Design – Tech-Coffee // Tue, 06 Jun 2017 08:01:26 +0000 en-US hourly 1 65682309 Choose properly your CPU for Storage Spaces Direct // // Mon, 09 Jan 2017 21:54:17 +0000 // When building a hyperconverged solution, the CPU is the most important part. This component defines the number of vCPU supported by your infrastructure and so, defined the number of servers to deploy. Today we can install hundreds of RAM in GB, and dozens of storage in TB. Compared to these components the number of CPU ...

The post Choose properly your CPU for Storage Spaces Direct appeared first on Tech-Coffee.

When building a hyperconverged solution, the CPU is the most important part. This component defines the number of vCPU supported by your infrastructure and so, defined the number of servers to deploy. Today we can install hundreds of RAM in GB, and dozens of storage in TB. Compared to these components the number of CPU is small. So, a bigger CPU (in term of number of cores) almost always reduces the number of servers to buy. In the other hand, with the new Windows Server 2016 license model, a bigger CPU means a higher license cost.

This topic introduces a way to try to choose the right CPU to balance the infrastructure cost (hardware and software) and performance. This is a feedback from a real case study that I have done.

Theoretical case study values

For this topic, I’ll use the theoretical values to show you the cost difference between several CPUs. To make this study, I’ll use the following required values:

  • 500 vCPUs
  • 3TB of RAM
  • 20TB of Storage

Remind about the Windows Server 2016 license

For this topic, I’ll focus on Windows Server 2016 Datacenter license because Storage Spaces Direct requires this edition. Windows Server 2016 is a per-core basis. The Windows Server 2016 license covers up to two sockets of 8 physical cores (16 cores per server). Beyond these 16 cores, you have to acquire license pack. Each license pack covers up to two physical cores.

For example, if you have two CPU of 14 cores, the server has 28 cores. So, you buy the Windows Server 2016 Datacenter which covers up to 16 cores. For the 12 cores remaining, you have to buy 6 additional license packs.

The public cost of Windows Server 2016 Datacenter is:

  • 6155$ for Windows Server 2016 Datacenter
  • 760$ for a license pack

Selected CPU

For this topic, I have Selected two CPUs:

  • Intel Xeon E5-2630v4 (667$): 10 Cores
    • 25MB cache, 2,20GHz
  • Intel Xeon E5-2683v4 (1846$): 16 Cores
    • 40MB cache, 2,10GHz

The Intel Xeon E5-2683v4 has more cache but 100MHz less than Intel Xeon E5-2630v4. But the higher number of cores enable to support more vCPUs.

Calculate the required hardware

For this infrastructure, 500 vCPUs are required. Because we will host server workloads, we can define the consolidation rate to 4:

Number of Cores = 500vCPUs / 4 (consolution rate)

So, we need 125 cores. For the calculation, I never consider the Hyperthreading. Below, please find the number of servers required depending of the server. The column #Node is the number of nodes (Raw) round up with an additional node for the N+1. To find the number of nodes, I have divided the required cores per the number of cores per node. As you can see, with the E5-2630v4, you need two additional nodes.

required Cores


#Cores / node

#Nodes (Raw)












Now that we have the number of nodes, we can calculate the required memory. To calculate the required memory per node, I take the number of nodes – 1 to support a node failure. With the CPU E5-2630v4, you need 500GB per node and you’ll have 3,5TB of RAM for the cluster. With E5-2683v4, you need 750GB of RAM per node and you’ll have 3,75TB of RAM for the cluster. You need more RAM per cluster for E5-2683v4 because you have less nodes.

Required RAM (GB)



#Nodes – 1

Ram per node

Total RAM













Finally, for the storage, we need 20TB. We use Storage Spaces Direct and to host virtual machines, we need 3-way mirroring. I have selected the following configuration:

  • Intel Xeon E5-2630v4 (7 nodes) – Total 22TB with 4TB of reservation
    • 4xSSD 400GB (Cache)
    • 6x HDD 2TB (Capacity)
  • Intel Xeon E5-2683v4 (5Nodes) – Total 24TB with 8TB of reservation
    • 4xSSD 400GB (Cache)
    • 4xHDD 4TB (Capacity)

To make the price comparison related to the selected hardware, I have used Dell hardware (Dell R730xd):

Node E5-2630v4

Node E5-2683v4

2x E5-2630v4
512GB of RAM
2x SSD 120GB (OS)
4x SSD 400GB (Cache)
6x HDD 2TB (Capacity)
1x Mellanox 25GB dual controller

2x E5-2683v4
750GB of RAM
2x SSD 120GB (OS)
4x SSD 400GB (Cache)
4x HDD 4TB (Capacity)
1x Mellanox 25GB dual controller

27K$ per node

35K$ per node

189K$ for 7 nodes

175K$ for 5 nodes

The total hardware cost for E5-2683v4 solution is 14K$ less expensive than the solution with E5-2630v4. Now, let’s see the license cost

Windows Server 2016 Datacenter licenses

With the E5-2630v4 solution, we have 20 cores per node and with E5-2683v4 solution we have 32 cores per node.


