Sunday, February 15, 2015

Configuring Cloud Witness on Windows Server 2016 (Technical Preview version)

In Windows Server Technical Preview (vNext), there is a new Failover Cluster quorum option, Cloud Witness. Administrators can configure a cluster to save a quorum to Microsoft Azure. Cloud Witness can apply to many scenarios like Exchange DAG, Multi-Site Cluster and so on. To use cloud witness, there are some requirements.
  • Microsoft Azure Account (We need to create a Azure Storage Account under the Microsoft Azure Account)
  • Windows Server Technical Preview (This is a new option for Windows Server Technical Preview)
  • Make sure the cluster can access Internet (The cloud witness is saved at Microsoft Azure, cluster nodes must connect to Internet)

Lab environment
  • Microsoft Azure account
  • 1 domain controller is installed Windows Server Technical Preview named DC01
  • 4 member servers are installed Windows Server Technical Preview named Node01 to Node 04 and joined tlslab.local domain
  • 2 cluster were created and named "Cluster01" and "Cluster02"
  • All settings will be performed by Domain Administrator

Configure Cloud Witness for Cluster01 and Cluster02 by Failover Cluster Manager and Powershell

1. Log in your Microsoft Azure account on
2. On Azure Portal, select "Storage".
3. Select your storage account on Microsoft Azure, click "Manage Access Keys".

4. On "Manage Access Keys", copy "STORAGE ACCOUNT NAME" and "PRIMARY ACCESS KEY" by clicking the icon and then paste it to notepad.

5. Click "Tick" icon.

Now, we got the "STORAGE ACCOUNT NAME" and "PRIMARY ACCESS KEY" to access the Azure Storage Account. We can configure the Cloud Witness on "Cluster01" and "Cluster02".

6. On Node01, log in as Domain Administrator.
7. Launch "Failover Cluster Manager".
8. Right-click "Cluster01", select "More Actions > Configure Cluster Quorum Settings".

9. On "Before You Begin" window, click "Next".
10. On "Select Quorum Configuration Option" window, select "Select the quorum witness".

11. Click "Next".
12. On "Select Quorum Witness" window, select "Configure a cloud witness".

13. Click "Next".
14. On "Configure cloud witness" window, next to "Azure storage account name", paste "STORAGE ACCOUNT NAME" of your Azure account from notepad.
15. Next to "Azure storage account key", paste "PRIMARY ACCESS KEY" of your Azure account from notepad.

16. Click "Next".
17. On "Confirmation" window, click "Next".

18. On "Summary" window, click "Finish".

The Cloud Witness has been configured on "Cluster01".

After configuring Cloud Witness, your Azure Storage Account also created "msft-cloud-witness".

19. On Node03, log in as Domain Administrator.
20. Launch "PowerShell" as administrator.
21. Perform Set-ClusterQuorum -Cluster Cluster02 -CloudWitness -AccountName <Azure Storage Account Name> -AccessKey <PRIMARY ACCESS KEY of your Azure account> to configure Cloud Witness for Cluster02.

After configuring Cloud Witness on both clusters, there are 2 records in containers of msft-cloud-witness.

Remark: If you regenerate the "Manage Access Keys" on the Azure Storage Account after configuring Cloud Witness. Make sure you apply a new key on Clusters which are applied the previous key. If the new key isn't applied to Clusters, The status of Cloud Witness changes to "Failed" and you get the event ID 1659 on Cluster Events.

This posting is provided “AS IS” with no warranties, and confers no rights!

No comments:

Post a Comment