Cluster 2012r2

Course Transcript
Microsoft Windows Server 2012 R2 -

Advanced Infrastructure: Clustering and NLB
Failover clustering
1. Windows Server 2012 R2 Failover Clustering
2. Planning Failover Clustering for Windows Server 2012 R2
3. Deploying Failover Clustering on Windows Server 2012 R2
4. Clustering Aware Updates in Windows Server 2012 R2
5. Windows Server 2012 R2 Multisite Failover Clusters
Network Load Balancing

1. Planning NLB on Windows Server 2012 R2
2. Implementing NLB on Windows Server 2012 R2
3. Windows Server 2012 R2 High Availability

Windows Server 2012 R2 Failover Clustering
Learning Objective
After completing this topic, you should be able to
◾ identify components and advantages of a failover cluster
1. Meet your instructor

Microsoft Windows Server 2012 R2 - Advanced Infrastructure: Clustering and NLB
[Welcome to Microsoft Windows Server 2012 R2 - Advanced Infrastructure: Clustering and

NLB.]
Hello, my name is Jason Yates and I am an Microsoft Certified Trainer, or MCT, and Microsoft
Certified Solutions Expert, or MCSE. In this course, we are going to be learning about planning
for disaster. Of course, disasters, well, they happen and with virtualization, we have a lot of our
eggs in one basket. So we want to, of course, be sure that we align our business needs with
the expense of providing disaster recovery and protection.
So in particular, we are going to talk about failover clustering, we will talk about multisite
failover clustering, and we will talk about Network Load Balancing, or NLB. With these
features, a manager can help ensure that outages that occur don't actually affect the day-to-
day business operations.
[The goal of this course is to plan and implement failover clustering and Network Load
Balancing.]
2. Failover clustering introduction

Let's talk about failover clustering. Now failover clustering is a group of independent servers
that function as a single entity. The idea here is that clients can access an application by the
group name without having to refer to the individual nodes, kind of, like the three musketeers,
all for one and one for all. Now one of the key benefits here of a cluster is that you have high
availability. So if a client is using and accessing an application in one of those nodes and for
some reason that node fails, its motherboard goes down, networking is partitioned, you know,
some sort of disaster, well, then that role can failover to another node and then that additional
node can respond on behalf of that group.
So this allows you to create a highly available application that can respond to client request,
and even if you have a failure of some sort or you have planned maintenance or you still have
nodes available that can respond to clients. Now some of the other benefits to failover
clustering is it is highly scalable, so you can add additional nodes to your cluster and ultimately
this means a reduced total cost of ownership, or TCO. Now initially when you consider a
cluster you might find it cost prohibitive because there is additional hardware complexity
around the configuration, shared storage, additional networking concerns. And yet over time
when we need to provide high availability, failover clustering can reduce that total cost of
ownership and ensuring that that application or service stays accessible to our clients.
[In failover clustering, a group of servers access multiple databases through a single router.]
So let's talk now about some of the components that make up a cluster. Now of course, we
have the nodes; and a node is a member of the cluster and you can have up to 64 of these
nodes in a Windows Server 2012 R2 cluster. And each one of these nodes has some
important responsibilities. It has a clustering service, it needs access to the resource and
resource information, it needs to be accessible by clients, and it needs to be aware of what is
happening in all the other nodes. So awareness is key. How do you facilitate that awareness
among individual node? Well in order to do that, you have a lot of other important components
that play...play a role in the clustering topology. For instance, network communication is
important.
Often times we will have a dedicated network for a heartbeat communication or cluster
communications. This way each node knows when another node is added or a node is
removed. We also have resources. Now the resources are really what we are offering to our
clients and it might actually be a collection or a group of resources. This could be a SQL
Database, it could be a file server, print server, or Hyper-V host. And so each one of the nodes
needs to be able to offer this resource on the network or offer this resource to clients. So that
means each one of these nodes needs to have access to shared storage where those
resources live. And so shared storage is another important component when we talk about
clustering. Finally we have the services and applications themselves and really these are the
resources. And what we might refer to them as services and applications from the client
perspective; but on the cluster, it is a collection of resources, which we might call a cluster
group.
Then we have got the client access to this service and application. What that might mean is
supporting configuration like, for instance, Active Directory or maybe DNS so that those clients
can discover this cluster and be able to make request of that service; so that one of the nodes
can respond based, of course, on the service or application the client is looking for.
Now to better understand what each node in a cluster does, consider this as a checklist. First
of all each node needs full connectivity and communication with all of the other nodes. It needs
to be aware of the state of those other nodes, so when another node joins or leaves or fails, so
that it can take the appropriate action. It needs to be able to maintain network connectivity and
ideally have alternate paths to resources and for client access. So that might require that you
enable multipath I/O and include a meshed network so that you have those alternate paths.
You also need to make sure each node can connect to shared storage whatever form that
might take, whether it is iSCSI or a shared bus or fibre channel; you need to have shared
storage access. And then finally the application needs to be cluster aware.
Now there are some ways to take an application that is not cluster aware and make it work in
failover clustering provided that it supports some of the clustering calls or it can be made to
support those clustering calls. What does that mean is that the cluster service has to be able to
determine if the application is alive or not, if it is hung or not, if it is able to move between
different states. And so gathering that state information, gathering that health information from
the service itself is important intelligence that a cluster node needs, and so that is what makes
a cluster-aware application work on a failover cluster. When failover clustering identifies a
troubling service, well then it can respond by restarting this service or by moving that service to
another node. So these are some of the things to consider regarding each node in your cluster.
Not every application works well in a failover cluster, for instance, those stateless applications
like web sites or access servers like VPN servers. Other applications that already have built-in
replication mechanisms are also usually not well suited for clustering. Take for instance, Active
Directory. If you want to provide high availability for Active Directory, you wouldn't put it in a
cluster, you would simply deploy another domain controller. Those applications that are well
suited for clustering are applications that have a need for shared configuration and shared
storage, for example, a database. SQL is a great example of an application that you can
cluster. Other workloads that you can cluster include Hyper-V. Of course, clustering your
virtualization hosts is a must if you want to protect the virtual machines running on those hosts.
But in failover clustering, we can also protect file servers and print servers, Exchange servers.
And if you have an application that is not natively aware of clustering, it might be available to
be made aware depending on what resource types it supports.
3. Failover clustering new features

Failover clustering isn't new with server 2012 or 2012 R2, and yet it has a lot of new features
and enhancement that makes failover clustering in 2012 almost like a new product. What are
some of these new features? Well first of all we have shared .vhdx files. This is really cool for
those folks who are doing multitenancy; those folks who have cloud computing supporting
multiple clients and are providing cloud services because shared .vhdx files allow those
tenants to create guest clusters without having to access directly the storage infrastructure
within your organization.
We also have a virtual machine drain on shutdown. What this provides is a more graceful way
in which to manage your virtual machines when you have a planned maintenance and you
need to take a note down. Virtual machine network health detection is very useful in providing
a way for virtual machines to be automatically live migrated if networking problems exist. Then
you can deploy failover cluster without Active Directory dependency. And there are some
enhancements around quorum. We have dynamic witness, which allows for a dynamic voting
block depending on the number of nodes and there is also a tie breaking feature that goes
along with it. And then you can have force quorum resiliency, which is built-in for greater
recoverability in the case if a failover cluster gets partitioned.
We also have improvements with Global Update Manager. What that simply means is that the
database performs better in multisite type of configurations. You can also control performance
by turning off Internet Protocol Security, or IPSec, encryption for internode communications.
And lastly, some of the other big improvements are just around the management. The ability to
have a deeper view and a better view of what is happening in your cluster through Failover
Cluster Manager and System Center Virtual Machine Manager, or SCVMM, so just
improvements in terms of the UI.
Now we don't get very far in our failover clustering conversation without stopping to talk about
Cluster Shared Volumes, or CSVs; that is because Cluster Shared Volumes are really
important. Now if you are familiar with CSVs, you know that a CSV is highly useful for Hyper-V
host and that allows us to create a shared storage option for our virtual machine files. Now in
2012, CSVs were expanded to also support file servers. This basically means you can create a
Scale-Out File Server to provide a well performing shared folder for applications like SQL and
Hyper-V. Now in 2012 R2, we have some significant improvements to our CSVs and many of
these relate to performance. For example, you can now increase the amount of RAM that you
allocate to your CSV cache. In 2012, you could allocate up to 20% of your system memory. In
2012 R2, it is the opposite; you can allocate 80% of your system memory to CSV cache.
Now interoperability is another noteworthy achievement here. CSVs now support the new
Re...or Resilient File System, or ReFS. There is also a support for storage space scenarios
and there is also support for data deduplication for Virtual Desktop Infrastructure, or VDI,
scenarios.
Planning Failover Clustering for Windows
Server 2012 R2
Learning Objective
◾ identify the requirements for failover clustering with Windows Server 2012 R2
1. Server workload planning

Now before you create your first cluster and walk through the clustering wizard, you need to go
to the white board and design your cluster; and that is done by asking yourself some key
questions. Questions like what are the characteristics of this workload and does this workload
require redundancy? Do you have concerns about compatibility? What about scalability? How
will you provide a scalable offering? What about the acceptable performance levels? Have you
analyzed the workload to determine what well performing looks like and what about
virtualization? Can this workload be virtualized and included in a Hyper-V host cluster? Now
asking questions like these are important to determine if clustering is actually the right solution
for you because it may not be.
There are some things clustering doesn't do very well. For instance, clustering in itself doesn't
improve performance. Performance gains are best found in hardware upgrades and clustering
doesn't guarantee redundancy. Just because you have a cluster, you don't suddenly magically
have additional redundancy in your storage area network, or SAN, or in your network. You
would have to accommodate and plan for that as well. Clustering doesn't save space, it doesn't
reduce administration, it is not a substitute for backup, and it usually doesn't improve
scalability. For instance, if you add an additional node to a SQL cluster, that doesn't scale out
your reads. That is because SQL runs in what is called an active/passive configuration, or that
active node is accessing that instance of SQL while the other nodes are available for failover.
Now there is an exception to this. You can create active/active clusters such as the case with
scale-out file servers. But generally speaking clustering doesn't improve scalability. Finally,
clustering may not improve total 100% uptime. It will improve uptime, but there are still cases
where an application fails over and that failover might be disruptive. It depends on the
application. Often times it can failover and nobody even notices. But in some cases,
connections may still be lost so you have to account for that as well.
When planning your cluster here are some guidelines to consider. Identify the specific
requirements around each workload. So if you are using failover clustering, one of the things
you need to identify is how many nodes you are going to need. Two node clusters are common
but you may want to stretch your cluster to accommodate planned failovers. Now planned
failover is when an administrator intentionally fails over a rule, for example, during
maintenance. Now if you only have two nodes when you perform that maintenance, for a while
that application is running with a single node and doesn't have that kind of protection. So with
additional nodes you have depth of protection for planned failover scenarios. And remember
with 2012 R2, you can have up to 64 nodes in a cluster and 8000 virtual machines in a
Hyper-V host cluster.
Second consideration here, you need to identify the hardware needs and that means looking
for any single point of failure in your network or in your storage and make sure that you
address your redundancy concerns. And that could mean addressing redundant power
sources, redundant locations, redundant switches and networking systems. Looking for
redundancy everywhere is an important part of a highly available solution. The third guideline
is plan for growth and plan for change. You want to design a solution that has a little bit of
elbow room and it can react to demands from the business. You also want one, of course, that
can perform well and is acceptable. Many of Microsoft's applications like SharePoint and
Exchange, well, they can help because they have sizing tools that can help you estimate the
capacity and performance requirements. Those applications and services that don't, well it will
be important for you to analyze those workloads on the standalone machine before you put
them into a cluster. Now another determination you need to make is how will you provide that
high availability for the application or service. If the application or service can run in a virtual
machine, then you can provide high availability at the virtual machine level with clustered
hosts. But you can also provide high availability at the service level if they are running in the
standalone or maybe you want to actually create a cluster within the cluster that is you provide
clustering at the VM level and at the service level by creating guest clusters. This gives
protection to both the application and to the virtual machine itself.
2. Failover cluster hardware planning

Now when you go to select hardware for your failover cluster, one of the things to look for is
that certified for Windows Server 2012 logo, and that is because Microsoft says they will not
support a cluster unless it has certified hardware and it has passed the validation test. Now
Microsoft used to also make a big deal about the different nodes having identical hardware, but
that is no longer requirement. It is still a good practice to have nodes that have very similar
processing architectures, have the same service pack and update levels, but it is not
absolutely required except however network configuration and your storage controllers. And
that is because you need the same network configuration on all the nodes for cluster
communications and you need to have the same type of storage controllers because one of
the requirements for a cluster is shared storage.
Now each server in your cluster will be examined through the validation test. So the hardware
that you install will be checked by that validation test and it will be graded if you will as to
whether or not it meets the minimum requirements or whether or not it meets best practices;
and you will get a report that indicates if there is a problem or not. For instance, you can build
a cluster on a single networking interface but that is not recommended to have all the
communications for a cluster occur over an interface. So you would get a warning in the
validation test saying you really should have additional adapters so that you can have
dedicated adapters for the different types of traffic.
The final comment I want to make is even if the hardware is certified, it needs to be sufficiently
specked to support the actual workload, to support the actual service or application. It of
course, would be abysmal if you have certified hardware but it is underperforming.
So let's talk about network adapter requirements in a failover cluster. Now like the other pieces
of hardware they need to pass that validation test, they need to also be certified for Windows
Server. But there are some other things I want to bring to your attention and that is the adapter
configurations themselves really need to be identical; that is you are using the same IP
protocol, you are not mixing v4 and v6. You have the same kind of configuration in terms of
bandwidth speeds and duplexing jumbo frames. In fact I would recommend having the same
identical networking adapters across the different nodes. And that will just make it much more
compatible when you are configuring communications between those networking interfaces.
For those folks who are in the small business sphere, I encourage you to invest in server class
networking cards and those in that enterprise class, consider network interface card, or NIC,
Teaming when it comes to combining 10g cards together to accommodate the performance in
different types of traffic. Ultimately you need to think about what kind of traffic is occurring over
those interfaces and whether or not you need to dedicate additional interfaces and there is
sufficient bandwidth available. With that in mind, also be thinking about single point of failure.
What happens if that adapter goes down? What happens if that switch goes down? Do you
have multiple paths and are those paths available enough to support a failure of that kind? The
last thing I want to mention is you need to have a consistent IP addressing mode across the
adapters; either go all static or go all Dynamic Host Configuration Protocol, or DHCP, and don't
mix the two. So those are some guidelines around configuring your networking interfaces for a
failover cluster.
3. Planning storage for failover clusters

What are the storage options for a failover cluster? Well you have got a lot. You have Single
Attachment Station, or SAS, for instance, that is your lowest cost option, but it is going to be
less flexible because it is really designed for localized connections. But then we have iSCSI. It
is a cost efficient alternative allowing you to move SCSI commands over an IP network. And
what is nice about it is you can use your existing networking infrastructure, don't need any
specialized adapter and it works easily with Windows Server 2012. Of course, the downside is
the fact that it has an impact on your network communications so you often need to isolate
iSCSI traffic from the other types of cluster traffic. Then we have got fibre channel. Now fibre-
based SANs are historically the better performing one, although that position of high
performance is being challenged today because of many improvements done in network-
based storage solutions like iSCSI.
Now with fibre channel, you have a requirement that is dedicated hardware and it usually runs
in the proprietary solution platform. Now another storage option besides these here is using a
shared folder as your storage location and this is ideally suited for Hyper-V clusters. So you
can set up an server message block, or SMB, 3.0 file share and this works especially well if
you have networking cards that support SMB Direct. Additionally, it is a good idea to use
Cluster Shared Volumes, or CSV, wherever possible; and that is because CSVs create
active/active clusters for your Hyper-V servers and for those scale-out file servers.
Now when you go to configure your disks in a cluster, there are couple of requirements you
want to be aware of. First of all, you want to use basic disks and not dynamic disks. And you
have a choice between the Windows NT File System, or NTFS, file system or the new
Resilient File System, or ReFS, and you have a choice between an master boot record, or
MBR, disk type or globally unique identifier (GUID) partition table (PT), or GPT, disk type. Now
GPT disk clone, they have greater resiliency and larger disk support, so I would consider
those.
Now the other thing you need to do is you need to have storage that supports persistent
reservations and other storage commands that come from the Shared Profile Components, or
SPC-3 standard. And when you run your validation test, double check for this. I actually bought
storage a while back that was not certified and yet it was advertised as having persistent
reservation support. When I tried to add it to a cluster, well it didn't pass the validation test and
so I sent it back. So that is something to be aware of. Now you should also keep your storage
separate from other clusters and dedicate a storage location to a cluster. So you don't have
one cluster accessing a storage location, and that means implementing something like zoning
or logical unit number, or LUN masking. Finally, it is going to be important to implement a
multipath solution to avoid a single point of failure in your storage array. Losing storage means
losing your entire cluster. Hardware vendors will provide device-specific modules, but Windows
also has built-in multipath support if you need it.
Now you have heard me talk about CSVs and you might be familiar with them already. But I
want to stop and talk about what exactly is a cluster shared volume. Now to understand what a
CSV is it helps to understand what traditional access to shared storage looks like for failover
cluster. See with the failover cluster each node has access to a LUN. So in the case of a
Hyper-V virtual machine, each one has its own set of logical units or storage. And that is
important so that when you failover a virtual machine or migrate a virtual machine, it can
migrate independent of the other virtual machines. But the problem with that is that means the
number of LUNs will increase based on the number of virtual machines that I have and it
transforms my cluster into a very complex storage environment.
Now in 2012, we have Cluster Shared Volumes that have been completely overhauled from
what we had in 2008 R2. But both versions provide a solution to reduce the number of LUNs
that we found with Hyper-V host. That is now instead of having a dedicated LUN to each virtual
machine, the nodes that are part of a Hyper-V solution that are clusterable they can share a
single LUN. And this creates really, kind of, an active/active configuration because each node
can simultaneously access that storage location.
Now the benefits are numerous. For example, now we have got a simplified disk management.
We have fewer LUNs. Many of the tools have been updated to support CSVs as well like
CHKDSK can run against the CSV without hanging up on somebody. And you then...you have
got faster failover for your virtual machines. Now in 2012, we have additional improvements to
CSV so that it has been extended to support not just Hyper-V host but also the Scale-Out File
Server. That means CSVs are used to create file-based storage for applications not just block-
based storage. And lastly, I want to mention in 2012 R2, we have a lot of performance
improvements. So Cluster Shared Volumes are important assets if we are going to be
clustering Hyper-V host or we need to provide a Scale-Out File Server.
[In a single NTFS volume, multiple servers can concurrently access a single database.]
4. Cluster quorum planning

