Udostępnij za pośrednictwem


Deploying a Windows Server 2012 R2 Scale-Out File Server Cluster using Azure VMs

0) Overview

In this document, I am sharing the steps I used to create a Windows Server 2012 R2 Scale-Out File Server Cluster environment using only Azure VMs, for demo, test or development purposes.

This includes a few important tips and tricks to install Active Directory and Windows Server Failover Clustering in an Azure VM environment which are not well known.

 

Following these steps will probably requires a reasonable amount of work, but it is a great way to experiment with a large set of Microsoft technologies in or related to Windows Server 2012 R2, including:

  • Azure VMs
  • Azure Virtual Networks
  • Domain Name Services (DNS)
  • Active Directory Domain Services (AD-DS)
  • Failover Clustering
  • Scale-Out File Servers
  • PowerShell

 

You will need the following to perform the steps described here:

  • Any computer with access to the internet that can connect to Azure
  • An active Azure subscription (you can get a free trial from https://azure.com)
  • No server hardware is required. No download of Windows Server 2012 R2 is required.

 

Notes and disclaimers:

  • A certain familiarity with Windows administration and configuration is assumed.
  • Very little knowledge of Azure is assumed. If you’re already familiar with it, sorry for boring you with all the details.
  • If you are asked a question or required to perform an action that you do not see described in these steps, go with the default option.
  • There are usually several ways to perform a specific configuration or administration task. What I describe here is one of those many ways. It's not necessarily the best way, just the one I personally like best at the moment.
  • Throughout these instructions, I’ll prefix all items with “JOSE-324”. For your specific setup, choose your own unique prefix to avoid naming conflicts with other users in the Azure cloud.
  • The iSCSI Target Server configuration shown here is not highly available. For this reason, this setup should only be used for demo, test or development purposes.
  • IMPORTANT NOTE: Due to the item above this should *not* be used for Production environments.

 

1) Get to the portal

Browse to https://azure.com, then click on “portal” in the top bar.

Sign in with your Microsoft account to view the Azure Portal.

 

2) Create an Azure Virtual Network

Click on the “Virtual Networks” icon (shown above).

clip_image002

Click on the “Create a Virtual Network” link.

clip_image003

Enter the name for the virtual network, the region closest to you and an affinity group name for the new virtual network. Click on the right arrow on the bottom right to continue.

Leave everything blank on the “DNS Servers and VPN Connectivity” page. Click on the right arrow to continue.

Accept the default 10.0.0.0/8 address space and configure a subnet for 10.1.1.0/24. Click on the Check icon to finish creating the virtual network. Then wait until the virtual network is created (this will take a moment).

Review the configuration of the virtual network.

 

3) Create an Azure Storage Account

Click on the “Storage” icon (shown above).

Click on the “Create a Storage Account” link.

clip_image008

Enter the name for the storage account (URL), the affinity group (same you used on the virtual network) and click on “Create Storage Account”. Wait for the storage account to be created (this will take a moment).

clip_image009

Review the configuration of the storage account.

 

4) Create an Azure Virtual Machine for the domain controller

Click on the “Virtual Machines” icon (shown above).

clip_image011

Click on the “Create a Virtual Machine” link.

Instead of using the “Quick Create” option, click on the “From Gallery” option to bring in the full wizard.

On the “Choose an Image” page, click on “Windows Server 2012 R2 Datacenter”. Click on the right arrow on the bottom right to continue.

clip_image014

Use the latest release date, enter a virtual machine name for your domain controller, select the small size, enter a user name and type in a password twice. Click on the right arrow on the bottom right to continue.

On this page, keep the default to “create a new cloud service”, keep the cloud service DNS name the same as the virtual machine name, select the virtual name we created previously, select the subnet that we created previously, select the storage account we created previously and keep the availability set to “(None)”. Click on the right arrow on the bottom right to continue.

Keep all the defaults for the virtual machine configuration. Click on the Check icon to finish creating the virtual machine. Then wait until the virtual machine is created (this will take a moment).

clip_image017

Review the configuration of the Virtual Machine.

