Archive for the ‘Hyper-V’ Tag
With the new products that are available end of 2013 ( Windows 2012R2 and the system center R2 ) releases Replication will be important all the way and will be easier to create but also the environment will be more complex. Replication on Kerberos is easy to uses even shared nothing is quick and fast but what about certificate based ?
Easy to use click a certificate and use it. It is that easy or not ? well it is almost.
In this case I have My DC that hold a Enterprise Root CA and two clusters and 4 VMM servers,
Well You will only need the Root CA and Two Hyper-v server Clustered in different clusters.
yes we will do Clustered Based Certificate Based Replication ( CBCBR )
Open Certification Authority (certsrv.msc) from Administrative Tools
Right click on Certificate Template and click on Manage then we duplicate the Workstation Authentication template
Give the Certificate a nice name like Hyper-v Replica Authentication
That you know where the certificate is for.
There are a few things we need to change or can change
I choose for 2012 usage only in the compatible settings Certificate recipient and authority can be set to Windows Server 2012
The Security settings Ensure that Authenticated Users are allowed to Read and Enroll.
Edit Application Policies and add Server Authentication
Subject Name Change the option to Supply in the Request
Now that the Certificate template is ready we are going to import this certificate
Open Certification Authority on the server and click on Certificate Templates
Select Action and choose the New option followed by Certificate Template to Issue.
Choose the certificate template name from the pop-up box
Now that the basic is ready on our DC we can deploy the Certificate to the clusters / hyper-v server
If you try to add a cert now in the Hyper-v broker. You will see a nice error wrong or no certificate.
A cool thing in 2012 is that you can do PowerShell in the certificate store.
go to c:windowssystem32
cd cert:
use the :
then
cd .\localmachineroot then a Dir and you will see all the certificates
How cool is that !
Open an MMC and open the localmachine store.Requesting Hyper-V Replica Certificates from an Enterprise CA based on our current template.
Next and see here is our new certificate template
Now check the certificate and click on the blue line more information is required.
Use the CN = Common name / friendly name to identify the certificate. and use the computer names to connect to the certificate but you can also use the *.domain.local for a wildcard certificate
hit apply and the next on enroll
and in the certificate store the certificate should been listed 
And that’s the process for customizing and requesting certificates. Your final step in configuring Hyper-V Replica happens back in Cluster Failover Manager.
now check the broker Role in the cluster and do right click
Launch replication Settings and click the Select Certificate button in Replication Configuration. If you’ve done everything correctly, you’ll see your recently installed and customized certificate
and I n my case I have two clusters and won’t to replicate from and to the both clusters.
there for I used the same certificate import and export with private key and put it on all the nodes remember the node name should be in the certificate FQDN !
In the VM you can enable replication and choose the certificate. But you can also mix one VM with Kerberos and the other with a certificate
Once It is done it is keep working unless the certificate is expired !
Next stop will be Hyper-v Recovery Manager.
Windows Server 2012 Hyper-V Role introduces a new capability, Hyper-V Replica, as a built-in replication mechanism at a virtual machine (VM) level. Hyper-V Replica can asynchronously replicate a selected VM running at a primary site to a designated replica site across LAN/WAN
there is a great guide for you LAB on this site http://blogs.technet.com/b/yungchou/archive/2013/03/24/hyper-v-replica-broker-explained.aspx
Hyper-V Replica Cluster
To Deploy a Hyper-v failover cluster as a replica site, must use Failover Cluster Manager to perform all Hyper-V Replica configurations and management. And first create a Hyper-V Replica Broker role.
In this case I have two clusters left and right. first go to the FCM and add a role
A Hyper-V Replica Broker is the focal point in this case. It queries the associated cluster database to realize which node is the correct one to redirect VM specific events such as Live Migration requests in a replica cluster.
Windows Active Directory domain is not a requirement for Hyper-V Replica which can also be implemented between workgroups and untrusted domains with a certificate-based authentication. Active Directory is however a requirement if involving a Hyper-v host which is part of a failover cluster, and in such case all Hyper-V hosts of a failover cluster must be in the same Active Directory domain with security enforced at the cluster level. I see sometimes that the broker creations is failing. The resource will not come online.
So During the creation of the cluster resource you will need a Name ( netbios ) and a IP. that is all. But remember as all cluster resources the cluster will create the items and not you Mister Admin. Just make sure Your DNS and cluster resource can create Items.
If you are not sure about this check my old blog post http://robertsmit.wordpress.com/2012/06/26/cluster-network-name-resource-failed-to-create-its-associated-computer-object-in-domain/
Now that my Resource is created and it is in my cluster In both Cluster I want to do Cross Replication 
If you know Hyper-v then you would do the settings in the hyper-v settings but as you can see all the options are grayed out.
Go to the Cluster manager and right click on the broker select replication settings.
Same menu and configurable.