#Cores / node

#Extra license packs

#Total cost / node


Total cost













As you can see, you need to spend more money for E5-2683v4 solution than E5-2630v3 in Windows Server 2016 licenses.

Total solution cost

Below you can find the total cost for both solutions:












So, the total cost for E5-2630v4 solution is almost 243K$ and 236K$ for E5-2683v4 solution. As you can see, even if the bigger CPU is more expensive and even if you have to acquire more Windows Server 2016 licenses, the E5-2683v4 solution is less expensive. Moreover the E5-2683v4 solution has a better consolidation because we can host more VMs in each node. So this solution is more scalable.


I have written this topic to show you that a bigger CPU doesn’t mean a more expensive solution. So for your hyperconverged solution with Storage Spaces Direct, you should evaluate several type of CPU. By taking time in the planning phase, you can save money and implement a more scalable solution.

The post Choose properly your CPU for Storage Spaces Direct appeared first on Tech-Coffee.

// 0 4989
AlwaysOn Availability Group Design // // Sun, 27 Apr 2014 10:53:15 +0000 // SQL Server 2012/2014 AlwaysOn Availability Groups: Article Summary Part 1 – AlwaysOn Introduction Part 2 – AlwaysOn Design Part 3 – Install and Configure Windows Server 2012 R2 in Core mode Part 4 – WSFC Cluster Creation Part 5 – Install SQL Core on Windows Core Server Part 6 – AlwaysOn Availability Groups Creation Part ...

The post AlwaysOn Availability Group Design appeared first on Tech-Coffee.

SQL Server 2012/2014 AlwaysOn Availability Groups:


This part describe the design of the environment.

Article summary: SQL Server 2012-2014 AlwaysOn Availability Group

For the tests, I will create an “AlwaysOn Availability Group” cluster with four nodes and four AAG. Each AAG has two SQL Server Instance members, so each SQL node participate to two AAG.

The first two AAG will be used to host only test Databases. The other two will be used to host databases for SCOM 2012 R2 and SCO 2012 R2.

Schema AlwaysOn Availability Groups - Design - Multiple AAG - Replication Network

Schema: AlwaysOn Availability Groups Design with multiple AAG on four Nodes and a dedicated Network for Replication

AlwaysOn Cluster – Physical View

Schema - AlwaysOn Availability Groups Physical View (DataCenter Fault Tolerance)

Schema: AlwaysOn Availability Groups Physical View (DataCenter Fault Tolerance)


LAB Requirements

Three Networks are required.

vSwitch Description Subnet
vSwitch0-Public Client Access /24
vSwitch1-Cluster Heartbeat /24
vSwitch2-Replication AAG Replication /24

Note: I use same subnet for all nodes, I’ll write an article for WSFC Cluster Administration/Troubleshoot which also cover cross-subnet configuration.

Infra server:

Server Description IP


SQL Servers / Instances Configuration

The lab will be composed on a four node WSFC cluster:


Hostname OS IP VLAN Public IP VLAN CLUSTER IP VLAN Replication Note
M-SQLA1 WS2012R2
clustsqlao1 n/a n/a n/a Cluster Resource Name

M-SQLA1 OS will be installed in full GUI mode with the SQL Feature “Management Tools – Complete” (include “Management Studio”; it’s not compatible with a Core installation). This server will be used to manage SQL AAG and WSFC cluster.

Note: In a production environment, all servers must be identical (all in core mode, or full/minimal) and a dedicated “management/tools” server with consoles is used for administration.

Best Practices and Recommendations
It’s recommended to use the Windows Server Core Installation option for setting up a SQL server environment (especially if it’s virtualized).
Advantages of a SQL Core installation:
  • reduce the space required on disk.
  • reduce the potential attack surface.
  • reduce the overhead of updating patches.
  • minimize the requirements for servicing and restarting the server.


We need to install one named-instance per SQL Server:

Server Instance Name Instance Port SQL Features
M-SQL1 aoi1 1764 SQL Database Engine
Full-Text Search (needed for SCOM)
M-SQL2 aoi2 1764
M-SQL3 aoi3 1764
M-SQL4 aoi4 1764


Note Port Instances/Listener:

For an AAG Environment, you have to choice Ports for instances (here x4) and Ports for AAG-Listener (also x4 in my lab). I choose to use the same port (but not the default 1433) for all instances and all AAG Listeners, but there is no restriction. You can use different ports for each instance, different ports for each Listener, same port for all instances and another port for all Listeners, etc…


Availability Groups Configuration

I will create four Availability Groups:

AAG Members (Instance) Default Role AAG Listener Databases




AAG-1 m-sqla1\aoi1 Primary AAG-1L 1764 DBTest01
m-sqla3\aoi3 Secondary
AAG-2 m-sqla1\aoi1 Secondary AAG-2L 1764 DBTest02
m-sqla3\aoi3 Primary
AAG-3SCOM m-sqla2\aoi2 Primary AAG-3L 1764 SCOM OP
m-sqla4\aoi4 Secondary
AAG-4SCOM m-sqla2\aoi2 Secondary AAG-4L 1764 SCOM DW
DB Orchestrator
m-sqla4\aoi4 Primary

AAG-1 and AAG-2 will serve for tests only. AAG-3SCOM and AAG-4SCOM will be used for my SCOM and Orchestrator Labs.

