[Updated May’09: Windows Storage Server 2008 now available to MSDN/TechNet subscribers. Checkout Jose Barreto's Blog for details.]
Familiar with Virtual Server 2005 and shared disks for creating virtual clusters? Well its different with Hyper-V. The shared disk option is no longer available (which I did not know when I started testing). You have to use iSCSI instead. Here is a step by step method for creating a fail-over cluster within Hyper-V. Its a cheap way of setting up a test lab (assuming you don’t have access to Windows Storage server). In this post I use StarWind to simulate iSCSI storage … its not an endorsement of the product, I just picked it from amongst the crowd.
Windows Server 2008 fail-over clusters support Serial Attached SCSI (SAS), iSCSI and Fibre Channel disks as storage options. So, how would you go about setting up a virtual Windows Server 2008 test cluster using the new Hyper-V vitalisation product? The method I am about to outline is a little different to what you might be used to Virtual Server 2005. The following steps detail how I managed to setup a test cluster using simulated iSCSI storage. Before beginning it’s worth reviewing this article that outlines the storage options that are available to Hyper-V. By the end of this post you should have a simple two node cluster up and running using simulated iSCSI storage.
Tools for the job:
I wont go into how to create a VM but you can find more info from Virtual Guys weblog.
Before I began looking into the iSCSI simulated storage option for my cluster nodes I tried to expose a single VHD to each of my cluster nodes in the hopes that they would share it. I didn’t get very far and was presented with the following error when powering on the VMs:
This error is by design (thanks Justin Zarb for point this out) as Windows Server 2008 Hyper-V does not support this sort of storage (see link above for Hyper-V storage options). The above error is simply a file system error as the VHD “is being used by another process” … should have spotted that
Note: I’m assuming that you know how to install Windows Server 2003 and 2008. I’m also assuming that you know how to install and configure a Window Server 2008 Domain Controller. If you have any questions leave me a comment and I will see if I can point you in the right direction.
Create the network with a connection type of “Internal Only”. I enabled Virtual LAN identification and set the default ID to 2 as this will be my public LAN. Setting the default to 2 means that if I dont specify a VLAN on subsequent NICs they will be classified as public connections.
VLAN ids:
Tip: Be sure to rename each network card on the hosts to make identification easier. If its the public NIC, call it public etc.
Network settings:
Public NIC: VLAN 2
Heartbeat NIC: VLAN 3
iSCSI NIC: VLAN 4
Note: On all NICs in VLAN 3/4 be sure to disable the Client for Microsoft Networks, disable DNS registration and disable NetBIOS. Be sure to check your binding order too. The public NIC should be first.
Note: On all NICs in VLAN 3/4 be sure to disable the Client for Microsoft Networks, disable DNS registration and disable NetBIOS. Be sure to check your binding order too.
Note: On all NICs in VLAN 3/4 be sure to disable the Client for Microsoft Networks, disable DNS registration and disable NetBIOS. Be sure to check your binding order too. Make sure you format and assign drive letters to the SCSI VHDs on this VM.
Update 17/10/2008: I've also found that using the Image Files option works quite well too. Image files will allow you to pack more than one VM onto a disk partition. Check out http://www.starwindsoftware.com/images/content/StarWind_MSCluster2008.pdf for more info.
Note: Check out the how to the same with Windows Storage Server 2003 R2. http://www.microsoft.com/windowsserversystem/wss2003/productinformation/overview/default.mspx
Update May 09: Windows Storage Server 2008 has now RTM’d and is available online through MSDN and TechNet. http://www.microsoft.com/windowsserver2008/en/us/WSS08.aspx
Configuring the iSCSI target software (Starwind)
Each cluster node now needs to be connected to the iSCSI target. Launch the built in iSCSI initiator and follow the steps below:
When completed (and hosts connected) you should see something like this on the iSCSI target VM.
The new fail-over cluster wizard is quite straight forward and much easier to follow when compared with Windows Server 2003. There isn't much point in going into too much detail … you’ll find plenty of info on the web.
Here is a step by step guide to installing a two node file cluster in Windows Server 2008.
