zag Posted May 5, 2010 Posted May 5, 2010 I'm going to do the 2008 R2 update on our domain controllers at some point. I've been playing with hyper-V and virtualized some of our other servers. Is it a good idea to virtualize a domain controller? Any disadvantages?
mrbios Posted May 5, 2010 Posted May 5, 2010 So long as the domain controllers are spread out and not all stored on the same virtual host then it's a good idea, i don't know much about hyper-V as im a VMware fan myself but it there aren't really any draw backs to it I'd probably recommend allocating 2GB of memory to a 2008R2 machine though as a minimum, they run a bit slow on anything lower (though you could just set it up with 2GB assigned then knock it down to 1GB when all it's doing is sitting there serving machines)
danrhodes Posted May 5, 2010 Posted May 5, 2010 (edited) As bios said, as long as your DC's aren't all on the same Box then you should be fine. We have found that virtualising our servers actually has improved performance and we now have next to no downtime. D Edited May 5, 2010 by danrhodes Typo
nicholab Posted May 5, 2010 Posted May 5, 2010 Don't think I could cope with using hyper-v I think that a way to get unemployed. I would run one of the big two either VMware or Zen.
cookie_monster Posted May 5, 2010 Posted May 5, 2010 Don't think I could cope with using hyper-v I think that a way to get unemployed. I would run one of the big two either VMware or Zen. Eh??? Can you explain that as far as I know there's a few Hyper-v users on these forums and I've only really heard good things. I can't comment as we use Xenserver but I'm not sure how using Hyper-v will cause your employment to end.
SYNACK Posted May 5, 2010 Posted May 5, 2010 @nicholab - Hyper-V is fine and quickly catching up to feature parity with the others, if you were fired for providing a functioning solution you probably would not want to work there anyway. There are no issues with virtualizing a DC as long as you remember a couple of things. If you have more than one DC never snapshot it, it is very easy for a simple snapshot rollback to mess up the AD replication and cause problems. Secondly don't have your VM hosts rely on the DCs that they hold as your host boxes will boot before their VMs and so if all your DCs are virtualised on hosts which are joined to the domain it can couse issues.
danrhodes Posted May 5, 2010 Posted May 5, 2010 Don't think I could cope with using hyper-v I think that a way to get unemployed. I would run one of the big two either VMware or Zen. Hyper-V is good for small scale, and yes it does kind of run itself. For anything largerm we use VMWare, I've no real favourite they both do the job. D
DMcCoy Posted May 5, 2010 Posted May 5, 2010 Virtual DCs are fine. 1) Make sure Virtual Hosts and VMs (the DCs anyway) are synchronised to an a authoritative time source. 2) Do not use snapshot features with DCs. 3) Do not AD integrate your virtualisation environment with a domain with only virtual DCs. Taking those into account everything should run smoothly.
mbrunt Posted May 5, 2010 Posted May 5, 2010 VMWare is the current market leader, but Hyper-V isnt very far behind! As for creating a virtual DC, this is a very very good idea, your other VM's can generally authenticate against this virtual DC far quicker than against a real one - this will speed things up. However, as a rule of thumb if I have one DC it should be physical, if i have two DCs one should be physical, one should be virtual. If I have any more than this then it doesn't really matter where I put them providing there is one virtual and one physical. A physical DC should always remain as if your VM intrastructure ever dies at least you have something to revert back to.
chazzy2501 Posted May 5, 2010 Posted May 5, 2010 I feared Hyper V beacuse it relied on MS Clustering for shared storage and MS Clustering has a high Technical requirement and has some excellent "got yas" from what I hear. An incorrectly configed Cluster member can destroy the whole thing! No thanks!
