Start here

Where am I? HELP!

My colleague created a virtual machine for me in our datacentre a few weeks ago.  (Thanks Michael!)  Earlier this week I needed to create a second virtual machine to cluster with it, and I felt that the best way to maximize my resources completely would be to create another virtual machine identical to the first.  Okay, all I had to do was pop open the Settings window for the virtual machine and copy it.

We have 25 physical host servers in the lab environment in question, and no Virtual Machine Manager.  Crap.

I could, if I had to, connect to each host one by one looking for the virtual machine in question, but that would be a waste of time… not to mention that as a one-off solution it could work, but it is a bad habit to get into.  I needed a better solution.

If you ever find yourself in the position, here’s a tip: As long as you have the Integration Services installed, there is a registry key in the virtual machine that gives me my answer.  So open Regedit and navigate to:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Virtual Machine\Guest\Parameters

See? There it is, right there in black and white.  In fact, it’s there three times – under HostName, PhysicalHostName, and PhysicalHostNameFullyQualified.   I no longer need a map, I no longer need to go looking by hand.

But Mitch, isn’t there a way to do this in PowerShell?

I’m glad you asked.  Sure, here it is:

(Get-ItemProperty –path “HKLM:\SOFTWARE\Microsoft\Virtual Machine\Guest\Parameters”).PhysicalHostName

Of course, if you are a stickler about it, you can change the last bit to PhysicalHostNameFullyQualified, but that’s up to you.

Now that you know where you are… keep going!

Step by Step: Building a Scale-Out File Server (SoFS) on Windows Server 2012 R2

In several presentations since Windows Server 2012 was released I have heard Microsofties claim that SAN devices are a thing of the past.  I have a hard time getting on board with that, but have nonetheless told many an audience that if they are planning on throwing their SANs out because Microsoft said so then just let me know where they are doing it so I can come collect them.

That is not to say that Windows Server 2012 (and since 2012 R2) have not changed the storage game significantly.  I have lectured extensively on Storage Pools (also known as Storage Spaces), and Cluster Shared Volumes are huge.

However since the world is going virtual, perhaps the most important storage use right now is the storage of virtual machines… and if I may borrow the motto of the Olympic Games, the order of this era of computing is “Citius, Atius, Fortius…” or Faster, Higher, Stronger. The storage on which we trust our virtual machines must be faster than ever, with higher availability than ever, and more resilient than ever.  In short, we are trying to deliver perfection… just like an Olympian.

So how are we going to architect our Olympian storage solution for our virtual machines?

Scale-Out File Servers (SoFS).

SoFS is a redundant, Actove/Active clustered file server based on SMB (Server Message Block) 3.0.  You aren’t going to build an SoFS cluster for your normal file servers – there are plenty of great technologies available for that, ranging from DFS-R to Clustered File Servers.  Rather, SoFS is designed for high usage, always-open files, like virtual machines and SQL Servers.

Requirements:

If you are building this out in a lab you can get away with less, but in my experience you need a cluster that is separate from your Hyper-V cluster.  I also prefer building my SoFS on physical hardware rather than on virtual, but this is negotiable.

To get started you have to make sure you have storage that can be added to a Failover Cluster.  This can be done with Storage Pools, but I’ll do it with virtual disks.

Step 1: Build your Failover Cluster. I have already written about how to build a Failover Cluster.  Follow Steps 1 & 2 in this article and you will be good to go.  You can even go through the observational components of Step 3 that will verify quorum and things like that, but do not do the storage pars.

Step 2: Configure Storage.

This is the part that got me tripped up the first few times I tried to get it to work, and that was mostly because I didn’t RTFM.  However in my defense, a lot of what tripped me up initially was not spelled out to clearly in the reading material.

In order for disks to be added to the cluster, they must be shared by all of the nodes of the cluster.  If you are building a Software SAN on Windows Server 2012 R2 you can follow the instructions in this article.  Finding the SAN LUNs from Windows Server just requires the iSCSI Initiator.  Ensure that all nodes of your cluster are connected.

