1
00:00:00,940 --> 00:00:05,730
In this demonstration, we're going to deploy a Windows Server failover cluster.

2
00:00:05,730 --> 00:00:08,170
You're looking at the desktop of one of my Windows

3
00:00:08,170 --> 00:00:11,440
Server 2022 domain member servers.

4
00:00:11,440 --> 00:00:14,640
Let me open up Edge here, and you can see I have Windows Admin

5
00:00:14,640 --> 00:00:18,510
Center installed on this machine. And what I want to do, this

6
00:00:18,510 --> 00:00:20,220
machine is configured as a gateway.

7
00:00:20,220 --> 00:00:23,540
Let's just go ahead and add in connectivity here.

8
00:00:23,540 --> 00:00:28,360
Note that in Admin Center, we have seamless connectivity to other servers

9
00:00:28,360 --> 00:00:33,740
in our domain environment. We can add connections directly to server

10
00:00:33,740 --> 00:00:37,530
clusters, as well as going up into Azure. Now,

11
00:00:37,530 --> 00:00:40,580
I'm going to choose the first servers option, and I'm

12
00:00:40,580 --> 00:00:46,680
going to bring in the other node here, mem2.timw.info.

13
00:00:46,680 --> 00:00:50,390
I'm just going to do a two‑node cluster, and we're going to use an

14
00:00:50,390 --> 00:00:54,040
Azure cloud witness to serve as a tie‑breaking vote.

15
00:00:54,040 --> 00:00:57,010
So this would allow us to lose one node in the cluster

16
00:00:57,010 --> 00:00:59,840
and still keep the cluster going.

17
00:00:59,840 --> 00:01:04,460
Let me provide credentials here to authenticate to that

18
00:01:04,460 --> 00:01:09,540
machine, and we'll add with credentials.

19
00:01:09,540 --> 00:01:14,270
Great! So, let me do this installation with PowerShell.

20
00:01:14,270 --> 00:01:17,730
Now you know that Windows Admin Center, actually, we could

21
00:01:17,730 --> 00:01:19,650
do a lot of the work there.

22
00:01:19,650 --> 00:01:23,240
We also could go to good old Server Manager. However,

23
00:01:23,240 --> 00:01:27,690
because you're so likely to see quite a bit of PowerShell on your AZ‑801

24
00:01:27,690 --> 00:01:33,680
and AZ‑800 exams, probably more 800, it's still important. And really, in

25
00:01:33,680 --> 00:01:37,160
the name of infrastructure as code and automation, I feel most

26
00:01:37,160 --> 00:01:41,130
comfortable doing it this way anyway. So what you're seeing now is my

27
00:01:41,130 --> 00:01:46,610
Visual Studio Code instance. I have a script file called clustering‑final

28
00:01:46,610 --> 00:01:50,020
that I include in the course files for your reference. And we're going to

29
00:01:50,020 --> 00:01:54,440
start here by installing the appropriate server roles on mem1 and mem2.

30
00:01:54,440 --> 00:01:57,850
You can see that in order to support failover clustering,

31
00:01:57,850 --> 00:02:03,670
scale out file server, and Hyper‑V highly available VMs, I'm bringing in here

32
00:02:03,670 --> 00:02:06,810
on my feature list variable, Hyper‑V, Failover‑Clustering,

33
00:02:06,810 --> 00:02:12,030
Data‑Center‑Bridging. I want to install the Windows PowerShell clustering

34
00:02:12,030 --> 00:02:16,640
module, Hyper‑V, PowerShell, and the file server tools as well.

35
00:02:16,640 --> 00:02:21,460
And as you can see, I'm just creating variables that contain arrays of the

36
00:02:21,460 --> 00:02:27,270
server names on line 4, the features on line 5. So let me right‑click and run

37
00:02:27,270 --> 00:02:31,740
these in my integrated terminal below, and then I'm going to do an

38
00:02:31,740 --> 00:02:36,010
Invoke‑Command against that ServerList, and I'm going to throw in that

39
00:02:36,010 --> 00:02:41,140
Featurelist, so let me run that selection. Now I've put in the ‑Restart flag

40
00:02:41,140 --> 00:02:46,140
here because Hyper‑V, I know for a fact, is going to require a reboot. I don't

41
00:02:46,140 --> 00:02:50,300
remember about failover clustering, but either way, these machines are going

42
00:02:50,300 --> 00:02:54,190
to go down for a reboot momentarily. While we're waiting though, let me walk

43
00:02:54,190 --> 00:02:58,720
you through some of the other PowerShell code on the script. You can see on

44
00:02:58,720 --> 00:03:03,360
line 12, we can validate the cluster by using the Test‑Cluster command.

