Microsoft Windows Server 2003 Deployment Kit [Electronic resources] : Planning Server Deployments نسخه متنی

Upgrading Existing Clusters

If your organization has applications and services that currently run on the Windows NT 4.0 or Microsoft Windows 2000 operating systems, you can upgrade your existing WLBS or Network Load Balancing clusters to take advantage of the improved security and performance of Windows Server 2003 and Network Load Balancing. Figure 9.8 shows the process for upgrading an existing cluster.

Figure 9.8: Upgrading an Existing Cluster

The Network Load Balancing upgrade process assumes the following conditions:

Your applications are running on an existing IIS 4.0 (on Windows NT 4.0) or IIS 5.0 (on Windows 2000).

You are upgrading the operating system and services running on your existing application servers.

The system resources of the computers in your existing application farm are sufficient, or can be upgraded, to support Windows Server 2003 and IIS 6.0.

You can upgrade a cluster by taking the entire cluster offline and upgrading all the hosts, or you can leave the cluster on line and perform a rolling upgrade. A rolling upgrade entails taking individual cluster hosts offline one at a time, upgrading each host, and returning the host to the cluster. You continue upgrading individual cluster hosts until the entire cluster is upgraded. A rolling upgrade allows the cluster to continue running during the upgrade.

The decision to use rolling upgrades is based on the applications and services running on your existing cluster. If the applications and services support rolling upgrades, then perform a rolling upgrade on the existing cluster. Otherwise, perform the upgrade process recommended for the applications and services running on the cluster. For more information on the upgrade process for the applications and services running on your cluster, see "Additional Resources" later in this chapter.

Upgrade the cluster by using the information documented in the "NLB Cluster Host Worksheet" that your design team completed for each cluster host during the design process.

Preparing to Upgrade the Cluster

Network Load Balancing runs independently of other networking services provided by Windows Server 2003. On the other hand, the applications and services running on the cluster can be dependent upon the network infrastructure and other network services in your existing environment. Prior to upgrading the existing cluster, deploy any network infrastructure components or networking services that are required by the applications and services running on the cluster.

Prepare to upgrade the cluster by performing the following tasks:

Verify that applications and services running on the cluster are compatible with Windows Server 2003.





Upgrade the network infrastructure as required by the applications and services running on the cluster.





Upgrade any networking services as required by the applications and services running on the cluster.

Verifying Applications and Services Are Compatible with Windows Server 2003

Before you upgrade the existing cluster, ensure that the applications and services running on the cluster are compatible with Windows Server 2003. For help in determining if your application is compatible with Windows Server 2003, use the Windows Application Compatibility Toolkit. To download the toolkit, see the Windows Application Compatibility link on the Web Resources page at http://www.microsoft.com/reskits/webresources.

Upgrading Necessary Network Infrastructure

Before you upgrade the existing cluster, ensure that the final configuration of the cluster can be supported by the network infrastructure that connects the cluster to client computers, to other servers within your organization, and to management consoles. Perform only the network infrastructure upgrades required by the applications and services running on the cluster. Avoid performing upgrades to the network infrastructure for other reasons at the same time that you are upgrading the cluster. This minimizes the number of changes to the environment and reduces the likelihood of problems occurring during the upgrade process.

The network infrastructure to upgrade includes the following components:

Network cabling

Hubs

Switches

Routers

Firewalls

Upgrading Any Required Networking Services

Network Load Balancing is independent of the other Windows Server 2003 network services. As a result, no networking services upgrades are required for Network Load Balancing.

However, the applications and services running on the cluster can be dependent on other Windows Server 2003 networking services. For more information about requirements that the services and applications running on the cluster might have for upgrading networking services, see "Additional Resources" later in this chapter.

