Course Transcript

Microsoft Windows Server 2012 R2 -

Configuring Advanced Services: HA
Network Load Balancing
1. Windows Server 2012 R2 Network Load Balancing

2. Configuring a Windows Server 2012 R2 NLB Cluster

3. Managing a Windows Server 2012 R2 NLB Cluster

Failover Clustering
1. Windows Server 2012 R2 Failover Clustering Overview

2. Creating a Windows Server 2012 R2 Failover Cluster

3. Managing a Windows Server 2012 R2 Failover Cluster

4. Maintaining a Windows Server 2012 R2 Cluster

5. Windows Server 2012 R2 High Availability

Windows Server 2012 R2 Network Load
Balancing
Learning Objective
After completing this topic, you should be able to
◾ determine the most suitable Affinity mode to configure in a given scenario

1. Meet your instructor

Microsoft Windows Server 2012 R2 - Configuring Advanced Services: HA

Hi, my name is Jason Gates and I'm a Microsoft Certified Trainer, or MCT. Imagine that late
night call where you are woken up and the head of the accounting department is saying, "Hey,
the servers are down." So you have to jump in the car, you are headed back to the office, and
at that time you are thinking, "Well, would not it be great if I had high availability and high
business continuity?" Well Windows Server 2012 R2 has two features to help you solve that
problem and reduce those late night calls...that is a Network Load Balancing, or NLB, and
failover clustering.

[The goal of this course is to understand how to manage and configure Network Load
Balancing.]

And in this course, we are going to talk about those two. Now they are not identical. Network
Load Balancing is ideal for specific situations, while failover clustering is ideal for other
situations. So we will talk about the differences between these two, and when you would install
them and how to configure them.

2. NLB usage
That Accounting department web server is in dire need of some help. It's not responding to
client request, so they have called you in to save the day. What do you do?

Well one thing you could do is, throw money at the problem, right? Add additional memory, add
additional processors that will make that server respond better. But it doesn't eliminate your
single point of failure. You still could have a motherboard that goes out or a network card that
goes out.

What if you need to update the machine, patch the machine, which means you have to reboot
it. So it's not continuously always available. Well the answer to that, then, would be to have
more than one, right? Redundant systems. But redundant systems means redundant Internet
Protocol, or IP, addresses and redundant addresses and URLs.

So what about a load balancer? You could invest in a hardware load balancer that can
distribute that load for you. But that means money and that may not be in the budget right now.
So enter Network Load Balancing, or NLB, to save the day. NLB is a great solution because it's
in the box and comes with Windows Server. It's an inexpensive way to be able to provide
redundant systems, a degree of load balancing and fault tolerance, all from within Windows
Server.

NLB is not ideal for every kind of application. But it does work well for web servers and access
servers. It can also help with Active Directory Lightweight Directory Services, or AD LDS. And
the reason NLB can help with those types of applications is because those applications are
stateless, meaning, those applications are not concerned with maintaining data changes from
session to session. That's the job of a database, and that's the reason why databases don't
work well on NLB. Now keep in mind, you could have a tiered configuration where you have
your database protected with failover clustering, but access to it can be put in a network load
balancing cluster like the front end portion of a web site, you know, a web site providing access
to a database.

Now each node in an NLB cluster, it gets combined and it's called a host. Now they get
combined into what is called a virtual cluster, and you could have anywhere between 2 to 32 of
these different hosts. Each of these hosts is running Windows Server 2012, and they have an
identical copy of the application like their web site or in the case of access like virtual private
network, or VPN, access configuration. Now when they are combined into that single virtual
cluster, NLB distributes client connections across to each one of those hosts, and that is where
we get our reliability and our performance. If any one of these nodes goes down, there are
other nodes there to pick up the slack. If any node needs to be serviced or updated, well then
there are other nodes that can continue to provide that web site or that client access point.

How does NLB work? Well NLB works not much different than from the client's point of view
anyway, not much different from any other type of web site. That is when you go to a web site,
the client sends a look-up request to DNS. The DNS looks up the actual IP address based on
the name that the client used, and then the client uses that IP address to connect to the web
site. Now from a client's point of view, those same mechanics take place when we are talking
about an NLB cluster. But here is what is different. When they go and request that IP address
from DNS, DNS has in it a record for the name of the cluster, not the individual node, but the
group name. And behind that group name is a group IP address, a virtual IP address, and so it
is important that when you build your NLB cluster that you create the necessary record in DNS
that points to the cluster IP address.

When a client connection is made to that cluster IP address, each individual node is running an
algorithm and they each consistently know who is supposed to handle those requests. So
when those request come in to that group IP address, one of those nodes will step up and say,
"I got that one." And then the next request, a different node might step up and say, "I have got
that one." That's all the magic behind NLB.

3. Controlling traffic
In NLB, each node is being given a set of instructions called port rules. Now, it's these
instructions that tell each host how to handle certain types of traffic. For instance, you might
have a rule that says, 'web traffic' that is traffic destined to port 80 needs to be addressed by all
of the host. That's called Multiple hosts filtering, and it's a particular setting inside of these port
rules.

Now you might also have certain hosts that you prefer for certain types of traffic, so you can
actually weight your rules, as well. And if you wanted to be even more specific, you can set up
what is called Single host filtering mode, whereas in that port rule, you can prioritize traffic for
specific host to specific applications. So these modes, the weight, the priorities, the settings
that combine inside the port rule, these all instruct each NLB host how to respond and
identifies who is responsible to respond.

Now if all things were equal inside these rules, each host would know when it's responsible to
respond to a connection. But how do we prevent every host responding to every single
connection? Well each host runs an algorithm, so it knows when its turn has come, and when it
needs to respond.

Now you might also wonder what happens to traffic that does not actually apply to any of these
rules, it doesn't fit. Well there is what is called a default host. And like a team captain, if there is
an unclarified connection, it will respond to that connection attempt.

Now when you build your own NLB cluster, there are several things you need to decide like
port rules and how to configure them. Now if you are using the Multiple hosts filtering mode,
which you probably will, you also need to determine which Affinity mode you need to set.

Affinity mode is a subsetting within the Multiple hosts filtering mode, and you have got three
options – None, Single, or Network. It sounds like a status field in a dating site. Now the None
affinity mode is the no-loyalties mode. It means all hosts are equally responsible with no other
preference indicated. Now if you choose the None affinity mode, it doesn't necessarily mean
every connection attempt will be randomly assigned to a different server in your cluster. It's not
that random.

Connections are still calculated even with the None affinity mode. Now one of things that
Affinity is based on and these connections are evaluated against is the client's IP address and
the source port that the client is using. So when you go to test the None affinity mode,
depending on your client software, you might actually discover yourself going to the same
node more often than you go to the other nodes, and that is because the source port and the
client's IP address is not changing.

Now what if your web site uses shopping carts? Customer adds something to their cart, only
then they discover moments later that the cart is empty. Well how come? Well there could be
multiple reasons why – perhaps changes in the cluster, perhaps the cluster is running in the
None affinity mode. Now you can add a little stickiness to your web site sessions on your NLB
cluster using a different Affinity mode called Single affinity mode, and you can also use the
Timeout values. Now Single mode tells NLB clusters to guarantee that all connections from the
same IP address go to the same server. This makes it more durable. Now administrators can
also add a Timeout value and that extends that Affinity with a kind of time to live. This way
broken connections or new connections are restored to the same server, so long as it is within
that Timeout value. This is especially helpful for Secure Sockets Layer, or SSL, negotiations
because it's made up of multiple TCP connections. And ultimately, it also keeps the shoppers
happy.

The Network affinity mode is a lot like the Single affinity mode where it's intended to ensure
that network traffic from a particular client goes to the same cluster host. The idea behind the
Network affinity mode is to support clients who are in sites that are passing through multiple
proxy servers. When you have a connection attempt coming from multiple proxies, it might
appear to the cluster as if they are multiple clients, and therefore the connection is subject for
redirection.

With the Network affinity mode, you make the connection a little bit stickier, so any clients from
the same subnet are directed to the same host. Now one final thing I want to mention about
these Affinity modes, if you elect to use the None affinity mode, keep in mind, it does not work
well with IP fragments. So Microsoft recommends that if you select None, not to also select the
User Datagram Protocol, or UDP, protocol or both, the TCP and UDP protocols. None should
be used for TCP connections that's going to give you the best handling of your IP traffic.

4. NLB operations and requirements

Host within an NLB cluster can detect when another host goes down because of heartbeat
traffic. Heartbeats are itsy-bitsy packets that each host in a cluster emits on a fairly frequent
basis. Now when these heartbeats stop coming from any particular host, well the cluster goes
into triage mode. It recalibrates itself. This is called convergence. Convergence stabilizes the
cluster whenever any change is introduced, and once convergence is complete, well then
away it goes, and it continues to respond to client connections with the remaining last standing
nodes.

Now this all happens in a matter of seconds. Keep in mind, it's still possible for a client who
has an active connection to lose connection during this convergence process, if they are
connected to the host that fails. This is why NLB is...well considered more of a high-availability
solution and a load-balancing solution rather than a fault tolerant solution. Now there is another
disadvantage to network load balancing, and that is, it cannot detect application failure. That
means if the application hangs and stops responding, the server might still be able to emit
those heartbeat packets, and the clusters unaware of any problem. So for greater resiliency at
that application level, you might have to consider a third-party solution like an appliance-based
load balancing solution, or you might need to consider Microsoft's failover clustering.

Administering a cluster is made easy because you have multiple control commands that you
can issue. For instance, if you have to take a node out of the cluster, because you need to
perform an upgrade on it, well you can do what is called a Drainstop, which means no new
connections. You wait for those connections to timeout, the client or node is actually free of any
connections, then you can safely take it out of the cluster. You can add and remove nodes to
your cluster, and it reconverges in a matter of seconds, and it makes it very scalable and a
very convenient in the case you have to do upgrade or do any servicing. Now keep in mind,
you can do this all from the GUI tool, NLB manager, but you can also perform these tasks
using PowerShell and the command line tools that come with NLB.

Now a couple of important recommendations before you go and build your first NLB cluster.
Some best practices to think about, and that is you want your NLB cluster typically to run on a
single subnet. Another important decision is to identify how many networking cards you are
going to use. It's recommended that you use multiple networking cards even though it's not
required. The reason for that is, having a separate interface to support host communications
and so those host communications are on a separate network compared to the client access
communications. Now a lot depends on what type of actual operating mode, would depend on
whether or not you are using multiple NICs or single NIC. This is called Unicast or Multicast.
If you have a single NIC, then you have to use the Multicast mode. The downside of the
Multicast mode is the unnecessary traffic that it might generate on your switches, the port
flooding that might occur. So then you could use Internet Group Management Protocol, or
IGMP. The downside to IGMP is whether or not your environment supports an IGMP, so there
are some factors there tied to how many network cards you are going to use, and what your
specific switching environment looks like, and whether or not it's compatible with NLB, so
evaluate that. Another important thing to consider is enabling logging on your clusters, so that
you could have audit information and security, NLB doesn't have its own security. So it's reliant
on the security within the application and other security practices that you have in place.
Configuring a Windows Server 2012 R2 NLB
Cluster
Learning Objective
After completing this topic, you should be able to
◾ choose the best operation mode to configure in a given scenario

1. Demo: Installing NLB

Okay, let's build a Network Load Balancing, or NLB, cluster. I have got three machines here
that I am going to use for my NLB cluster. They are all running Internet Information Server, or
IIS. Now to install NLB, it's pretty straightforward, much like any other role that you have seen
installed in Server 2012. You can use the Add Roles and Features Wizard. You see I am
doing here, and there is NODE1, and then I could actually add the additional servers to this
list, if I wanted. It's a feature, not a role, so this server is actually a Web Server, so I have
actually installed the Web Server role already. And I have done that on the...I have done that
on the other servers as well, so they are all configured as Web Servers, so I am adding the
Network Load Balancing feature now.

And I will include the NLB tool, and fire that off. Now the other way to actually install this is
from...right here, in PowerShell.

[The Hyper-V Manager window is open. In the navigation pane, under Hyer-V Manager, HV97
is selected. In the view pane, under the Virtual Machines section, the details of various virtual
machines are listed in a tabular format. The virtual machines – NODE1 CORP 10.0.3.51,
NODE2 CORP 10.0.3.52, and NODE3 CORP 10.0.3.53 – are in the Running state with 0%
CPU Usage, and with Assigned Memory of 1078 MB, 904 MB, and 594 MB respectively. The
virtual machines – CLUSTER1, CLUSTER2, CLUSTER3, SAN SERVER, and APP4 CORP
10.0.3.4 – are in the Saved state. In the view pane, the instructor double-clicks NODE1 CORP
10.0.3.51, and the NODE1 CORP 10.0.3.51 on HV97 - Virtual Machine Connection is
established and the Dashboard page of the Server Manager window is displayed. The
instructor clicks Manage, clicks Add Roles and Features, and the Add Roles and Features
Wizard is displayed. On the Before you begin page, the instructor clicks Next, and the Select
installation type page is displayed. This page displays two options – Role-based or feature-
based installation and Remote Desktop Services installation – and the Role-based or feature-
based installation option is selected by default, the instructor clicks Next, and the Select
destination server page is displayed. On this page, under Server Pool,
NODC1.Windows.brocadero.com is selected by default, the instructor clicks Next, and the
instructor clicks Next, and the Select server roles page. On this page, File and Storage
Services (1 of 12 is installed) and Web Server (IIS) (8 of 43 installed) checkboxes are selected
by default, the instructor clicks Next, and the Select features page is displayed. On this page,
.NET Framework 4.5 Features (2 of 7 installed) is selected by default, the instructor selects the
Network Load Balancing checkbox, and the Add Roles and Features Wizard is displayed. In
the Add Roles and Features Wizard, the instructor clicks Add Features, and the wizard is
closed. On the Select features page, the Network Load Balancing checkbox is now selected,
the instructor clicks Next, and the Confirm installation selections page displayed. On this page,
the instructor clicks Install, and the installation is in progress. The instructor opens the
Windows PowerShell window.]

So one of the things I would like to do is...I would like to actually do this remotely using what is
called the invoke-command. So with the invoke-command, actually, let's do this first.
Let me find up the name of nlb, so I use get-windowsfeature *nlb*, so it has just
called NLB, which is simple enough. So what I am going to do is, I am going to do invoke-
command, and I want to do this on node2 and node3, and I am going to pass the
commands that are found in the -scriptblock. So to install a feature, you use install-
windowsfeature, and I want to install nlb, and I need to -
includemanagementtools just like that. And so this is an alternative way to install a
feature in Windows Server 2012, and in this example, I am using invoke-command, which
is actually installing this across the network remotely. So you can see...it's kind of flipping back
and forth between 24% and 91%, and you just...you are going to see different numbers
because each one of the nodes – node2 and node3 – are installing at different rates.

And so here is node2 replying back saying, "Success", and then in a little bit, we will have a
reply...there it is for node3. So that's how you install the Network Load Balancing feature.

[The Windows PowerShell window is open. At the administrator command prompt, the
instructor runs the following command: get-windowsfeature *nlb* The output of this command
is displayed in a tabular format. Display Name, Name, and Install State are the column
headings. The display name for NLB is Network Load Balancing and its install state is
Available. The display name for RSAT-NLB is Network Load Balancing Tools and its install
state is Available. Then at the administrator command prompt, the instructor runs the following
command: invoke-command node2,node3 -scriptblock {install-windowsfeature nlb -
includemanagementtools} The output of this command is as follows Success Restart Needed
Exit Code Feature Result ------------ ---------------------- ------------- -------------------- True No
Success {Network Load Balancing, Remote Se WARNING: Windows automatic
updating is not enabled. To that your role or feature is automatically updated, turn on Windows
Update. True No Success {Network Load Balancing, Remote Se
WARNING: Windows automatic updating is not enabled. To that your role or feature is
automatically updated, turn on Windows Update.]

2. Demo: Configuring NLB

Okay, so I have installed the role. Now I am actually ready to build the cluster. Couple of the
key reminders I want to bring to your attention. Remember, NLB is ideally suited for stateless
servers, access servers, and my example, Web Servers. So I have got three nodes that
are...have IIS installed with identical web sites, at least for the most part. And this is going to
be great for this demonstration of Network Load Balancing. The other thing I have done on
these three nodes is, I have dedicated a network card. And the reason I did this is because we
have different types of communication with NLB.

We have access communication where these three nodes are going to be appearing to the
client as a single entity with a single Internet Protocol, or IP, single Media Access Control, or
MAC, address. But then there is still a need for clustered communications, so that they can talk
to each other when a node is removed or added, and so they know this state of the cluster. So
the easiest way to facilitate those kinds of additional communications is to have a separate
NIC for cluster communication, and then run the cluster in the unicast mode.

Now because we are presenting the cluster with its own IP and a single MAC address, and I
am doing my cluster in virtual machines, I also had to configure MAC Spoofing. That's because
virtual machines in Hyper-V have a security feature that prevents the virtual machine, or VM,
from altering and overriding its MAC address.