In this configuration, in nominal mode each instance hosts an “Active” Primary Replica.

The simulation is m-sql1 and m-sql2 in the same room and the two others in another room.

So I can lose one room (all my AAG/Databases remain available)


AAG Listener (VNN – Virtual Network Name)

For reminder, on the WSFC cluster side an AAG is a cluster Resource Group and the VNN is two cluster resources:

  • Virtual Name
  • Virtual IP


When you configure an application to host its Database on a SQL Availability Group you have to specify the Listener name for the instance name and the Listener port for the Instance port.


AAG Implementation – Version 1

This is the first version that will be configured in the next parts of the article:


Schema AlwaysOn Availabilty Groups Design 4 AAG v1

Schema: Design 4x AlwaysOn Availability Groups with Synchronous Replicas – V1

AAG Implementation – Version 2

In another part, to simulate a Remote DRP Site, I will add and additional Instance (with two Replicas in Asynchronous mode on the AAG-1 and the AAG-2):


Schema AlwaysOn Availability Groups Design 4 AAG v2

Schema: Design 4x AlwaysOn Availability Groups with Synchronous/Asynchronous Replicas – V2

Availability Replicas Configuration

The next part is to specify the detailed availability replica (two per AAG) configuration:

AAG Server Instance Initial Role Automatic
Allow Readable
AAG-1 m-sqla1\AOI1 Primary Yes Yes Yes
m-sqla3\AOI3 Secondary Yes Yes Yes
AAG-2 m-sqla1\AOI1 Secondary Yes Yes Yes
m-sqla3\AOI3 Primary Yes Yes Yes
AAG-3SCOM m-sqla2\AOI2 Primary Yes Yes Yes
m-sqla4\AOI4 Secondary Yes Yes Yes
AAG-4SCOM m-sqla2\AOI2 Secondary Yes Yes Yes
m-sqla4\AOI4 Primary Yes Yes Yes

All replicas will be configured in “Automatic” failover mode and so in “Synchronous” availability mode.

For more information see TechNet: Failover and Failover Modes (AlwaysOn Availability Groups) –


Readable Secondary Option:

For future tests, I enable Readable Secondary option.

Option Description
No No user connections are allowed to secondary databases of this replica. They are not available for read access. This is the default setting.
Read-intent only Only read-only connections are allowed to secondary databases of this replica. The secondary database(s) are all available for read access.
Yes All connections are allowed to secondary databases of this replica, but only for read access. The secondary database(s) are all available for read access.


Primary Role Connections:

I use the default settings (Allow all connections).

Option Description
Allow all connections All connections are allowed to the databases in the primary replica. This is the default setting.
Allow read/write connections When the Application Intent property is set to ReadWrite or the Application Intent connection property is not set, the connection is allowed. Connections where the Application Intent connection property is set to ReadOnly are not allowed. This can help prevent customers from connecting a read-intent work load to the primary replica by mistake.


Endpoints Configuration

There is one Endpoint per SQL Server Instance.

During AAG Creation (via Wizard), Endpoint URL is configured with the SQL Instance FQDN. With this default option, instances will communicate over the Public Network (for reminder:

So to configured instance communication on the Replication Network ( I have to set my endpoint to: TCP://10.0.20.x:5022.

For tests, I will configure two instances (AOI1 and AOI3) on the Public Network (with FQDN) and the two other instances (AOI2 and AOI4) on the Replication Network.

Server Instance Endpoint URL Endpoint Port Endpoint Name
m-sqla1\AOI1 TCP:// 5022 Hadr_endpoint
m-sqla2\AOI2 TCP:// 5022 Hadr_endpoint
m-sqla3\AOI3 TCP:// 5022 Hadr_endpoint
m-sqla4\AOI4 TCP:// 5022 Hadr_endpoint


Note: 5022 is the default port, you can use another port.


Service Accounts Requirement

Isolate Instance Services

Isolating services reduces the risk that one compromised service could be used to compromise others.

At the Instance level, each SQL Service (SQL Server, SQL Agent …) must be configured with different account.

