Exchange VSS Writers
Topic Last Modified: 2006-11-29
Exchange 2007 introduced two in-the-box replication configurations where a second copy of a database is maintained to enable full redundancy in clustered deployments as well as for fast recovery from data failures <Add:link to generic CCR/LCR documentation> . The second database copy maintained by the Replication Service provides a valuable opportunity for Exchange backups to be extended to take advantage of the extra resources available at the second copy location as well as a longer backup window due to not competing on the same resources against the actual client activity during normal work hours. In order to take advantage of the replica copy, Exchange 2007 introduced a new VSS Writer that enables VSS backups from the replica location.
Store writer and Replication Writer
Of the two Writers Exchange Server 2007 provides, one is build into the Exchange store, and is referred to as the Store Writer; the second one is built into the Replication Service, and is referred to as the Replication Writer. Store Writer is available on any mailbox server and is responsible for backup/restore of active databases. Replication Writer is available on the passive node of CCR cluster as well as on any mailbox server that has at least one storage group configured with LCR. Replication Writer supports backup functionality for a selected storage group where the shadow copy is taken against the replicated instance of the database and transaction log files. Backups taken by the Replication Writer can be restored to the active database location by using the Store Writer.
Exchange Writers coordinate with the Exchange services (operating on behalf of the requestor) to prepare the storage group files for backups and freeze the IO activity due to Exchange transactions before backing it up, and then to unfreeze and truncate log files after the backup is complete.
During a restore, the backup/restore application instructs the Exchange Store Writer to coordinate with the Exchange store (operating on behalf of the requestor) to verify the restore targets, rename the database file if necessary, and then replay the transaction logs (as needed). Store Writer supports both backups and restores, while the Replication Writer supports only backups.
When restoring, the Requestor also communicates with the VSS to prepare the system for the restore, and then to put the data back onto the mass storage device. The backup/restore application is also responsible for working with Windows Server 2003 to read data from and write data to the backup storage media, whether a tape archive, a storage area network, or other backup medium.
Backup and restore applications must specify a number of Exchange Server 2007-specific parameters to correctly control and manage operations run by the VSS against Exchange Server 2007 storage groups and databases. For example, because Exchange Server 2007 storage groups include multiple databases, transaction log files and a checkpoint file, successfully backing up an Exchange Server 2007 storage group requires correctly specifying and processing those components (that is each database, transaction log file, and checkpoint file).
Configuration Settings Overview
Additionally, the Microsoft Exchange Server 2007 Writer for the Windows Server 2003 Volume Shadow Copy Service uses a variety of special settings and values that must be properly set and preserved during backup and restore operations. Without careful control over these settings, the backup application is likely to experience unexpected and potentially confusing errors.
The following interfaces in the VSS are required to get the Exchange Writer metadata document that is needed for the requesting backup/restore application to be able to perform the backup.
| VSS Interface | Description |
|---|---|
IVssWMComponent |
Allows access to component information stored in the Exchange Writer. |
IVssExamineWriterMetadata |
Allows the requesting backup/restore application to examine the metadata of the Exchange Writer. The Exchange Writer metadata document contains Exchange Server 2007-specific values and parameters that the requesting backup/restore application requires so that it can correctly specify the appropriate components for backup. |
IVssComponent |
Contains methods for examining and modifying information about components contained in a requestor's Backup Components Document. Objects can only be obtained for those components that have been explicitly added to this document by the IVssBackupComponents::AddComponent method. |
IVssBackupComponents |
Used by the requesting backup/restore application to poll the Exchange writer about file status and to run backup/restore operations. IVssBackupComponents::SetBackupState defines the overall configuration for the backup operation, either Full, Copy, Incremental, or Differential. IVssBackupComponents::AddRestoreSubcomponents defines the subcomponents with an Exchange Server 2007 storage group that can be selected for a restore operation. |
Within the Windows Server 2003 file system, an Exchange Server 2007 database is stored as a single database file with an extension *.edb. The Exchange Writers exposes the *.edb as the "database" component, while transaction logs (*.log) and checkpoint files (*.chk) are combined into a single component, referred to as the "log" component.
