recovery in a disaster situation. Regardless of the make and model of the physical server hosting the virtual machines in production, virtual machines can be brought online on any VMware-supported ESX server at the DR site. Older servers freed up from other VMware Infrastructure consolidation projects are commonly re-purposed to host a DR site, minimizing the overall lifecycle costs of hardware. When used in conjunction with VMware Infrastructure 3, the Exchange 2007 “database portability” feature creates additional options for disaster recovery. Standby virtual machines can be configured with the Exchange mailbox role and made available at both the production and DR sites. These virtual machines can be easily configured to connect to existing Exchange databases during a recovery. Finally, virtual machine encapsulation means that an entire Windows 2003 Exchange server can be contained in a small set of files (see Figure 2), which simplifies replication to DR sites. Moving an entire virtual machine can be accomplished with a simple file copy. Building a Better Platform with VMware® Infrastructure 3 6 VMware Inc. Virtualizing Microsoft Exchange Server 2007 Figure 2. Windows 2003 Exchange virtual machine encapsulated into a small set of files Example: XYZCorp.com adopts more stringent disaster recovery requirements as part of their Exchange migration project. Their new objectives state that they will restore their messaging system to full functionality in less than 24 hours of a total loss to their primary datacenter. Designing the Exchange environment to meet this requirement is critical to the success of this project. XYZCorp contracted with a third-party disaster recovery site approximately 300 miles from their home office. Two VMware ESX servers have been provisioned at the DR site as part of their recovery plan. To enable the fastest possible recovery, XYZCorp wants to make sure that all the required components are online and available at the DR site at all times. To accomplish this, all Active Directory servers have been deployed in virtual machines on the ESX servers at the DR site and are online. Additional virtual machines have been provisioned as Exchange mailbox servers and configured for the Exchange organization. In the event of a failure, these virtual machines will connect to the replicated Exchange databases using the database portability function in Exchange 2007. Additional virtual machines required to bring up an Exchange environment (HUB, CAS, etc.) are deployed in a similar fashion. Thus, a complete standby Exchange environment is online and ready, whenever they need it. A proof-of-concept test showed that the entire Exchange environment could be restored to live operation in a few hours. Finally, since the ESX servers at the DR site will only be heavily used by Exchange in the event of a disaster, XYZCorp also uses them to host a number test virtual machines used by their software developers. They use the resource pools feature provided by VMware Infrastructure 3 to make sure the test virtual machines can only use a specified amount of the CPU and RAM resources available on the ESX servers, and will shut these virtual machines down in a disaster scenario. This design allows XYZCorp to take advantage of the computing resources of these servers when they are not being used for disaster recovery purposes. XYZCorp continues to test their Exchange recovery ability on a quarterly basis and plans to test VMware Site Recovery Manager to further automate their ability to quickly and reliably restore Exchange mail service. A Better Way to Provision Exchange Server Resources Using VMware virtual machines for an Exchange 2007 deployment avoids costly overprovisioning of Exchange server computing resources. Organizations can size their infrastructure based on current requirements and use excess capacity on their 64-bit servers to run other virtual machine workloads. CPU and RAM resources can be monitored and finetuned at any time to meet changing performance requirements. The ability to adjust resources in this manner provides new levels of flexibility for Exchange virtual machines running on a VMware Infrastructure 3 platform that are not possible without virtualization. In a physical server-based Exchange deployment, there is a tendency to overprovision server resources, since resources typically remain static until the next upgrade cycle of hardware provisioning. Projected Building a Better Platform with VMware® Infrastructure 3 7 VMware Inc. Virtualizing Microsoft Exchange Server 2007 increases in the number of Exchange end users through growth or acquisition can be difficult to estimate, but still must be factored into server provisioning and sizing decisions. In an attempt to avoid problems associated with moving an Exchange server to a newer physical machine, many system implementers will choose to over-size physical server CPU and memory resources during the design of the system infrastructure to account for future growth. This can result in wasted computing capacity, as the resources of these servers are rarely fully utilized. This problem can be avoided using VMware virtual machines. CPU and memory allocated to the virtual machine can be increased at any time with a simple reboot of the virtual