Isolate Instances

A Security Best Practice is to use different accounts for each instance, but considers these points:

  • Microsoft recommends to use the same account for all instances of an AlwaysOn Cluster (it’s more simple to assign rights to Endpoints)
  • If you want to use Kerberos, instances must use the same account:


Service Accounts – Solutions

Use the same account for all Instances (enable Kerberos authentication):

  • gMSA (Group Managed Service Accounts): the best solution for the AlwaysOn Availability Group is to use a gMSA (same as a MSA account but available on multiple host). But it’s not supported for the moment on SQL Server…


Status about  gMSA/MSA accounts for SQL

Group Managed Service Accounts Overview


  • “Classic” Domain Account:
    you can use the same domain account for all instances (this works), but when you have to change the password account you have to program an interruption of service (all node will be affected at the same time by the password change…)


Use different accounts for all Instances (disable Kerberos authentication):

    • MSA (Managed Service Account): you can use a MSA account per Instance (MSA is a domain account; password is managed automatically by the domain controller; a MSA is assigned to only one host)


  • Virtual Accounts: you can use a virtual account per Instance (the functioning is identical to a MSA except it’s a local account managed by the host, not by the DC). This is the default option during a SQL Instance installation.


For more information, see TechNet article: Configure Windows Service Accounts and Permissions –

So actually, there is no possible solution for use Kerberos with AAG in a production environment. I will use MSA account for my lab.

Account MSA Description Member Of / Rights Instance Service Mode
lab1\SQLAlwaysOnAdmins n/a SQL Administrators Group Local Administrator of all nodes
Sysadmin on all instance
n/a n/a
lab1\sqlaoinstall No Account use for Installation Member of SQLAOAdmins Group n/a n/a
lab1\svc-sqldbe1 Yes SQL Service – Database Engine Domain User aoi1 Automatic
lab1\svc-sqlagt1 Yes SQL Service – Agent Domain User Automatic
lab1\svc-sqldbe2 Yes SQL Service – Database Engine Domain User aoi2 Automatic
lab1\svc-sqlagt2 Yes SQL Service – Agent Domain User Automatic
lab1\svc-sqldbe3 Yes SQL Service – Database Engine Domain User aoi3 Automatic
lab1\svc-sqlagt3 Yes SQL Service – Agent Domain User Automatic
lab1\svc-sqldbe4 Yes SQL Service – Database Engine Domain User aoi4 Automatic
lab1\svc-sqlagt4 Yes SQL Service – Agent Domain User Automatic


Permission needed for Service Account:

Notes: During installation, these permissions are granted by the SQL setup.

Service Description Permissions granted by SQL Server Setup
SQL Server Database Services The service for the SQL Server relational Database Engine. The executable file is <MSSQLPATH>\MSSQL\Binn\sqlservr.exe. Log on as a service
Replace a process-level token
Bypass traverse checking
Adjust memory quotas for a process
Permission to start SQL Writer
Permission to read the Event Log service
Permission to read the Remote Procedure Call service
SQL Server Agent Executes jobs, monitors SQL Server, fires alerts, and enables automation of some administrative tasks. The executable file is <MSSQLPATH>\MSSQL\Binn\sqlagent.exe. Log on as a service
Replace a process-level token
Bypass traverse checking
Adjust memory quotas for a process
Reporting Services Manages, executes, creates, schedules, and delivers reports. The executable file is <MSSQLPATH>\Reporting Services\ReportServer\Bin\ReportingServicesService.exe. Log on as a service
SQL Server Browser The name resolution service that provides SQL Server connection information for client computers. The executable path is c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe Log on as a service
Full-text search Quickly creates full-text indexes on content and properties of structured and semistructured data to provide document filtering and word-breaking for SQL Server. Log on as a service
Adjust memory quotas for a process
Bypass traverse checking



Disk configuration per node:

Disk Letter RAID Level Size Name SQL Path Description
disk0 c: n/a 25GB System C:\Program Files\Microsoft SQL Server\
C:\Program Files (x86) \Microsoft SQL Server\
SQL Shared Features
SQL Shared Features
SQL Server Directory
System Databases
disk1 G: n/a 5 GB SQL_DB G:\MSSQL\AOREPLICA\Data
TempDB Database
Database Backups
DB Transaction Log
TempDB Log


Notes about Storage:

If your SQL Servers are virtualized, for production environment you shouldn’t use Virtual Disk (except for OS). You have to use Pass-through (via Virtual FC) for Hyper-V, or RDM LUN for VMware.

In addition for better performance you must use a dedicated disk for TempDB.

Install SQL Server (SQL Server Directory) on a separate disk (D:).

You can also add a separate disk for pagefile, but if the SQL server is correctly sized it should not have to swap.