Now here is a diagram describing the two CSV scenarios that we have been talking about.
Hyper-V host and the scale-out file servers. Now the way CSV works is it implements a mini
file system driver that orchestrates the concurrent access to the storage location by multiple
nodes. Now the CSV itself is accessible through the system drive in each one of the nodes and
this is usually found on the C drive, C colon back slash cluster storage (C:\clusterstorage)
followed by the actual volume name.
Now one of the nodes in each of these clusters is called the coordinator node. The other nodes
are called data servers in CSV talk, not real important except it is useful to know that certain
metadata operations like creating the file, closing the file, checking permissions, well those are
all redirected to your coordinator node. Other operations like your read and writes, well those
can be set directly. So in other words, your cluster nodes, which act as the data servers - they
can set their read and writes directly to the disk. Now for some practical comments I
recommend using GPT disks so you have growth potential with your CSVs. And when you
build highly available virtual machines, you will need to store them in that SQL and cluster
storage location rather than the default location on each host. As for the scale-out file servers,
don't use this configuration for user shares and that has a lot to do with the way those specific
metadata operations are redirected.
So a user share might have a lot of small tiny files and so there is a lot of permission checking,
a lot of files being opened and closed and so that is a lot of redirection. So what you will end
up experiencing is really bad performance if you use a Scale-Out File Server for like your
ordinary user access shares. That means well what are they used for? Well Scale-Out File
Server is ideally suited for creating shared folders for applications like SQL or for Hyper-V, not
for end users.
[In a single NTFS volume, multiple servers can concurrently access a single database.]
Now another important configuration design that you have to look into is quorum. The quorum
is all about forming a consensus to determine the availability of a cluster and the functioning of
individual cluster nodes. A quorum comes from a legislative term and it refers to a majority. So
if you have got multiple nodes, each one of them is considered a voter and so we can identify if
the cluster has a majority of members online and the cluster can continue to provide services.
Now the nodes themselves are only one voter. You have other nodes that can vote as well, a
file share or shared disk. And as long as the nodes can see those locations, can see that
shared folder, or see that shared disk, well then that can just be considered a vote. Now the
reason why quorum is so important is it helps determine if an individual node should continue
to remain online and provide services.
What happens if you have some sort of partitioned communications where the nodes aren't
able to actually see each other and aren't able to communicate to each other, but they are still
able to access shared storage. Well you wouldn't want the nodes to continue to access shared
storage if they can't see the other nodes because that could create some inconsistency. This is
known as split-brain.
[There are eight servers and two folders. Out of the eight servers, six are having green check
marks and two are having red cross marks. The two folders are having green check marks.]
Here is an example of why quorum is necessary and what split-brain is. Split-brain is another
name for a partitioned cluster. The idea here is you have multiple nodes in your cluster
accessing a shared storage location, maybe they are accessing a database, for instance, and
then there is a break in the communication among the nodes and sort of networking failure.
Now the nodes can still see the shared storage but they can no longer communicate to each
other, they are suddenly less aware. Now our concern at this point is having the cluster
rearrange itself so that you have now two active nodes on both sides of the partition, both
trying to perform operations against the database and that creates, of course, inconsistency
and conflict and may be even corruption. So to avoid this problem we need to create a
quorum. So in this case, we have got an even number of nodes and so having an additional
way to determine whether or not a certain portion of the cluster should continue to run online is
going to be important.
So what we might have is we might configure a fifth voter like a shared disk or file share. So if
the partitioning occurs and there is a networking problem, then two of those nodes will no
longer see that file share and they will know that they are in the minority and they will stop
responding the client request allowing for those nodes that are still in quorum or still in the
majority to continue service the clients. And thus we avoid the conflict that might occur with
split-brain.
[There are two images: Split-brain and Quorum. The split-brain image includes four servers
accessing a single database. The quorum image includes four servers and a database. The
four servers are accessing the single database, but are divided by a red dotted partition line
dividing them into groups of two servers on each side of the partition line accessing the single
database.]
Here is a look at the different quorum configurations that you can define. First of all, you have
what is called Node Majority. With Node Majority you have no additional voters. It is just based
on the node count. And this is useful if you have an odd number of nodes. Then if you have an
even number of nodes, especially nodes that extend across multiple sites, configuring of file
shares, an additional voter can help break the tie. Then we have Node and Disk Majority. With
Node and Disk Majority we have a disk voter. And with the disk voter we have multiple nodes
often and even number of nodes that can also see this witness disk. Now if they can see this
witness disk, then they know that they can continue to run and offer clustering services. And
then we have a Disk Only and this is a less used option where we don't have the nodes
actually participating these voters, instead we are simply relying on our disk witness.
[There are four servers connected to a single database.]
Now you need to plan your quorum configuration carefully. And how you do that depends a lot
on the actual configuration and what your needs are. For instance, you need to consider the
different capacity requirements for your application. What happens when a node fails, two
nodes fail, three nodes fail? Do you still have sufficient resources among the surviving nodes
to support the application? You might want the cluster to fail if the minimum number of set of
nodes are not available.
You also need to plan for what quorum modes you are going to need to use and this should be
easily determined among the different nodes. So here are some guidelines. Consider what the
vendor requires or is recommending for specific application or service that you are clustering. It
is also important to determine are you using...are you configuring quorum for a multisite cluster
or for a single site. Don't use a shared disk for multisite clusters, instead use Node Majority or
file share majority. And ideally, with file share majority you have a separate site for your file
shares.
Now you can also remove a node's vote and this can also be useful in certain multisite
configurations. For example, let's say you have got a backup site. And there are some nodes
out there in that backup site and you don't want them to be determining what quorum is. So
you can remove their vote. It is also useful to use a disk witness and Microsoft recommends
that most of your clusters be using even number of nodes. Now another important plan in
consideration are the potential failure scenarios. So consider what happens when you
experience a failure and what kind of failover you want to occur. That is going to affect quorum
whether you are going to do an automatic failover or you are going to want more control and
you want to perform manual failover. You should also know that you can actually force start a
failed cluster even without quorum. So let's say, for instance, you have some sort of
catastrophic disaster. The first thing you want to do is you want to make sure or try to establish
quorum. But if there are times when you can't reach quorum and you need that cluster back up
and running, well you can't force start your cluster and that can be very useful in those
catastrophic situations.
[There are four servers, one folder, and one database image. The four servers are having
green check marks and the folder is having a red cross below it.]
5. Planning for applications

To cluster or not to cluster that is the question. Which applications are well suited for clustering
and which ones are not? Well a lot depends on the app. A lot depends on whether or not it is a
stateful application or stateless application or whether or not it has its own built-in high
availability. So let's look at a couple of examples. First of all, web-based services. Well those
are often better suited for Network Load Balancing, or NLB, rather than failover clustering.
What about directory services in Active Directory? Well those have its own built-in high
availability through redundant instances and domain controllers as a sophisticated replication
engine and so there is no need to cluster those. Same could be said about DNS. As for
Exchange Server roles, well much depends on the version of Exchange and the role itself. So
in Exchange Server 2010 and onwards, you can implement high availability for your mailboxes
using what are called Database Availability Groups or DAGs. Now DAGs depend on failover
clustering but this is all created and managed through Exchange. As for the front-end servers,
well you would use Network Load Balancing.
DHCP can be clustered, but in Windows Server 2012 that is a bit overkill because 2012 and
DHCP has an alternative. It is called DHCP failover. So it is really not necessary to cluster
those. What about print servers? Well if you wanted to cluster a print server, what you would
do is you would put it in a virtual machine and stick it inside a Hyper-V host cluster. So
clustering virtual machines in Hyper-V host, well that is an ideally suited application. As for
print services specifically can actually configure the cluster service to monitor the print servers.
If it hangs or stops for some reason, then cluster services can take some sort of action by
trying to start the service or moving that virtual machine to another node in the cluster. Now
Microsoft SQL Server is typically well suited for failover clustering. So for instance, you can put
your SharePoint SQL Server into a failover cluster and that can provide fault-tolerance for
some of your SharePoint databases. Other good candidates are Hyper-V host, which I
mentioned and scale-out file servers. So when you are thinking about clustering, consider
whether or not it is a stateful application are stateless and also consider whether or not it
already has a high availability solution.
[There are four servers, one router, and four databases. The four servers are connected to the
databases through the single router. There are two columns: Applications well suited for
clustering and Applications not well suited for clustering. In the Applications well suited for
clustering column, the first item is Exchange Server, the second item is Print server, and the
third item is SQL Server. In the Applications not well suited for clustering column, the first item
is Web-based services, the second item is Active Directory Domain Services, and the third
item is DHCP.]
Now when you are evaluating whether or not to provide high availability for particular
application, there are some other things that I want to extend to you, some other
considerations. Of course, it is important to analyze and assess all of the different options for
providing resilience for that application. That might mean looking at failover clustering, but it
might also mean considering some other built-in capability of high availability or the vendor's
recommendations or a hardware solution.
I will also add that you need to consider not just the application or the service itself but all the
ways in which that application is accessed, its resources are consumed, the way that it is
protected, backed up, and managed. You need to consider high availability for these other
types of operations. Another thing that I would encourage you to consider is the suitability of
the data itself. Is it stateful application or is it a stateless application? That might dictate
whether or not you use Microsoft's failover clustering or not. Now here is a good example and
that is not all applications were built to work with failover clustering and yet you still might be
able to use the generic application or generic service role.
The generic application or generic service role is a role in the failover clustering feature that
allows you to actually take an application that is not really cluster aware and to still provide a
degree of failover protection for it provided that cluster services can at least determine if the
application is running or not. One of the things you could add to that scenario is a script that
can help manage and monitor that application or service and that is done with the generic
service role. So whether you are using generic application or generic service, you need to be
mindful that not every application or every service is well suited for failover clustering. There
might be other options that are better and recommended by the vendor.
[There are four servers, one router, and four databases. The four servers are connected to the
databases through the single router.]
Deploying Failover Clustering on Windows
Server 2012 R2
Learning Objective
◾ identify the order of failover clustering implementation steps
1. Deploying a failover cluster

Let's talk about deploying failover cluster now. Failover cluster is a feature, not a role. So when
you go into Server Manager, you are going to find your way through the wizard to the feature
portion where you can install failover clustering and, of course, the failover clustering tools.
Now included with those tools is PowerShell support. Now you can deploy failover clustering
feature not only in a full GUI installation of Windows Server 2012, but also on a Server Core-
based installation. And Server Core has several different benefits. First of all, it doesn't have
the GUI, doesn't have additional components that you have to update and maintain and that
are potential risks in terms of security. The way they refer to it is a smaller attack surface - so
reduced overhead, better performance. So Server Core is often considered the better
approach when it comes to choosing a server; and, of course, the role that you are going to
cluster, well it needs to support Server Core as well.
Now after you install the failover clustering feature, the next thing you are going to do is you
are going to run that validation wizard. The validation wizard is going to examine all the
hardware. It is going to examine the storage, the networking, the communications. It is going to
test the disk failover. It is going to look at the various aspects of your actual cluster nodes and
it is going to determine at that point whether or not it meets the recommendations and whether
or not it meets some minimum requirements. Once you go through the validation, then you are
ready to actually pull the trigger and install your first failover cluster.
2. Demo: Adding a script resource

Time to create a cluster. Now I have done a couple of things to save some time. First thing that
I did is I already added the failover cluster feature on the different machines that are going to
be the participating nodes. I have also already ran the validation on those nodes to ensure that
I meet the minimum requirements, so I ran this validation wizard.
Now what I want to do is go ahead and create my cluster. Now I can do that a couple of
different ways. One is from right here within the Failover Cluster Manager console, in the
Actions pane, I can fire off the Create Cluster Wizard. And this will walk me through the
important decisions about what servers are going to be part of the cluster and how they are
going to be accessed, what it is going to be named, its IP address, and all of that. Instead of
using the Create Cluster Wizard though, I am going to use PowerShell. So I have got a
PowerShell entry here to create my new cluster and I am going to add a line to this or I should
say a switch here, it is not quite a line. But I am adding this switch here to say I don't want the
wizard to automatically import my shared storage. And you can see I am connected to a
couple of disks and I want to control the actual import of this storage because if I don't, then
the Failover Cluster Wizard or creation process will automatically assign a disk witness to one
of these. And which may be I want, but then again may be I don't; so I am going to turn off that
option.
[Failover Cluster Manager is open. It includes the Overview, Clusters, and Actions section. The
Actions section includes the following links: Validate Configuration, Create Cluster, Connect to
cluster, View, Refresh, Properties, and Help. The instructor clicks Validate Configuration and
the Validate a Configuration Wizard dialog box is displayed. Then the instructor closes this
dialog box and the Failover Cluster Manager window is displayed. On this window, the
instructor clicks Create Cluster in the Actions pane and the Create Cluster Wizard dialog box is
displayed. On this dialog box, the instructor clicks Cancel and navigates to the Administrator:
Windows PowerShell ISE window. This window includes create generic script.ps1 and create
cluster script.ps1 tabbed pages. The create cluster script.ps1 tabbed page is already open and
it displays the New-Cluster –Name ClusterExample –Node Clust-Node1, Clust-Node2, Clust-
Node3 –StaticAddress 10.0.3.60 command. Then the instructor enters –nostorage to the
above mentioned command. Next the instructor navigates to the iSCSI Initiator Properties
dialog box. This dialog box includes Targets, Discovery, Favorite Targets, Volumes and
Devices, RADIUS, and Configuration tabs. The Targets tab is already selected and the Targets
tabbed page is displayed. This page includes the Quick Connect and Discovered targets
sections. The Discovered targets section includes a list of discovered targets along with their
status. Then the instructor navigates to the Windows PowerShell ISE window.]
So now I am going to go ahead and fire this off and that way I can actually control which disk
will become my disk witness at the creation process. So it is going to kick off here, it is going to
Name this cluster ClusterExample. Here are the nodes that have the failover clustering
feature installed. Now if I scroll over, here is a static IP address it is going to be assigned to it.
And in a moment this should be finished, there we go. And now what I can do is I can come
back into the Failover Cluster Manager console, have a look at it. Let's connect to the cluster
now and I am on actual NODE1, so I can connect to this local machine and it should reveal for
me a cluster that I just created, there it is - ClusterExample. And the tool we populate here and
I will see the different configuration that is related to this cluster, the different networks that
were detected. So over here are the three networks. And of course, I have already ran the
validation wizard to ensure I meet the requirements. And under Disks you will see that there
are no disks identified; that is because I chose nostorage. So let's add a disk. Here are the
disks available, click OK to that and it will import them. Now I have got my disk resources.
Notice that they are all listed as Available Storage and they are not assigned as disk witnesses
as part of a disk quorum configuration. Of course, I can go in and configure quorum later on;
but because I have a three-node cluster, I may not want to have an additional quorum voter.
[The Administrator: Windows PowerShell ISE window is open and the instructor runs the New-
Cluster –Name ClusterExample –Node Clust-Node1, Clust-Node2, Clust-Node3
–StaticAddress 10.0.3.60 -nostorage command. As a result, Windows PowerShell ISE dialog
box is displayed asking whether to save the script or not. On this dialog box, the instructor
clicks OK, which then saves the script. Then the instructor navigates to the Failover Cluster
Manager window. On this window, the instructor right-clicks the Failover Cluster Manager node
and selects Connect to Cluster. As a result, the Select Cluster dialog box is displayed. On this
dialog box, the instructor clicks OK and the Connecting to Cluster dialog box is displayed,
which is attempting to connect to CLUST-NODE1. As a result, the
ClusterExample.corp.brocadero.com node is added below the Failover Cluster Manager node.
The instructor expands the ClusterExample.corp.brocadero.com node and the following nodes
are displayed: Roles, Nodes, Storage, Networks, and Cluster Events. Then the instructor clicks
the Networks node and the following networks are displayed in the view pane: Cluster Network
1, Cluster Network 2, and Cluster Network 3. Next the instructor expands the Storage node
and Disks and Pools nodes are displayed. The instructor then clicks the Disks node. As a
result, no disks are displayed in the view pane. Then the instructor clicks Add Disk in the
Actions pane and the Add Disks to a Cluster dialog box is displayed, which displays the
available disks. On this dialog box, the instructor clicks OK and the Creating disk resources
dialog box is displayed, which displays that Cluster 2 has been successfully configured.]
Then we go to Nodes. You can see here are my three nodes, and then we go to Roles and
there are no roles. So the next step in this process is to add the role that I want to make highly
available with failover clustering. To configure a role what we are going to do is go up to the
Actions pane and launch the High Availability Wizard. This gives me a list of roles that are
cluster-aware - roles like Distributed File System, or DFS, Dynamic Host Configuration
Protocol, or DHCP, the File Server role, Hyper-V Replica Broker, iSCSI Target Server, Virtual
Machine, of course, for Hyper-V hosts. Now if you click on one of these roles and the actual
role has not been configured on your cluster nodes, you will get a little error message.
Now what if you need to make an application highly available but it is not listed here. Well we
have Generic Application, Generic Script, and Generic Service that might help us with that.
Now what this does is it takes an application which was not originally designed for clustering
and makes it highly available using failover cluster. Now the problem with this is the application
still has to meet certain minimum requirements. There still has to be some communication
between the cluster service and the application or the service so that it knows whether or not
the application is failed or not; and there are resource type requirements.
[Failover Cluster Manager is open. It includes the ClusterExample.corp.brocadero.com node,

which includes the following nodes: Roles, Nodes, Storage, Networks, and Cluster Events. The
instructor clicks Nodes and CLUST-NODE1, CLUST-NODE2, and CLUST-NODE3 are
displayed in the view pane. Then the instructor clicks Roles. As a result, no roles are displayed
in the view pane. Next the instructor clicks Configure Role in the Actions pane. As a result, the
High Availability Wizard is displayed. On this wizard, the instructor clicks Next and a list of
roles is displayed. The instructor clicks Virtual Machine from the list. As a result, the
description for Virtual Machine is displayed and it also displays an error message saying that
the required role or feature Hyper-V could not be found on any node.]
Now if the application is a stateless application, it might be better suited for Network Load
Balancing, or NLB. But if it is a stateful application, an IP-based application, and one that has
support for the resource types or one that has been made to support resource types in
clustering, then you can use the Generic Application option or Generic Service here to actually
add it to cluster manager.
Now what do I mean by resource type? Well there are a couple of ways in which cluster
service can talk to the application - might do what is called an IsAlive or LooksAlive. These are
different levels of interrogation that can occur and the application has to be made to support
that and there might be other transition states that the application could be made to support
like a transition from going online to offline, things of that nature.
Now if I have an application that meets those minimum requirements, then what I can do is
choose Generic Application and I can add it through this wizard. So just a quick example of
this. Let's put calculator in here. Now I know calculator doesn't, you know, you know, isn't
made to be highly available nor has it been made to support those resource types. So this is
just...just something so I can go onto the Next page here. So we add an application whatever
the executable is for it. And we provide the access point where it is going to be, of course,
maybe we will call it myapp here; how clients are going to refer to that application and then it
needs to have an IP address, this is the representative clustered application IP address.
[The High Availability Wizard is open and it displays a list of roles. The Generic Application role
is already selected. On this wizard, the instructor clicks Next and the Generic Application
Settings page of the wizard is displayed. This page includes Command line and Parameters
text fields, which are empty. The instructor enters calc.exe in the Command line text field and
clicks Next. As a result, the Client Access Point page of the wizard is displayed. This page
includes a Name text field and a table which displays the Networks and Address columns. The
Networks column displays 10.0.3.0/24 for which there is no address. Then the instructor enters
myapp in the Name text field, 10.0.3.62 in the Address column of the table, and then clicks
Next.]
And then I need to identify if this application requires storage or not. So shared storage is part
of its configuration, we will identify that connection there. And then what I can do is I can...I can
replicate data that is stored in the registry among the cluster nodes for the functionality of that
application. So if the app requires it, I can also come in here and I can say well, this registry
key also needs to be replicated and so I can list registry keys here. Now those are the basic
steps here to make a Generic Application highly available.
Now another way in which I can make an application highly available is if I have a script which
can control, manage, and monitor that application and that supports those resource types -
that IsAlive and LooksAlive and other types of calls. So the script can provide that, kind of,
control for me. So what I can do is come in here and indicate the location of that script. So I
have got one genericexamplescript.vbs, oh and I probably have a typo in here -
genericscriptexample, I bet you is what it is called, oh .vbs, here we go, sorry about
that, Next.
[The High Availability Wizard is open. It includes a table with Name and Status columns. The
Name column displays Cluster Disk 1 and Cluster Disk 2 storage volume options, which have
status as Online. The instructor selects the Cluster Disk 2 option and clicks Next. As a result,
the Replicate Registry Settings page of the wizard is displayed. On this page, the instructor
clicks Add and the Registry Key dialog box is displayed, which includes the Root registry key
text field. Then the instructor enters software\caclexamplekey in the root registry key text field
and clicks Next. The instructor then clicks Select Role and a list of roles are displayed. The
Generic Application role is already selected. Then the instructor selects Generic Script role
from the list and clicks Next. As a result, the Generic Script Info page of the wizard is
displayed. On this page, the instructor enters c:\windows\wttbin\genericexamplescript.vbs in
the Script file path text field and clicks Next. As a result, the following message is displayed:
The script path c:\windows\wttbin\genericexamplescript.vbs is not valid on any of the cluster
nodes. Next the instructor enters c:\windows\wttbin\genericescriptexample.vbs in the Script file
path text field and clicks Next.]
Then we need to put in myapp and unfortunately the wizard doesn't do spell check for me and
there is no Browse button on that page, isn't there, that would have been nice. Anyway, so we
have got that listed there, and like the Generic Application I can indicate whether or not we
require storage and we will just Finish this thing off. So now what I have done is I have added
a Generic Script and this is going to help me manage and monitor an application to make it
highly available.
Now to give you, kind of, an example of that let's actually look at that sample script for a
moment, and here is one here, we will open this up and you can see here that it is referring to
those resource types I was talking about - LooksAlive, the IsAlive, and other types of
monitoring like whether or not the application is going online or the application is going offline.
Alright. So that is a look here. This is a sample script from Microsoft Developer Network, or
MSDN, that gives you an idea of what is required to make...to support that Generic Script
example. Alright, so that is how you add a role to Failover Cluster Manager and specifically
how you could add a role that may not be cluster-aware initially in using Generic Script or
Generic Application or Generic Service.
[The Client Access Point page of the High Availability Wizard is open. This page includes a
Name text field and a table which displays the Networks and Address columns. The Networks
column displays 10.0.3.0/24 for which there is no address. Then the instructor enters myapp in
the Name text field, 10.0.3.62 in the Address column of the table, and then clicks Previous and
navigates to the Select Role page of the wizard to check for the Browse button. On the Select
Role page of the wizard, the instructor clicks Next to navigate to the Select Storage page of the
wizard. This page includes a table with Name and Status columns. The Name column displays
Cluster Disk 1 and Cluster Disk 2 storage volume options, which have status as Online. The
instructor selects the Cluster Disk 2 option and clicks Next to navigate to the Summary page of
the wizard. On this page, the instructor clicks Finish and the Failover Cluster Manager window
is displayed. This window displays myapp listed under Roles. Then the instructor clicks myapp
in the view pane and the Actions pane gets populated with the details for myapp. Next the
instructor minimizes the Failover Cluster Manager window and closes the iSCSI Initiator
Properties dialog box. Then the instructor right-clicks genericscriptexample on the desktop and
selects Edit. As a result, the genericscriptexample is opened in Notepad. The instructor then
closes the Notepad and navigates to the Failover Cluster Manager .]
3. Demo: Configuring cluster settings

