Category Archives: Clustering

Cluster Validation Failure while setting up a Windows 2012 Continuous Available File Share: The password does not meet the password policy requirements

Posted on by
1

We were installing a Windows Server 2012 cluster in a W2K8R2 domain and while we were checking out our work by running the cluster validation we got one warning we’ve never seen before:

Validate CSV Settings

Description: Validate that settings and configuration required by Cluster Shared Volumes are present. This test can only be run with an administrative account, and it only tests servers that are cluster nodes.

Start: 9/24/2012 5:01:18 PM.

Validating Server Message Block (SMB) share access through the IP address of the fault tolerant network driver for failover clustering (NetFT), and connecting with the user account associated with validation.

Begin Cluster Shared Volumes support testing on node server1.test.lab.

Failure while setting up to run Cluster Shared Volumes support testing on node server1.test.lab: The password does not meet the password policy requirements. Check the minimum password length, password complexity and password history requirements.

Begin Cluster Shared Volumes support testing on node server2.test.lab.

Failure while setting up to run Cluster Shared Volumes support testing on node server2.test.lab: The password does not meet the password policy requirements. Check the minimum password length, password complexity and password history requirements.

This test requires more than one node. If your cluster contains more than one node, please run validation tests again with more than one node specified.

Now as it turns out this Active Directory domain does enforce some lengthy and complex passwords. By this they are basically driving the admins to use pass sentences which are lot more secure. That also means that the account we are using to run the validation have adequate lengths & complexities.

So, what if we tune down the password length requirements and than run GPUDATE from an elevated command prompt on all nodes of the cluster? Bingo! The cluster valid now passes with flying colors.

I’m guessing that perhaps the local doesn’t have a strong enough password to meet the requirements. But this is just guessing. This is the account that is involved in reducing the clusters dependency on Active Directory so that CSV for example can come on line even if there is not domain controller to contact. Hence my guess that this is related. This did not happen in a lab environment so I’m not going to change the password on all nodes to a more complex one. That is for a lab Smile

image

Continuously Available File Shares Don’t Support Short File Names – “The request is not supported” & “CA failure – Failed to set continuously available property on a new or existing file share as Resume Key filter is not started.”

Posted on by
10

If you ever get the following error while trying to create a Continuously Available File Share in Windows Server 2012  “The request is not supported”

If on top you find this entry in the Microsoft-Windows-SmbServer/Operational event log:

Log Name:      Microsoft-Windows-SmbServer/Operational
Source:        Microsoft-Windows-SmbServer
Date:          24/09/2012 17:56:59
Event ID:      1801
Task Category: (1801)
Level:         Error
Keywords:      (8)
User:          SYSTEM
Computer:      server1.lab.test
Description:
CA failure – Failed to set continuously available property on a new or existing file share as Resume Key filter is not started.

First of all check  with fsutil if you have short file names enabled on the volumes on which you are trying to create the continuous available file share:

  • Log on to the node running the File role and open a elevated command prompt to run the following on the volume/partition in play, F: in this example.

fsutil 8dot3name query F:
The volume state is: 0 (8dot3 name creation is enabled).
The registry state is: 2 (Per volume setting – the default).
Based on the above two settings, 8dot3 name creation is enabled on F:

  • I chose to enable or disable short file names per volume

fsutil 8dot3name set 2
The registry state is now: 2 (Per volume setting – the default).

  • Disable short file names on the volume at hand

fsutil 8dot3name set f: 1
Successfully disabled 8dot3name generation on f:

  • Remove any short file names present on this volume

fsutil 8dot3name strip f:
Scanning registry…
Total affected registry keys:                   0
Stripping 8dot3 names…
Total files and directories scanned:            6
Total 8dot3 names found:                        3
Total 8dot3 names stripped:                     3
For details on the operations performed please see the log:
“C:UsersUSER~1AppDataLocalTemp28dot3_removal_log @(GMT 2012-09-24 18-40-05).log”

  • Now, move the role over to the next node to rinse & repeat

fsutil 8dot3name set 2
The registry state is now: 2 (Per volume setting – the default).

fsutil 8dot3name set f: 1
Successfully disabled 8dot3name generation on f:

fsutil 8dot3name query f:
The volume state is: 1 (8dot3 name creation is disabled).
The registry state is: 2 (Per volume setting – the default).
Based on the above two settings, 8dot3 name creation is disabled on f:

fsutil 8dot3name strip f:
Scanning registry…
Total affected registry keys:                   0
Stripping 8dot3 names…
Total files and directories scanned:            6
Total 8dot3 names found:                        0
Total 8dot3 names stripped:                     0
For details on the operations performed please see the log:
“C:UsersUSER~1AppDataLocalTemp38dot3_removal_log @(GMT 2012-09-24 18-44-36).log”

I know this now because I hit the wall on this one and Claus Joergensen at Microsoft turned me to the solution. He actually blogged about this as well, but I never really registered this until today.

Disable 8.3 name generation

SMB Transparent Failover does not support cluster disks with 8.3 name generation enabled. In Windows Server 2012 8.3 name generation is disabled by default on any data volumes created. However, if you import volumes created on down-level versions of Windows or by accident create the volume with 8.3 name generation enabled, SMB Transparent Failover will not work. An event will be logged in (Applications and Services Log – Microsoft – Windows – ResumeKeyFilter – Operational) notifying that it failed to attach to the volume because 8.3 name generation is enabled.