Incidentally having the shared storage may be enough to add it to your cluster, but in order to make this work the LUNs have to have a formatted partition on them.  This was one of the gotchas I discovered along the way.

**VERY IMPORTANT NOTE:  If your storage is ready to go when you create the cluster then you are fine, but remember that any time you make changes to your cluster you need to re-run the Validation Tests.  As long as these tests are run and come back as ‘Suitable for Clustering’ then you are fine, but if they do not then Microsoft will not support you in your time of need.

So in Failover Cluster Manager if you expand <Cluster Name> – Storage – Disks you should see in the main window a list of all of your drives.

SoFS-1

In this screenshot we see that the disk we want to use (Cluster Disk 5) is assigned to Available Storage.  That is the disk we are going to use.  Right-click on it, and click Add to Cluster Shared Volumes.

A Note about Cluster Shared Volumes (CSVs)

A Cluster Shared Volume is a pointer.  It takes my LUN and puts it on my C Drive… okay, not really.  However if I want to access my LUN from my server, I could refer to it as iqn.1991-05.com.microsoft:FS-fc-03-target-01-target:T0:L3, or I can assign it a drive letter.

The problem with assigning it a drive letter is that in a failover cluster there are multiple nodes that need to access the same LUN, and since drive letters are assigned by the server and not by the cluster, in order to ensure proper functionality I would have to ensure that each LUN had the same drive letter across all nodes in my cluster… which is simple, as long as the storage configuration (including hard drives & partitions, RAID arrays, CD/DVDs, and yes even USB keys) across all nodes in the cluster are identical.  If not, then it’s a hassle.

What CSVs do for me is takes the hassle out, and assigns a pointer to each LUN on my C drive… under c:\Cluster Storage\ each CSV will have its own directory, which is really a portal to my LUN.  So the one we created in the previous step is called c:\Cluster Storage\Volume 2.

SoFS-2

**IMPORTANT NOTE: While it may work, do not use your CSVs for anything other than Hyper-V and Failover Clusters.  It will bite you eventually, and hard.

So now that I have my storage in place, let’s go ahead and build our Scale-Out File Server.

Step 3: Creating the Scale-Out File Server

SoFS is clustered role.

1. In the Navigation Pane of Failover Cluster Manager right-click Roles and click Configure Role…

2. In the Before You Begin page read the notes and click Next.

3. In the Select Role page select File Server and click Next.

4. In the File Server Type page click the radio Scale-Out File Server for application data and click Next.  Note the warnings that SoFS does not support the NFS Protocol, DFS Replicastion, or File Server Resource Manager.

5. In the Client Access Point page type a name for your SoFS and click Next.  Note that the name must be NetBIOS compliant.

6. On the Confirmation page ensure your information is correct and click Next

When you are done click Close and then navigate to Roles.  You should see your role all ready.

SoFS-4

Step 4: Creating a File Share

This is where all of the steps we went through before are important… you can only create a File Share for your SoFS on high availability storage.

1. Right-click on your SoFS role and click Add File Share. (If you get an error see this article, wait, then try again in a few minutes.

2. In the Select the profile for this share window select SMB Share – Applications and click Next.

3. In the Select the server and path for this share window select the your SoFS by name under the list of servers.  Ensure the radio Select by volume is selected.  Select the disk you want to create it on, and then click Next.

**NOTE: Notice that the volumes available are actually your CSVs, and that the File System listed is CSVFS.

4. In the Specify share name window type the name of your share, along with any notes you wish.  Note that the remote path to the share will be \\SoFSName\ShareName.  Click Next.

5. In the Configure Share settings window notice that several options are greyed out, including the Enable continuous availability option, which is forced.  Your only choice here is whether to Encrypt data access, which you can do for security.  Click Next.

6. In the Specify permissions to control access window you can modify the permissions, but remember that it is the Hyper-V hosts that will need access.  Click Next.