What I want to do now is have a look around the Failover Cluster Manager console and have a
look at some of the settings and the configuration options that help me control the behavior of
cluster services. To begin with I want to start with this role. And one of the things I can do is I
can control how this role moves around the different nodes in my cluster. So it is currently
sitting on NODE1, it is in a three-node cluster and I am going to right-click on this role and go
to its Properties.
Now one of the things I can do is I can define what is called a preferred owner. A preferred
owner means if something triggers and affects this role so that it has to be moved like, you
know, its current node has an error or failure or may be maintenance or some other...some
other event that causes this role to be moved, which node do I want to host it. Now normally it
is just going to move in an orderly fashion along the list of nodes based on the order in which
they were installed, but I can actually come in here and say, this is my preferred owner. And if I
have more than one preferred owner, I can actually indicate a preference with these Up and
Down arrows. So NODE3 will be moved to the top of the list when that role gets moved. So I
can illustrate that, I hit OK here, notice it is currently on NODE1. If I right-click on this and
choose Move, Best Possible Node, there we go.
Now I should point out that by simply indicating a preferred owner I am not actually eliminating
the nonpreferred owners from possibly hosting the role.
[The Failover Cluster Manager is open. It includes the ClusterExample.corp.brocadero.com

node, which includes the following nodes: Roles, Nodes, Storage, Networks, and Cluster
Events. The Roles node is already selected and the myapp role is displayed in the view pane.
The instructor right-clicks the myapp role and selects Properties. As a result, the myapp
Properties dialog box is displayed. This dialog box includes General and Failover tabs. The
General tab is already selected and the General tabbed page is displayed. This page includes
the Name text field and the Preferred Owners section. In the Name text field, myapp is already
entered. The Preferred Owners section includes CLUST-NODE, CLUST-NODE2, and CLUST-
NODE3 options. The instructor selects the CLUST-NODE2 and CLUST-NODE3 options and
clicks Up. As a result, the order of the CLUST-NODE2 and CLUST-NODE3 options changes.
Then the instructor clicks OK and the Failover Cluster Manager is displayed. Next the
instructor right-clicks the myapp role, selects Move, and then selects Best Possible Node. As a
result, the Owner Node changes from CLUST-NODE1 to CLUST-NODE3.]
So if I go to Nodes here, and I have got NODE2, NODE3 set up as my preferred owner. So
let's go ahead and turn NODE2 off here. We are going to go ahead and Pause it and it doesn't
have any roles to move, so...but I want all my Preferred Owners off. So I am going to NODE3,
you can see it is currently hosting my role. Now when I Pause this, it is going to require that
role be moved and you can see it is no longer on NODE3, but it was moved to NODE1 even
though it is not preferred. And that is simply because NODE2 was also unavailable.
Now what if I want that role to only be moved to a select number of these nodes. Preferred
owners doesn't allow me to control that, but possible owners does. So if I go back to Roles
here, there is another place I can go to actually control which nodes are candidates for hosting
the role in the first place. So if I go to Resources and go to the role Properties here, the
resource properties of the role, there is a tab here called Advanced Policies and this allows
me to actually control Possible Owners. With Possible Owners I can say well, I never want
NODE2 to be a possible owner, so we hit OK to that. Now let's return here to these Nodes and
we will Resume NODE2, this won't matter actually so we will just start it back up.

The instructor clicks Nodes and CLUST-NODE1, CLUST-NODE2, and CLUST-NODE3 nodes
are displayed in the view pane. Then the instructor right-clicks CLUST-NODE2, selects Pause,
and then selects Drain Roles. As a result, the Status of the CLUST-NODE2 is changed from
Up to Paused. Next the instructor right-clicks the CLUST-NODE3, selects Pause, and then
selects Drain Roles. As a result, the status of the CLUST-NODE3 is changes from Up to
Paused. The instructor then clicks Roles and the myapp role is displayed in the Roles pane. In
the Roles pane, the instructor clicks Resources tab and the Resources tabbed page is
displayed. On this page, the instructor right-clicks genericscriptexample Script in the Roles
section and selects Properties. As a result, the genericscriptexample Script Properties dialog
box is displayed. The instructor clicks the Advanced Policies tab and the Advanced Policies
tabbed page is displayed. This page includes Possible Owners section, which includes
CLUST-NODE1, CLUST-NODE2, and CLUST-NODE3 options, which are all selected. Then
the instructor clears the selection from the CLUST-NODE2 option and clicks OK.As a result,
the Failover Cluster Manager window is displayed. Then the instructor clicks Nodes and the
CLUST-NODE1, CLUST-NODE2, and CLUST-NODE3 nodes are displayed in the view pane.
Next the instructor right-clicks CLUST-NODE2, selects Resume, and then selects Fail Roles
Back. As a result, the status of the CLUST-NODE2 is changed from Paused to Up.]
Now I am going to go NODE1 and notice here with NODE1, it is currently hosting this role. I
am going to right-click here and we are going to Pause it and try to drain its roles. The Drain
failed and the reason for that is because, well, NODE3 is Paused and unavailable. NODE2 is,
well, it is Up and running. I even indicated it as a preferred owner earlier; however the reason
why it is not hosting that role is because it is no longer a possible owner. So those are a couple
of ways in which you can control behavior.
Now another thing you can configure in here is the failback options. Now with failback, you can
actually configure it so that, you know, the original hosting role can assume...original hosting
node I should say, can assume that role. So let's go over here to NODE3 and we will Resume
it and choose Fail Roles Back; in which case what it does, it assumes once again a job of
hosting that role. Now I am doing this manually. We can also configure that behavior to happen
automatically. So let's go back to the Roles, let's go back to the Properties of that role. I will
show you another setting in here, it relates to this conversation - this is the Failover tab. Once
again we are on the role and looking at its Properties and the Failback options.

Events. The Nodes node is already selected and the CLUST-NODE1, CLUST-NODE2, and
CLUST-NODE3 nodes are displayed in the view pane. The instructor right-clicks CLUST-
NODE1, selects Pause, and then selects Drain Roles. As a result, the status of the CLUST-
NODE2 is changed from Up to Drain failed. The instructor right-clicks CLUST-NODE3, selects
Resume, and then selects Fail Roles Back. As a result, the status of the CLUST-NODE3 is
changed from Paused to Up. Then the instructor clicks Roles and the myapp role is displayed
in the view pane. Next the instructor right-clicks myapp and selects Properties. As a result, the
myapp Properties dialog box is displayed. On this dialog box, the instructor clicks the Failover
tab and the Failover tabbed page is displayed.]
Now you have to be very careful about this setting. The idea here is, if you have a preferred
node and that node goes down or that role that it was hosting gets moved around to some
other nodes, when it comes back online, you can have it automatically failback. Now often
times it is not necessary and that is the reason why Prevent failback is actually the default
and in many cases, considered the best practice. But for some reason if you needed to
failback to that original preferred node, you can do that, you can Allow failback.
Now the problem that you run into here, the risk you are taking is especially if you have it set to
immediate is you run the risk of a ping-pong effect. And that is where for whatever reason you
have a transient error, the hosting node can't maintain that role, so the role gets transferred to
another node, but in a short amount of time it comes back online. So then oh, look the nodes
available against the role gets transferred over again. And so you end up having this role
bouncing back and forth between these nodes because that preferred node has allow
immediate failback enabled. So to avoid that constant balancing, you might want to define
some delays here or may be turn it off altogether.
[The myapp Properties dialog box is open and the Failover tabbed page is displayed. This
page includes Maximum failures in the specified period and Period spin boxes. The Maximum
failures in the specified period spin box displays 2 and the Period spin box displays 6. It also
includes Prevent failback and Allow failback options. The Prevent failback option is already
selected. On this dialog box, the instructor clicks Cancel and the Failover Cluster Manager
window is displayed.]
Let's have a look now at some of the global settings in Failover Cluster Manager. If I come up
here to the root here, this cluster root, I can from here perform some configuration tasks like,
for instance, I can validate the cluster running the cluster wizard again. And this is useful to do
if I am troubleshooting a problem or to do periodically for, kind of, a health check. What I like
about this is you can actually select which test to run, so you can eliminate say the Storage
test and, you know, focus on a particular area of interest.
Other settings can be found if I right-click on the cluster here. Other settings including things
like configuring additional roles, once again running those...that cluster wizard, adding a node
to my cluster, or under More Actions there are some useful settings like, for instance,
configuring quorum. Now we have talked at length about quorum, this is where I can go to
actually change the quorum configuration in my cluster. So you notice I have a couple of
categories here, choosing a quorum witness. I can do that by clicking Next and selecting
between disk witness, file share witness, or not configuring a quorum witness at all. And
remember here, with disk witness, this is especially valuable with even numbered node
clusters like two-node clusters, four-node clusters. File share witnesses are ideally suited for
multisite clusters especially if the file share is in another site that is not participating in the
cluster.