45
00:03:03,360 --> 00:03:07,950
Now that command is going to be part of the RSAT cluster in PowerShell

46
00:03:07,950 --> 00:03:11,240
feature that we're installing up here on line 5.

47
00:03:11,240 --> 00:03:15,140
Now there are a number of tests you can use to validate the cluster.

48
00:03:15,140 --> 00:03:18,100
The ones that I'm including here, obviously I want Storage

49
00:03:18,100 --> 00:03:21,470
Spaces Direct, but I'm also including Inventory,

50
00:03:21,470 --> 00:03:24,710
Network, and System configuration. And if we have any errors,

51
00:03:24,710 --> 00:03:28,640
we will need to resolve those before we can bring up the cluster.

52
00:03:28,640 --> 00:03:32,620
Now surprisingly, I was expecting the machines to restart automatically.

53
00:03:32,620 --> 00:03:41,940
So let me do an Invoke‑Command here against the ComputerName's mem1, mem2.

54
00:03:41,940 --> 00:03:43,640
And then for my ScriptBlock,

55
00:03:43,640 --> 00:03:48,180
I'm just going to do a Restart‑Computer ‑Force, and then I will

56
00:03:48,180 --> 00:03:50,940
see you at the other side of this reboot.

57
00:03:50,940 --> 00:03:51,320
Okay,

58
00:03:51,320 --> 00:03:54,980
we're back from the reboot on mem1, so let me bring up VS Code

59
00:03:54,980 --> 00:03:59,060
again, and let's pick up where we left off. We're going to run

60
00:03:59,060 --> 00:04:03,140
Test‑Cluster, and it looks like it bombed out.

61
00:04:03,140 --> 00:04:06,670
That's because ServerList dropped out of scope of my session here.

62
00:04:06,670 --> 00:04:11,290
So let me rerun and repopulate the ServerList variable, and

63
00:04:11,290 --> 00:04:14,340
then let me right‑click and run this test.

64
00:04:14,340 --> 00:04:15,910
And while this is running, again,

65
00:04:15,910 --> 00:04:18,910
let's proceed with the code, and I want to give you some

66
00:04:18,910 --> 00:04:23,340
additional tips and learning suggestions as we go on.

67
00:04:23,340 --> 00:04:26,770
The output of this test is going to be an HTML file, so that's

68
00:04:26,770 --> 00:04:30,140
going to be a very useful reference for us as administrators.

69
00:04:30,140 --> 00:04:32,820
Once we've resolved any errors,

70
00:04:32,820 --> 00:04:37,250
warnings are okay, but errors are not, we're ready to create the cluster.

71
00:04:37,250 --> 00:04:40,560
So as you can see on line 15, we'll run New‑Cluster, give

72
00:04:40,560 --> 00:04:44,180
the cluster a hostname, and that will be a fully

73
00:04:44,180 --> 00:04:49,810
qualified domain name, in my case, az801cluster.timw.info.

74
00:04:49,810 --> 00:04:52,360
The nodes are going to be, again, the ServerList array.

75
00:04:52,360 --> 00:04:56,530
I'm specifically doing no storage here because we're going to add in Storage

76
00:04:56,530 --> 00:05:01,560
Spaces Direct later in the course, and I do want to reserve an IPv4 address

77
00:05:01,560 --> 00:05:06,670
on my LAN for this cluster. And we will find that the cluster's name is

78
00:05:06,670 --> 00:05:10,540
registered in our Active Directory DNS.

79
00:05:10,540 --> 00:05:13,870
Then on line 18, notice that I'm setting a ClusterQuorum here.