Interactions Between the Writers, VSS, and VSS Reqestors
The high-level interaction between the VSS, the Exchange Writer, and Exchange Server 2007 during backup operations is as follows:
- The backup program (or agent) runs a scheduled job.
- The VSS requestor in the backup/restore application sends a command to the VSS to take a shadow copy of the selected Exchange Server 2007 storage groups.
- The VSS communicates with the Exchange writer to prepare for a snapshot backup. Exchange Server 2007 prohibits administrative actions against the storage group, checks volume dependencies, and suspends all write operations to selected instance of the database and transaction log files while allowing read-only access.
- The VSS communicates with the appropriate storage provider to create a shadow copy of the storage volume that contains the Exchange Server 2007 storage group.
- The VSS releases Exchange Server 2007 to resume ordinary operations.
- The VSS requestor verifies the physical consistency of the backup set prior to signaling the backup was successful. Exchange Server 2007 truncates the transaction logs (if LCR/CCR is enabled, log truncation takes place in both locations) and records the time of the last backup for the database.
Accessing the Exchange Server 2007 Writers
Exchange 2007 Writers share the same Writer Name “Microsoft Exchange Writer” and Writer ID “76fe1ac4-15f7-4bcd-987e-8e1acb462fb7” and can be distinguished by a new parameter that is introduced to VSS framework in Windows 2003 SP1, the Writer Instance Name. In Exchange 2007, the instance name of the legacy Store Writer is “Exchange Information Store” and the instance name of the new Replication Writer is “Exchange Replication Service”.
Store Writer will be available on any Exchange Mailbox Server to provide the functionality to backup from and restore to the active copy of the database. Replication Writer will be available on the passive nodes of a CCR cluster and on the non-clustered Mailbox servers if there is at least one storage group with LCR configured. Since replication is not supported on SCC, there will not be a Replication Writer available on neither the active nor the passive nodes of an SCC cluster.
Exchange 2003 enabled multiple storage groups to be selected as part of a single VSS backup job, but restricted such backups to be taken in a serial fashion. For example, in Exchange 2003 a backup application cannot start the backup of a second storage group while the backup on the first storage group is still in progress. Exchange 2007 removes this restriction to the point allowable by VSS framework. VSS serializes Requestors interaction with application Writers starting with OnPrepareForBackup() and ending with OnPostSnapshot(). Majority of the shadow copy backup operation is spent after the OnPostSnapshot() where the consistency of the shadow copy is verified prior to completion of the backups. Both Exchange Writers support parallel backups between OnPostSnapshot() and OnBackupComplete().
Concurrent backups of the same storage group are not allowed in Exchange 2007. There can be only one single backup job running against a given storage group irrespective of whether the backups are done with Legacy APIs, Store Writer or the Replication Writer. This is achieved by Exchange store putting the storage group in a “backup-in-progress” state, this in-memory state gets cleared either at the completion of the backup process or when the service is restarted. In case of the LCR/CCR configurations, Replication Writer communicates with the active database owned by the store process to verify that there is no active backup going against the selected storage group, and then set the “backup-in-progress” state for the databases in the selected storage group. Restarting services that host Exchange Writers, complete OS reboots as well as cluster failovers will result in loosing the in-memory “backup-in-progress” state together with its associated data, which in turn will cause the backup job to fail.
Backup initiated transaction log file truncation will be triggered based on the type of backup chosen. In non-replicated configurations Store Writer will truncate the transaction log files at the completion of successful Full or Incremental backups. In replicated configurations, log truncation will be delayed by the Replication service until all necessary log files are replayed into the replica copy. Replication service will delete the backed up log files both from the active and the copy log file paths after it verifies that the to-be-deleted log files have successfully been applied to the copy database and both active and the copy database check point has passed the log files in question.