machine. Moreover, the CPU and memory allocated to a virtual machine can be sized more realistically, based on current workloads, and adjusted at any time as the workload increases (see Figure 3). Figure 3. Adding additional RAM to the mailbox virtual machine Example: XYZCorp.com has 2,000 mail users in their Groupwise environment that will be migrated to Exchange. XYZCorp estimates that based on current Groupwise usage, their users will likely fit into the “average” Exchange I/O profile, once migrated. They follow Microsoft best practices and size the 2000-user virtual machine with 9GB RAM and 2vCPU 3. Several months into production they find that the new Exchange system is being used heavily and performance requirements are higher than they had originally estimated. Additionally, they have just acquired a new company and need to integrate 500 new users into the Exchange environment immediately. Because the mailbox server has been deployed in a virtual machine, XYZCorp can easily make adjustments. During the next Exchange maintenance window, they shut down the mailbox virtual machine, add 2 additional vCPUs and 5GB additional RAM. Once powered on, the Exchange virtual machine now has a total of 4vCPU and 14GB of RAM. Performance has improved and the 500 new users have been integrated seamlessly. Higher Availability with Less Complexity The VMware Infrastructure 3 platform can be leveraged to provide a wide-range of availability options. VMware HA provides protection from server hardware failure that is independent of the operating system or applications and works for every virtual machine running on VMware Infrastructure. To aid in dynamic load balancing of Exchange virtual machines, VMware DRS can be used to balance workloads automatically. Base solutions built on VMware HA and DRS 3 http://technet.microsoft.com/en-us/library/bb738142(EXCHG.80).aspx Building a Better Platform with VMware® Infrastructure 3 8 VMware Inc. Virtualizing Microsoft Exchange Server 2007 can be deployed with minimal configuration changes and provide a robust availability solution. These solutions can also be enhanced to provide higher levels of availability by combining them with more traditional clustering and replication options (described later in this section). By leveraging the inherent benefits of a virtualization-based platform, an Exchange deployment using VMware Infrastructure 3 offers a variety of availability options. Each of these options provides different levels of both protection and cost, capable of meeting the unique high availability requirements of any Exchange environment. A number of tools available from VMware, Microsoft, and third-party software and hardware vendors can be used to facilitate both in-site and remote site availability and recovery. The VMware Infrastructure 3 platform leverages two powerful features as the basis for building high availability solutions: VMware High-Availability (HA): Provides simple, low-cost protection for every virtual machine by guarding them against physical host failure. In the event of server hardware outage, VMware HA will automatically restart all virtual machines on another VMware ESX server (see Figure 4), minimizing disruption to the Exchange environment. VMware HA is simple to set up and protects every virtual machine without requiring complex clustering software. Figure 4. VMware HA managing an ESX server hardware failure VMware Dynamic Resource Scheduler (DRS): With VMware DRS, virtual machines are dynamically load balanced across an entire pool of server resources. DRS collects resource usage information for all hosts and virtual machines and generates recommendations for virtual machine placement. These recommendations can be applied manually or automatically. DRS can dynamically load balance all virtual machines in the environment by shifting workloads across the entire pool of ESX servers (see Figure 5). This ensures that critical Exchange virtual machines in the environment will always have the CPU and RAM resources they need to maintain optimal performance. Building a Better Platform with VMware® Infrastructure 3 9 VMware Inc. Virtualizing Microsoft Exchange Server 2007 Figure 5. VMware DRS dynamic load balancing Solutions built using VMware HA and VMware DRS provide out-of-the-box high availability for the entire Exchange environment without requiring any Microsoft or other third-party clustering software. A key weakness in most clustered Exchange architectures is their coverage of mailbox servers only, leaving critical supporting server roles (DNS, Domain Controllers, Exchange HUB, CAS servers, etc.) vulnerable to outages due to hardware failure. For Exchange environments deployed with VMware Infrastructure 3, the VMware HA and DRS solution provides a new alternative that leverages the simplicity of standalone virtual machines while providing complete server hardware redundancy for every virtual machine, not just the mailbox server. VMware HA is focused on hardware failure, not on operating system or software failure. If you need greater levels of protection and guarantees of availability for the Exchange mailbox server to handle those situations, VMware HA can be combined with traditional cluster solutions like MSCS. A few examples for extending the