Ah, I see what you are doing. Just make sure you don't set this server to be your primary authentication server or DNS server in any systems where you have to set primary and secondary LDAP or DNS (external systems, firewall/VPN, DHCP server, web filter, etc). Because if that server goes down (and it's more likely it could as it's not highly available) then you will encounter problems. For this same reason, you shouldn't make the physical DC that is your "safety net" in a virtualised environment your primary LDAP/DNS either.
Don't think so, as far as I am aware you can run a standalone VM separate from the cluster on the cluster node. Just run up your VM, use local storage, but don't make it highly available and it operates as a standalone VM. In the event of problems you can startup your standalone DC then bring up your cluster. At least that is what I have read about what other people have done but can't claim personal experience of doing it.