The instructor clicks the ClusterExample.corp.brocadero.com and then selects Validate Cluster
from the Actions pane. As a result, the Validate a Configuration Wizard dialog box is displayed.
On this dialog box, the instructor clicks Next and the next page of the wizard is displayed. This
page includes Run all tests (recommended) and Run only tests I select options. The Run all
tests (recommended) option is already selected. The instructor selects the Run only tests I
select option and clicks Next. As a result, the following options are displayed: Cluster
Configuration, inventory, Network, Storage, and System Configuration. All the options are
already selected. Then the instructor clears the Storage option and clicks Cancel. As a result,
the Failover Cluster Manager window is displayed. On this window, the instructor right-clicks
the ClusterExample.corp.brocadero.com node, selects More Actions, and then selects
Configure Cluster Quorum Settings. As a result, the Configure Cluster Quorum Wizard is
displayed. On this wizard, the instructor clicks Next and the Select Quorum Configuration
Option page of the wizard is displayed. This page includes the following options: Use default
quorum configuration, Select the quorum witness, and Advanced quorum configuration. The
Use default quorum configuration option is already selected. The instructor selects Select the
quorum witness option and clicks Next. As a result, the Select quorum Witness page of the
wizard is displayed. This page includes the following options: Configure a disk witness,
Configure a file share witness, and Do not configure a quorum witness. The Do not configure a
quorum witness option is already selected.]
I can also step back here and choose Advanced quorum configuration. And this includes
settings that are may be less common to include when you are configuring a cluster, but
nonetheless might be needed. For instance, you can come in and actually specify which of the
nodes can participate in quorum. For instance, you can say I don't want NODE1 to be a voter
at all. Now that is going to be pretty exotic. Maybe you might do this if you have a multisite
cluster and this NODE1 is in another site, you don't want it participating, but that is why they
call these advanced settings. We will click Next here. Once again I can choose between disk
witness and file share witness. And when I come into this page here after I really don't make
any changes, but it tells me because I don't have a quorum witness, it is not a best practice. I
am going to go ahead and ignore that message, I do have a three-node cluster.
Now the next thing I want to look at if I right-click once again, we go to More Actions, we can
also Copy Cluster Roles and this can be useful if there is another cluster and that I want to
copy some of the cluster settings over. Now keep in mind that this is not copying everything.
So things like network settings, some of the data files, those things are not going to be copied.
What is really being copied are just some of the role settings. And this requires that I have
another cluster in standby already defined that I am going to transfer these settings to.
[The Configure Cluster Quorum Wizard is displayed. On this wizard, the instructor clicks
Previous and the Select Quorum Configuration Option page of the wizard is displayed. This
page includes the following options: Use default quorum configuration, Select the quorum
witness, and Advanced quorum configuration. The Use default quorum configuration option is
already selected. The instructor selects Advanced quorum configuration option and clicks
Next. As a result, the next page of the wizard is displayed. This page includes All Nodes,
Select Nodes, and No Nodes options. The All Nodes option is already selected. The Select
Nodes option includes a table with Name and Status columns. The Name column includes
CLUST-NODE1, CLUST-NODE2, and CLUST-NODE3 options, which are selected for which
the Status is Up. The instructor clicks Next and the Select Quorum Witness page of the wizard
is displayed. This page includes the following options: Configure a disk witness, Configure a
file share witness, and Do not configure a quorum witness. The Do not configure a quorum
witness option is already selected. On this page, the instructor clicks Next and the
Confirmation page of the wizard is displayed. On this page, the instructor clicks Next and the
Summary page is displayed. On this page, the instructor clicks Finish and the Failover Cluster
Manager window is displayed. On this window, the instructor right-clicks the
ClusterExample.brocadero.com node, selects More Actions, and then selects Copy Cluster
Roles. As a result, the Copy Cluster Roles Wizard dialog box is displayed. On this dialog box,
the instructor clicks Cancel and the Failover Cluster Manager window is displayed.]
When I right-click on this, I can also go back in here and I can shut down the cluster, I can
destroy the cluster if I no longer need it. So this will actually destroy the role. I can Move Core
Cluster Resources, which means I can actually select which one of these nodes is going to
host those core cluster resources. Now those core resources are things like the name, the IP
address and those are currently held by NODE2. And if I want a different node to own those to
failover to NODE1, I could select NODE1 there. And it will now become the owner of those
core cluster resources. And I can actually scroll down here, Cluster Core Resources and see
those listed here and see that we are actually in the midst of...those went offline for a...so I was
transferring them.
Other settings I can do, let's see right-click here, More Actions, Move Core Cluster
Resources, and then configure Cluster-Aware Updating. Alright, so that is a look at some of
the global clustering settings that I can define in Failover Cluster Manager. Many of these
configuration changes we have been looking at can also be done in PowerShell. In fact there
are some changes that require PowerShell. Let's look at some examples.
So up here we have got some common commands we can run here in PowerShell. Many of
these are very similar to what we have been looking at in the console. For instance, one thing I
can do is I can retrieve information. In this case, I am looking at the different cluster groups
and who owns them. So you can see here where it says Cluster Group right here in the center,
this is the core cluster resources that we just moved.
[The Failover Cluster Manager window is displayed. On this window, the instructor right-clicks
the ClusterExample.brocadero.com node, selects More Actions, then selects Move Core
Cluster Resources, and then selects Select Node. As a result, a dialog box is displayed. This
dialog box includes CLUST-NODE1 and CLUST-NODE3 nodes, which have status Up. On this
dialog box, the instructor clicks OK and the Failover Cluster Manager window is displayed. The
instructor navigates to the Administrator: Windows PowerShell ISE window. This window
includes cluster commands.ps1 and creates cluster script.ps1 tabbed pages. The cluster
commands.ps1 tabbed page partially displays the following code: #View cluster groups Get-
clustergroup #Move core cluster resources Move-ClusterGroup –Name "cluster group" –node
Clust-node2 #Add roles Get-Cluster ClusterExample|Add-ClusterGenericScriptRole
–ScriptFilePath Get-Cluster ClusterExample|Add-Clusterclustervirtualmachinerole
–virtualmachine VM1 Get-Cluster ClusterExample|Add-Clusterfileserverrole –storage "cluster
disk 4" The instructor runs the Get-clustergroup code part below #View cluster groups. As the
result, the following output is displayed: PS C:\Users \administrator.CORP> Get-clustergroup
Name OwnerNode State Available Storage CLUST-NODE2 Offline Cluster
Group CLUST-NODE1 Online Myapp CLUST-NODE3 Online]
What I want to do now is I want to move that back to node2 and I can do that with the Move-
ClusterGroup PowerShell cmdlet. So I will run that. And notice I am indicating the Name
"cluster group", aka, cluster core resources and then which node I am moving it to. In a
moment here, we will see – success.
Alright. Now what are some other things I can do here? Well I can add roles to my cluster for
high availability. So like, for instance, I can retrieve here first of all the name of the cluster I
created, which I named ClusterExample and then add to that cluster this
GenericScriptRole. And so this is actually what I am currently running is the myapp script, but
here is the syntax to do the command through PowerShell. So here is myapp and then the IP
address and the parameters would follow. Some other examples include adding a
virtualmachinerole or adding a clusterfileserverrole. This time in this example, we are
identifying that cluster disk 4 should be assigned to the file server role.
Now we can also change global quorum settings from PowerShell. So for instance, here is the
ability to change the quorum to NodeMajority. Like so if I wanted to change the quorum to
NodeAndDiskMajority or FileShareMajority, I can do that as well. This time I am actually
doing disk majority and I am indicating that Disk 1 is going to be my disk witness. So we will
run that, here we go; that is how easy that is.
[The Administrator: Windows PowerShell ISE window is open. This window includes cluster
commands.ps1 and creates cluster script.ps1 tabbed pages. The cluster commands.ps1
tabbed page partially displays the following code: #View cluster groups Get-clustergroup
#Move core cluster resources Move-ClusterGroup –Name “cluster group” –node Clust-node2
#Add roles Get-Cluster ClusterExample|Add-ClusterGenericScriptRole –ScriptFilePath Get-
Cluster ClusterExample|Add-Clusterclustervirtualmachinerole –virtualmachine VM1 Get-
Cluster ClusterExample|Add-Clusterfileserverrole –storage “cluster disk 4” The Get-
clustergroup code part below #View cluster groups is already selected and the following output
is displayed: PS C:\Users \administrator.CORP> Get-clustergroup Name
OwnerNode State Available Storage CLUST-NODE2 Offline Cluster Group
CLUST-NODE1 Online Myapp CLUST-NODE3 Online Then the instructor selects the
Move-ClusterGroup –Name "cluster group" –node Clust-node2 command and clicks Run
Selection. As a result, the following output is displayed: Name OwnerNode State
Cluster groupCLUST-NODE2 Online Next the instructor selects the Set-ClusterQuorum
–Cluster clusterexample –NodeMajority command and clicks Run Selection. As a result, the
following output is displayed: Cluster QuorumResource ClusterExample Next the
instructor selects the partially displayed Set-ClusterQuorum –Cluster clusterexample
–NodeAndDiskMajority "Cluster Disk 1" command and clicks Run Selection. As a result, the
following output is displayed: Cluster QuorumResource ClusterExample Cluster
Disk 1]
Now the next thing we want to look at is quorum voter configuration. So this here is actually
altering the property on cluster node1 and saying, I no longer want it to be a participant in
quorum. So this is the advanced quorum configuration setting we saw in the console. So what
we are doing here is we are actually retrieving the properties of node1 and changing them. So
let me show you what this looks like. So I can do get-clusternode. And if I do that by
itself, I just get a list of the different nodes. But if I want the properties of these nodes, I am
going to use | fl for format list and then I want everything, so we will put * there, the
wildcard. And what that lists is all three of those nodes and their properties. So if I scroll up, I
can see there is NODE1 and here it says NodeWeight and right now it is currently not set to be
a voter. It is set to 0. So if I want to, I can come up here and say, well I wanted to participate in
quorum and we can right-click on this here and we will execute this. And then when I go back
here and I do Get-ClusterNode, once again we do fl * and scroll up, we will see now
cluster node1's NodeWeight has been changed from 0 to a 1.
tabbed page partially displays the following code: #View cluster groups Get-clustergroup
#Move core cluster resources Move-ClusterGroup –Name "cluster group" –node Clust-node2
#Add roles Get-Cluster ClusterExample|Add-ClusterGenericScriptRole –ScriptFilePath Get-
Cluster ClusterExample|Add-Clusterclustervirtualmachinerole –virtualmachine VM1 Get-
Cluster ClusterExample|Add-Clusterfileserverrole –storage "cluster disk 4" The following output
is displayed in the output pane: Cluster QuorumResource ClusterExample Cluster
QuorumResource ClusterExample Cluster Disk 1 The instructor runs the get-clusternode
command and the following output is displayed: Name ID State CLUST-NODE1 2
Up CLUST-NODE2 1 Up CLUST-NODE3 3 Up Then the instructor runs the get-
clusternode|fl * command and the following output is displayed: Cluster:ClusterExample
State:Up Id:2 Name:CLUST-NODE1 NodeName:CLUST-NODE1 NodeHighestVersion:533888
NodeLowestVersion:533888 MajorVersion:6 MinorVersion:3 BuildNumber:9600 CSDVersion:
NodeInstanceID:00000000-0000-0000-0000-000000000002 Description:
DrainStatus:NotInitiated DrainTarget:4294967295 DynamicWeight:0 NodeWeight:0
NeedsPreventQuorum:0 Cluster:ClusterExample State:Up Id:1 Name:CLUST-NODE2
NodeName:CLUST-NODE2 NodeHighestVersion:533888 NodeLowestVersion:533888
MajorVersion:6 MinorVersion:3 BuildNumber:9600 CSDVersion: NodeInstanceID:00000000-
0000-0000-0000-000000000001 Description: DrainStatus:NotInitiated
DrainTarget:4294967295 DynamicWeight:1 NodeWeight:1 NeedsPreventQuorum:0
Cluster:ClusterExample State:Up Id:3 Name:CLUST-NODE3 NodeName:CLUST-NODE3
NodeHighestVersion:533888 NodeLowestVersion:533888 MajorVersion:6 MinorVersion:3
BuildNumber:9600 CSDVersion: NodeInstanceID:00000000-0000-0000-0000-000000000003
Description: DrainStatus:NotInitiated DrainTarget:4294967295 DynamicWeight:1
NodeWeight:1 NeedsPreventQuorum:0 Next the instructor changes the NodeWeight from 0 to
1 in the (Get-ClusterNode Clust-Node1).NodeWeight=0 command. Then the instructor selects
the (Get-ClusterNode Clust-Node1).NodeWeight=1 command and clicks Run Selection. Next
the instructor runs the Get-ClusterNode|fl * command and the following output is displayed:
Cluster:ClusterExample State:Up Id:2 Name:CLUST-NODE1 NodeName:CLUST-NODE1
NodeHighestVersion:533888 NodeLowestVersion:533888 MajorVersion:6 MinorVersion:3
BuildNumber:9600 CSDVersion: NodeInstanceID:00000000-0000-0000-0000-000000000002
Description: DrainStatus:NotInitiated DrainTarget:4294967295 DynamicWeight:1
NodeWeight:1 NeedsPreventQuorum:0 Cluster:ClusterExample State:Up Id:1 Name:CLUST-
NODE2 NodeName:CLUST-NODE2 NodeHighestVersion:533888
NodeLowestVersion:533888 MajorVersion:6 MinorVersion:3 BuildNumber:9600 CSDVersion:
NodeInstanceID: 00000000-0000-0000-0000-000000000001 Description: DrainStatus:
NotInitiated DrainTarget: 4294967295 DynamicWeight: 1 NodeWeight: 1
NeedsPreventQuorum: 0 Cluster: ClusterExample State: Up Id: 3 Name: CLUST-NODE3
NodeName: CLUST-NODE3 NodeHighestVersion: 533888 NodeLowestVersion: 533888
MajorVersion: 6 MinorVersion: 3 BuildNumber: 9600 CSDVersion: NodeInstanceID:
00000000-0000-0000-0000-000000000003 Description: DrainStatus: NotInitiated DrainTarget:
4294967295 DynamicWeight: 1 NodeWeight: 1 NeedsPreventQuorum: 0]
Now the same thing could be said about the cluster itself, the cluster property. So here is
where I can retrieve information about the current cluster. So we do Get-Cluster and then
I get a long list of properties for my ClusterExample that is the Name, oops we will come back
up here. Here we go, here is the ClusterExample. And then there is a list of different properties
that relate to that logging, various thresholds, and down here I see DynamicQuorum enabled.
DynamicQuorum is where it adjusts the majority value when determining quorum. So if I have
four nodes in my quorum, the majority, of course, is three. If I lose one of those nodes,
DynamicQuorum will change the majority to be, you know, if it goes from four to three nodes
then the majority is changed; now it is two. If I want to change that, I can here. And then here
is DatabaseReadWriteMode. This is another setting that I can change and I can do this only in
PowerShell and it is called the Global Update Manager.
tabbed page partially displays the following code: # Remove quorum voter (Get-ClusterNode
Clust-Node1).NodeWeight=1 # View cluster properties Get-Cluster|fl * #Change Global Update
Manager (Get-Cluster) .DatabaseReadWriteMode=0 The following partially displayed output is
displayed: NodeHighestVersion: 533888 NodeLowestVersion: 533888 MajorVersion: 6
MinorVersion: 3 BuildNumber: 9600 CSDVersion: NodeInstanceID: 00000000-0000-0000-
0000-000000000002 Description: DrainStatus: NotInitiated DrainTarget: 4294967295
DynamicWeight: 1 The instructor selects the Get-Cluster|fl * command and clicks Run
Selection. As a result, the following output is displayed: Domain: corp.brocadero.com Name:
ClusterExample AddEvictDelay: 60 AdministrativeAccessPoint: ActiveDirectoryAndDNS
BackupInProgress: 0 ClusSVCHangTimeout: 60 ClusSvcRegroupOpeningTimeout: 5
ClusSvcRegroupPruningTimeout: 5 ClusSvcRegroupStageTimeout: 5
ClusSvcRegroupTickInMilliseconds: 300 ClusterGroupWaitDelay: 120
MinimumNeverPreemptPriority: 3000 MinimumPreemptorPriority: 1
ClusterEnforcedAntiAffinity: 0 ClusterLogLevel: 3 ClusterLogSize: 300 CrossSubnetDelay:
1000 CrossSubnetThreshold: 5 DefaultNetworkRole: 2 Description: FixQuorum: 0
WitnessDynamicWeight: 0 HangRecoveryAction: 3 IgnorePersistentStateOnStartup: 0
LogResourceControls: 0 PlumbAllCrossSubnetRoutes: 0 PreventQuorum: 0
QuorumArbitrationTimeMax: 20 RequestReplyTimeout: 60 RootMemoryReserved:
4294967295 RouteHistoryLength: 10 SameSubnetDelay: 1000 SameSubnetThreshold: 5
SecurityLevel: 1 SharedVolumeCompatibleFilters: {} SharedVolumeIncompatibleFilters: {}
SharedVolumesRoot: C:\ClusterStorage SharedVolumeSecurityDescriptor: {1, 0, 4, 128…}
ShutdownTimeoutInMinutes: 20 DrainOnShutdown: 1
SharedVolumeVssWriteOperationTimeout: 1800 NetftIPSecEnabled: 1
LowerQuorumPriorityNodeId: 0 UseClientAccessNetworksForSharedVolumes: 0
BlockCacheSize: 0 WitnessDatabaseWriteTimeout: 300 WitnessRestartInterval: 15
RecentEventsResetTime: 3/21/2014 9:05:07 PM EnableSharedVolumes: Enabled
DynamicQuorum: 1 CsvBalancer: 1 DatabaseReadWriteMode: 0 MessageBufferLength: 50 Id:
0f2a9680-f5d5-4269-bdce-85ca06b5935d]
Now with Global Update Manager, it has to do with how the nodes share information and as
they process transaction. So let's say, for instance, a change occurs to the state of the cluster
that needs to be written to the cluster database. By default, the cluster nodes will wait for all of
the nodes to say hey, we got the change and then the change will be committed before any
other transactions will be processed. The nice thing about that, of course, is it is going to make
sure that all of the information is stable and it is fresh. The downside to that is if you have
network latency, well then the overall speed of the cluster is going to be dragged down to the
slowest node. So in the case of Hyper-V host clusters, the default for the Global Update
Manager is actually 1. And that means as long as the majority have acknowledged the change,
then an individual node can go ahead and process additional transactions. You can change its
value to 2, which further means that the local node continues to read old data if it needs to.
Now changing the Global Update Manager has some cautions around it. In the case of
multisite clusters, this might be useful to change this to 1 or 2. But if you are using SQL Server
or Exchange and yet those cluster depending on their configuration, well, that can create some
potential problems. So of course, you want to only change the Global Update Manager if the
conditions require it. So that is a look at some of the settings and some examples that I can
configure here in PowerShell.
tabbed page partially displays the following code: #Change Global Update Manager (Get-
Cluster) .DatabaseReadWriteMode=0 Following is the output of the Get-Cluster|fl * command
Domain: corp.brocadero.com Name: ClusterExample AddEvictDelay: 60
AdministrativeAccessPoint: ActiveDirectoryAndDNS BackupInProgress: 0
ClusSVCHangTimeout: 60 ClusSvcRegroupOpeningTimeout: 5
ClusSvcRegroupPruningTimeout: 5 ClusSvcRegroupStageTimeout: 5
ClusSvcRegroupTickInMilliseconds: 300 ClusterGroupWaitDelay: 120
MinimumNeverPreemptPriority: 3000 MinimumPreemptorPriority: 1
ClusterEnforcedAntiAffinity: 0 ClusterLogLevel: 3 ClusterLogSize: 300 CrossSubnetDelay:
1000 CrossSubnetThreshold: 5 DefaultNetworkRole: 2 Description: FixQuorum: 0
WitnessDynamicWeight: 0 HangRecoveryAction: 3 IgnorePersistentStateOnStartup: 0
LogResourceControls: 0 PlumbAllCrossSubnetRoutes: 0 PreventQuorum: 0
QuorumArbitrationTimeMax: 20 RequestReplyTimeout: 60 RootMemoryReserved:
4294967295 RouteHistoryLength: 10 SameSubnetDelay: 1000 SameSubnetThreshold: 5
SecurityLevel: 1 SharedVolumeCompatibleFilters: {} SharedVolumeIncompatibleFilters: {}
SharedVolumesRoot: C:\ClusterStorage SharedVolumeSecurityDescriptor: {1, 0, 4, 128…}
ShutdownTimeoutInMinutes: 20 DrainOnShutdown: 1
SharedVolumeVssWriteOperationTimeout: 1800 NetftIPSecEnabled: 1
LowerQuorumPriorityNodeId: 0 UseClientAccessNetworksForSharedVolumes: 0
BlockCacheSize: 0 WitnessDatabaseWriteTimeout: 300 WitnessRestartInterval: 15
RecentEventsResetTime: 3/21/2014 9:05:07 PM EnableSharedVolumes: Enabled
DynamicQuorum: 1 CsvBalancer: 1 DatabaseReadWriteMode: 0 MessageBufferLength: 50 Id:
0f2a9680-f5d5-4269-bdce-85ca06b5935d]
Clustering Aware Updates in Windows Server
2012 R2
Learning Objective
◾ identify recommended approaches to Cluster-Aware Updating
1. Cluster-Aware Updating
Now imagine this scenario. You have got 16 nodes, maybe 32 nodes in your cluster and they
need to have some updates. So maybe they have a 100 updates each. You take the first node,
you have to failover the roles, then you perform the updates, there is a reboot, may be two;
then you fail the roles back, bring that machine online and you are ready to move on the next
one. Now of course, that took may be an hour or may be not quite so long depending on the
number of updates and what kind of changes. But the point is it can take an extended amount
of time to service a cluster full of nodes and it is a very manual process if you are not using
what is called Cluster-Aware Updating, or CAU. So it can literally take you a month to get all of
the nodes up to speed and then...and you got another batch of updates to deal with. So
Cluster-Aware Updating addresses those concerns that we had by automating the process, by
applying the updates to the individual nodes, rebooting them, doing the failover and failback all
in an automated fashion.
[There are four servers, one router, and one database in a network. The four servers are
connected to the database through the router. Performing updates to each server can take an
extended amount of time.]
Cluster-Aware Updating is an additional feature to automate the updating process and it has
two different modes. It can run in self-updating mode or it can run in remote-updating mode.
Now remote-updating mode means you have a machine that is not a member of the actual
cluster. It is running the appropriate operating system like Windows Server 2012 or Windows
8.1 and you can install Remote Server Administration Tools, or RSAT, tools onto that node.
The RSAT tools for failover clustering - that is where you will find the Cluster-Aware Updating
feature. And once you are in there, you can launch the CAU console and perform updating
runs remotely and that machine becomes the update coordinator. Now alternatively, you can
actually add the Cluster-Aware Updating role as a role inside the cluster itself making it highly
available and making it responsible for keeping each one of the nodes up to date. That is
called self-updating mode. Now with self-updating mode you configure a schedule, you identify
any parameters and arguments with that schedule and Cluster-Aware Updating takes care of it
for you. When the periodic schedule occurs, updates are examined and pulled down and they
can come from Microsoft update or from a Windows Server Update Services, or WSUS,
server. Then each one of the nodes are patched, of course, going to the process of failing the
roles over and failing them back and ensuring that the applications that are running stay highly
available.
[In remote-updating mode image, there are five servers, one router, and one database. There
is an update coordinator server on which failover cluster admin tools are installed. This update
coordinator server is connected to four servers. The four servers are then connected to the
database through the router. In self-updating mode image, there are four servers, one router,
and one database. The four servers are connected to the database through the router.]
There are important considerations when you think about implementing Cluster-Aware
Updating. First of all, it only works with Windows Server 2012 and R2, doesn't work with the
older Windows 2008 clusters. You need to have appropriate permissions, of course, and you
want to make sure that your cluster nodes are not receiving updates and installing them from
WSUS. Now they can pull those updates down as a download source but you don't want it as
an installation source. Ideally the update should occur during off hours that is obvious you want
a minimal amount of disruption as possible. And then it is important to monitor the progress of
your updates and review the health of your nodes.
Now the another thing that I think it is useful to know is that there are some requirements for
Cluster-Aware Updating and that includes a need to have Windows Management
Instrumentation, or WMI, enabled, remote PowerShell enabled. For those GUI versions, you
also need to have .NET Framework 4.5. Regardless of the version, you need to have remote
shutdown so Cluster-Aware Updating can reboot each one of the nodes if necessary. The
other comment I want to make here is if you are going to use Server Core nodes within your
cluster, you are going to need to support the remote-updating feature and that is because
Cluster-Aware Updating, the self-updating feature is only supported with those GUI
installations of Windows Server.
[There are four servers, one router, and one database in a network. The four servers are
connected to the database through the router. Performing updates to each server can take an
extended amount of time.]
2. Demo: Configuring CAU

Installing Cluster-Aware Updating is really easy. You can do this either by going into Server
Manager and adding the failover cluster tools. And remember there are two different modes,
there is the remote-updating mode and the self-updating mode. And in regards to the remote-
updating mode, you are going to install just the tools. Here you can see the Remote Server
Administration Tools. You will just install the tools for failover clustering and this includes all
of the tools you need for Cluster-Aware Updating as it says here in the description. And you
would do this on a machine that is not a member of the actual cluster itself. And what this does
is it creates for us our update coordinator.
[Dashboard of Server Manager is open and it includes Manage, Tools, and Views options.
From the Manage menu, the instructor selects the Add Roles and Features and the Add Roles
and Features Wizard is displayed. On this wizard, the instructor clicks Next through three
pages of the wizard and navigates to a page that displays a list of tools. Then the instructor
expands the Remote Server Administration Tools node. This node further includes the Feature
Administration Tools and Role Administration Tools nodes. The Feature Administration Tools
node includes the following options: SMTP Server Tools, BitLocker Drive Encryption
Administration, BITS Server Extensions Tools, Failover Clustering Tools, IP Address
Management (IPAM) Client, Network Load Balancing Tools, SNMP Tools, and WINS Server
Tools. The instructor expands the Failover Clustering Tools node and the following options are
displayed: Failover Cluster Management Tools, Failover Cluster Module for Windows
PowerShell, Failover Cluster Automation Server, and Failover Cluster Command Interface.]
Now I can do a similar operation here in PowerShell, of course. So let's go ahead and do that.
Let's do get-windowsfeature RSAT-cluster* and here are those tools including the
PowerShell module. To do an install, I am going to pipe this to |install-
windowsfeature like so. And right now I am actually sitting on a machine that is my update
server. In other words, it is a nonclustered machine, so it is going to be my update coordinator.
And it can be on, you know, any machine that supports the tools. It doesn't have to be on the
update server itself. And in a moment after these tools are installed, then I can actually begin
doing an update run. So we will give it a minute or two and then we will come back and have a
look at it.
Success. I have installed the Cluster-Aware Updating Tools and this includes the other failover
cluster tools as well, but they are all installed on this machine, not a member of a cluster. So
what we are supporting in this example is a remote-updating scenario and this machine then is
my update coordinator.
[A page in the Add Roles and Features Wizard is open. The instructor opens the Windows
PowerShell command window and runs the get-windowsfeature RSAT-cluster* command. The
output of the command is displayed as follows: Display Name Name ---------
----------- -------- [] Failover Clustering Tools RSAT-Clustering [] Failover Cluster
Management Tools RSAT-Clustering-Mgmt [] Failover Cluster Module for Windows RSAT-
Clustering-Powe… [] Failover Cluster Automation Server RSAT-Clustering-Auto… []
Failover Cluster Command Interface RSAT-Clustering- CmdI… Then the instructor executes
the get-windowsfeature RSAT-cluster*|install-windowsfeature command and the following
output is displayed: Success Restart Needed Exit Code Feature Result ---------- ----------------
----- ----------- ------------------- True No NoChangeNeeded {}]
Now this included the installation of several PowerShell cmdlets. So let's look at what
PowerShell cmdlets are available to me. So I am going to use the get-command and I am
going to reference the actual PowerShell module that was installed. And you can see the
different cmdlets available including things like enabling the CauClusterRole for self-updating.
The ability to invoke an actual update run, the ability to actually disable these features, retrieve
information, status information. Also right here is the ability to actually do a best practice
analysis even before I configure Cluster-Aware Updating.
[The Administrator: Windows PowerShell command window is open. It displays the get-
windowsfeature RSAT-cluster*|install-windowsfeature command. The output of the command
is displayed as follows: Success Restart Needed Exit Code Feature Result ---------- ------------
--------- ----------- ------------------- True No NoChangeNeeded {} The instructor executes the
get-command -module clusterawareupdating command and the following output is displayed:
CommandType Name ModuleName -------------------- ------- -------------------
cmdlet Add-CauClusterRole clusterawareupdating cmdlet Disable-CauClusterRole
clusterawareupdating cmdlet Enable-CauClusterRole clusterawareupdating cmdlet
Export-CauReport clusterawareupdating Cmdlet Get-CauClusterRole
clusterawareupdating Cmdlet Get-CauPlugin clusterawareupdating Cmdlet Get-
CauReport clusterawareupdating Cmdlet Get-CauRun clusterawareupdating Cmdlet
Invoke-CauRun clusterawareupdating cmdlet Invoke-CauScan clusterawareupdating
cmdlet Register-CauPlugin clusterawareupdating cmdlet Remove-CauClusterRole
clusterawareupdating cmdlet Save-CauDebugTrace clusterawareupdating Cmdlet Set-
CauClusterRole clusterawareupdating Cmdlet Stop-CauRun clusterawareupdating
Cmdlet Test-CauSetup clusterawareupdating Cmdlet Unregister-CauPlugin
clusterawareupdating]
Let's do that as an example. If I do test-causetup, we do -clustername and the name