VMware HA/DRS solution are listed below 4: Microsoft Local Continuous Replication (LCR): LCR is a single-server solution that uses built-in asynchronous log shipping technology to create and maintain a copy of a storage group on a second set of disks that are connected to the same server as the production storage group. LCR provides log shipping, log replay, and a quick manual switch to a secondary copy of the data. Cluster Continuous Replication (CCR): CCR, which is a non-shared storage failover cluster solution, uses built-in asynchronous log shipping technology to create and maintain a copy of each storage group on a second server in a failover cluster. Single Copy Clusters (SCC): SCC, which is a shared storage failover cluster solution, uses a single copy of a storage group on storage that is shared between the nodes in the cluster. SCC is somewhat similar to clustering that was provided in previous versions of Exchange; however, it includes some significant changes and improvements. Third Party Software-based Replication: Several third-party replication solutions are available to enhance availability and recovery of a virtual Exchange environment. Some of these products emphasize availability, providing immediate failover of Exchange services, while others emphasize recovery in the event of a catastrophic failure. In most cases, these solutions can be used either within a single Exchange site or replicated over the WAN to a DR site. 4 The latest information on supported cluster solutions can be found in the VMware hardware compatibility list (available on the VMware web site) . Building a Better Platform with VMware® Infrastructure 3 10 VMware Inc. Virtualizing Microsoft Exchange Server 2007 Example: XYZCorp is seeking 99.99% total uptime (less than one hour of downtime annually) for their new Exchange 2007 environment. They have been evaluating several different high availability options that involve sophisticated cluster software which require additional 64-bit server hardware to function as the passive/secondary cluster node. Additionally, these solutions are only designed to protect the mailbox server and leave other critical roles such as the HUB Transport vulnerable to outage due to server hardware failure. The additional cost and complexity of these cluster solutions is more than XYZCorp is looking for in their initial deployment. XYZCorp decides to avoid cluster solutions entirely in their initial deployment and leverage instead a solution built on VMware HA and DRS. This solution provides complete protection from server hardware failure that extends beyond the Exchange mailbox server and protects every virtual machine. In the future, XYZCorp plans to enhance this solution by adding a Microsoft Cluster Continuous Replication (CCR) solution that will work in conjunction with VMware HA to provide enhanced availability. In XYZCorp’s testing, a physical server running the mailbox virtual machine and a domain controller virtual machine is powered down in a simulated failure. In response, VMware HA automatically restarts the impacted virtual machines on the surviving servers. Once the failed server is brought back online, VMware DRS automatically re-balances the workload across all three servers. This approach meets their needs for availability at a very low cost and is approved for use in the production system. VMware VMotion for Unprecedented Control of Exchange Servers Virtual machines decouple the operating system and applications from the underlying hardware, allowing supporting infrastructure to grow and change rapidly. VMotion allows any virtual machine to be migrated across physical servers, even servers from different vendors with different hardware configurations 5. Planned downtime can be minimized and a more flexible infrastructure makes the Exchange environment more resilient. In an environment without virtualization, this level of flexibility does not exist. Due to the critical importance of Exchange within organizations and the care that must be taken when designing and deploying Exchange systems, Exchange deployments tend to be relatively static, meaning that the workload is more intimately tied to the hardware platform on which it runs. As a result, hardware upgrades to the messaging system infrastructure tend to directly correspond to the release and upgrade cycle of the Exchange application itself. With the frequent changes that are sometimes required in the business world, the static nature of the Exchange system infrastructure can limit the ability to meet changing demands in the organization’s messaging environment. For example, a massive influx of new email users or the addition of new services for devices such as PDAs and Blackberry cell phones can require additional hardware and a great deal of system re-engineering to support. In contrast to a static, physical server deployment, VMware decouples the OS and associated applications from underlying server hardware. With VMware VMotion, any virtual machine can be migrated “on the fly” between ESX servers with no interruption to service (see Figure 6). VMotion allows administrators to move Exchange workloads to more powerful hardware without outages or costly system re-engineering. This added agility allows the Exchange environment