Example of a Production configuration

Disk Letter RAID Level Size Name SQL Path Description
disk0 C: Raid 1 xx GB System C:\Program Files\Microsoft SQL Server\
C:\Program Files (x86) \Microsoft SQL Server\
SQL Shared Features
SQL Shared Features
disk1 D: Raid 1 xx GB SQL_BIN D:\MSSQL\MSSQL11.<instancename>\
SQL Server Directory
System Databases
disk2 G: Raid 10 xx GB SQL_DB G:\MSSQL\AOREPLICA\Data Databases
disk3 K: Raid 5 xx GB SQL_BAK K:\MSSQL\MSSQL11.<instancename>\MSSQL\Backup Database Backups
disk4 L: Raid 10 xx GB SQL_LOG L:\MSSQL\AOREPLICA\Log Transaction Log
disk5 T: Raid 10 xx GB SQL_TEMPDB T:\MSSQL\MSSQL11.<instancename>\MSSQL\TempDB\Data
TempDB Database
TempDB Logs
disk6 R: Raid 5 xx GB SQL_SSRS R:\MSSQL\MSSQL11.<instancename>\MSSQL\Reports SSRS Feature


Note for Databases/Logs path on AAG:

If you use the default instance path (which contains the instance name) for Databases and Logs, the paths on all the nodes participating to the AAG are different. This has an impact on AlwaysOn AG.


If the file path (including the drive letter) of a secondary database differs from the path of the corresponding primary database, the following restrictions apply:

  • New Availability Group Wizard/Add Database to Availability Group Wizard:  The Full option is not supported (on the “Select Initial Data Synchronization” Page).
  • RESTORE WITH MOVE:  To create the secondary databases, the database files must be RESTORED WITH MOVE on each instance of SQL Server that hosts a secondary replica.
  • Impact on add-file operations:  A later add-file operation on the primary replica might fail on the secondary databases. This failure could cause the secondary databases to be suspended. This, in turn, causes the secondary replicas to enter the NOT SYNCHRONIZING state.


So it is recommended to use the same path on all instances:

Data Default Path New Path


Note about TempDB

  • The TempDB shouldn’t be store on the same disk as your Databases
  • In Production, autogrow operations can affect performance so preallocate space to allow for the expected workload (autogrow should be used to increase disk space for unplanned exceptions)
  • SQL CAT team recommends one file per CPU Core. Microsoft Note:

But this recommendation is subject to discussion and depends of your SQL environment (and the TempDB Contention). I’m not going to analyze this in this article, but I invite you to read the great articles of Paul Randal:

A SQL Server DBA myth a day: (12/30) tempdb should always have one data file per processor core:

The Accidental DBA (Day 27 of 30): Troubleshooting: Tempdb Contention:

Another “General” Recommendation:

Last year at PASS 2011 Bob Ward, one the Sr Escalation Engineers for SQL, made the following recommendation which will be updated in the Microsoft references that other people provided on this thread:

As a general rule, if the number of logical processors is less than 8, use the same number of data files as logical processors. If the number of logical processors is greater than 8, use 8 data files and then if contention continues, increase the number of data files by multiples of 4 (up to the number of logical processors) until the contention is reduced to acceptable levels or make changes to the workload/code.




These ports (incoming) must be opened:

Service Protocol Port Name Managed by
Windows (*)
SQL TCP 1764 Instance and VNN Port    
SQL TCP 5022 Instance SQL Endpoint   User for AAG Replica Communication
WSFC Cluster TCP 3343 Failover Clusters (TCP-In) Yes Required during a node join operation
WSFC Cluster UDP 3343 Failover Clusters (UDP-In) Yes  
WSFC Cluster TCP 135 Failover Clusters (DCOM-RPC-EPMAP-In) Yes  
WSFC Cluster TCP 445 Failover Clusters – Named Pipes (NP-In) Yes  
WSFC Cluster TCP <Dynamic> Failover Clusters <RPC Server Programs> Yes  
(*) Rules are automatically created during the feature/role installation

For more information about Microsoft Products Port requirements see MS KB “Service overview and network port requirements for Windows” –


Antivirus Exclusion

Configure these exclusions on your Antivirus:

Exclusions for Cluster:

Type Detail (Path, Extension,…) Description
Folder %Systemroot%\Cluster Cluster folder
Folder Q:\mscs Qurom disk

Exclusions for SQL Server:

Type Detail (Path, Extension,…) Description
File-name extensions .mdf
SQL Server data files
Process <installpath>\MSSQL11.<Instance Name>\MSSQL\Binn\SQLServr.exe SQL process



Next par covers the installation and configuration of servers in core mode: AlwaysOn Availability Group – Part 3 – Install WS2012 R2 Core Server


The post AlwaysOn Availability Group Design appeared first on Tech-Coffee.

// 0 765
AlwaysOn Availability Group Introduction // // Sun, 27 Apr 2014 09:23:29 +0000 // SQL Server 2012/2014 AlwaysOn Availability Groups: Article Summary Part 1 – AlwaysOn Introduction Part 2 – AlwaysOn Design Part 3 – Install and Configure Windows Server 2012 R2 in Core mode Part 4 – WSFC Cluster Creation Part 5 – Install SQL Core on Windows Core Server Part 6 – AlwaysOn Availability Groups Creation Part ...

The post AlwaysOn Availability Group Introduction appeared first on Tech-Coffee.

SQL Server 2012/2014 AlwaysOn Availability Groups:

This part describes the new SQL High Availability feature introduced with SQL Server 2012 version: AlwaysOn Availability Group.





