Consider the following best practices to optimize the availability of essential services in your Hyper-V and ME5 environment.
- Configure at least one domain controller as a physical host with local disk, or as a VM on a Hyper-V host with local disk.
- At least one domain controller should run independent of SAN or DAS storage so it will continue to provide essential services if external storage is unavailable. (Essential services include AD user authentication, cluster authentication, DNS, and DHCP.)
- Consider placing a management host or VM (jump box) in the environment that remains accessible regardless of the state of the storage fabric, SAN, or DAS resources. Place critical management tools on this resource to aid with day-to-day administration, troubleshooting, and recovery.
Domain controller placement
Avoid placing all your domain controller VMs on the same Hyper-V cluster. If the cluster service depends on AD authentication in order to start, an outage of the Hyper-V cluster will result in a recovery conundrum for the administrator. Recovery may require the following steps:
- Manually recover a domain controller VM outside of the Hyper-V cluster, and bring it online.
- With AD available, Hyper-V cluster services can now authenticate and start.
- Redesign the environment so at least one domain controller is not dependent on Hyper-V cluster services starting first.