Category: Windows Server 2012 R2

NetApp OnCommand #Shift and #MAT4Shift using #MAT #NetApp #OnCommand #NetAppCommunity

During the migration of several VMware Vm’s to hyper-v I tested several migration scenario’s and I had a Netapp Storage device so why not using Netapp instead of 5nineEasyConverter,StarWindConverter or Migration Automation Toolkit (MAT). and I must say every tool has its own privilege. you should combine them all into a godmode toolkit. but for now I tested the Netapp Shift tool but it seems it has be upgraded to netapp Oncommand.

So the big difference there is between shift and OnCommand is that shift is using a Database and OnCommand is using apache with powershell.

Both methods are nice but when the conversion of the servers has multiple domains different user accounts in the netapp and VM’s then you have a big task for movement en then the OnCommand is better and more Flexible.

So what is netapp OnCommand :

Convert data with ease across hypervisor platforms using OnCommand Shift. Cut virtualization costs to stretch IT spend. With fast, scalable, and simple virtual machine conversion, you can shift data with ease across hypervisor platforms—stretching your IT budget and avoiding vendor lock-in. The NetApp® OnCommand® Shift data-conversion tool (evolved from MAT4Shift) accelerates VM migrations between VMware® ESX/ESXi and Microsoft® Hyper-V

 

.image

 

Because OnCommand Shift enables extreme VM conversion speed, bi-directional migrations, and automates bulk VM conversion, you can expect less downtime and greater flexibility—even for large VM migration projects. Conversions now take just minutes.

OnCommand Shift captures the success with and learning gained from the MAT4Shift tool and takes it to the next level. What does OnCommand Shift do? You, our customers, told us that you love the fact that you can migrate your VMs in minutes with it, with near zero touch! Check! And it does that faster than with MAT4Shift. You also told us that the fact that we use PowerShell rocks! Not only do we use PowerShell, but it’s a true PowerShell module with real CmdLets. So script to your heart’s content. If you want to migrate your VMs in either direction, NetApp can do that too.

OnCommand Shift in action looks like sorcery and magic. Well, it kind of is—NetApp magic! It leverages three unique capabilities that NetApp delivers:

  • NFS and CIFS shares on a single volume
  • The capability to clone files nearly instantaneously regardless of size
  • Conversion of VM disk formats while leveraging the cloning technology for extremely rapid cloning and conversion

Below is a nice overview on how things are handled. And this brings me on another migration scenario that is also a nice opportunity.

share the VMware nfs share with Hyper-v so both can access the Volume. use the  StarWindConverter or Migration Automation Toolkit to Convert the VM.

Time about 40GB in 15 Minutes what was fine for me. this config saves you the Slow copy from VMware to hyper-v with all conversion tools. #NetApp will do this faster 5 Minutes.

Figure 1) Cloning and Converting VM Disk Files.jpg

 

The Powershell usage with the get-shiftserverstate you can call the apache server or with the verbose option get more info.

 

image

 

This will convert the ESX to Hyperv with name and IP to name and IP

image

Below is the Conversion script I used  keep in mind to change the Passwords / user accound and server names. As I did create a variable for the user and password. As I did several test and find it useful to get a lot of checksums something’s may be double as I copied some rules for easiness. and the useraccounts need to be a local admin to uninstall the vmware tools.

My conversion machine was also the hyper-v server.

# OnCommand Shift PowerShell Cmdlets Example  admin Password
$password = ConvertTo-SecureString -AsPlainText -Force "Password"
$cred = new-object -typename System.Management.Automation.PSCredential -argumentlist  "admin", $password
Connect-ShiftServer -host  10.255.255.4 -port 8443 -credential $cred

#Disconnect-ShiftServer

#### change password on command shift server
$newpassword = ConvertTo-SecureString -AsPlainText -Force "Password"
$newcred = new-object -typename System.Management.Automation.PSCredential -argumentlist "admin", $newpassword
Set-ShiftServerCredentials -cred $newcred

Get-ShiftServerState

Get-ShiftServerState -Verbose
Connect-ShiftServer -host  10.255.255.4 -port 8443 -credential $cred

$password1 = ConvertTo-SecureString -AsPlainText -Force "Mat4Shift"
$cred1 = new-object -typename System.Management.Automation.PSCredential -argumentlist  "Mat4Shift", $password1
Set-ShiftOntapConfig -clusterIp "10.255.255.81" -destinationPath "Sharename01" -force -Verbose -credential $cred1

#some checksums

Get-ShiftOntapConfig
winrm get winrm/config/client

Set-ShiftGuestOSConfig -domain mvp.local -force
Get-ShiftGuestOSConfig

# Set Vmware passwords
$password = ConvertTo-SecureString -AsPlainText -Force "Password"
$cred = new-object -typename System.Management.Automation.PSCredential -argumentlist "mvp\vmware", $password
Set-ShiftHypervisorConfig -credential $cred -name vmware -datacenter "Data Center" -force -hostname vmw01.mvp.local -IPaddress 10.255.255.81

#set hyperv passwords

$password = ConvertTo-SecureString -AsPlainText -Force "Password"
$cred = new-object -typename System.Management.Automation.PSCredential -argumentlist "mvp\admin", $password
Set-ShiftHypervisorConfig -credential $cred -name "Hyper-v" -IPaddress "10.255.255.4" -hostname "hyp01.mvp.local" -datacenter "" -force

Get-ShiftHypervisorConfig
#Add-ShiftNetworkConfig -name "Primary Network" -sourceSwitch "VM Network" -destinationSwitch "VM_Converged_Network"
Add-ShiftNetworkConfig -hypervSwitch VM_Converged_Network -name LAN -vmPortGroup vSwitch0 -vLanId 10 -force

Get-ShiftNetworkConfig
# Remove-ShiftNetworkConfig -name Network-A

#first trail conversion

Convert-VirtualMachine -source esx -destination hyperv -name "vmconvert01" -ipAddress 10.255.255.200 -force