I recently gave an overview of NAP at a Windows Server 2008 event. For the purposes of the event I focused and demo’d DHCP enforcement. From some customers DHCP enforcement was not enough. What about 802.1x enforcement ? Our pals on the NAP team have already blogged this (quite sometime back) as an introduction to what the real world options are. Check it out : NAP 802.1x enforcement. I’d also point you in the direction of the Step by Step lab guide.
For a real world view of NAP in action with Cisco switches check out Michael Kleefs blog here. When I asked about real world implementations Michael's demos where recommended.
While on the topic of NAP…. I was also asked about how much traffic does it generate. Yet again Michael Kleef had the answers.
Update: No sooner had I posted this (7 minutes after to be exact) Jeff Sigman (NAP guru) commented that he setup a rack with 10+ switches. Check out his posting http://blogs.technet.com/nap/archive/2008/04/15/video-nap-world-tour-rsa-2008-san-francisco.aspx. How is that for fast information update! :)
In my post yesterday I spoke about virtualisation candidates (amongst other things) and how we now know what loads and systems are viable. Have a look at the Microsoft Assessment and Planning (MAP) tool. Its the tool for identifying candidates. There is also a nice video demo from Baldwin Ng, showing the tool in action. The tool will remotely gather information regarding your enterprise without installing agents. The MAP tool then generates a candidacy report(s) that can be used to justify the investment including the hardware requirements for your virtualisation environment.
Note: The RTM version of MAP v3.0 only includes Virtual Server 2005. You will need MAP v3.1 Beta for Hyper-V. Check out this posting for details on joining the beta. It is still worth running the MAP v3.0 against your environments as virtualisation candidates should be the same regardless.
I blogged recently on “How to create a Windows Server 2008 Cluster within Hyper-V using simulated iSCSI storage”. This is enough to get you familiar with how clusters work in Windows Server 2008. The next logical step is to understand the high availability options available for VMs running in your Hyper-V environment. The good news is that Hyper-V is cluster aware allowing you to use the Quick Migration functionality. Check out the Step-by-Step Guide for Testing Hyper-V and Fail over Clustering. It explains the requirements and takes you, as the name implies, step-by-step through the process.
Check out the posting on the Windows Virtualization Team blog here for more details.
As usual its a one way upgrade process. Once you go forward there is no coming back! :)
Hyper-V RC0 to RC1 Upgrade Considerations *Saved-state files are not supported between RC0 and RC1 releases of Hyper-V. All virtual machine saved states should be discarded before upgrading to RC1, or prior to resuming virtual machines after upgrading to Hyper-V RC1.
*Online snapshots contain virtual machine save-states and thus online snapshots taken with Hyper-V RC0 are not supported after updating to Hyper-V to RC1. Either apply any online snapshots and shut down the VM or discard the virtual machine save state associated with the snapshot before or after the update to Hyper-V RC1.
*System Center Virtual Machine Manager 2008 Beta does not support Hyper-V RC1.
*New Integration Components (ICs) must be installed for your supported guest operating systems. Integration Components are specific to the build of Hyper-V. RC1 Integration Components for all supported Windows Operating Systems are provided using the ‘Action’ -> ‘Insert Integration Services Setup Disk’ action.
RC1 Integration Components for all supported Windows Operating Systems are now part of the IC Setup Disk. This now includes Windows Server 2008! Simply install the Hyper-V RC1 Integration Components for Windows Server 2008 the same way you do all other Windows ICs (‘Action’ -> ‘Insert Integration Services Setup Disk’). Note You need to close the found new hardware wizard before setup will begin on all Windows Operating Systems.
Improvements Over Hyper-V RC0 In addition to bug fixes and stability improvements we also made some additional changes largely based on feedback from customers, I might have missed a few I’ll add to this list if so… *Integration Components For Windows Server 2008 guest’s included in Integration Services Setup Disk *New Graphics for Hyper-V Manager and Virtual Machine Connection – including a “Now” icon in the snapshot pane *IPv4 Address Migration - when creating a new Virtual Network bound to an adapter with a static IPv4 address the IPv4 settings are migrated to the new virtual adapter
I'm just about to update my own Hyper-V installation so fingers crossed.