steve Posted May 5, 2010 Posted May 5, 2010 (edited) I feared Hyper V beacuse it relied on MS Clustering for shared storage and MS Clustering has a high Technical requirement and has some excellent "got yas" from what I hear. An incorrectly configed Cluster member can destroy the whole thing! No thanks! If you don't want shared storage, then as you say clustering isn't required. The only real advantage to shared storage is live migration. Over Easter I setup a 5 host clustered hyper-v highly available system. While it wasn't all plain sailing it wasn't that difficult. I would tend to agree VMware is probably the better product but hyper-v is catching up quick and is MUCH cheaper. I did an offline P2V of a DC (2003 R2) which worked just fine and the server is happy churning away as before. Come the summer and all our DCs (2008 R2) will be virtual. Edited May 5, 2010 by steve
tmcd35 Posted May 5, 2010 Posted May 5, 2010 If the hyper-v servers are domain members, which they might need to be to access shared storage for instance, then you *must* have at least 1 seperate physical domain controller. You cannot run the Domain Controller role on the same server as you are running the Hyper-V role (but you can run additional Domain Controllers as Virtual Machines on the hyper-v servers). The reason for this is simple, If you had a poweroutage and had cold start all the servers - the hyper-v hosts would need a DC to authenticate against, if all your DC's are VM's then you have something of a chicken and egg situation. The other to bare in mind is that you really shouldnt P2V a domain controller. Either demote the server to a member server then P2V and repromote back to a DC, or better still build a brand news DC as a VM, migrate any FSMO roles across then demote and obsolete the physical server. P2V'ing a live DC can cause AD descripencys similar to snapshotting or ghost imaging a DC - which is very bad news.
Kipling Posted May 5, 2010 Posted May 5, 2010 I couldn’t be any more impressed with hyper-v, easy to set up and works faultlessly. We run 13 servers including a DC on one hyper-v box and it’s never put a foot wrong (we maintain a lower spec backup server ready to take over the main functions in case the physical server should fail) After a few test installs the DC was the first server we virtualised in anger and we’ve never had a single fault that can be attributed to hyper-v
SYNACK Posted May 5, 2010 Posted May 5, 2010 You cannot run the Domain Controller role on the same server as you are running the Hyper-V role (but you can run additional Domain Controllers as Virtual Machines on the hyper-v servers). Yes you can, its just not recommended and removes some of the redundancy. You could have each of the hosts setup as DCs housing a global catalog, then when they start they can authenticate against themselves till the master virtual DC is up and ready. Again this is not the recommended setup but it does work (if using the Hyper-V role on a server install rather than the Hyper-V server standalone).
tmcd35 Posted May 6, 2010 Posted May 6, 2010 Hi SYNACK, have you actually done this and got it working? I'm sure I tried when I set up my first hyper-v server and I'm pretty sure Windows wouldn't let me install both roles on one server.
SYNACK Posted May 6, 2010 Posted May 6, 2010 Hi SYNACK, have you actually done this and got it working? I'm sure I tried when I set up my first hyper-v server and I'm pretty sure Windows wouldn't let me install both roles on one server. Yeap, done it on Windows Server 2008 x64 on a couple of machines and it works fine.
tmcd35 Posted May 6, 2010 Posted May 6, 2010 Interesting - what about Server08R2? That's the one I'm using. Unfortuantly my current server is live and not in a position to run this sort of test. I wanted to set up my farm that way initially buy I'm pretty sure I ran into problems, and I vaguely recall one of the problems being Windows complaining at what I was trying to do. I now have a seperate physical box for the PDC and 2 virtualised Domain Controllers.
SYNACK Posted May 6, 2010 Posted May 6, 2010 Not sure about R2 as I have not tried this on that platform but unless the DC role restriction was added in R2 it should work, they may have purposfully crippled it though just to spite me
Richie1972 Posted May 8, 2010 Posted May 8, 2010 I'm running our Hyper-V servers on three 2008 R2 clustered servers and they are running fine. The only problems I'm finding with one of the virtual servers (64 bit 2008) running SIMS - it seems a bit slow for users logging on to sims (they seem to take about 30 secs!!!) I'm running a separate 10TB SAN for the hyper-v disks with 2x10GB iSCSI bonded. Hyper-V clients are a mixture of 2008 R2, 2008, 2003 (only needed for crap old apps like Successmaker) servers As clustering requires a domain, I ended up creating one domain purely for the hyper-v cluster network and a second domain for all the rest of the physical and virtual servers. As to people saying that they will only use VMWare - why???? Hyper-V is stable, an industry standard and a hell of a lot cheaper than VMWare - plus Hyper-V V2 live migration works great - only offline for two pings
willv28 Posted May 14, 2010 Posted May 14, 2010 Hyper-V works great, we use it. We have several VMs setup on it. We plan to use a second server for failover clustering. As for the DC issue. You can virtualize a DC. When virtualizing a DC you need to do it offline, we've done it a few times here without any problems.
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now