Well that's a problem because NLB requires the ability to have a shared MAC address. So I
also have to configure MAC Spoofing when I am running unicast mode in virtual machines in
NLB. Let me show you what that looks like here.

[The nlbnotes - Notepad window is open. The notepad displays the following information NLB
Reminders: *Not for every application - ideal for stateless server -Remote Desktop -VPN -
DirectAccess -Exchange client access -Web Servers *Dedicate a NIC for cluster
communication (unicast mode) *On Hyper-V, configure MAC Spoofing for VMs *If using a
single nic - need to configure multicast mode *Need DNS record for NLB Cluster and Cluster
IP]

So I have got this client here. This is NODE1. And this is in a virtual machine window, and I am
going to go to the Settings to this virtual machine, and then here is my additional network card
that I have assigned, and in the Advanced Features is where I can Enable MAC address
spoofing. So this is on the settings of each and every node that I have configured, alright? All
right, so let's go back now, what else do I need to mention here with before we start the
wizard? I also need to mention that if you have a single NIC, if you don't actually do a
dedicated network card, you can still set up Network Load Balance clustering, but you need to
run it in what is called the multicast mode, and essentially that provides an additional MAC
address using multicasting.

Each node will be able to retain a unique MAC address, but then the cluster will have a
multicast MAC address, so you can separate those communications.

[The instructor opens the Network Load Balancing Manager window. On the File menu of
NODE1 CORP 10.0.3.51 on HV97 - Virtual Machine Connection, the instructor clicks Settings,
and the Settings for NODE1 CORP 10.0.3.51 on HV97 dialog box is displayed. In the left pane,
under Hardware, the instructor expands Network Adapter, and clicks Advanced Features. In
the right pane, under MAC address, the Enable MAC address spoofing checkbox is selected
by default. The instructor closes the NODE1 CORP 10.0.3.51 on HV97 dialog box. The
instructor navigates back to the nlbnotes - Notepad window.]

And this is an important point. How are the clients going to be able to locate it, if we do not
have a DNS record for our cluster? So I have done that here as well. I have created a...an A
record ahead of time called nlbweb, that's going to be the name of my cluster, and I have an IP
address, it's not being used, and I dedicate this to the cluster. All right, so I have got my pieces
in place, I have got my additional network card. Now what I am going to do is, go to the
Network Load Balancing tool, and I am going to actually create my cluster. So it's really easy to
do Cluster - New. Let's do this on my first node, the one I am currently on, and then there are
the two interfaces that I have configured.
This is kind of my standard interface, and this one here is the one I dedicated to NLB. At this
NLB interface, I also turned off DNS registrations, so I do not have a kind of confusing
additional records in DNS. So we are going to choose NLB because that's the one I dedicated
for cluster communications, click Next to that, and now what about the cluster IP address?

[The nlbnotes - Notepad window is open. The instructor opens the DNS Manager window. In
the navigation pane, under Forward Lookup Zone, corp.brocadero.com is expanded and
selected. In the view pane, nlbweb is selected. The instructor navigates to the Network Load
Balancing Manager window, from the Cluster menu, clicks New, and the New Cluster: Connect
dialog box is displayed. In the Host field, the instructor types node1, and clicks Connect. The
Connection status section now displays Connected, and the Interfaces available for configuring
a new cluster section is automatically populated with the interface names - CorpNet and NLB
with interface IPs 10.0.3.51 and 10.0.3.55, respectively. The instructor clicks NLB, and clicks
Next. The Dedicated IP addresses section displays the IP address 10.0.3.55 with Subnet mask
255.255.255.0 and the Default state is set to Started. The instructor clicks Next, and clicks
Add.]

So this is a separate address, this is the actual cluster's IP address, and this is the one that
needs to match the record I built in DNS. So here is that unused IP address for the cluster that
will be...this is the one, the clients will use to access it. And what is its name? And this again is
going to be what I put in DNS, so I had nlbweb.corp.brocadero.com.

Okay, and down here is the Cluster operation mode. Now because I am running dual NICs, I
can use the Unicast mode, single NIC, I can elect to use the Multicast mode, click Next. And
this is where I can configure port rules; we can talk more about this little bit later on. But this is
where I can say, this cluster is specifically responding on port 80 because it's a web site; TCP.
If I had more than one cluster IP address, I can indicate what IP address this particular port
rule is for. And there are some other settings that we will look at a little bit later on, and that's
the beginning on my cluster.

[The Add IP Address dialog box is open. In this dialog box, the Add IPv4 address option is
selected. In the IPv4 address field, the instructor types 10.0.3.54, types 255.255.255.0 in the
Subnet field, and clicks OK. The IP address 10.0.3.54 with Subnet mask 255.255.255.0
appears in the Cluster IP addresses section of the New Cluster: Connect dialog box. The
instructor clicks Next. The IP address, Subnet mask, and Network address fields are populated
with values - 10.0.3.54, 255.255.255.0, and 02-bh-0a-00-03-36, respectively. The Cluster
operation mode section consist of three options Unicast, Multicast, and IGMP multicast, and
the Unicast option is selected by default. In the Full Internet name field, the instructor types
nlbweb.crop.brocadero.com, clicks Next, clicks Edit, and the Add/Edit Port Rule dialog box is
displayed. In this dialog box, by default, the All checkbox is selected, To field displays 65535,
Both is selected in the Protocols section, Multiple host and Single affinity is selected in the
Filtering mode section. In the From field of the Port range section, the instructor types 80,
types 80 in the To field, clicks TCP in the Protocols section, clicks OK, and the Add/Edit Port
Rule dialog box closes. In the New Cluster: Connect dialog box, the instructor clicks Finish,
and the dialog box closes.]

Now I need to add the other hosts, so let me drop those in here real quick. Same procedure,
choosing the NLB interface, it has the same port rules because it's pulling that from the other
node, and to add one more because this is a three-node cluster. Here is the NLB interface.
There is that interface, there is that. Okay, so now what is happening in this is, you can see, it's
going through a convergence process that is where the nodes are communicating to each
other, they are establishing the algorithm they are going to use to distribute loads, they're
sharing configuration and settings. If I Refresh this, we will start seeing them turn green. Let's
actually test this communication now. I have got a client that we can use.

[The Network Load Balancing Manager window is open. In the navigation pane, the instructor
right-clicks nlbweb.corp.brocadero.com (10.0.3.54), clicks Add Host to Cluster in the shortcut
menu, and the Add Host to Cluster: Connect dialog box is displayed. In the Host field, the
instructor types node2, and clicks Connect. The Connection status section now displays
Connected, and the Interfaces available for configuring a new cluster section is automatically
populated with the interface names - CorpNet and NLB with interface IPs 10.0.3.52 and
10.0.3.56, respectively. The instructor clicks NLB, and clicks Next. The Dedicated IP addresses
section displays the IP address 10.0.3.56 with Subnet mask 255.255.255.0 and the Default
state is set to Started, the instructor clicks Next. The following port rule information is
displayed. Cluster IP address - All Start - 80 End - 80 Protocol - TCP Mode - Multiple Load -
Equal Affinity - Single The instructor clicks Finish. NODE2(NLB) gets added to
nlbweb.corp.brocadero.com (10.0.3.54). In the navigation pane of the Network Load Balancing
Manager window, the instructor right-clicks nlbweb.corp.brocadero.com (10.0.3.54), clicks Add
Host to Cluster in the shortcut menu, and the Add Host to Cluster: Connect dialog box is
displayed. In the Host field, the instructor types node3, and clicks Connect. The Connection
status section now displays Connected, and the Interfaces available for configuring a new
cluster section is automatically populated with the interface names - NLB and CorpNet with
interface IPs 10.0.3.57 and 10.0.3.53, respectively. The instructor clicks NLB, and clicks Next.
The Dedicated IP addresses section displays the IP address 10.0.3.57 with Subnet mask
255.255.255.0 and the Default state is set to Started, the instructor clicks Next. The following
port rule information is displayed. Cluster IP address - All Start - 80 End - 80 Protocol - TCP
Mode - Multiple host Load - Equal Affinity - Single The instructor clicks Finish. NODE3(NLB)
gets added to nlbweb.corp.brocadero.com (10.0.3.54). In the navigation pane of the Network
Load Balancing Manager window, the instructor right-clicks nlbweb.corp.brocadero.com
(10.0.3.54), clicks Refresh. The instructor navigates to the Hyper-V Manager window. In the
view pane, under Virtual Machines, the instructor double-clicks Client3 8.1 Pro. The Client3 8.1
Pro on HV97 - Virtual Machine Connection is established. The instructor logs in as Jupiter with
a password.]

And I have got nlbweb.corp.brocadero.com, this is from an earlier...a test of my web site, just
making sure it's responsive, so I am going to click Refresh, and there we go.

So you can see, I am now connected to NODE 3. This is my web site. Let's change it up. Let's
go back to that cluster. Here is my three cluster nodes, let's go back to NODE1, and I have got
everything convergence, so it's distributing the load. So right now it's hitting NODE3, you can
actually come in here, and Stop the node. I will turn that off. Let's go back to the client now,
and we will Refresh, and now I am connected to NODE 2, because NODE 3 is not available
and it's distributing the load. So that's the network load cluster in action.

[The Internet Information Services - NODE2 page of the IIS Windows Server window is open in
Internet Explorer. The instructor clicks Refresh, and the Internet Information Services - NODE3
page is displayed. The instructor closes the Internet Explorer window. In the view pane of the
Hyper-V Manager window, under Virtual Machines, the instructor double-clicks NODE1 CORP
10.0.3.51, and the Network Load Balancing Manager window is displayed. In the navigation
pane, under nlbweb.corp.brocadero.com (10.0.3.54), the instructor right-clicks NODE3(NLB),
clicks Control Host - Stop in the shortcut menu. The instructor navigates to the Hyper-V
Manager window. In the view pane, under Virtual Machines, the instructor double-clicks Client3
8.1 Pro. The Internet Information Services - NODE3 page of the IIS Windows Server window is
displayed in Internet Explorer. The instructor clicks Refresh, and the Internet Information
Services - NODE2 page is displayed.]
Managing a Windows Server 2012 R2 NLB
Cluster
Learning Objective
After completing this topic, you should be able to
◾ recognize how to configure an NLB cluster in a given scenario

1. Demo: Configuring the cluster

All right, it is time for some demonstration fun. In the demonstrations to follow, I want to show
you how to configure the parameters in a Network Load Balancing, or NLB, cluster. These
parameters include the port rules, the filtering modes, the affinity modes, the host settings, and
a bunch of other settings. So let's get started.

Let's have a look now at the different parameter and configuration options available in the
Network Load Balancing Cluster, and there are three categories. We are going to look at
cluster parameters, host parameters, and port rules. Now these can be found in the Network
Load Balancing Manager console we see here. And there are two places to go to make
changes to those different parameters. The primary one here is at the top, where I can go to
Cluster Properties, and exposed here are many of the same settings we have found in the
create wizard. I can Edit and change and Add cluster Internet Protocol, or IP, address.

Under Cluster Parameters, this is where I can configure the Internet name of that cluster, and
I can also come back and change the operation mode. Remember, this is an important setting
because if I have a single network interface card, or NIC, I might need to turn on Multicast
mode, so I can break that out the traffic, the clustering traffic versus the client access traffic or
maybe I want to take advantage of Multicast mode. And one thing to keep in mind is, if you
turn on Internet Group Management Protocol, or IGMP multicast, you can use the IGMP
protocol to reduce the amount of traffic that multicast might generate through your switches by
flooding the ports. IGMP is...is more effective and more intelligent, but a lot depends on your
environment.

You might actually have to go to your switch and edit the Address Resolution Protocol, or ARP,
tables manually to support the Media Access Control, or Mac, address of the cluster. That way
clients and external subnets can access your cluster with the help of IGMP in your switch. So a
lot depends on your environment that is why this little warning comes up. But this Cluster
Parameters tab is where I can go and make changes to the operation mode.

[The nlbnotes2 - Notepad window is open. The notepad displays the following information:
THREE TYPES OF PARAMETERS: *Cluster parameters *Host parameters *Port rules The
instructor navigates to the Network Load Balancing Manager window. In the navigation pane,
the instructor right-clicks nlbweb.corp.brocadero.com (10.0.3.54), clicks Cluster Properties in
the shortcut menu, and the nlbweb.corp.brocadero.com(10.0.3.54) Properties dialog box is
displayed. The Cluster IP Addresses tab displays the IP address 10.0.3.54 and the Subnet
mask 255.255.255.0. The instructor clicks the Cluster Parameters tab. This tab displays the
following Cluster IP configuration information: IP address: 10.0.3.54 Subnet mask:
 255.255.255.0 Full Internet name: nlbweb.corp.brocadero.com Network address: 02-bf-
0a-00-03-36 Cluster operation mode: Unicast]

All right, so those are Cluster Parameters. Next thing I want to look at is, Port Rules. And
Port Rules have a lot to do with controlling how traffic is distributed within the cluster itself.
Now there is a default rule that is not really presented here in this list, and it has, basically
says, any traffic, and there is a little description down here. It says, "Any traffic that does not
actually meet the criteria defined by this rule here will be handled by the default host, which is
NODE1."

In my case, I have got a rule established for web traffic. For any traffic that is destined for port
80, can then be routed within the cluster to Multiple nodes within that actual cluster. I can Edit
that rule or I can Add additional rules, if I need to, just to control and manage traffic for
different types of applications that this cluster is supporting and different types of requests that
my clients might be making. If I click Add here for example, maybe I want to create a rule for
port 21. Now when you make these rules, you have got this two halves basically with this
dialog box. The top half has a lot to do with the scope of the rule; the bottom half has to do with
the action or the weight of the rule...it is going to handle the traffic.

Up here at the top, I can define a rule based on address, based on Port range, based on
Protocols. I can choose for instance like port 21 or with TCP or, TCP or UDP or specify, you
know, very specifically which IP address and which port I want this rule to apply to.

[The Cluster Parameters tab of the nlbweb.corp.brocadero.com(10.0.3.54) Properties dialog

box is open. The instructor clicks the Port Rules tab. The following port rule information is
displayed. Cluster IP address - All Start - 80 End - 80 Protocol - TCP Mode - Multiple Affinity -
None The instructor clicks Add, and the Add/Edit Port Rule dialog box is displayed. In this
dialog box, by default, the All checkbox is selected, To field displays 65535, Both is selected in
the Protocols section, Multiple host and Single affinity is selected in the Filtering mode section.
In the From field of the Port range section, the instructor types 21, types 21 in the To field, and
clicks TCP in the Protocols section.]

Now comes to the second half of this, which is really important, and that is the Filtering mode.
One of the things that I want you to understand is the distinction between Multiple host and
Single host, and this concept of Affinity. Now when we think of load balancing, right, we are
talking about request that come into our cluster. Clients see the cluster as a single entity, they
are not even aware that there might be a server farm behind that single cluster name, but we
are...what is happening behind the scenes is that request is being distributed across the
different nodes.

With Filtering mode, that is what is taking place, that is Multiple host. Now one of things you
can control as you can define the Affinity with Multiple host. Affinity has to do with the kind of
the degree of loyalty. So for instance, you might come into a restaurant maybe sit down, and
you have four or five different people come and serve you, and there is no necessarily
particular person assigned to your table, that kind of affinity you might describe as None.
Meaning, traffic can be distributed across the nodes, and subsequent connections and
subsequent request can go to any particular node.

[The Add/Edit Port Rule dialog box is open. The instructor clicks None as Affinity.]
Now you might have a session-based web site that relies on cookies, and so you wanted a
certain degree of loyalty like going to a restaurant, and having one particular server, your
favorite server, your one particular seat that you go to, and that particular server is the one that
serves you, that's kind of a single filtering mode.

Nonetheless, if that server is out sick, and you have a need to actually still, of course, eat or
access that web site here is what we are talking about. Well then with Single, Multiple host
affinity, you have some session-based loyalty, if you will. But if you need to, you have the ability
to send your request to other nodes. And then we have got this called Network, which is
similar to a Single. It is just making the distinction based on the subnet of the requesting
clients who are coming through multiple proxies, and if the clients come in from a site that has
multiple proxies that they are passing through, multiple connections from one single client
might appear as if it is multiple clients. So this here it looks at that and says, "Well those
request from that network we are going to send it to this particular host."

[The Add/Edit Port Rule dialog box is open. The instructor clicks Single as Affinity, then clicks
Network as Affinity.]

Now this is Multiple host. What we are talking about is, distributing load among
multiple...multiple participants in our actual cluster. But what if your request comes in and we
want to stipulate that this particular request only goes to one particular node. Maybe we only
have this application running on a single host. That is where we can use Single host. And so
this kind of is...a rule that creates an exception to the Multiple host or load-balancing concept
of our cluster and directs traffic to a specific host.

