What's New in Failover Clusters in Windows Server 2008
Applies To: Windows Server 2008
In Windows Server® 2008 Enterprise and Windows Server® 2008 Datacenter, the improvements to failover clusters (formerly known as server clusters) are aimed at simplifying clusters, making them more secure, and enhancing cluster stability. Cluster setup and management are easier. Security and networking in clusters have been improved, as has the way a failover cluster communicates with storage.
The failover cluster feature is not available in Windows® Web Server 2008 or Windows Server® 2008 Standard.
What does a failover cluster do?
A failover cluster is a group of independent computers that work together to increase the availability of applications and services. The clustered servers (called nodes) are connected by physical cables and by software. If one of the cluster nodes fails, another node begins to provide service (a process known as failover). Users experience a minimum of disruptions in service.
Who will be interested in failover clustering?
Failover clusters are used by IT professionals who need to provide high availability for services or applications.
Are there any special considerations?
Microsoft supports a failover cluster solution only if all the hardware components are marked as "Certified for Windows Server 2008." In addition, the complete configuration (servers, network, and storage) must pass all tests in the Validate a Configuration wizard, which is included in the Failover Cluster Management snap-in.
What new functionality does failover clustering provide?
New validation feature. With this feature, you can check that your system, storage, and network configuration is suitable for a cluster.
Support for GUID partition table (GPT) disks in cluster storage. GPT disks can have partitions larger than two terabytes and have built-in redundancy in the way partition information is stored, unlike master boot record (MBR) disks.
New validation wizard
By using the new validation wizard in failover clusters, you can perform tests to determine whether your system, storage, and network configuration is suitable for a cluster. These tests include specific simulations of cluster actions, and fall into the following categories:
System Configuration tests. These tests analyze whether the selected servers meet specific requirements, for example, the requirement that the servers must run the same operating system version and software updates.
Network tests. These tests analyze whether the planned cluster networks meet specific requirements, for example, requirements for network redundancy.
Storage tests. These tests analyze whether the storage meets specific requirements, for example, whether the storage correctly supports the necessary SCSI commands and handles simulated cluster actions correctly.
Support for GPT disks in cluster storage
GUID partition table (GPT) disks are supported in failover cluster storage. GPT disks provide increased disk size and robustness. Specifically, GPT disks can have partitions larger than two terabytes and have built-in redundancy in the way partition information is stored, unlike master boot record (MBR) disks. With failover clusters, you can use either type of disk.
What existing functionality is changing?
The following list briefly summarizes the improvements in failover clusters:
Improved cluster setup. These improvements make it simpler to get started with a new cluster.
Simplified management interfaces. With the improvements to interfaces, you can focus on managing your applications, not your cluster.
Improvements to stability and security, which can result in increased availability. Failover clusters include improvements to the way the cluster communicates with storage, improving the performance of a storage area network (SAN) or direct attached storage (DAS). They also offer configuration options that mean the quorum no longer needs to be a single point of failure. In addition, improvements to the underlying software infrastructure and to networking and security increase the reliability and availability of failover clusters.
Improvements to the way a cluster works with storage. With these improvements, you can achieve better performance with your storage than was possible with server clusters in previous releases.
Improvements to interfaces for working with shared folders. With these improvements, configuration of shared folders is more straightforward and misconfiguration is less likely.
Improvements to networking and security. These improvements make it simpler to configure and maintain the networks that the cluster uses.
Improvements to setup
The Create Cluster wizard has been simplified to make it much easier to set up a cluster. Cluster setup is also fully scriptable so that you can automate your deployment.
The failover clustering software also includes a wizard that can help you capture certain resource group settings from a cluster running Windows Server 2003 and apply them to a cluster running Windows Server 2008. This can help you accomplish a migration more quickly.
Improvements to management interfaces
With failover clusters in Windows Server 2008, you can carry out the following management and operations tasks more easily than with server clusters in previous releases:
Quickly configure clustered services and applications. The interface for administering a cluster is simpler and more intuitive, making it easier to perform such tasks as making a shared folder highly available. You can focus on managing your applications, not your cluster.
Use the command line or Windows Management Instrumentation (WMI) to work with a cluster. You can use the command line or Windows Management Instrumentation (WMI) for more tasks than in previous versions.
Troubleshoot a cluster. In addition to working with the cluster log, you can use Event Tracing for Windows to easily gather, manage, and report information about the sequence of events that occurred on the cluster.
Use the Volume Shadow Copy Service to capture backups. Full integration with the Volume Shadow Copy Service makes it easier to back up and restore your cluster configuration.
Control the way you view shared folders that have been clustered. You can control or "scope" your view of shared folders so that it is easy to understand which shared folders are clustered and on which cluster a shared folder is available.
Improvements to stability and security to help maximize availability
With failover clusters in Windows Server 2008, improvements to the cluster infrastructure help you maximize availability of services and applications. You can:
Configure your cluster so that the quorum is not a single point of failure. With improvements in failover clusters, you can use the two cluster models that previously existed—the quorum resource model and the majority node set model—or a "hybrid" of the two. For example, in a two-node cluster, you can specify that if the quorum disk (now called a "witness disk") becomes unavailable, the cluster continues running as long as the copies of the cluster configuration database on the two nodes remain available.