7. On the Confirm selections page ensure your settings are correct, then click Create.

SoFS-3

8. On the View results page ensure all steps are marked Completed, then click Close.

We’re done… Your Scale-Out File Server is ready to go.  All you have to do is start migrating your VMs from where they were to (in this case) \\ServerName\PDisks. You can click on your role, and at the bottom of the screen select the Shares tab, and there it is… or in the case of this system, there they are, because yes, you can have multiple file shares on a single SoFS role.

Caveat Admin

Microsoft and Hyper-V, along with a lot of guidance from people like the author, have made virtualization available to anyone.  With Failover Clusters they have made high availability easier than ever.  However Icarus please remember that the solid foundation on which these tools are built depend on the integrity of your waxen wings; just because you are able to create something does not mean you have the knowledge of how to maintain it.  If you don’t believe me, go ask any single mother with a dead-beat absent father.  The fact that Windows Server 2012R2 makes these tasks so easy to do does not change the fact that this is still 400 level stuff, and proper education and certifications are always recommended before you bite off more than you can chew.  All of the resources you need are available, you just have to look for them.  Start at http://www.microsoftvirtualacademy.com, and go from there.

Help! Where is my Client Access Point?

So you are building a Scale Out File Server (SoFS).  You are all happy because you read one of my articles (or POSSIBLY someone else’s… but really, why would you hurt me like that?) and you know you are good to go.  You have your cluster, you have your drives, and you have created your SoFS role.  Now all that’s left to do is to add a file share to the role.

2015-04-13_15-26-35

Huh?  What did you do wrong?

Relax… you didn’t do anything wrong.  When you create the SoFS role in Failover Cluster Manager, it will take some time to propagate the namespace throughout Active Directory.  How long? UCA.  However depending on how large your network topology is, it can take a little time.  Just go for lunch, a smoke, maybe get out and stretch your legs, go for a jog… when you come back you should be ready to go!

Stream-lining: A review of my new companion device.

I have always had a deal with the companies that have supported me over the years: If you give me a product to test and I like it, I will write about it. If I don’t like it, I will not write about it. That is why there are so few negative reviews on my site. It has always been a workable arrangement that has allowed me to showcase positive technologies for them. There are plenty of sites out there who are all too happy to write the negatives.

I say this because three years ago my friends at HP gave me a device that I did not like. To date I think it is the only HP device that they have given me that I did not like, and I never wrote about it. It was a tablet device that I think was still running Windows 7. It was just not my cup of tea.

So when my friends at the Microsoft Store showed me a new 7” HP tablet a few weeks ago I was hesitant. I know, it runs Windows 8.1, and only weighs a little less than a pound… but would I really use it? I mean, I have a Surface Pro 3 as my corporate device, and another Surface Pro 3 for my personal stuff, and between the two of them I am more than covered. I was afraid the ship had likely sailed on my becoming enamoured with HP tablets.

Enter my son.

No, not Aaron. My 17 year old has a Surface RT as a companion device to his HP EliteBook laptop. He treats them both with the respect that his mother and I have taught him.

Gilad, on the other hand, is an entirely different story. Our 5 year old is a rambunctious little guy, and it is not hard to see that he is his father’s son. For those of you who know me when I was much younger, that is a very scary thought. He has the temper and the attitude and the tantrums and the lack of control that he comes by honestly. Only when I was of that age, home computers did not get dropped… because they had not been invented yet, and when they did come around they were expensive and heavy and cumbersome. In this day and age where almost all computers are portable and tablet computers weigh a pound, it is easy to forget that they break. Add to that games which require the player to hold the tablet up to steer, and the dangers are real.

“Mitch, Gilad dropped the Surface one too many times last week, and the screen broke and it is now unusable.”

The fact that it took as long as it did for me to hear that was a bit surprising, but that is that call I got last week. My mind immediately went to the $99 HP Stream 7 that my friend showed me, and I promised Theresa that I would pick one up for her, and that is what I did on Wednesday. I spent the extra money on the screen protector and case/stand, and it cost me, all told, $150.