Now when you define these Multiple host and Single host, when there is a...there is a
secondary configuration that is done on the actual host themselves, that is not exposed here
because we are at the cluster level of our port rules.

So for instance, if I leave this at Multiple host, and I leave this at Single affinity, what I can do
is, click OK to this, click OK, and this is going to take a moment. What it is going to do is, it is
going to push those rules out across multiple nodes, so they all have the same rules, and then
it's going to go through a convergence and make sure that they are all consistent with each
other.

[The Add/Edit Port Rule dialog box is open. The instructor clicks OK, and the Add/Edit Port
Rule dialog box closes. The instructor clicks OK in the nlbweb.corp.brocadero.com(10.0.3.54)
Properties dialog box, and the dialog box closes. The instructor navigates to the Network Load
Balancing Manager window.]

Then once that happens, I get my green, I can actually go to Host Properties. And then there
is a Port Rules tab, and when I click Edit to this, I can't edit the settings that were defined at
that cluster level, but there is an option down here where it talks about Load weight. What
Load weight allows me to do is, it allows me to actually kind of distribute the load among
different nodes. So I am currently focused on NODE3. That is the properties that I am looking
at, and what I can do is remove equality here and say, "Well, I want NODE3 to respond to a
greater portion of the traffic."
So this allows me to actually kind of put some additional intelligence behind the port rule on a
node-by-node basis to distribute the load across Multiple host with Single affinity in mind. But
then I can also indicate with the Load weight, a preference.

[The Network Load Balancing Manager window is open. In the navigation pane, under
nlbweb.corp.brocadero.com (10.0.3.54), the instructor right-clicks NODE3(NLB), clicks Host
Properties in the shortcut menu, and the NODE3(NLB) Properties dialog box is displayed. In
this dialog box, the instructor clicks the Port Rules tab, and the following port rules information
are displayed: Cluster IP address - All Start - 21 End - 21 Protocol - TCP Mode - Multiple Load
- Equal Affinity - Single Cluster IP address - All Start - 80 End - 80 Protocol - TCP Mode -
Multiple Load - Equal Affinity - None The instructor clicks port 21, and clicks Edit, and the
Add/Edit Port Rule dialog box is displayed. In this dialog box, all the fields are disabled except
Load weight or Equal. In the Filtering mode section, the Equal checkbox is selected by default.
The instructor clears the Equal checkbox, and types 80 in the Load weight field.]

Now there is another option here called Handling priority. You may have noticed that when I
chose Single host, there was no way at that cluster level for me to indicate which host I
actually want to service that traffic.

Well let's backup, let's go to the Cluster Properties. Let me go back to my Port Rules, and let
me change that to Single host now. Same process has to take place. Rules get pushed. We
have some convergence here. I am going to Refresh this. There we go.

[The Add/Edit Port Rule dialog box is open. In this dialog box, the instructor clicks Cancel, and
the dialog box closes. In the NODE3(NLB) Properties dialog box, the instructor clicks Cancel,
and the dialog box closes. In the navigation pane of the Network Load Balancing Manager
window, the instructor right-clicks nlbweb.corp.brocadero.com (10.0.3.54), clicks Cluster
Properties in the shortcut menu, and the nlbweb.corp.brocadero.com(10.0.3.54) Properties
dialog box is displayed. The Cluster IP Addresses tab of this dialog box displays the IP address
10.0.3.54 and Subnet mask 255.255.255.0. The instructor clicks the Port Rules tab, and the
following port rules information are displayed: Cluster IP address - All Start - 21 End - 21
Protocol - TCP Mode - Multiple Affinity - Single Cluster IP address - All Start - 80 End - 80
Protocol - TCP Mode - Multiple Affinity - None The instructor clicks port 21, and clicks Edit, and
the Add/Edit Port Rule dialog box is displayed. In this dialog box, the instructor clicks OK, and
the dialog box closes. The instructor clicks OK in the nlbweb.corp.brocadero.com(10.0.3.54)
Properties dialog box, and the dialog box closes. In the navigation pane of the Network Load
Balancing Manager window, the instructor right-clicks nlbweb.corp.brocadero.com (10.0.3.54),
and clicks Refresh in the shortcut menu.]

Now I will go back into NODE3's Host Properties. Go back to the Port Rules. And now what
is available to me is not Load weight that is associated with the Multiple host filtering mode,
but what is available to me is Handling priority, and this is a different concept.

If I am choosing Single host as my Filtering mode, then request for port 21 on TCP, I want it
directed to whichever node has the highest priority.

Now there is still the ability to failover, if you will. So you still have that load balancing
availability concept in place, so that other hosts could potentially address that traffic. In this
case, this is set to Handling priority 3, so it is third in line. And if you look at NODE1 or
NODE2's parameters, you would see that those would take the place of one or two. And so
what I can do is, I can say why I want NODE3 actually to be number one, and so I could
change that. And so what I have got is a scale here between 1 through 32 because I can have
32 nodes in my cluster and this allows me to actually indicate a handling preference with
Single host as my Filtering mode. So that is an important distinction. With Filtering mode set
to Multiple host, I can distribute the load based on weight. With Single host, I can set a
particular Handling priority. The lower the number, the higher the priority.

[The Network Load Balancing Manager window is open. In the navigation pane, under
nlbweb.corp.brocadero.com (10.0.3.54), the instructor right-clicks NODE3(NLB), clicks Host
Properties in the shortcut menu, and the NODE3(NLB) Properties dialog box is displayed. The
Host Parameters tab of this dialog box displays the IP address 10.0.3.57 and Subnet mask
255.255.255.0. The instructor clicks the Port Rules tab, and the following port rules information
are displayed: Cluster IP address - All Start - 21 End - 21 Protocol - TCP Mode - Multiple
Priority - 3 Cluster IP address - All Start - 80 End - 80 Protocol - TCP Mode - Multiple Load -
Equal Affinity - None The instructor clicks port 21, and clicks Edit, and the Add/Edit Port Rule
dialog box is displayed. In this dialog box, all the fields are disabled except the Handling
priority field, and this field is set to 3. The instructor clicks Cancel, and the dialog box closes.]

Now there are some other things I can define here on node properties. So let's backup a
moment. If I go to Host Parameters, this is where I can actually come in here and configure
the IP addresses for a specific host. You can actually come in here and alter the priority here
as well for that host.

I can change the Initial host state. So this has a lot to do with the initialization of the cluster and
what state I want this node to be in, so I have got Started, Stopped, and Suspended. I have
got the ability to actually view the Cluster IP Addresses and Cluster Parameters, although,
these are not changeable here because I am at the node level. These are settings that it is
inheriting from the Cluster Parameters. So that is a look at those three different areas, Cluster
parameters, Host parameters, Port rules, and particularly looking at the filtering modes and
how we can weight the way traffic is directed within the cluster.

[The Port Rules tab of the NODE3(NLB) Properties dialog box is open. The instructor clicks the
Cluster IP Addresses tab, and then clicks the Cluster Parameters tab. The instructor closes the
NODE3(NLB) Properties dialog box closes. The instructor navigates to the nlbnotes2 -
Notepad window.]

Now like most things in Windows Server 2012, you can make configuration changes not only in
the user interface, or UI, but also in PowerShell. Let me show you now how to make a couple
of configuration changes in PowerShell.

So let's bring up my PowerShell Integrated Scripting Environment, or ISE, and here are some
examples. First of all, I can retrieve information about my existing NLB cluster very simply with
this Get-NlbCluster command, pretty consistent with the other types of PowerShell
commands you probably have seen. I can either point it to an individual node or I can point it to
the actual name of the cluster. My case, I am on NODE1, but it is no longer part of the clusters
I can point to node2, and retrieve information. So it shows me the status, the actual operating
mode, and the address of the cluster.

[The Network Load Balancing Manager window is open. The instructor opens the Windows
PowerShell window. The instructor selects and runs the following command: Get-NlbCluster
node2 The output of this command is displayed in a tabular format. Name, IPAddress,
SubnetMask, and Mode are the column headings. nlbweb.corp.brocadero.com is the name of
the cluster, 10.0.30.54 is the IP address, 255.255.255.0 is the subnet mask, and UNICAST is
filtering the mode.]

Now what if I want to add this machine to the cluster? So I can retrieve this information using
that Get-NlbCluster node2, I can pipe it to the add-NlbClusternode command. So
it has these important settings in its memory. I can then within that pipeline say, "Hey, let's add
node1 to that cluster." I can indicate the particular interface. Let's fire this off. And as this runs,
if I go back to the UI in a moment, let's run Refresh, we will see that NODE1 will be added.
Refresh, there we go, and it should take a moment and it will eventually converge.

Now what if I want to actually change some of the actual nodes settings? Well there is a
variety of commands that I can do that with. For instance, this one here sets the actual cluster
node, -InitialHostState. Remember you have a different setting, Started, Stopped,
Suspended, and this has a lot to do with what happens with the operating system reboot, and
whether or not you want the cluster to actually wait before it actually start. You might have an
application that is pretty slow to initialize. So if that is the case, you can run something like this,
and that will change the actual initial host state of that cluster node.

[The Windows PowerShell window is open. The instructor selects and runs the following
command: Get-NlbCluster node2|add-NlbClusternode -newnodeinterface NLB -newnodename
node1 The instructor navigates to the Network Load Balancing Manager window. In the
navigation pane, the instructor right-clicks nlbweb.corp.brocadero.com, and clicks Refresh in
the shortcut menu. Again, in the navigation pane, the instructor right-clicks
nlbweb.corp.brocadero.com, and clicks Refresh in the shortcut menu. NODE1(NLB) now
appears under nlbweb.corp.brocadero.com. The instructor navigates to the Windows
PowerShell window. The instructor selects and runs the following command: Set-
NlbClusternode -HostName node1 -InitialHostState Stopped -InterfaceName NLB The output
of this command is displayed in a tabular format. Name, State, Interface, and HostID are the
column headings. node1 is the name of the cluster, Converged(default) is the state, NLB is the
interface, and 1 is the host ID.]

Then I have this ability here and that is to configure port rules. So just about anything that I can
do here with my NLB cluster in the UI, I can do here in PowerShell.

So here is another example of that. Adding a port rule. And these things are all going to be
reflected of course in the UI once I do a Refresh. Give it a moment here to catch up. I had
given it lots of instructions here in the last minute or so.

It is still thinking about it. And let's actually go to the properties of NODE1 here, and you can
see the Initial host state is changed. And if I go to Port Rules, that is where we are waiting on
for these port rules to be applied. There we go. One more look, and there is my new port rule.
All right, so that is the power of PowerShell, you can use it to start, stop, configure your
Network Load Balancing cluster.

[The Windows PowerShell window is open. The instructor selects and runs the following
command: Get-NLBCluster|Add-NlbClusterPortRule -StartPort 443 -EndPort 443 The
instructor navigates to the Network Load Balancing Manager window. In the navigation pane,
the instructor right-clicks nlbweb.corp.brocadero.com, and clicks Refresh in the shortcut menu.
Again, in the navigation pane, the instructor right-clicks nlbweb.corp.brocadero.com, and clicks
Refresh in the shortcut menu. Again, in the navigation pane, the instructor right-clicks
nlbweb.corp.brocadero.com, and clicks Refresh in the shortcut menu. In the navigation pane,
under nlbweb.corp.brocadero.com, the instructor right-clicks NODE1(NLB), clicks Host
Properties in the shortcut menu, and the NODE1(NLB) Properties dialog box is displayed. On
the Host Parameters tab, by default, the Priority (unique host identifier) field is set to 1, IP
address is 10.0.3.55, Subnet mask is 255.255.255.0, and Default state is set to Stopped. The
instructor clicks the Port Rules tab, and the following port rules information are displayed:
Cluster IP address - All Start - 21 End - 21 Protocol - TCP Mode - Single Priority - 1 Cluster IP
address - All Start - 80 End - 80 Protocol - TCP Mode - Multiple Load - Equal Affinity - None
The instructor clicks the Cancel button and the dialog box closes. In the navigation pane of the
Network Load Balancing Manager window, the instructor right-clicks
nlbweb.corp.brocadero.com, and clicks Refresh in the shortcut menu. In the navigation pane,
under nlbweb.corp.brocadero.com, the instructor right-clicks NODE1(NLB), clicks Host
Properties in the shortcut menu, and the NODE1(NLB) Properties dialog box is displayed. In
this dialog box, the instructor clicks the Port Rules tab, and the following port rules information
are displayed: Cluster IP address - All Start - 21 End - 21 Protocol - TCP Mode - Single Priority
- 1 Cluster IP address - All Start - 80 End - 80 Protocol - TCP Mode - Multiple Load - Equal
Affinity - None Cluster IP address - All Start - 443 End - 443 Protocol - Both Mode - Multiple
Load - Equal Affinity - Single The instructor closes the NODE1(NLB) Properties dialog box.]

2. Demo: Maintaining the cluster

If you find yourself in a place where you actually need to service an NLB cluster, maybe you
built one on 2008 and you want to upgrade it to 2012. Maybe you have got a host node that
needs to be pulled out, decommissioned for some reason or maybe updated in service pack,
and then brought it back into the cluster. How do you go about doing that? Well it is actually
easier than you think. It is just a couple of steps. One of the advantages of NLB is, you can
actually remove one node at a time, performing a rolling upgrade. This keeps the cluster
actually up and running and responsive while you are performing your servicing, while you are
doing your upgrade or what have you behind the scenes.

Then you can add that host back into the cluster. Even if it is a different operating system,
Microsoft will allow us to do kind of a temporary operating system, or OS, miss...mix and
match. But that is not intended to really for a kind of a long-term approach so keep that in
mind. You don't want to run host of different operating systems for any length of time. So the
process is pretty simple. You want to be able to remove a host, but it should not have any
active connections, right? So there is where you can use the Drainstop...control command, and
that will prevent any new connections to be established, and you will allow the old connections
to dissipate and timeout, and then you can bring that host offline. Then you bring it back in, you
restore it, then the cluster converges, and then you move on to the next host. Rinse and
repeat, if you will. So that is how easy it is to do a rolling upgrade and service your cluster.

Okay, let's get our hands dirty. Let's actually walk through some of the steps we have been
talking about. Remember the scenario is all about upgrading an existing Network Load
Balancing cluster to a new operating system or maybe troubleshooting, servicing, maintaining
the application. So on those types of scenarios, we are considering a rolling upgrade. We are
not servicing the cluster as a whole, but individual nodes. Now we also need to be
conscientious of any active connections, which means we can do the...our servicing, but we
are going to do it on individual nodes, one at a time, and we want to do a drainstop action, not
to interrupt any active connections. So let me show you a little bit of what I am talking about.

[The upgrading NLB - Notepad window is open. The notepad displays the following
information: STEPS TO UPGRADE NLB: *Perform rolling upgrade - not all the nodes at once (I
recommend starting with one node) *Use drainstop on selected nodes - change initial host
state to Stopped *After you upgrade a single node confirm NLB still works! *Rinse, repeat! until
entire cluster is upgraded]

First of all, how do I know if I have active connections? While my machine here, it's a web
server, I can use Performance Monitor, and grab a counter that actually shows me what
current connections exist against my Web Service. So I have got this Current Connections,
here we go. And you can see there I have got two active connections right there. And these are
being generated from a client machine that I have down here. And here are my active
connections, if I click on this, you can see that it is been distributed across the different nodes.

And if you go back, you can see I got a couple of additional connections, all right. So on
monitoring this, I know I have got some active connections, what I don't want to do is, just
come into the cluster, and interrupt those client connections.

[The instructor opens the Performance Monitor window. In the toolbar, the instructor clicks the
Add menu icon, and the Add Counters dialog box is displayed. In this dialog box, under
Available counters, the instructor expands Web Service, selects Current Connections, clicks
Add, clicks OK, and the dialog box closes. Now the current connections get distributed across
different nodes. The instructor opens the Hyper-V Manager window. In the view pane, under
Virtual Machines, the instructor double-clicks Client3 8.1 Pro, and the Internet Information
Services of NODE 1 window is displayed in Internet Explorer. The instructor opens the Internet
Information Services of NODE 2 window, Internet Information Services of NODE 3 window,
and again, Internet Information Services of NODE 1 window. The instructor navigates to the
Hyper-V Manager window. In the view pane, under Virtual Machines, the instructor double-
clicks NODE1 CORP 10.0.3.51. The Performance Monitor that is already opened is displayed.
The instructor opens the Network Load Balancing Manager window.]

So I need to add my cluster here to my Network Load Balancing Manager console, so I can
manage it. Now I can come in here, and I can right-click and connect to an existing cluster
node, another thing I can do...if you do a lot with Network Load Balancing Clusters. You can
actually save your different clusters into a text file, and then load them from that text file, and
you can perform this management from a remote client machine with remote server
administration tools.

