23 August 2010

Buildng a RDS Load Balanced Farm with a RD Connection Broker

I am not going to lie about this one.  This is my third attempt to write this article.

I generally believe in an learn as you explore approach, in this particular case it just does not work.  There are too many thing that are not intuitive enough to just to be able to "figure it out." 

The only way I managed to get this going was by following the technet documentation on:
http://technet.microsoft.com/en-us/library/ee221120.aspx  Although this is accurate and works it is not always easy to follows.  So I am basically just going to redo some of it here with a few screen shots.


Remote Desktop Connection Broker (RD Connection Broker), formerly Terminal Services Session Broker (TS Session Broker), is a role service that provides the following functionality:
  • Allows users to reconnect to their existing sessions in a load-balanced RD Session Host server farm. This prevents a user with a disconnected session from being connected to a different RD Session Host server in the farm and starting a new session.
  • Enables you to evenly distribute the session load among RD Session Host servers in a load-balanced RD Session Host server farm.
RD Connection Broker keeps track of user sessions in a load-balanced RD Session Host server farm. The RD Connection Broker database stores session information, including the name of the RD Session Host server where each session resides, the session state for each session, the session ID for each session, and the user name associated with each session. RD Connection Broker uses this information to redirect a user who has an existing session to the RD Session Host server where the user’s session resides.

If a user disconnects from a session (whether intentionally or because of a network failure), the applications that the user is running will continue to run. When the user reconnects, RD Connection Broker is queried to determine whether the user has an existing session, and if so, on which RD Session Host server in the farm. If there is an existing session, RD Connection Broker redirects the client to the RD Session Host server where the session exists.

With RD Connection Broker Load Balancing, when a user without an existing session connects to an RD Session Host server in the load-balanced RD Session Host server farm, the user will be redirected to the RD Session Host server with the fewest sessions. If a user with an existing session reconnects, the user is redirected to the RD Session Host server where the user’s existing session resides. To distribute the session load between more powerful and less powerful servers in the farm, you can assign a relative server weight value to a server.

RD Connection Broker components

There are two RD Connection Broker components to consider in a load-balanced RD Session Host server farm.

RD Connection Broker server. This is the server that runs the Remote Desktop Connection Broker service and tracks user sessions for one or more load-balanced RD Session Host server farms. RD Connection Broker uses a farm name to determine which servers are in the same RD Session Host server farm.

RD Session Host servers that use RD Connection Broker. These are RD Session Host servers that are members of a farm in RD Connection Broker. To participate in RD Connection Broker, a server must meet the following criteria: 
  • The server must have the RD Session Host role service installed.
  • The server must be a member of an Active Directory domain.
  • The server must be a member of the Session Broker Computers local group on the RD Connection Broker server.
  • The server must be a member of a load-balanced RD Session Host server farm.
Task required to Configure a Load balanced RD Connection Broker:

  1. Install the RD Connection Broker role service on the server that you want to use to track user sessions for a farm.
  2. Add the RD Session Host servers in the farm to the Session Broker Computers local group on the RD Connection Broker server.
  3. Configure the RD Session Host servers in the farm to join a farm in RD Connection Broker, and to participate in RD Connection Broker Load Balancing.
  4. Configure DNS round robin entries for RD Session Host servers in the farm

Task 1 : Install the connection broker role service

If the Remote Desktop Services role is already installed:
  • Under Roles Summary, click Remote Desktop Services.
  • Under Role Services, click Add Role Services.
  • On the Select Role Services page, select the Remote Desktop Connection Broker check box, and then click Next
 I have two servers in my lab environment this is what they are configured with;

RDS01

RDS02

TASK 2 : Add the RD Session Host servers in the farm to the Session Broker Computers local group on the RD Connection Broker server.

To add an RD Session Host server to the Session Broker Computers local group on the RD Connection Broker Server
  • On the RD Connection Broker server, click Start, point to Administrative Tools, and then click Computer Management.
  • In the left pane, expand Local Users and Groups, and then click Groups.
  • In the middle pane, right-click the Session Broker Computers group, and then click Properties.
  • On the General tab, click Add.
  • In the Select Users, Computers, or Groups dialog box, click Object Types.
  • Select the Computers check box, and then click OK.
  • Locate and then add the computer account for each RD Session Host server that you want to add.
  • When you are finished, click OK.
On RDS01

TASK 3 : Configure the RD Session Host servers in the farm to join a farm in RD Connection Broker, and to participate in RD Connection Broker Load Balancing.