80
00:05:13,870 --> 00:05:17,980
I'll show you more about quorum configuration later in the course. But if

81
00:05:17,980 --> 00:05:21,190
you've got access to a general purpose storage account,

82
00:05:21,190 --> 00:05:24,490
it's pretty easy to create a cloud witness, as long as you have the

83
00:05:24,490 --> 00:05:29,760
connectivity to it. You can see Set‑ClusterQuorum ‑CloudWitness, and then we

84
00:05:29,760 --> 00:05:35,770
have the name of our Azure Storage account and then one of the two access keys

85
00:05:35,770 --> 00:05:37,780
that are used to protect the storage account.

86
00:05:37,780 --> 00:05:42,180
Now, be very careful about exposing an access key in plaintext like I'm

87
00:05:42,180 --> 00:05:46,460
doing here. I would not, for instance, commit this ps1 file to source

88
00:05:46,460 --> 00:05:50,440
control unless I did something about that access key.

89
00:05:50,440 --> 00:05:55,940
I could just null it out by doing open and closed quotes, or I could do a call

90
00:05:55,940 --> 00:06:00,940
to Azure Key Vault and fetch the key from there, for example,

91
00:06:00,940 --> 00:06:04,000
we don't want to have anything secret accessible in

92
00:06:04,000 --> 00:06:07,640
plaintext for any length of time, for sure.

93
00:06:07,640 --> 00:06:11,400
And then going beyond that, once our cluster is stood up, we'll then do a

94
00:06:11,400 --> 00:06:15,150
little bit of monitoring. And there, I just want you to remember that

95
00:06:15,150 --> 00:06:20,520
Performance Monitor is our built‑in monitoring tool in Windows Server, and then

96
00:06:20,520 --> 00:06:25,530
the Azure analog would be Log Analytics and Azure Monitor. And then as far as

97
00:06:25,530 --> 00:06:28,380
programmatic monitoring and administration,

98
00:06:28,380 --> 00:06:33,110
there is the old school Cluster.exe executable, but the Microsoft

99
00:06:33,110 --> 00:06:37,770
engineers have done a pretty good job of mapping those old Cluster.exe

100
00:06:37,770 --> 00:06:42,950
commands to PowerShell. And PowerShell being an object‑based automation

101
00:06:42,950 --> 00:06:46,640
language is able to give us much more wide spectrum control and

102
00:06:46,640 --> 00:06:51,210
visibility than these old compiled executables. So we'll finish by just

103
00:06:51,210 --> 00:06:55,240
taking a look at a couple of the Get commands. Now like I've mentioned

104
00:06:55,240 --> 00:06:55,690
before,

105
00:06:55,690 --> 00:07:00,840
let me mention it again that the way the exams will test your PowerShell,

106
00:07:00,840 --> 00:07:06,170
in all likelihood, is you will have code given to you in context like a

107
00:07:06,170 --> 00:07:10,570
script file, and periodically through the code you'll have active

108
00:07:10,570 --> 00:07:14,570
components like drop‑down list controls that you will then select and

109
00:07:14,570 --> 00:07:16,570
choose from a series of options.

110
00:07:16,570 --> 00:07:19,690
So this is a way for Microsoft to validate your skills.

111
00:07:19,690 --> 00:07:24,190
Okay, so we can see here that my cluster was conditionally approved.

112
00:07:24,190 --> 00:07:26,560
That must mean that there's some warnings.

113
00:07:26,560 --> 00:07:31,260
So let me select the file path. Whoa! The highlight

114
00:07:31,260 --> 00:07:33,230
colors are really messed up here.

115
00:07:33,230 --> 00:07:35,760
Let me see if this will work. Paste that in.

116
00:07:35,760 --> 00:07:37,640
Yeah, it looks like it will. Good.

117
00:07:37,640 --> 00:07:41,180
So let me bring up that report, which as you can see gets stored

118
00:07:41,180 --> 00:07:44,510
under your Users profile, AppData\Local\Temp.

119
00:07:44,510 --> 00:07:49,160
So you want to save this file somewhere else if you want to keep it. Now

120
00:07:49,160 --> 00:07:51,990
let me zoom in so you can have a better time reading it.

121
00:07:51,990 --> 00:07:55,240
So it looks like we've got Success for Inventory, Warning for

122
00:07:55,240 --> 00:07:58,160
Network, Success for Storage Spaces Direct.