AlwaysOn Features

First of all, do not confuse “AlwaysOn Availability Group” and “AlwaysOn FCI”. This is two distinct solutions:


AlwaysOn FCI (Failover Cluster Instance)

This is the classic SQL Cluster based on the WSFC (Windows Server Failover Clustering) functionality. FCI provide local high availability through redundancy at the server-instance level (a single instance installed across multiple nodes). In case of failure of a node, the instance will start on another node. Clients connect to this instance from a VNN (Virtual Network Name) which is a Cluster resource.

FCI required Shared Storage (SAN, SMB…) for database data and logs. This storage must be configured on all nodes participating to an FCI. In the FCI solution, Shared Storage is a SPOF (Single Point Of Failure).

SQL Services (Instance) can failover between WSFC nodes (so the loss of a server is covered). If the Storage fails the service stops.


  • For FCI on the same site it’s possible to eliminate the Storage SPOF with SAN Replication.
  • For FCI across remote sites you need to implement SAN Replication.

Implementing “SAN Replication” Cons:

  • generates additional costs (this is also the case for AAG; FCI is available on the SQL Standard version, AAG required an SQL Enterprise version) except if it’s included in your SAN license.
  • it’s more complicated to implement on remote geographic sites.
  • it’s require additional storage skills for the operation team.
  • the Availability Group offer more options (like asynchronous replica, backup on secondary replica, ..)

The choice of use FCI or AAG depends of your Business requirement (RTO, RPO, DRP, Remote sites …)

For comparison, AlwaysOn Availability Groups doesn’t require Shared Storage.

I will write an article about AlwaysOn FCI with Windows 2012 R2 SOFS Storage (Scaled-Out File Server).



AlwaysOn Availability Group

The Availability Group feature is a mix of SQL Clustering and SQL Mirroring (it is also presented by MS as an alternative to SQL Mirroring which is deprecated since SQL Server 2012).
The AG is also based on a WSFC cluster; the difference is that on each node a SQL instance is installed and active.

AAG is composed of replicas (a replica is a group of one or more database). There is one Primary Replica and one to four Secondary Replicas (eight for SQL 2014) (a Secondary Replica is a copy of databases from the Primary Replica, when a DB is modified, changes are replicated on all Secondary replica). An AAG is a WSFC cluster resource group (which contains at least the VNN and VIP cluster resources on which the clients will connect). At time T, the AAG is hosted by an instance, so this is the primary replica (database(s) accessible in R/W) and all other replicas synchronize thereon. There are two types of synchronization: synchronous and asynchronous.

If the instance that hosts the primary replica becomes unavailable the AG (the cluster group resource) will switch to another instance and the secondary replica on this instance will become the Primary replica (this failover requires that the secondary replica is set in “synchronous” mode and the status is “Synchronized”).

Automatically failover cannot be done to an asynchronous secondary replica. In asynchronous mode only “forced manual failover” (with possible Data loss) is allowed, this action must be performed by a DBA. This mode is generally used for a DRP on one or more remote site or if the maximum number of replica in synchronous mode is reaches – Max for SQL 2012/2014: 3 (1x Primary + 2x Secondary)

A Cluster Resource Group (for SQL the AG) can be hosted only by one instance at a time. So, on a given AG only one instance at a time can be “active” (active = which hosts Database(s) accessible in R/W = the Primary Replica).

On all replicas in an Availability Group only one can be “Primary Replica” at a time.

For example, with an AG composed of two nodes and containing two databases, it’s impossible to have one Database active on one node and the second DB active on the second node. To achieve this configuration we need to create two AG (on the same two nodes) with one Database in each AG (so there are two Primary Replica, this is the configuration that I will do in this article).


Use the both features

It’s possible to used AlwaysOn FCI in an AlwaysOn Availability Group solution. In this case a SQL Failover Clustering Instance cans host an Availability Replica for Availability Group

Note for Failover Mode: SQL FCIs do not support automatic failover by availability groups, so any availability replica that is hosted by an FCI can only be configured for manual failover.

The implementation of a FCI in an AG will be cover in another article.

Overview (from TechNet):




High Availability features for SQL Server 2012 Licenses:

Feature Name


Business Intelligence




Server Core support Yes Yes Yes Yes Yes
Log Shipping Yes Yes Yes Yes  
Database mirroring Yes Yes (Safety Full Only) Yes (Safety Full Only) Witness only Witness only
Backup compression Yes Yes Yes    
Alwayson Failover Cluster Instances Yes (Node support: OS maximum) Yes (Node support: 2) Yes (Node support: 2)    
AlwaysOn Availability Groups Yes (up to 4 secondary replicas, including 2 synchronous secondary replicas)        



High Availability features for SQL Server 2014 Licenses:

