This question has been coming up a lot lately… again!! So I thought I would address this here and see what the masses are dealing with.
What is the best way to build a fault tolerant Middle Tier Server system that also addresses load balancing and redundancy?
First things first. If you have thousands of users, and they are all pointing to a central Middle Tier Server farm, then you need to front the farm with an L4 switch (if possible), or wrap Microsoft Load Balancing Services around them (if you are running the Middle Tier in IIS on Windows 2000 Server or Windows Server 2003). I highly suggest an investment in an L4 switch simply because it is more reliable than Microsoft Load Balancing Services, or any other software-based load balancing service. You can also use DNS Round Robin, but this sucks when it comes to one of the nodes being down… DNS Round Robin will still attempt to connect the user to that node. In addition, by using an L4 switch you are able to introduce load balancing to the equation as well… very nice!!
This all being said, a fault tolerant Middle Tier Server system is not fault tolerant unless you are pointing each of the Middle Tier Servers to multiple eDirectory sources. I suggest you point each of the Middle Tier Servers to 2 or 3 eDirectory servers so that in the event one of the eDirectory servers goes down, you can still authenticate your users and get access to the ZENworks infrastructure. You can easily configure this using NSAdmin – the administrative interface for the Middle Tier Server software.
People have also asked whether or not the Middle Tier Server runs in a cluster. This is NOT supported. The main issue is that when a node fails over, the connections are not moved to the new node. This means that the service can fail over, the connections would be cleared, and the next time the launcher refreshes the users will be prompted to log back in to the Middle Tier Server. Stinky.
Lastly, I want to introduce a number of factors that govern the scalability of the Middle Tier Server. You need to consider all of these things when trying to figure out how many Middle Tier Servers you will need for the number of users you support. So… remember this:
- Speed of the processor
- Multi-processor server(s)
- Physical memory
- Speed of the NIC
- Speed of the LAN/WAN
- Staggered login times (let’s be real… everyone doesn’t log in at the same time)
- Staggered launcher refresh intervals (use this setting in large scale environments)
- Frequency of distributions (applications, policies, etc.)
- Whether or not applications are being force cached (if they are, then the content goes through the Middle Tier Server)
- Whether or not you are accessing application data via CIFS or NCP
- Where are your identities stored? Way back when ZENworks for Desktops 4 was introduced I ran a pile of tests in the Super Lab over and over again. Each time we would move services around to find the optimal placement. Obviously when you are running eDirectory, Active Directory, and application file services (the ZENworks application content) on the same server this server becomes seriously taxed under heavy load. In large environments ensure that eDirectory, and Active Directory is running on dedicated servers, and you place your data/content on a file server that is NOT one of the directory servers. That being said, keep this in mind.
- Location of eDirectory and connection speed
- Location of Active Directory and connection speed
- Are policies being delivered using ZENworks or Active Directory?
In closing, keep these factors in mind along with the recommendations on how to make your Middle Tier Server infrastructure fault tolerant and you will be all set. Design your stuff in your lab, think through how many people you are going to support, what you are delivering, where you are delivering it to, and how you will be delivering it. Follow these rules of thumb and you should sleep well.
Comments, suggestions, experience, etc… it’s all welcome!!