All right, so here is NLB with NODE1 and I know that it has some active connections. I need to
perform some administrative commands here. And I am going to use what are called...what is
called Drainstop. Now what Drainstop does is, it actually prevents any new connections, it
honors the active connections, prevents any new connections. So now what I need to do is,
just wait for the time, and you can see I have got one connection that is timed out already, and
I just need to wait for these additional two connections to timeout. Once this goes back to zero,
I know I am safe to actually delete the host. And by deleting the host, the nodes will
reconverge, it will continue to service clients, but then NODE1 is free for me to perform my
upgrade, we can perform my servicing.
[The Network Load Balancing Manager window is open. From the File menu, the instructor
clicks Load Host List, and the Open dialog box is displayed. In this dialog box, the instructor
double-clicks the nlbhostlist text document, and the nlbweb.corp.brocadero.com cluster is now
listed under Network Load Balancing Clusters. In the navigation pane, under
nlbweb.corp.brocadero.com (10.0.3.51), the instructor right-clicks NODE1(NLB), clicks Control
Host - Drainstop in the shortcut menu. The instructor opens the Performance Monitor window
and checks the performance of the clusters. In the navigation pane, under
nlbweb.corp.brocadero.com (10.0.3.51), the instructor right-clicks NODE1(NLB), and points to
Delete Host.]

Now that is different of course than coming in and doing a hard Stop. A hard Stop is going to
interrupt any active connections, and so of course not going to honor any new connections.
And now I need that immediate availability for the node, I could certainly do that. That is not
going to honor those client connections. So I have got NODE1 and NODE2 in two different
states. Now the other state I want to mention are more administrative controls. So this has to
do with preventing administrative commands to be issued to the nodes, so I can Suspend a
node and that kind of puts it in a file lock type of state, where no other administrative command
could be issued to this NODE2, except for resuming it, and maybe some queries about
NODE2. So these two here are more for administrative kind of locking the node, and that might
be useful, if you have multiple administrators administering your nodes.

[The Network Load Balancing Manager window is open. In the navigation pane, under
nlbweb.corp.brocadero.com (10.0.3.51), the instructor right-clicks NODE2(NLB), clicks Control
Host - Stop in the shortcut menu. Again, the instructor right-clicks NODE2(NLB), clicks Control
Host - Suspend in the shortcut menu. Again, the instructor right-clicks NODE2(NLB), clicks
Control Host - Resume in the shortcut menu.]

Now that I have got these two nodes in different states. Let's actually see what their behavior
looks like. Predictably, I should only be able to log into NODE 3 or access or connect to NODE
3. There we go.

So the reason why I am not seeing NODE 2 is because it is been stopped, and the reason I
am not seeing NODE 1 is because it is been drainstopped and not permitting new connections.
Okay, so let's check NODE 1. It has no connections, so it's now ready, I can right-click on it,
and I can actually remove it from the cluster. Then when I am ready to return it, I can right-click
and of course add it back to the cluster.

The last thing I want to mention is, when you are performing servicing or you need to
troubleshoot or just audit and maintain your cluster, one of the other things that is useful is to
turn on Log Settings. This basically takes the information that you can see in this lower pane
down here and records it as a transcript for you, so you can later refer to it in regards to the
activity against your cluster. So those are some of the important administrative commands that
you can perform particularly, if you are doing an upgrade or you need to troubleshoot your
cluster.

[The Network Load Balancing Manager window is open. The instructor navigates to the Hyper-
V Manager window. In the view pane, under Virtual Machines, the instructor double-clicks
Client3 8.1 Pro, and the Internet Information Services of NODE 1 window is displayed in
Internet Explorer. The instructor opens the Internet Information Services of NODE 3 window,
Internet Information Services of NODE 3 window, again, Internet Information Services of
NODE 3 window, again, Internet Information Services of NODE 3 window, and again, Internet
Information Services of NODE 3 window. The instructor closes Internet Explorer. The instructor
navigates to the Hyper-V Manager window. In the view pane, under Virtual Machines, the
instructor double-clicks NODE1 CORP 10.0.3.51. The Performance Monitor that is already
opened is displayed. The instructor opens the Network Load Balancing Manager window. In
the navigation pane, under nlbweb.corp.brocadero.com (10.0.3.51), the instructor right-clicks
NODE1(NLB), clicks Delete Host in the shortcut menu. The Network Load Balancing Manager
message box is displayed. In this message box, the instructor clicks Yes, and the message
box closes. In the navigation pane, the instructor right-clicks nlbweb.corp.brocadero.com
(10.0.3.51), points to Add Host to Clusters in the shortcut menu. From the Options menu, the
instructor clicks Log Settings, and Log Settings dialog box is displayed. In this dialog box, by
default, the Enable logging checkbox is selected, and the Log filename field displays
c:\logsnlb.logs. The instructor clicks OK, and the dialog box closes. In the navigation pane, the
instructor right-clicks nlbweb.corp.brocadero.com (10.0.3.51), points to Control Hosts - Stop in
the shortcut menu.]
Windows Server 2012 R2 Failover Clustering
Overview
Learning Objective
After completing this topic, you should be able to
◾ recognize quorum nodes

1. Cluster overview
In the bygone days of the 90s, you could have a server go down and it might not even be
noticed. But today if a server goes down, it could cost thousands, maybe even millions of
dollars. That's because, today we live in an always-on, always-connected environment with
virtualization everywhere. So today we need high availability, more than ever. And Windows
provides us a great solution in its failover clustering services. Now don't confuse Microsoft's
failover clustering with its Network Load Balance, or NLB, clusters.

Failover clustering in 2012 allows me to actually build up redundant systems that provide high
availability for statefull applications. Microsoft's failover clustering then gives me multiple levels
of high availability that allow me to recover from disasters or even for those planned
downtimes. And this includes high availability in my hardware, in the workload, in the
applications, in my management, even in multiple locations. So these are some of the reasons
Microsoft's failover clustering is ideal for today's world with the cloud, and ideal for me,
because it helps me eliminate those single points of failure in the Information Technology, or IT,
services that I support.

Microsoft's failover clustering has been around for a while, and it has seen major changes over
the years, and Windows Server 2012 is no different. So you might be wondering, what has
changed? So much, so much is changed. There are new features and big improvements. For
instance, we have scale-out file servers, Cluster-Aware Updating, or CAU, which really
improves our management and support, improved validation and scalability. So we have now
up to 64 nodes in a cluster and up to 8000 virtual machines in our Hyper-V clusters. As for R2,
we have enhancements as far as guest clustering is concerned. So this new feature called
shared virtual hard disk, or VHDX, files, which is going to be great for those hosting private
clouds.

Virtual machine drain, which will actually move live migrate of virtual machine, if it detects that
the host is being shutdown. And that we have improvements as far as performance is
concerned in multiple areas like Cluster Shared Volumes, or CSVs, and in quorum, and a
deeper degree of monitoring the actual applications and services, not just the state on the
virtual machine. All of these are some of the big enhancements and there are even more in
2012 clustering.

You could put just about anything into a failover cluster. Typical roles include Hyper-V,
database services, e-mail services, file servers, and the like. You can even put infrastructure
services into your cluster like Distributed File System, or DFS, and Dynamic Host
Configuration Protocol, or DHCP. Now of course, clustering may not be necessary, but in
today's world, we take so many of these workloads and we virtualize them. So without
clustering, that's kind of like putting all my eggs in one basket. If that basket breaks, then well,
you know what happens.

So an important part of my evaluation of my environment is, asking the question, where are my
single points of failure, and then building a high-availability strategy around that – that means
using failover clustering to protect the server roles. I can also use failover clustering to provide
high availability, not just when the basket breaks, but when I have planned downtime.
Downtime is inevitable, right? We have to do maintenance and upgrades, and other types of
servicing. So using failover clustering for these roles gives me a way to provide these services,
at the same time, servicing and upgrading them.

[A screenshot listing the following roles are displayed. - DFS Namespace Server - DHCP
Server - Distributed Transaction Coordinator (DTC) - File Server - Generic Application -
Generic Script - Generic Service - Hyper-V Replica Broker - iSCSI Target Server - iSNS Server
- Message Queuing - Other Server - Virtual Machine - WINS Server]

So how does clustering actually work? Well each node in a cluster contains a registry-based
database that they actually maintain and replicate to each other. The nodes also monitor each
other's health that use a basic ping, and if one of the nodes fails to respond to the ping, well
then it will go in and issue what is called a health probe...is a live test. Now notice here in our
diagram, that health network is actually a dedicated network, called the heartbeat network, and
having a dedicated network is actually considered a best practice.

Now if that node doesn't actually respond to those health probes, then the other node will
actually start up its roles because it's aware of them...because of the database it will start up
those roles and continue servicing client requests. Now clients might experience a short
amount of downtime, could be minutes, usually seconds; this is actually quite improved in 2012
R2. Now any node can actually assume the roles of the other node, again, because of that
shared database. Now another key ingredient to this is the shared storage. All of the nodes are
also accessing a shared storage location.

[A processor image with the following points are displayed on the left of the screen. - Cluster
node configuration - Cluster name - Cluster IP address - Cluster services - Cluster database A
network load balancer image with the following points are displayed on the right of the screen.
Other possible networks - Live Migration - Backup - Administration - Redundant]

Shared storage is one of the most important building blocks of your cluster. Shared storage is
what allows multiple nodes in a cluster to be aware of the same application data...to be able to
access the other node's application data. Now Windows Server 2012 supports multiple storage
technologies for clustering. This includes Storage as a Service, or SaaS, fibre channel, and
Internet Small Computer Systems Interface, or iSCSI. Shared storage is one of those key
areas of your investment when you are considering a failover cluster. Storage of course is in
high demand, and you need to properly design your cluster to accommodate your business
needs as well as your budget.

Now storage is not always cheap. So you have got something like a fibre channel connection
which requires specialized host bus adapters, or HBA. You could also use maybe the cheaper
cousin, well sometimes cheaper cousin, iSCSI. iSCSI sends disk input/output, or I/O, request
over an Ethernet connection, so you don't need any necessarily special hardware. They can
produce decent performance as long as you have a solid network underneath. Now whatever
actual storage solution you choose, you need to be aware that with failover clustering, it needs
the support, what is called persistent reservations. Persistent Reservations are part of the
SCSI-3 command set or standard.

Now new in 2012 is the ability to also use server message block, or SMB, 3.0 as a storage
option. SMB is Microsoft's file sharing protocol. And you might be surprised to know that it can
perform really well, and in some circumstances, it can even perform better than the other
storage solution. So you have got like a 10 gigabit network, and you have what is called
Remote Direct Memory Access, or RDMA, network cards, well SMB is lightning fast, and you
have huge gains in your input/output operations per second, or IOPS. Now I should point out
something else, and that is, in the past, guest clustering running in the Hyper-V had different
storage options, so like fibre channel used to not be available. But today that's actually
changing. Today guest clusters can actually take advantage of the same storage options as
physical clusters including SMB, fibre channel, and iSCSI. In fact, guest clusters have
something that physical clusters do not, and that's a shared virtual hard disk, or VHD, file.

Failover clustering is a TCP/IP service, and although you can build your cluster on a single
network card, it's best to use multiple network cards for a couple of reasons, segmenting your
traffic and for performance. I guess you could say that's the same reason. But with multiple
network cards, you are able to separate cluster communications from client access
communications and from storage communications. Now if you use this approach, you want to
use these separate connections on separate subnets. It is also useful to make sure that your
network cards are from the same manufacturer.

I have done this with mixed network cards, but one of the advantages of using identical
networking cards is the settings are compatible. So things like duplexing and jumbo frames are
going to be compatible. Now an alternative approach to this would be using NIC teaming, that
is, you team network cards, and that's going to provide failover in your network hardware and
potentially greater performance. Now if you were to team together two network cards, like I say
of 10 gigabytes or greater, you may not need to actually segment the networks as much. Now
keep in mind though, if network latency becomes a problem, that could affect your heartbeat
traffic. Latent heartbeats mean you are going to have false failovers and because the network
is slow, the failover might be slow, and then you have got a compounding problem.

So for your cluster to be effective, you really need to have a highly available network, that
means, looking into that hardware and making sure that is highly available. Now I want to
make another recommendation about how to make your network highly available, and that is to
use Multipath input/output, or MPIO. MPIO supports multiple switches and networking paths.
So this way, if a switch fails, then the clusters are still able to communicate with each other
through an alternate path, through a different switch. Lastly, don't forget how important DNS is
for your client access and for your management. It's also important for your clusters
themselves. They need to be able to use DNS. That's because they are actually members of
an Active Directory domain.

What is cluster validation? Your cluster validation is a series of tests that looks at the
functionality of your clustering components. The actual nodes, the network, the storage, the
inventory, the BIOS settings, a whole score test, kind of like going to the doctor and having a
bunch of tests. Now you run this before you actually build your cluster to determine your
readiness for cluster configuration. You also can run it, if you are troubleshooting or you can
run it, after you build your cluster, and that will give you what is called a best practice analysis.
Now if you get warning messages when you run this validation test, it alerts you to areas
where you are not following a best practice. If you get error messages though, you will need to
resolve those, because that means you did not meet the requirements, and you need to pass
the cluster validation test, if you want to run a supported cluster.

Now in the past, these validation tests could take a long time. One of the improvements in
2012 R2 is that these validation tests run much faster, and you have even more choices as to
what test you want to run. You can run all of them or you can be selective, even selective as to
what storage areas you want to run.

[The Before You Begin page of the Validate a Configuration Wizard is displayed. On this page,
click Next, and the Select Servers or a Cluster page is displayed. On this page, in the Selected
servers section, Server2012-50.easynomadtravel.com and Server2012-
60.easynomadtravel.com are displayed, click Next, and the Testing Options page is displayed.
This page consists of two options – Run all texts (recommended) and Run only tests I select –
and Run all tests (recommended) is selected, click Next, and the Confirmation page is
displayed. On this page, click Next, and the Validation page is displayed. After the validation
completes, the Result page is displayed. On this page, the Create the cluster now using the
validated nodes checkbox is selected. You can click View Report to view the Failover Cluster
Validation Report.]

2. Cluster quorum
Quorum is a clustering concept that's meant to provide a stable and consistent cluster. The
problem that quorum attempts to solve is split-brain. Split-brain occurs when you have nodes
that are isolated, and are no longer talking to each other, and therefore get confused. They
don't know, if they should continue actually performing write operations or accessing virtual
machines. So you could have potentially with split-brain, multiple nodes attempting to perform
the same action. Quorum avoids this problem by giving the clusters a way to determine, if they
should continue to be the application owner or not.

Now the way they do this is, they use a voting scheme. There are basically four types of
quorum. There is node majority, which looks at the number of nodes, and each node is
assigned a vote. So like if you have a three-node cluster and one of them can no longer see
the other two, it have only one vote that would not be a majority. So it would disavow itself from
the actual cluster and stop performing those write operations. The two nodes would continue to
have the majority and continue to service the cluster. Now you can also have node and disk
majority and file share majority that is where you have a jointly view disk witness or share on
the network. That the reason these are useful as you are assigning votes to the disk into the
file share for even number of nodes. So if you have a two-node cluster or a four-node cluster,
the disk in the file share can act as a tiebreaker.

You can also have what is known as disk-only quorum. And with disk-only configurations, well
Microsoft generally discourages this. This is where the only quorum sharing is just that disk. It
just...it's the only one that has the vote and it is usually not a needed quorum configuration.
Now Windows Server 2012 has one other quorum option and that's called dynamic quorum.
This allows the quorum to actually scale up or scale down and change the voting pool
depending on the number of available nodes. So for example, if you have a five-node cluster
and two of those nodes go down, you have a voting pool that gets updated to a three nodes,
and now you have a three node majority. In other words, it allows for the quorum model to kind
of keep up with your cluster configuration.

3. Cluster storage
Let's come back now to this idea of sharing the storage. Typically only one node is actually
writing to this storage location at a time, and if it fails, then that job gets passed to another
node in your cluster. Now I say that it's typical because of these things called CSVs, Cluster
Shared Volumes. They change the rules because they allow for active/active clustering. With
CSVs, multiple nodes could be writing to the same volume. Now the way that this works is, one
of the nodes assumes the job of CSV coordinator, and it ensures no conflicts actually occur.

Now in 2012 R2, the CSV disk can actually be NT file system, or NTFS, or resilient file system,
or ReFS. ReFS is Microsoft's newer file system, it has a bunch of resiliency built into it. It's
able...basically to recover from corruption quickly, so no more chkdsk. Now I should point
something out and that is ReFS is not a replacement for NTFS. The two are very different file
systems. ReFS is also not supported for scale-out file servers. So those are a couple of things
to keep in mind. But if you need ReFS to keep you or to help you maintain extreme amounts of
data on large volumes, you can in 2012 R2, use it with CSVs. I read, it can support up to one
yottabyte, or YB, which sounds cosmically large.