Stream 7

Over the next few days I gave it a lot of thought… I commute into Toronto 4 days a week, spending nearly an hour on the train each way. What I have been doing is downloading my TV shows onto my personal Surface Pro, and I would watch them on the train. It is a great solution, but it also means I am carrying a $1500 tablet around. Yes, it has the Complete Care warranty in case I drop it, but what if it gets stolen? I decided that for what I do on the train, I was going to take the plunge.

I picked up the HP Stream 7 on Monday. I got the same package as I had bought for Theresa, except in lieu of her light blue cover I opted for the black. I was ambivalent because it only had 32gb of storage, 1gb of RAM, and an ATOM processor… but even with that it runs the full Windows (not Windows RT), and for what I need it for, that should really be enough. In fact, it might be considered overkill J

Two Ports, Three Buttons.

Stream 7 CornerI believe in the KISS principle… but I cannot think of any device I have ever owned that had less to it: a micro-USB port (which, from what I can tell, is only meant to charge the device) and a headset port (which was not a deal breaker, since otherwise I would have bought Bluetooth headphones); it has a power button, an up-volume and a down-volume button… and that’s it. I did not think it possible to have a fully functional device with less buttons than my iPhone, but there is was. Okay, I suppose the Windows logo could be considered a button, so it is actually tied with the iPhone. No matter, it works.

The first problem I encountered was file transmission speed… traditionally I download my TV shows on my Surface Pro (the personal one, in case anyone at Rakuten is reading this). For the first few days I would then transfer them to the HP. Unfortunately transferring a low-res one-hour TV show over wifi seemed to take a long time… 8 minutes. Wow, there has to be a better way…

…and there it was! In a very under-promoted feat of innovation, if you pop the back cover off the device with your fingernail, there is a Micro-SD card slot! Woohoo! Increased storage, here I come!

Stream 7 BackThen it occurred to me… why take all of these extra (and probably unnecessary) steps? I will now just download my shows onto the tablet, and skip the middle-man (not to mention free up my SP3 for more important duties).

I went looking for other problems… but so far I haven’t found any. There’s no external display port. Who cares, it’s a companion device! It doesn’t have a USB port. Who cares, it’s a companion device! There’s no stylus, and if you want to attach a mouse or keyboard you have to do it over Bluetooth. Who the heck cares, it’s a companion device!

So let’s review… For $99 (plus the cost of the screen protector and case) I picked up a tablet with 32gb of storage that is expandable to 160gb, has a gigabyte of RAM, runs all of my applications that I need, has front and rear-facing cameras, and fits in my back pocket, lets me watch movies and listen to music on the go, and Oh, by the way, for the price also comes with a year subscription to Microsoft Office 365, AND came with a $25 voucher for the Windows Store. Add to that the Bitlocker encryption on the hard drive, and a 5-point touch screen, and this device that actually does fit into my back pocket is a better computer than my first laptop… and probably my second and third one now that I think of it…

I should mention that it is now the only device I have that runs the 32-bit version of Windows. Who cares, it’s a companion device! I keep saying that because really, it does everything I need. I wouldn’t replace my primary systems with it, and I wouldn’t dream of trying to run Photoshop on it. But for years I have talked about The Best Tool for the Job, and for what I will be using it for, the HP Stream 7 really does seem to be that.

Of course, it does run Windows, so I will be adding it to my Windows Intune account for anti-malware and management. Intune has never led me astray, so the fact that it is able to manage my tablet without mucking about with APNS Certificates made my life easier.

Earlier this week I was sitting in the lunch room on my break, watching a movie. Someone came up and asked me about the device, and of course I showed him my new toy. He then asked me ‘So why did you pick this and not an iPad?’ I had a few answers for him… yes, I used to be a Microsoftie, and yes, I am a big fan of Windows 8.1, and of course I know the OS much better than I know iOS… but the bottom line is that the least expensive iPad costs about $300; that is not unreasonable, but it is also not an impulse purchase. At $99 the HP Stream 7 was exactly that; I was at the Microsoft Store for another reason, I looked at it, and I decided to buy it. I had not walked in with the intention of walking out with one, but there it was. It costs one third what the iPad would cost me, and the only thing that I know of that it does not do is Facetime. Fortunately the entire world also has Skype, so I won’t really suffer.

