Deploying a Windows Server 2008 R2 Remote Desktop Server Farm using RD Connection Broker
|Previous||Table of Contents||Next|
|Configuring Windows Server 2008 RD Web Access||Configuring a Windows Server 2008 R2 Remote Desktop Services License Server|
One of the problems presented by the implementation of Remote Desktop Services on Windows Server 2008 R2 is that it places a greater burden on the server than a file server or web server would do. The reason for this is that the all the applications being run by remote users are running on the server (otherwise known as the RD Session Host), taking up memory and processing power. Acutely aware of this problem, Microsoft introduced the RD Session Broker which allows for the creation of load balanced Remote Desktop Server farms.
The objective of this chapter is to provide the basic information needed to configure Remote Desktop Services load balancing using the RD Connection Broker (formerly known as the TS Session Broker).
An Overview of the Remote Desktop Connection Broker
The RD Connection Broker is positioned on the front line in front of two or more servers running as RD Session Hosts and is responsible for balancing Remote Desktop service load requests between authorized servers such that a single server does not become overloaded. RD Connection Broker can be run on a server specifically designated for the task or, since the broker itself does not require significant resources, on one of the RD Session Host servers in the group.
Load balancing may be configured using a concept known as relative weighting or using round-robin DNS. Under relative weighting, an administrator assigns each server a weight value (based on percentages) which, relative to the weights assigned to other servers, governs the load levels on that server. For example, a server with a weight of 30 will have a load of 30% of the load of another server in the farm with a weight of 100. It is important to understand that loading is based on number of sessions on each server, and not any knowledge of the total resource load on a particular server at a given time. For example, one server with small 'resource light' applications will be viewed by the RD Connection Broker as being at the same load level as a server with the same number of large, resource intensive applications.
Round-robin DNS, as the name suggest, passes the load balancing responsibility onto a DNS server.
Prerequisites for Implementing RD Connection Broker
Before deploying a Remote Desktop server farm there a few key prerequisites that should be taken into consideration. Firstly, the server designated to run the RD Session Broker service must be a member of a domain.
Secondly all RD Session Hosts in a farm must be configured such that they make the same applications available for remote access. Finally, client systems must be running Remote Desktop Connection 5.2 or later to be able to use RD Connection Broker load-balancing.
Installing the Remote Desktop Session Broker
For the purposes of this chapter a configuration consisting of two RD Session Hosts (named winserver-1 and winserver-2 respectively) and one server operating as the RD Connection Broker (named winserver-3) will be used. Note that the RD Connection Broker server must belong to a domain, otherwise it will not be possible to install and the enable the Broker service. To install the RD Connection Broker on a server, open the Computer Management or Server Manager tool and select Roles from the tree in the left hand panel. On the roles screen select Add Roles and select Remote Desktop Services from the list of roles and then Next to continue. On the resulting information screen click Next to proceed to the Role Services screen where the RD Connection Broker option needs to be selected. Click Next and then Install on the final screen. The installation will begin and will likely require a reboot. Once the system has reboot, log in as the same user to complete the final phase of the installation process.
Adding RD Sessions Hosts to the RD Connection Broker
When the RD Connection Broker is installed on a server it creates a new group called Session Broker Computers. Before an RD Session Host server can be added to the remote desktop server farm it must first be added as a member of this group on the RD Connection Broker server system. As mentioned previously, the RD Connection Broker server must be part of a domain. Depending on whether the server is a domain controller or not will govern how the Session Broker Computers group is managed.
If the RD Connection Broker server is not a domain controller, open the Computer Management tool (Start -> All Programs -> Administrative Tools -> Computer Management) and select Local Users and Groups from the System Tools category in the tree in the left hand panel and then selected Groups. From the list of objects right click on Session Broker Computers and choose Properties from the popup menu to display the following properties dialog. This dialog will display any computers that are currently allowed to join the RD Connection Broker service:
Click on Add to open the Select Users, Contacts, Computers or Groups dialog:
As indicated above, only Users and Groups are currently configured for addition. In order to be able to add the RD Session Host computers click on the Object Types... button to invoke the Object Types dialog and select the Computers check box as illustrated in the following figure:
Click OK to close the Object Type dialog and then enter the names of the RD Session Host servers and validate them using the Check Names button. Once all the servers are added as members click on OK in both the Select Users, Contacts, Computers or Groups and Properties dialog boxes.
If the server on which the RD Connection Broker service is running is a domain controller the Session Broker Computers group may be modified using Active Directory Users and Computers (Start -> All Programs -> Administrative Tools -> Active Directory Users and Computers). Once opened, select the required domain from the tree followed by Users. Right click on the Session Directory Computers item in the list and select Properties. Once the properties dialog has been displayed click on the Members tab:
Click on Add to add new members using the same steps outlined above for non-domain controllers.