#get all the info in the job status or get a CSV file

Get-ShiftJobStatus J_ddc0f6ed-0bdf-48ee-8a7e-60264b7e7a7e -loop
Get-ShiftReport -file c:\shiftreport.csv
notepad c:\shiftreport.csv

$password = ConvertTo-SecureString -AsPlainText -Force "Password"
$cred = new-object -typename System.Management.Automation.PSCredential -argumentlist "administrator", $password
Convert-VirtualMachine -source esx -destination hyperv -name "vmconvert02" -credential $cred -ipAddress 10.255.255.202 -domain mvp.local
Convert-VirtualMachine -source esx -destination hyperv -name "vmconvert02" -ipAddress 10.255.255.202

# with the verbose option you get more info As I tested with different accounts!

$password = ConvertTo-SecureString -AsPlainText -Force "Welkom01"
$cred = new-object -typename System.Management.Automation.PSCredential -argumentlist "mvp\admin", $password
Convert-VirtualMachine -source esx -destination hyperv -name "vmconvert02" -credential $cred -ipAddress 10.255.255.202  -domain mvp.local -Debug –Verbose

#get the jobstatus in verbose mode – best to use verbose all the time!

Get-ShiftJobStatus J_59661117-fcc3-416f-b3f7-bd5ec926237b -loop -Verbose -Debug

#get the results

Get-ShiftReport -file c:\shiftreport.csv
notepad c:\shiftreport.csv

 

Get-ExecutionPolicy

# Create Netapp SVM
# OnCommand Shift PowerShell Cmdlets Example  admin Password
$passwordsvnm= ConvertTo-SecureString -AsPlainText -Force "Password"
$credsvm new-object -typename System.Management.Automation.PSCredential -argumentlist  "admin", $passwordsvm
New-SVM -file C:\svm_params.txt -Verbose -Debug

If you need more info about the Powershell Commands 

import-module *
Get-Module
Get-Command -Module ShiftClient

My conclusion is it is hard to get NetApp OnCommand to work because you need network/storage guys to work together and you will need the correct user accounts for the servers. but when is is running it is fast and true every server in less than 5 Minutes. But not usable in some situations when using multiple domains and the netapp configured and no option to reconfigure. And yes a dedicated NetApp would be nice but hardly the case.

Still Conversion takes time and this is also the point of moving or staying on VMware cause it takes so much time and effort to migrate / downtime projects could fail on this.

Of all the tools I used proven method for me is create a new lun mount this to VMware and make sure Hyper-v can also access this LUN. then do a storage migration of the VM to the LUN and turnoff the VM and use the Migration toolkit to convert the machine yes this is slow but not all have a NetApp. with fast storage SSD I got 3,66 GB/Minute and that was fine with an average VM size of 150 GB. And as a DC you can easily build a new one and replicate the AD to the Fresh server.

 

Happy clustering

Robert Smit

@clusterMVP

https://robertsmit.wordpress.com

Quick Create a Windows Server 2012 R2 Network Load Balancing (NLB) ,How To , Step by Step #winserv #NLB #ws2012

As there are still many questions on how to setup a Windows NLB. Or not getting a working situation with all kind of different errors.

I made already two Blog post about NLB. This blog post will be a bit off Both.

https://robertsmit.wordpress.com/2014/08/20/create-a-new-network-load-balancing-nlb-cluster-on-windows-server-2012-r2-winserv-nlb/

https://robertsmit.wordpress.com/2012/06/26/windows-2012-clustering-network-load-balancing-nlb-how-to-step-by-step/

So for starting I have 4 NLB nodes MVPSQL141 to MVPSQL 144

The NLB tools I installed with Powershell Run this on every NLB node!

Install-WindowsFeature nlb –IncludeManagementTools

 

image

Now that the tools are installed We can start with the Configuration of the NLB.

Starting the NLB manager to Create the NLB cluster and joining the Other Nodes.

image

All my nodes have multiple network cards and for the NLB I use always a dedicated NIC to avoid problems.

I select the create new cluster from the menu and add the First NLB node.

image

As you can see there are 3 nic’s in this case I use the Ethernet connection. The Public connection is connected to the Domain.

And All NIC’s have a fixed IP Addresses.

image

As you can see the nic has a dedicated IP if the nic has a DHCP Address you can give here a fixed IP by selecting ADD

image

This step is adding the Cluster IP by selecting ADD and then choose the right NLB Cluster IP!

image

Right Creating a DNS name for the NLB Cluster.

image

As I will only use Port 80 I changed the Rule and selected only port 80. I does not make sense to select all the ports when using only 80 and or 443.

image

Now that the Cluster is created We can join other Nodes with add host to the cluster I the menu. You can do only One Node at the time. the same screens as above are showing so no reason to capture this. However I have one node that has no fixed IP

image

When Adding this node there is a little warning.

image image

As you can see the IP is not there therefore I do ADD and create a FIX IP on the NIC when I select Next the port policy will appear and the node Will be joined to the Cluster.

image

If anything fails to join the NLB node to the Cluster you need to look on this node. Creating NLB is a simple Process. Basic rule all nics need to See and Ping on FQDN and IP incoming and outgoing ! and make sure the NLB DNS entry is there and make sure the reversed lookup is also there!

When joining the NLB IP to IIS make sure you use the Cluster NLB IP and remove all other IP bindings!!

image

 

Happy nlb clustering

Robert Smit

@clusterMVP

https://robertsmit.wordpress.com

How to setup Azure VPN for Site-to-Site Cross-Premises or Create a Virtual Network for Point-to-Site #VPN #Azure #winserv

There are a lot of real good Blog post on how to create Azure Site to Site. And as the Vnext Windows Server is more and more connecting to the Cloud. I’ll show you how to create a S2S & P2P VPN setup. And The VPN option will get you to a real hybrid Network and This could be awesome. keep reading my blog posts. The Next blog post will be more about Hybrid Configurations.

image

So what do we need for a hybrid Environment Well I’ll setup a poor men’s version, that means One Hyper-v server home Router and an Azure Subscription.

First We setup a windows Server No special needs for this 4GB memory and 1 Disk but with two network cards. ( this is a VM )

So one NIC is on my corp network and the other NIC is connected to the friendly Internet.