Now another complementary technology that works with CSVs and works with clustering is this
thing called storage spaces. Storage spaces is a kind of disk virtualization. It can take a bunch
of disks of various sizes and present them as if they are a single volume. It can also apply
Redundant Array of Inexpensive Disks, or RAID, like protections like mirroring and parity. Now
2012 would actually let you create a cluster on top of a mirrored storage space, but 2012
would not let you do that on a storage space using parity. 2012 R2 now supports both mirroring
and parity. That means you can have a cluster built on top of the CSV that's fed by a collection
of disks presented logically as a storage space with parity protection.

Remember CSVs provide active/active storage for failover clusters like Hyper-V servers and
scale-out file servers. So you might be asking yourself, "Well why would I use these? What are
the benefits?" Well before you had Hyper-V clusters, they could use CSVs. You actually had to
assign a storage volume or a logical unit number, or LUN, to each and every single virtual
machine. That means, if you had 1000 virtual machines, or VMs, you have a 1000 LUNs, or a
1000 volumes. CSVs are better because you can have multiple virtual machines store their
files in a single CSV location. That means less LUNs, better use of your disk space, less drive
letters because you all have a single logical location.

Now CSVs also improve other operations like migrating virtual machines from node to node
when you are doing a live migration. And that's because all of the nodes in a Hyper-V cluster
have access to that same location. Now there is more enhancements in CSVs besides just
virtualization enhancements. CSVs can also support BitLocker Encryption. They have
enhanced performance, they have enhanced cache, they have better monitoring, and better
backup support. Even file copying in certain circumstances with CSVs is faster. And then there
is this thing called the scale-out file server.

The scale-out file server allows you to create a cluster of file servers that offers high-speed
shares to applications like SQL and again, Hyper-V host. Now these shares are not for user
profiles or other types of user data because they instead run inside the CSV for active/active
access by the file nodes. Translation, you have high-speed, reliable, and resilient access for
the application shares without a lot of expensive or special hardware.

Before implementing CSVs, you need to decide – What is their purpose? Are you going to use
them to store virtual machines? Are you going to build a scale-out file server? How many CSVs
are you going to need? You might actually need multiple CSV volumes on separate LUNs for
scalability and performance. Now other questions you might need to also ask include things
like – Are you going to use BitLocker Encryption? Are you going to use storage spaces on your
CSVs? How are you going to protect your CSVs? And is your backup software and security
software compatible with CSVs?

Now when implementing your CSVs, consider using teamed network cards or multiple
networks, that way, you have some fault tolerance. And if you need high performance, you can
consider using network adapters that support RDMA, Remote Direct Memory Access. CSV
traffics go rocket style when you pass it over RDMA through SMB 3.0. Now 2012 and 2012 R2
differ slightly on some of the requirements. R2 will actually allow you to format a CSV with both
NTFS and ReFS. 2012 only supports NTFS and of course there is no FAT, or FAT32. R2 can
also allow you to use data de-duplication where 2012 does not.

Now once you have done your planning and you met the requirements and asked these
questions, actually, creating the CSV is easy in the failover cluster...is simply really just adding
your shared disk location first, and then you right-click to add it to a CSV, and of course, you
can do this in PowerShell as well. Now when you create the CSV, it's going to assume this
CSV file system, and it will no longer have a drive letter. Instead, you will find it mapped
underneath your system drive in a folder called ClusterStorage. This is why each node in the
cluster really should have the same drive letter assigned to it. It's really not a big deal, because
well it's always usually the C drive.
Creating a Windows Server 2012 R2 Failover
Cluster
Learning Objective
After completing this topic, you should be able to
◾ describe the requirements for failover clustering

1. Demo: Creating a failover cluster

So what do you actually need to build your cluster? Well good question. First thing I would
recommend is you need to evaluate your high-availability needs, and then you need to ask –
where are my single points of failure? We are assuming of course that the workloads
themselves need to be redundant, that's why you are considering failover clustering. But that's
not the only area where you might need to be thinking about redundancy, redundant power,
redundant locations, redundant network paths and switches. Those are other things to
consider.

Now in terms of Windows Server itself and failover clustering, we have got a set of
requirements here. First of all, they need to run the same version of Windows Server. It's
important that they have hardware that's certified for Windows Server 2012 R2, as well. They
don't have to be identical hardware, although, that's still recommended. But as long as that
hardware has been certified and as long as you pass that cluster validation tests, you should
have the compliant components to build the Windows Server failover cluster.

All right, let's build a cluster. So I want to show you what my configuration looks like before we
get into the interface. I have two nodes that are going to be part of a cluster that I am going to
name FS-CLUSTER1. I have already installed the failover clustering feature on Cluster1. I still
need to install it on Cluster2. I have also got two data disks on my storage area network, or
SAN, and I just recently built a witness disk, which is going to be used for quorum, but I need
to connect Cluster1 to this witness disk as well. Now one other thing I want you to notice is the
number of network connections that I have. Both the nodes that are going to be a part of my
cluster are connected to my shared storage. They also have a dedicated network here for
cluster communications, and then they have an external network connection for accessing the
services that the cluster provides. So let's build it.

First things first, I am on my SAN. Here are the three disks that I showed you there in the
diagram. Here is my Witness disk. Now what I need to do is bounce over to CLUSTER1. This
is going to be the first node in my cluster, and it needs to connect to that Witness disk. So I am
going to use the Internet Small Computer System Interface, or iSCSI Initiator interface, which
is the client portion of iSCSI. And notice here is the witness disk, I am currently not connected,
I am going to click Connect.

[A flowchart explaining the configuration of a cluster is displayed. The primary element of a

cluster is SAN. This SAN consists of two witness disks, the witness disks are connected to the
clusters – Cluster1 and Cluster2 – in the node, FS-CLUSTER1, and the clusters in a node are
inter-connected. Each cluster in FS-CLUSTER1 are given access. The instructor navigates to
the Server Manager window. In the navigation pane of the Server Manager window, iSCSI is
selected. In the view pane, under SAN1, C:\iSCSIVirtualDisks\Witness.vhdx with the Virtual
Disk Status, Not Connected is selected. The instructor navigates to the Hyper-V Manager
window. In the view pane, under Virtual Machines, the instructor double-clicks CLUSTER1
10.0.3.56, and the connection to CLUSTER1 is established. On the desktop, in the Search
field, the instructor types iscsi, double-clicks iSCSI Initiator, and the iSCSI Initiator Properties
dialog box is displayed. On the Targets tab of this dialog box, the instructor clicks iqn.1991-
05.com.microsoft:san1-witness-target that is in the Inactive status, clicks Connect, and the
Connect to Target dialog box is displayed. In this dialog box, by default, the Target name field
displays iqn.1991-05.com.microsoft:san1-witness-target, and the Add this connection to the list
of Favorite Targets checkbox is selected. The instructor clicks OK, and the dialog box closes.
The status of iqn.1991-05.com.microsoft:san1-witness-target changes to Connected in the
iSCSI Initiator Properties dialog box.]

All right, so that part is taken care of and I have done that also on the other node.

The next thing I need to do is, install failover clustering. I have done that already on
CLUSTER1, but I haven't done it to Cluster2. So I am going to do that remotely from Server
Manager. I'm going to go ahead and add cluster2 to my management window, and then it's
going to add and pull in some information about Cluster2, make a connection, all right, that's
complete. Now what I am going to do is right-click on this, and Add Roles and Features. And
this is the standard Add Roles and Features Wizard, just kind of Next through this. I want to
make sure Cluster2, the second node in my clusters is selected. It's a file server, and so we
have got the File Server role installed, but I also need to install Failover Clustering. There
are my tools, we will include those, click Next, and Install. So this is going to chug on the other
node of the cluster or the cluster to be, I should say, that we are going to build.

And while it's running in the background, I am ready to actually start the failover clustering
process, the building process, and there are a couple of steps to that. First thing I need to do is
actually run the validation, so let me open up my Administrative Tools here, and open up the
Failover Cluster Manager tool.

[The iSCSI Initiator Properties dialog box is open. The instructor closes the iSCSI Initiator
Properties dialog box. In the navigation pane of the Local Server window, the instructor clicks
All Servers, and the Servers view pane is displayed. The Servers view pane displays the
details of CLUSTER1. In the navigation pane, the instructor right-clicks All Servers, clicks Add
Servers, and the Add Servers dialog box is displayed. On the Active Directory tab of this dialog
box, in the Name (CN) field, the instructor types cluster2, clicks Find Now, clicks Cluster2 with
Windows Server 2012 R2 Datacenter operating system, clicks Add, clicks OK, and the dialog
box closes. The Servers view pane now displays the details of CLUSTER2. The instructor
right-clicks CLUSTER2 in the Servers view pane, clicks Add Roles and Features in the
shortcut menu, and the Add Roles and Features Wizard is displayed. On the Before you begin
page, the instructor clicks Next, and the Select installation type page is displayed. This page
consists of two options – Role-based or feature-based installation and Remote Desktop
Services installation – and Role-based or feature-based installation is selected by default, the
instructor clicks Next, and the Server Selection page is displayed. On this page, the instructor
clicks Cluster2.corp.brocadero.com, clicks Next, and the Select server roles page is displayed.
On this page, the File and Storage Services (2 of 12 installed) checkbox is selected by default,
the instructor expands File and Storage Services (2 of 12 installed), expands File and Storage
Services (1 of 12 installed), the File Server (Installed) checkbox is selected, clicks Next, and
the Select features page is displayed. On this page, the .NET Framework 4.5 Features (2 of 7
installed) checkbox is selected by default, the instructor selects the Failover Clustering
checkbox, and the Add Roles and Features Wizard is displayed. In this dialog box, the
instructor clicks Add Features, and the dialog box closes. The instructor clicks Next in the
Select features page, and the Confirmation page is displayed. On this page, the instructor
clicks Install, and the Results page is displayed. The instructor navigates to the Administrative
Tools window, and double-clicks Failover Cluster Manager.]

Now the validation process is important because it looks at my configuration, there are
numerous tests that it does, and it wants to of course ensure that it is going to be a functional
responsive cluster. So it's going to be looking at things like networking and storage, service
packs and updates, and various software and hardware requirements to ensure that the cluster
can be a supported cluster.

So I am going to choose Validate Configuration here under Actions. And that's going to start
the actual wizard interface here in just a moment, there we go. I need to grab the two nodes
that I am going to use for cluster1 and cluster2, click Next. Now I have got the option
to run all of the tests or run only selective tests. Now if I am doing this for troubleshooting
purposes because you can, of course, run this validation wizard before and after you create
the actual cluster, well you can select individual test, because this is the first time that I am
actually building the cluster, you can see the number of tests that it's going to run here. I need
to run all of those tests. I wanted to ensure that it's going to meet the requirements.

[The Failover Cluster Manager window is open. In the Actions pane, the instructor clicks
Validate Configuration, and the Validate a Configuration Wizard is displayed. On the Before
You Begin page of this wizard, the instructor clicks Next, and the Select Servers or a Cluster
page is displayed. In the Enter name field of this page, the instructor types cluster1, clicks Add,
and the Selected servers section is automatically populated with
CLUSTER1.corp.brocadero.com. Again, in the Enter name field, the instructor types cluster2,
clicks Add, the Selected servers section is automatically populated with
Cluster2.corp.brocadero.com, clicks Next, and the Testing Options page is displayed. This
page consists of two options – Run all tests (recommended) and Run only tests I select – Run
all tests (recommended) is selected by default, the instructor clicks Next, and the Confirmation
page is displayed. On this page, the instructor clicks Next, and the Validating page is
displayed.]

Now this is actually going to take a few minutes for it to complete. There are lots of tests that it
is going to look at, which thankfully it does for me, so I don't have to do this manually. This is
also important for meeting supporting criteria. So if I need, I wanted to be a supported cluster,
and I call Microsoft support, this is one of the things they are going to want me to do to validate
the cluster, and ensure it passes the test. I can tolerate some errors here, I should say
warnings, but if there are errors here, and I need to address those to make sure my cluster is
supported. And one of the best ways to do that is, of course, to follow the best practices and
recommendations. So I am going to let this chug along, I am going to go ahead and pause my
recording for a moment, and then we will come back once this validation is complete.

All right, the validation test have completed. I have passed my test. That's always a good
feeling, right? Now I can look at that report, if I want to, and see what those results look like. If I
need to, I can actually jump into a particular category, so you can see that I have a warning
message about my Network, and specifically about my network addressing. This will keep me
or prevent me from actually creating the cluster, but this makes it really easy to navigate to
kind of dig into where the problems might be. So if you have a potential issue, you can use the
validation report to discover that, and then resolve that.

[The Validating page of the Validate a Configuration Wizard is displayed. After validation
completes, the Summary page is displayed. On this page, the Create the cluster now using the
validation nodes checkbox is selected by default, the instructor clicks View Report, and the
Failover Cluster Validation Report window is displayed. The instructor closes the report
window.]

Now that I have done that I can actually come back here with this checkmark and click Finish,
and it will automatically launch the Create Cluster Wizard. Then I can name my cluster. We are
going to call FS-Cluster1, and then I need to assign it an Internet Protocol, or IP, address.
This is an IP address, it's not in use, does not belong to any device, any machine, it's one that
is going to be a virtual IP address for the cluster itself.

This checkmark here will automatically evaluate my current storage, and add it to my cluster. I
am going to leave that selected and click Next, and a way we go. And just a moment, it's going
to finish the cluster, and we will be able to look at the different components, all right. That is all
there is to it. I click Finish, expand this, and here are the different aspects of my cluster, here
are my Networks, here is my Storage, my Disks. Now look at this, there are only two of the
three disks that are on my SAN, and that's because I left intentionally a step out, and I am
going to show you how to address later. In fact, it actually grabbed one of my data disks, and I
have assigned it to quorum, and that is partly because of that checkmark that said immediately
add eligible disks, and partly because I left out a step in configuring the witness disk.

So in a later demonstration, I will show you how to remedy that problem, and how to add
additional disks.

[The Summary page of the Validate a Configuration Wizard is displayed. On this page, the
instructor clicks Finish, and the Create Cluster Wizard is displayed. On the Before You Begin
page, the instructor clicks Next, and the Access Port for Administering the Cluster page is
displayed. On this page, in the Cluster Name field, the instructor types FS-CLuster1, clicks
Click here to type an address box, types 60 after 10.0.3, clicks Next, and the Confirmation
page is displayed. On this page, the Add all eligible storage to the cluster checkbox is selected
by default, the instructor clicks Next, and the Creating New Cluster page is displayed. After the
process completes, the Summary page is displayed. On this page, the instructor clicks Finish.
The instructor navigates to the Failover Cluster Manager window. In the navigation pane, the
instructor expands FS-Cluster1.corp.brocadero.com, expands Storage, and clicks Disks. The
Disks view pane displays the details of the disks – Cluster Disk 1 and Cluster Disk 2.]

Up here under Nodes, you can see I have got CLUSTER1 and Cluster2, ready to go. So my
cluster is essentially finished except I need to add the actual Roles, and that's going to be the
file server role and make it highly available. Before I do that though, the last thing I want to
show you in this demonstration is, how to create Cluster Shared Volumes, or CSV, because
this is really neat. It is very easy to do in 2012 and 2012 R2. All I have to do is, right-click on
this, and add it to Cluster Shared Volumes.
In a moment, it's going to be a CSV using the CSV FS, file system, and I will be able to actually
view this, there we go – Cluster Shared Volume, I will be able to view this in Explorer, open this
up, and notice in Explorer, I am missing one of my volumes, so I have got the C drive, the V
drive, and that third disk is not present in Explorer with the drive letter, because it's now a CSV.
It's actually right here under the C drive in this ClusterStorage. So when I double-click on this, I
am actually connected to the Internet Small Computer System Interface, or iSCSI, location that
is running now as a CSV.

[The Failover Cluster Manager window is open. In the navigation pane, under FS-
Cluster1.corp.brocadero.com, the instructor clicks Nodes, and the Nodes view pane is
displayed. In the Nodes view pane, the details of the nodes – CLUSTER1 and Cluster2 are
displayed. In the navigation pane, under FS-Cluster1.corp.brocadero.com, the instructor clicks
Roles. In the navigation pane, under FS-Cluster1.corp.brocadero.com - Storage, the instructor
clicks Disks. In the Disks view pane, the instructor right-clicks Cluster Disk 2, clicks Add to
Cluster Shared Volumes in the shortcut menu. In the Disks view pane, the Assigned To status
of Cluster Disk 2 changes to Cluster Shared Volume. The instructor navigates to
C:\ClusterStorage.]

2. Demo: Highly available file server

All right, I am continuing to actually build up my cluster for my file servers. And one of the
things that the wizard when it created the cluster did for me is, it brought in the available
storage, but it made a mistake. Well I made a mistake. Notice that I have two volumes here,
one is a 100 gigabyte and one is 378 gigabyte. It assigned the 100 gigabyte as a Witness.
Now I have three connections, I have three disks in my SAN. The third disk is a one gigabyte
disk that it was intended for the witness and quorum, but it's not appearing here and that's
because I forgot to do a step. So let me show you actually how to add a disk. If I click Add
Disk here, I get an error message, "No disks are suitable." So what do I do? So here is what
you need to do, I am going to open up Disk Management.