You can configure a Remote Desktop Session Host (RD Session Host) server to join a farm in RD Connection Broker, and to participate in RD Connection Broker Load Balancing, by using the Remote Desktop Session Host Configuration tool.

On every one of the RD Session Host Server that need to join the farm perform the following:

  • Get your Farm name ready: know what you are going to call the farm.
  • On the RD Session Host server, open Remote Desktop Session Host Configuration. To open Remote Desktop Session Host Configuration, click Start, point to Administrative Tools, point to Remote Desktop Services, and then click Remote Desktop Session Host Configuration.
  • In the Edit settings area, under RD Connection Broker, double-click Member of farm in RD Connection Broker.
  • On the RD Connection Broker tab of the Properties dialog box, click Change Settings.
  • In the RD Connection Broker Settings dialog box, click Farm member.
  • In the RD Connection Broker server name box, type the name of the RD Connection Broker server.
  • In the Farm name box, type the name of the farm that you want to join in RD Connection Broker.
  • Click OK to close the RD Connection Broker Settings dialog box.
  • To participate in RD Connection Broker Load Balancing, select the Participate in Connection Broker Load-Balancing check box.
  • Optionally, in the Relative weight of this server in the farm box, modify the server weight. By default, the value is 100. The server weight is relative. Therefore, if you assign one server a value of 50, and one a value of 100, the server with a weight of 50 will receive half the number of sessions.
  • Verify that you want to use IP address redirection. By default, the Use IP address redirection setting is enabled. If you want to use token redirection mode, select Use token redirection. For more information, see About IP Address and Token Redirection.
  • In the Select IP addresses to be used for reconnection box, select the check box next to each IP address that you want to use.
These can also be set using group policy http://go.microsoft.com/fwlink/?LinkId=138134

I Perform this on both RDS01 and RDS02


Task 4 : Configure DNS round robin entries for RD Session Host servers in the farm

(For configuring with NLB check http://fixmyitsystem.com/2011/06/rds-load-balanced-farm-with-rdcb-using.html)

To load balance sessions in an RD Session Host server farm, you can use the RD Connection Broker Load Balancing feature together with Domain Name System (DNS) round robin. To configure DNS, you must create a DNS host resource record for each RD Session Host server in the farm that maps the RD Session Host server’s IP address to the RD Session Host server farm name in DNS.

The following procedure provides the steps to configure DNS on a Windows Server 2008 R2-based domain controller.

You must be a member of the Domain Admins, Enterprise Admins, or the DNS Admins group to complete this procedure.

To add DNS entries for each RD Session Host server in the farm  
  • Open the DNS snap-in. To open the DNS snap-in, log on to a computer where the DNS snap-in has been installed, click Start, point to Administrative Tools, and then click DNS.
  • Expand the server name, expand Forward Lookup Zones, and then expand the domain name.
  • Right-click the appropriate zone, and then click New Host (A or AAAA).
  • In the Name (uses parent domain name if blank) box, type the RD Session Host server farm name.

The farm name is the virtual name that clients will use to connect to the RD Session Host server farm. Do not use the name of an existing server. For management purposes, we recommend that you use the same farm name that you specified when you configured the RD Session Host servers to join a farm in RD Connection Broker. (In my case it is RDSFARM)
  • In the IP address box, type the IP address of an RD Session Host server in the farm.
  • Click Add Host.
  • Repeat steps for each RD Session Host server in the farm.
 So now we need to check if the farm exists.

Open Remote Desktop Services Manager
Right Click Remote Desktop Services Manager and select Import from RD Connection Broker
add the FQDN of the Connection broker server (in my case RDS01)


Now we can expand the tree under RD Connection Broker and we will see our farm that we have just created.




   ---  Updates  ---

On each of the server you will also need to go to the Remote App Configuration.

Go to the Remote App Deployment settings
Connection sesttings.
Change the FQDN to the FQDN of the Farm name

Added article on configuring with NLB  http://fixmyitsystem.com/2011/06/rds-load-balanced-farm-with-rdcb-using.html

16 comments:

Anonymous said...

Hi,
This post saved me hours of work, and all worked first time. Thanks for the post.
PS: Cape Town is Lekka

Anonymous said...

How does this change if you require multiple connection brokers in the environment for redundancy? As configured above the Connection Broker is a single point of failure.

Etienne Liebetrau said...

It is a single point because it has to be a central point for collection the connection information for all the sessions. Microsoft's recommendation for high availability is to cluster the connection broker.