Achieve greater reliability and availability because of improvements to the cluster infrastructure itself. The cluster infrastructure has been improved to help you achieve greater reliability and availability with failover clusters. For example, the software infrastructure that handles clustered resources will isolate dynamic-link libraries (DLLs) that perform actions incorrectly, minimizing impact to the cluster. As another example, the cluster will use enhanced methods to ensure consistency among copies of the cluster configuration database.
Improvements to the way a cluster works with storage
With failover clusters in Windows Server 2008, you can achieve better performance with your storage than was possible with server clusters in previous releases. You can:
Make additional disks available to the cluster while applications are online. You can modify resource dependencies while resources are online, which means you can make an additional disk available without interrupting access to the application that will use it.
Obtain better performance and stability with your storage. When a failover cluster communicates with your SAN or DAS, it uses the least disruptive commands (avoiding SCSI bus resets). Disks are never left in an unprotected state, meaning that the risk of volume corruption is lowered. Failover clusters also support improved methods for disk discovery and recovery.
The types of storage connections that failover clusters support are Serial Attached SCSI (SAS), iSCSI, and Fibre Channel.
Perform disk maintenance tasks more easily. "Maintenance mode" has been improved so that you can run tools to check, fix, back up, or restore disks more easily and with less disruption to the cluster.
Improvements to interfaces for working with shared folders
In Windows Server 2008, the interfaces for viewing or configuring shared folders in a failover cluster have been extended and streamlined. Configuration is more straightforward and misconfiguration is less likely. The improvements include the ability to configure the following for shared folders:
Access-based enumeration: You can use access-based enumeration to hide a specified folder from users' view. Instead of allowing users to see the folder but not access anything on it, you can choose to prevent them from seeing the folder at all. You can configure access-based enumeration for a clustered shared folder in the same way as for a nonclustered shared folder.
Offline access: You can configure offline access (caching) for a clustered shared folder in the same way as for a nonclustered shared folder.
Clustered disks always recognized as part of the cluster: Whether you use the failover cluster interface, Windows Explorer, or the Share and Storage Management snap-in, Windows Server 2008 recognizes whether a disk has been designated as being in the cluster storage. If such a disk has already been configured in Failover Cluster Management as part of a clustered file server, you can then use any of the previously-mentioned interfaces to create a share on the disk. If such a disk has not been configured as part of a clustered file server, you cannot mistakenly create a share on it. Instead, an error indicates that the disk must first be configured as part of a clustered file server before it can be shared.
Integration of Services for Network File System: The File Server role in Windows Server 2008 includes the optional role service called Services for Network File System (NFS). By installing the role service and configuring shared folders with Services for NFS, you can create a clustered file server that supports UNIX-based clients.
Improvements to networking and security
With failover clusters in Windows Server 2008, network performance and security are improved, compared to previous releases. You can:
Use IPv6, which is fully integrated into failover clusters. Failover clusters fully support IPv6 for both node-to-node and node-to-client communication.
Use Domain Name System (DNS) without legacy NetBIOS dependencies. This simplifies the transport of server message block (SMB) traffic and means you do not have Windows Internet Name Service (WINS) and NetBIOS name-resolution broadcasts.
Achieve better reliability through other improvements to networking. Because of improvements to networking, you can fine-tune the dependencies between a network name and associated IP addresses so that the network name will be available if either (not both) of the IP addresses is available. In addition, communication between cluster nodes was changed to enhance reliability.
Achieve enhanced security through security improvements and auditing of cluster access. Security improvements in failover clusters enhance authentication and encryption. In addition, you can use auditing to capture information about who accessed your cluster and when.
Place clustered servers on different subnets: You can now place clustered servers on different IP subnets, which reduces the requirements for geographically dispersed clusters.
Create additional security for intra-cluster communications: You now have the option either to digitally sign or encrypt all intra-cluster communication. By default, intra-cluster communication is digitally signed. Intra-cluster communication typically includes information about changes to the cluster configuration or to the state of clustered resources.
Do I need to change any existing code to work with Windows Server 2008?
If you have an application that ran in a server cluster running Windows Server 2003, and the application depends on the Cluster service account that was required for server clusters, you might need to change the application so that it no longer depends on the account. Failover clusters running Windows Server 2008 do not use a separate Cluster service account.
How should I prepare to deploy this feature?
Carefully review the hardware on which you plan to deploy a failover cluster to ensure that it is compatible with Windows Server 2008. This is especially necessary if you are currently using that hardware for a server cluster running Windows Server 2003. Hardware that supports a server cluster running Windows Server 2003 will not necessarily support a failover cluster running Windows Server 2008.
You cannot perform a rolling upgrade from a server cluster running Windows Server 2003 to a failover cluster running Windows Server 2008. However, after you create a failover cluster running Windows Server 2008, you can use a wizard to migrate certain resource settings to it from a server cluster running Windows Server 2003.
Is this feature available in all editions of Windows Server 2008?
The failover cluster feature is available in Windows Server 2008 Enterprise and Windows Server 2008 Datacenter. The feature is not available in Windows Web Server 2008 or Windows Server 2008 Standard.