LinkBack URL
About LinkBacksNo way I would do that, it would produce a massive single fail point for your network.
Much better to have 1 or 2 physical servers as DC's.
I also keep my fileserver physical as it has so much disk IO.
No way I would do that, it would produce a massive single fail point for your network.
Much better to have 1 or 2 physical servers as DC's.
I also keep my fileserver physical as it has so much disk IO.
Where's the single fail point?Originally Posted by zag
First off I wouldn't trust hyper-V with any DC's myself, I've had them go down for no reason or loose network connection, its just another point of failure to add to a DC in my opinion. By running a DC on a virtual host you are just adding to the things that can go wrong.
I think the main concern would be with a failure of the hyper-V holding the Master controller DC, that would mean your couldn't log into the other hyper-v hosts.
Hightower (4th February 2011)
Run at least one dc, even if its a nackered old box. If your vm infrastructure goes down you'll need a dc to recover!.
Hightower (4th February 2011)
I have one physical DC and one on hyper v.
Never had a problem with hyper v one but as pointed out if your whole hyper v setup went down you could find it tricky to get AD back up.
Hightower (4th February 2011)
Well, I want three DC's on the three new servers. Is it even worth virtualising them then, or am I far better leaving them as physical machines with the Server 2k8 OS directly on them?
What about this - would this setup be fine?
New Idea.png
I was under the impression that the way I wanted to do it, if I lost a physical host the VM would failover to another host, thus keeping all three DC's up and running. What happens in this new example if I lose the first DC?
If you had 3 new servers and a SAN, with ~700 users what would be your ideal setup?
in Blue Peter Fashion,
Here's one I did earlier..
i'd keep the 3 vm hosts and just get something cheap to run as a dc, Use as many dc's as you need to load balance logons, but its worthwhile having at least one physical and one virtual in case of distaster recovery. prehaps use the physical dc as a backup server as well.
Hightower (4th February 2011)
That's now what I'm thinking. Physical DC can just be DC/DHCP/DNS etc as well as backup and AV server. Then VM DC's (x2) can be file servers for users but do nothing else (except the jobs of a DC and file server).
How's that sound? Physical DC to have RAID 1 HDD's for OS, and 2 Hyper-V boxes RAID 1 HDD's for Hyper-V OS, but everything else on SAN? Does that sound about right?
M$ article here states: Planning Considerations for Virtualized Domain Controllers
It's all very interesting, but starting to make me VERY uncertain of which route I should head down.You should attempt to avoid creating potential single points of failure when you plan your virtual domain controller deployment. You can avoid introducing potential single points of failure by implementing system redundancy. For example, consider the following recommendations while keeping in mind the potential for increases in the cost of administration:
- Run at least two virtualized domain controllers per domain on different virtualization hosts, which reduces the risk of losing all domain controllers if a single virtualization host fails.
- As recommended for other technologies, diversify the hardware (using different CPUs, motherboards, network adapters, or other hardware) on which the domain controllers are running. Hardware diversification limits the damage that might be caused by a malfunction that is specific to a vendor configuration, a driver, or a single piece or type of hardware.
- If possible, domain controllers should be running on hardware that is located in different regions of the world. This helps to reduce the impact of a disaster or failure that affects a site at which the domain controllers are hosted.
- Maintain physical domain controllers in each of your domains. This mitigates the risk of a virtualization platform malfunction that affects all host systems that use that platform.
EDIT: My bad, didn't even read it properly lol. "Maintain physical domain controllers in each of your domains. This mitigates the risk of a virtualization platform malfunction that affects all host systems that use that platform." Well there we go. M$ advice to have physical too.
Last edited by Hightower; 4th February 2011 at 01:13 PM.
Yes its totally possible, the considerations are, don't image or snapshot a DC VM if you have more than one because it can mess the AD database. If your VM Hosts are domain joind they will have issues if they boot and can't talk to a DC. We got around this by putting a DC/Global catalogue on one of the VM host servers which handles the initial auth.
So you're running a Hyper-V cluster, and all your DC's are virtualised?
its all about playing the odds, likelyhood of distaster x impact of disaster. Having one physical and one virtual dc is good sense, having antivirus on the physical is a waste, it should be on a singular vm for so it cna be recovered easily and moved between servers but it doens't need to be available for disaster recovery. File servers are fine virtual, but maybe have them use dfs to the physical dc so you have a live copy of the data and can change dfs to point to the dc is needed. Then look at things like dns, dhcp, make sure they're in more than one place and that a singular fault/event wont take them out.
There are currently 1 users browsing this thread. (0 members and 1 guests)
Posting Permissions