to change as the business environment changes. Planned 5 To ensure production-system stability during migration with VMotion, VirtualCenter requires the source and target CPUs to be compatible, as defined in these documents: For VirtualCenter 1.x, see "VMotion Requirements" at http://www.vmware.com/support/vc13/doc/c2vmotionreqs12.html. For VirtualCenter 2.x, see "VMotion Requirements" in the Basic System Administration Guide at http://www.vmware.com/pdf/vi3_admin_guide.pdf. Building a Better Platform with VMware® Infrastructure 3 11 VMware Inc. Virtualizing Microsoft Exchange Server 2007 downtime can also be minimized as Exchange virtual machines can be migrated to alternate hosts during scheduled hardware maintenance windows. Figure 6. Migrating virtual machines across ESX servers with VMotion Example: As part of XYZCorp’s ongoing maintenance processes, they regularly update the BIOS and other firmware on their server hardware. To accomplish this without disruption, XYZCorp uses VMotion to move all virtual machines off of an affected server. Heavily loaded mailbox servers can be moved online to a different ESX server with no loss of service. Virtual machines can even be moved onto servers from different vendors with different hardware configurations. Once all virtual machines are migrated off of a server, XYZCorp updates the BIOS and all firmware, reboots and then uses VMotion to move virtual machines back on the server. They repeat this process for their entire server infrastructure. This is just one example of how VMware VMotion can be used to provide new levels of flexibility and reduce downtime on critical Exchange servers. Rapid Provisioning with Virtual Machine Templates Virtual machine templates can speed deployment times by eliminating repetitive OS installation and patching tasks. New virtual machines can have their core configuration deployed in a matter of minutes, allowing rapid provisioning of applications into production and reduction of manual work required during their deployment. Organizations using virtual machine templates have reported a significant reduction in server deployment times, from as much as several weeks to provision and deploy physical servers, to a matter of minutes in the VMware virtual machine environment. Deploying a new Exchange server can take many hours, by the time you configure the hardware and storage, install the operating system and patches, and install the associated applications and updates. This process must be repeated for each and every server instance, which can result in very long deployment times, especially for large, complex architectures. Alternatively, a virtual machine template can be configured and stored once for each type of server in the environment, allowing Exchange administrators to keep a virtual library of all server images. This can save countless hours when deploying new systems, particularly for larger Exchange deployments that may have to deploy hundreds of new servers to support an organization’s messaging workload. To save time and reduce outages in software troubleshooting scenarios, it may be faster in some cases to deploy a new virtual machine from a template, configure Exchange, and then connect existing databases to the new virtual machine. Once the databases are connected to the new virtual machine, user mail service is restored and the old virtual machine is freed up for other tasks, such as performing advanced troubleshooting and diagnostics. Or, the virtual machine can simply be decommissioned. Building a Better Platform with VMware® Infrastructure 3 12 VMware Inc. Virtualizing Microsoft Exchange Server 2007 Figure 7. Virtual Machine Templates Example: The XYZCorp migration plan to Exchange 2007 includes deployment of a number of new 64-bit Windows virtual machines. To streamline this task, XYZCorp builds a single virtual machine with all the appropriate patches, updates, antivirus, etc. and creates a master template of this virtual machine. Using the template, each subsequent virtual machine is deployed into the virtual environment in a matter of minutes. This saves XYZCorp’s IT staff countless hours during initial deployment. The templates remain on-hand in the event that XYZCorp needs to quickly deploy a new Windows virtual machine for production, training, troubleshooting, or to meet changing service levels in the Exchange environment. Easier Testing and Troubleshooting with Snapshots and Clones Snapshots and clones provide powerful tools for testing and troubleshooting any virtual machine. In an Exchange environment, the complexity of the entire system makes this capability especially valuable. VMware-enabled troubleshooting can help to substantially shorten time to resolution of critical issues and reduce their overall impact on the production environment. Virtual machine snapshots provide an extremely useful testing and troubleshooting tool. Live snapshots of VMware virtual machines can be used to instantly roll back to a previous known good configuration. Cloning a virtual machine allows Exchange Administrators to make an exact, independent copy of any virtual machine in their environment. The copy can then be installed in a test environment for offline testing and troubleshooting. Sharing the virtual machine with third