what are the best practices to do before virtualizing a physical DC ?
-
I would recommend spinning up a new, fresh VM, and then promoting it to be a Domain Controller. In the article you linked, they say to always have at least one physical Domain Controller, but I am not sure that is necessary any more.
-
I also wouldn't use pass through disks on it either.
-
I agree with @dafyre, If you only have one DC today, why would you have more than that with a virtual environment? And there's no reason not to virtualize it.
Definitely spin up a new DC, 2012 R2 if possible. I think starting with 2012 you could roll back DCs with snapshots without blowing up your environment. Before that you'd be introducing an old DC back into the mix and that could really damage your AD.
-
@Dashrender said:
I agree with @dafyre, If you only have one DC today, why would you have more than that with a virtual environment? And there's no reason not to virtualize it.
Definitely spin up a new DC, 2012 R2 if possible.
^ That, for sure.
I would still err on the side of caution and not plan on using snapshots for the DCs --especially if you have more than one.
-
There are only two reasons to P2V a DC.
- You have another workload on the box like file shares or something.
- See 1.
Even if you have no more licensing, spin up a new VM running Server 2008 R2, activate with your existing key, join it to the domain and then promote it to be a DC. Take the FSMO roles and then demote the old one and remove it.
-
-
@IT-ADMIN said:
i read this article : http://www.serverwatch.com/server-tutorials/virtualizing-active-directory-domain-controllers-general-best-practices.html
I stopped writing for that publication because they had no technical integrity and were publishing total garbage. I would not trust that as a technical source necessarily. They have many good writers, but many very bad ones too. Some outright trying to hurt people.
The starting warning flag is that they mention VMware as having been around for a long time and MS not so long (it was a full decade at the time of the article!!) in virtualization and completely ignores Xen and KVM as if they did not exist. This is someone with agenda, not someone writing a technical article.
-
They inject some random opinion that AD makes IT run smoothly and that it can't run without it. Tons of companies run smoothly without AD.
-
The article is so poorly written that it actually conflicts with itself. I feel like the author was a non-technical person doing an intro and then copy pasta for the body from someone who doesn't know virtualization or understand it.
Many of the guidelines are correct or are correct given assumptions that might be wrong. Two our downright crazy - never keep a physical DC (seriously, never, and this conflicts with the intro where he states the same) and don't use pass through disks or raw disks.
Things like don't let it be imaged are just general data base rules that apply to any database. AD uses a database, so database rules apply.
-
@scottalanmiller said:
The article is so poorly written that it actually conflicts with itself. I feel like the author was a non-technical person doing an intro and then copy pasta for the body from someone who doesn't know virtualization or understand it.
Many of the guidelines are correct or are correct given assumptions that might be wrong. Two our downright crazy - never keep a physical DC (seriously, never, and this conflicts with the intro where he states the same) and don't use pass through disks or raw disks.
Things like don't let it be imaged are just general data base rules that apply to any database. AD uses a database, so database rules apply.
Why not use raw disks?
-
@johnhooks said:
Why not use raw disks?
- No benefits to it. It's based off of one of those weird "SMBisms" that don't exist in the enterprise space where people are bizarrely trying to tweak one odd mechanism for performance that doesn't matter at all while overlooking all of the important stuff.
- It bypasses the encapsulation of the virtualization process taking away features for no reason.
-
@scottalanmiller said:
@johnhooks said:
Why not use raw disks?
- No benefits to it. It's based off of one of those weird "SMBisms" that don't exist in the enterprise space where people are bizarrely trying to tweak one odd mechanism for performance that doesn't matter at all while overlooking all of the important stuff.
- It bypasses the encapsulation of the virtualization process taking away features for no reason.
I don't really use them, I use LVMs anyway. Just curious. So qcow2 is what you recommend for an actual file?
-
For what platform?
-
@scottalanmiller said:
For what platform?
Ah I didn't read the article. Is raw on hyper-v different from raw on KVM or xen?
-
Same idea, bypassing the encapsulation of the file system to write directly to a block device not provided by the HV.
-
@scottalanmiller said:
Same idea, bypassing the encapsulation of the file system to write directly to a block device not provided by the HV.
Ok. So is LVM use a bad idea then?
-
I would not use it, we used to do that a decade ago when we had to do extreme tuning because the technology was very nascent. Today, only in extreme cases would I be willing to consider that.
-
Which formats do you recommend?
-
Generaly qcow2 for KVM.
-
@JaredBusch said:
There are only two reasons to P2V a DC.
- You have another workload on the box like file shares or something.
- See 1.
Even if you have no more licensing, spin up a new VM running Server 2008 R2, activate with your existing key, join it to the domain and then promote it to be a DC. Take the FSMO roles and then demote the old one and remove it.
i think i have that reason to P2V my DC, because this physical server actually play 3 roles :
- Domain conroller
- File Server
- SQL Server
so i think i have a reason to P2V it ??