And notice now it says, "Hey, would you like to initialize this third disk?" This is that disk that I
am connected to and you can actually see this again, here in the iSCSI Initiator that I have
three connections, only two of these are currently initialized and present, so that the cluster
can see it. This one here has not been initialized, so that's what this message here is telling
me, it's not accessible because it has not been initialized. Well that explains it, I am going to
click OK.

[The Failover Cluster Manager window is open. In the navigation pane, under FS-
Cluster1.corp.brocadero.com - Storage, Disks is selected. The Disks view pane displays the
details of the disks – Cluster Disk 1 and Cluster Disk 2. In the Actions pane, the instructor
clicks Add Disk, and the Information message box is displayed. In this message box, the
instructor clicks OK. From the Start menu, the instructor clicks Disk Management, and the
Initialize Disk dialog box is displayed. In the Select disks section of this dialog box, Disk 3 is
displayed, under Use the following partition style for the selected disks section, MBR (Master
Boot Record) and GPT (GUID Partition Table) options are displayed, and MBR (Master Boot
Record) is selected by default. The instructor accesses iSCSI Initiator from the desktop. The
iSCSI Initiator Properties dialog box is displayed. The instructor navigates to the Initialize Disk
dialog box, clicks OK, and the dialog box closes.]
Expand this a little bit, so we can see this little better. If I scroll down, I can see the different
volumes. So here is my operating system volume, here is my cluster shared volume, here is
that 100 gigabyte disk that is currently quorum, and here is the 1 gigabyte disk that just was
brought online that I intend to be used as a witness disk for quorum.

So I am going to right-click on this and choose New Simple Volume. I am going to give it a
quick format, there we go. Now what I can do is, click Add Disk, notice now it sees it, click OK,
there we go.

[The Disk Management window is open. The instructor right-clicks Disk 3, clicks New Simple
Volume in the shortcut menu, and the New Simple Volume Wizard is displayed. On the
Welcome to the New Simple Volume Wizard page of this wizard, the instructor clicks Next, and
the Specify Volume Size page is displayed. This displays the following information: Maximum
disk space in MB: 1021 Minimum disk space in MB: 8 Simple volume size in MB: 1021 On this
page, the instructor clicks Next, and the Assign Drive Letter or Path page is displayed. On this
page, the Assign the following drive letter field is set to E, the instructor clicks Next, and the
Format Partition page is displayed. This page consists of two options – Do not format this
volume and Format this volume with the following settings – Format this volume with the
following settings is selected and the following information are displayed: File system: NTFS
Allocation unit size: Default Volume label: New Volume and the Perform a quick format
checkbox is selected by default. The instructor clicks Next, and the Completing the New
Simple Volume Wizard page is displayed. On this page, the instructor clicks Finish. In the
Actions pane of the Failover Cluster Manager window, the instructor clicks Add Disk, and the
Add Disks to a Cluster dialog box is displayed. In this dialog box, under Available disks, Cluster
Disk 3 is selected by default, the instructor clicks OK, and the dialog box closes. The Cluster
Disk 3 is displayed in the Disks view pane.]

Now I still have a quorum assignment issue, so what I am going to do is, right-click here on the
parent part of my failover cluster tool, under More Actions, I can choose Configure Cluster
Quorum Settings, click Next to this. I am going to select my quorum witness, I need to
Configure a disk witness, and now I have got my two options. This is the first one that it
automatically selected, but it is this one that I want to choose Cluster Disk 3, and I can
rename these in the interface to make it easier for me. I am going to click Next to this. Now
when I go to my Disks, I have the configuration that I intended when I actually built the cluster.
So one of the things I wanted to bring to your attention is how to actually add a disk, and the
preparatory steps of initializing it and formatting it first.

[The Failover Cluster Manager window is open. In the navigation pane, the instructor clicks
and right-clicks FS-Cluster1.corp.brocadero.com, clicks More Actions - Configure Cluster
Quorum Settings in the shortcut menu, and the Configure Cluster Quorum Wizard is displayed.
On the Before You Begin page of this wizard, the instructor clicks Next, and the Select Quorum
Configuration Option page is displayed. This page consists of three options – Use default
quorum configuration, Select the quorum witness, and Advanced quorum configuration – Use
default quorum configuration is selected by default, the instructor clicks Select the quorum
witness, clicks Next, and the Select Quorum Witness page is displayed. This page consists of
three options – Configure a disk witness, Configure a file share witness, and Do not configure
a quorum witness – Configure a disk witness is selected by default, the instructor clicks Next,
and the Configure Storage Witness page is displayed. This page displays the details of disks –
Cluster Disk 1 and Cluster Disk 3 – Cluster Disk 1 is selected by default, the instructor selects
Cluster Disk 3, clicks Next, and the Confirmation page is displayed. On this page, the instructor
clicks Next, and the Configure Cluster Quorum Settings page is displayed. After the
configuration completes, the Summary page is displayed. On this page, the instructor clicks
Finish. In the navigation pane of the Failover Cluster Manager window, under FS-
Cluster1.corp.brocadero.com - Storage, instructor clicks Disks. In the Disks view pane, the
Assigned to status of Cluster Disk 3 is changed to Disk Witness in Quorum.]

Now the next thing I need to do is, actually add my file server roles. So I am going to come in
here, and choose Configure Role, because I currently don't have high availability until I
actually walk through the process of identifying what roles that cluster services needs to
actually provide high availability for.

So I am going to run through this High Availability Wizard, select the File Server role, notice
there are numerous roles, Hyper-V, Virtual Machine, infrastructure services, even Generic
Application, these are all available for high availability. Now with the file server, I have to
choose whether or not, you know, kind of the purpose of the file server and whether or not I
want to use a general use configuration or the newer scale-out file server for applications. This
is a general use configuration. Now what am I going to name this? Well for lack of creativity,
we will just call FS1, much like the cluster IP address, I need to provide an IP address for this
file server configuration.

This is going to be part of the Universal Naming Convention, or UNC. This is what clients and
applications are going to use to access the shares, so I am going to use 10.0.3.61. Now what
storage do I want to actually use? I am going to go ahead and use Cluster Disk 1, click Next
to that, Next, and Finish.

[The Failover Cluster Manager window is open. In the navigation pane, the instructor clicks
Roles, clicks Configure Roles in the Actions pane, and the High Availability Wizard is
displayed. On the Before You Begin page of this wizard, the instructor clicks Next, and the
Select Roles page is displayed. On this page, the instructor clicks File Server, clicks Next, and
the File Server Type page is displayed. This page consists of two options – File Server for
general use and Scale-Out File Server for application data – File Server for general use is
selected by default, the instructor clicks Next, and the Client Access Point page is displayed.
On this page, in the Name field, the instructor types FS1, clicks Click here to type an address,
types 61 after 10.0.3, clicks Next, and the Select Storage page is displayed. On this page, the
instructor clicks Cluster Disk 1, clicks Next, and the Confirmation page is displayed. On this
page, the instructor clicks Next, and the Configure High Availability page is displayed. After the
configuration completes, the Summary page is displayed. On this page, the instructor clicks
Finish. In the Roles view pane of the Failover Cluster Manager window, FS1 role is displayed.]

So I have got my general use file server built. Next I need to build a file share, so I am going to
do that by coming over here and choosing Add File Share. This is going to give me a basic
share creation wizard similar to what I do when I am on a standalone. Now I have got several
different options here, I have Network File System, or NFS, I have server message block, or
SMB, I have SMB for applications, this is for...ideally suited for the scale-out file server role.

In my case, I am going to choose quick for general use. Notice that I have the volume selected
here that we identified. What is going to be the name of this share? We will just call it Data1,
does not matter, other imaginative names. Now this is the tab I want to bring it to you. Notice
continuous availability is selected and that's because I am building this on the cluster. I have
other options as well, some of these are new, some of these were introduced a while ago, so I
have offline caching, I have access-based enumeration. SMB 3.0 has an in-flight encryption
that's fast and does not require things like Internet Protocol Security, or IPSec, or anything
along those lines. So this is a neat enhancement to 2012, so I can actually have my data
access encrypted as well.

[The Failover Cluster Manager window is open. In the Actions pane, under FS1, the instructor
clicks Add File Share, and the New Share Wizard is displayed. The Select the profile for this
share page of this wizard displays five File share profile options – SMB Share - Quick, SMB
Share - Advanced, SMB Share - Applications, NFS Share - Quick, and NFS Share - Advanced
– SMB Share - Quick is selected by default, the instructor clicks Next, and the Share Location
page is displayed. This page displays two options – Select by volume and Type a custom path
– Select by volume is selected and under this section V: volume with 99.9 GB free space, 100
GB capacity and NTFS file system is selected. The instructor clicks Next, and the Share Name
page is displayed. In the Share name field of this page, the instructor types Data1, the Local
path to share and Remote path to share fields are automatically populated with
V:\Shares\Data1 and \\FS1\Data1, respectively. The instructor clicks Next, and the Other
Settings page is displayed. This page consists of four options - Enable access-based
enumeration, Enable continuous availability, Allow caching of share, and Encrypt data access -
Enable continuous availability and Allow caching of share are selected by default.]

I am going to go ahead and leave it simple. I am going to click Next. I have the option to
change permissions there and we will create my new file share. Now what if I needed to create
a file share for a file-based application? Maybe SQL Server to file access location for that or
Hyper-V server with SMB 3.0 that is where that scale-out file server comes in...really handy. To
do that, I need to configure a file out...scale-out file server role, click Next here, choose File
Server. I am going to select this option this time, Scale-Out File Server for application data.
We will call it FS2. And notice this time when I went through the wizard, it didn't ask me for
what volume on the cluster that I am going to actually use? That's because this is a scale-out
file server, so I can actually go in, and when I build the actual file shares, choose what Cluster
Shared Volumes, or CSVs, I want to build my shares on.

Now this creates an active/active configurations of either node in the cluster can actually write
to that scale-out file server shared folder location and support really high-speed access for
those applications.

[The Other Settings page of the New Share Wizard is open. On this page, the instructor clicks
Next, and the Permissions page is displayed. On this page, the instructor clicks Next, and the
Confirmation page is displayed. On this page, the instructor clicks Create, and the Results
page is displayed. On this page, the instructor clicks Close. In the Actions pane of the Failover
Cluster Manager window, the instructor clicks Configure Roles, and the High Availability
Wizard is displayed. On the Before You Begin page of this wizard, the instructor clicks Next,
and the Select Roles page is displayed. On this page, the instructor clicks File Server, clicks
Next, and the File Server Type page is displayed. On this page, the instructor clicks Scale-Out
File Server for application data, clicks Next, and the Client Access Point page is displayed. On
this page, in the Name field, the instructor types FS2, clicks Next, and the Confirmation page is
displayed. On this page, the instructor clicks Next, and the Configure High Availability page is
displayed. After the configuration completes, the Summary page is displayed. On this page,
the instructor clicks Finish. In the Roles view pane of the Failover Cluster Manager window,
FS2 role is displayed.]

Now the next step for that is, Add File Share. Now this takes a moment for it to kind of finish
the configuration behind the scenes, and once it's done, I will no longer get this message, and I
can complete that wizard. Let's give it just a second. There we go. This time I am going to
choose SMB Share - Applications. I am going to choose FS2, and notice when I choose FS2,
it selects my CSV volume, Next, we will call this Data2, FS2, there we go. Enable
continuous availability is selected for me, these other features are not compatible with scale-
out file server.

I am going to go ahead and click Next through here and create it. There we go. After I have
configured my file server for general use and I have added that as a role, the next thing I need
to do is, build my available shares. These shares are going to be highly available because I am
building them through the failover cluster. So I need to come over here under FS1, choose
Add File Share. This is going to bring up a new share wizard in a moment. Here we go.

[The Failover Cluster Manager window is open. In the Actions pane, under FS2, the instructor
clicks Add File Share, and the Client Access Point message box is displayed. In this message
box, the instructor clicks OK. Again, the instructor clicks Add File Share, and the Client Access
Point message box is displayed. In this message box, the instructor clicks OK. Now, the
instructor clicks Add File Share, and the New Share Wizard is displayed. On the Select the
profile for this share page of this wizard, the instructor clicks SMB Share - Advanced, clicks
Next, and the Share Location page is displayed. On this page, under Server, the instructor
clicks FS2, and the Select by volume section is automatically populated with
C:\ClusterStorage\Volume1 volume with 378 GB free space, 378 GB capacity and CSVFS file
system. The instructor clicks Next, and the Share Name page is displayed. In the Share name
field of this page, the instructor types Data2, the Local path to share and Remote path to share
fields are automatically populated with C:\ClusterStorage\Volume1\Shares\Data2 and
\\FS2\Data2, respectively, clicks Next, and the Other Settings page is displayed. On this page,
Enable continuous availability is selected by default. On this page, the instructor clicks Next,
and the Permissions page is displayed. On this page, the instructor clicks Next, and the
Confirmation page is displayed. On this page, the instructor clicks Create, and the Results
page is displayed. On this page, the instructor clicks Close. In the Actions pane of the Failover
Cluster Manager window, under FS2, the instructor clicks Add File Share, and the New Share
Wizard is displayed.]

Now what I can do is, select between the different types of share profiles, these are all part of
that wizard. Notice I have a Quick and Advanced using SMB, I have the ability to do application
shares that is for scale-out file share...server, and then I have NFS. I am going to choose
quick, click Next. There is my access point. Here is the volume, the location where I am going
to store the share. What do I want to name it? Maybe we will call it Finance. There is the
actual UNC path there, this is what is going to be used by in my map drives, or scripts, or what
have you, click Next. This is the important tab I want to highlight. Notice that continuous
availability is selected and that's because I am building this on my cluster. Now there are other
options available here. Some of these have been around for a while like offline files, or access-
based enumeration, which is useful. I also have an enhancement. For 2012, I can do SMB 3.0
encryption, which is kind of an in-flight encryption without all the overhead that comes with
things like IPSec and other types of encryption technologies. I am going to go ahead and leave
it pretty simple. We will click Next. I can alter permissions here if I need to from the wizard, and
then Create my share.

Now that is a File Server for general use.

[The New Share Wizard is open. On the Select the profile for this share page of this wizard,
the instructor clicks SMB Share - Quick, clicks Next, and the Share Location page is displayed.
On this page, Select by volume is selected, and under this section, V: volume with 99.9 GB
free space, 100 GB capacity and NTFS file system is selected. The instructor clicks Next, and
the Share Name page is displayed. In the Share name field of this page, the instructor types
Finance, the Local path to share and Remote path to share fields are automatically populated
with \Shares\Finance and \\FS1\Finance, respectively. The instructor clicks Next, and the Other
Settings page is displayed. On this page, Enable continuous availability and Allow caching of
share are selected by default, the instructor clicks Next, and the Permissions page is
displayed. On this page, the instructor clicks Next, and the Confirmation page is displayed. On
this page, the instructor clicks Create, and the Results page is displayed. On this page, the
instructor clicks Close.]

If I want to take advantage of the new scale-out file server and that CSV that I created like you
can see here under my storages, I have got Cluster Shared Volume, FS1. Well I am going to
need to actually create a scale-out file server role, so I can come up and choose Configure
Role, click Next, File Server, click Next. This time I am going to choose the Scale-Out File
Server for application data. Good candidates of this...for this particular kind of share would
be Hyper-V or SQL Server and other types of databases that can take advantage of the
active/active type of connection that this is going to give me. Now notice one of the things it
doesn't do is, it doesn't actually let me select what driver volume I am going to use for this new
file server role.

That's because it's a scale-out file server role and it's going to take advantage of CSVs. So I
can add numerous CSVs and add file shares to it. So let me show you. I am going to choose
FS2, will add a file share, we do need to give it a second or two here to finish its configuration
behind the scenes. Let's try again. There we go.

[The Failover Cluster Manager window is open. In the navigation pane, the instructor clicks
Disks under Storage. In the navigation pane, the instructor clicks Roles, clicks Configure Roles
in the Actions pane, and the High Availability Wizard is displayed. On the Before You Begin
page of this wizard, the instructor clicks Next, and the Select Roles page is displayed. On this
page, the instructor clicks File Server, clicks Next, and the File Server Type page is displayed.
On this page, the instructor clicks Scale-Out File Server for application data, clicks Next, and
the Client Access Point page is displayed. On this page, in the Name field, the instructor types
FS2, clicks Next, and the Confirmation page is displayed. On this page, the instructor clicks
Next, and the Configure High Availability page is displayed. After the configuration completes,
the Summary page is displayed. On this page, the instructor clicks Finish. In the Actions pane,
under FS2, the instructor clicks Add File Share, and the Client Access Point message box is
displayed. In this message box, the instructor clicks OK. Again, the instructor clicks Add File
Share, and the New Share Wizard is displayed.]