of my cluster is clusterexample.corp.brocadero.com, and what this is evaluating
is it is looking at each of the cluster nodes to see if it meets the minimum requirements.
Important things it evaluates includes like, you know, the operating system, whether or not the
cluster service is running, but other important things like remote administration, remote
management, firewall rules, all of the things required by Cluster-Aware Updating.
Now you can see it did a series of 11 tests. If I scroll up, we can have a look at some of these
making sure the cluster is available, making sure that remote management is actually enabled
on the cluster nodes, PowerShell remoting is enabled on the cluster nodes, making sure they
run Windows Server 2012 and .NET Framework is installed, the service is running. Here is one
that I think is interesting and important and that is the automatic updates are configured, but
not configured to automatically install.
[The Administrator: Windows PowerShell command window is open. The instructor executes
the test-causetup -clustername clusterexample.corp.brocadero.com command. The output of
the command is displayed as follows: RuleId : 1 Title : The failover cluster must be available
State : Started Severity : Info FailedMachines : {} PercentComplete : 1 RuleId : 1 Title :
The failover cluster must be available State : Succeeded Severity : Info FailedMachines : {}
PercentComplete : 5 RuleId : 2 Title : The failover cluster nodes must be enabled for remote
management WMIv2 State : Started Severity : Info FailedMachines : {} PercentComplete : 6
RuleId : 2 Title : The failover cluster nodes must be enabled for remote management WMIv2
State : Succeeded Severity : Info FailedMachines : {} PercentComplete : 11 RuleId : 3
Title : Windows PowerShell remoting should be enabled on each failover cluster node State :
Started Severity : Info FailedMachines : {} PercentComplete : 12 RuleId : 3 Title : Windows
PowerShell remoting should be enabled on each failover cluster node State : Succeeded
Severity : Info FailedMachines : {} PercentComplete : 16 RuleId : 4 Title : The failover
cluster must be running Windows Server 2012 State : Started Severity : Info FailedMachines
: {} PercentComplete : 17 RuleId : 4 Title : The failover cluster must be running Windows
Server 2012 State : Succeeded Severity : Info FailedMachines : {} PercentComplete : 21
RuleId : 5 Title : The required versions of .NET Framework and Windows PowerShell must be
installed on all failover cluster nodes State : Started Severity : Info FailedMachines : {}
PercentComplete : 22 RuleId : 5 Title : The required versions of .NET Framework and
Windows PowerShell must be installed on all failover cluster nodes State : Succeeded
Severity : Info FailedMachines : {} PercentComplete : 45 RuleId : 6 Title : The Cluster
service should be running on all cluster nodes State : Started Severity : Info FailedMachines
: {} PercentComplete : 46 RuleId : 6 Title : The Cluster service should be running on all
cluster nodes State : Succeeded Severity : Info FailedMachines : {} PercentComplete : 55
RuleId : 7 Title : Automatic Updates must not be configured to automatically install updates
on any failover cluster node State : Started Severity : Info FailedMachines : {}
PercentComplete : 56 RuleId : 7 Title : Automatic Updates must not be configured to
automatically install updates on any failover cluster node State : Succeeded Severity : Info
FailedMachines : {} PercentComplete : 64 RuleId : 8 Title : The failover cluster nodes should
use the same update source State : Started Severity : Info FailedMachines : {}
PercentComplete : 65 RuleId : 8 Title : The failover cluster nodes should use the same
update source State : Succeeded Severity : Info FailedMachines : {} PercentComplete : 73
RuleId : 9 Title : A firewall rule that allows remote shutdown should node in the failover cluster
State : Started Severity : Info FailedMachines : {} PercentComplete : 74 RuleId : 9 Title : A
firewall rule that allows remote shutdown should node in the failover cluster State :
Succeeded Severity : Info FailedMachines : {} PercentComplete : 82 RuleId : 10 Title : The
machine proxy on each failover cluster node local proxy server State : Started Severity : Info
FailedMachines : {} PercentComplete : 83 RuleId : 10 Title : The machine proxy on each
failover cluster node local proxy server State : Failed Severity : Warning FailedMachines :
{CLUST-NODE1, CLUST-NODE2, CLUST-NODE3} PercentComplete : 91 RuleId : 11 Title :
The CAU clustered role should be installed on the enable self-updating mode State : Started
Severity : Info FailedMachines : {} PercentComplete : 92 RuleId : 11 Title : The CAU
clustered role should be installed on the enable self-updating mode State : Failed Severity :
Warning FailedMachines : {clusterexample.corp.brocadero.com} PercentComplete : 100
ModelId : Microsoft/Windows/ClusterAwareUpdating SubModelId : Success : True
ScanTime : 3/24/2014 9:33:54 AM ScanTimeUtcoffset : -07:00:00 Detail : {WSUS, WSUS}]
So here we want to make sure that Cluster-Aware Updating doesn't conflict with another
update solution. So you can use WSUS but it must not be configured for automatic install. So
as an example here is my Group Policy that I configured for WSUS and this is actually pointing
at my different cluster nodes and so they are configured to pull our updates from WSUS. But
very importantly here, I don't have it configured for automatic install.
That would be option number four here, Auto download and schedule the install, you don't
want to use that option if you are using Cluster-Aware Updating. Instead the cluster node
should be configured with Auto download and notify for install, unless we can see with that
best practice analyzer, who checks that for us. This is a good thing to run. Now it looks at
some other tests as well like the firewall rules, all of these are important minimum
requirements.
[The Administrator: Windows PowerShell command window is open. The instructor navigates
to the Group Policy Management Editor window. This window includes the WSUS
[DC1.CORP.BORCADERO.COM] Policy node. This node includes the Computer Configuration
node. The Computer Configuration node further includes the Policies node. The view pane
includes different settings, which have a State defined for each of them. The Configure
Automatic Updates setting is already selected. The instructor double-clicks the Configure
Automatic Updates setting and the Configure Automatic Updates window is displayed. The
window includes the Options and Help sections. The Options section includes Configure
automatic updating, Scheduled install day, and Scheduled install time drop-down lists. The
Configure automatic updating drop-down list includes the following options: 2 – Notify for
download and notify for install, 3 – Auto download and notify for install, 4 – Auto download and
schedule the install, 5 – Allow local admin to choose setting. The 3 – Auto download and notify
for install option is already selected. The instructor clicks Cancel and the Group Policy
Management Editor window is displayed. Then the instructor minimizes the Group Policy
Management Editor window and navigates to the Select Administrator: Windows PowerShell
command window.]
Alright. Let's actually go into the actual failover or the Cluster-Aware Updating tool from failover
clustering. So we will go here to Tools - Cluster-Aware Updating, we will launch this tool.
And if I wanted to use the GUI then to run that best practice analyzer, I can do that as well.
And that is the ability to come in here and have a look at Analyze cluster updating
readiness. To do any of these actions, I need to first off connect to my cluster. So we will do
CLUSTEREXAMPLE and we will choose Connect. There are my three nodes and then here is
where I can run that best practice analyzer.
[The Administrator: Windows PowerShell command window is open. The instructor closes the
PowerShell command window and navigates to the Add Roles and Features Wizard. Then the
instructor closes this wizard and navigates to Server Manager. Dashboard of Server Manager
page is displayed and it includes Manage, Tools, and Views options. The instructor clicks
Manage and the following options are displayed: Add Roles and Features, Remove Roles and
Features, Add Servers, Create Server Group, and Server Manager Properties. From the Tools
menu, the instructor selects Cluster-Aware Updating option and the Cluster-Aware Updating
window is displayed. This window includes Connect to a failover cluster text field, which is
empty. It also includes Cluster nodes and Cluster Actions section. The Cluster Action section
includes the following links: Apply updates to this cluster, Preview updates for this cluster,
Create or modify Updating Run Profile, Generate report on past Updating Runs, Configure
cluster self-updating options, and Analyze cluster updating readiness. The instructor enters
CLUSTEREXAMPLE in the Connect to a failover cluster text field and clicks Connect. As a
result, the CLUST-NODE1, CLUST-NODE2, and CLUST-NODE3 nodes get added in the
Cluster nodes section.]
Now the next thing I want to do is run a remote update and that simply means initiating an
update run by running this first action Apply updates to this cluster. What you might want to
do before you do this is actually preview the update so you can see what updates are needed.
Here it shows me a list of the actual parameters I can define. So there are a lot of options that I
can, kind of, include around this Updating Run, things like whether or not it
RequireAllNodesOnline. So if I have a really large cluster like a 64-node cluster and some of
them are disabled or not running and I still want to patch them, then I can turn this on or off. I
have the ability to indicate the NodeOrder, so I can say I want cluster node2 to actually be
updated first, I could put its name in here and delimit the list with commas. And then I can
include different scripts here. And one of the things about Cluster-Aware Updating is it not only
supports Windows updates but it also supports hotfixes. So if I have a hotfix that I want to
actually define, then I can also include the HotfixPlugin. And with the HotfixPlugin what it can
do is it can retrieve a hotfix from a particular folder location from a shared folder and install that
hotfix as well. And with the right configuration file, it can also include hotfixes for firmware
updates and other third-party sources. We will click Next to this.
[The ClusterExample – Cluster-Aware Updating window is open. This window includes

Connect to a failover cluster text field in which is CLUSTEREXAMPLE is already entered. It
also includes Cluster nodes and Cluster Actions sections. From the Cluster Actions section,
the instructor clicks Apply updates to this cluster option and the ClusterExample – Cluster-
Aware Updating Wizard window is displayed. This window includes the Getting Started,
Advanced Options, Confirmation, and Completion sections. The Getting Started option is
already selected. The instructor clicks Next and the Advanced Options page of the wizard is
displayed. This page includes the following text fields: StopAfter, WarnAfter,
MaxRetiresPerNode, MaxFailedNodes, NodeOrder, RebootTimeoutMinutes, PreUpdateScript,
PostUpdateScript, ConfigurationName, and CauPluginArguments. It also includes the
RequireAllNodesOnline option and CauPluginName drop-down list. The CauPluginName drop-
down list includes the Microsoft.WindowsUpdatePlugin and Microsoft.HotfixPlugin options. The
Microsoft.WindowsUpdatePlugin option is already selected. The instructor clicks Next, which
displays the next page of the wizard.]
Here is where I can choose Give me recommended updates the same way that I receive
important updates. So you can put a checkmark there, you can click Next to this and here
are my final parameters in terms of what updates it is going to run. You can see here is the
actual PowerShell cmdlet that it is going to execute for me. We will click Update and away it
goes. We will come back when this is finished and have a look at it.
Alright. So I just performed a remote-updating run and that demonstrated how you can initiate
an update from another machine as the update coordinator. You can also configure your
clusters for self-updating from in here and that means configuring the cluster self-updating
options, so let's do that now.
So I am going to bring up another wizard and click Next to this, and this is the difference
between remote-updating and self-updating. In this case, I am going to actually add Cluster-
Aware Updating as a clustered role. So the role itself becomes highly available, it is on the
cluster and it is responsible for keeping that cluster up to date.
[The Additional Options page of the ClusterExample – Cluster-Aware Updating Wizard window
is open. This page includes Privacy statement link and Give me recommended updates the
same way that I receive important updates option. Then the instructor selects the Give me
recommended updates the same way that I receive important updates option and clicks Next.
As a result, the next page of the wizard is displayed, which includes different parameters. On
this page, the instructor clicks Update and the Confirming status of previous Updating Run
page of the wizard is displayed. Then the instructor clicks the Configure cluster self-updating
options option and the ClusterExample – Configure Self-Updating Options Wizard page is
displayed. This page includes the Getting Started, Add Clustered Role, Self-updating
schedule, Advanced Options, Confirmation, and Completion options. The Getting Started
option is already selected. On this page of the wizard, the instructor clicks Next and the Add
Clustered Role page is displayed. This page includes Add the CAU clustered role, with self-
updating mode enabled, to this cluster and I have a prestaged computer object for the CAU
clustered role options. The instructor selects the Add the CAU clustered role, with self-updating
mode enabled, to this cluster option.]
Now in order for this to work, I actually need to have a computer object for the Cluster-Aware
Updating role just like you have a computer object for other highly available services on that
cluster. So I have already prestaged a computer object for that CAU clustered role. Let me
show you what I did. Go to Administrative Tools here, we will open up Active Directory Users
and Computers and I have got an organizational unit, or OU, dedicated to my cluster nodes.
So here are my three nodes. This here is the actual computer object for the cluster itself and
then here is the prestaged computer object for the Cluster-Aware Updating role, Cluster-CAU.
Now in order for this to work properly, not only do I need to prestage this and you don't actually
have to prestage it, the wizard will automatically create this computer object for you, it is just a
bit of a random name. But if you prestage it, you also need to make sure that you have
permissions granted to this CLUSTEREXAMPLE, whatever the name of your cluster is to the
actual cluster object. It needs to have permission to be able to work with this prestage object.
So I have also granted it the permission to this OU.
[The Add Clustered Role page of the ClusterExample – Configure Self-Updating Options
Wizard is open. This page includes Add the CAU clustered role, with self-updating mode
enabled, to this cluster and I have a prestaged computer object for the CAU clustered role
options. The Add the CAU clustered role, with self-updating mode enabled, to this cluster
option is already selected. The instructor selects the I have a prestaged computer object for
the CAU clustered role option. Then the instructor navigates to the Administrative Tools. On
the Administrative Tools page, the instructor selects Active Directory Users and Computers
and the Active Directory Users and Computers window is displayed. This window includes the
corp.brocadero.com node, which further includes the following nodes: Builtin, ClusterExample,
Computers, Domain Controllers, FileServers, ForeingSecurityPrinciple, LostAndFound,
Managed Services, People, Program Data, System, Users, and Workstations. The
ClusterExample node is already selected and the following cluster names are displayed in the
view pane each having a Type and Description: CLUST-NODE1, CLUST-NODE2, CLUST-
NODE3, Cluster-CAU, CLUSTEREXAMPLE,and myapp.]
So next thing I am going to do is put in the name of the actual prestaged computer object right
there, which is cluster-cau here we go, click Next. Then the Frequency of self-updating,
this allows me define the schedule. So what Day of the week, when do I want it to occur, so
this is the third Tuesday, late in evening, of course, this is going to depend on your needs. We
will just leave it as the default here.
Now I get to define my Updating Run options. So I have got very similar options that we saw
when we did the remote Updating Run. I can define those here. I can elect to include
recommended updates, we will click Next to that. Here is a summary of my choices and then
we will click Apply.
[The Administrative Tools window is open. The instructor minimizes the Administrative Tools
window and navigates to the Add Clustered Role page of the ClusterExample – Configure Self-
Updating Options Wizard. This page includes Add the CAU clustered role, with self-updating
mode enabled, to this cluster and I have a prestaged computer object for the CAU clustered
role options, which are selected. It also includes Name of prestaged computer object text field.
The instructor enters cluster-cau in the Name of prestaged computer object text field and clicks
Next. As a result, the Self-Updating schedule page of the wizard is displayed. This page
includes Daily, Weekly, and Monthly options. It also includes Starting, Time of day, Day of the
week, Occurrence of the day in the month drop-down options. In the Starting drop-down list,
3/24/2014 is already selected. In the Time of day drop-down list, 3:00 AM is already selected.
Tuesday and Third are already selected in the Day of the week and Occurrence of the day in
the month drop-down lists. Then the instructor clicks Next and the Advanced Options page of
the wizard is displayed. On this page, the instructor clicks Next and the Additional Options
page of the wizard is displayed. This page includes a Privacy statement link and Give me
recommended updates the same way that I receive important updates option. The instructor
selects the Give me recommended updates the same way that I receive important updates
option and clicks Next. As a result, the Confirmation page of the wizard is displayed. On this
page, the instructor clicks Apply.]
Now I have enabled self-updating. And so what this is going to do is finish the actual
configuration and as I approve updates in WSUS, they become available to the Cluster-Aware
Updating role running in my cluster. When that third Tuesday comes along, those updates will
be installed onto each one of these cluster nodes in that coordinated fashion where we will
bring down one node from the cluster after draining its roles to ensure it is not interrupting
service, update that node, reboot it if necessary, failback any actual roles that it had that it
needs to resume, and then move onto the next node. All of that is configured for me, managed
for me by Cluster-Aware Updating.
[The Completion page of the ClusterExample – Configure Self-Updating Options Wizard is

open. On this page, the instructor clicks Close and the CLUSTEREXAMPLE – Cluster-Aware
Updating page is displayed. This page includes Connect to a failover cluster text field in which
is CLUSTEREXAMPLE is already entered. It also includes Cluster nodes and Cluster Actions
sections. The Cluster Actions section includes the following links: Apply updates to this cluster,
Preview updates for this cluster, Create or modify Updating Run Profile, Generate report on
past Updating Runs, Configure cluster self-updating options, and Analyze cluster updating
readiness. The Cluster nodes section includes CLUST-NODE1, CLUST-NODE2, and CLUST-
NODE3 nodes under the Node name for which the Last Run status is Succeeded and the Last
Run time is 3/24/2014 9:41 AM. It also includes Last Cluster Update Summary and Log of
Updates in Progress tabs. The Last Cluster Update Summary tab is already selected and the
Last Cluster Update Summary tabbed page is displayed.]
Now the next thing I want to look at is how to install hotfixes using Cluster-Aware Updating.
Now the first thing you need to do is make sure that you meet the minimum requirements and
that is to have the proper folder structure, which I have defined here. I have got a folder called
Hotfix with Root and then in this folder, I have one for all the nodes - CAUHotfix_All. And then
if I want to deliver hotfixes to individual nodes, then I have got folders for each one of my
nodes. Very important is to have a DefaultHotfixConfig.xml file and this specifies the rules for
installing the hotfixes. By default it installs Microsoft Installer, or MSI, files for me, but it can be
configured to support other types of files and other vendor's hotfixes as well.
[The CLUSTEREXAMPLE – Cluster-Aware Updating wizard is open. The instructor navigates

to the Root folder in the U drive. This folder includes the CAUHotfix_All, Clust-Node1, Clust-
Node2, and Clust-Node3 sub folders and DefaultHotfixConfig.xml file. Then the instructor right-
clicks the DefaultHotfixConfig.xml file and selects Edit. As a result, the DefaultHotfixConfig.xml
– Notepad is displayed.]
Now that I have got those things in place, the next thing I want to do is come into the Cluster-
Aware Updating tool and configure it for hotfixes. So I choose Configure cluster self-
updating options and I am just going to, kind of, drill pass some of these things that we
looked at earlier. But on the Advanced Options, I am going to change my plug-in from the
Microsoft.WindowsUpdatePlugin to the HotfixPlugin. Now here I want specific arguments
and these are required, but the easy way to do this in the GUI is to just indicate under
Additional Options those parameters. So like I have a field here for Hotfix root folder path, so
I do \\wsus and then put in the name of my share, and then root. And so it is looking for
that DefaultHotfixConfig.xml file. Here is where I can enable or disable server message block,
or SMB encryption and whether or not it does its Access Control List, or ACL check for the
appropriate permissions, yes or no.
[The CLUSTEREXAMPLE – Cluster-Aware Updating wizard is open. It includes Connect to a
failover cluster text field in which is CLUSTEREXAMPLE is already entered. It also includes
Cluster nodes and Cluster Actions sections. The Cluster Actions section includes the following
links: Apply updates to this cluster, Preview updates for this cluster, Create or modify Updating
Run Profile, Generate report on past Updating Runs, Configure cluster self-updating options,
and Analyze cluster updating readiness. The instructor clicks Configure cluster self-updating
options option and the CLUSTEREXAMPLE - Configure Self-Updating Options Wizard is
displayed. This wizard includes the Getting Started, Enable self-updating mode, Self-Updating
schedule, Advanced Options, Confirmation, and Completion options. The Getting Started
option is already selected. The instructor clicks Next and the Self-Updating schedule page of
the wizard is displayed. On this page, the instructor clicks Next and the Advanced Options
page of the wizard is displayed. This page includes the following text fields: StopAfter,
WarnAfter, MaxRetiresPerNode, MaxFailedNodes, NodeOrder, RebootTimeoutMinutes,
PreUpdateScript, PostUpdateScript, ConfigurationName, and CauPluginArguments. It also
includes the RequireAllNodesOnline option and CauPluginName drop-down list. The
CauPluginName drop-down list includes the Microsoft.WindowsUpdatePlugin and
Microsoft.HotfixPlugin options. The Microsoft.WindowsUpdatePlugin option is already selected.
The instructor selects the Microsoft.HotfixPlugin option and clicks Next. As a result, Additional
Options page of the wizard is displayed. This page includes Hotfix root folder path and Hotfix
configuration file path text fields. It also includes Require SMB Encryption in accessing the
hotfix root folder and Disable check for administrator access to the hotfix root folder and
configuration file options. Then the instructor enters \\wsus\hotfix\root in the Hotfix root folder
path text field and as a result, the Hotfix configuration file path text field automatically gets
populated with \\wsus\hotfix\root\DefaultHotfixConfig.xml.]
Now if I hit Previous and go back, after filling in those additional options, you can see that the
plugin arguments are all filled out for me as well. And then I could carry forward and this would
be now added to my self-updating options. Now I am going to click Cancel to this here
because it is a good idea to preview your updates. And so we can do a preview of our hotfixes
so we know exactly which hotfixes are going to be deployed ahead of time. So we can choose
Preview updates for this cluster, once again we want to choose a HotfixPlugin and then we
need to specify the Plug-in arguments.
Now if I hit Generate Update Preview List, it is going to throw an error at me saying it really
needs that path. So I will go ahead and do that, hotfixrootfolderpath and then I need
to put in that location once again. Now there are other actual arguments that might be required
like if I am using a Distributed File System, or DFS, namespace to store my hotfixes in, then it
is required that I actually turn off that ACL check. So we will do disableaclchecks and
we will type in true. And so after I have the appropriate arguments in here, then I can fire off
Generate Update Preview List and now I can see the different hotfixes that are going to be
deployed.
[The Additional Options page of the CLUSTEREXAMPLE – Cluster-Aware Updating wizard is

open. On this page, the instructor clicks Previous. As a result, the Advanced Options page of
the wizard is displayed. This page includes the following text fields: StopAfter, WarnAfter,
MaxRetiresPerNode, MaxFailedNodes, NodeOrder, RebootTimeoutMinutes, PreUpdateScript,
PostUpdateScript, ConfigurationName, and CauPluginArguments. It also includes the
RequireAllNodesOnline option and CauPluginName drop-down list. The CauPluginName drop-
down list includes the Microsoft.WindowsUpdatePlugin and Microsoft.HotfixPlugin options. The
Microsoft.HotfixPlugin option is already selected in the CauPlugin Name drop-down list. On
this page, the instructor clicks Cancel and the Confirm Canceling Wizard dialog box is
displayed. On this dialog box, the instructor clicks Yes and the ClusterExample – Cluster-
Aware Updating window is displayed. This window includes Connect to a failover cluster text
field in which is CLUSTEREXAMPLE is already entered. It also includes Cluster nodes and
Cluster Actions sections. The Cluster Actions section includes the following links: Apply
updates to this cluster, Preview updates for this cluster, Create or modify Updating Run Profile,
Generate report on past Updating Runs, Configure cluster self-updating options, and Analyze
cluster updating readiness. The instructor clicks Preview updates for this cluster link and the
ClusterExample – Preview Updates window is displayed. This window includes Select Plug-in
drop-down list and Plug-in arguments text field. The Select Plug-in drop-down list includes
Microsoft.WindowsUpdatePlugin and Microsoft.HotfixPlugin options. The
Microsoft.WindowsUpdatePlugin option is already selected. The instructor selects the
Microsoft.HotfixPlugin option and clicks Generate Update Preview List. As result, the
ClusterExample – Preview Warnings and Errors window is displayed. Then the instructor
closes this window and enters hotfixrootfolderpath = \\wsus\hotfix\root; disableaclchecks = true
in the Plug-in arguments text field. Next the instructor clicks Generate Update Preview List and
different hotfixes are displayed in the table below the Plug-in arguments text field.]
Windows Server 2012 R2 Multisite Failover
Clusters
Learning Objective
◾ identify the principles of multisite failover clusters in Windows Server 2012 R2
1. Planning a multisite failover cluster