 

5) Review the items created so far

clip_image018

Click on the “Virtual Networks” icon (shown above).

Click on the network we created previously, then click on the option to show the “Dashboard”.

clip_image019

Verify that the newly created virtual machine is using the 10.1.1.4 IP address on the subnet specified.

 

clip_image020

Click on the “Storage” icon (shown above).

Click on the Storage Account we created previously, then click on the option to show the “Containers”.

clip_image021

Click on the container called “vhds”.

clip_image022

Verify that you have the blobs for the virtual machine VHD file and its associated status.

 

clip_image023

Click on the “Cloud Services” icon (shown above).

clip_image024

Verify you have a cloud service associated with the newly created virtual machine, using the correct availability group.

 

clip_image025

Click on the “All Items” icon (shown above).

clip_image026

Review all the items we created so far.

 

6) Connect to the Azure Virtual Machine

clip_image027

Click on the “Virtual Machines” icon (shown above).

On the bar at the bottom of the screen, click on the “Connect” icon to connect to your virtual machine.

clip_image029

You will be offered a link to a Remote Desktop session file. Click on the “Open” button to start the remote desktop session.

clip_image030

On the Remote Desktop Connection dialog (shown above), click “Connect”.

On the Window Security dialog, enter a dot (.), followed by a backslash (\) and the name of the user you specified when creating the virtual machine. The dot means "this computer". Enter the password you specified previously and Click “OK” to continue.

clip_image032

In the final “Remote Desktop Connection” dialog, click “Yes” to accept the certificate. You will be connected to the virtual machine.

NOTE: To avoid this warning (and, more importantly, to be more secure), you can create certificates to use with these RDP connections by checking this page: https://msdn.microsoft.com/en-us/library/windowsazure/gg432987.aspx .

7) Install Active Directory in the Azure VM

 

Inside the virtual machine, bring up a PowerShell command line and use the following two cmdlets to load the Active Directory Domain Services role and promote this machine to a domain controller. This will take a while.

Install-WindowsFeature AD-Domain-Services -IncludeManagementTools
Install-ADDSForest -DomainName "JOSE.TEST"

You will be prompted for a Safe Mode Administrator password twice. You will also be asked to confirm the operation. After this, the configuration will start. This will take a while and you will see a few warnings.

After the script finishes, the virtual machine will reboot and your Remote Desktop session will be disconnected.

8) Review DNS and Active Directory configuration

Reconnect to the Azure VM using the instructions on step 6, this time using the new domain name instead of the dot (.) used in the first logon. You should use the same username, though. Note that the first logon on the freshly installed domain controller will take a little longer than usual.

Use the DNS Manager tool to verify that the DNS was properly configured:

Use the Active Directory Users and Computers tool to verify that the domain was properly configured:

clip_image035

9) Configure the DNS for your Azure Virtual Network

Click on the “Virtual Networks” icon (shown above).

Click on the network we created previously, then click on the option to “Configure”.

Add a DNS Server to the empty list, specifying the name and IP address of the virtual machine you configured (10.1.1.4).

clip_image037

Click on the “Save” button on the bottom bar (shown above) to save the changes.

clip_image038

Confirm the changes to the virtual network. Wait for the configuration to complete (this will take a moment).

10) Create two additional virtual machines

Click on the “Virtual Machines” icon (shown above).

Use the “+ New” link on the bottom left of the screen to add two virtual machines that we’ll use as file server cluster nodes.

Use steps similar to what you did in item 4, being careful to use the same Image, Storage Account, Virtual Network and Subnet as the first one. Use an FS1 and FS2 suffix for their names.

Here’s what the configuration should look like after you create them:

clip_image040

Make sure the VMs all use the same location.

 

Click on the “Virtual Networks” icon (shown above).

Click on the network we created previously, then click on the option to show the “Dashboard”.

clip_image041

Make sure the VMs all use the same subnet. Note the IP addresses used by each one.