Feature Name


Business Intelligence




Server Core support Yes Yes Yes Yes Yes
Log Shipping Yes Yes Yes Yes  
Database mirroring Yes Yes (Safety Full Only) Yes (Safety Full Only) Witness only Witness only
Backup compression Yes Yes Yes    
Alwayson Failover Cluster Instances Yes (Node support: Operating system maximum Yes (Node support: 2) Yes (Node support: 2)    
AlwaysOn Availability Groups Yes (up to 8 secondary replicas, including 2 synchronous secondary replicas)        


For more information on Features/Licenses:


Terms and Definitions


Term Definition
availability group A container for a set of databases, availability databases, that fail over together.
availability database A database that belongs to an availability group. For each availability database, the availability group maintains a single read-write copy (the primary database) and one to four read-only copies (secondary databases).
primary database The read-write copy of an availability database.
secondary database A read-only copy of an availability database.
availability replica An instantiation of an availability group that is hosted by a specific instance of SQL Server and maintains a local copy of each availability database that belongs to the availability group. Two types of availability replicas exist: a single primary replica and one to four secondary replicas.
primary replica The availability replica that makes the primary databases available for read-write connections from clients and, also, sends transaction log records for each primary database to every secondary replica.
secondary replica An availability replica that maintains a secondary copy of each availability database, and serves as a potential failover targets for the availability group. Optionally, a secondary replica can support read-only access to secondary databases can support creating backups on secondary databases.
availability group listener A server name to which clients can connect in order to access a database in a primary or secondary replica of an AlwaysOn availability group. Availability group listeners direct incoming connections to the primary replica or to a read-only secondary replica.

Source TechNet:



Overview of an AAG



Availability Group

An AG consists of:

  • Two or more Availability Replica (max for SQL Server 2012: 5 / max for SQL Server 2014: 9)
  • One (or more) Availability Group listener


Availability Replica

An Availability Replica contains:

  • A set of Databases (at least one) (there are no maximum for a set; this depends on the load and Server Performances).

          A Database add to an AG is known as Availability Database

Each availability replica is hosted by an instance of SQL Server residing on different nodes of a WSFC cluster (All nodes members of the same Cluster).



An Availability Replica can have the role of:

  • Primary Replica – Database(s) is accessible in Read/Write
  • Secondary Replica – Database(s) is accessible in Read Only (if it’s configured)

On a given AAG, only one availability replica can be “Primary” at a time, others are “Secondary”. Secondary Replica contains a “copy” of databases from Primary (during creation a backup is created from the Primary DB and imported on all secondary).


Availability Mode:

An Availability Replica can be configured in mode:

  • Asynchronous-commit mode – Under asynchronous-commit mode, the primary replica commits transactions without waiting for acknowledgement that an asynchronous-commit secondary replica has hardened the log. Asynchronous-commit mode minimizes transaction latency on the secondary databases but allows them to lag behind the primary databases, making some data loss possible.
  • Synchronous-commit mode – Under synchronous-commit mode, before committing transactions, a synchronous-commit primary replica waits for a synchronous-commit secondary replica to acknowledge that it has finished hardening the log. Synchronous-commit mode ensures that once a given secondary database is synchronized with the primary database, committed transactions are fully protected. This protection comes at the cost of increased transaction latency.


Allow Readable Secondary:

When you configure the AAG, you can configure this option (Known as “Active Secondary Replica”):

With this option you can do the following action:


Availability Group listener

An availability group listener is a Virtual Network Name (VNN) to which clients can connect to access a database (without knowing the name of the instance). Availability group listeners direct incoming connections to the primary replica or to a read-only secondary replica. The listener provides fast application failover after an availability group fails over.

A VNN it’s a WSFC cluster resource and consists of:

  • A DNS Name (a VNN)
  • A Port Number
  • An IP Address (a VIP)

The Listener is always owned by the SQL Server instance where the primary replica resides.

Note about Port:

A Listener can share a same port with an Instance (for example default instance port is used: 1433, and the Listener is also configured with the 1433 port) or use a different port.

For more information:

Availability Group Listeners, Client Connectivity, and Application Failover (SQL Server)


Database Mirroring Endpoint (SQL Server)

Instances participating to an AlwaysOn Availability Group (or a Database Mirroring) use “Database Mirroring Endpoints” to communicate among themselves.

Each Instance must have its own dedicated Endpoint (only one per instance, you cannot create several endpoints for a same instance). After SQL Server Instance installation, the endpoint is not created.

Note: An endpoint is a SQL Server object that enables SQL Server to communicate over the network. “Database Mirroring Endpoint” is a specify endpoint use by AAG or SQL Mirroring for instances communications.

To host an availability replica an instance must have a Database mirroring endpoint (when you create a Replica you have to specify the Endpoint URL of the instance that will host the replica).

The instance uses this endpoint to listen messages from availability replicas hosted by other instances.

Database mirroring endpoints use TCP protocol to send and receive messages between the server instances. The Endpoint URL is composed with the Server FQDN (can be also the Server name, an IPv4 or IPv6 address) and a defined port number. The port number uniquely identifies an instance.