Let me be clear: This is not simply a rewired and rebranded HP Slate 2. This is a spectacular and fully functional device that is not trying to be all things to all people, but instead does what it is meant to do really well.

Overall, it gets a huge thumbs up from this user… and unlike many of the devices I have discussed in the past I paid full boat for this. Nonetheless, thanks HP!

My New Word…?

I was driving with a friend over the week-end, and describing the behaviour of someone with whom I recently cut all ties.  Part of the reason I did is because she is a master manipulator.  “She is a Manipulatrix.”

Brad said he loved that word, even though he had never heard it before.  I admit, I hadn’t either… we thought that I had coined a new word.

When I looked it up on-line before claiming the credit for it, unfortunately there was not only a definition on Urban Dictionary- Manipulatrix, there is even a site www.manipulatrix.com (which claims on the first screen to be “NOT FOR THE MEEK!”  So obviously, there is, within the world of alternative sexual lifestyles, previous uses and claims to the word.

With that being said, there is nothing sexual or alternative to the family member to whom I was referring, so I am coining the term thusly:

Manipulatrix: A woman who will manipulate every situation to her advantage, often using detrimental or derogatory actions to belittle the target of her manipulation.

A woman who, using her own wiles, causes others to do her bidding and/or to change situations to her favour.

Let me be clear, before anyone gets any silly ideas: I am not referring to any woman to whom I have dated or been married.  While my marriage to Theresa has ended, we are on very good terms, and I do not consider her in any negative terms.  My first wife may have been a lot of things, but she was not a manipulatrix.

Let’s Spread the Action Around… With NLB! (Part 1)

**AUTHOR’S NOTE: I have written hundreds of articles on this blog over the past decade.  Until recently I spent a lot of time taking screen shots of GUI consoles for my how-to articles.  For the time being, as I try to force myself into the habit, I will be using Windows PowerShell as much as possible, and thus will not be taking screen shots, but instead giving you the cmdlets that I use.  I hope this helps you as much as it is helping me! –MDG

I have written at length about Failover Clusters for Active-Passive services.  Let’s move away from that for a moment to discuss Network Load Balancing (NLB) – the tool that we can use to create Active-Active clusters for web sites (and other static-information services).

While NLB does, after a fact, cluster services, it is not a failover service… and is in fact a completely different service.  For my use case, it is usually installed on a server running IIS.  Start by installing it:

PS C:\> Install-WindowsFeature NLB –ComputerName Server1

Of course, having a single server NLB cluster is like juggling one ball… not very impressive at all.  So we are going to perform the same function for at least a couple of hosts…

PS C:\> Install-WindowsFeature NLB –ComputerName Server1,Server2,Server3

By the way, notice that I am referring to the servers as hosts, and not nodes.  Even the terminology is different from Failover Clusters.  This is going to get confusing at a certain point, because some of the PowerShell cmdlets and switches will refer to nodes.

Now that the feature is installed on all of our servers, we are almost ready to create our NLB Cluster.  Before we do, we have to determine the following:

  • Ethernet Adapter name
  • Static IP Address to be assigned to the Cluster

You are on your own for the IP address… it is up to you to pick one and to make sure it doesn’t conflict with another server or DHCP Server.

However with regard to the Ethernet Adapter name, there’s a cmdlet for that:

PS C:\> Invoke-Command –ComputerName Server1 –ScriptBlock {Get-NlbClusterNodeNetworkInterface}

Notice that I am only doing this, for the time being, against one server.  That is because I am going to create the cluster on a single server, then add my hosts to it afterward.