This time I am going to choose SMB Share - Applications, click Next. I am going to choose
FS2, and notice, this time it's selecting the CSV volume in my cluster, click Next. What do I
want to call it? We will call it, the other one was Finance, we will call this one
Manufacturing, click Next. Notice continuous availability is selected for me, these other
options are not compatible, I can click Next to this and Finish up my wizard.

So now I have created two different types of file servers in my cluster, one for general use and
the finance folks, another one for manufacturing that would support their SQL Server database
or provide maybe a location for their Hyper-V servers to store virtual machines.

[The New Share Wizard is open. On the Select the profile for this share page of this wizard,
the instructor clicks SMB Share - Applications, clicks Next, and the Share Location page is
displayed. On this page, under Server, the instructor clicks FS2, and the Select by volume
section is automatically populated with C:\ClusterStorage\Volume1 volume with 378 GB free
space, 378 GB capacity and CSVFS file system. The instructor clicks Next, and the Share
Name page is displayed. In the Share name field of this page, the instructor types
Manufacturing, the Local path to share and Remote path to share fields are automatically
populated with C:\ClusterStorage\Volume1\Shares\Manufacturing and \\FS2\Manufacturing,
respectively, clicks Next, and the Other Settings page is displayed. On this page, Enable
continuous availability is selected by default. On this page, the instructor clicks Next, and the
Permissions page is displayed. On this page, the instructor clicks Next, and the Confirmation
page is displayed. On this page, the instructor clicks Create, and the Results page is
displayed. On this page, the instructor clicks Close.]
Managing a Windows Server 2012 R2 Failover
Cluster
Learning Objective
After completing this topic, you should be able to
◾ determine the most likely cause of a cluster-related problem

1. Demo: Cluster management tasks

Okay, in this demonstration, I want to look at the Failover Cluster Manager tool, and talk about
some of the management tasks, the servicing types of task that I can do in the cluster. So first
things first, let's just do a tour here. The front page, dashboard type of view gives me critical
information about the current status of my cluster like Recent Cluster Events. So you can see I
have got some errors, some warning messages. These might be things I need to pay attention
to, and they are brought to the service here to warn me and alert me.

If I scroll down, I have the ability to see what cluster resources that are on my current cluster,
and I have some actions that I can perform. I can add additional roles, I can validate the cluster
by executing the Cluster Validation Wizard once again, I can add an additional node. Let's do
that now. What I am going to do is, I am going to add cluster3, which is another node that I
have installed the failover clustering role on. Now if I put a node in here that doesn't actually
have the Failover Clustering feature installed, notice it warns me and tells me that. So actually
I have to preinstall this, make sure it has, of course, the networking settings to make it
compatible with the existing cluster.

Now it recommends here that I actually run the validation test before continuing. It's of course
a really good thing to do. I am going to take a shortcut and say No, and a way we go. So that's
one of the things that I can do from that first page, and you can actually do that in a couple of
other places. There is a..the ability to add a node in the action pane in other locations as well.

[The Failover Cluster Manager window is open. In the navigation pane, FS-
Cluster1.corp.brocadero.com is selected. In the view pane, under Configure, the instructor
clicks Add Node, and the Add Node Wizard is displayed. On the Before You Begin page of this
wizard, the instructor clicks Next, and the Select Servers page is displayed. In the Enter server
name field of this page, the instructor types Cluster3, clicks Add, and in the Selected servers
section, Cluster3.corp.brocadero.com is displayed automatically. Again, in the Enter server
name field, the instructor types dc14, clicks Add, and an error message stating, "The server
dc14.corp.brocadero.com does not have the Failover Clustering feature installed. User Server
Manager to install the feature on this server." is displayed on this page. In the Selected servers
section, the instructor clicks Cluster3.corp.brocadero.com, clicks Next, and the Validation
Warning page is displayed. This page consists of two option - Yes. When I click Next, run
configuration validation tests, and then return to the process of adding node(s) to the cluster
and No. I do not require support from Microsoft for this cluster, and therefore do not want to run
the validation tests. When I click Next, continue adding the node(s) to the cluster – Yes. When
I click Next, run configuration validation tests, and then return to the process of adding node(s)
to the cluster is selected by default, the instructor clicks Next, and the Confirmation page is
displayed. On this page, the instructor clears the Add all eligible storage to the cluster
checkbox, clicks Next, and the Configure the Cluster page is displayed. After the configuration
completes, the Summary page is displayed. On this page, the instructor clicks Finish.]

I can also copy a cluster role. That is, I can copy the roles from this cluster into another cluster.
It doesn't copy all of the cluster settings, just the role settings, and then we have Cluster-
Aware Updating for making sure my cluster gets the latest patches and updates. Now if I click
on the Roles section here, I can actually see the different roles outlined here for me, and I can
see the different nodes that actually own that particular role. So I got my file server here that's
for general use and my scale-out file server here, and as I click on them, I have additional
information that I can kind of tab through to learn a little bit more about it.

Now one of the things I can do here is right-click on one of these roles, I can start and stop the
particular role, because this is a file server role, I have unique actions, so if these were virtual
machines, that might be different. I can, you know, start and stop a virtual machine. Here I can
add a file share. I can actually Move the role, so this allows me to choose the Best Possible
Node. You see here that it actually belongs to CLUSTER1, so let's choose Best Possible
Node and it moved it to Cluster3. You can actually right-click Move, and actually select which
node you want to move it to as well.

[The Failover Cluster Manager window is open. In the navigation pane, under FS-
Cluster1.corp.brocadero.com, the instructor clicks Roles. The Role view pane is displayed. In
the Roles view pane, the instructor right-clicks FS1, clicks Move - Best Possible Node in the
shortcut menu. In the Roles view pane, the Owner Node column of FS1 changes to Cluster3.
In the Roles view pane, the instructor right-clicks FS1, clicks Move - Select Node in the
shortcut menu, and a dialog box is displayed. In the dialog box, under Cluster nodes, the
instructor clicks CLUSTER1, clicks OK, and the dialog box closes.]

2. Demo: Multi-site clusters

Multi-site clusters are all about extending your current cluster configuration to additional
locations for disaster recovery. So if you have an outage or a disaster in one location, the
disaster recovery site can step in. Now besides the normal requirements that you have to have
for a failover cluster, there are some additional requirements for multi-site clustering. Now for
multi-site to work, you need to have a secondary way of replicating your storage area network,
or SAN, or changes from SAN-to-SAN, location-to-location. If your SAN-to-SAN replication is
not working, then your multi-site cluster is not going to work, and SAN-to-SAN replication is
going to be one of the more tricky parts about this.

Hardware vendors can accomplish this in different ways. So one of the things you might have
to decide here is whether you are going to use a synchronous scheme or an asynchronous
scheme. Synchronous replication will ensure that your data is more up-to-date at more
intervals, but at the expense of performance, whereas asynchronous might tolerate more
temporary inconsistencies, but for the sake of better performance. Now another thing to be
aware of is going to be network latency. One of the things you can think about is extending
your virtual LANs, or VLANs, if your infrastructure can support it, that will reduce some of the
complexity with multi-sites. You also want to ensure your firewalls don't interfere, and you want
to consider enabling encryption on your WAN links for better security.
And you also need to make sure that other networking services that you rely on are also highly
available from both locations...those dependencies like DNS and Active Directory. Lastly, when
you configure quorum, you need to use the accessible file share witness, a mutually accessible
file share witness in a third site. If one site goes down and it also contains our file share
witness, it could affect both locations. So be sure that you configure quorum with a file share
witness in the third site.

Now multi-site clusters have some unique challenges, network latency, and the communication
between locations being one of them. Well because of that you might need to make some
optimizations within your cluster configuration to better facilitate those cluster communications.
So for instance, one of the things you might need to change is your cross subnet delays and
this has to do with heartbeat traffic. When you have cluster nodes in different sites, you don't
want them to failover inadvertently because there are network latency concerns. So relaxing
the heartbeat or I should say extending the heartbeat threshold that triggers failover might be a
good approach.

Now if they are in the same VLAN, then this is going to be something that may not be as
necessary. But especially if they are in different subnets, you want to consider changing like
your cross subnet delays.

[The Windows PowerShell window is open.]

So for instance, when I come in here, I can retrieve information about my get-cluster|fl
*subnet* properties, which includes the thresholds that I am talking about by issuing this
command here. And what it does, it tells me that every one second that is this 1000
milliseconds here, every one second put...across different subnets, it's going to send a
heartbeat, and same thing, if the host or the node is in the same subnet, so I have these two
different values.

Now if 5 heartbeats are missed within the same subnet or between nodes of different
subnets...if 5 heartbeats are missed that is the subnet threshold, then trigger recovery.

Now that's a new default...when we are talking about 2012 R2. 2012 R2 also has different
values, if there...if it detects that the cluster is made up of hyper-V hosts. It actually
extends the threshold to better support virtual machines from that 5 heartbeat level to 20
heartbeats for CrossSubnetThreshold and 10 heartbeats for the
SameSubnetThreshold.

[The Windows PowerShell window is open. The instructor selects and runs the following
command: get-cluster|fl *subnet* The output of this command is as follows: CrossSubnetDelay
: 1000 CrossSubnetThreshold : 5 PlumbAllCrossSubnetRoutes: 0
SameSubnetDelay : 1000 SameSubnetThreshold : 5]

Now you yourself can make changes to this. You can for instance, to compensate for the
network latency in your environment, change this SubnetDelay, maybe I want to change it
to 2 seconds, so I would change that to 2000 there.

Like so, maybe I want to change the threshold from 5 missed heartbeats to 20 missed
heartbeats, and so you can change those settings there. And it's the best to do, actually do this
in...in increments to kind of get an idea of what is going to be the optimal setting. In other
words, don't grossly relax these settings. You might have it be less responsive to failover that
way, but kind of increase these settings as you determine that, well they are not quite right. So
these are some optimization settings that you can do regarding the heartbeat thresholds.

[The Windows PowerShell window is open. The instructor selects and runs the following
command: (get-cluster) CrossSubnetDelay = 2000 The instructor then selects and runs the
following command: (get-cluster) CrossSubnetthreshold = 20 The instructor selects and runs
the following command: get-cluster|fl *subnet* The output of these commands are as follows:
CrossSubnetDelay : 2000 CrossSubnetThreshold : 20
PlumbAllCrossSubnetRoutes: 0 SameSubnetDelay : 1000 SameSubnetThreshold
: 5]

Another useful tune that you can make to multi-site clusters is to change their quorum. The file
share witness is a much better quorum configuration, if you have an even number of nodes in
a multi-site cluster. So I am going into the Failover Cluster Manager, and I am selecting the
Configure Cluster Quorum Settings. Now in here, it's really easy to actually change your
quorum, Select the quorum witness, and then choose the file share witness. This file share
needs to be in a third site, not the same site as the cluster nodes in my multi-site cluster. And
that is because if that site goes down, remember, we want to be able to allow the other location
to still view that file share and know that they are in the majority.

If the file share is in the same site as the cluster nodes and that site link goes down, then that
defeats the whole purpose of the file share witness. So I have already got one setup. I am just
going to reference it here. So \\app3\witness is the name of that file share, click Next,
Next, and look, it's really, really easy to do. Now one of the things you need to do ahead of
time is, let me open up APP3 here...is you need to create your share and then also change
your permissions, so you can see here that I have actually added the name of the cluster, and I
have granted it Read and Write permission, and that way it will successfully create the actual
file share witness. If the cluster doesn't have permission to the share, then that procedure will
fail.

[The instructor navigates to the Failover Cluster Manager window. In the navigation pane, the
instructor right-clicks FS-Cluster1.corp.brocadero.com, clicks More Actions - Configure Cluster
Quorum Settings in the shortcut menu, and the Configure Cluster Quorum Wizard is displayed.
On the Before You Begin page of this wizard, the instructor clicks Next, and the Select Quorum
Configuration Option page is displayed. This page consists of three options – Use default
quorum configuration, Select the quorum witness, and Advanced quorum configuration – Use
default quorum configuration is selected by default, the instructor clicks Select the quorum
witness, clicks Next, and the Select Quorum Witness page is displayed. This page consists of
three options – Configure a disk witness, Configure a file share witness, and Do not configure
a quorum witness – Configure a disk witness is selected by default, the instructor clicks
Configure a file share witness, clicks Next, and the Configure File Share Witness page is
displayed. In the File Share Path of this page, the instructor types \\app3\witness, clicks Next,
and the Confirmation page is displayed. On this page, the instructor clicks Next, and the
Configure Cluster Quorum Settings page is displayed. After the configuration completes, the
Summary page is displayed. On this page, the instructor clicks Finish. The instructor navigates
to the Hyper-V Manager window. In the view pane, under Virtual Machines, the instructor
double-clicks APP3 2012 CORP 10.0.3.3, and the Witness Properties dialog box is displayed.
On the Security tab of this dialog box, by default, under Group or user names, FS-Cluster1$ is
selected, under Permissions for FS-Cluster1$, Read and Write permissions are allowed.]
Maintaining a Windows Server 2012 R2
Cluster
Learning Objective
After completing this topic, you should be able to
◾ describe the tasks implemented by Cluster-Aware Updating

1. Demo: Cluster-Aware Updating

One of the new features in Windows Server 2012, it has a lot of administrators talking...is
Cluster-Aware Updating, or CAU. And the reason why it's an exciting feature is because
updating clusters in Windows Server 2008 is a real, real challenge. It means taken an
individual node, updating it, draining the roles first, then updating it, rebooting it, bringing it
back into the cluster, and then doing it with the next node. And if you have large clusters, there
is a lot of manual operations behind updating each one of the individual nodes. So one of the
great things here in Windows Server 2012 is CLUSTER AWARE UPDATING. It ships built into
Windows Server 2012 and 2012 R2 and what it essentially does is, it creates for us
coordinated, automated updates to our clusters.

Now the way that it works is it has two different modes. It has the self-updating mode, which a
lot of enterprise and large organizations will be excited about, because it does a lot of those
tasks that I just described for the administrator. It is an automated process that you can
schedule that updates each one of the individual nodes. Alternatively, you can elect to use the
remote-updating mode and what this does is, it provides more administrative oversight
because the administrator connects to the cluster from a Windows 8 machine, or another
Windows Server running the Cluster-Aware Updating tools, and issues the update from...from
another machine.

[A Notepad window is open. This notepad displays the following information: *CLUSTER
AWARE UPDATING* 1) Ships in Windows Server 2012 2) Coordinated, automated updates to
clusters *MODES* 1) Self-Updating: Automated, Less Effort 2) Remote-Updating: More Admin
Oversight Needed (RU is only option available for minimal installs-Server Core)
*INTEGRATION* 1) Supports Windows Updates & HotFixes through plug-ins 2) Extensible,
scriptable]

Now the thing with remote-updating is, it's more of a manual process. There is a lot that
Cluster-Aware Updating still does on behalf of the administrator, and it's the only option
available for your minimal installs. That is those installations of Windows Server that does not
have the full GUI, those Server Core installs and that is because Windows update and its
relationship to the...to the GUI, so keep that in mind, Remote-Updating is the option for your
server core. Now Cluster-Aware Updating what makes it so effective is, it uses kind of the...it
uses and is integrated with the Windows Updates service, so there is a built-in Windows
Update client. In addition to that, you can create a special folder for HotFixes and for putting
BIOS and firmware updates into the HotFix folder. There are two plug-ins that are integrated
with Cluster-Aware Updating. But those plug-ins can be also extended because they built in an
application programming interface, or API. So other third-party vendors can take advantage of
Cluster-Aware Updating and it is fully scriptable for the administrator.

The last thing I want to point out is the PROCESS itself. The process itself is where
automatically Cluster-Aware Updating will select a node, drain its roles, apply its patches and
updates, then reboot the machine, then move on to the next node. The administrator does not
have to get involved with any of those steps, what they do is, they can find or they configure
the perimeter...parameters, they define how they actually want the process and when the
process should run whether using self updating with the schedule or Remote-Updating, and
Cluster-Aware Updating takes care of it for them. So the next thing I want to do is actually
show you Cluster-Aware Updating in action.

[The same Notepad window is open. This notepad also displays the following information:
*PROCESS* 1) Drain roles 2) Patch, reboot 3) Next node...]

To get started with this, what I need to do is actually install the Cluster-Aware Updating service
and configure that to work with my failover cluster and that is easy to do.

I am going to use the tools that come with the failover cluster installation. So if I go to Tools, I
can find it here in Cluster-Aware Updating. The alternative place where I can find this tool is,
in the Failover Cluster Manager tool itself, and that is this option here called Cluster-Aware
Updating. Now before I do that, let me tell you little bit about this cluster. If I click on Roles,
this is the cluster I have used in other demonstrations, this is my file server cluster, I have got a
File Server for general use and another one...another role on the cluster for Scale-Out File
Server. And currently, my first node called CLUSTER1 is owning the general use File Server
role. So let me come up here to the cluster properties here and choose Cluster-Aware
Updating and launch that Cluster-Aware Updating tool, so I can configure the service.