parties such as consultants, other partners and vendors eliminates the sometimes challenging step of creating a duplicate environment to reproduce problems. Example: One of XYZCorp’s Exchange virtual machines is experiencing an intermittent problem. It is difficult to troubleshoot this issue on the production system during normal business hours when users are on the system. XYZCorp staff makes a clone of the problem virtual machine and imports the cloned virtual machine into their Exchange 2007 test and development environment, which has remained synchronized with the production environment since the initial Exchange 2007 evaluation. Using a cloned virtual machine in an isolated test environment allows XYZCorp staff to immediately begin troubleshooting with an exact copy of the production machine, with no impact to end users. As new service packs and hot fixes are released for both Exchange and Windows Server, XYZCorp can test the impact of these updates in their test and development environment. To accomplish this, they take a snapshot of the virtual machine before applying the update. If the update is successful, they can delete the snapshot and leave the update installed. If, for any reason, the update is unsuccessful, the virtual machine can be rolled back from the snapshot to its previous state. These tools allow XYZCorp to quickly and effectively stage and test patches in a controlled environment before deploying them onto production systems. Building a Better Platform with VMware® Infrastructure 3 13 VMware Inc. Virtualizing Microsoft Exchange Server 2007 Improved Exchange Design Flexibility to Meet Specific Requirements Deploying Exchange 2007 with VMware Infrastructure provides additional options to meet specific business and technical requirements of an organization’s messaging environment. For example, using virtual machines allows the user population to be split into multiple smaller Exchange mailbox virtual machines without requiring additional server hardware. Each mailbox virtual machine can then be configured with its own unique design requirements or characteristics without requiring additional server hardware or significant new design effort. There are multiple benefits to this approach: • Any outage on a single mailbox virtual machine will impact fewer users. This allows risk to be spread across multiple Exchange mailbox virtual machines without requiring additional hardware. • Multiple virtual machines on a single server can increase performance and scalability to unprecedented levels. VMware Infrastructure 3 has been successfully tested under LoadGen with up to 16,000 users on a single server. 6 • Organizations can support different backup, replication, or SLA requirements on each mailbox virtual machine. • Multiple DR strategies can be maintained as each mailbox server virtual machine can be matched with its own DR solution. • Compliance requirements for certain users can be addressed by placing these users into their own mailbox virtual machine. • Exchange mailbox virtual machines can be deployed along with an Active Directory (AD) domain controller virtual machine on the same ESX server and on the same virtual switch. This design can isolate AD traffic within a single ESX server and keep it off the physical network (figure 8). Figure 8: Localizing AD traffic within a virtual switch 6 http://www.vmware.com/company/news/releases/ibm_exchange_vmworld.html Building a Better Platform with VMware® Infrastructure 3 14 VMware Inc. Virtualizing Microsoft Exchange Server 2007 Example: Over time, the XYZCorp Exchange environment has grown to 3,500 Exchange users deployed using three distinct mailbox virtual machines. One virtual machine contains the 2,000 users that were part of the original deployment. A second virtual machine supports 700 users that came in through an acquisition and belong to a separate AD forest for organizational reasons. This virtual machine is on its own virtual switch, with its own dedicated NIC on the ESX server and has its own IT staff, managing their own Exchange virtual machine independently. The third virtual machine contains mailboxes for all staff deemed critical in the event of a disaster. This virtual machine has its Exchange databases replicated to a DR site using array-based synchronous replication, and has a one-hour RPO/RTO in a disaster scenario. By splitting the user population across multiple mailbox virtual machines, XYZCorp can meet different business and technical requirements without requiring additional server hardware. These mailbox virtual machines may all run on a single server or be moved across the virtual infrastructure as required. Simplified Maintenance and Operation of Essential Legacy Systems Virtual machines offer an excellent way to consolidate older legacy systems that may still be required in the Exchange environment. VMware Converter is a free tool that organizations can use to easily convert older systems and applications running on physical machines into virtual machines. Legacy systems converted to virtual machine operation benefit from the performance of new hardware and eliminate their dependence on hardware configurations that are difficult or impossible to effectively maintain. IT can reduce a variety of expenditures related