Search This Blog

Loading...

Tuesday, May 10, 2011

Why You Should Not Running Domain Controller in a Cluster Hyper V Host?

 

I’m not sure about other people deployment but in my country most of the deployment would like to save cost especially hardware. The customer requirement would probably request to consolidate VMM, Domain Controller or DPM running in Virtual Machine rather than Physical server.

Let me take one of the example which I just experience:

“Running domain controller as a Virtual Machine in a cluster Hyper V Host”

Pic1

Why Not?

You will tend to lose connection to Failover Cluster. Cluster fail to start due to cannot locate AD account for Cluster Hyper V Host. Microsoft Failover Cluster is rely on Active Directory and it is a pre-requisite to setup failover cluster.

I have just experience this scenario whereby my active directory is running on a Virtual machine and located inside the CSV. Everything work well until I restart the server. Guess what happen next?

Managed to login to Hyper V Cluster Host but when I open Failover Cluster mmc snap-in, I saw the error message “Cluster name not found” and all the VM in the CSV fail to start.

If I go to CSV Volume located in C: \ClusterStorage , I cannot see the Volume 1 where the rest of my virtual machine and domain controller is resides. Without Active directory, I cannot start the cluster and all the Virtual machine is gone.

I’ve tried to use command mountvol to mount the volume but still fail.

Lesson learned and it is a hard way. So my advise to everyone reading this blog is “Please put domain controller at least 1 into physical server”.

Pic2

If possible, don’t put into CSV. You can configure to run as standalone on any Cluster Hyper V host but Microsoft did not recommend to run standalone VM on a cluster Hyper V host.

Besides, you also put another risk if the DC VM located in one of Hyper V Host crashed, then you face the same scenario as mine.

Pic3

Now let read further on how i fix this problem.

Resolution

I managed to recover and bring the cluster back due to luck. Why I say lucky is because my shared storage is running Windows Storage Server 2008 R2.

Step 1:- Stop all the iSCSI Target services

Step 2:- Use computer management to attach vhd of the LUN.

Step 3:- Copy the domain controller VM to another Hyper V host and recreate the VM configuration file.

Step 4:- Boot up and reconfigure the DC VM Ip address.

Step 5: Start the Cluster name and cluster resources.

Lucky right! Now just wonder if other type of shared storage solve this problem. Probably present the LUN to another storage but so far I have tried to present the LUN to another server but it detected as “Non formatted disk” and asking to format before use this disk.

Next scenario, how about put each DC VM into each cluster Hyper V hosts? This mean 2 domain controller VM and it is located in each Hyper V Cluster.

When server boot up, the DC VM is not boot up and Cluster Hyper V Host will try to contact the domain controller. You will end up as what happen in my above scenario.

Pic4

Therefore, the best options is to separate Domain controller VM from Cluster Hyper V Host or run in physical server. That’s my advise.

Cheers,

Virtual Lai

8 comments:

  1. Hi,

    Yes agreed with u.. setup 1 DC separate from the cluster..

    Additional info based on my experience..
    After initial setup of Virtual Network, if let say we plug in new network cards & test the failover, it's fail. Tried configure virtual network from Hyper-v Manager, failed. Finally configured using Failover Cluster Settings, able to perform live migration without any issues.

    Btw, what is the recommended size for Cluster Quorum? how does we calculate? the bigger the CSV storage, the bigger the Cluster Quorum?

    ReplyDelete
  2. Hi,
    Recommended size for Cluster Quorum is 512MB. But normally i assigned 1GB. The quorum cluster will not grow much. So 1GB is sufficient unless you tend to create million of cluster. :)

    ReplyDelete
  3. Hi Lai,

    Thanks for ur prompt reply.

    Previous deployment, I configured 10GB for 3TB CSV. Wasted 9GB ready :) Will follow ur advise in future deployment.

    Thanks again.

    ReplyDelete
  4. Hi,

    Let say if I wanna configure Failover Cluster (CSV), host machine 01 in local LAN & host machine 02 in DMZ, will it work?

    If im not mistaken, it wont failover right? Correct me if im wrong, I need to put both machine in local LAN, can configure DMZ for virtual machine port,tats possible right?

    Thank u in advance

    ReplyDelete
  5. Hi,

    Option 1- not recommend as you need to open ports. Security issue.

    Option 2:- Yes.

    More question, please feel free to join MVUG and we got expert to help answer the question.
    http://www.facebook.com/editgroup.php?gid=216237734803#!/home.php?sk=group_216237734803&ap=1

    ReplyDelete
  6. Hi,

    I have a 2 hyper-v host clustering with VM inside, 1 DC is an other LUN and dedicated to only 1 host, and no problem with that, but when i install DC into first Hyper-V host its destroy the cluster, but i suppous is because when you run dc promo the first is moved to dc OU and the other remain in other member OU, in lees seconds the cluster fail. the question is: if i convert the other second hyper-v server into DC, can i normalize the situation ? or the DC rol needed to install at first before hyper-v rol and of course the cluster ?....thanks

    ReplyDelete
  7. Hi,
    Setting up DC into Hyper-V host is not supported. Just leave Hyper-V host as the hypervisor without sharing any other roles.

    If you install into VM, then you can configure as stand-alone (not part of the cluster) into each hyper-v host. But the best is, DC on another machine.

    ReplyDelete
  8. side-note: Windows Server 2012 failover cluster doesn't need a DC to start itself up, so Hyper-V / failover 2012 users can virtualize their DC's. If it's a very good idea to have all your DC's in the same cluster is of course a topic of discussion.

    ReplyDelete