I’ve had a lot of interest in Hyper-V from customers and quite a few questions too. One of the most common being, “Who is using it in a production environment?”. Up until now I didn't have an answer. … but now I do.
Microsoft are now running the MSDN and TechNet sites on Hyper-V. So, putting that in context, that’s over 4 million hits a day (1 million for TechNet and 3 million for MSDN). This implementation also puts in context what sort of work loads Hyper-V can support. Granted there was a performance overhead for running in a virtual environment when compared with the loads the physical boxes could handle but that’s part of parcel of virtualisation.
More info can be found on Virtualization.info or indeed on our Virtualisation blog here.
Since Vista RTM’d people have complained to me about UAC (User Account Control) and how often they get warnings and popup’s. They just never seemed to get the point of it. I leave it on for all my Vista machines, even the VMs and even during demos to customers. Why? Easy. It protects my system from drive by style installations or modifications to my Vista machines. Its never really proven to be a hindrance to me, even during demos.
A colleague of mine tipped me off to the following articles.
PCWorld
Reading them was quite interesting. Tests showed that with UAC on, root kits couldn’t install themselves on Vista without alerting the user. No silently slipping onto the OS. However, its the comments at the end of each article that really intrigue me. Some people think Microsoft use UAC as a way of avoiding responsibility. Others, and rightly so in my mind, point out that the best you can do is warn/alert a user that something is attempting to modify their system … but if they don’t take the time to even read what’s on screen malware will always find its way onto a system. Software will always have its flaws.
UAC isn’t just about stopping malware … its about protecting users from themselves. It would appear that you can lead a horse to water but you cant’ stop it clicking continue, ok, yes I’m sure, no problem and diving right in.
Here is a great post from James O'Neill.
http://blogs.technet.com/jamesone/archive/2008/03/13/expensive-hypervisors-a-bad-idea-even-if-you-can-afford-them.asp
As Microsoft get ready with Hyper-V, VMware are beginingg their marketing blitz in an attempt to justify their pricing. As James points out in his post you can manipulate figures to come to any conclusion you want ... even if its way off base. Microsofts Hyper-V will cost a fraction, per socket, when compared to VMWare. While the VMWare products are slightly more mature Hyper-V is only a small part of the Virtualisation offering from Microsoft. Windows Server 2008 really brings Mircosoft virtual offerings to the forefront as an end-to-end solution. Check out http://www.microsoft.com/virtualization/default.mspx for more details.
I was recently asked how to modify the rdp permissions on a large number of Windows 2000 SP4 servers running in Remote Admin mode. Well, normally Id make use of WMI and make the changes using Win32_TSPermissionsSetting class. Unfortunatly this class is not available in Windows 2000.
To get around this issue in Windows 2000 try the following:
The question of how to handle virtual Domain Controllers has been around for quite some time. The answer really depends on what product you have decided to use as your virtualisation platform: Microsoft or VMWare. Regardless of the product you have choosen, you will still have to make the same decision when it comes to Domain Controllers: How will I handle Time Synchronisation? Before I go into the details there is one thing that both companies agree on. Do not let your VMs use more than one method for Time Sync as this could lead to numerous time changes ... and you most definitely do not want this happening on Domain Controllers.
Right, so how do the two approaches differ? Well, keeping in mind that both agree you should only use one method for time sync here are the two approaches:
Microsoft do not recommend sync'ing with the physical host whereas VMWare recommend that you do. So, from a supportability stance, which option do you choose? No surprise, but I would recommend starting with the Microsoft approach regardless of whether you are using ESX or not. Why? Well, from a support perspective following the VMWare approach means that you have to stop time sync from working as it should in a normal Active Directory Domain. In short, you make your Active Directory more or less unsupportable. If you run into problems and try and open a support case, you are putting yourself at a distinct disadvantage.
References:
Considerations when hosting Active Directory domain controller in virtual hosting environments
Support policy for Microsoft software running in non-Microsoft hardware virtualization software
VMware Time Sync and Windows Time Service
Ive been asked this a number of times this past month.... How do I get the date into a filename in a batch file?
Most people try using the %date% variable. Which will not work as you cannot have /'s in the filename.
