KulenDayz 2014 conference will take place in Osijek and small village Bilje from 5th to 7th September 2014. I will have a session about Microsoft SQL Server in Azure Virtual Machine. You will hear some details on how to configure it for achieving maximum performance. Registration for conference is open today, hope to see some of you there.
Until recently I was not involved much with cloud computing, although I’ve been experimenting with some of the cloud technologies for quite some time. This was mainly due to type of customers I work for and specific demands presented to IT infrastructure I deal with. Anyway, I’ve just started to explore different scenarios and I came across a strange problem when I tried to deploy my DC and some Windows failover clusters in Azure using IaaS. I won’t tell you how to deploy above mentioned scenario (there is a lot of official Microsoft documentation out there), but rather what was and how I solved the problem. Here I must say thank you to my colleagues Marin Franković and Tomica Kaniški who actually told me how they configured Virtual Network – that was the solution.
For any Windows Server Active Directory deployment scenario that includes more than a single VM, it is necessary to use an Azure virtual network – you must create virtual network and place the servers in it. I created Virtual Network, then my first VM, promoted it to DC and then I configured DNS for my virtual network. In Azure all VMs are assigned dynamic IP addresses – in your virtual network from the address space you defined when creating network. First available address in any subnet is always x.x.x.4 and this is the IP of your just installed DC. Since that DC is also a DNS for your domain you must configure it as DNS for your virtual network.
If you configure DNS for your virtual network after you installed your DC it won’t work. At least it didn’t for me. I couldn’t add any later created VMs to domain, they couldn’t access internet, couldn’t activate Windows and so on. Of course they were all in the same virtual network. I tried several times from scratch – no luck. The solution is to configure DNS (IP x.x.x.4) just after you created the virtual network and then install all the VMs you have to. It doesn’t seem logical to configure DNS before you actually have it in place, but it was the only way I could make it work. Go to virtual networks in your Azure portal and configure DNS as described. You can give it any name you like – I prefer FQDN of my DC/DNS.
Please remember that you must ensure that the same IP address is assign to your DC every time it reboots. It can only be configured by using Azure PowerShell – see Configure a Static Internal IP Address (DIP) for a VM. I recommend that you do that for every server you have. If you shut down DC for what ever reason and start some other VM, without static IP, before that DC it will be assign first available IP – your DC IP. This is something you don’t want to happen.
I had a session on the last Microsoft Windays 14 conference about Scale-Out File Server. For all those of you who were unable to attend conference I’ll give the same presentation at IT Pro user group.Community meeting is at 8th of May 2014 at 17:30h.
Recently I deployed several SQL Server 2012 failover clusters on top of Windows Server 2012. Not a big news, except they were deployed on Windows Server 2003 domain. If someone is wondering – this is officially supported scenario. Setup of both, Windows and SQL Server clusters, finished without any errors. For a while everything was looking good and then I noticed some errors on some of the clusters. I noticed three type of errors in Windows Eventlog:
Event ID: 4
The kerberos client received a KRB_AP_ERR_MODIFIED error from the server <cluster-file-server$>. The target name used was cifs/cluster-file-server.domain.com.
This indicates that the password used to encrypt the kerberos service ticket is different than that on the target server.
Event ID: 1228
Cluster network name resource ‘Cluster Name’ encountered an error enabling the network name on this node. The reason for the failure was: ‘Unable to obtain a logon token’. The error code was ‘1326’. You may take the network name resource offline and online again to retry.
Event ID: 1196
Cluster network name resource ‘Cluster Name’ failed registration of one or more associated DNS name(s) for the following reason: The handle is invalid. Ensure that the network adapters associated with dependent IP address resources are configured with at least one accessible DNS server.
I also noticed that sometimes I couldn’t access some shared folders using cluster’s Client Access Point name, but only from Windows Server 2003 machines. Messages in Eventlog were somewhat misleading; I checked DNS, delegation in AD objects, CNOs etc., but I couldn’t find the reason. Cluster log did’t help either. After searching the web I came across the MS knowledge base article Can’t access a resource that is hosted on a Windows Server 2012-based failover cluster. Solution is to install at least mentioned Hotfix, but if it is a new cluster I recommend installing the update rollup. Please make sure that after installing Hotfix you follow Post-installation instructions for clusters already experiencing problems.