Now when you consider the single point of failure in your network, you can't help but recognize
that the physical location of your datacenter itself, well that is also a single point of failure.
What are you going to do when you have a natural disaster, a fire, a flood, a power outage?
Well that is where you need to design a disaster recovery solution that also considers the
physical location. Multisite clusters might be required to fully address your high availability
needs.
Now keep in mind it might only be a part of your actual larger disaster recovery solution, but it
can be a very important part. Now multisite cluster is also called as stretched cluster. That is
because the nodes are distributed between the different physical locations and this is going to
provide some protection against site loss.
So when you have that power outage, you have another location where that application
resides. Now multisite cluster can be configured for automatic failover or manual failover and
at the very least, it is going to aid the administrator in disaster recovery. And that is because
the application and application data has been synchronized to this disaster recovery site. So
the administrator isn't having to go and perform a restore from backup to re-create the
application. And some administrators call this a hot site or a warm site scenario. So multisite
clustering is an important feature in providing disaster recovery.
[There are two sites: Site1 and Site2. Both the sites consist of a network in which three servers
are connected to a single database.]
Multisite clusters have some unique characteristics over single site clusters, for instance, no
shared storage. That is, we are not sharing storage among the nodes stretched out across the
different sites. That means accessing all of that storage over network connections and that is
not going to perform well. So as an alternative, each one of these nodes is going to access
their own storage, but then we need to have an underlying site-to-site replication for those
storage locations. This is something that failover clustering doesn't provide. So you will need to
shop around and look for a data replication solution, and one that either performs synchronous
replication or asynchronous replication.
And we will talk more about the differences between those. Now factors that can affect the
replication include network latency. So you need to also evaluate the link between those sites.
If you are going to have your different sites in different subnets, then you need to make sure
that DNS gets up to date. So if you have a failover, then you want to shorten those Time to
Live, or TTLs, so that you don't have a lingering cache value that mispoints clients to the old
site. You are going to want them to be a referenced to the new location, so making sure that
those IP addresses are updated on those failed over nodes, making sure that the DNS
information is updated is going to be important.
And finally, let me mention the Global Update Manager. Now the Global Update Manager is
actually what controls the updating of the cluster database. And it is called the Global Update
Manager because it is responsible for making sure all of the nodes have a consistent view of
the cluster. Now when changes occur, there is a value configured there where each of the
nodes waits for the other nodes to respond before committing that transaction and moving onto
the next transaction. Now in a multisite cluster configuration, I can really slow down the
cluster's performance because we are waiting for a remote node to respond. So you can
actually configure the Global Update Manager for a multisite configuration to support a majority
vote. In other words, as long as a majority of the nodes respond, then we can proceed with the
actual committing of that operation and performing additional operations. And that improves
the performance of the overall cluster.
[There are two sites: Site1 and Site2. Both the sites consist of a network in which three servers
are connected to a single database.]
Now when you are evaluating the data replication solution between your different sites, you
need to consider synchronous versus asynchronous. Now when do you use synchronous or
when do you use asynchronous? Well here are some of the key factors.
Synchronous replication means as a change occurs, we want that to immediately be replicated

to the other storage location and be acknowledged. We are not going to commit another
change to the database until that first change becomes acknowledged. So we want to maintain
a consistent view and the integrity of the database is highly important. Now the value to that is,
well we have got a synchronized database on both sides. The disadvantage to that is the
entire cluster will have to slow down. And if it is affected by network latency or there are delays
in those acknowledgements, it is going to slow down the entire cluster.
While asynchronous replication can be very useful when we have network latency concerns or
a network connection that is not as responsive or may be even further away, we have network
links that have a longer distance. With asynchronous we are sending our changes to the other
database, but we are doing this in batches and we are not waiting for acknowledgements. So
that can be very useful when you want to actually create a multisite cluster that is better
performing than one that is dependent on a synchronous configuration.
Now a lot depends…when I say better performing, a lot depends on other environmental
conditions, the networking states, and, of course, the product that you are using itself. But then
generally speaking an asynchronous option is going to give you a better performing multisite
cluster. The downside to an asynchronous option is the fact that there is going to be a potential
difference. So let's say a change is written to the primary site's database and that gets
replicated over. And then there is something that goes wrong with the network and more
changes are occurring against the primary site while we have a power outage that is
introduced; and so there might be some changes that were initially put forward that are not
completed across both sites. And so there might be an issue in terms of the consistency of the
database when we are using asynchronous replication.
[There are two sites: Site 1 and Site 2. Site 1 consists of a server and a database. The server
writes a request to the database, which then completes the request and sends it back to the
server. Site 2 consists of a server and a database. The Site 2 database is a replication of the
Site 1 database and it is connected to a server.]
Now when designing your multisite cluster and implementing your cluster, there are some
specific networking concerns I want to raise. First of all, you want to make sure that the
network connection between the two sites is reliable and that it is low latency. The reason that
is important is because of heartbeat traffic. If you have a series of five heartbeats that get
missed, then what happens is the nodes initiate a failover. If those heartbeats are being
missed because of network latency, then you are going to have a false failover. Now to avoid
that, there are two things you can do. Number one, invest in a low latency reliable site-to-site
connection. Number two, you can tune those heartbeat settings within the cluster. For
instance, instead of waiting for heartbeats to occur once every second, you can actually up
that to two seconds; or if they are on different subnets, you can go up to three or four seconds.
The other thing you can configure with heartbeats is that threshold. You can go from five
missed heartbeats upwards to ten missed heartbeats.
Now I have already mentioned that the network you configure needs to also support a storage
replication solution. So that might mean having a separate network just for storage replication.
And whatever solution you provide here, multisite clusters and failover clustering, and
Microsoft doesn't actually address this. So you will need a solution that is high speed and
supports open files.
Another important networking consideration here is all the sites need to have access to those
supporting infrastructure services, the main services, DHCP servers, DNS servers, et cetera,
et cetera. And finally, you want to make sure client connections are redirected properly and in
a timely fashion. And the best way to do that is test your cluster.
[There are two sites: Site 1 and Site 2. Both the sites consist of a network with three servers
each, which are interconnected. The Site 1 and Site 2 are also connected.]
2. Multisite cluster quorum planning

Multisite clusters have some unique quorum configurations. You should consider Node
Majority or Node Majority with file share. You don't want to use the disk as a witness quorum
mode, whether it is a Node and Disk Majority or Disk Only. The only time you use those is if
the vendor specifically requires it. Now with multisite clusters when you are configuring the file
share mode, that file share really should be in the third location.
Now think about this with me for a moment. If the file share witness is also in the same location
as one of my multisite cluster, then what happens if there is a power outage or networking
failure at that location? The surviving nodes are going to detect "Hey, I can't get to the file
share witness nor can I get to those nodes. I must be the one with the problem." And so then
you have the location with the actual problem and the location thinking it has a problem, and
both of them not providing clustered services any longer. So to avoid that, create a third party,
a third location where both sites can mutually access that file share. So if there is a networking
problem, then the surviving site can still see that file share witness. And of course, we all need
to be able to link to that directly; one location for that file share witness.
[There are three sites: Site 1, Site 2, and Site 3. All the three sites consist of a network with
three servers each, which are interconnected. All the three sites are also connected.]
Windows Server 2012 introduces some enhancements to the way it works with quorum. For
instance, it has a feature called Dynamic Quorum. And with Dynamic Quorum when a node
crashes, it also loses its vote. So the actual number of voters changes based on the number of
nodes. So if that node rejoins the cluster, it regains its vote all dynamically. And the reason this
is important is the cluster can maintain availability during sequential node failures. Now in 2012
R2, this feature was enhanced with dynamic witness and with Tiebreaker. With dynamic
witness, the cluster decides whether or not it actually needs the witness as a vote. So if it has
an odd number of nodes and it has the file share witness out there and it doesn't need the file
share witness, it will remove its vote.
Now dynamic witness works in conjunction with another feature in R2 called Tiebreaker. It is
Tiebreaker's job to maintain an odd number of voters. For example, let's say you have a four-
node cluster, it is a multisite cluster stretched across two sites so you have two nodes in each
one of the sites and you have a file share. So the cluster configuration, the quorum
configuration would say you have five votes; now the file share witness fails. Now because the
cluster is using dynamic witness, the cluster automatically removes that witness vote. The
cluster now has a total of four votes. Now to maintain an odd number of votes, so we can
maintain a majority and a quorum, the cluster randomly picks a node to remove its quorum
vote from one of the sites. So now you have got one site with two nodes that are voters;
another site with two nodes, but only one is a voter.
Then you have an actual network issue, a disruption that occurs, a disaster that affects
communication. So that site that only has one voter, it is going to partition itself off and no
longer provide clustering services to avoid split-brain, remember. And so the nodes that are
surviving, the two that have a vote, well that particular site will continue to run. So that is an
example of how these features work together.
[There are two sites: Site1 and Site2. Both the sites consist of three servers which are
connected to a single database. The Site1 and Site2 are connected to each other as a failover
cluster. The Site 2 database is a replication of the Site 1 database.]
Planning NLB on Windows Server 2012 R2
Learning Objective
◾ identify considerations of planning an NLB cluster in a given scenario
1. NLB overview
One of the important needs that an organization has when it comes to web applications and
other IP-based applications is the scalability and high availability that is required to meet the
expectations of their customers or the expectations of the service-level agreement. Now one of
the ways you can accomplish this is with Microsoft's Network Load Balancing, or NLB. Now
keep in mind, most organizations use a hardware solution to provide load balancing, but that
requires an additional hardware investment.
For smaller implementations, you can use Microsoft's Network Load Balancing without
incurring some of those hardware cost. Now when it comes to Network Load Balancing with
Microsoft, what we are talking about here is the distribution of IP traffic across multiple servers.
The way that is accomplished is that these multiple servers are represented with a single IP
address, that is the cluster IP address.
As clients send a request to that cluster IP address, each one of the nodes knows whose job it
is to respond to that individual client, and that is because they run an algorithm. The translation
to this, the functionality it provides is high availability for TCP/IP applications. What is also nice
about Microsoft's Network Load Balancing is you can add and remove nodes, and that means
you have got increased scalability. So as the demand goes up, adding additional nodes
improves the actual performance of your overall cluster.
[Four servers with IP addresses x.x.x.1, x.x.x.2, x.x.x.3, and x.x.x.4 are displayed. All the four
servers are connected to a server with IP address x.x.x.100.]
So what are some typical Network Load Balancing implementations? Well let's take a web
server as an example. Let's say you have got a web server…has web pages, of course, and
you want to improve its performance and its availability. So one of the ways you can do that is
duplicate that server's content across other web servers. So now you have two, three, eight
web servers, all with the same web pages. Then you group these servers together, make them
a member of an NLB cluster.
As client requests come in, they send their request to the group IP address, that NLB IP
address and any one of those web servers can respond to those client requests because they
all have the same content.
Now other good examples include online responders for certificate servers, FTP servers
because again they can have the same content, System Center Management servers, and
access servers. Access servers like the front-end Exchange servers or VPN servers are
DirectAccess servers; and that is because if you have a group of VPN servers, well, they are
providing all the same functionality, they can be represented by a single IP address. A client
comes into that VPN or that IP address and then one of those VPN servers can step up and
provide the actual access that that customer needs. So here are some good examples of
applications that work well in an NLB cluster.
servers are connected to a server with IP address x.x.x.100.]
2. NLB network and storage planning

There are two methods that control how incoming requests are processed by members of an
NLB cluster. There is unicast mode and multicast mode. Now with the unicast mode, each
node loses its individual Media Access Control, or MAC, address and is instead assigned a
single, shared MAC address. Now this facilitates NLB cluster communications to clients, but it
creates another problem and that is communication between each member of the cluster. So
whenever you have peer-to-peer communications, because they don't have an individual MAC
address, it is going to fail. So this is why with unicast mode, it is recommended to have a
second adapter. This is also why if the cluster members are in a virtual machine, you need to
enable MAC spoofing, that way NLB can actually overwrite the MAC address assigned to the
virtual machines.
Now multicast mode is different. In multicast mode, NLB doesn't overwrite everyone's MAC
address. Instead each member of the cluster gets a multicast MAC address; that is, it gets a
group address at that physical level. This way incoming requests are not sent to a single
shared MAC, but sent to the multicast address. Communication between the cluster members
are not affected because they each retain their own unique MAC address. This is why
multicast mode is the best option if you have single-homed machines.
Now I need to make an important point here and that is both of these methods can lead to
switch flooding. That is, if the cluster is connected to a switch, incoming packets are sent to all
the ports on the switch, which can cause switch flooding. So with multicast mode, you can
address this issue by configuring the switches to support the multicast address on specific
ports and configuring static Address Resolution Protocol, or ARP, entries.
Now this configuration could be simplified even further if you use a third mode and that is
Internet Group Management Protocol, or IGMP, with multicasting. But even with IGMP
multicasting, you still might have some compatibility issue with upstream routers. You might
have some upstream routers who balk at the idea of a single IP address being resolved to a
multicast MAC address. In that case, you might need to upgrade your router.
Port rules are another important configuration in NLB. With port rules, you control load
balancing behavior. Now you might be wondering what can I create a port rule for? I am glad
you asked. You can create port rules for variety of purposes. Let's say you want to create
different port rules for the different web sites that you have in your cluster or may be you want
to create a rule for load balancing VPN traffic, say a rule for traffic that is destined for User
Datagram Protocol, or UDP, port 500 if you are using Internet Protocol Security, or IPSec. Or
maybe you want to redirect all client requests to a specific host as a kind of exception to the
load balancing thing or maybe you want to block certain kinds of traffic; well you can create a
port rule that does that as well. So as you can see, you can create port rules that handle all
different kinds of actions within NLB cluster.
Now when you create a port rule, there are several properties you need to define. These
should reflect what the application needs. So for example, it is a good idea to avoid port rules
that mix UDP and TCP protocols. It is also a good idea to define affinity for those session-
minded applications and we will talk more about affinity coming up. Another property you will
configure in your port rule are the filtering modes. Now filtering modes specify which members
in the cluster can handle traffic for a given rule. So for instance, the multiple host option allows
any member to step up and answer a request for that traffic, while a single host option
indicates you only want one member to handle that particular kind of traffic. So for example,
Microsoft recommends single-host filtering when you are undertaking maintenance.
Now when you create a port rule, you also need to specify the affinity mode. Affinity modes
might be necessary to fully support your application that is running in your cluster. So let's take
a moment and talk about these affinity modes. Now the None affinity means just that. It tells
NLB no affinity is required; an inbound traffic can be handled by any member of your cluster.
The None affinity mode gives you that greatest degree of scalability on load balancing. But as
a general rule of thumb, you don't want to use the None affinity mode with UDP-based port
rules.
The next affinity mode is Single. Now Single affinity provides support for those session-minded
applications. For example, some web sites maintain session information in cookies and if that
is the case, you may not want a client-subsequent request being sent to any node, rather you
want it to be sent to the same node where it first established that session and where server
cookies exist. So that is where Single affinity mode could be useful.
Now in a related fashion, we have the Network affinity mode and it functions much like Single,
but instead of directing traffic based on the client's IP address, the Network mode redirects
traffic back to the original members based on the network address. And that can be especially
useful when you have clients accessing the cluster through proxies.
servers are connected to a computer with IP address x.x.x.100.]
Now NLB doesn't function with shared storage like a failover cluster. So if I had a group of web
servers in an NLB cluster and I decided I needed to update one of the web pages and I did that
to one of the members of the NLB cluster, none of the other members would know about those
changes. And the result would be those other members would continue to offer stale pages
and the clients would have an inconsistent experience. Some of them will get the new page
and most of them would not. Now there are a few ways to handle this problem. You could, of
course, update all of the web servers manually to make sure they all have the same changes
or you could use something like DFS. Now if you are not familiar with DFS, DFS stands for the
Distributed File System and it has a replication engine in it that allows you to replicate the
content of folders between the different nodes in a cluster.
So in our example, if I were using DFS, I could change the web page on one server and then
DFS would replicate those changed web pages across all of those other servers creating a
consistent view. Now if need be, you could add an additional file server with DFS or you could
actually add file servers that are not part of your NLB cluster that would stand outside of it; and
instead they would run in a failover cluster for additional protection. Then you would configure
DFS replication to replicate data from the file server cluster to your NLB cluster and that
provides additional degree of resiliency and high availability.
3. Deploying NLB using Virtual Machines
You don't need physical machines for your NLB cluster; you can use, of course, virtual
machines. And if you do, consider creating separate virtual networks for NLB traffic and don't
forget you also need to enable MAC address spoofing. Remember MAC address spoofing
allows NLB to overwrite the MAC address of the VMs with the new MAC address needed for
the cluster.
Now not unlike a physical cluster, you also need to plan the IP addresses you are going to use
and how clients are going to access your cluster and the DNS records. Another thing you
might consider here is placing your virtual machines that are running the NLB clustering inside
a failover cluster running Hyper-V. This way you can have multiple NLB members hosted on
multiple virtualization hosts. If a single host fails, you still have virtual machines that are part of
your NLB cluster running on another Hyper-V host.
System Center Virtual Machine Manager supports deploying load balancers as part of its
service templates. Now you might recall that Virtual Machine Manager, or VMM, networking
consists of multiple components and to implement NLB in a VMM template, you need to
preconfigure these components. So for example, you need to create what is called a virtual IP
template or a VIP template. A VIP template is similar to port rules. In that, you can specify the
protocols and how you want that to be handled and you can configure affinity; only it is not
called affinity in a VIP template, it is called persistence. I should also point out that VIP
templates work not only with Microsoft's NLB and VMM, but it can also work with other load
balancers as well.
Now in addition to the VIP template, you will also need to configure the other networking
components in VMM such as logical networks, static address pools, the network adapters and
as I mentioned before, when you are using virtual machines as the members of your NLB
cluster, you need to enable MAC spoofing and you can do that in VMM. Now after you
configure the networking components, then you will need to configure that service template.
And when you configure that service template, you will indicate that the virtual machines or the
machine tier can scale out and then you will also need to indicate it is using a load balancer.
Implementing NLB on Windows Server 2012
R2
Learning Objective
◾ identify affinity options to use when deploying an NLB cluster in a given scenario
1. Demo: Implementing NLB

