1

I'm planning on implementing a Hyper-V 2012 cluster, in a host cluster configuration.

Should the host machines be in a domain? If so, should that DC machine be a part of the cluster, or a seperate machine? Should the hosts be in the same domain as the guest VMs?

Marcel
  • 244
  • 1
  • 8
  • 19

2 Answers2

2

The answer of whether to put the machines in a domain or not highly depends on your needs. I will tell you that the management of the machines will likely be a lot easier for you if you integrate them into Active Directory - for the same reasons why integration into Active Directory makes centralized management of everything better over just a collection of workgroup computers.

If you do go with a domain, I cannot really recommend anything except two separate physical (but modest) machines as redundant domain controllers. The domain controllers are not in a cluster, and I definitely do not recommend that they be the same machines as the Hyper-V hosts. Domain controllers should only be domain controllers.

"Should the hosts be in the same domain as the guest VMs?"

Again, that depends. A domain is a management boundary. Are these VMs owned and managed by the same people that own and manage the domain? Maybe you run a managed hosting business and these are customer VMs, in which case you would not want them to be a part of your domain. It depends.

Ryan Ries
  • 55,481
  • 10
  • 142
  • 199
  • That makes sense... if using two physical machines, would you add them to the cluster that the Hyper-V hosts are in? – Marcel Nov 13 '12 at 13:40
  • Huh? No the domain controllers won't be in any cluster. – Ryan Ries Nov 13 '12 at 13:41
  • How would they failover in that case? Is having a PDC and an SDC the only setup required to have them automatically fail over? – Marcel Nov 13 '12 at 13:46
  • Active Directory's distributed nature operates without the need for Network Load Balancing or Clustering. Your DCs communicate among themselves. If one of the two dies, the only manual intervention you need to take is seizing FSMO roles if the one that died held them when it died. Then rebuild the one that died. – Ryan Ries Nov 13 '12 at 13:51
0

Maybe it's changed in 2012 and I haven't run across the announcement, but in all previous versions of Server clusters must be part of a domain.

Server 2012 doesn't require DCs to start like previous versions, but it's still not recommended to have all your DCs in VMs (at least one should be physical, preferably two, per site). I've seen quite a few where they have one physical and one or two VM DCs. Your Hyper-V hosts should only have that one role installed, I highly recommend using Hyper-V Server (not the Hyper-V Role in Server, a separate product) as it helps to keep your configuration clean and has all the capabilities of Enterprise Server with the Hyper-V Role in regards to hosting VMs.

In very large installs, it's common to use a resource domain to hold resources, and user domains for users, service accounts, and the like. I would guess you have a smaller installation, and you'll probably want everything in the same domain for simplicity. Remember that each domain requires a new set of DCs (you should always have at least two DCs per domain per "normal" site; small/satellite sites typically have one DC or a RODC).

Also, there's no such thing as a PDC or BDC (never was anything called a SDC) in Active Director (PDC and BDC refer to Windows NT 4.0 and before, that's 1996, 16 years ago...). Active Directory is completely distributed, non-master. There are the FSMO roles, but they're not what you're thinking of. You may want to pickup a book on AD Administration, I'm trying not to be offensive, but it's clear you have a very limited and antiquated understanding of Windows Domains.

Chris S
  • 77,945
  • 11
  • 124
  • 216
  • It has changed in HyperV 2012. "Shared nothing live migration," which is sexy. Cluster membership still requires domain membership is true, but some of the new features of 2012 can emulate some of the benefits of clustering. – Ryan Ries Nov 13 '12 at 14:28
  • Haha, I know, I suffer from that syndrome badly on this website... I feel the urge to answer quickly without thinking it through because if I'm not quick one of you guys scoops in and answers first. >_ – Ryan Ries Nov 13 '12 at 14:38
  • Yeah, we do the same thing... Especially posting the very top of an Answer, then revising it into a whole answer. Something akin to "First Post!" – Chris S Nov 13 '12 at 14:40
  • No offence taken... I do have a very generalized, albeit limited, understanding of domains; hence my question. – Marcel Nov 14 '12 at 09:36