You can use fsutil to query and setting the state of 8.3 name generation system-wide and on individual volumes. You can also use fsutil to remove previously generated short names from a volume.

There’s also a little note here http://support.microsoft.com/kb/2709568

SMB Transparent Failover

Both the SMB client and SMB server must support SMB 3.0 to take advantage of the SMB Transparent Failover functionality.
SMB 1.0- and SMB 2.x-capable clients will be able to connect to, and access, shares that are configured to use the Continuously Available property. However, SMB 1.0 and SMB 2.x clients will not benefit from the SMB Transparent Failover feature. If the currently accessed cluster node becomes unavailable, or if the administrator makes administrative changes to the clustered file server, the SMB 1.0 or SMB 2.x client will lose the active SMB session and any open handles to the clustered file server. The user or application on the SMB client computer must take corrective action to reestablish connectivity to the clustered file share.
Note SMB Transparent Failover is incompatible with volumes enabled for short file name (8.3 file name) support or with compressed files (such as NTFS-compressed files).

Frankly, all my testing of Continuous available share, from the BUILD conference till RTM setups have been green field, meaning squeaky clean, brand new LUNs. So this time, in real live with a LUN that has a history in a Windows 2008 R2 environment I got bitten.

So, read, read and than read some more Smile is my advise and be grateful for the help of patient and knowledgeable people.

Anyway, It’s full steam ahead here once again getting the most out of our Software Assurance by leveraging everything we can out of Windows Server 2012.

Flash Forward To Windows Server 2012 SP1

Posted on by
Reply

No, it doesn’t exist yet. But when you muck around in a lab a lot kicking the tires and trying to break stuff just to see how it reacts, doing unsupported stuff you can get a “flash forward” sometimes. image

Look at the picture above, this is what a rolling upgrade from Windows Server 2012 RTM to Windows Server 2012 SP1 might very well look like as this message is the one we all know from the previous versions Smile. Alright, that’s enough time travelling for today. Back to work.

Windows Server 2012 Cluster in a Box as a New Form Factor?

Posted on by
Reply

Let’s look at “Cluster in a Box” (CiB)as a building block or a form factor. Let’s say you’ve committed to building a private/hybrid cloud for your organizations but you’re at the end of your hardware life cycle or you just don’t have the capacity right now to build it. What options do you have. Do you want to acquire storage, data connectivity network gear, servers, NICs with etc. or will you just buy CiB blocks to scale out as you go? Perhaps you’ll buy a Hyper-V fast track solution or if you’re really big a one or multiple containers.

I do think that the modular principle throughout the data center is pretty cool. The industry has done a great job at this with servers and smaller components as well as with the modular containers by SUN, HP, DELL.

clip_image002

While I do like and admire the concept of the “shipping container form factor” I do find it a couple of sizes too large to be practical for most of us. After all, let’s face it, we’re not all building public cloud service data centers. This means that between what we have seen today with server & storage modularity and the container form factor we’ve got a void. While some of these voids have been filled for specific applications like Exchange 2010 through custom build solutions by some vendors you cannot call this modular. Is a very application specific solution. The other, more generic, solution that has existed for a while now is the hardware that vendors deliver with the Hyper-V fast track we’ve mentioned already. Whiles these are nice, pre-configured solutions these are, again, not very modular. It’s not a complete unit that just needs to be hooked the network and provisioned with power. The time is ripe with the current state of Microsoft Windows Server 2012 to fill that void using the “Cluster in a Box” form factor. That would mean that in the future we could of the same benefits as the big players but at a size that’s fit for our purposes in the smaller data centers. This opens up a lot of scenarios for better efficiency.

What if the entire unit shipped to a customer contains everything packed away internally. That is servers, networking and storage. You just have to mount it in a rack, connect it to redundant power outlets and to redundant network paths. That’s it. Just power it up, fill out the wizard and be done with it. That’s all it takes to have a functional Hyper-V, Scale Out File System, SQL Server cluster etc. With the capabilities delivered by Windows Server 2012 this could very well be a scenario that might evolve. It’s more than just a business in or a branch office in a box. I can also be more that the Scale Out File Server unit for a private cloud solution. It just might be the first step of a new form factor building block for medium to even some large enterprises. If the economies are too good to be ignored I think this might happen.

clip_image004

The reason I think that this concept will work is that we have virtual machine mobility now so we no longer need to fear the isolation that silos might create. As a matter of fact this is a key element that might drive this. For the applications that are less suited for virtualization today we see two solutions. One is in the scalability of the Hyper-V platform with Windows Server 2012 and the other is the fact that the shared nothing approach is gaining popularity. It started with Exchange 2010 but is no also available with SQL Server 2012.

These clusters in a box can be made with existing servers (blades or not), storage and switches but I think there will be also new designs that are purpose build and not just existing hardware in a “rackable” box as in my drawings below Smile. Those boxes might have some scale up capability or come in different sizes

image

But scale out is the way that would make this work in the bigger environments, whatever the size of the Cluster in a Box.

image