Joining RD Session Hosts to an RD Connection Broker
<google>WIN28BOX</google> Now that the RD Connection Broker is configured and the RD Session Host servers have been added to the Session Broker Computers group the next step is to configure the RD Session Hosts themselves to join the remote desktop server farm. This is achieved on each RD Session Host system using the Remote Desktop Session Host Configuration tool which may be started from Start -> All Programs -> Administrative Tools -> Remote Desktop Services -> Remote Desktop Session Host Configuration. When the tool has loaded, double click on the Member of farm in RD Connection Broker item listed under RD Connection Broker in the Edit settings box:
Double clicking on this item will open the properties dialog with the RD Connection Broker tab pre-selected as illustrated in the following figure:
As we can see from the above figure, the RD Session is currently not a member of any existing farms. In order to join a farm, click on the Change Settings button to display the following RD Connection Broker Settings dialog:
Within this dialog, select the Farm member option and then enter the name or IP address of the system hosting the RD Connection Broker service. Next the Farm name must be entered. If this is the first host to be joined to a farm this is the point at which the farm will be created. Decide on a name for this farm and enter it into the corresponding field. When the OK button is pressed the farm will be created by the RD Connection Broker. All other RD Session Hosts that are to part of the farm must use the same farm name specified here. If, on the other hand, the farm to which you will to add this host already exists, enter the name of that farm in the field and click OK.
Once the RD Session Host has been made a member of a farm you will returned to the properties dialog where the status information will have updated to indicate the farm to which the host belongs and the corresponding RD Connection Broker for that farm. Within the properties dialog, if the server is relying on the RD Connection Broker to perform load balancing (as opposed to round-robin DNS) select the Participate in Connection Broker Load-Balancing check box and specify a suitable weight value.
Next, choose whether or not to use IP address redirection. When a user disconnects from a session without logging off the session is maintained by the server so that the user can reconnect and resume where they left off. In a server farm it is important that the user be reconnected to the server on which the previous session is still running. By default the client queries the RD Connection Broker and is redirected to their existing session by using the IP address of the server where the existing session resides. In order to use this default method, the client computers must be able to connect directly by IP address to RD Session Host servers in the farm. That being the case, this is the recommended setting. If, on the other hand, IP address redirection is not used, the IP address is instead embedded in a token. Under this configuration, when the client reconnects to the load balancer, the routing token is used to redirect to the existing terminal server on which the existing session is running.
Finally, select the IP addresses to be used for reconnection. Note that Remote Desktop client version 5.2 and older only support IPv4 addresses.
Repeat the above tasks for each server in the farm.
Configuring the RD Session Broker
We have now reached the point where we can begin to configure the RD Connection Broker. The subject of Remote Desktop Services and the features of the RD Connection Broker are vast. Entire books could, and probably will be written on this subject. In this section, we will endeavor to cover the basic information without having force you to read hundreds of pages of information. Configuration of the connection broker service is achieved using the Remote Desktop Connection Manager tool which may be launched by selecting the Start -> All programs -> Administrative Tools -> Remote Desktop Services -> Remote Desktop Connection Manager menu option. If no previous configuration steps have been taken, the tool will display a range of status information, most of which will be indicating that the connection broker has not yet been configured to fulfill its intended roles. This being the case, the screen will probably contain information similar to that illustrated in the following figure:
Of particular interest to us at this point is the fact that the broker has yet to be assigned an RD Web Access server and that it is not yet configured for RemoteApp programs. We’ll begin by configuring an RD Web Access server. For the purposes of this example we will assume that the RD Web Access service has been installed on a system named winserver-2 (for details on how to install and configure RD Web Access refer to Configuring Windows Server 2008 RD Web Access). To configure this server, click on the Add Web Access Server link located in the Actions panel to display the RD Web Access properties dialog:
In order for an RD Web Access server to be able to deliver desktops and RemoteApps via the RD Connection Broker it must first be made a member of the TS Web Access Computers group on the server hosting the broker. To add a server, enter the qualified domain name of the server in the Server name: field and click the Add button. Having added the server, click Apply followed by OK. On returning to the Connection Manager the status of the RD Web Access servers entry in the Status section will have changed to a green check mark followed by the number of servers configured.
The next step is to configure the RD Web Server to use the RD Connection Broker as the source for remote access. To do so, open a web browser and enter the URL for the RD Web Access site (typically https://servername/RDweb), log in as a user with administrative privileges and click on the Configuration tab. On the configuration page, select the An RD Connection Broker server option, enter the fully qualified domain name of the server hosting the RD Connection Broker service and click on OK. The page will subsequently update and return to the RemoteApps screen. If errors are encountered the browser will remain on the configuration screen and report the nature of the problem.
Having configured RD Web Access, the next step is to add some RemoteApp servers. If this has not yet been configured, the Overview section of the connection manager will state that the RD Connection Broker is not configured for RemoteApps. In order to identify the steps necessary to resolve this issue, simply move the mouse pointer over the message and wait for the popup message top appear:
As indicated in the above figure, we can resolve this issue by adding one or more RemoteApp sources to the connection broker. This can be achieved by clicking on the Add RemoteApp Source… link located in the Actions pane to display the following dialog:
In the RemoteApp source name: field enter the fully qualified domain name of a suitable RD Session Host server or the DNS name of a remote desktop farm and click on Add. On returning to the main screen, the status will have changed to RD Connection Broker is configured for RemoteApp programs.
Using a similar approach, other aspects of the RD Connection Broker service role may be viewed and configured using similar processes to those outlined above.