When you have the server installed you only need to install RRAS Role Service and no direct configuration needed.

So by GUI or with Powershell   add-WindowsFeature DirectAccess-VPN,Routing

image

That is all what needed and you will need to create two NAT rules on your router ( however NAT is not supported )

image

But this all depends on you network configuration. 

The next step is Azure .

As I do net have a Network in azure I create a network that I will use for my VM’s that I will build after the network configuration, But I you already have a network in azure you can use that network.

 

image

But what Do I need Well It does not mater the Quick is configurable after creating the network. And the Custom is more Wizard driven.

For the screenshots I’ll pick Custom.

image The First step is pick a network name, No Change can me made afterwards ( well not easily )

 

image

Next step is Setting Checkboxes and DNS. I use an on premise DNS server but If you run a DNS in Azure You can use this server.

image

If you have already a network then you can pick the DNS servers from the list and pick also a local network.

I this case everything is New So give the DNS server a name and IP this is my local DNS server and I use a Internet DNS server. Just because this is an Easy IP address.

And I selected the Configure a point-to-site VPN and Configure a site-to-site VPN and on the Local Network I choose a new local network.

 

image

Now that the Diagram is filled we do some configuration, As my local network is a 10 network and I like to not have this in the same range in this Scenario.

image

So I pick a 172.16.32.0/24 For my point-to-site VPN.

The next step is more Complicated, We need to pick a Local-Network name and We need to find the External IP on you network.

 

image

To find My external IP I use Bing just ask “ what is my IP “

image

Easy

The Next step is create a Address space for this network.

image

 

image

You have to check the Add Gateway Subnet this is uses for the Site-to-Site VPN

see Virtual Network Address Spaces page in About Configuring a Virtual Network using the Management Portal.

 

image image

Check the Box and you can see it is creating the network configuration but not the Gateway this is done in the next step.

 

image

After the Network Creation is Done We add the Gateway Configuration / Creation

image

image

This will take about 30 minutes to create ( and Will cost you about 12 euro a month )

While this is creating we will configure the P2P VPN.

image

One way to create an X.509 certificate is by using the Certificate Creation Tool (makecert.exe). To use makecert, download and install Microsoft Visual Studio Express 2013 for Windows Desktop, which is free of charge.

In this case I’ll use make cert.

Generate a self-signed root certificate the name can be your name or what you like.

makecert -sky exchange -r -n "CN=BlogRootCert" -pe -a sha1 -len 2048 -ss My "BlogRootCert.cer"

Generate a client certificate

makecert.exe -n "CN=BlogClientCert1" -pe -sky exchange -m 96 -ss My -in "BlogRootCert" -is my -a sha1

image

All certificates are stored in your Personal certificate store on your computer. Check certmgr to verify. You can generate as many client certificates as needed based on this procedure. Recommend is that you create unique client certificates for each computer that you want to connect to the virtual network.

A client certificate must be installed on each computer that you want to connect to the virtual network. This means you will probably create multiple client certificates and then need to export them. To export the client certificates, use certmgr.msc. Right click on the client certificate that you want to export, click all tasks, and then click export.

image

Export the client certificate with the private key. This will be a .pfx file. Make sure to record or remember the password (key) that you set for this certificate.

image

Copy the .pfx file to the client computer. On the client computer, double-click the .pfx file in order to install it. Enter the password when requested. Do not modify the installation location.

But the ROOTCERT is needed in Azure and we need to import this. When the Gateway is ready you can see in the Clients that it needs a certificate

image

imageimage

Uploading the Certificate is the Certificate that we just Created

makecert -sky exchange -r -n "CN=BlogRootCert" -pe -a sha1 -len 2048 -ss My "BlogRootCert.cer"

 

image

Now that all the Azure Configuration is Done We configure the RRAS server as you can see in the overview the Gateway and P2P VPN is not Connected.

 

image

On the right there is a little list with some Download links

image

First we download the RRAS Configurations Script   Download VPN Device Script

Just make sure You select the Windows Server 2012 R2 as we are using this for the gateway.

imageimage

When running this script in the RRAS server there is a Common Error the RRAS service is restarted so therefor it can not connect just run the connect line again and it will work.

However this is a CFG script you can rename this to PS1 Or Run this in Powershell ISE like I did.

image

image

# Dial-in to Azure gateway
Connect-VpnS2SInterface -Name 191.233.89.184

image

image

The Site To –Site VPN is now connected

For the Client You will use the Download the 64-bit Client VPN Package

 

image

Keep in mind Windows Does not trust an Downloaded EXE file so before you can install this it needs to unblock 

image

imageimage

Now that the File is unblocked we can install the VPN this is a real quick install and no screens to view but in the network You can see a new network, in this case BlogHybrid.

For connecting just click the network and connect.

 

image  image

Now I’m Connected.

image

As you can see I’m connected With point-to-site VPN and a site-to-site VPN.

image

With a site-to-site VPN I can use Windows Azure Servers connecting To my local Domain.

With point-to-site VPN I can Connect With a Windows Azure VM on the Internal IP without using the VNname.cloudapp.net IP.

And you can also connect Azure to Azure VPN between Subscriptions

This Will be the basic’s for my next Blog post Azure is very useful for easy testing an getting a heavy machine for your workload even for one day.

 

Happy clustering

Robert Smit

@clusterMVP

https://robertsmit.wordpress.com

Technorati Tags: Windows Azure,Azure File service,Windows,Server,Clustermvp,Blob,cloud witness

Azure File share usage for Windows Server 2012R2 and Cluster Quorum usage #Azure #winserv #cloud

https://robertsmit.wordpress.com/2014/11/04/azure-file-share-usage-for-windows-server-2012r2-and-cluster-quorum-usage-azure-winserv-cloud/

The file share option in azure can be used for several configurations. Say you want a azure share on your desktop or build a DFS in azure and use this in your private cloud. or build a file share witness for your cluster, and in the Windows Server technical preview there is the Cloud witness. But this can be done in windows server 2008 also.  there is no change but only the method on how to do this and maybe the cluster Support.