to keeping old servers and legacy system applications in production. Many organizations have to maintain Exchange 2000 or 2003 servers to support legacy systems no longer supported in Exchange 2007 (for example, Novell GroupWise and X.400 Connectors). Converting an existing Exchange 2000 or 2003 system to a VMware virtual machine, using the free VMware Converter tool, is a simple and cost effective way to keep these systems in production while eliminating dependence on older hardware and configurations. Once virtualized, the converted virtual machine can benefit from running on new, more powerful 64-bit servers. The older physical servers being replaced can be decommissioned or re-purposed for test and development environments, or disaster recovery. Other applications integrated with legacy messaging environments can be consolidated into virtual machines in the same manner. Example: XYZCorp must maintain custom application servers that were integrated into their Groupwise environment. These application servers are currently running on older server hardware and would be very difficult to migrate to more modern hardware. Using the free VMware Converter tool, XYZCorp converts these servers from their GroupWise environment into VMware virtual machines. These virtual machines are consolidated on the newer 64-bit server hardware deployed in the Exchange environment and the older servers being replaced are retired (after 8 years in operation). This allows XYZCorp to utilize unused capacity on their new ESX servers to host the legacy systems on new, more easily maintained hardware. This further improves overall reliability, in addition to saving money on power, cooling, maintenance, support, and rack space. Unlocking the Full Power of Your 64-Bit Hardware Exchange 2007 runs exclusively on powerful 64-bit server hardware, which can be a major investment for many organizations. VMware Infrastructure 3 enables administrators to run more workloads on a single server and increase server utilization from typically less than 15% to 65% or more, to get the most value from these powerful new servers 7. Today’s new 64-bit servers now come with increasing numbers of multi-core CPU’s, increased memory limits, and physical RAM. For many organizations, particularly those not using virtualization, it is unlikely the Exchange environment will use the full computing power of these systems. In many cases, however, the cost of filling all available processor slots when purchasing a new 64-bit server may not result in a substantial cost increase, so using VMware virtualization, this extra CPU power can be put to good use. For 7 VMware Infrastructure Adoption Trends – Customer Research Findings, December 2006 Building a Better Platform with VMware® Infrastructure 3 15 VMware Inc. Virtualizing Microsoft Exchange Server 2007 example, smaller Exchange 2007 deployments may be able to benefit from server consolidation in the Exchange environment. Larger environments can run very large Exchange virtual machines with up to 64GB RAM, and benefit from increased flexibility a virtualized platform provides. In any case, running multiple virtual machines on these 64-bit systems is an excellent way to maximize the value derived from this new, more powerful hardware. VMware Infrastructure can also virtualize 32-bit and 64-bit Windows servers such as Domain Controllers, Global Catalogue servers, DNS servers, DHCP servers and other infrastructure servers. These can be run as virtual machines on the same 64-bit systems to further leverage hardware investment and reduce costs for deployment, maintenance, support, power, cooling, and floor space. Example: XYZCorp has been fortunate to experience substantial growth. The IT department plans to purchase two new 64-bit servers for the Exchange 2007 environment. The servers each have two quadcore CPUs and 32GB of physical RAM. As a small company, even with recent growth, there is no way the Exchange environment will normally use the full physical resources of these powerful servers. To fully utilize the hardware, they run the Exchange mailbox virtual machines on the new 64-bit servers in addition to several other non-Exchange virtual machine workloads from other parts of the organization. They are now able to maintain CPU and RAM utilization at 65%, maximizing their value to the organization and providing a rapid ROI on this hardware investment. Building a Better Platform with VMware® Infrastructure 3 16 VMware Inc. Virtualizing Microsoft Exchange Server 2007 Figure 9. CPU utilization on Exchange ESX servers before and after consolidation Summarizing the Benefits of Virtualization This white paper has described several benefits of virtualizing Exchange 2007 on VMware Infrastructure 3. There are a number of ways that virtualization can be used to take advantage of these benefits today to assist Exchange 2007 deployment. A few common deployment scenarios include the following: • Virtualizing Exchange in test and development environments only: Virtualization provides a simple and cost-effective method for beginning the Exchange 2007 evaluation process, in a staging or test lab environment using minimal server hardware. Testing on virtual machines is a great way to learn and bring users and IT staff up to speed on