Cluster Configuration Log File Security When a cluster is created or a node is added to a cluster using the Wizard, a file containing critical information about the cluster is placed the
Trang 1and make that group a member of the appropriate local groups on the nodes Also, assign NTFS permissions in a similar manner
Cluster Data Security
As with any server, data should be accessed in a controlled manner.You do not want users accessing, deleting, or corrupting data Assign appropriate NTFS file system permissions on a server cluster, just
as you would assign them on a stand-alone server
Disk Resource Security
Use NTFS permissions to ensure that only members of the Administrators group and the cluster service account can access the quorum disk If you use scripts and the generic script resource type, you should assign appropriate NTFS Execute permissions to the scripts A buggy script, or one run
in an unplanned or uncontrolled manner, may cause data loss or a service outage
Cluster Configuration Log File Security
When a cluster is created or a node is added to a cluster using the Wizard, a file containing critical
information about the cluster is placed the %systemroot%\System32\LogFiles\Cluster\ directory,
unless you do not have administrative permissions on the node; in that case, the file is placed in the
%temp% directory.The log file, ClCfgSrv.log, should have NTFS permissions that allow access to
only the Administrators group and the cluster service account
Creating a New Cluster
Use the following steps to create a server cluster Only the creation of the first node is covered Each server cluster and network configuration is unique.You will need to substitute your TCP/IP
addresses and account names, and adjust this process to fit your hardware
1 Properly assemble your hardware Ensure that only this first node is connected to and can access the shared storage unit(s)
2 Assign friendly names to your network interfaces and configure them with static IP addresses
3 Log on to your domain with an account capable of creating user accounts Open Active
Directory Users and Computers In the Users container, create an account called
ClusterAdmin matching the settings shown in Figures 6.26 and 6.27 Close Active
Directory Users and Computers
Trang 24 Log on to your first cluster node and start Cluster Administrator by selecting Start |
Administrative Tools | Cluster Administrator
5 When the Open Connection to Cluster dialog box is presented (Figure 6.28), select
Create new cluster from the Action drop-down box and click OK.
Figure 6.27 Assign a Password and Properties to New Cluster Service User Account
Trang 36 The New Server Cluster Wizard will start, as shown in Figure 6.29 Click Next.
7 Select your domain in the Domain drop-down list and enter cluster1 in the Cluster
name text box, as shown in Figure 6.30 Click Next.
Figure 6.28 Open Connection to Cluster
Figure 6.29 The New Server Cluster Wizard’s Welcome Window
Trang 48 Enter the name of the computer that will become your first node in the Computer
name text box, as shown in Figure 6.31, and click Next.
9 The Analyzing Configuration window will appear, as shown in Figure 6.32, while the configuration of the node is verified.You can click the View Log… button to see the his-tory of actions the Wizard has performed, or click the Details… button to see the most
recent task
Figure 6.31 Select the Computer Name
Figure 6.32 Analyzing the Configuration of the Cluster Node
Trang 510 When the analysis is completed, the Analyzing Configuration window will show the
tasks completed, as shown in Figure 6.33 Click the plus signs (+) to see the details behind
each step When you’re finished examining the details, click Next.
11 You are asked what IP address you want assigned to the server cluster, as shown in Figure
6.34 Enter the appropriate IP Address and click Next.
12 In the Cluster Service Account window, shown in Figure 6.35, enter the User name,
Password , and Domain for the cluster service account you created in step 3.Then click
Next
Figure 6.33 Finished Analyzing the Configuration of the Cluster Node
Figure 6.34 Enter the Cluster IP Address
Trang 613 The Wizard will display the proposed server cluster configuration, as shown in Figure 6.36 Review the information
14 Click the Quorum… button Select the correct quorum disk for your configuration from the drop-down list, as shown in Figure 6.37, and select OK.
Figure 6.36 Review the Proposed Cluster Configuration
Trang 715 The Wizard will now create the server cluster, as shown in Figure 6.38 As the
configura-tion progresses, you can click View Log… or Details… to see what the Wizard is doing.
16 When the Wizard finishes creating the server cluster, the Creating the Cluster window
will show the tasks completed, as shown in Figure 6.39 Click the plus signs (+) to see
details about each step performed Click Next.
Figure 6.37 Select the Quorum Disk
Figure 6.38 Creating the Cluster
Trang 817 The Wizard informs you that the server cluster is created, as shown in Figure 6.40.You can
click View Log… to examine all of the activity involved in the creation Click Finish to
exit the Wizard
18 The Cluster Administrator utility appears As shown in Figure 6.41, it displays the server cluster you just created
Figure 6.40 The Wizard’s Final Window
Trang 919 Right-click the server cluster name (CLUSTER1) and select Properties Click the
Network Priority tab and move Interconnect to the top of the list, as shown in Figure 6.42 Click Apply
20 Examine the Quorum and Security tabs to become familiar with the default settings on
these tabs When you have finished reviewing the configuration of these tabs, click OK.
Then close Cluster Administrator
Making Network Load Balancing
Part of Your High-Availability Plan
The other high-availability tool included in Windows Server 2003 is Network Load Balancing (NLB) A primary use for NLB is increasing the scalability and availability of Internet applications (Web, FTP, VPN, firewall, proxy servers, and so on) by having multiple machines simultaneously
Figure 6.41 The Newly Created Cluster
Figure 6.42 Change Network Priorities
Trang 10different and serve different purposes A server cluster requires specialized hardware, and there is typ-ically one installed copy of each application, which moves between server cluster nodes Only the node actively hosting the application responds to client requests An NLB cluster does not require
any specialized or additional hardware Every host runs a separate and independent copy of the
applica-tion and actively responds to client requests Server clusters are used mainly for database-type appli-cations NLB clusters are used for traffic or communication type appliappli-cations
NLB has been available since Windows NT 4, when it was an add-in component called Windows Load Balancing Service (WLBS).You will still see NLB called this in some utilities and
documentation Unless specifically referred to in a historical context, the terms WLBS and NLB
should be considered interchangeable
Terminology and Concepts
NLB introduces some new terms for dealing with this form of clustering Some terms are similar to those used with server clusters, but they have different meanings
Hosts/Default Host
When referring to NLB, a host is a server running any edition of Windows Server 2003 that has
been configured to respond to client requests via the NLB driver Since NLB is automatically installed, any Windows Server 2003 server has the potential to be an NLB host
The default host in an NLB cluster is the host with the highest currently active priority.The
pri-ority is a unique identifying number assigned to each host in an NLB cluster An NLB cluster can have up to 32 hosts, so the priorities range from 1 to 32 Hosts cannot be configured to have the same priority
Load Weight
As previously mentioned, an NLB cluster can consist of up to 32 hosts.The hosts do not need to be
identical in hardware or configuration.The load weight is a mechanism for distributing the traffic
load within an NLB cluster to the hosts that are most suited to handle the load Lighter loads can be configured for hosts with less capacity and heavier loads for more robust hosts
The load weight is applicable only if specifically configured; otherwise, all hosts are configured with equal load weights When used, each host is assigned a load weight from 0 (lowest weight) to
100 (highest weight).The weights from all active hosts in the cluster are averaged, and traffic is dis-tributed accordingly In this way, the load weight is a relative value within the NLB cluster
Traffic Distribution
The way requests from clients are spread out among the hosts in an NLB cluster is referred to as
traffic distribution Each host in an NLB cluster is configured with at least two IP addresses One
address is reserved for the nonclustered traffic directed to the host, and the second IP address is
shared among all nodes in the cluster and is called the cluster IP address It is to this second IP address
that clients direct their requests