So, try this:
for /f "tokens=1-4 delims=/ " %%i in ("%date%") do set datestring=%%i%%j%%k
You can now use %datestring%.txt as the filename
Note: The delim character changes depending on your locale. Eg. deliims=. for Germany. You may want to change the filename to %%k%%j%%i to get multiple logs sorted in order within Windows Explorer sorted by YearMonthDate
I was asked how to modify an INI from a script. Its quite straight forward. Firstly have a read of the Scripting Guy article here. It explains the process quite well actually. However, I wanted to go a step further and setup arguments to make the script re-useable. So here is the modified script:
'Usage: modini.vbs <full path to ini>, Parameter to change, New Value 'Example: modini.vbs c:\folder\my.ini, Script, change Const ForReading = 1 Const ForWriting = 2 strINIFile = WScript.Arguments.Item(0) strParam = WScript.Arguments.Item(1) strValue = WScript.Arguments.Item(2) If WScript.Arguments.Count <> 3 Then WScript.Quit Set objFSO = CreateObject("Scripting.FileSystemObject") Set objTextFile = objFSO.OpenTextFile(strINIFile, ForReading) Do Until objTextFile.AtEndOfStream strNextLine = objTextFile.Readline intLineFinder = InStr(strNextLine, strParam) If intLineFinder <> 0 Then strNextLine = strParam & "=" & strValue End If strNewFile = strNewFile & strNextLine & vbCrLf Loop objTextFile.Close Set objTextFile = objFSO.OpenTextFile(strINIFile, ForWriting) objTextFile.WriteLine strNewFile objTextFile.Close
'Usage: modini.vbs <full path to ini>, Parameter to change, New Value 'Example: modini.vbs c:\folder\my.ini, Script, change
Const ForReading = 1 Const ForWriting = 2
strINIFile = WScript.Arguments.Item(0) strParam = WScript.Arguments.Item(1) strValue = WScript.Arguments.Item(2)
If WScript.Arguments.Count <> 3 Then WScript.Quit
Set objFSO = CreateObject("Scripting.FileSystemObject") Set objTextFile = objFSO.OpenTextFile(strINIFile, ForReading)
Do Until objTextFile.AtEndOfStream strNextLine = objTextFile.Readline
intLineFinder = InStr(strNextLine, strParam) If intLineFinder <> 0 Then strNextLine = strParam & "=" & strValue End If
strNewFile = strNewFile & strNextLine & vbCrLf Loop
objTextFile.Close
Set objTextFile = objFSO.OpenTextFile(strINIFile, ForWriting)
objTextFile.WriteLine strNewFile objTextFile.Close
Here is a sample batch file calling the VBS script:
cscript //nologo modini.vbs "c:\my.ini" "Blog" "sometimes"
And thats it! Short and sweet.
We are running a Deep Dive event in Ireland for Premier customers later this month. Premier Field Engineers from Ireland and the UK (including David and I) will present the event.
- A Deep Dive into Windows Server 2008 –May 22nd /23rd Dublin
Overview Get a get a technical deep dive into Windows Server 2008 from Microsoft Premier Field Engineering (PFE). This 2 Day Level 300 event will provide a unique opportunity exclusively to Microsoft Premier Support Customers to understand and learn the new features in Windows Server 2008. The event, delivered by few of the top Active Directory and Windows Experts at Microsoft, is packed with a deep-level of technical content, and in-depth demos of new features in Windows Server 2008
This Microsoft Tech-Event aims to deliver pure technical content to help IT Pros make decisions about how to best plan, deploy, and upgrade to a Windows Server 2008 Infrastructure.
Sessions over the 2 days Include;
· Server Core· Hyper-V· Networking Features · NAP & Enforcement· Windows Server 2008 Deployment Services· Active Directory Real World Scenarios· Active Directory Read-Only Domain Controllers in Your Enterprise· Windows Server 2008 Failover Clustering
How to Register
You can register directly by clicking here. Alternatively you can contact you Technical Account Manager.
There are plenty of docs and blogs out there digging deep into Hyper-V. However, a few customers have asked a simple question: “What do I need to think about before I start testing Hyper-V?"
These are all very high level points so I will flesh them out over time. Any questions, feel free to comment.