the new technology, and simulate migration scenarios in a controlled environment before rolling out new releases into production. • Virtualizing non-Mailbox Exchange 2007 server roles: The server role concept benefits administrators by allowing for more modular deployments; however, this can result in underutilization of the non-mailbox server roles when they are deployed on physical machines. You can achieve costeffective consolidation of the Client Access, Hub Transport, and Edge server roles as well as typically lightly-utilized infrastructure components such as AD Domain Controllers, Global Catalog Servers, DHCP, DNS, and WINS servers. Mailbox servers can remain on physical hardware, without virtualization, if desired. • Virtualizing Exchange 2007 Disaster Recovery servers: In the physical world, disaster recovery essentially doubles your production hardware costs. Every production physical server requires an identical match of equipment provisioned at the disaster recovery site. Moreover, physical serverbased recovery procedures can be complex and error-prone. Virtualizing your disaster recovery site can greatly decrease cost and complexity. First, you are not bound to the 1:1 ratio of hardware required at both production and DR sites. You can run as many virtual machines on a physical host as performance will allow. Secondly, you can use any hardware you want; your DR servers do not have to be identical. Finally, Exchange disaster recovery design and test can be completely automated using VMware’s Site Recovery Manager product. • Full virtualization of all Exchange servers: With Exchange 2007, performance in a virtual machine is very comparable to native performance and the mailbox server role is an ideal candidate to realize the benefits of virtualization. This deployment scenario virtualizes the entire Exchange environment to maximize the benefits of running on a VMware Infrastructure 3 platform. The decision of which components to virtualize in a production environment depends on many factors, including your level of proficiency with Exchange 2007 and VMware Infrastructure 3, support agreements with Microsoft, VMware, and your hardware vendors. Regardless of the method that most suits your needs, you can begin to maximize value from IT assets with virtualization today. Building a Better Platform with VMware® Infrastructure 3 17 VMware Inc. Virtualizing Microsoft Exchange Server 2007 Microsoft Support For the latest information on support for running Microsoft Exchange in VMware virtual machines, please refer to the following location: http://www.vmware.com/landing_pages/exchange_solution.html Conclusions The critical nature of messaging requires that any new platform chosen for hosting Exchange environments is as reliable and proven as the traditional physical server alternative. More than 100,000 customers worldwide use VMware products. More than 50% of VMware customers running Exchange have virtualized it for production use. The VMware Infrastructure 3 platform has the maturity, stability, performance and functionality required to host critical Exchange 2007 infrastructures. To meet the needs of a continually shifting business landscape, today’s messaging environments must also be highly available, flexible, and cost efficient. Using VMware Infrastructure 3 as the preferred platform for Exchange 2007 can help you to better align your messaging environment to your business goals. Features such as VMware HA and DRS can decrease downtime associated with server hardware failure and allow for more rapid recovery of messaging services. Virtual machine snapshots and clones help with troubleshooting and resolving other deployment issues and can greatly enhance efficiency in the development cycle. By decoupling the OS and associated applications from the underlying hardware, VMware VMotion greatly enhances the resilience and agility of your messaging system, allowing for on-the-fly hardware replacements and upgrades and the ability to quickly scale to changing workloads. Finally, VMware Infrastructure 3 helps to maintain a cost-effective Exchange 2007 environment by maximizing utilization of computing power through conservative resource requirement sizing and taking advantage of other physical server consolidation opportunities. The robust feature set of VMware Infrastructure 3 can help to reduce management costs as well, eliminating many mundane and repetitive tasks and freeing up IT administrators for other challenges that are strategically important to the business. More Information Please visit http://www.vmware.com for more information or contact your local VMware sales representative. Building a Better Platform with VMware® Infrastructure 3 18 VMware, Inc. 3401 Hillview Ave Palo Alto CA 94304 USA Tel 877-486-9273 Fax 650-427-5001 www.vmware.com Copyright © 2008 VMware, Inc. All rights reserved. Protected by one or more of U.S. Patent Nos. 6,961,806, 6,961,941, 6,880,022, 6,397,242, 6,496,847, 6,704,925, 6,496,847, 6,711,672, 6,725,289, 6,735,601, 6,785,886, 6,789,156, 6,795,966, 6,944,699, 7,069,413, 7,082,598, 7,089,377, 7,111,086, 7,111,145, 7,117,481, 7,149,843, 7,155,558, 7,222,221, 7,260,815, 7,260,820, 7,268,683, 7,275,136, 7,277,998, 7,277,999, 7,278,030, 7,281,102, 7,290,253; patents pending.