11) Configure the two file server nodes

Using steps similar to item 6, connect to each of the two new virtual machines. Note that, on the first boot, you must use the computer name when logging in.

The steps are described here just once, but you must perform them for both VMs.

After the first login, verify that the DNS configuration received via DHCP is correct by running this cmdlet from PowerShell inside the virtual machine:

Get-DnsClientServerAddress -InterfaceAlias Ethernet* | FL

Next, configure the roles and features to be used (File Server and Clustering) using these PowerShell cmdlets:

Install-WindowsFeature File-Services, FS-FileServer, Failover-Clustering –IncludeManagementTools

Next, use the following cmdlet to join the domain:

Add-Computer -DomainName JOSE.TEST –Restart

Enter the domain credentials when prompted. The virtual machine will restart after that and you will be disconnected.

Reconnect to the Azure VM using the instructions on step 6, this time using the new domain name instead of the dot (.) used in the first logon. You should use the same username, though.

Note that the first logon after you joined the domain will take a little longer than usual.

Don’t forget to repeat these steps on the other VM.

 

11) Confirm that the two file server nodes have joined the domain

Reconnect to the Azure VM running the DNS/domain controller using the instructions on step 8.

Use the DNS Manager tool to verify that the DNS is showing all three virtual machines:

clip_image043

Use the Active Directory Users and Computers tool to verify that the two file servers are now part of the domain:

clip_image044

12) Configure the iSCSI Target in the DNS/Domain Controller

Connect to the Azure VM running the DNS/domain controller using the instructions on step 8.

Enable the iSCSI Target Server and configure it using the following PowerShell cmdlets:

Install-WindowsFeature FS-iSCSITarget-Server
MD C:\LUN
New-IscsiServerTarget -TargetName FileCluster -InitiatorID IPAddress:10.1.1.5, IPAddress:10.1.1.6
New-IscsiVirtualDisk -DevicePath C:\LUN\LUN0.VHDX -Size 1GB
1..2 | % {New-IscsiVirtualDisk -DevicePath C:\LUN\LUN$_.VHDX -Size 20GB}
0..2 | % {Add-iSCSIVirtualDiskTargetMapping -TargetName FileCluster -DevicePath C:\LUN\LUN$_.VHDX}

Verify using Server Manager that the iSCSI Target Server was properly created and that the LUNs are properly associated with it. See sample below:

13) Configure the iSCSI Initiator on the File Server virtual machine

 

Reconnect to the two File Server virtual machines.

Configure them to use the newly created iSCSI Target using the following PowerShell cmdlets:

Set-Service MSiSCSI -StartupType automatic
Start-Service MSiSCSI
New-iSCSITargetPortal -TargetPortalAddress 10.1.1.4
Get-iSCSITarget | Connect-iSCSITarget
Get-iSCSISession | Register-iSCSISession

IMPORTANT: The next step should be performed only on first of the File Server VM, not both.

On the first File Server VM, initialize the iSCSI LUNs (disks 2, 3 and 4) using the following PowerShell cmdlets:

2..4 | % {
$d = “--WXY”[$_]
Set-Disk -Number $_ -IsReadOnly 0
Set-Disk -Number $_ -IsOffline 0
Initialize-Disk -Number $_ -PartitionStyle MBR
New-Partition -DiskNumber $_ -DriveLetter $d –UseMaximumSize
Start-Sleep –Seconds 10
Initialize-Volume -DriveLetter $d -FileSystem NTFS -Confirm:$false
}

Verify using the Disk Management tool that you see the

clip_image046

14) Run Cluster Validation and create the cluster

From one of the two File Server cluster nodes, run cluster validation using the following PowerShell cmdlet:

Test-Cluster JOSE-324-FS1, JOSE-324-FS2

Validation will take a while to complete. Here’s what you should expect as the output of that cmdlet:

Note that you have a warning. If you look into the report, you’ll see that it relates to the fact that you have a single network for the cluster. Since this is a test configuration only, that’s fine.