So now that we have the information we need, let’s go ahead and create an NLB Cluster named WebCluster, on Server1, with the Interface named Ethernet 2, and with an IP Address of 172.16.10.199:

PS C:\> New-NlbCluster –HostName Server1 –InterfaceName “Ethernet 2” –ClusterName WebCluster –ClusterPrimaryIP 172.16.10.199 –OperationMode Multicast

It will only take a minute, and you will get a response table listing the name, IP Address, Subnet Mask, and Mode of your cluster.

Now that we’ve done that, we can add another host to the NLB Cluster.  We’ll start by checking the NIC name on the second server, then we will add that server to the NLB Cluster:

PS C:\> Invoke-Command –ComputerName Server2 –ScriptBlock {Get-NlbClusterNodeNetworkInterface}

PS C:\> Get-NlbCluster –HostName Server1 | Add-NlbClusterNode –NewNodeName Server2 –NewNodeInterface “Ethernet”

Notice that in the first part of the script we are getting the NLB Cluster Name from the Host Name, and not the Cluster Name.

This part may take a few minutes… Don’t worry, it will work.  When it is done you will get a response table listing the name, State, and Interface name of the second host.

You can repeat this across as many hosts as you like… For the sake of this series, I will stick to two.

In the next article of the series, we will figure out how to publish our web sites to the NLB Cluster.

Help! My Servers Aren’t Being Monitored!

SNAGHTML6643d4fThis isn’t right… I have System Center Operations Manager monitoring all of my servers for me, but this morning I noticed that several of my servers are in a warning state, but they are greyed out (which implies that they aren’t reporting in properly).  What do I do?

This is not uncommon, especially in smaller organizations where you may have a single IT Professional running everything.  While it is not a good practice, some IT Pros will use their own credentials (which are obviously going to be Domain or Enterprise Admin accounts) to make things work.  Here’s the problem… you set up your credentials in System Center Operations Manager as a Run As account… and then at some later date you changed your password.

It is never a good idea to use an individual’s credentials as a Run As account.  It is also never a good idea to provide Domain Admin credentials to a program, but that is another issue that I will tackle later on.  What you should do, when configuring System Center Operations Manager, is create action (or Service) accounts in Active Directory.  Use ridiculously long and impossible to guess passwords (Jean MacDonald Kennedy was the 23rd Queen of Tahiti) and change them on a less frequent basis… say, when you change the batteries in your smoke detectors.

So now we have a bunch of computers that are being monitored… oh wait, no they aren’t.  They only look like they are being monitored.  We’d better fix that, and pronto!

We have to figure out what servers this account applies to.  We cannot simply delete the RunAs account, because it is going to be associated with a profile.  So let’s start by figuring out what profile that is.

1) In the Administration workspace navigate to Run As Configuration – Accounts and locate the errant account in the list of action accounts.  Right-click on it, and click Properties.

2) In the Properties window click on Where is this credential used?For the sake of this article, the only profile listed is Default Action Account.  Close Account Usage and Run As Account Properties.

3) Navigate to Run As Configuration – Accounts and locate the profile.  Right-click on it and click Properties.

4) In the Run As Profile Wizard navigate to Run As Accounts.

5) In the list of Run As accounts find all instances where the user account is listed.

image

6) One by one, click Edit… In the Add a Run As Account window change the account to your Service Account.  Click OK.

SNAGHTML6821e2c 

7) When you have done this for all instances (remember, you may need to scroll down) click Save.

** IMPORTANT NOTE: If you get error messages preventing you from saving the profile, you can either break your back trying to troubleshoot the SQL errors… or if there aren’t too many systems using the offending account, you can delete those servers from SCOM, and when you have resolved the issue, go back and re-discover them.

Once this is done, you can now delete the Run As account:

8) Navigate to Run As Configuration – Accounts

9) Right-click on the offending account and click Delete. (Accept any warning).

That should do it!  Go forth and manage, and remember… an unmanaged server can work great and save you all sorts of time… until it stops working and you have no idea why, or even that it did stop working.

DONATE

%d bloggers like this: