Hyper-V Failover.. is DC replication still required for one location office?
-
As the topic said... if we only have one location, do I still need multiple Domain Controller replications?
We used to have 2x 2008 R2 servers act as domain controllers. They are set up to replicate each other (except DHCP). Now that we upgrade to 2012 R2 with Hyper-V failover cluster... do we still need multiple Domain Controller like before? We could potentially have 4 nodes capable of moving DC around (all hypervisor are licensed). -
@LAH3385 Only reason I can think would be if something happened to that DC VM itself.
-
In the virtualized modern world, there is really no reason for a SMB to have two DC's because of fast restore capabilities of virtualization.
-
@brianlittlejohn said:
@LAH3385 Only reason I can think would be if something happened to that DC VM itself.
But wouldn't that also be replicate to the other DCs as well? Unless you mean BSOD. As for BSOD, I think checkpoints would be best to correct it. Any suggestion in scenario for BSOD?
-
If you only go with one DC, i would restore from backups rather than creating checkpoints, I've seen too many issues leaving checkpoints around.
-
@LAH3385 said:
(all hypervisor are licensed).
What does this mean? Hyper-V is free, so there is no license.
-
@JaredBusch said:
In the virtualized modern world, there is really no reason for a SMB to have two DC's because of fast restore capabilities of virtualization.
When does virtualization become an issue due to single point of failure hardware wise in your opinion or are you accounting for server clustering?
-
@brianlittlejohn
Such as? I would create a checkpoint before I leave for the day, and remove checkpoints over 2 weeks old. Bad practice? -
@LAH3385 said:
@brianlittlejohn
Such as? I would create a checkpoint before I leave for the day, and remove checkpoints over 2 weeks old. Bad practice?Bad practice? I have no idea - but that is definitely not a backup. It gives you a quick point to snap back to, but if you have a storage failure, they are gone as well.
-
@LAH3385 I've seen removing a 2 week old checkpoint corrupt my disk within the VM... I had to go back and restore everything that had changed in that two week period.
-
@Dashrender said:
@LAH3385 said:
(all hypervisor are licensed).
What does this mean? Hyper-V is free, so there is no license.
I'm assuming he means he has the windows licenses necessary for every node in his cluster.
-
@brianlittlejohn said:
@Dashrender said:
@LAH3385 said:
(all hypervisor are licensed).
What does this mean? Hyper-V is free, so there is no license.
I'm assuming he means he has the windows licenses necessary for every node in his cluster.
YES! that is what I meant to mean.... I mean... I meant... whatever.. English....¯\(ツ)/¯
-
@LAH3385 said:
@brianlittlejohn said:
@Dashrender said:
@LAH3385 said:
(all hypervisor are licensed).
What does this mean? Hyper-V is free, so there is no license.
I'm assuming he means he has the windows licenses necessary for every node in his cluster.
YES! that is what I meant to mean.... I mean... I meant... whatever.. English....¯\(ツ)/¯
That's good, but it's really not relevant to the conversation. As Scott would say, it's a red herring.
-
Do you need more than one DC? Do you need more than one DC when you're doing Hyper-V failover?
How many users? How many VM hosts in your cluster? Do you have a spare Windows Server license?
If you're going to the point of using Hyper-V failover because you need either such awesome up-time or instant recover-ability, then I would ask how important is it that your AD services be available? if AD is down and a machine can't log in (let's assume no cached logon) is this a problem? If AD services are down, what else is down? Typically, one runs DNS servers on AD servers, assuming you only have the one DNS server, and you're doing the right thing and only have the single IP listed in DNS on all of your clients - now no one can surf the web - is that ok?
-
@LAH3385 said:
We could potentially have 4 nodes capable of moving DC around (all hypervisor are licensed).
That's not a good way to handle DCs. With 2012 R2 you are supposed to be able to do this, but it's still not the ideal way to handle it. DCs should not be failing over. Either have multiple DCs if you really can't be without AD for twenty minutes, or just go to one as Jared said.
-
@Dashrender said:
Do you need more than one DC? Do you need more than one DC when you're doing Hyper-V failover?
How many users? How many VM hosts in your cluster? Do you have a spare Windows Server license?
If you're going to the point of using Hyper-V failover because you need either such awesome up-time or instant recover-ability, then I would ask how important is it that your AD services be available? if AD is down and a machine can't log in (let's assume no cached logon) is this a problem? If AD services are down, what else is down? Typically, one runs DNS servers on AD servers, assuming you only have the one DNS server, and you're doing the right thing and only have the single IP listed in DNS on all of your clients - now no one can surf the web - is that ok?
I think you are still looking at this wrong.
If the business is looking at clustering and failover and have no idea what to do about a DC, then they are looking at the wrong things to begin with.
The business needs to go back to square one and properly define the needs.
-
Well.. I was leaning that way, just not as direct as you were about it.