Now go ahead and create the cluster using the following PowerShell cmdlet:

New-Cluster –Name JOSE-324-CL -Node JOSE-324-FS1, JOSE-324-FS2 -StaticAddress 10.1.1.100

 

15) Checking the Cluster Resources

Note that in the command to create the cluster, you had to specify a static IP address. If you don't, you will get an invalid (conflicting)DHCP address assigned to the Cluster Name resource is invalid.

You should verify that under the cluster core resources that everything is working correctly. The screen below is found in the Cluster Administration tool, on the main cluster node.

16) Create the File Server Scale-Out Cluster

 

With the cluster created, you can go ahead and configure it for a Scale-Out File Server and create a few continuously available file shares.

You can do it from either of the two File Server cluster nodes, using the following PowerShell cmdlets:

Get-ClusterResource | ? OwnerGroup -like Available* | Add-ClusterSharedVolume
Add-ClusterScaleOutFileServerRole -Name JOSE-324-FS

MD C:\ClusterStorage\Volume1\DATA1
New-SmbShare -Name Share1 -Path C:\ClusterStorage\Volume1\DATA1 -FullAccess JOSE.TEST\Jose
Set-SmbPathAcl –ShareName Share1

MD C:\ClusterStorage\Volume2\DATA2
New-SmbShare -Name Share2 -Path C:\ClusterStorage\Volume2\DATA2 -FullAccess JOSE.TEST\Jose
Set-SmbPathAcl –ShareName Share2

You can check the configuration using the Failover Cluster Manager:

You can also use PowerShell to verify that configuration:

Get-ClusterResource | FT -AutoSize
Get-ClusterSharedVolume | FT -AutoSize
Get-SmbShare | FT -AutoSize

clip_image053

17) Final Notes

  • After you’re done with the demo/test/dev environment, don’t forget shutdown the VMs to save on your Azure resources.
  • When bringing the VMs up again, make sure to start the DC VM first, so it gets the 10.1.1.4 IP address. The other option would be to use a separate subnet just for the DC VM.
  • I hope you enjoyed these step-by-step instructions. I strongly encourage you to try them out and perform the entire installation yourself. It’s a good learning experience.
  • Let me know how these steps worked for you using the comment section. If you run into any issues or found anything particularly interesting, don’t forget to mention the number of the step.

Comments

  • Anonymous
    January 01, 2003
    In Step 4 you create the 1. VM and assign the previously created virtual network. If I do exactly the same thing, I do not have the chance to configure the network. There is no configuration entry, nothing. I also do not see where this can be configured later.
    The newly created VM does not get an IP from the desired scope.
    What did I do wrong?
  • Anonymous
    January 01, 2003
    @Eric

    Yes, if you have the site-to-site VPN configured.
    See http://msdn.microsoft.com/library/azure/jj156210.aspx.
  • Anonymous
    March 30, 2014
    In this post, I'm providing a reference to the most relevant content related to Windows Server 2012
  • Anonymous
    March 31, 2014
    Can this be done with a DC on-prem using Azure S2S?
  • Anonymous
    April 01, 2014
    Hi Jose, everything worked a treat. Thanks a lot.
    Al.
  • Anonymous
    April 23, 2014
    One question: if file server cluster is on two physically separate networks(ie, 1GbE network for mangement and VM access, the other internal 10GbE for SMB, LM, Backup), does DC must be connected to the two network using 2 NICs?
    Is it possible that DC be connected only to the 1GbE management network, other Hyper-V servers that with two NICs be able to access the 10GbE SMB Cluster?
  • Anonymous
    May 17, 2014
    Pingback from Deploying a Windows Server 2012 R2 Scale-Out File Server Cluster | ninan007
  • Anonymous
    July 07, 2014
    In this post, I'm providing a reference to the most relevant content related to Windows Server 2012
  • Anonymous
    February 26, 2016
    The comment has been removed
  • Anonymous
    February 27, 2016
    @GSYes, I mentioned that in the notes and disclaimers.This specific setup is meant as a demo/learning environment, not production.