Azure Files is built on the same technology as the Blob, Table, and Queue Services, which means Azure Files is able to leverage the existing availability, durability, scalability, and geo redundancy that is built into our platform.

 

image

 

image

The File share can be used for several Scenarios

  • “Lift and Shift” applications

Azure Files makes it easier to “lift and shift” applications to the cloud that use on-premise file shares to share data between parts of the application. To make this happen, each VM connects to the file share (see “Getting Started” below) and then it can read and write files just like it would against an on-premise file share.

  • Shared Application Settings

A common pattern for distributed applications is to have configuration files in a centralized location where they can be accessed from many different virtual machines. Such configuration files can now be stored in an Azure File share, and read by all application instances. These settings can also be managed via the REST interface, which allows worldwide access to the configuration files.

  • Diagnostic Share

An Azure File share can also be used to save diagnostic files like logs, metrics, and crash dumps. Having these available through both the SMB and REST interface allows applications to build or leverage a variety of analysis tools for processing and analyzing the diagnostic data.

  • Dev/Test/Debug

When developers or administrators are working on virtual machines in the cloud, they often need a set of tools or utilities. Installing and distributing these utilities on each virtual machine where they are needed can be a time consuming exercise. With Azure Files, a developer or administrator can store their favorite tools on a file share, which can be easily connected to from any virtual machine.

 

Again this is just a preview Just be sure to understand the limitations of Azure Files the most important are:

  • 5TB per share
  • Max file size 1TB
  • Up to 1000 IOPS (of size 8KB) per share
  • Up to 60MB/s per share of data transfer for large IOs
  • SMB 2.1 support only

 

Here are the Links to the How to create a azure file share and build your desktop share

https://robertsmit.wordpress.com/2014/06/16/microsoft-azure-file-server-system-error64-or-new-azurestorageshare-cannot-bind-parameter-context-azure-cloud-mvpbuzz/

Build the Windows Server Cluster Azure Quorum Cloud Witness  in just a few Steps.

https://robertsmit.wordpress.com/2014/10/28/configuring-advanced-quorum-configuration-as-a-cloud-witness-windows-azure-files-cloud-azure-winserv-witness/

And yes you can build several configurations with the Azure File share Cloud Storage is there to use it. there is only one thing with the Cloud you will need an internet connection to your servers. unless you already use expressroute.

 

Happy clustering

Robert Smit

@clusterMVP

https://robertsmit.wordpress.com

Http://www.smit.guru

Technorati Tags: Windows Azure,Azure File service,Windows,Server,Clustermvp,Blob,cloud witness

Failed to install .NET Framework 3.5 Feature Windows Server 2012R2 OR on #Azure VM Error 0x800f081f Working Solution #winserv #MVPBuzz

you have just installed a fresh new Windows Server 2012R2 on premise or in Azure and you need to install .Net Framework 3.5 Features

But it fails with an error 0x800f081f

a quick search says you need this command to do this well eh why ? but any way it is on the web so it must be right .

dism.exe /Online /Enable-Feature /FeatureName:NetFx3 /All /LimitAccess /Source:E:\sources\sxs  <> Will not Work

But why everybody says thanks! let me that you to the real problem. Reminder this is for all Servers even in Azure !

image

We checked the .Net Framework 3.5 Features and failed

image

Next attempt Give the Source to the installation. not very handy in Azure first download a ISO then mount this to the OS.

But it is on the Web so it must be true and the installation says he I need a Source I do not have these files and the OS is not lying or does it ?

image

So we put in the Source and give it a try.

image

 

image

Same error and with the source, maybe my source is not right , yeh right.

Test tis one more time form the Command

Then there is this line, this should work eh yes is did not.

dism.exe /Online /Enable-Feature /FeatureName:NetFx3 /All /LimitAccess /Source:E:\sources\sxs

 

image

See it did not work, I told you so in the first line So what is really going on in this system.

The Real fix for installing .NET Framework 3.5 Feature and Error 0x800f081f

If you open a PowerShell window and query the roles and features Get-WindowsFeature take a look at .NET Framework 3.5.

image

In the last column the Install state is different, it says Removed ?

  1. Removed means that you can install the feature but the source files for that are not available for this OS (not always)
  2. Installed means that the role or feature is already enabled and in use
  3. Available means that you can install the feature and the source files are on the machine and the OS can use them

But Removed, If the @Azure Team has removed this feature could this be the problem ?

Let me check if there are Updates for my system.

image

image

What there is an update for me and I do not have the .NET 3.5 Framework features installed.

then there must be an update there for me that is nagging me. Let me search the updates for .NET 3.5 Framework and compare them to the Installed updates.

KB2966828  http://support2.microsoft.com/kb/2966828

This is an .NET 3.5 Framework update ad must be installed when the .NET 3.5 Framework was installed and patched

image

I uninstalled this update

image

Reinstalled .NET 3.5 Framework feature and see now it is working.

image

So all the time a Windows Update is keeping me from installing the .NET 3.5 Framework Feature.

Sometimes Windows can be a pain, But you are in control !

Happy Clustering!

Robert Smit

Http://robertsmit.wordpress.com

@clustermvp

 

Technorati Tags: ,,,,,,
WordPress Tags: Framework,Feature,Windows,Server,Azure,Error,Solution

Hyper-v Virtual Machine Connection in Windows Server 2012R2 #hyper-v #winserv

Did you know that you could connect to other Hyper-v servers and then open the Console ?

In the system32 folder there is a file vmconnect.exe

You can connect to the local or to other Hyper-v servers in your domain

 

image

image

Just type your Hyper-v server and all the VM’s are listed and you can easy connect to them.

image

The console is opened and you can even change the settings. how cool is that!

 image

With this there is less reason to connect with RDP to the Hyper-v Servers for just to change something in the VM. this is an easy tip.

Happy Hyper-v

Robert Smit

@clusterMVP

https://robertsmit.wordpress.com

StorScore A test framework to evaluate SSDs and HDDs #Cloud Server Infrastructure Engineering #CSI #ssd #winserv @microsoft

StorScore is a component-level evaluation tool for testing storage devices.
When run with default settings it should give realistic metrics similar to
what can be expected by a Windows application developer.

image

You must download and install the following or StorScore will not work:

    A Windows Perl interpreter:
        ActiveState: http://www.activestate.com/activeperl
        Strawberry: http://strawberryperl.com/
   

Strawberry Perl is a perl environment for MS Windows containing all you need to run and develop perl applications. It is designed to be as close as possible to perl environment on UNIX systems.

http://www.microsoft.com/en-us/download/details.aspx?id=43739

imageimage

With the output you can create some pivot tables and get great output.

image

Create a New Network Load Balancing NLB Cluster On Windows Server 2012 R2 #Winserv #nlb

Still I thought NLB is so common that there is no point here to create a blog. but recently I see a lot of misconfigurations of NLB or people trying to do the easy way and not listen to the guidelines. So this blog is all about NLB only in the private cloud you can’t extend this to Azure even if you have a S2S.

So I have two servers in my private cloud.  MVPNLB001 and MVPNLB002 Both Machines have two NIC’s one for LAN and the other is for the NLB actions.

and yes it can be with one but with two is it much easier and fault tolerant. Less errors and less administration.

Both domain joined and ready for Setup of my basic IIS.

First we setup IIS with the Management tools

image

Install-WindowsFeature -Name Web-Server Or Add-WindowsFeature Web-WebServer –IncludeAllSubFeature to get all the features

Install-WindowsFeature -Name Web-Mgmt-Tools
Add-WindowsFeature NET-Framework-45-ASPNET

Get-WindowsFeature nlb*

 

image

add-WindowsFeature –Name NLB

add-WindowsFeature RSAT-NLB

Now we are ready to configure the NLB. We can do this With powershell but the GUI also Works.  ( I show both )

image 

 

The First Step will be Create a New NLB Cluster. As I do like things clear and therefor I start with rename the NIC names

Rename-NetAdapter -Name "Ethernet 2" -NewName "NLB"

Rename-NetAdapter -Name "Ethernet" -NewName "LAN"

imageimage

Open the NLB Manager and select Cluster NEW

imageimageimageimageimage

Or use powershell

Rename-NetAdapter -Name "Ethernet 2" -NewName "NLB"

New-NetIPAddress -IPAddress 10.255.255.93 -InterfaceAlias "NLB" -AddressFamily IPv4 -PrefixLength 24

In this case we renamed the adapter and give the nic a static IP.

The next steps Will be creating the NLB with his own IP and Remove the default port rule and use only ports that I want say port 80

imageimageimage

Well that was easy Creating the NLB Next step will be delete the port rule and create a 80 port rule 

imageimage

We will remove the default line and just create a rule for one port that I need in this case port 80

Network Load Balancing parameters

http://technet.microsoft.com/en-us/library/cc778263(v=ws.10).aspx

 

 

These steps can be done in just a few more PowerShell lines ( I use variables see below the post for the complete script )

#Creating new cluster
Write-Host "Creating NLB Cluster…" -ForegroundColor yellow
New-NlbCluster -ClusterName $ClusterFqdn -InterfaceName $InterfaceName -ClusterPrimaryIP $ClusterPrimaryIP -SubnetMask $ClusterPrimaryIPSubnetMask -OperationMode $OperationMode

#Removing default port rule for the new cluster
Write-Host "Removing default port rule…" -ForegroundColor yellow
Get-NlbClusterPortRule -HostName . | Remove-NlbClusterPortRule -Force

image

But now what we have only One Server and we need to add the other node or nodes.

imageimage

With two more confirmations screens you are done and have a Configured NLB on One 1 IP listening on port 80

Suppose you have multiple websites and all running on different IP or hostnames just add a cluster IP

imageimageimage

Now that the NLB is created We can do some testing

Now to get this to work with IIS

image

That is right page not found. Check the DNS see if the record is created. and make sure the website IIS is running on this IP

Go to the IIS manager and check the website bindings, default it is listening on all IP but this is not the behavior that I want I want a NLB. So we need to set the website on the NLB IP configured earlier.  When Having multiple IP on the NLB pick the right IP!

imageimageimageimage

Remember this you need to do this on all the Webservers!

image

 

A complete script to automate all these steps and add a second node. only the IP is fixed in the script and can be set as variable but this is up to you.

use this at free will. I created small steps so you can use also little steps if you need this or just give you an Idea.

<>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>

#Set IP for NLB
Write-Host "Set NLB IP and change Network adapter" -ForegroundColor yellow
Rename-NetAdapter -Name "Ethernet 2" -NewName "NLB"
New-NetIPAddress -IPAddress 10.255.255.93 -InterfaceAlias "NLB" -AddressFamily IPv4 -PrefixLength 24

#Set ExecutionPolicy
Write-Host "Set ExecutionPolicy" -ForegroundColor yellow
Set-ExecutionPolicy -scope LocalMachine RemoteSigned –force

#Add-WindowsFeature
Write-Host "Add-WindowsFeature NLB" -ForegroundColor yellow
add-WindowsFeature NLB
add-WindowsFeature RSAT-NLB

#Variables for creating the new cluster
Write-Host "Variables for creating the new cluster" -ForegroundColor yellow
$ClusterFqdn = Read-Host "Enter NLB cluster Name FQDN"
$InterfaceName = Read-Host "Enter interface name for NLB-adapter"
$ClusterPrimaryIP = Read-Host "Enter cluster primary IP"
$ClusterPrimaryIPSubnetMask = Read-Host "Enter subnetmask for cluster primary IP"

Write-Host "Choose cluster operation mode"
Write-Host "1 – Unicast"
Write-Host "2 – Multicast"
Write-Host "3 – IGMP Multicast"
switch (Read-Host "Enter the number for your chosen operation mode")
{
1 {$OperationMode = "unicast"}
2 {$OperationMode = "multicastcast"}
3 {$OperationMode = "igmpmulticast"}
default {Write-Warning "Invalid option, choose ‘1’, ‘2’ or ‘3’";return}
}

