Windows Server 2008 R2 Thread, Virtualizing Domain controllers in Technical; I'm going to do the 2008 R2 update on our domain controllers at some point.
I've been playing with hyper-V ...
5th May 2010, 11:14 AM #1
Virtualizing Domain controllers
I'm going to do the 2008 R2 update on our domain controllers at some point.
I've been playing with hyper-V and virtualized some of our other servers.
Is it a good idea to virtualize a domain controller? Any disadvantages?
5th May 2010, 11:23 AM #2
So long as the domain controllers are spread out and not all stored on the same virtual host then it's a good idea, i don't know much about hyper-V as im a VMware fan myself but it there aren't really any draw backs to it
I'd probably recommend allocating 2GB of memory to a 2008R2 machine though as a minimum, they run a bit slow on anything lower (though you could just set it up with 2GB assigned then knock it down to 1GB when all it's doing is sitting there serving machines)
5th May 2010, 11:26 AM #3
As bios said, as long as your DC's aren't all on the same Box then you should be fine. We have found that virtualising our servers actually has improved performance and we now have next to no downtime.
Last edited by danrhodes; 5th May 2010 at 11:39 AM.
5th May 2010, 11:29 AM #4
Don't think I could cope with using hyper-v I think that a way to get unemployed. I would run one of the big two either VMware or Zen.
5th May 2010, 11:36 AM #5
Eh??? Can you explain that as far as I know there's a few Hyper-v users on these forums and I've only really heard good things. I can't comment as we use Xenserver but I'm not sure how using Hyper-v will cause your employment to end.
Originally Posted by nicholab
5th May 2010, 11:38 AM #6
@nicholab - Hyper-V is fine and quickly catching up to feature parity with the others, if you were fired for providing a functioning solution you probably would not want to work there anyway.
There are no issues with virtualizing a DC as long as you remember a couple of things. If you have more than one DC never snapshot it, it is very easy for a simple snapshot rollback to mess up the AD replication and cause problems. Secondly don't have your VM hosts rely on the DCs that they hold as your host boxes will boot before their VMs and so if all your DCs are virtualised on hosts which are joined to the domain it can couse issues.
5th May 2010, 11:41 AM #7
Hyper-V is good for small scale, and yes it does kind of run itself. For anything largerm we use VMWare, I've no real favourite they both do the job.
Originally Posted by nicholab
5th May 2010, 11:53 AM #8
Virtual DCs are fine.
1) Make sure Virtual Hosts and VMs (the DCs anyway) are synchronised to an a authoritative time source.
2) Do not use snapshot features with DCs.
3) Do not AD integrate your virtualisation environment with a domain with only virtual DCs.
Taking those into account everything should run smoothly.
5th May 2010, 11:57 AM #9
- Rep Power
VMWare is the current market leader, but Hyper-V isnt very far behind! As for creating a virtual DC, this is a very very good idea, your other VM's can generally authenticate against this virtual DC far quicker than against a real one - this will speed things up.
However, as a rule of thumb if I have one DC it should be physical, if i have two DCs one should be physical, one should be virtual. If I have any more than this then it doesn't really matter where I put them providing there is one virtual and one physical. A physical DC should always remain as if your VM intrastructure ever dies at least you have something to revert back to.
5th May 2010, 04:03 PM #10
I feared Hyper V beacuse it relied on MS Clustering for shared storage and MS Clustering has a high Technical requirement and has some excellent "got yas" from what I hear. An incorrectly configed Cluster member can destroy the whole thing! No thanks!
5th May 2010, 10:03 PM #11
If you don't want shared storage, then as you say clustering isn't required. The only real advantage to shared storage is live migration.
Originally Posted by chazzy2501
Over Easter I setup a 5 host clustered hyper-v highly available system. While it wasn't all plain sailing it wasn't that difficult. I would tend to agree VMware is probably the better product but hyper-v is catching up quick and is MUCH cheaper.
I did an offline P2V of a DC (2003 R2) which worked just fine and the server is happy churning away as before. Come the summer and all our DCs (2008 R2) will be virtual.
Last edited by steve; 5th May 2010 at 10:11 PM.
5th May 2010, 10:28 PM #12
If the hyper-v servers are domain members, which they might need to be to access shared storage for instance, then you *must* have at least 1 seperate physical domain controller. You cannot run the Domain Controller role on the same server as you are running the Hyper-V role (but you can run additional Domain Controllers as Virtual Machines on the hyper-v servers). The reason for this is simple, If you had a poweroutage and had cold start all the servers - the hyper-v hosts would need a DC to authenticate against, if all your DC's are VM's then you have something of a chicken and egg situation.
The other to bare in mind is that you really shouldnt P2V a domain controller. Either demote the server to a member server then P2V and repromote back to a DC, or better still build a brand news DC as a VM, migrate any FSMO roles across then demote and obsolete the physical server. P2V'ing a live DC can cause AD descripencys similar to snapshotting or ghost imaging a DC - which is very bad news.
5th May 2010, 10:48 PM #13
- Rep Power
I couldn’t be any more impressed with hyper-v, easy to set up and works faultlessly.
We run 13 servers including a DC on one hyper-v box and it’s never put a foot wrong (we maintain a lower spec backup server ready to take over the main functions in case the physical server should fail)
After a few test installs the DC was the first server we virtualised in anger and we’ve never had a single fault that can be attributed to hyper-v
5th May 2010, 11:03 PM #14
Yes you can, its just not recommended and removes some of the redundancy. You could have each of the hosts setup as DCs housing a global catalog, then when they start they can authenticate against themselves till the master virtual DC is up and ready.
Originally Posted by tmcd35
Again this is not the recommended setup but it does work (if using the Hyper-V role on a server install rather than the Hyper-V server standalone).
6th May 2010, 04:28 AM #15
Hi SYNACK, have you actually done this and got it working? I'm sure I tried when I set up my first hyper-v server and I'm pretty sure Windows wouldn't let me install both roles on one server.
By dgrams in forum How do you do....it?
Last Post: 31st January 2010, 04:42 PM
By Gibbo in forum Windows
Last Post: 4th August 2008, 12:52 PM
Last Post: 6th July 2008, 02:03 AM
By brahma in forum Windows
Last Post: 23rd June 2008, 11:23 AM
By FN-GM in forum Wireless Networks
Last Post: 15th July 2007, 11:01 PM
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)
Tags for this Thread