Let's configure Network Load Balancing, or NLB. So to configure Network Load Balancing, the
first thing that I want to show you is how I have got my servers configured. I have three nodes,
all three nodes are running Internet Information Services, or IIS, and have responsive web
sites. So this is the local host, NODE 1. Let's visit node2, here is NODE2, and I also have a
third node - node3. Now you can see that they have exactly the same content; we are just
using the default web page in IIS with a simple change. I have added this little tag just for
reference purposes and for demonstration purposes. But with Network Load Balancing, we are
dealing with content that is the same across the different nodes.
Now the next thing I did is I installed Network Load Balancing. I won't go through the wizard
again as I am sure you have seen it dozens of times. After it has been installed, now we need
to go ahead and add the cluster itself. So this is where I open up the Network Load Balancing
Manager console and create my cluster.
[The Windows Server 2012 desktop is open. The instructor clicks Start and navigates to
Internet Explorer. Then the instructor enters http://node2.corp.brocadero.com/ in the address
bar and hits Enter. As a result, the title of the page changes from Internet Information Services
NODE1 to Internet Information Services NODE2. Next the instructor enters
http://node3.corp.brocadero.com/ in the address bar and hits Enter. As a result, the title of the
page changes from Internet Information Services NODE2 to Internet Information Services
NODE3. The instructor then closes Internet Explorer and navigates to the Network Load
Balancing Manager window. This window includes File, Cluster, Host, Options, and Help menu
options. It also includes Network Load Balancing Clusters node, which is already selected.]
Now a good thing to do before you actually step into this is to configure DNS, so I have also
done that. So I have named my cluster nlbweb and I have assigned it this IP address,
10.0.3.54. I have also configured each one of the nodes that are going to participate in my nlb
cluster with the appropriate networking options. So in the case of this host, just as an
example…and of course, this is the same across all three hosts.
But I have given them additional networking cards, so they have got this network adapter here
and they have another adapter dedicated to NLB. And this one here has a separate IP
address. We will go to the Properties of this, okay, so 10.0.3.61. Under Advanced and
DNS, notice that I am not registering this connection's address in DNS, it is not needed.
And the other thing...because these are virtual machines, the other thing I have done is I have
turned on Media Access Control, or MAC, spoofing in Hyper-V. So if I actually back out of this
virtual machine for a moment, and we will look at the actual…here are my three nodes and we
will look at the adapter settings from the perspective of the virtual machine. Go into the
Settings here, here is that other adapter, Advanced Features here, and I have got MAC
address spoofing turned on, which is a requirement for virtual machines that are participating
in a network load balanced cluster. Alright, so let's double-click on this and come back into it.
Alright. So there are some additional networking configurations I have done ahead of time.
[The Network Load Balancing Manager window is open. This window includes File, Cluster,
Host, Options, and Help menu options. It also includes Network Load Balancing Clusters node,
which is already selected. Then the instructor navigates to the DNS Manager window. This
window displays various clusters. The nlbweb cluster is already selected, which has an IP
address of 10.0.3.54. Next the instructor right-clicks the Internet access button on the lower
right side of the screen and selects Open Network and Sharing Center. As a result, the
Network and Sharing Center window is displayed. This window includes the following links:
Control Panel Home, Change adapter settings, Change advanced sharing settings. The
instructor clicks Change adapter settings and the Network Connections window is displayed.
This window includes CorpNet, Ethernet 3, Ethernet 5, External, and NLB options. Then the
instructor right-clicks the NLB option and selects Properties and the NLB Properties dialog box
is displayed. This dialog box includes Networking and Sharing tabs. The Networking tab is
already selected and the Networking tabbed page is displayed. This tabbed page includes
Connect using and This connection uses the following items sections. It also includes
Configure, Install, Uninstall, and Properties buttons. The This connection uses the following
items section includes the following options: Client for Microsoft Networks, Network Load
Balancing (NLB), File and Printer Sharing for Microsoft Networks, QoS Packet Scheduler,
Microsoft Network Adapter Multiplexor Protocol, Link-Layer Topology Discovery Mapper I/O
Driver, Link-Layer Topology Discovery Responder, Internet Protocol Version 6 (TCP/IPv6), and
Internet Protocol Version 4 (TCP/IPv4). The instructor selects the Internet Protocol Version 4
(TCP/IPv4) option and clicks Properties. As a result, the Internet Protocol Version 4
(TCP/IPv4) Properties dialog box is displayed. This dialog box includes a General tab and the
General tabbed page is displayed. This tabbed page includes the following options: Obtain an
IP address automatically, Use the following IP address, Obtain DNS server address
automatically, and Use the following DNS server addresses. The Use the following IP address
and Use the following DNS server addresses options are already selected. The Use the
following IP address option includes the following text fields: IP address, Subnet mask, and
Default gateway. In the IP address text field, 10.0.3.61 is already entered. In the Subnet mask
text field, 255.255.255.0 is already entered. The Use the following DNS server addresses
option includes the following text fields: Preferred DNS server and Alternate DNS server. In the
Preferred DNS server text field, 10.0.3.1 is already entered. This page also includes Advanced
button. The instructor then clicks Advanced and the Advanced dialog box is displayed. This
dialog box includes IP Settings, DNS, and WINS tabs. The IP Settings tab is already selected
and the IP Settings tabbed page is displayed. Next the instructor clicks DNS and the DNS
tabbed page is displayed. This tabbed page includes the following options: Append primary
and connection specific DNS suffixes, Append parent suffixes of the primary DNS suffix,
Append these DNS suffixes (in order), Register this connection’s addresses in DNS, and Use
this connection’s DNS suffix in DNS registration. The Append primary and connection specific
DNS suffixes and Append parent suffixes of the primary DNS suffix options are already
selected. This page also includes DNS server addresses in order of use and DNS suffix for this
connection text fields. In the DNS server addresses in order of use text field, 10.0.3.1 is
already entered. The instructor then clicks Cancel to navigate to the Network Connections
window. Next the instructor closes the Network Connections window and the Network and
Sharing Center window is displayed. Then the instructor closes the Network and Sharing
Center window and the DNS Manager window is displayed. Next the instructor navigates to the
Hyper-V Manager window. This window includes Virtual Machines and Checkpoints sections.
The Virtual Machines section includes different nodes for which the State, CPU Usage,
Assigned Memory, and Uptime are defined. The instructor right-clicks the NODE1 CORP
10.0.3.51 node and selects Settings. As a result, the Settings for NODE1 CORP 10.0.3.51 on
HV97 window is displayed. This window includes the following partially displayed nodes: Add
Hardware, BIOS, Memory, Processor, IDE Controller 0, IDE Controller 1, SCSI Controller and
Network Adapter. The instructor expands the third Network Adapter node. As a result,
Hardware Acceleration and Advanced Features nodes are displayed. Then the instructor clicks
the Advanced Features node and the Advanced Features page is displayed in the view pane.
This page includes Enable MAC address spoofing and Enable DHCP guard options. The
Enable MAC address spoofing option is already selected. The instructor then closes the
Settings for NODE1 CORP 10.0.3.51 on HV97 window and the Hyper-V Manager window is
displayed. Next the instructor double-clicks the NODE1 CORP 10.0.3.51 node in the Virtual
Machines section and the DNS Manager window is displayed.]
So now back in the Network Load Balancing Manager console, let's create my cluster. So we
will choose Cluster - New, and let's select node1 and you can see that we are…you know,
the configuration here is very different from failover clustering. In that, I don't have a validation
wizard, it is a much simpler approach and it is pretty easy to establish assuming, of course,
you met the requirements.
So I am going to go ahead and select the NLB interface, this is that interface that I have
dedicated for Network Load Balancing. Here I can define a Priority, the IP address that I
detected is listed here, then I need to specify the Cluster IP address. Now you recall that I
have already identified an address I want to use and I have already created a record for it in
DNS. So that is why I am going to actually add that IP address here that is the same as that
DNS record. Take note that we also have v6 support. We will click Next to this.
Then we need to assign in a name, so nlbweb.corp.brocadero.com. And then the

Cluster operation mode is defined here. And depending on my networking, and my networking
switches, and the number of adapters on these nodes, that is going to alter what operation
mode I choose.
[The Network Load Balancing Manger is open. It includes File, Cluster, Host, Options, and
Help menu options. It also includes Network Load Balancing Clusters node, which is already
selected. The instructor clicks the Cluster menu and selects New. As a result, the New Cluster:
Connect dialog box is displayed. This dialog box includes Host text field. It also includes
Connection status and Interfaces available for configuring a new cluster sections. The
instructor enters node1 in the host text field and clicks Connect. As a result, Connected is
displayed in the Connection status section and in the Interfaces available for configuring a new
cluster section, CorpNet and NLB are displayed under the Interface name column for which the
Interface IP is 10.0.3.51 and 10.0.3.61 respectively. Then the instructor selects NLB and clicks
Next. As a result, the New Cluster: Host Parameters page of the New Cluster dialog box is
displayed. This page includes Priority (unique host identifier) and Default state drop-down lists
in which 1 and Started are already selected respectively. It also includes Dedicated IP
addresses section, which displays the 10.0.3.61 IP address for which the Subnet mask is
255.255.255.0. The instructor then clicks Next and then clicks Add. As a result, the Add IP
Address dialog box is displayed. This dialog box includes Add IPv4 address, Add IPv6
address, and Generate IPv6 addresses options. The Add IPv4 address option is already
selected. The Add IPv4 address option includes the IPv4 address and Subnet text fields. The
instructor enters 10.0.3.54 in the IPv4 address text field and then 255.255.255.0 in the Subnet
text field. Then the instructor clicks OK and the New Cluster dialog box is displayed. On this
dialog box, the instructor clicks Next and the next page of this dialog box is displayed. This
page includes Subnet mask, Full Internet name, and Network address text fields and IP
address drop-down list. It also includes Unicast, Multicast, and IGMP multicast options. The
Unicast option is already selected. In the IP address drop-down list, 10.0.3.54 is already
selected. The instructor enters nlbweb.corp.brocadero.com in the Full Internet name text field.]
So we have got Unicast, we have Multicast, and we have Internet Group Management
Protocol, or IGMP, multicast.
Now remember here, with Unicast, this is something I can use for additional, you know, with
nodes with additional adapters. Multicast is useful for nodes with a single adapter, and I need
to segment the traffic, plus it is useful in allowing me to stop port flooding at the switch level,
and then IGMP support here.
So we will click Next to this. This is where I can define the port rules. So we are just going to
say since this is a web site, we are going to define the ports here for my web site, port 80. And
I got filtering modes and I can specify the Protocols I want to support, click Finish to that; and
that sets up the first node on my cluster.
[The New Cluster dialog box is open. It includes Subnet mask, Full Internet name, and
Network address text fields and IP address drop-down list. It also includes Unicast, Multicast,
and IGMP multicast options. The Unicast option is already selected. In the IP address drop-
down list, 10.0.3.54 is already selected. In the Full Internet name text field,
nlbweb.corp.brocadero.com is already entered. The instructor clicks Next and the New
Cluster : Port Rules page of the New Cluster dialog box is displayed. This page includes
Defined port rules and Port rule description sections. On this page, the instructor clicks Edit
and the Add/Edit Port Rule dialog box is displayed. This dialog box includes Cluster IP address
drop-down list. It also includes the Port range, Protocols, and Filtering mode sections. The Port
range section includes From and To spin boxes. In the From and To spin boxes, 0 and 65535
are already selected. The Protocols section includes TCP, UDP, and Both options. The Both
option is already selected. The Filtering mode section includes Multiple host, Single host, and
Disable this port range options. The Multiple host option is already selected and it includes the
following options: None, Single, and Network. The Single option is already selected. The
instructor enters 80 in the From and To spin boxes, selects TCP in the Protocols section, and
clicks OK. As a result, the New Cluster : Port Rules page of the New Cluster dialog box is
displayed. On this page, the instructor clicks Finish and the Network Load Balancing Manger is
displayed.]
Alright, so we have just added NODE1. Let's go ahead and add other nodes to this cluster. We
will add node2, here is its NLB interface, its IP address…oh, let me go Back here, notice its
Priority here is now a 2, while the NODE1 Priority was a 1. Now remember what this is for; the
Priority value indicates who should handle traffic that is not managed by any rule, that is not…
you know, where we don't actually have a rule to indicate how that traffic should be handled.
So this is the second node in the Priority list who will be responsible for handling unspecified
traffic. So we will click Next to this.
Here we have got our port rule and it is pulling that from the cluster and we will just add
another host to this to complete my NLB cluster.
So there is NLB, once again Priority value is 3, here is its IP address, and we will Finish that
off. In a moment, these three will be able to handle any of the port 80 traffic among each other
and deliver that web content that they share.
[The Network Load Balancing Manager is open. It includes File, Cluster, Host, Options, and
Help menu options. It also includes Network Load Balancing Clusters node, which further
includes nlbweb.corp.brocadero.com (10.0.3.54) node. The nlbweb.corp.brocadero.com
(10.0.3.54) node further includes NODE1(NLB) node, which is already selected. The instructor
right-clicks the nlbweb.corp.brocadero.com (10.0.3.54) node and selects Add Host To Cluster.
As a result, the Add Host to Cluster : Connect dialog box is displayed. This dialog box includes
Host text field. It also includes Connection status and Interfaces available for configuring the
cluster sections. The instructor enters node2 in the host text field and clicks Connect. As a
result, Connected is displayed in the Connection status section and in the Interfaces available
for configuring the cluster section, CorpNet and NLB are displayed under the Interface name
column for which the Interface IP is 10.0.3.52 and 10.0.3.56 respectively. Then the instructor
selects NLB and clicks Next. As a result, the New Cluster: Host Parameters page of the New
Cluster dialog box is displayed. This page includes Priority (unique host identifier) and Default
state drop-down lists in which 2 and Started are already selected respectively. It also includes
Dedicated IP addresses section, which displays the 10.0.3.56 IP address for which the Subnet
mask is 255.255.255.0. The instructor then clicks Next and then clicks Finish. As a result, the
Network Load Balancing Manager window is displayed, which shows NODE2 (NLB) added
under the nlbweb.corp.brocadero.com (10.0.3.54) node. Then the instructor right-clicks the
nlbweb.corp.brocadero.com (10.0.3.54) node and selects Add Host To Cluster. As a result,
The Add Host to Cluster : Connect dialog box is displayed. The instructor enters node3 in the
host text field and clicks Connect. As a result, Connected is displayed in the Connection status
section and in the Interfaces available for configuring the cluster section, NLB and CorpNet are
displayed under the Interface name column for which the Interface IP is 10.0.3.57 and
10.0.3.53 respectively. The NLB Interface name is already selected. Then the instructor clicks
Next. As a result, the New Cluster: Host Parameters page of the New Cluster dialog box is
displayed. This page includes Priority (unique host identifier) and Default state drop-down lists
in which 3 and Started are already selected respectively. It also includes Dedicated IP
addresses section, which displays the 10.0.3.57 IP address for which the Subnet mask is
255.255.255.0. The instructor then clicks Next and then clicks Finish. As a result, the Network
Load Balancing Manager window is displayed, which shows NODE3 (NLB) added under the
nlbweb.corp.brocadero.com (10.0.3.54) node.]
So now let's actually go in and have a test and see what this looks like from the client point of
view. So to test this on a client, what I am going to do is, kind of, step out of NODE 1 here and
go to...back to Hyper-V Manager. And I have got a client configured for testing. And what I
have done is I have gone in to Internet options and I have configured it to check for newer
versions of stored pages, Every time I visit the webpage.
Okay, so let's actually visit my cluster and notice I am not indicating NODE 1 or NODE 2 or
NODE 3. I am going to the cluster name, which is being resolved to that shared virtual IP
address and it is sending me to one of the three cluster nodes. In this case, I landed on NODE
3. Let's do that again and once again it takes me to NODE 3, and now I am at NODE 2. So it is
distributing my request across the different nodes. And you can see I have done NODE 3, and
NODE 2, there is NODE 3 again; and at some point here it will send me to NODE 1, alright.
[The Network Load Balancing Manager is open. It includes File, Cluster, Host, Options, and
Help menu options. It also includes Network Load Balancing Clusters node, which further
includes nlbweb.corp.brocadero.com (10.0.3.54) node. The nlbweb.corp.brocadero.com
(10.0.3.54) node further includes NODE1(NLB), NODE2(NLB), and NODE3(NLB) nodes. The
instructor navigates to Hyper-V Manager window. This window includes Virtual Machines and
Checkpoints sections. The Virtual Machines section includes different nodes for which the
State, CPU Usage, Assigned Memory, and Uptime are defined. The instructor double-clicks
Client3 8.1 Pro and the Client3 8.1 Pro desktop is displayed. Then the instructor opens Internet
Explorer, clicks Tools, and selects Internet options. As a result, the Internet options dialog box
is displayed. This dialog box includes General, Security, Privacy, Content, Connections,
Programs, and Advanced tabs. The General tab is already selected and the General tabbed
page is displayed. This page includes the Home page, Startup, Tabs, and Browsing history
sections. The Home page section includes a text field in which
http://go.microsoft.com/fwlink/p/?LinkId=255141 is already entered. The Startup section
includes Start with tabs from the last session and Start with home page options. The Start with
home page option is already selected. The tabs section includes a Tabs button. The Browsing
history section includes Delete browsing history on exit option and Delete and Settings
buttons. Then the instructor clicks Settings and the Website Data Settings dialog box is
displayed. This dialog box includes Temporary Internet Files, History, and Caches and
databases tabs. The Temporary Internet Files tab is already selected and the Temporary
Internet Files tabbed page is displayed. This tabbed page includes the following options: Every
time I visit the webpage, Every time I start Internet Explorer, Automatically, and Never. The
Every time I visit the webpage option is already selected. It also includes Disk space to use
spin box in which 250 is already selected. This page also includes Move folder, View objects,
and View files buttons. On this page, the instructor clicks OK and the Internet options dialog
box is displayed. On the Internet options dialog box, the instructor clicks OK and the Internet
Explorer is displayed. Then the instructor enters nlbweb.corp.brocadero.com/ in the address
bar and hits Enter. As a result, the Internet Information Services NODE3 page is displayed.
Then the instructor navigates to another Internet Explorer window and enters
nlbweb.corp.brocadero.com/ in the address bar and hits Enter. As a result, the Internet
Information Services NODE3 page is displayed. Next the instructor navigates to another
Internet Explorer window and enters nlbweb.corp.brocadero.com/ in the address bar and hits
Enter. As a result, the Internet Information Services NODE2 page is displayed. Then the
instructor navigates to another Internet Explorer window and enters
Information Services NODE2 page is displayed. The instructor then navigates to another
Internet Explorer window and enters nlbweb.corp.brocadero.com/ in the address bar and hits
Enter. As a result, the Internet Information Services NODE3 page is displayed. Then the
instructor navigates to another Internet Explorer window and enters
Information Services NODE2 page is displayed.]
Now to, kind of, control which node, you know, at this point it is pretty random…and to control
whether or not I am going to persist with any one of these nodes, I can configure my affinity
settings. So let me show you what that looks like. If I go back now to NODE1 and I go to the
properties, Cluster Properties in NODE1, under my Port Rules, right now I have got it
configured, so that its Filtering mode has no affinity. So as we talked about here in regards to
affinity, if I have an application, a web application that is more session oriented, I can choose
Single.
And in this case, traffic distribution across the different nodes should show some affinity
towards a Single host once I actually connect to that node. So I will click OK to that. And that
configuration change is then distributed. Nodes will converge. Now I will do a quick Refresh
here, yeah, they are all green, good deal. Let's go back and see if there is any difference in my
testing machine here. So there is NODE 2, NODE 2, NODE 2. So this is what I am expecting. I
am expecting to be sent to NODE 2 the majority of the time because now I have Single affinity
defined.
[Internet Explorer is open and the Internet Information Services NODE2 page is displayed. The
NODE1 CORP 10.0.3.51 and the Network Load Balancing Manager window is displayed. This
window includes File, Cluster, Host, Options, and Help menu options. It also includes Network
Load Balancing Clusters node, which includes nlbweb.corp.brocadero.com (10.0.3.54) node.
The nlbweb.corp.brocadero.com (10.0.3.54) node is already selected. This node further
includes NODE1(NLB), NODE2(NLB), and NODE3(NLB) sub nodes. The instructor right-clicks
the nlbweb.corp.brocadero.com (10.0.3.54) node and selects Cluster Properties. As a result,
the nlbweb.corp.brocadero.com (10.0.3.54) Properties dialog box is displayed. This dialog box
includes Cluster IP Addresses, Cluster Parameters, and Port Rules tabs. The Cluster IP
Addresses tab is already selected and the Cluster IP Addresses tabbed page is displayed.
Then the instructor clicks the Port Rules tab and the Port Rules tabbed page is displayed. On
this page, the instructor clicks Edit and the Add/Edit Port Rule dialog box is displayed. This
dialog box includes Cluster IP address drop-down list. It also includes the Port range,
Protocols, and Filtering mode sections. The Port range section includes From and To spin
boxes. In the From and To spin boxes, 80 is already selected. The Protocols section includes
TCP, UDP, and Both options. The TCP option is already selected. The Filtering mode section
includes Multiple host, Single host, and Disable this port range options. The Multiple host
option is already selected and it includes the following options: None, Single, and Network.
The None option is already selected. Then the instructor selects Single and clicks OK. As a
result, the nlbweb.corp.brocadero.com (10.0.3.54) Properties dialog box is displayed. On this
dialog box, the instructor clicks OK and the Network Load Balancing Manager window is
displayed. Next the instructor right-clicks the nlbweb.corp.brocadero.com (10.0.3.54) node and
selects Refresh. As a result, the Status of the nodes changes from Pending to Converged.
Then the instructor navigates to the Hyper-V Manager window and double-clicks Client3 8.1
Pro. As a result, the Internet Explorer window is displayed. On the window, the instructor
enters nlbweb.corp.brocadero.com and the Internet Information Services NODE2 page is
displayed. Then the instructor navigates to another Internet Explorer window and enters
nlbweb.corp.brocadero.com and the Internet Information Services NODE2 page is displayed.
Next the instructor navigates to another Internet Explorer window and enters
Then the instructor navigates to another Internet Explorer window and enters
Next the instructor navigates to another Internet Explorer window and enters
nlbweb.corp.brocadero.com and the Internet Information Services NODE2 page is displayed.]
So what if we have a failure though with NODE 2? So let's go back now and let's come up here
and let's simulate a networking failure. I am going to right-click on this, Control Host and we
are just going to do a sudden Stop to this host. So it is no longer responding. Let's go back
now, out of that, there we go, back to client3, there we go.
So I am back on client3 who is doing my testing, and let's do a connection once again to
nlbweb and this time I am directed to NODE 3. And so subsequent requests here should now
be headed towards NODE 3. So I have got a bunch of these, here is another one that was left
over from the earlier test. When I refresh it there, you can see I am going to NODE 3 and that
is because NODE 2 is not available, so we are immediately reconverged. So both NODE 1 and
NODE 3 are handling that port 80 traffic in a distributed fashion with Single affinity enabled.
And the same would happen if I disable NODE 3 and all my traffic would be directed to NODE
1.
NODE1 CORP 10.0.3.51 and the Network Load Balancing Manager window is displayed. This
window includes File, Cluster, Host, Options, and Help menu options. It also includes Network
Load Balancing Clusters node, which includes nlbweb.corp.brocadero.com (10.0.3.54) node.
The nlbweb.corp.brocadero.com (10.0.3.54) node is already selected. This node further
includes NODE1(NLB), NODE2(NLB), and NODE3(NLB) sub nodes. Then the instructor right-
clicks the NODE2(NLB) node, selects Control Host, and then selects Stop. As a result, the
NODE2(NLB) node stops and it color changes to red. The instructor then navigates to Hyper-V
Manager window and double-clicks Client3 8.1 Pro. As a result, the Internet Explorer window is
displayed. Then the instructor navigates to another Internet Explorer window and enters
nlbweb.corp.brocadero.com. As a result, the Internet Information Services NODE3 page is
displayed. Next the instructor navigates to another Internet Explorer window and enters
nlbweb.corp.brocadero.com and the Internet Information Services NODE3 page is displayed.]
That is a look at setting up and configuring Network Load Balancing. Now a common question
has to do with the degree of awareness that NLB has. And one thing you should know is that
Network Load Balancing operates just above TCP/IP. It is a low level driver and is not
application aware. So if your application hangs and the service stops and it is entirely possible,
Network Load Balancing will continue to redirect traffic to that unresponding service even
though the node…and that is because the node itself is still responding to heartbeat traffic at
the NLB layer.
Now one of the ways you can address that is you can implement some sort of monitoring script
on your Network Load Balancing clusters like this sample script here from Microsoft. And what
it does is it can basically send requests to the actual service if it detects that there is a, you
know, the service is no longer responding, then it talks to NLB and changes the state of the
node with the intention of preventing traffic from being directed to that node.
So that is one possibility that you can investigate in in terms of monitoring that application level
if you need it.
instructor opens a new tab, clicks the star icon, and then clicks the Monitoring Application
Level Health (Windows). As a result, the Monitoring Application Level Health page is
displayed. This page includes the script to monitor NLB clusters.]
Another thing I want to mention has to do with the content on the network load balance
clusters themselves. Remember we are talking about content that is intended to be the same.
So if you make a change on one node as I have done here on NODE2, I have added this tag
NODE 2, well that is not going to replicate or be reflected in any of the other nodes. So if you
change web content on one node, don't expect NLB to perform any replication for you. So a
solution to that to ensure that you have some consistency across the nodes is to use
Distributed File System, or DFS.
So what I can do is go back here to NODE1 now and we will log into NODE1. And what I am
going to do is I am going to install the DFS namespace. And what this will allow me to do is it
will allow me to actually configure replication of the actual inet folder. So in this case, I am
clustering web servers. Those web servers store their content in inetpub. And I can link the
inetpub folder on one server across the other nodes, the other servers. Changes to one
inetpub folder would be replicated to the others. Network Load Balancing doesn't do that for
me, but DFS namespace and DFS Replication will.
[The Monitoring Application Level Health page is open. The instructor clicks the cross to close
the Internet Explorer window. As a result, the Internet Explorer dialog box is displayed. On this
dialog box, the instructor clicks Close all tabs and the Internet Information Services NODE2
page is displayed. Then the instructor navigates to Hyper-V Manager window. This window
includes Virtual Machines and Checkpoints sections. The Virtual Machines section includes
different nodes for which the State, CPU Usage, Assigned Memory, and Uptime are defined.
Next the instructor double-clicks NODE1 CORP 10.0.3.51 and the NODE1 CORP 10.0.3.51 –
Virtual Machine Console window is displayed. This window includes File, Action, Media,
Clipboard, View, and Help menu options. It also includes a Switch user button. The instructor
then clicks the cube like icon below the File menu option and the Password text box is
displayed. Then the instructor enters the password and clicks Enter. As a result, the Windows
Server 2012 desktop is displayed. Next the instructor navigates to Server Manager window.
This window includes Dashboard, Local Server, All Servers, File and Storage Services, and IIS
options. The Dashboard option is already selected and the Welcome to Server Manager page
is displayed. It also includes Add roles and features, Add other servers to manage, and Create
a server group links. The instructor clicks Add roles and features and the Add Roles and
Features Wizard is displayed. This wizard includes the following options: Before You Begin,
Installation Type, Server Selection, Server Roles, Features, Confirmation, and Results. The
Before You Begin option is already selected and the Before You Begin page of the wizard is
displayed. The instructor clicks Next and navigates to the Server Roles page of the wizard. On
this page, the instructor selects DFS Replication under File and iSCSI Services option, which
is under File and Storage Services. As a result, a dialog box is displayed. On this dialog box,
the instructor clicks Add Features and the Server Roles page of the wizard is displayed. Then
on this page, the instructor selects DFS Namespaces and clicks Next. As a result, the
Features page of the wizard is displayed. On this page, the instructor clicks Next and the
Confirmation page of the wizard is displayed. On this page, the instructor clicks Install and the
Results page of the wizard is displayed.]
So what I could do is install DFS on all three of my nodes and configure it for replication. So
we will just go ahead and wait for this installation to complete and I will give you an example
here in just a moment.
Okay. I finished installing the DFS rule on all three of my nodes. So now what I am going to do
is I am going to go to DFS Management and we are going to create a New Replication Group
and this will help us synchronize the content of that IIS folder called inetpub. We will call this
the nlbweb replication group name it after the NLB cluster. Who are going to be the
members? So we want node1; node2; node3. Topology will be a Full mesh, but initial
replication is going to be driven by NODE1. So NODE1 will be initially replicated to NODE2
and NODE3. So all three nodes will have NODE1's web pages. And so that it will say NODE1
when we do our test. Here is where I indicate the folders inetpub on NODE1 being
replicated to NODE2, and same location…remember inetpub here is the default folder for
IIS. We will click Next, click Create and there we go.
[Server Manager is open and the Add Roles and Features Wizard is displayed. This wizard
includes the following options: Before You Begin, Installation Type, Server Selection, Server
Roles, Features, Confirmation, and Results. The Results option is already selected. The
instructor navigates to Welcome to Server Manager page and clicks the flag icon. As a result,
the following options are displayed: Feature installation – Installation succeeded on
NODE1.corp.brocadero.com, Feature installation – Installation succeeded on
NODE2.corp.brocadero.com, and Feature installation – Installation succeeded on
NODE3.corp.brocadero.com. Then the instructor clicks Start and then clicks Administrative
Tools. As a result, the Administrative Tools window is displayed. On this window, the instructor
double-clicks DFS Management and the DFS Management window is displayed. This window
includes DFS Management node, which includes Namespaces and Replication nodes. Next
the instructor right-clicks Replication and selects New Replication Group. As a result, the New
Replication Group window is displayed. This window includes the following options: Replication
Group Type, Name and Domain, Replication Group Members, Topology Selection, Hub
Members, Hub and Spoke Connections, Replication Group Schedule and Bandwidth, Primary
Member, Folders to Replicate, Review Settings and Create Replication Group, and
Confirmation. The Replication Group Type is already selected and the Replication Group Type
page is displayed. This page includes Multipurpose replication group and Replication group for
data collection options. The Multipurpose replication group option is already selected. On this
page, the instructor clicks Next and the Name and Domain page is displayed. This page
includes Name of replication group, Optional description of replication group, and Domain text
fields. In the Domain text field, corp.brocadero.com is already entered. The instructor enters
nlbweb in the Name of replication group text field and clicks Next. As a result, the Replication
Group Members page is displayed. On this page, the instructor clicks Add and the Select
Computers dialog box is displayed. This dialog box includes Select this object type, From this
location, and Enter the object names to select text fields. In the Select this object type text
field, Computers is already entered. In the From this location text field, corp.brocadero.com is
already entered. The instructor enters node1;node2;node3 in the Enter the object names to
select text field and clicks OK. As a result, the NODE1, NODE2, and NODE3 are added in the
Members section on the Replication Group Members page. Then the instructor clicks Next and
the Topology Selection page is displayed. This page includes Full mesh and No topology
options. On this page, the instructor selects Full mesh and clicks Next. As a result, the
Replication Group Schedule and Bandwidth page is displayed. This page includes Bandwidth
drop-down list in which Full is already selected. It also includes replicate during the specified
days and times option. Then the instructor clicks Next and the Primary Member page is
displayed. This page includes Primary member drop-down list. This drop-down list includes
NODE1, NODE2, and NODE3 options. The instructor selects NODE1 and clicks Next. As a
result, the Folders to Replicate page is displayed. On this page, the instructor clicks Add and a
partially displayed dialog box is displayed. This dialog box includes Member, Local path of
folder to replicate text fields. It also includes Use name based on path and Use custom name
options. In the Member text field, NODE1 is already entered. The Use name based on path
option is already selected. The instructor enters c:\inetpub in the Local path of folder to
replicate text field and clicks OK and the Local path of inetpub on Other Members option gets
added below the Folders to replication option. Then the instructor clicks Next and the Local
path of inetpub on Other Members page is displayed. On this page, the instructor selects
NODE2 in the Member details section and clicks Edit and a partially displayed dialog box is
displayed. This dialog box includes Disabled, Enabled, and Make the selected replicated folder
on this member read-only options. It also includes Local path of folder text field, which is
empty. The Disabled option is already selected. The instructor selects Enabled and enters
c:\inetpub in the Local path of folder text field and clicks OK. Then the instructor selects
NODE3 in the Member details section and clicks Edit and a partially displayed dialog box is
displayed. On this dialog box, the instructor selects Enabled, enters c:\inetpub in the Local
path of folder text field, clicks OK, and then clicks Next. As a result, the Review Settings and
Create Replication Group page is displayed. On this page, the instructor clicks Create and the
Confirmation page is displayed. On this page, Replication Delay dialog box is displayed. On
this dialog box, the instructor clicks OK.]
Now it will take moment or two for that configuration to replicate to the other nodes and you
can see under Connections that the Full mesh topology is enabled. NODE1 will replicate its
web pages to 2 and to 3. And NODE2 can also replicate pages if it receives a change to
NODE1 and NODE3, and NODE3 as well. So I have got my Full mesh topology here.
Now replication should be occurring as I am speaking. Let's go and actually have a look at one
of these other nodes. The other thing I want to do here is let's actually turn off NODE1 in NLB.
Here we go. And we will turn on NODE2. And what this will mean is NODE1 is no longer going
to respond to web traffic for port 80; only NODE2 and NODE3 will. However, DFS is replicating
the web page from NODE1 to 2 and 3, and so we should see NODE1's web pages show up
even though NODE1 is turned off.
[DFS Management is open. It includes File, Action, View, Window, and Help menu options. It
also includes DFS Management node, which includes namespaces and Replication nodes.
The Replication node further includes nlbweb node. The Replication node is already selected.
The instructor clicks the nlbweb node and the nlbweb (corp.brocadero.com) page is displayed
in the view pane. This page includes Memberships, Connections, Replicated Folders, and
Delegation tabs. The Memberships tab is already selected and the Memberships tabbed page
is displayed. The instructor clicks the Connections tab and the Connections tabbed page is
displayed. This page includes the following sections: Sending member: NODE1 (2 items),
Sending Member: NODE2 (2items), and Sending Member: NODE3 (2 items). The instructor
then navigates to the Network Load Balancing Manager window. This window includes File,
Cluster, Host, Options, and Help menu options. It also includes Network Load Balancing
Clusters node, which includes nlbweb.corp.brocadero.com (10.0.3.54) node. This node further
includes NODE1(NLB), NODE2(NLB), and NODE3(NLB) nodes. The instructor right-clicks
NODE1(NLB) node, selects Control Host, and then selects Stop. Then the instructor right-
clicks NODE2(NLB) node, selects Control Host, and then selects Start.]
So let's do…let's bounce out of this now. Let's go visit NODE 2. And here is NODE 2's inetpub
folder, here is its root web page, and let's actually open up…there it is. And notice it says I am
on NODE 2, but it says NODE 1 because this web page is just delivered via DFS. And so this
is one way you could synchronize the content among your web servers.
So let's actually go now to our client and let's test this. There I am, so I am NODE 1. So we
know that NODE 1 is actually turned off, but I am being delivered a web page that says NODE
1 and that is because this web page has been replicated across to all three members of the
cluster, thanks to DFS. So that is how you can use DFS in conjunction with NLB.
[The Network Load Balancing Manager window is open. This window includes File, Cluster,
Host, Options, and Help menu options. It also includes Network Load Balancing Clusters node,
which includes nlbweb.corp.brocadero.com (10.0.3.54) node. This node further includes
NODE1(NLB), NODE2(NLB), and NODE3(NLB) nodes. The instructor navigates to the
Hyper-V Manager window. This window includes Virtual Machines and Checkpoints sections.
The Virtual Machines section includes different nodes for which the State, CPU Usage,
Assigned Memory, and Uptime are defined. The instructor double-clicks the NODE2 CORP
10.0.3.52 and the Windows Server 2012 R2 desktop is displayed. Then the instructor
navigates to the inetpub folder in C drive. The instructor then double-clicks the inetpub folder
and the following folders are displayed: cluster, history, logs, temp, and wwwroot. Next the
instructor double-clicks the wwwroot folder and iis-85 and iisstart files are displayed. Then the
instructor right-clicks the iis-85 file, selects Open with, and then selects Paint. As a result, the
iis-85 file is opened in Paint. Next the instructor navigates to Hyper-V Manager window. On
this window, the instructor double-clicks Client3 8.1 Pro and Internet Information Services
NODE2 page is displayed. The instructor then refreshes this page and as a result, the Internet
Information Services NODE1 page is displayed.]
Windows Server 2012 R2 High Availability
Learning Objective
◾ plan and implement failover clustering and Network Load Balancing
1. Configuring high availability

