Keep your files and volumes available with Windows Server 2016 and Microsoft Azure

Hi Community,

after having a great time at the MVP Summit and finishing chapter six of my first book. I wanted to turn some more effort into my blog again. The first thing I wanted to talk about is a scenario to expand your Windows Server 2016 Storage into the cloud and keep it available over branches.

The Scenario and use cases

Sometimes I have customers who need to have caches for fileservers and storage within their branch offices. In the past I needed expensive storage devices, complex software or I used DFS-R to transfer files.

With Windows Server 2016 we got Storage Replication, which gave me new opportunities to think about.

First Scenario I tried and built was with Windows Server 2016 based fileservers to replace DFS-R and establish asynchrony replication based on byte and not file level to reduce traffic etc.

You can use this kind of replication to move for file or backup data into the cloud.

The Technologies

What technologies did I use.

Windows Server 2016 Storage replication:

You can use Storage Replica to configure two servers to sync data so that each has an identical copy of the same volume. This topic provides some background of this server-to-server replication configuration, as well as how to set it up and manage the environment.

Source: https://technet.microsoft.com/en-us/windows-server-docs/storage/storage-replica/server-to-server-storage-replication

Microsoft Azure VMs https://azure.microsoft.com/en-us/documentation/services/virtual-machines/windows/ 

The Infrastructure Architecture

In the first place you need a fileserver as source and fileserver as target. You need also to ensure that the data you want to replicate are on a different volume than the data that stays onsite.

1

The source can either run on Hardware or which would be the most cost efficient way on Windows Server 2016 Hyper-V Cluster together with other virtual machines like Domain Controller, Backupserver, Webserver or Database. With this kind of cluster you would also save the license costs for the Fileserver Datacenter License because you can use the Host License with AVMA and you can leverage the Windows Server 2016 License Mobility to Azure. Which enables you to use your Windows Server License for Azure virtual machines.

2

 

The Azure virtual machine should be a DS3 or above, because you need at least two disks. If you want to replicate more disks, you should be able to add more disks.

3

 

From the Network Site you need to implement VPN Site to Site Connection between your offices and Azure. You need a performance gateway to get the necessary throughput and latency. I would recommend to use Microsoft ExpressRoute and MPLS.

4

Scenarios how to use those fileserver Volumes

The first scenario I tested so far, was to get a geo redundant standby system for a fileserver with profile data and shares. Both Servers do not run in a cluster (didn’t try that yet). Both servers are part of an DFS-N. The on premises server is the primary DFS-N target for the clients. The fileserver in Azure is the secondary target. The secondary fileserver is disabled as target for Clients in DFS-N. The  access will be on the primary fileserver and the storage information will be replicated to secondary fileserver.

5

 

As long as everything went fine, you have only incoming traffic to Azure with no costs for traffic. If the primary volume or fileserver went offline you switch to the secondary fileserver by enabling the secondary fileserver in DFS-N and swapping the target volume to active. You can either do this manually or trigger it via automation services and monitoring e.g. Azure Automation and Operations Management Suite or System Center Operations Manager.

6

You can also use the fileserver as target for different fileservers.

7

 

A different approached could be achieved when using this scenario for backup. First you backup your data to the primary fileshare or volume and replicate it to the cloud.

8

After you finished the backup you switch the volume and transfer the backup to a cheaper location e.g. Azure Cold Storage Accounts.

9

The Pro’s and Con’s

Pro Con
Easy to use ExpressRoute needed for best performance
Azure License for Azure VM might be covered by your on premises license Not documented yet and only Proof of concept
No need for expensive Storage Systems
Great to replicate File Data and Backups into the cloud

 

How to fix non compliant NICs with no logical network connectivity in VMM

Hi everybody,

today again a blogpost out of my heading “I need to remind my self because I love to forget this”.

I want to show you how you need to configure Network Adapters which are not used in a virtual switch for Hyper-V. That network adapters could be used for example with Storage like iSCSI, SMB3 or other things.

At first you will get a warning from Virtual Machine Manager that your host is not compliant.

2015-10-09_17-37-52

Like you see in my example below.

2015-10-09_12-15-23

 

Now there are two options to get the NICs compliant. The first way, which we don’t want to use with Storage Adapters is, to move them into a virtual switch.

The second one, which I prefer when working with storage adapter, is ti define the connection within the hardware profile of the server. For that you go into the properties of your Hyper-V Hosts in VMM and select hardware. Scroll down until you reached the network adapter you want to configure. Now you should see the logical network connectivity.

2015-10-09_17-39-46

There you check the logical networks, your host has connection with and press ok.

2015-10-09_12-16-44

So that’s all. Now your Networkadapter is shown as compliant in VMM.

2015-10-09_17-38-42

How to fix VMM error 20553

Hi,

today I want you to provide you some GPO Templates, which could help you to fix following error in VMM:

Error (20553)
The Windows Remote Management (WinRM) client on the VMM server cannot process the request. A computer policy does not allow the delegation of the user credentials to the target computer **.

WinRM: URL: ** , Verb: [ENUMERATE], Resource: [http://schemas.microsoft.com/wbem/wsman/1/wmi/root/cimv2/Win32_ComputerSystemProduct], Filter: []

Unknown error (0x803381a3)

Recommended Action
Use gpedit.msc and look at the following policy: Computer Configuration -> Administrative Templates -> System -> Credentials Delegation -> Allow Delegating Fresh Credentials. Verify that it is enabled and configured with an SPN appropriate for the target computer. For example, for a target computer name myserver.domain.com, the SPN can be one of the following: WSMAN/myserver.domain.com OR WSMAN/*.domain.com OR WSMAN/*

Thanks to Radhika Gupta for his blog on TechNet which gave me the final solution 🙂

In my case I needed to create two GPOs.