Example: Preparing to Upgrade the Cluster

An organization is upgrading their existing virtual private network (VPN) remote access solution. The existing solution has a VPN remote access server farm that supports Point-to-Point Tunneling Protocol (PPTP) and Layer Two Tunneling Protocol (L2TP). Currently the VPN remote access server farm is running WLBS on Windows NT 4.0. Figure 9.9 illustrates the organization's network environment prior to preparing for the upgrade of the existing WLBS cluster that hosts the VPN remote access server farm.

Figure 9.9: Network Environment Before Preparing to Upgrading the Cluster

As the first step in upgrading the existing VPN remote access server farm, the organization installs any networking services required by the VPN remote access server farm. No networking infrastructure or networking services upgrades are required for the upgrade.

In the future, the organization plans to deploy Internet Authentication Service (IAS) servers to provide centralized management of remote access policies. However, the deployment of IAS is scheduled to occur after the upgrade to Windows Server 2003 to prevent any unnecessary complications during the upgrade process.

Upgrading the Cluster

The upgrade of your existing cluster can be done one cluster host at a time (a rolling upgrade) or by taking the cluster offline to upgrade all the hosts at the same time (a nonrolling upgrade). It is recommended that you perform a rolling upgrade. Otherwise, perform the upgrade process recommended for the applications and services running on the cluster. For more information on the upgrade process for the applications and services running on your cluster, see "Additional Resources" later in this chapter.

Determine if you can perform a rolling upgrade in your lab prior to your pilot or production deployments. If you can perform rolling upgrades, ensure that you perform the post-upgrade processes described in this section for each individual cluster host.

To perform a rolling upgrade on existing WLBS or Network Load Balancing clusters, complete the following tasks:

Prevent clients from accessing the cluster host to be upgraded by performing a drainstop on the cluster host.





Monitor client activity on the cluster host until all client activity ceases.





Upgrade the cluster host.





Verify that the applications and services are running correctly on the upgraded cluster host.





Add the cluster host back to the cluster.





Upgrade the remaining cluster hosts by performing steps 1 though 5 for each cluster host.

Preventing Clients From Accessing the Cluster Host

Before you upgrade a cluster host, you must ensure that no clients have active sessions running on the cluster host. During the upgrade process, the cluster host is still connected to the network infrastructure.

However, to prevent new clients from starting sessions or applications on the cluster host, perform a drainstop on the cluster host to be upgraded. Performing a drainstop prevents new clients from accessing the cluster while allowing existing clients to continue until they have completed their current operations.

In addition, configure the Default state of the Initial host state to Stopped. Configuring the cluster host in this manner ensures the cluster host cannot rejoin the cluster during the upgrade process. Because the upgrade process requires the cluster host to restart, you need to verify that the upgrade completed successfully before adding the cluster host back to the cluster.

For more information about performing a drainstop on the source cluster and changing the Default state of cluster host, see "Create and Manage Network Load Balancing Clusters" in Help and Support Center for Windows Server 2003.

Monitoring Client Activity on the Cluster Host

After you run the drainstop on the cluster host, monitor client activity on the cluster host to determine when clients are no longer using the cluster host. The method for determining when clients are no longer using the cluster host is specific to the applications and services running on the cluster host.

For example, for a VPN remote access solution, monitor for active VPN connections to the cluster host. When there are no active VPN connections, the cluster host is ready to be upgraded.

For more information about monitoring the applications and services running on the cluster for client activity, see "Additional Resources" later in this chapter.

Upgrading the Cluster Host

After you ensure that no clients are accessing the cluster host, upgrade the cluster host to Windows Server 2003. Ensure that during the upgrade process you apply the latest service packs and hotfixes.

After the upgrade is complete, check the upgrade logs (Setuperr.log in the windir folder of the system volume) to identify any problems that occurred during the upgrade process. Many applications and services running on the cluster have log files that identify problems that occur during the upgrade process. For example, IIS 6.0 creates a separate log that documents the upgrade process for IIS components. Make certain that you review any upgrade logs for the applications and services running on the cluster.