Now that you have learned about failover clustering and Network Load Balancing, or NLB, let's
try an exercise.
You are working as an IT solution architect for Easy Nomad Inc. You have been tasked with
planning the implementation
of a highly available company intranet using Windows Server 2012 R2 technologies.
Question
You are planning a failover cluster for the intranet application's SQL Server instance
and are assessing the requirements that need to be met prior to implementation.
Which of the following statements describe requirements, which must be met for
failover clustering with Windows Server 2012 R2?
Options:
1. Each node in the cluster must run the same edition of Windows Server
2. The network adapters on the private network should have identical speed
and duplex settings
3. The same roles must be installed on each node
4. The Active Directory Domain Services, or AD DS, role should be installed on
at least one node
Answer
Option 1: Correct. Each node in the cluster must run the same edition of Windows
Server.
Option 2: Correct. Network adapters in a cluster should all communicate using the
same IP standard, speed, duplex mode, and flow control settings.
Option 3: Incorrect. Although nodes should be similarly configured, they can host
independent roles if required.
Option 4: Incorrect. The AD DS is not required to be installed on a node, but nodes
do need to be members of a domain.
Correct answer(s):
1. Each node in the cluster must run the same edition of Windows Server
2. The network adapters on the private network should have identical speed and
duplex settings
Question
Prior to implementing the failover cluster for the company intranet solution, you
decide to run the Validate a Configuration Wizard. Which of the following tests will be
run as part of the process?
Options:
1. System configuration tests

2. Network tests
3. Storage tests
4. Failover tests
5. Application tests
Answer
Option 1: Correct. System configuration tests will run to ensure that the servers meet
specific requirements such as running the operating system version and update
levels.
Option 2: Correct. Network tests will determine whether the planned cluster network
components will meet requirements such as network redundancy, for instance.
Option 3: Correct. Storage tests will take place to ensure that planned storage meets
requirements such as handling simulated cluster storage operations.
Option 4: Incorrect. Failover tests are not run as part of the Validate a Configuration
Wizard. These tests would normally take place after the cluster setup has been
completed.
Option 5: Incorrect. Testing the application is not a part of the testing carried out by
the Validate a Configuration Wizard.
Correct answer(s):
1. System configuration tests
2. Network tests
3. Storage tests
Question
As part of the planning exercise for a failover cluster for Easy Nomad's intranet
application, you need to understand each component of a failover cluster. Match the
component to its corresponding description.
Options:
A. Servers that are members of the failover cluster

B. Allows the cluster nodes to communicate with each other and the client
systems
C. Hosted by the nodes in the cluster and can be moved between each member
node
D. The storage system is typically shared for use by the nodes in the cluster
E. Entities such as users or computers that use the cluster service
F. The software entity that the cluster presents to its clients
Targets:
1. Nodes
2. Network
3. Resource
4. Cluster storage
5. Clients
6. Service or application
Answer
Nodes are servers that make up the members of a failover cluster.
The network facilitates inter-node server communication within the cluster and
between the cluster and the client systems.
Resources are the entities under management by the nodes in a cluster. These can
typically be moved, started, or stopped as part of the cluster and node operations, for
instance.
Cluster storage typically represents the storage being shared by the nodes. An
example of this is application data. Some applications, however, may not require
shared storage.
Clients are systems that are using the services presented by the cluster. These
clients can be end-user clients or servers, for example.
Services and applications are the software entities that the cluster manages and
presents to the clients.
Correct answer(s):
Target 1 = Option A
Target 2 = Option B
Target 3 = Option C
Target 4 = Option D
Target 5 = Option E
Target 6 = Option F
Question
You are planning the Network Load Balancing, or NLB, cluster to host Easy Nomad's
intranet web application. The web application uses state management for local client
and server connections. Which of the following affinity modes should you implement?
Options:
1. Single
2. Network
3. None
4. Single host mode
Answer
Option 1: Correct. When the NLB client machines are local and require session state
management for client interactions, Single is the recommended affinity mode to
configure.
Option 2: Incorrect. The Network affinity option is recommended when clients require
session state management and they are located behind a proxy server.
Option 3: Incorrect. The None affinity option is configured when clients accessing
cluster applications do not require state management.
Option 4: Incorrect. Single host mode is not an affinity option. However, it behaves
similar to Single mode when it is configured using the filtering option.
Correct answer(s):
1. Single
Question
You are planning the Network Load Balancing, or NLB, cluster for Easy Nomad's
intranet application web servers. Each node has a single network adapter and is
running Windows Server 2012 R2. Which of the following operation modes should
you configure for the cluster?
Options:
1. Multicast mode
2. Unicast mode
3. Use both modes
Answer
Option 1: Correct. Multicast mode is the only network setting that supports the use of
single network adapters for NLB cluster nodes.
Option 2: Incorrect. NLB nodes using Unicast-based packets require a minimum of

two network adapters.
Option 3: Incorrect. It is not recommended to implement both modes together for an

NLB cluster. Also, since there is only a single adapter in each node, this would not be
possible given that Unicast requires a minimum of two adapters per node.
Correct answer(s):
1. Multicast mode
© 2018 Skillsoft Ireland Limited

Cluster 2012r2

Hochgeladen von

Dokumentinformationen

Originaltitel

Copyright

Verfügbare Formate

Dieses Dokument teilen

Dokument teilen oder einbetten

Freigabeoptionen

Stufen Sie dieses Dokument als nützlich ein?

Sind diese Inhalte unangemessen?

Copyright:

Verfügbare Formate

Cluster 2012r2

Hochgeladen von

Copyright:

Verfügbare Formate

Course Transcript

Microsoft Windows Server 2012 R2 -

2. Planning Failover Clustering for Windows Server 2012 R2

3. Deploying Failover Clustering on Windows Server 2012 R2

4. Clustering Aware Updates in Windows Server 2012 R2

5. Windows Server 2012 R2 Multisite Failover Clusters

Network Load Balancing

2. Implementing NLB on Windows Server 2012 R2

3. Windows Server 2012 R2 High Availability

1. Meet your instructor

[Welcome to Microsoft Windows Server 2012 R2 - Advanced Infrastructure: Clustering and

2. Failover clustering introduction

3. Failover clustering new features

1. Server workload planning

2. Failover cluster hardware planning

3. Planning storage for failover clusters

4. Cluster quorum planning

[There are four servers connected to a single database.]

5. Planning for applications

1. Deploying a failover cluster

2. Demo: Adding a script resource

[Failover Cluster Manager is open. It includes the ClusterExample.corp.brocadero.com node,

3. Demo: Configuring cluster settings

[The Failover Cluster Manager is open. It includes the ClusterExample.corp.brocadero.com

[The Failover Cluster Manager is open. It includes the ClusterExample.corp.brocadero.com

[The Failover Cluster Manager is open. It includes the ClusterExample.corp.brocadero.com

[The Failover Cluster Manager is open. It includes the ClusterExample.corp.brocadero.com

2. Demo: Configuring CAU

Let's do that as an example. If I do test-causetup, we do -clustername and the name

[The ClusterExample – Cluster-Aware Updating window is open. This window includes

[The Completion page of the ClusterExample – Configure Self-Updating Options Wizard is

[The CLUSTEREXAMPLE – Cluster-Aware Updating wizard is open. The instructor navigates

[The Additional Options page of the CLUSTEREXAMPLE – Cluster-Aware Updating wizard is

1. Planning a multisite failover cluster

Synchronous replication means as a change occurs, we want that to immediately be replicated

2. Multisite cluster quorum planning

2. NLB network and storage planning

1. Demo: Implementing NLB

Then we need to assign in a name, so nlbweb.corp.brocadero.com. And then the

1. Configuring high availability

of a highly available company intranet using Windows Server 2012 R2 technologies.

1. System configuration tests

A. Servers that are members of the failover cluster

Nodes are servers that make up the members of a failover cluster.

Option 2: Incorrect. NLB nodes using Unicast-based packets require a minimum of

Option 3: Incorrect. It is not recommended to implement both modes together for an

Das könnte Ihnen auch gefallen