There is another way though. If you are not using VDI or do not need to reconnect RDP sessions you can go without the connection broker.

Keep in mind that RDS has fairly good reconnect ability within a session. The resume active sessions is for a scenario where application are purposely left open and the session are forcefully disconnected as opposed to being logged out from.

Drop me a mail or catch me on Skype if you want to chat about deployment options.

Anonymous said...

How is the RD Session Host Server Farm created for RD Session Host Servers prior to the Session Broker Role being added?

Anonymous said...

If the TSCB is down, DNS round robin will allow users access to a terminal server although you would of course not have load balancing or guaranteed reconnection of sessions until the TSCB is restored.

Bonsi said...

Please a clarification: has the RDCB a load balancing mechanism itself WITHOUT implementing DNS round-robin or NLB? It seems no... am I right?
If so, if I'm only interesting in a fault-tolerance feature by NLB between RDSH servers , in this case which is the REAL utility of RDCB role? Many thanks in advance, Bonsi

Etienne Liebetrau said...

Hi Bonsi

If I can put it in another way. The RDCB make sure the connection goes to the correct server when they are load balanced. This is important if you want to resume a session that was disconnected and you want to resume later on.

You do not need the RDCB if you do not care to resume broken connections.

You do need a RDCB if you want to do VDI.

Drop me a mail with your proposed design if you want I can give it the once over..

Bonsi said...

Many thanks Etienne for the prompt reply!
So, RDCB is NOT needed if I prefer to use a NLB mechanism only to implement load balancing directly and I don't need to resume broken connection, but do I need a RDCB role if I have to publish a single application (I mean, if I have to create a RDP file to distribute to the users)? Instead, according to the scenario you describe in the other article regarding NLB configuration, the assigned NLB virtual IP address is exactly the same RDSH FARM IP address? I mean, is that IP (or name) the users have to use in RDP connection? many thanks again, Bonsi (eventually I can send you an mail...)

Etienne Liebetrau said...

There are a few different way you can go about this...

If all your servers are identical and you server the same applications on all of them you can put then in a NLB or round robin. Connections are then made again the NLB / RR IP

If you use the web interface you need to specify the application source(s) you can have multiple NLB arrays listed and queries for the published apps on those.

If you distribute the RDP files then just have the NLB IP in there... it will grab the first host that answers

Paul Getz said...

When I click import from RD connection broker I get "unable to access RD connection Broker" even tho I'm on the connection broker machine. What is going on?

Anonymous said...

Could you please be a little more clear on the Remote App deployment settings. What management tool is used?
Thanks!!

Mike Dammer said...

Hello there,

I'm wondering, do you need a second nic in the servers for such thing as a heartbeat line or didn't you do that?

Mike Dammer said...

Hello there,

Did you use a second NIC on the servers for such thing as a heartbeat line. Or did you did everything with one NIC a server?

Etienne Liebetrau said...

Hi Mike

All of the servers in the farms I have deployed use a single NIC. I am assuming you want to use a heartbeat to determine if nodes are alive for load balancing.

If using WNLB this should not be a problem since a failed noded will not be available. If using round robin this would not help either since DNS would be the latent problem.

You can also check out using an F5 LTM to do the loabalacing with connectivity monitors...

Hope this is what you are looking form

Habibi X said...

Hi Etienne,

I have:

TWO RDGW&WA SERVERS (RDGW FARM MEMBERS)
(1 in site A, 1 in site B)
TWO RDCB SERVERS (ACTIVE/PASSIVE IN MSFC)
(1 in site A, 1 in site B)
SIX RDSH SERVERS (IN SAME FARM: RDSFARM)
(3 in site A, 3 in site B)

I was using DNSRR (6 A records for RDSFARM) for load balancing my RDSFARM members.

Now I have purchased a Barracuda hardware Load Balancer and I have created a virtual IP (VIP) and the real serves behind the VIP are my SIX RDSH servers.

Should I simply remove the Round Robin entries for my SIX RDSH server and just now have a single A record for my RDSFARM pointing to the VIP?

Is there anything else I need to change at the Connection Broker level?

All my RDSH servers are simply Farm Members and I guess all of them act as a Redirector in this case. I do not want to use dedicated redirector as this I feel is a waste of a resource/svr and single point of failure..why not get all RDSH servers to do re-direction...

Etienne Liebetrau said...

Hi Habibi

You should just be able to use the VIP instead od the DNSRR without a need to do anything else.

Let me know how it went.

Post a Comment