123
00:07:58,160 --> 00:08:00,940
That's what I was most concerned with, so I'm glad.

124
00:08:00,940 --> 00:08:04,240
And then we have Warning for System Configuration.

125
00:08:04,240 --> 00:08:07,060
Let's see, is there any other warning? Warning for Validate

126
00:08:07,060 --> 00:08:10,550
Network. Storage Spaces is everything.

127
00:08:10,550 --> 00:08:14,860
And then it looks like the warning for System Config was that not all of my

128
00:08:14,860 --> 00:08:18,880
device drivers are digitally signed, which is a concern, but it's not a deal

129
00:08:18,880 --> 00:08:21,760
breaker at this point. To come up to Network,

130
00:08:21,760 --> 00:08:24,590
it looks like Validate Network Communication was a

131
00:08:24,590 --> 00:08:28,180
problem, so what's this saying? Again, this is a best

132
00:08:28,180 --> 00:08:30,740
practice, but it's not a showstopper.

133
00:08:30,740 --> 00:08:35,150
It's basically saying that my nodes are reachable by each

134
00:08:35,150 --> 00:08:38,080
other through only one network interface each.

135
00:08:38,080 --> 00:08:43,510
So it's recommending this is bringing in issues like NIC teaming and multi‑path

136
00:08:43,510 --> 00:08:48,680
I/O so that you have redundant connectivity between your cluster nodes and also

137
00:08:48,680 --> 00:08:51,850
between each cluster node and your shared storage.

138
00:08:51,850 --> 00:08:55,630
Now, that's not as big of an issue because, as I've mentioned several times,

139
00:08:55,630 --> 00:09:00,980
we're going to be doing Storage Spaces Direct and not SAN, iSCSI or Fibre

140
00:09:00,980 --> 00:09:04,120
Channel storage, all right? So as far as monitoring,

141
00:09:04,120 --> 00:09:04,820
like I said,

142
00:09:04,820 --> 00:09:08,700
well, we first have to create the cluster. So let me come down and clear

143
00:09:08,700 --> 00:09:15,940
my terminal screen, and let's run line 15 here to create az801cluster

144
00:09:15,940 --> 00:09:20,620
using the ServerList array. I'm going to give it a static address. To set

145
00:09:20,620 --> 00:09:24,780
the stage, let me see if I've got the DNS management console on this

146
00:09:24,780 --> 00:09:27,340
system. I don't think I do, no.

147
00:09:27,340 --> 00:09:31,090
So I'm going to have to do a little bit of RSAT work to get that going.

148
00:09:31,090 --> 00:09:36,390
And what we can also do is bring up Windows Admin Center. Let me

149
00:09:36,390 --> 00:09:44,240
authenticate in as a domain administrator, and let's connect into my mem1

150
00:09:44,240 --> 00:09:48,990
node. And just while we're waiting here, let me do a search in the Tools

151
00:09:48,990 --> 00:09:51,840
list for Roles & features. And unfortunately,

152
00:09:51,840 --> 00:09:54,050
there's not a search filter in here.

153
00:09:54,050 --> 00:09:57,240
This is a long list too, unfortunately.

154
00:09:57,240 --> 00:10:01,610
So we've got Remote Server Administration Tools, and we've got Role

155
00:10:01,610 --> 00:10:07,860
Administration Tools, and I'm looking for AD DS tools like, okay,

156
00:10:07,860 --> 00:10:12,480
so that should give the Active Directory Users and Computers and all that.

157
00:10:12,480 --> 00:10:13,020
That's fine.

158
00:10:13,020 --> 00:10:17,110
I also want to bring in my DNS Server Tools, and it looks

159
00:10:17,110 --> 00:10:19,520
like I've got Hyper‑V already installed.

160
00:10:19,520 --> 00:10:23,390
So, the reason I'm showing you this is because Windows Admin

161
00:10:23,390 --> 00:10:28,700
Center features on both AZ‑801 and AZ‑800, so it's really not

162
00:10:28,700 --> 00:10:30,700
optional that you get familiar with it.

163
00:10:30,700 --> 00:10:41,000
We go over Windows Admin Center installation and maintenance in AZ‑800. In AZ‑801, it's just assumed that you're using it, okay?