The first deployed on the Hyper-V Hosts to enable WinRM with CreedSSP

Computer Configuration\Administrative template\Windows Components\Windows Remote Management (WinRM)\WinRM Service\[Allow CredSSP authentication] = true

The first deployed on the VMM Hosts to enable WinRM with CreedSSP and Credentials Delegation

Computer Configuration\Administrative template\Windows Components\Windows Remote Management (WinRM)\WinRM Service\[Allow CredSSP authentication] = true

Computer Configuration\Administrative Templates\System\Credentials Delegation\[AllowFreshCredentials ] = “WSMAN/*”

How to plan redundancy for Scale out Fileser

Hey everybody,

after I posted some of my thoughts I normally put behind Hyper-V redundancy, today I want to show you some examples how you could plan redundancy for Scale out Fileserver.

When to choose a redundancy where only one or two cluster nodes can fail?

That is the most common and easiest why for node redundancy in a cluster. It means you have enough nodes in your cluster to cover one or two node failures. You would choose that cluster config when all of your nodes are in one datacenter or server room and you need no geo-redundant storage solution. Please notice, for a JBOD based Scale out Filserver you need at least a minimum of three JBODs. For converged Scale out Fileserver with Windows Server 2016 you will need 4 equal Scale out Fileserver Systems.

Sofs01

Traditional Scale out Fileserver with Storage Spaces and JBODs

sofs02

Traditional Scale out Fileserver with SAN Storage Backend

sofs03

Scale out Fileserver with Storage Spaces Direct in Windows Server 2016

When to choose a redundancy where you can choose half of the nodes?

In this scenario you can lose one half of your nodes but you need to fulfill some more requirements like storage replications or direct WAN links. You would normally use if you want to keep your services alive if one datacenter or serverroom fails.

sofs04

With Storage Spaces Direct in Windows Server 2016 and RDMA RoCE

sofs05

Scale out Fileserver with classic SAN storage replication

Rolling Cluster Update with Windows Server 2016 TP3 – short notes & first tries

Hi everybody,

the following post is just a short one out of my learnings during my tests with rolling cluster upgrade.

In the first place, I think many of you already noticed the new failover cluster feature. It enables you to migrate clusters deployed on Windows Server 2012 R2 to Windows Server 2016 without building a new cluster and migrating the cluster roles to it. Currently there is only a validation for clusters running Hyper-V and Scale out Fileserver but as soon as I have some more time I will also try to Upgrade some of my Virtual Machine Manager and Fileserver Clusters and report back to you.

The way how you migrate the cluster is already very well documented on technet.

For those of you who are familiar with Active Directory Migrations, the way a Failover Cluster is Upgrade looks very familiar. At first you have three phases like shown in the figure below.

Source: Microsoft TechNet

Preparations before you start with the migration.

  1. Check if your Servers are compatible with Windows Server 2016. Run the new build only on supported environments.
  2. Ensure that you have always enough compute resources during the whole time upgrade process. Normally you run a cluster with a minimum of n+1 cluster nodes. During the cluster upgrade, I would suggest to add another node to the cluster and run with a minimum of n+2 nodes. That would prevent you from any resource shortages during the upgrade.

In the first Phase with nativ Windows Server 2012 R2 you have the following tasks to perform:

  1. Run Cluster Aware Update on your Cluster and Update it to the lates patchstate
  2. Backup your Cluster Database and Cluster Configuration
  3. Install the first 2016 node, add the server role and failover cluster feature and features like MPIO (if needed). Please note inplace upgrades of nodes are not supported, so please reinstall the nodes.

Source: Microsoft TechNet

In the second Phase, you will run in cluster mixed mode:

Please notice that the mixed mode is only supported for 4 weeks and you should get out of it as soon as possible. Anyway, you should take your time to check if the new hosts and the cluster runs stable. As soon as you are on Windows Server 2016 native mode there is no way back.

  1. Add the first 2016 node to the cluster
  2. when the node is added  properly and runs fine, migrate to cluster role over to the new role
  3. if the migration runs fine and for example the VMs are working, set the first Windows Server 2012 R2 node in maintenance mode and drain the roles. After that evict the Windows Server 2012 R2 node
  4. Now you can install the second node and redo the steps 1. to 3. until you have removed all Windows Server 2012 R2 nodes

At this point as, long as you still have one Windows Server 2012 R2 node left in the cluster you can go back if anything goes wrong.

Source: Microsoft TechNet

At the end, you have a native Windows Server 2016 cluster node running in functional level Windows Server 2012 R2. Like an active directory with Windows Server 2012 R2 and running on forest function and domain level Windows Server 200 R2 before you raised the level.

Source: Microsoft TechNet

Now we enter the third stage, here we need to raise the Cluster Function Level. For that we need to run a powershell command.

So please open the PowerShell Commandline on one of your new cluster nodes as administrator.

 

Afterwards you can start your backup again and restart the cluster aware update service.

Source: Microsoft TechNet

 

Now the last point, housekeeping. That means, update the virtual machine versions of you VMs and install the new version of the virtual machine management tools or what ever need to be done for the cluster roles.

So that’s all from my site today. I will write a much more detailed post, as soon as Windows Server 2016 reaches RTM.