3

Let me explain my question a bit.

We are a small company that has now made the first move to a bigger network. For now, the network contains 5 servers on Windows Server 2008 R2 (dc,sql,web,etc..).

Everything we need is now in place, but for now we cannot afford to finish the network by implementing redundant systems. (secondary dc, dns, sql cluster, etc...) For some people this is hard to understand, but this is the current situation. (and we are aware and will fix this when we can)

Because we want to keep our system secure and up to date I've made sure that all systems are updated regularly. The problem is, of course, that the number of updates Microsoft rolls out that need a system reboot seem to occur more often. (maybe I'm wrong and it just feels like this) ;-)

In our domain servers depend on each other for services (like SQL, WEB, or whatever) so just rebooting a server at will is NOT a good idea!

For now I update all of them without rebooting at first. After all are up to date I bring them down in the order they are dependant on each other. After this I reboot all of them in the inverse order.

I understand, of course, that if I DID have redundancy in my system that updating and rebooting would not be such a problem because the server task could be taken over by another node but this is something we generally need to add when we can.

So my question is. If you read my above situation can you suggest more Update strategies or general ideas that could help me do this process in a better / faster way?

Thanks for your thoughts!

HopelessN00b
  • 53,795
  • 33
  • 135
  • 209
Joost Verdaasdonk
  • 481
  • 1
  • 10
  • 24

2 Answers2

1

For a small network this is really the only choice you have. We used to have our admin take a night each week dedicated to installing updates and rebooting servers. Your biggest SPOF (single point of failure) will always be a single domain controller. Without your DC nothing works so when you can upgrade... get another DC.

If you virtualized make sure you have a physical secondary DC as well.

As for SQL and your Web server, again it is what it is until you can move to a SQL cluster (very $$$) and a small web farm. You can setup a web farm with two servers pretty easily using the built in Network Load Balancer (NLB) and the IIS Web Farm Framework.

Other than that you're doing things right, growing is tough, trust me!

Brent Pabst
  • 6,069
  • 2
  • 24
  • 36
  • Hi Brent, thanks good to hear that I'm not following an abnormal path... your answer is motivational! Your description of how the admin does it looks pretty much what my Saturday night looks like. ;-) And yes the physical DC is the first thing we are going to by to get redundancy there and also in DNS. (we are 100% virtual now which is no good without physical dc) The good news is that it will come soon. So again thanks and I'll mark the answer and hopefully others have insides too. Have a good day! – Joost Verdaasdonk Jul 11 '12 at 14:19
  • If you're running virtual you should def. look into HA clustering on your physical hyper-v hosts (I'm assuming you're using Hyper-V) this will prevent a lot of downtime and allow you to easily build out a scalable platform for your SQL and Web boxes. Btw, if you run Hyper-V enterprise you get to use 4 enterprise windows licenses as guest OSes. So if you have two enterprise licenses for your Hyper-V cluster you really can run 8 VMs on top of it. – Brent Pabst Jul 11 '12 at 14:22
  • SQL Server cluster is not good enough - you need basicalyl a SQL Server mirror, and the costs for that should be neglegible for you running Hyper-V. THe second node is passive, so no cost, and the third node can be express, no cost again. – TomTom Jul 11 '12 at 14:29
  • Brent thanks but unfortunately I could not choose Hyper V its VmWare ESX. (I would love to have hyper V... because everything else is windows.... but sometimes you don't get what you want) :) – Joost Verdaasdonk Jul 11 '12 at 14:30
  • @JoostVerdaasdonk No problem. Just trying to save you... oh about $5,000 – Brent Pabst Jul 11 '12 at 14:40
  • @BrentPabst hahaha I know but like I said sometimes you don't have a choice. ;-) this is one of those times. And don't get me wrong I'm very happy with the answers of you and Tom you guys ROCK! – Joost Verdaasdonk Jul 11 '12 at 14:50
1

for now we cannot afford to finish the network by implementing redundant systems. (secondary dc, dns, sql cluster, etc...) For some people this is hard to understand

Yes, it is very hard to understand. Because you run 5 servers. My company network has 2 servers and EVERYTHING CRITICAL IS REDUNDANT. How comes you can not do tat wit h2?

Here is a tip:

DC, DNS can be the same physical machine, use Hyper-V to isolate some secondary stuff.

In our domain servers depend on each other for services (like SQL, WEB, or whatever) so just rebooting a server at will is NOT a good idea!

Bad configuration? Just do not reboot both DC at the same time and you are fine.

If you read my above situation can you suggest me more Update strategies or general ideas that could help me do this process in a better / faster way?

No, because with so little redundancy you must make sure systems properly come back up.

What you CAN do is isolate critcial systems and secondary systesm. Web, SQL are secondary - DC are critical (no dv up = everything stands).

Have critical systems manually rebooted, secondary ones to a specific convenient time. Make sure someone is there to watch at that time. We plan in a mainteannce window every month, mostly because for most of our systems "a second off" is a desaster during normal operations.

TomTom
  • 51,649
  • 7
  • 54
  • 136
  • Hi Tom, Thanks for your answer. I knew somebody would not understand :) DNS and DC are on the same machine (and these are the first one we are going to make redundant when we can) Why you would say bad configuration is beyond me? :) Our domain hosts a SaaS application that depends on SQL/WEB/Exchange so having those on separate boxes is a very good idea! And no just rebooting one as long as your dc is up is also not a good idea. But I'm very happy with your answer because it confirms the above answer of Brent that I have to get redundant as fast as we can afford and for now I have continue. – Joost Verdaasdonk Jul 11 '12 at 14:26