Example: Two instances on one server, you can have two endpoints:

TCP:// => refers to sql-srv1\i1

TCP:// => refers to sql-srv1\i2

Authentication Mode

Two types of Authentication are available for database mirroring endpoints:

  • Certificate-based authentication (If any server instance is running under a built-in account, such as Local System, Local Service, or Network Service, or a non-domain account, you must use certificates for endpoint authentication).

    This part is not covered in this article, for more information see:
    Use Certificates for a Database Mirroring Endpoint (SQL Server)
  • Windows Authentication
    • If all instances use the same domain account, no extra configuration is required.
      (Microsoft recommends using the same account)
    • If instances use different domain accounts, the login of each account must be created in master on each of the other server instances, and that login must be granted CONNECT permissions on the endpoint.


Data Encryption

By default encryption is configured to “Required” on a DB Mirroring Endpoint. You can change this (not recommended) to “Disabled” or “Supported”

Encryption algorithms:

You can also change encryption algorithms. By default on an AlwaysOn instance encryption is configured with AES algorithm.


For more information, see TechNet article “Choose an Encryption Algorithm“:



WSFC (Windows Server Failover Clustering)

The AlwaysOn Availability Group (and also the AlwaysOn FCI) feature is based on the WSFC service. All SQL Server nodes participating to an AAG are members of a WSFC Cluster.

On each node an SQL Server 2012/2014 Enterprise Instance must be deployed.

An AAG is register as a cluster Resource Group in the WSFC Cluster (Resource Group name is the AAG Name). The corresponding Listener (*) of AAG is also register as resource in the Resource Group:

  • Resource – AAG-Listener Name (VNN)
  • Resource – AAG-Listener IP (VIP)

(*) By default one Listener per AAG is sufficient, but if need, it’s possible to create additional Listener (only via PowerShell or WSFC Console)

The WSFC Cluster is responsible of Resources monitoring, in comparison with the SQL Mirroring solution there is not SQL Witness, the WSFC Quorum is used.

It is best practice to always have an odd number of quorum votes in a WSFC cluster.


AAG Heath Monitoring

The WSFC Cluster monitors the health of the AlwaysOn Availability Group (physical and logical cluster resources). Few points about WSFC Monitoring:

  • The active SQL Server instance periodically reports a set of component diagnostics to the WSFC resource group.
  • Issues at the database level, such as a database becoming suspect due to the loss of a data file, deletion of a database, or corruption of a transaction log, do not cause an availability group to failover.


Note: For “Automatic Failover” a Failover Policy is defined and can be customized:


A flexible failover policy provides granular control over the conditions that cause automatic failover for an availability group. By changing the failure conditions that trigger an automatic failover and the frequency of health checks, you can increase or decrease the likelihood of an automatic failover to support your SLA for high availability.

For more Information see TechNet article: Flexible Failover Policy for Automatic Failover of an Availability Group (SQL Server):



During a failover, a Secondary Replica becomes the Primary Replica.

There are three Failover Mode:

  • Planned manual failover (without data loss) – DBA action
  • Automatic failover (without data loss) – In case of failure

For these two modes, the Primary and Secondary Replica must be configured in “Synchronous Availability Mode” and the Secondary must be synchronized.

  • Forced manual failover (with possible data loss)

       This is a Disaster Recovery option; it can only be initiated manually.

It is the only form of failover that is possible when:

          – the target secondary replica is not synchronized with the primary replica.

the target secondary replica is in “Asynchronous availability mode”

Note: All manual failover actions must be done through the SQL Management Studio, PowerShell or Transact-SQL. No action should be done through the WSFC console.



Availability Replica:

  • Availability replicas must be hosted by different nodes of one WSFC cluster
  • One primary replica and up to four secondary replicas per AAG
  • All of the replicas can run under asynchronous-commit mode, or up to three of them can run under synchronous-commit mode.

Maximum number of availability groups and availability databases per computer:

  • No Limitation, depends of Server Performances
  • Microsoft has extensively tested with 10 AGs and 100 DBs per physical machine

Database (To be eligible to be added to an availability group):

  • Use the full recovery model
  • Possess at least one full database backup (After setting a database to full recovery mode, a full backup is required to initiate the full-recovery log chain.)
  • Be a read-write database. Read-only databases cannot be added to an availability group.
  • System databases cannot belong to an availability group.

TDE Protected Databases:

If you use transparent data encryption (TDE), the certificate or asymmetric key for creating and decrypting other keys must be the same on every server instance that hosts an availability replica for the availability group. For more information, see Move a TDE Protected Database to Another SQL Server.

You can find here a FAQ about AlwaysOn capabilities: SQL Server 2012: Always On FAQs


TechNet Resources

AlwaysOn Availability Groups (SQL Server)




Next part covers the AlwaysOn environment design: AlwaysOn Availability Group – Part 2 – Design

The post AlwaysOn Availability Group Introduction appeared first on Tech-Coffee.

// 0 710