For more information about these upgrade logs, see "Additional Resources" later in this chapter.

Verifying the Applications and Services are Running Correctly

After the upgrade of the cluster host is complete, you need to verify that the applications and services are running correctly on the cluster host. You need to do this before starting the cluster service again in order to allow the cluster host to rejoin the cluster. The process presented here is specific to Network Load Balancing. This process might apply to the applications and services running on the cluster, however, the applications and services running on the cluster might have a different verification process. For more information on the verification process for specific applications and services running on the cluster, see "Additional Resources" later in this chapter.

To verify that the applications and services are running correctly after you upgrade the cluster host, complete the following tasks:

Temporarily connect a client computer to the same switch used by the cluster.





From the client computer, verify that the applications respond to client requests as they did prior to the upgrade.





Verify that the identified security threats are mitigated.

The only action you need to take to mitigate Network Load Balancing-specific security threats is to ensure that unauthorized clients cannot remotely administer the cluster. Unless the network infrastructure, including firewalls or routers, changed significantly since the start of the upgrade, the Network Load Balancing security threats should still be mitigated.

However, you must mitigate security threats that are unique to the applications and services running on the cluster. For more information about mitigating security threats for specific applications and services running on the cluster, see "Additional Resources" later in this chapter.





Enable monitoring and health checking, if they are not already enabled.

A Microsoft Operations Manager (MOM) Management Pack exists for Network Load Balancing. When your organization uses MOM to monitor and manage the servers within your organization, include the MOM Management Pack for Network Load Balancing on the cluster hosts.

For more information about monitoring and health checking the applications and services running on the cluster, see "Additional Resources" later in this chapter.





Disconnect the client computer from the switch.

Adding the Cluster Host Back to the Cluster

After you complete the upgrade and verify that the applications and services are running correctly, add the cluster host back to the cluster. Because the cluster host is still connected by cable to the existing network infrastructure, adding the cluster host back to the cluster requires you to start Network Load Balancing on the cluster host.

To add the cluster host back to the cluster, use Network Load Balancing Manager to start the Network Load Balancing service on the cluster host. In addition, configure the Default state of the Initial host state to match the setting that existed prior to the upgrade process. Configuring the cluster host in this manner ensures that the clients accessing the applications and services running on the cluster do not encounter problems when you restart the cluster host and return it to the cluster.

The reason to configure the cluster host with the same settings, instead of selecting Started, is that Network Load Balancing loads very early in the operating system boot process. The cluster host can join the cluster before other services are running. This means the cluster host might receive load before other services, such as IIS, are started. Allowing Network Load Balancing to start before other services could result in the denial of service to users until the service starts.

You can use management software, such as MOM, to monitor the services running on the host and to start Network Load Balancing when the appropriate services are running. Using management software to start Network Load Balancing is recommended to prevent users from experiencing outages in service.

For more information on performing a drainstop on the source cluster and changing the Initial host state of cluster host, see "Create and Manage Network Load Balancing Clusters" in Help and Support Center for Windows Server 2003.

Example: Upgrading the Existing NLB Cluster

The organization mentioned in the examples earlier in this chapter is now ready to upgrade the existing VPN server farms. In this step, the organization performs a rolling upgrade on each cluster host in the VPN remote access server farm.

Each of the VPN remote access servers were upgraded in turn until the entire VPN remote access server farm was upgraded. Figure 9.10 illustrates the organization's network environment after the upgrade of the cluster.

Figure 9.10: Network Environment After Upgrading the Cluster

To upgrade the VPN remote access server farm, the following tasks were performed:

Prevented client access on the VPN-01 cluster host by performing a drainstop on VPN-01.





Monitored client activity on VPN-01 until all client activity ceased.





Upgraded VPN-01.





Verified that the applications and services are running correctly on VPN-01.





Added VPN-01 back to the cluster.





Performed steps 1 through 5 on the remaining VPN remote access servers.