Hyper-V Failover Clustering & Domains

Notice: Page may contain affiliate links for which we may earn a small commission through services like Amazon Affiliates or Skimlinks.

Dajinn

Active Member
Jun 2, 2015
512
78
28
33
As far as I know the nodes in the cluster need to be joined to a domain for you to be able to manage and even enable clustering.

My question is, if you have X amount of nodes that you want to put in a cluster and don't have a domain controller, what is a relatively easy way to accomplish this?

My goal, regardless of the hypervisor I plan to ultimately stick with, was to make at least one of my VMs the domain controller. So should I just work on one node, install the AD role, configure the domain, and then join the hypervisor host + the other nodes to that virtual DC and then I can manage failover clustering?

Just wondering how other folks have done this.
 

cesmith9999

Well-Known Member
Mar 26, 2013
1,417
468
83
The first thing to do is on one of the standalone nodes. Install the HyperV Role and add a virtual DC.

Then add the nodes to the domain and create your cluster, then create a 2nd DC (if planned) on a different node.

Do not add the AD role to your physical Hyper-V nodes. You will cause all writes on that node to be in write through mode for AD.

The other thing you can do is buy a J1900 motherboard as a cheap DC.

Chris
 

PnoT

Active Member
Mar 1, 2015
650
162
43
Texas
As Cesmith9999 mentioned you want a physical DC at some point and sooner rather than later. If your hosts go down for whatever reason you'll have a tough time to bring up the cluster to get your DC VMs online.

The time drift on a VM DC can also cause you issues if the PDC role is held there yet again another reason to go physical. You can opt to run a raspberry pi with samba4 for your active directory.

A trick that I have used in the past is to clone one of your DCs and have it sit on the local storage of a Hyper-V host so if both hosts go down you can turn the DC on long enough to get your cluster up and click "start" on your virtual DC then immediately "stop" the one locally. Its not pretty but it works 100% of the time in a pinch.
 

DavidRa

Infrastructure Architect
Aug 3, 2015
329
152
43
Central Coast of NSW
www.pdconsec.net
Actually, with 2012 and later (and the right domain configuration) you don't even need an online DC to bring up your cluster. It does make it a little easier, but it's not critical like it used to be.

Just build your two DCs on standalone HV servers (I'd make it the last two nodes you intend to add to the cluster). Once you have your cluster sorted, and shared storage (SMB? iSCSI/FC/SAS CSV?) properly configured and tested, do a live migration to a cluster node with Hyper-V manager, use Failover Cluster Manager to convert the standalone VM to a clustered VM, and bring the next node into the cluster. Repeat with the second DC/final host.

Configure your DCs to High priority, other production to Medium, and unimportant things to Low priority. Then, use PowerShell to configure Anti Affinity Class Names on the two resource groups for the DCs (each VM is a Resource group) so that the cluster prefers to run the two DCs on separate nodes.

Note - if you find it easier, you could probably also use VM replication to get the DC into the cluster, with the added advantage that you can rollback a little easier if needed. That requires you set up the Replication Broker in the cluster, which is probably not a bad thing to have for DR anyway.