#Creating new cluster
Write-Host "Creating NLB Cluster…" -ForegroundColor yellow
New-NlbCluster -ClusterName $ClusterFqdn -InterfaceName $InterfaceName -ClusterPrimaryIP $ClusterPrimaryIP -SubnetMask $ClusterPrimaryIPSubnetMask -OperationMode $OperationMode

#Removing default port rule for the new cluster
Write-Host "Removing default port rule…" -ForegroundColor yellow
Get-NlbClusterPortRule -HostName . | Remove-NlbClusterPortRule -Force

#Adding port rules

Add-NlbClusterPortRule -Protocol Tcp -Mode Multiple -Affinity Single -StartPort 80 -EndPort 80 -InterfaceName $InterfaceName | Out-Null
Write-Host "Added port rule for http (tcp 80)" -ForegroundColor yellow

Add-NlbClusterPortRule -Protocol Tcp -Mode Multiple -Affinity Single -StartPort 443 -EndPort 443 -InterfaceName $InterfaceName | Out-Null
Write-Host "Added port rule for https (tcp 443)" -ForegroundColor yellow

#Adding additional cluster nodes based on user input
Write-Host "Give Second NLB host" -ForegroundColor yellow
$Node2Fqdn = Read-Host "Enter 2e NLB node"

#Set Network Adapter
Enter-PSSession -ComputerName $Node2Fqdn
invoke-command -computername $Node2Fqdn -scriptblock { Rename-NetAdapter -Name "Ethernet 2" -NewName "NLB"}
invoke-command -computername $Node2Fqdn -scriptblock { New-NetIPAddress -IPAddress 10.255.255.92 -InterfaceAlias "NLB" -AddressFamily IPv4 -PrefixLength 24}
Write-Host "Placed NLB IP and changed NIC to NLB" -ForegroundColor yellow
exit-PSSession

#Add-WindowsFeature
Write-Host "Add-WindowsFeature NLB" -ForegroundColor yellow
Enter-PSSession -ComputerName $Node2Fqdn
invoke-command -computername $Node2Fqdn { add-WindowsFeature NLB}
invoke-command -computername $Node2Fqdn { add-WindowsFeature RSAT-NLB}
exit-pssession

#Add Remote Node To NLB
Write-Host "Adding cluster node $Node2Fqdn" -ForegroundColor yellow
Get-NlbCluster | Add-NlbClusterNode -NewNodeName $Node2Fqdn -NewNodeInterface NLB

 

Have fun

Robert Smit

Twitter : @clustermvpTwitter : @clustermvp

https://robertsmit.wordpress.com/

Windows 2012R2 UR1 Cluster Event ID 1223,1069,1077 does not have a valid value for the read-only property ‘ObjectGUID’ #winserv #network

You just created a fresh new cluster based on a PowerShell script and you checked the validation report and read only “Success” great you open the Failover cluster manager and yes there is a cluster

image image

#Install cluster options
Get-WindowsFeature Failover-Clustering
install-WindowsFeature “Failover-Clustering”,”RSAT-Clustering” -IncludeAllSubFeature
#Create cluster validation report
Test-Cluster -Node mvpsql141,mvpsql142
#Create cluster
New-Cluster -Name MVPSQL1401 -Node mvpsql141,mvpsql142 -NoStorage -StaticAddress “10.255.255.71”
#Add disks to the cluster
Get-ClusterAvailableDisk -Cluster MVPSQL1401
Get-ClusterAvailableDisk -Cluster MVPSQL1401 |Add-ClusterDisk
#Add disk to CSV
Add-ClusterSharedVolume -Cluster MVPSQL1401 -Name “Cluster Disk 1”
#Set Cluster Quorum
Set-ClusterQuorum -Cluster MVPSQL1401 -FileShareWitness \\mvpdc01\cluster
#set network configuration
(Get-ClusterNetwork “Cluster Network 1”). Role =0

 

But you want to setup some resources but it fails you double check your script and again it failed. you looked at the last error and see an error

“ The network name Name: MVPSQL2014 does not have a valid value for the read-only property ‘ObjectGUID’.”

Followed by several event ID Event ID 1223 1069 1077

You checked the networks

clip_image006

 

but after open the IP resource you can’t select a network ! but all networks are up !
clip_image001

So what is the problem ?  lets check all the events this must be a but I did everything right

This resource is marked with a state of ‘Failed’ instead of ‘Online’. This failed state indicates that the resource had a problem either coming online or had a failure while it was online

The network name Name: MVPSQL2014 does not have a valid value for the read-only property ‘ObjectGUID’. To validate the service principal name the read-only private property ‘ObjectGuid’ must have a valid value. To correct this issue make sure that the network name has been brought online at least once. If this does not correct this issue you will need to delete the network name and re-create it

Health check for IP interface ‘Cluster IP Address’ (address ‘10.255.255.71’) failed (status is ‘1168’). Run the Validate a Configuration wizard to ensure that the network adapter is functioning properly.

Cluster IP address resource ‘Cluster IP Address’ cannot be brought online because the cluster network ‘Cluster Network 1’ is not configured to allow client access. Please use the Failover Cluster Manager snap-in to check the configured properties of the cluster network.

Event ID 1223 1069 1077

See the last error “ ‘Cluster Network 1’ is not configured to allow client access. “ but I did set this option , yes you did see the script

(Get-ClusterNetwork “Cluster Network 1”). Role =0

 

but Role 0 ?

Cluster Network Roles:

Cluster networks are automatically created for all logical subnets connected to all nodes in the Cluster.  Each network adapter card connected to a common subnet will be listed in Failover Cluster Manager.  Cluster networks can be configured for different uses.