First enable the replica server in the first case I use Kerberos ( the easy one )
So don’t check the certificate based box.
here you can do give any server access to this replica easy to do and quick just fill in the path where the VM files need to be stored.
the other option is give only server that I want access. Well in my case I also used a * not that smart well now Only server in my domain can replicate and not every server. If you want to do a point to point connection just fill in the FQDN of the server.
once you have filled in the entry you can’t change the name only the storage path. Well that is fine for now.
Again we add the Resource this time a Virtual machine. Just make sure there is a VM in the Hyper-v
What we do here is make the VM high available and yes you could also replicate the VM right from the Hyper-v console.
but that does not make the VM High Available.
Selecting the VM 
Now we can start the machine and the VM is HA
We have the broker in place and a VM it is time to replicate.
Don’t use the broker on the current cluster you can’t replicate to your own cluster 
All you have to know is the name of your cluster where the VM is placed
So I use the name of the cluster and see if it works, The wizard does see that there is a other broker in the left01 cluster and ask me to change that YES click on update
again Here can I choose Kerberos or certificate Rememeber I checked both boxes on the broker cluster resource If I made a choice there I could no choose here.
I go for……Kerberos
Check what VM disk are needed to replicate If you have a disk that holds stuff that si not needed for replications then unselect the disk here.
You can create multiple recovery points or just one and change the time currently you can set this from 1 hour to 12 hours. It is a wish to get this sooner.
and how to copy the stuff , over the network or with media. and the time to start.
I take the right now option
and If you want to change the settings just go to the settings of the VM and change it
In the Cluster or in the Hyper-v console you can see the status easy quick and fast replication.
In my next blog post I will do the same with a Certificate and you need extra steps for this.
Windows Server 2012 Hyper-V: Deploying Hyper-V Enterprise Server Virtualization Platform" by Zahir Hussain Shah
Packt Publishing | 2013 | ISBN: 1849688346 9781849688345 | 410 pages | PDF | 9 MB
"Windows Server 2012 Hyper-V: Deploying Hyper-V Enterprise Server Virtualization Platform" is a comprehensive guide, which starts itself from basic virtualization and server consolidation concepts, and then goes deeper for discussing advanced topics, such as a Hyper-V scalability, failover, and virtual machine migration. This book is an ideal choice for those who are stepping into Hyper-V world, and also for those who are experts in Hyper-V and want to advance their skills with the new Windows Server 2012 Hyper-V.
What is in the Book.
It is a great way to start with Hyper-v and I must say there are a couple of really good books on hyper-v. Just to be clear there is no book that covers the full thing windows 2012 / hyper-v / System Center VMM . You will need this book also http://www.packtpub.com/microsoft-system-center-virtual-machine-manager-2012-cookbook/book
Table of Contents
Preface
Introduction
Chapter 1: Getting to Know Microsoft Hyper-V
Chapter 2 : Planning, Designing, and Implementing Microsoft Hyper-V
Chapter 3 : Setting Up Hyper-V Replication
Chapter 4 : Understanding Hyper-V Networking
Chapter 5 : A New World of Hyper-V Automation with PowerShell
Chapter 6 : Insight into Hyper-V Storage
Chapter 7 : Managing Hyper-V with System Center Virtual Machine Manager
Chapter 8 : Building Hyper-V High Availability and Virtual Machine Mobility
Chapter 9 : Hyper-V Security Hardening – Best Practices
Chapter 10 : Performing Hyper-V Backup and Recovery
Appendix A: SCVMM 2012 New Features and Enhancements
Appendix B: SCVMM Management Console Configuration Settings
After reading this book you know how to setup and manage the hyper-v server. And the most important parts like networking and replications are covered. And when you move on and develop bigger Hyper-v sites and do more management there is also a nice PowerShell in Chapter 5.
There is a lot of nice stuff in the book that is detailed and step by step. With a real detail description of what is new in hyper-v and what options you can use.
If you already using hyper-v based on 2008 even then the book is the right thing for you, all the new stuff is there to use, sample on how to use the options.
How to start ?
Buy the book here: http://www.packtpub.com/windows-server-2012-hyper-v/book
Download Hyper-v :http://www.microsoft.com/en-us/server-cloud/hyper-v-server/default.aspx
buy some hardware
[Building a Hyper-V Cluster for Under $2000]
http://www.altaro.com/hyper-v/building-a-hyper-v-cluster-for-under-2000/
Give the Certificate a nice name like Hyper-v Replica Authentication
I choose for 2012 usage only in the compatible settings Certificate recipient and authority can be set to Windows Server 2012
The Security settings Ensure that Authenticated Users are allowed to Read and Enroll.
A cool thing in 2012 is that you can do PowerShell in the certificate store.
Open an MMC and open the localmachine store.Requesting Hyper-V Replica Certificates from an Enterprise CA based on our current template.
Now check the certificate and click on the blue line more information is required.
Use the CN = Common name / friendly name to identify the certificate. and use the computer names to connect to the certificate but you can also use the *.domain.local for a wildcard certificate
now check the broker Role in the cluster and do right click
In the VM you can enable replication and choose the certificate. But you can also mix one VM with Kerberos and the other with a certificate