[The same Notepad window is open. The instructor opens the Servers window. In this window,
from the Tools menu, the instructor clicks Cluster-Aware Updating. The instructor opens the
Failover Cluster Manager window. In the navigation pane, under FS-
Cluster1.corp.brocadero.com, the instructor clicks Roles. In the navigation pane, instructor
clicks FS-Cluster1.corp.brocadero.com, and the Cluster FS-Cluster1.corp.brocadero.com view
pane is displayed. In this view pane, under Configure, the instructor clicks Cluster-Aware
Updating, and the FS-Cluster1 - Cluster-Aware Updating dialog box is displayed. In this dialog
box, by default, the Connect to a failover cluster field displays FS-Cluster1, and the details of
the cluster nodes, CLUSTER1 and Cluster2 are displayed.]

First thing I want to do is, Preview updates for this cluster, so we will select that. And this
has the two different plug-ins that come in box, the WindowsUpdatePlugin that is integrated
with the Windows update client, and the HotfixPlugin which can be customized that allows me
to apply non-Microsoft drivers, firmware, and BIOS types of updates and it is driven from a
hotfix folder. So I am going to choose the WindowsUpdatePlugin. I can apply...include
additional arguments, if I want to. I am just going to click the Generate Update Preview List.
In a moment we will see, if we have any updates that pertain to the nodes in this cluster. And
sure enough I have got a few updates because I have not updated this cluster, and so I am
going to of course want to include these.

Now if I come in here and choose Apply updates to this cluster, it gives me this message
saying, "I have not actually enabled the role." So that is what I need to do next. So let's do that
now. I am going to come down here where it says Configure cluster-self updating options.
And I am going to click Next, and I am going to add the clustered role and here it says, "I have
prestaged the computer object for the Cluster-Aware Updating role." Now if I pre-create a
computer object, this allows me to name it, and put it in the organizational unit, or OU, that I
want to. Otherwise, it is going to give them its own name, of course, I can move it into a
different OU. I also...if I prestage it, need to apply proper permissions to the cluster account to
that OU. I am going to let the actual wizard create the computer object for me, so I am going to
click Next.

[The FS-Cluster1 - Cluster-Aware Updating dialog box is open. In this dialog box, under
Cluster Actions, the instructor clicks Preview updates for this cluster, and the FS-Cluster1 -
Preview Updates dialog box is displayed. In this dialog box, by default, the Select Plug-in field
is set to Microsoft.WindowsUpdatePlugin, the instructor clicks Generate Update Preview List,
and the updates about the clusters are displayed. In the FS-Cluster1 - Preview Updates dialog
box, the instructor clicks Close, and the dialog box closes. In the FS-Cluster1 - Cluster-Aware
Updating dialog box, under Cluster Actions, the instructor clicks Apply Updates to this cluster,
and the FS-Cluster1 - Cluster-Aware Updating Wizard is displayed. On the Getting Started
page of this wizard, the instructor clicks Cancel, and the Confirm Canceling Wizard message
box is displayed. In this message box, the instructor clicks Yes, and the wizard closes. In the
FS-Cluster1 - Cluster-Aware Updating dialog box, under Cluster Actions, the instructor clicks
Configure cluster self-updating options, and the FS-Cluster1 - Configure Cluster Self-Updating
Options Wizard is displayed. On the Getting Started page of this wizard, the instructor clicks
Next, and the Add Clustered Role page is displayed. On this page, the instructor selects the
Add the CAU clustered role, with self-updating mode enabled, to this cluster checkbox, clicks
Next, and the Self-updating schedule page is displayed.]

Here is where I can actually configure the schedule, the frequency of when I want the updates
to occur. We have patch Tuesday, so what this allows me to do is to come in here and say,
"Well I don't want it to actually apply on Tuesday, maybe I want to do a few days later, or once
a month on Thursday." I can also specify the Occurrence of the day in the month, and indicate
Weekly or Daily evaluations for updating, I click Next to this. This is where I can actually drop
in other parameters in these fields here, all of these is going to be outputted here for me...Oh,
and I can choose recommended updates, that is a good idea. All of this will be outputted
to...for me into a PowerShell command.

So if I want to, I could actually lift this as well and create my own scheduled task or enhance it
and alter it. I am going to go ahead and click Apply, and this is going to go ahead and take a
few minutes, and apply the Cluster-Aware Updating role with the self-updating settings that I
selected to my actual cluster. Once this is complete, I will resume the demonstration, and we
will actually see updating in action.

[The Self-updating schedule page of the FS-Cluster1 - Configure Cluster Self-Updating

Options Wizard is open. This page displays the following information, such as Frequency of
self-updating, from when the self-update should start, at what the self-update should run,
which day the self-update should run, and the occurrence of the day in the month. The
instructor selects Thursday from the Day of the week drop-down list, clicks Next, and the
Advanced Options page is displayed. On this page, by default, the MaxRetriesPerNode is set
to 3, the instructor clicks Next, and the Confirmation page is displayed. On this page, the
instructor selects the Give me recommended updates the same way that I receive important
updates checkbox, clicks Next, and the Completion page is displayed. On this page, the
instructor clicks Apply.]

All right, the cluster role has been added. Now let's go ahead and initiate an update, so I can
choose Apply updates to this cluster, and I can actually run an analysis to ensure that I am
ready, so this is a tool that we will go through and kind of like the validation wizard it looks at,
you know, making sure that the cluster is up and available. So it will go through and analyze
my readiness, and this takes a moment for it to actually go through and complete. You can see
there that I am progressing through this.

All right, then I am going to go ahead and Apply updates to this cluster. I will show you what
that looks like, and I can preview the updates, and when I do this, you will see that because of
the selections I made in the previous wizard, my RecommendedUpdates argument is turned
on. Here is the actual command and this wizard is going to execute for me. Notice the
UpdateNow switch, so I click Update, and it begins to actually run in the background, and I
can Close this down, and over a little bit of time here this status will change as it goes through
the process that we described. So it will put the first node into maintenance mode, it will
download and install the updates, it will reboot that node, if need be, and then restore it to the
cluster, take it out of the maintenance mode, and then move on to the next cluster.

[The Completion page of the FS-Cluster1 - Configure Cluster Self-Updating Options Wizard is
open. The status shows Success, the instructor clicks Close, and the wizard closes. In the FS-
Cluster1 - Cluster-Aware Updating dialog box, under Cluster Actions, the instructor clicks
Analyze cluster updating readiness results, and FS-Cluster1 - Cluster Updating Readiness
Results dialog box is displayed. This dialog box displays all the cluster analysis results, the
instructor clicks Close, and the dialog box closes. In the FS-Cluster1 - Cluster-Aware Updating
dialog box, under Cluster Actions, the instructor clicks Apply Updates to this cluster, and the
FS-Cluster1 - Cluster-Aware Updating Wizard is displayed. On the Getting Started page of this
wizard, the instructor clicks Next, and the Confirmation page is displayed. On this page, the
instructor clicks Preview the updates that will be applied to the cluster nodes link, and the FS-
Cluster1 - Preview Updates dialog box is displayed. In this dialog box, the instructor clicks
Close, and the dialog box closes. On the Confirmation page, the instructor clicks Update, and
the Completion page is displayed. After the updates are complete, the instructor clicks Close,
and the wizard closes.]

Now we are not going to wait for it to actually complete the updating process.

I want to point out one last thing here and that is I can make configuration changes here based
on how the updates actually apply, so I can go back through and change those options, that I
enabled earlier. I can do something like under here, I can come in here, and say, "Require all
nodes are online." And that is a useful option, because what I am doing there is, I am saying
that, I want to make sure that the cluster is not being, you know, managed by another
administrator, that all the nodes are online and available before the Cluster-Aware Updating
actually runs. I can also include additional scripts which can be useful, and so I have got some
additional advanced options that I would encourage you to review when you are looking at
Cluster-Aware Updating.

[The FS-Cluster1 - Cluster-Aware Updating dialog box is open. In this dialog box, under
Cluster Actions, the instructor clicks Create or modify Updating Run Profile, and Updating Run
Profile Editor dialog box is displayed. In this dialog box, the instructor selects the True
checkbox that appears next to the RequireAllNodesOnline field, clicks Cancel, and the FS-
Cluster1 - Cluster-Aware Updating message box is displayed. In this message box, the
instructor clicks Yes, and the dialog box closes.]

2. Demo: Cluster backup and restore

Clusters can provide failover and protection even for different locations. But what do you do, if
the cluster gets deleted or corrupted? Failover clustering, even multi-site clusters are not
substitute for backup. Clustering cannot provide the same types of recovery that a backup can.
So one important question, ask yourself, do your backup tools support failover clustering? Now
built into Windows Server 2012 is Windows Server backup, and it supports failover clustering.
You install it as a feature. Once it is installed, you can use it to backup your cluster. Let's have
a look. So I have already installed Windows Server backup, so you can see here, and I have
got a couple of backups already done.

Now let's simulate here like a...an accidental failure and administrative action that we want to
recover. So I am going to right-click on my File Server role, and I am going to Remove that.
Now that action is going to now be replicated to the other nodes in the failover cluster. What if I
needed to restore this cluster back to...to the time before I actually did that deletion? Well that
is where I can use this backup that I created earlier and restore it. Now to restore it, I am going
to use wbadmin. So the first thing I am going to do is, do wbadmin get versions, and
this is the list of the backups, and notice there is this Version identifier, which is also called a
Paxos Tag, very important when it comes to doing a recovery. So we want to identify the
content of a particular backup.

[The Failover Cluster Manager window is open. In the navigation pane, under FS1-
Cluster1.corp.brocadero.com, Roles is selected. The instructor opens the wbadmin - [Windows
Server Backup (Local)\Local Backup] window, and closes this window. In the Roles view pane
of the Failover Cluster Manager window, the instructor right-clicks FS3, clicks Remove in the
shortcut menu, and the Remove File Server message box is displayed. In this message box,
the instructor clicks Yes. The FS3 role is now removed. The instructor opens the Window
PowerShell window. At the administrator command prompt, the instructor runs the following
command: webadmin get versions The output this command displays details such as backup
time, backup target, version identifier, various details that can be recovered, and snapshot ID.]

So the next thing I do is, wbadmin get items -version: and then I am going to follow
that up with get versions and then I need to paste, just copy this, there we go.

Oops, what did I do wrong? Oh -version, there we go. All right, so I can see here the
content within these different...that particular backup that I selected. And then I used the
version identifier to pull up this information, and notice I have got Application = Cluster, and this
includes the Cluster Database. So the Cluster Database is actually referring to on the cluster
here, if I go into the Windows folder, there is a folder called Cluster, and a lot of that
configuration is stored in the registry, and it is stored here in the cluster database. So, this has
got some of the configuration that I want to restore.

[The Window PowerShell window is open. At the administrator command prompt, the instructor
runs the following command: webadmin get items -version:12/09/2013-14:51 The output of this
command displays the complete details about all the backups. The instructor browses to
C:\Windows\Cluster folder.]
So to restore this, I am going to use the wbadmin command again, start recovery, and I
am going to use that -version: switch again, but this time I need to indicate what in here, in
this list that I am actually going to restore.

So I am going to do -itemtype:app, and I am going to do app, as you can see there, and
then I am going to do -items:cluster. Oops and once again I have a typo, this should be
-items. Well what did I do wrong here? Do you see it? I do. I forgot my dash. There we go.
That is the thing with these command line tools they are not very forgiving, but they can be
very useful. So here I am going to issue that. Now the next thing that comes up is this
message says, "Warning: This operation will perform an authoritative restore. Do I want to do
that?"

[The Window PowerShell window is open. At the administrator command prompt, the instructor
runs the following command: webadmin start recovery -version:12/09/2013-14:51 -
itemtype:app -items:cluster]

So one of the things I want to bring out to you is, there are two types of restorations when we
talk about recovering from...restoring a backup for a failover cluster. You can perform Non-
Authoritative Restores which simply restores the damaged node and what happens is, its latest
configuration is replicated in from the other nodes, so that cluster database is restored through
replication.

An Authoritative restore basically means I want the cluster database to replicate out. So I want
to restore the state of a particular cluster, I am going to restore this node. Its cluster database
will then become the origin of replication, rather than receiving replication, so we can update
our configuration to previous time. So I am going to go ahead and say, "Yes" to this, and it
should begin...actually performing my authoritative restore, and give it a moment, now this of
course is going to take some time for it to...to finish. But those are the basic steps using the
Windows Server backup, performing the actual backup, scheduling that backup to occur in a
frequent basis. Those are always, of course, important concerns and then understanding the
difference between non-authoritative and authoritative restore.

[The Window PowerShell window is open. The instructor opens the backupnotes - Notepad
window. This Notepad displays the following details: *Non-Authoritative Restore* -Restoring
damaged node -No cluster configuration rollback -Latest cluster config replicates IN from other
nodes *Authoritative restore* -Rollback of the cluster configuration -Cluster config in restored
node replicates OUT The instructor navigates to the Window PowerShell window. The
instructor types Y. The instructor navigates to the backupnotes - Notepad window.]
Windows Server 2012 R2 High Availability
Learning Objective
After completing this topic, you should be able to
◾ configure high availability

1. Configuring high availability

Now let's try an exercise on Network Load Balancing, or NLB, and failover clustering.

You are working as a network engineer for Easynomad Travel Inc.

You have been tasked with making the company intranet web applications highly available.

Question

You create a Network Load Balancing, or NLB, cluster with three Windows Server
2012 R2 nodes. The nodes in the cluster collectively host internal web applications.
You need to ensure that when users connect to the system, they are directed to the
same node in order to maintain continuity. Which Affinity mode should you use?

Options:

1. Single mode
2. Network mode
3. None
4. Host mode

Answer

Option 1: Correct. The Single mode ensures that a single cluster node handles every
request from a single client. This is a requirement for some web applications in order
to maintain session state information.

Option 2: Incorrect. The Network mode allows a single node to respond to all
requests from a particular network. This could not be configured for every network
and so Single mode affinity is required.

Option 3: Incorrect. In this mode, any cluster node can respond to a request. This
means that continuity cannot be assured.

Option 4: Incorrect. You can assign priority to a specific host, but this will not ensure
continuity.
 Correct answer(s):

1. Single mode

Question

You are creating another two-node NLB cluster for a different web application. Each
node has two network adapters and is running Windows Server 2012 R2. Which
operation mode should you configure for the cluster?

Options:

1. Unicast mode
2. Multicast mode
3. Internet Group Management Protocol, or IGMP, multicast mode
4. Single mode

Answer

Option 1: Correct. The unicast mode is suitable for clusters with multiple network
cards and allows you to have a card dedicated to cluster communications.

Option 2: Incorrect. The multicast mode is suitable for NLB clusters with a single
network card. It also requires switches and routers that support multicast.

Option 3: Incorrect. The IGMP multicast mode is suitable for NLB clusters with a
single network card. It also requires hardware support.

Option 4: Incorrect. The single mode is not an NLB cluster operation mode.

Correct answer(s):

1. Unicast mode
Question

You are configuring port rules for your NLB clusters. You have a web application
which uses an irregular port, and you want to make sure requests to this port are
handled by one specific host. What should you configure?

Options:

1. Multiple hosts filtering and the Load weight parameter

2. Single host filtering and Single mode affinity
3. Single host filtering and the Handling priority parameter

Answer

Option 1: Incorrect. The multiple hosts filtering mode means that multiple hosts in the
cluster will handle traffic associated with the port rule.

Option 2: Incorrect. Affinity parameters are only applicable to the multiple hosts
mode.

Option 3: Correct. The Handling priority parameter allows you to give a unique
priority number to the host pertaining to the port rule with 1 being the highest priority.

Correct answer(s):

3. Single host filtering and the Handling priority parameter

Question

You decide to create a two node failover cluster for a database for one of the web
applications. Which statements describe requirements which must be met for failover
clustering with Windows Server 2012 R2?

Options:

1. Each node in the cluster must run the same edition of Windows Server
2. All nodes must be in the same domain
3. The same roles must be installed on each node
4. The network adaptors must be identical on each node
Answer

Option 1: Correct. If one server is running Windows Server 2012 R2 Datacenter

edition, then they must both run Datacenter edition.

Option 2: Incorrect. With Windows Server 2012 R2, you can now deploy an Active
Directory-Detached Cluster without the Active Directory, or AD, dependencies of prior
versions.

Option 3: Incorrect. The servers do not require the same roles to be installed.

Option 4: Incorrect. The server hardware components, such as network interface

cards, or NICs, must be certified for Windows Server 2012 R2, but they do not have
to be identical.

Correct answer(s):

1. Each node in the cluster must run the same edition of Windows Server

© 2018 Skillsoft Ireland Limited