Name

Value

Description

Disabled for Cluster Communication

0

No cluster communication of any kind sent over this network

Enabled for Cluster Communication only

1

Internal cluster communication and CSV traffic can be sent over this network

Enabled for client and cluster communication

3

Cluster IP Address resources can be created on this network for clients to connect to. Internal and CSV traffic can be sent over this network

 

I changed the Role to 3

(Get-ClusterNetwork “Cluster Network 1”). Role =3

Or in the gui

clip_image008clip_image007

clip_image009

One happy cluster again as you can see mistakes are easily made and not always detected directly so just make sure your cluster is running healthy before you move further

Windows Server 2012 R2 Update KB2919355 #update #winserv #PoshPAIG #Patch #Audit/Installation GUI

Don’t forget to update your servers with update 1 and keep in mind that if you choose to update your clusters by hand. That you patch all the servers and not leave the cluster is a split-patched environment!. You will not be the first that have cluster troubles by mispatching.

now that there is a Update 1 you can see different patch models from 800 Mb to 3 MB depends on the update status from the machine.

image

image

Windows Server 2012 R2 Update is a cumulative set of security updates, critical updates and updates. You must install Windows Server 2012 R2 Update to ensure that your computer can continue to receive future Windows Updates, including security updates. For a complete listing of the issues that are included in this update, see the associated Microsoft Knowledge Base article for more information. After you install this item, you may have to restart your computer.

But if you don’t know the status of your servers and you don’t use wsus but patching from Microsoft update and there is no SCCM in place. you need some other tool to audit your servers. Write a Powershell script DSC or use a tool from codeplex Enter the PowerShell Patch Audit/Installation GUI (PoshPAIG).

image

This is a little toolkit that can do this for you If you don’t have tools in place and you need fast results this is the best way.

The tool is self explaining So I don’t go in to detail the source is here: http://poshpaig.codeplex.com/

image

 

/Happy Patching

Windows Server 2012 R2 with SQL Server 2014 Cluster installation in less than 15 minutes #winserv #Rocks #movie

SQL Server 2014 now Generally Available Build your Cluster #sql

Robert Smit MVP Blog

Just for the fun I recorded a movie on the installation of Windows Server 2012 R2 . I thought just a quick recording and done but as it turns out it took longer than I expected, I made a typo in the script or clicked the wrong script or forgot to clean out my netbios name. then you gona build failsafe items in the scripts and they will be shown as errors because some items are already be set and can’t set twice.

The basic Idea was record a quick movie of an unattended installation of a SQL cluster in a few minutes is this possible yes it cab be done in les than 15 minutes. installation of the OS , Cluster with full Storage validation and a two node SQL cluster based on normal disk and a two node cluster based on CSV.

Eh in 15 minutes two full…

View original post 249 more words

A port on the virtual switch has the same MAC as one of the underlying team members on Team Nic Event ID 16945 #winserv

If you are using Windows Server 2012 R2 and configured NIC Teaming you could have this Event ID : 16945

This is showing up as a Warning in the event log.
What the event is saying is that you have a host vNIC (virtual NIC presented to the host that is connected to the Virtual Switch)
That has the same MAC address as one of the NIC (physical NIC) members of the NIC team.  
This shouldn’t cause an issue as long as the team member that has the same MAC as the vNIC remains in the team. If that team member is ever removed from the team and attempt standalone operation with that MAC then there could be duplicate MAC address on the network assuming the vNIC is also in operation.  

image

What is NIC Teaming?

A solution commonly employed to solve the network availability and performance challenges is NIC Teaming. NIC Teaming (aka NIC bonding, network adapter teaming, Load balancing and failover, etc.) is the ability to operate multiple NICs as a single interface from the perspective of the system. In Windows Server 2012, NIC Teaming provides two key capabilities:

  1. Protection against NIC failures by automatically moving the traffic to remaining operational members of the team, i.e., Failover, and
  2. Increased throughput by combining the bandwidth of the team members as though they were a single larger bandwidth interface, i.e., bandwidth aggregation.

My current Team

image

You can see a all the vNIC/pNIC and MAC addresses by doing a “get-netadapter | sort macaddress” in PowerShell. 
You should see one of your physical NIC and a virtual NIC called something like "vEthernet" and both will have the same MAC. 

get-netadapter | sort macaddress

image

But what If I change the MAC of the Team by looking at the properties of the team interface (in Network Connections, "Microsoft Network Adapter Multiplexor", then click the Configure button, then select the Advanced tab.
The 7th item in the list is MAC Address. You could configure a MAC there for the team.

image

image

The Team is has now the given MAC More about the MAC reservations

Hyper-V How To: Manage MAC Address Conflicts

http://blogs.technet.com/b/tonyso/archive/2009/09/17/hyper-v-how-to-manage-mac-address-conflicts.aspx

Windows Server 2012 NIC Teaming (LBFO) Deployment and Management

http://www.microsoft.com/en-us/download/details.aspx?id=30160

Capacity Planner for Hyper-V Replica #hyperv #winserv #scvmm

The Capacity Planner for Hyper-V Replica guides the IT administrator to design the server, storage and network infrastructure which is required to successfully deploy Hyper-V Replica.

Hyper-V administrators of Windows Server 2012 and Windows Server 2012 R2 can replicate their virtual machines from a primary server / cluster to a replica server / cluster for business continuity and disaster recovery purposes. The Capacity Planner for Hyper-V Replica provides server, storage and network provisioning guidance which would allow IT administrators to successfully plan for a Hyper-V Replica deployment

Get Hyper-V Replica Capacity Planner

The Setup is real easy and a comprehensive report is prepared that shows CPU, RAM, Disk and Network capacity needed to successfully support your specific configuration and environment.

image

First we choose a time to collect utilization metrics for the Vm’s to replicate. best way to test this is during work hours and 30 minutes or longer. 

image 

10 hyper-v server can be selected in one Run.

image image

If you use a Cluster use the Broker and not the Hyper-v FQDN.

image

And If a server is not enabled for replication you will see this error. and you can run this with or without Certificates.

imageimage

You can only pick VM’s that are not Replica Enabled and if the VM holds more Disk you can unselect the disk.

image 

After running this there will be a HTML report with all the metrics CPU,Memory,IOPS,Storage usage, network throughput.

This way you get insight information on what can I expect when using hyper-v replica

image

How many IOPS do I need and gives you the optimal setting

image

The Network info is great info What do I need and how many is consumed during the Replica.

And read the documentation there is a lot of useful info in this document and this will help you to understand the report.

Get Hyper-V Replica Capacity Planner

Separate VM in Hyper-V virtual machines using anti-affinity #winserv #hyperv #DRS

For some Virtual machines you don’t want to run them on the same hyper-v server in a cluster. sys you have a two node cluster and running two DC’s you don’t want to run the VM’s on the same hyper-v box.

With anti-affinity you can prevent this that both VM’s are running on the same box. But this is not the same as preferred owner.

With the preferred owner you prevent that the VM will failover to a other Hyper-v host. If the hyper-v host is failing so are all the VM’s on this host there will be no failover to an other Hyper-v host.

image

With the anti-affinity you create a “rule” that says he these two VM’s or cluster roles may never be seen on the same hyper-v host. unless there is no other way.

Anti-Affinity – For a given VM (technically any cluster Group) there is a cluster group property called AntiAffinityClassNames that allows you to configure the preference to attempt to keep that VM off the same node as other similar VMs. Let’s say for example you have two domain controllers running in VMs. It would probably be best to keep those running on different nodes if possible. When determining failover, the cluster service will deprioritize any node which is hosting a similar VM. If there is no other option (in the goal of making VMs available) it will place them on the same host. More information:

http://msdn.microsoft.com/en-us/library/aa369651(VS.85).aspx.

but there is no GUI option for this. PowerShell only and this need settings on all your hyper-v nodes in the cluster.

So get some listing of the classes

Get-ClusterGroup | get-member -name AntiAffinityClassNames

these are the objects “System.Object AntiAffinityClassNames {get;set;}”

If you need more info check this link : http://msdn.microsoft.com/en-us/library/system.collections.specialized.stringcollection.aspx

image

 

With a quick check we can see the current affinity settings

Get-ClusterGroup | Select AntiAffinityClassNames

image

Currently there are no rules in place.

Because I need to run this on all servers I create a nice step by step and easy to change Powershell script

I create several groups names  SQL,VM,DC,APP now I know what machines I can place in the groups.

So I create a small amount of variables

 

$SQLAntiAffinity = New-Object System.Collections.Specialized.StringCollection

$SQLAntiAffinity.Add("SQL Server Instance")

$DCAntiAffinity = New-Object System.Collections.Specialized.StringCollection

$DCAntiAffinity.Add("Domain Controllers")

$WEBAntiAffinity = New-Object System.Collections.Specialized.StringCollection

$WEBAntiAffinity.Add("WEB Servers")

$APPAntiAffinity = New-Object System.Collections.Specialized.StringCollection

$APPAntiAffinity.Add("Application Servers")

image

 

The last part is assign the VM to the group.

(Get-ClusterGroup –Name VMSQL01).AntiAffinityClassNames = $SQLAntiAffinity

(Get-ClusterGroup –Name VMSQL02).AntiAffinityClassNames = $SQLAntiAffinity

(Get-ClusterGroup –Name VMDC01).AntiAffinityClassNames = $DCAntiAffinity

(Get-ClusterGroup –Name VMDC02).AntiAffinityClassNames = $DCAntiAffinity

(Get-ClusterGroup –Name VMWEB01).AntiAffinityClassNames = $WEBAntiAffinity

(Get-ClusterGroup –Name VMWEB02).AntiAffinityClassNames = $WEBAntiAffinity

(Get-ClusterGroup –Name VMAPP01).AntiAffinityClassNames = $APPAntiAffinity

(Get-ClusterGroup –Name VMAPP02).AntiAffinityClassNames = $APPAntiAffinity

 

and You did know you can use the + = to add a VM to the group or Clear the group

(Get-ClusterGroup –Name NEWVM01).AntiAffinityClassNames += $SQLAntiAffinity

or clear the VM from all Groups

(Get-ClusterGroup –Name NEWVM01).AntiAffinityClassNames = “”

 

the rules are in place lets see if we can find them back

Get-ClusterGroup |Select-Object -Property name,AntiAffinityClassNames

image

(Get-ClusterGroup demo01).AntiAffinityClassNames

Now that the roles are in place We can see how It works. I paused a hyper-v node and As soon as I resume the node the anti-affinity rule kicks the VM Winking smile

image

Changing Quorum disk in Windows server 2012R2 No downtime #winserv #iscsi

If you want to change the Quorum disk in your cluster and you are afraid to get downtime or lost connectivity you don’t have to afraid. In windows server 2012R2 you can drive and change the tire.

In the failover cluster manager (FCM) right click the cluster and under more actions you can set the cluster quorum.

  Configure and Manage the Quorum in a Windows Server 2012 Failover Cluster

In the next screen you can do the default/select/advanced config.

I choose the advanced , This is a fresh Cluster and currently there is only one node.

image Configure and Manage the Quorum in a Windows Server 2012 Failover Cluster

But you can make a selection of the nodes that can vote, So if you have a node that is less important and or you don’t want to have the vote you can un select them.  And you can find this easily in the nodes assigned vote

image

http://technet.microsoft.com/library/dn265972.aspx#BKMK_Witness

image

This step you can create a fileserver witness or a disk witness. Remember when creating your cluster and all disk are presented to the cluster the smallest disk is auto assign to be the witness disk. unless there is only one disk then this disk is used as quorum even if this disk is several TB.

image I can choose between two disk and I select the 500MB disk after this the cluster is quorum ready.

imageimage

as you can see in the disks the Quorum is configured.

and yes all these steps can be don in PowerShell

Set-ClusterQuorum –Cluster Left01 -NodeAndDiskMajority "Cluster Disk 2"

but now for changing the quorum ? yes the same steps are needed

but in the disk selection there is already a disk selected and you can’t use two disks so flip the check box for the other disk and you are ready to go.

image

image

Set-ClusterQuorum –Cluster Left01 -NodeAndDiskMajority "Cluster Disk 3"

So now downtime no reboots and flip it back to disk 2 easy

Configure and Manage the Quorum in a Windows Server 2012 Failover Cluster